- Fix SELinux patch to better handle MLS integration
This commit is contained in:
		
							parent
							
								
									9513ddc594
								
							
						
					
					
						commit
						a9153b8deb
					
				| @ -1,3 +1,4 @@ | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/README.selinux	2004-12-29 12:24:03.260876459 -0500
 | ||||
| +++ coreutils-5.2.1/README	2004-12-29 12:24:03.417858780 -0500
 | ||||
| @@ -7,11 +7,11 @@
 | ||||
| @ -14,6 +15,7 @@ | ||||
|    split stat stty su sum sync tac tail tee test touch tr true tsort tty | ||||
|    uname unexpand uniq unlink uptime users vdir wc who whoami yes | ||||
|   | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/stat.c.selinux	2004-02-05 08:46:12.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/src/stat.c	2004-12-29 12:24:03.419858555 -0500
 | ||||
| @@ -42,6 +42,13 @@
 | ||||
| @ -308,12 +310,13 @@ | ||||
|      } | ||||
|   | ||||
|    exit (G_fail ? EXIT_FAILURE : EXIT_SUCCESS); | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/src/runcon.c	2004-12-29 12:24:03.421858330 -0500
 | ||||
| @@ -0,0 +1,201 @@
 | ||||
| diff -u coreutils-5.2.1/src/runcon.c coreutils-5.2.1/src/runcon.c
 | ||||
| --- coreutils-5.2.1/src/runcon.c	2004-12-29 12:24:03.421858330 -0500
 | ||||
| +++ coreutils-5.2.1/src/runcon.c	2005-05-16 14:19:19.000000000 -0400
 | ||||
| @@ -0,0 +1,253 @@
 | ||||
| +/*
 | ||||
| + * runcon [ context |
 | ||||
| + *         ( [ -r role ] [-t type] [ -u user ] [ -l levelrange ] )
 | ||||
| + *         ( [ -c ] [ -r role ] [-t type] [ -u user ] [ -l levelrange ] )
 | ||||
| + *         command [arg1 [arg2 ...] ]
 | ||||
| + *
 | ||||
| + * attempt to run the specified command with the specified context.
 | ||||
| @ -322,6 +325,7 @@ | ||||
| + * -t type  : use the current context with the specified type
 | ||||
| + * -u user  : use the current context with the specified user
 | ||||
| + * -l level : use the current context with the specified level range
 | ||||
| + * -c       : compute process transition context before modifying
 | ||||
| + *
 | ||||
| + * Contexts are interpreted as follows:
 | ||||
| + *
 | ||||
| @ -342,6 +346,7 @@ | ||||
| +#include <getopt.h>
 | ||||
| +#include <selinux/context.h>
 | ||||
| +#include <selinux/selinux.h>
 | ||||
| +#include <selinux/flask.h>
 | ||||
| +#include <errno.h>
 | ||||
| +#include "system.h"
 | ||||
| +extern int errno;
 | ||||
| @ -349,19 +354,28 @@ | ||||
| +/* The name the program was run with. */
 | ||||
| +char *program_name;
 | ||||
| +
 | ||||
| +/* If nonzero, display usage information and exit.  */
 | ||||
| +static int show_help;
 | ||||
| +
 | ||||
| +/* If nonzero, print the version on standard output and exit.  */
 | ||||
| +static int show_version;
 | ||||
| +
 | ||||
| +void
 | ||||
| +usage(char *str)
 | ||||
| +usage(int status)
 | ||||
| +{
 | ||||
| +  printf(_("Usage: %s [OPTION]... command [args]\n"
 | ||||
| +  printf(_("Usage: %s CONTEXT COMMAND [args]\n"
 | ||||
| +         "  or:  %s [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]\n"
 | ||||
| +         "Run a program in a different security context.\n\n"
 | ||||
| +         "  context       Complete security context\n"
 | ||||
| +         "  -t            type (for same role as parent)\n"
 | ||||
| +         "  -u            user identity\n"
 | ||||
| +         "  -r            role\n"
 | ||||
| +         "  -l            levelrange\n"
 | ||||
| +         "    --help      display this help and exit\n"),
 | ||||
| +         program_name);
 | ||||
| +  exit(1);
 | ||||
| +         "  CONTEXT            Complete security context\n"
 | ||||
| +         "  -c, --compute      compute process transition context before modifying\n"
 | ||||
| +         "  -t, --type=TYPE    type (for same role as parent)\n"
 | ||||
| +         "  -u, --user=USER    user identity\n"
 | ||||
| +         "  -r, --role=ROLE    role\n"
 | ||||
| +         "  -l, --range=RANGE  levelrange\n"
 | ||||
| +         "      --help         display this help and exit\n"
 | ||||
| +         "      --version      output version information and exit\n"),
 | ||||
| +         program_name, program_name);
 | ||||
| +  exit(status);
 | ||||
| +}
 | ||||
| +
 | ||||
| +int 
 | ||||
| @ -373,6 +387,9 @@ | ||||
| +  char *type    = 0;
 | ||||
| +  char *context = NULL;
 | ||||
| +  security_context_t cur_context = NULL;
 | ||||
| +  security_context_t file_context = NULL;
 | ||||
| +  security_context_t new_context = NULL;
 | ||||
| +  int compute_trans = 0;
 | ||||
| +
 | ||||
| +  context_t      con;
 | ||||
| +
 | ||||
| @ -390,14 +407,18 @@ | ||||
| +      { "type", 1, 0, 't' },
 | ||||
| +      { "user", 1, 0, 'u' },
 | ||||
| +      { "range", 1, 0, 'l' },
 | ||||
| +      { "help", 0, 0, '?' },
 | ||||
| +      { "compute", 0, 0, 'c' },
 | ||||
| +      { "help", 0, &show_help, 1 },
 | ||||
| +      { "version", 0, &show_version, 1 },
 | ||||
| +      { 0, 0, 0, 0 }
 | ||||
| +    };
 | ||||
| +    c = getopt_long(argc, argv, "s:r:t:u:l:?", long_options, &option_index);
 | ||||
| +    c = getopt_long(argc, argv, "r:t:u:l:c", long_options, &option_index);
 | ||||
| +    if ( c == -1 ) {
 | ||||
| +      break;
 | ||||
| +    }
 | ||||
| +    switch ( c ) {
 | ||||
| +    case 0:
 | ||||
| +      break;
 | ||||
| +    case 'r':
 | ||||
| +      if ( role ) {
 | ||||
| +	fprintf(stderr,_("multiple roles\n"));
 | ||||
| @ -426,31 +447,42 @@ | ||||
| +      }
 | ||||
| +      range = optarg;
 | ||||
| +      break;
 | ||||
| +    case 'c':
 | ||||
| +      compute_trans = 1;
 | ||||
| +      break;
 | ||||
| +    default:
 | ||||
| +      fprintf(stderr,_("unrecognised option %c\n"),c);
 | ||||
| +    case '?':
 | ||||
| +      usage(0);
 | ||||
| +      usage(1);
 | ||||
| +      break;
 | ||||
| +    }
 | ||||
| +  }
 | ||||
| +
 | ||||
| +  if (show_version) {
 | ||||
| +    printf("runcon (%s) %s\n", GNU_PACKAGE, VERSION);
 | ||||
| +    exit(0);
 | ||||
| +  }
 | ||||
| +
 | ||||
| +  if (show_help)
 | ||||
| +    usage(0);
 | ||||
| +
 | ||||
| +  if ( !(user || role || type || range || compute_trans)) {
 | ||||
| +    if ( optind >= argc ) {
 | ||||
| +      fprintf(stderr,_("must specify -c, -t, -u, -l, -r, or context\n"));
 | ||||
| +      usage(1);
 | ||||
| +    }
 | ||||
| +    context = argv[optind++];
 | ||||
| +  }
 | ||||
| +  
 | ||||
| +  if ( optind >= argc ) {
 | ||||
| +    fprintf(stderr,_("no command found\n"));
 | ||||
| +    usage(1);
 | ||||
| +  }
 | ||||
| +
 | ||||
| + if( is_selinux_enabled() != 1 ) {
 | ||||
| +    fprintf( stderr,
 | ||||
| +             _("runcon may be used only on a SELinux kernel.\n") );
 | ||||
| +    exit(-1);
 | ||||
| +  }
 | ||||
| +  
 | ||||
| +  if ( !(user || role || type || range)) {
 | ||||
| +    if ( optind >= argc ) {
 | ||||
| +      usage(_("must specify -t, -u, -l, -r, or context"));
 | ||||
| +    }
 | ||||
| +    context = argv[optind++];
 | ||||
| +  }
 | ||||
| +  
 | ||||
| +  if ( optind >= argc ) {
 | ||||
| +    usage(_("no command found"));
 | ||||
| +  }
 | ||||
| +
 | ||||
| +  if ( context ) {
 | ||||
| +    con = context_new(context);
 | ||||
| +    if (!con) {
 | ||||
| @ -463,6 +495,29 @@ | ||||
| +      fprintf(stderr,_("Couldn't get current context.\n"));
 | ||||
| +      exit(1);
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    /* We will generate context based on process transition */
 | ||||
| +    if ( compute_trans ) {
 | ||||
| +      /* Get context of file to be executed */
 | ||||
| +      if (getfilecon(argv[optind], &file_context) == -1) {
 | ||||
| +        fprintf(stderr,_("unable to retrieve attributes of %s\n"),
 | ||||
| +                argv[optind]);
 | ||||
| +        exit(1);
 | ||||
| +      }
 | ||||
| +      /* compute result of process transition */
 | ||||
| +      if (security_compute_create(cur_context, file_context,
 | ||||
| +                                  SECCLASS_PROCESS, &new_context) != 0) {
 | ||||
| +        fprintf(stderr,_("unable to compute a new context\n"));
 | ||||
| +        exit(1);
 | ||||
| +      }
 | ||||
| +      /* free contexts */
 | ||||
| +      freecon(file_context);
 | ||||
| +      freecon(cur_context);
 | ||||
| +
 | ||||
| +      /* set cur_context equal to new_context */
 | ||||
| +      cur_context = new_context;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    con = context_new(cur_context);
 | ||||
| +    if (!con) {
 | ||||
| +      fprintf(stderr,_("%s is not a valid context\n"), cur_context);
 | ||||
| @ -512,6 +567,7 @@ | ||||
| +  }
 | ||||
| +  return 1; /* can't reach this statement.... */
 | ||||
| +}
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/mkdir.c.selinux	2004-01-21 17:27:02.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/src/mkdir.c	2004-12-29 12:24:03.422858217 -0500
 | ||||
| @@ -34,6 +34,10 @@
 | ||||
| @ -580,6 +636,7 @@ | ||||
|  	case_GETOPT_HELP_CHAR; | ||||
|  	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); | ||||
|  	default: | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/mv.c.selinux	2004-12-29 12:24:02.845923189 -0500
 | ||||
| +++ coreutils-5.2.1/src/mv.c	2004-12-29 12:24:03.424857992 -0500
 | ||||
| @@ -34,6 +34,11 @@
 | ||||
| @ -615,6 +672,7 @@ | ||||
|    /* FIXME: consider not calling getenv for SIMPLE_BACKUP_SUFFIX unless | ||||
|       we'll actually use backup_suffix_string.  */ | ||||
|    backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/ls.c.selinux	2004-12-29 12:24:02.848922851 -0500
 | ||||
| +++ coreutils-5.2.1/src/ls.c	2004-12-29 12:24:03.429857429 -0500
 | ||||
| @@ -121,6 +121,18 @@
 | ||||
| @ -1233,6 +1291,7 @@ | ||||
| +  }
 | ||||
| +}
 | ||||
| +#endif
 | ||||
| unchanged: | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/src/chcon.c	2004-12-29 12:24:03.430857317 -0500
 | ||||
| @@ -0,0 +1,421 @@
 | ||||
| @ -1657,6 +1716,7 @@ | ||||
| +    freecon(ref_context);
 | ||||
| +  exit (errors);
 | ||||
| +}
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/id.c.selinux	2004-12-29 12:24:03.287873419 -0500
 | ||||
| +++ coreutils-5.2.1/src/id.c	2004-12-29 12:24:03.432857091 -0500
 | ||||
| @@ -45,6 +45,20 @@
 | ||||
| @ -1790,6 +1850,7 @@ | ||||
| +  }
 | ||||
| +#endif
 | ||||
|  } | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/install.c.selinux	2004-12-29 12:24:02.850922625 -0500
 | ||||
| +++ coreutils-5.2.1/src/install.c	2004-12-29 12:24:47.138935019 -0500
 | ||||
| @@ -47,6 +47,43 @@
 | ||||
| @ -1953,6 +2014,7 @@ | ||||
|        fputs (HELP_OPTION_DESCRIPTION, stdout); | ||||
|        fputs (VERSION_OPTION_DESCRIPTION, stdout); | ||||
|        fputs (_("\ | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/copy.h.selinux	2004-12-29 12:24:02.853922288 -0500
 | ||||
| +++ coreutils-5.2.1/src/copy.h	2004-12-29 12:24:03.435856754 -0500
 | ||||
| @@ -105,6 +105,9 @@
 | ||||
| @ -1965,6 +2027,7 @@ | ||||
|   | ||||
|    /* Enabled for mv, and for cp by the --preserve=links option. | ||||
|       If nonzero, attempt to preserve in the destination files any | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/Makefile.am.selinux	2004-12-29 12:24:03.264876008 -0500
 | ||||
| +++ coreutils-5.2.1/src/Makefile.am	2004-12-29 12:24:03.436856641 -0500
 | ||||
| @@ -3,13 +3,13 @@
 | ||||
| @ -2010,6 +2073,7 @@ | ||||
|   | ||||
|  ## If necessary, add -lm to resolve use of pow in lib/strtod.c. | ||||
|  sort_LDADD = $(LDADD) $(POW_LIB) | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/copy.c.selinux	2004-12-29 12:24:03.382862721 -0500
 | ||||
| +++ coreutils-5.2.1/src/copy.c	2004-12-29 12:24:03.439856303 -0500
 | ||||
| @@ -42,6 +42,11 @@
 | ||||
| @ -2107,6 +2171,7 @@ | ||||
|    /* We have failed to create the destination file. | ||||
|       If we've just added a dev/ino entry via the remember_copied | ||||
|       call above (i.e., unless we've just failed to create a hard link), | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/mknod.c.selinux	2004-01-21 17:27:02.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/src/mknod.c	2004-12-29 12:24:03.440856191 -0500
 | ||||
| @@ -36,8 +36,15 @@
 | ||||
| @ -2170,6 +2235,7 @@ | ||||
|  	case_GETOPT_HELP_CHAR; | ||||
|  	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); | ||||
|  	default: | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/cp.c.selinux	2004-12-29 12:24:02.852922400 -0500
 | ||||
| +++ coreutils-5.2.1/src/cp.c	2004-12-29 12:24:03.443855853 -0500
 | ||||
| @@ -49,6 +49,11 @@
 | ||||
| @ -2334,6 +2400,7 @@ | ||||
|   | ||||
|  	case PARENTS_OPTION: | ||||
|  	  flag_path = 1; | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/src/mkfifo.c.selinux	2004-01-21 17:27:02.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/src/mkfifo.c	2004-12-29 12:24:03.444855740 -0500
 | ||||
| @@ -32,11 +32,18 @@
 | ||||
| @ -2399,6 +2466,7 @@ | ||||
|  	case_GETOPT_HELP_CHAR; | ||||
|  	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); | ||||
|  	default: | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/configure.ac.selinux	2004-12-29 12:24:02.947911703 -0500
 | ||||
| +++ coreutils-5.2.1/configure.ac	2004-12-29 12:24:03.446855515 -0500
 | ||||
| @@ -14,6 +14,13 @@
 | ||||
| @ -2415,6 +2483,7 @@ | ||||
|  gl_DEFAULT_POSIX2_VERSION | ||||
|  gl_USE_SYSTEM_EXTENSIONS | ||||
|  jm_PERL | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/mkfifo.1.selinux	2004-03-02 17:52:28.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/mkfifo.1	2004-12-29 12:24:03.446855515 -0500
 | ||||
| @@ -12,6 +12,9 @@
 | ||||
| @ -2427,6 +2496,7 @@ | ||||
|  \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR | ||||
|  set permission mode (as in chmod), not a=rw - umask | ||||
|  .TP | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/ls.1.selinux	2004-03-02 17:52:28.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/ls.1	2004-12-29 12:24:03.448855290 -0500
 | ||||
| @@ -195,6 +195,20 @@
 | ||||
| @ -2450,6 +2520,7 @@ | ||||
|  .TP | ||||
|  \fB\-\-help\fR | ||||
|  display this help and exit | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/dir.1.selinux	2004-03-02 17:51:06.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/dir.1	2004-12-29 12:24:03.452854839 -0500
 | ||||
| @@ -195,6 +195,20 @@
 | ||||
| @ -2473,6 +2544,7 @@ | ||||
|  .TP | ||||
|  \fB\-\-help\fR | ||||
|  display this help and exit | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/mkdir.1.selinux	2004-03-02 17:52:28.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/mkdir.1	2004-12-29 12:24:03.453854727 -0500
 | ||||
| @@ -12,6 +12,8 @@
 | ||||
| @ -2484,15 +2556,16 @@ | ||||
|  \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR | ||||
|  set permission mode (as in chmod), not rwxrwxrwx - umask | ||||
|  .TP | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/man/runcon.1	2004-12-29 12:24:03.454854614 -0500
 | ||||
| @@ -0,0 +1,39 @@
 | ||||
| +.TH RUNCON "1" "July 2003" "runcon (coreutils) 5.0" "selinux"
 | ||||
| diff -u coreutils-5.2.1/man/runcon.1 coreutils-5.2.1/man/runcon.1
 | ||||
| --- coreutils-5.2.1/man/runcon.1	2004-12-29 12:24:03.454854614 -0500
 | ||||
| +++ coreutils-5.2.1/man/runcon.1	2005-05-16 14:18:12.000000000 -0400
 | ||||
| @@ -0,0 +1,43 @@
 | ||||
| +.TH RUNCON "1" "February 2005" "runcon (coreutils) 5.0" "selinux"
 | ||||
| +.SH NAME
 | ||||
| +runcon \- run command with specified security context 
 | ||||
| +.SH SYNOPSIS
 | ||||
| +.B runcon
 | ||||
| +[\fI-t TYPE\fR] [\fI-l LEVEL\fR] [\fI-u USER\fR] [\fI-r ROLE\fR] \fICOMMAND\fR [\fIARGS...\fR]
 | ||||
| +[\fI-c\fR] [\fI-t TYPE\fR] [\fI-l LEVEL\fR] [\fI-u USER\fR] [\fI-r ROLE\fR] \fICOMMAND\fR [\fIARGS...\fR]
 | ||||
| +.PP
 | ||||
| +or
 | ||||
| +.PP
 | ||||
| @ -2504,8 +2577,12 @@ | ||||
| +.PP
 | ||||
| +.\" Add any additional description here
 | ||||
| +.PP
 | ||||
| +Run COMMAND with current security context modified by one or more of LEVEL,
 | ||||
| +ROLE, TYPE, and USER, or with completely-specified CONTEXT.
 | ||||
| +Run COMMAND with completely-specified CONTEXT, or with current or
 | ||||
| +transitioned security context modified by one or more of LEVEL,
 | ||||
| +ROLE, TYPE, and USER.
 | ||||
| +.TP
 | ||||
| +\fB\-c\fR
 | ||||
| +compute process transition before modifying context
 | ||||
| +.TP
 | ||||
| +\fB\-t\fR
 | ||||
| +change current type to the specified type
 | ||||
| @ -2519,13 +2596,14 @@ | ||||
| +\fB\-u\fR
 | ||||
| +change current user to the specified user
 | ||||
| +.PP
 | ||||
| +If none of \fI-t\fR, \fI-u\fR, \fI-r\fR, or \fI-l\fR, is specified,
 | ||||
| +If none of \fI-c\fR, \fI-t\fR, \fI-u\fR, \fI-r\fR, or \fI-l\fR, is specified,
 | ||||
| +the first argument is used as the complete context.  Any additional
 | ||||
| +arguments after \fICOMMAND\fR are interpreted as arguments to the
 | ||||
| +command.
 | ||||
| +.PP
 | ||||
| +Note that only carefully-chosen contexts are likely to successfully
 | ||||
| +run.
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/Makefile.in.selinux	2004-03-11 03:58:00.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/Makefile.in	2004-12-29 12:24:03.456854389 -0500
 | ||||
| @@ -185,6 +185,7 @@
 | ||||
| @ -2563,6 +2641,7 @@ | ||||
|   | ||||
|  # Note the use of $t/$*, rather than just `$*' as in other packages. | ||||
|  # That is necessary to avoid failures for programs that are also shell built-in | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/install.1.selinux	2004-12-29 12:24:02.671942781 -0500
 | ||||
| +++ coreutils-5.2.1/man/install.1	2004-12-29 12:24:03.458854164 -0500
 | ||||
| @@ -60,6 +60,11 @@
 | ||||
| @ -2577,6 +2656,7 @@ | ||||
|  .TP | ||||
|  \fB\-\-help\fR | ||||
|  display this help and exit | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/stat.1.selinux	2004-03-02 17:52:31.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/stat.1	2004-12-29 12:24:03.459854051 -0500
 | ||||
| @@ -22,6 +22,9 @@
 | ||||
| @ -2599,6 +2679,7 @@ | ||||
|  %D | ||||
|  Device number in hex | ||||
|  .TP | ||||
| unchanged: | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/man/chcon.1	2004-12-29 12:24:03.461853826 -0500
 | ||||
| @@ -0,0 +1,64 @@
 | ||||
| @ -2666,6 +2747,7 @@ | ||||
| +.B info chcon
 | ||||
| +.PP
 | ||||
| +should give you access to the complete manual.
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/mknod.1.selinux	2004-03-02 17:52:28.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/mknod.1	2004-12-29 12:24:03.463853601 -0500
 | ||||
| @@ -12,6 +12,9 @@
 | ||||
| @ -2678,6 +2760,7 @@ | ||||
|  \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR | ||||
|  set permission mode (as in chmod), not a=rw - umask | ||||
|  .TP | ||||
| unchanged: | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/man/chcon.x	2004-12-29 12:24:03.464853488 -0500
 | ||||
| @@ -0,0 +1,4 @@
 | ||||
| @ -2685,6 +2768,7 @@ | ||||
| +chcon \- change file security context
 | ||||
| +[DESCRIPTION]
 | ||||
| +.\" Add any additional description here
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/Makefile.am.selinux	2004-12-29 12:24:03.258876684 -0500
 | ||||
| +++ coreutils-5.2.1/man/Makefile.am	2004-12-29 12:24:03.466853263 -0500
 | ||||
| @@ -10,7 +10,7 @@
 | ||||
| @ -2705,11 +2789,25 @@ | ||||
|   | ||||
|  SUFFIXES = .x .1 | ||||
|   | ||||
| --- /dev/null	2004-12-29 02:13:24.827638832 -0500
 | ||||
| +++ coreutils-5.2.1/man/runcon.x	2004-12-29 12:24:03.467853150 -0500
 | ||||
| @@ -0,0 +1,2 @@
 | ||||
| diff -u coreutils-5.2.1/man/runcon.x coreutils-5.2.1/man/runcon.x
 | ||||
| --- coreutils-5.2.1/man/runcon.x	2004-12-29 12:24:03.467853150 -0500
 | ||||
| +++ coreutils-5.2.1/man/runcon.x	2005-05-16 14:18:12.000000000 -0400
 | ||||
| @@ -0,0 +1,14 @@
 | ||||
| +[NAME]
 | ||||
| +runcon \- run command with specified security context
 | ||||
| +[DESCRIPTION]
 | ||||
| +.\" Add any additional description here
 | ||||
| +Run COMMAND with completely-specified CONTEXT, or with current or
 | ||||
| +transitioned security context modified by one or more of LEVEL,
 | ||||
| +ROLE, TYPE, and USER.
 | ||||
| +.PP
 | ||||
| +If none of \fI-c\fR, \fI-t\fR, \fI-u\fR, \fI-r\fR, or \fI-l\fR, is specified,
 | ||||
| +the first argument is used as the complete context.  Any additional
 | ||||
| +arguments after \fICOMMAND\fR are interpreted as arguments to the
 | ||||
| +command.
 | ||||
| +.PP
 | ||||
| +Note that only carefully-chosen contexts are likely to successfully
 | ||||
| +run.
 | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/id.1.selinux	2004-03-02 17:52:27.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/id.1	2004-12-29 12:24:03.469852925 -0500
 | ||||
| @@ -13,6 +13,9 @@
 | ||||
| @ -2722,6 +2820,7 @@ | ||||
|  \fB\-g\fR, \fB\-\-group\fR | ||||
|  print only the effective group ID | ||||
|  .TP | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/cp.1.selinux	2004-03-02 17:51:05.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/cp.1	2004-12-29 12:24:03.470852813 -0500
 | ||||
| @@ -57,7 +57,7 @@
 | ||||
| @ -2743,6 +2842,7 @@ | ||||
|  \fB\-\-version\fR | ||||
|  output version information and exit | ||||
|  .PP | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/man/vdir.1.selinux	2004-03-02 17:52:33.000000000 -0500
 | ||||
| +++ coreutils-5.2.1/man/vdir.1	2004-12-29 12:24:03.471852700 -0500
 | ||||
| @@ -195,6 +195,20 @@
 | ||||
| @ -2766,6 +2866,7 @@ | ||||
|  .TP | ||||
|  \fB\-\-help\fR | ||||
|  display this help and exit | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/tests/help-version.selinux	2004-12-29 12:24:03.261876346 -0500
 | ||||
| +++ coreutils-5.2.1/tests/help-version	2004-12-29 12:24:03.473852475 -0500
 | ||||
| @@ -42,6 +42,8 @@
 | ||||
| @ -2786,6 +2887,7 @@ | ||||
|   | ||||
|    rm -rf $tmp_in $tmp_in2 $tmp_dir $tmp_out | ||||
|    echo > $tmp_in | ||||
| unchanged: | ||||
| --- coreutils-5.2.1/config.hin.selinux	2004-12-29 12:24:02.949911478 -0500
 | ||||
| +++ coreutils-5.2.1/config.hin	2004-12-29 12:24:03.475852250 -0500
 | ||||
| @@ -1374,6 +1374,9 @@
 | ||||
|  | ||||
| @ -53,7 +53,6 @@ Patch924: coreutils-stale-utmp.patch | ||||
| 
 | ||||
| #SELINUX Patch | ||||
| Patch950: coreutils-selinux.patch | ||||
| Patch951: coreutils-runcon.patch | ||||
| 
 | ||||
| BuildRoot: %_tmppath/%{name}-root | ||||
| BuildRequires:	gettext libtermcap-devel bison | ||||
| @ -117,7 +116,6 @@ the old GNU fileutils, sh-utils, and textutils packages. | ||||
| 
 | ||||
| #SELinux | ||||
| %patch950 -p1 -b .selinux | ||||
| %patch951 -p1 -b .runcon | ||||
| 
 | ||||
| # Don't run basic-1 test, since it breaks when run in the background | ||||
| # (bug #102033). | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user