From 791a6513394031f4fa84412235367989154ae8a4 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 14 Sep 2004 13:39:22 +0000 Subject: [PATCH] add nscd perms --- libselinux-rhat.patch | 71 ++++--------------------------------------- libselinux.spec | 2 +- sources | 2 +- 3 files changed, 8 insertions(+), 67 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index db9d25e..689c439 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,52 +1,6 @@ ---- libselinux-1.17.9/include/selinux/selinux.h.rhat 2004-09-08 10:51:34.000000000 -0400 -+++ libselinux-1.17.9/include/selinux/selinux.h 2004-09-10 13:24:34.747534140 -0400 -@@ -173,6 +173,13 @@ - mode_t mode, - security_context_t *con); - -+/* Match the specified media and against the media contexts -+ /proc/ide/hdc/media -+ configuration and set *con to refer to the resulting context. -+ Caller must free con via freecon. */ -+extern int matchmediacon(const char *path, -+ security_context_t *con); -+ - /* - selinux_getenforcemode reads the /etc/selinux/config file and determines - whether the machine should be started in enforcing (1), permissive (0) or -@@ -194,6 +201,7 @@ - extern const char *selinux_default_context_path(void); - extern const char *selinux_user_contexts_path(void); - extern const char *selinux_file_context_path(void); -+extern const char *selinux_media_context_path(void); - extern const char *selinux_contexts_path(void); - extern const char *selinux_booleans_path(void); - ---- libselinux-1.17.9/src/selinux_config.c.rhat 2004-09-08 10:51:34.000000000 -0400 -+++ libselinux-1.17.9/src/selinux_config.c 2004-09-10 13:24:34.751533684 -0400 -@@ -24,7 +24,8 @@ - #define FAILSAFE_CONTEXT 5 - #define DEFAULT_TYPE 6 - #define BOOLEANS 7 --#define NEL 8 -+#define MEDIA_CONTEXTS 8 -+#define NEL 9 - - /* New layout is relative to SELINUXDIR/policytype. */ - static char *file_paths[NEL]; -@@ -200,6 +201,10 @@ - } - hidden_def(selinux_file_context_path) - -+const char *selinux_media_context_path() { -+ return get_path(MEDIA_CONTEXTS); -+} -+ - const char *selinux_contexts_path() { - return get_path(CONTEXTS_DIR); - } ---- /dev/null 2004-09-10 04:39:39.953683832 -0400 -+++ libselinux-1.17.9/src/matchmediacon.c 2004-09-10 13:24:34.750533798 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchmediacon.c libselinux-1.17.10/src/matchmediacon.c +--- nsalibselinux/src/matchmediacon.c 1969-12-31 19:00:00.000000000 -0500 ++++ libselinux-1.17.10/src/matchmediacon.c 2004-09-10 14:40:16.000000000 -0400 @@ -0,0 +1,65 @@ +#include +#include @@ -113,22 +67,9 @@ + *con = strdup(ptr2); + return 0; +} ---- libselinux-1.17.9/src/compat_file_path.h.rhat 2004-09-08 10:51:34.000000000 -0400 -+++ libselinux-1.17.9/src/compat_file_path.h 2004-09-10 13:24:34.748534026 -0400 -@@ -7,3 +7,4 @@ - S_(FAILSAFE_CONTEXT, SECURITYDIR "/failsafe_context") - S_(DEFAULT_TYPE, SECURITYDIR "/default_type") - S_(BOOLEANS, SECURITYDIR "/booleans") -+S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media") ---- libselinux-1.17.9/src/file_path_suffixes.h.rhat 2004-09-08 10:51:34.000000000 -0400 -+++ libselinux-1.17.9/src/file_path_suffixes.h 2004-09-10 13:24:34.749533912 -0400 -@@ -7,3 +7,4 @@ - S_(FAILSAFE_CONTEXT, "/contexts/failsafe_context") - S_(DEFAULT_TYPE, "/contexts/default_type") - S_(BOOLEANS, "/booleans") -+S_(MEDIA_CONTEXTS, "/contexts/files/media") ---- /dev/null 2004-09-10 04:39:39.953683832 -0400 -+++ libselinux-1.17.9/utils/matchmediacon.c 2004-09-10 13:25:04.099192223 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchmediacon.c libselinux-1.17.10/utils/matchmediacon.c +--- nsalibselinux/utils/matchmediacon.c 1969-12-31 19:00:00.000000000 -0500 ++++ libselinux-1.17.10/utils/matchmediacon.c 2004-09-10 14:40:17.000000000 -0400 @@ -0,0 +1,28 @@ +#include +#include diff --git a/libselinux.spec b/libselinux.spec index 81ec273..e0f49fb 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -69,7 +69,7 @@ rm -rf ${RPM_BUILD_ROOT} %{_mandir}/man8/* %changelog -* Fri Sep 10 2004 Dan Walsh 1.17.10-1 +* Tue Sep 14 2004 Dan Walsh 1.17.10-1 - Update from NSA * Regenerated headers for new nscd permissions. diff --git a/sources b/sources index 1ac49ab..66cfe64 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -7f2b7ea8c72700f0125d8e465539e4b1 libselinux-1.17.10.tgz +f1907f8c42d8bd0623cfdc146f90f6ec libselinux-1.17.10.tgz