- Update to Upstream
Handle duplicate file context regexes as a fatal error from Stephen Smalley. This prevents adding them via semanage. Fix audit2why shadowed variables from Stephen Smalley. Note that freecon NULL is legal in man page from Karel Zak.
This commit is contained in:
parent
ee778682f8
commit
d0a06b2c34
@ -153,3 +153,4 @@ libselinux-2.0.61.tgz
|
|||||||
libselinux-2.0.64.tgz
|
libselinux-2.0.64.tgz
|
||||||
libselinux-2.0.65.tgz
|
libselinux-2.0.65.tgz
|
||||||
libselinux-2.0.67.tgz
|
libselinux-2.0.67.tgz
|
||||||
|
libselinux-2.0.69.tgz
|
||||||
|
@ -1,18 +1,3 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.67/man/man3/freecon.3
|
|
||||||
--- nsalibselinux/man/man3/freecon.3 2008-06-12 23:25:12.000000000 -0400
|
|
||||||
+++ libselinux-2.0.67/man/man3/freecon.3 2008-07-09 16:52:33.000000000 -0400
|
|
||||||
@@ -15,6 +15,11 @@
|
|
||||||
.B freeconary
|
|
||||||
frees the memory allocated for a context array.
|
|
||||||
|
|
||||||
+If
|
|
||||||
+.I con
|
|
||||||
+is NULL, no operation is performed.
|
|
||||||
+
|
|
||||||
+
|
|
||||||
.SH "SEE ALSO"
|
|
||||||
.BR selinux "(8)"
|
|
||||||
|
|
||||||
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.67/man/man8/selinuxconlist.8
|
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.67/man/man8/selinuxconlist.8
|
||||||
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
|
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-07-09 16:52:33.000000000 -0400
|
+++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-07-09 16:52:33.000000000 -0400
|
||||||
@ -156,46 +141,17 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.6
|
|||||||
|
|
||||||
indent:
|
indent:
|
||||||
../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
|
../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
|
||||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.67/src/audit2why.c
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.67/src/callbacks.c
|
||||||
--- nsalibselinux/src/audit2why.c 2008-06-12 23:25:14.000000000 -0400
|
--- nsalibselinux/src/callbacks.c 2008-06-12 23:25:14.000000000 -0400
|
||||||
+++ libselinux-2.0.67/src/audit2why.c 2008-07-09 16:52:33.000000000 -0400
|
+++ libselinux-2.0.67/src/callbacks.c 2008-07-18 11:15:56.000000000 -0400
|
||||||
@@ -55,7 +55,7 @@
|
@@ -16,6 +16,7 @@
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int check_booleans(struct avc_t *avc, struct boolean_t **bools)
|
|
||||||
+static int check_booleans(struct boolean_t **bools)
|
|
||||||
{
|
{
|
||||||
char errormsg[PATH_MAX];
|
int rc;
|
||||||
struct sepol_av_decision avd;
|
va_list ap;
|
||||||
@@ -376,7 +376,7 @@
|
+ if (is_selinux_enabled() == 0) return 0;
|
||||||
avc->tsid = tsid;
|
va_start(ap, fmt);
|
||||||
avc->tclass = tclass;
|
rc = vfprintf(stderr, fmt, ap);
|
||||||
avc->av = av;
|
va_end(ap);
|
||||||
- if (check_booleans(avc, &bools) == 0) {
|
|
||||||
+ if (check_booleans(&bools) == 0) {
|
|
||||||
if (av & ~avd.auditdeny) {
|
|
||||||
RETURN(DONTAUDIT)
|
|
||||||
} else {
|
|
||||||
@@ -390,15 +390,15 @@
|
|
||||||
len++; b++;
|
|
||||||
}
|
|
||||||
b = bools;
|
|
||||||
- PyObject *boollist = PyTuple_New(len);
|
|
||||||
+ PyObject *outboollist = PyTuple_New(len);
|
|
||||||
len=0;
|
|
||||||
while(b->name) {
|
|
||||||
PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
|
|
||||||
- PyTuple_SetItem(boollist, len++, bool);
|
|
||||||
+ PyTuple_SetItem(outboollist, len++, bool);
|
|
||||||
b++;
|
|
||||||
}
|
|
||||||
free(bools);
|
|
||||||
- PyTuple_SetItem(result, 1, boollist);
|
|
||||||
+ PyTuple_SetItem(result, 1, outboollist);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.67/src/matchpathcon.c
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.67/src/matchpathcon.c
|
||||||
--- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400
|
--- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400
|
||||||
+++ libselinux-2.0.67/src/matchpathcon.c 2008-07-09 16:52:33.000000000 -0400
|
+++ libselinux-2.0.67/src/matchpathcon.c 2008-07-09 16:52:33.000000000 -0400
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
|
|
||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 2.0.67
|
Version: 2.0.69
|
||||||
Release: 4%{?dist}
|
Release: 1%{?dist}
|
||||||
License: Public Domain
|
License: Public Domain
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
|
||||||
@ -150,6 +150,13 @@ exit 0
|
|||||||
%{ruby_sitearch}/selinux.so
|
%{ruby_sitearch}/selinux.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.69-1
|
||||||
|
- Update to Upstream
|
||||||
|
* Handle duplicate file context regexes as a fatal error from Stephen Smalley.
|
||||||
|
This prevents adding them via semanage.
|
||||||
|
* Fix audit2why shadowed variables from Stephen Smalley.
|
||||||
|
* Note that freecon NULL is legal in man page from Karel Zak.
|
||||||
|
|
||||||
* Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-4
|
* Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-4
|
||||||
- Add ruby support for puppet
|
- Add ruby support for puppet
|
||||||
|
|
||||||
|
6
rubytest.rb
Normal file
6
rubytest.rb
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
require 'selinux'
|
||||||
|
print "selinux\n"
|
||||||
|
print "Is selinux enabled? " + Selinux.is_selinux_enabled().to_s + "\n"
|
||||||
|
print "Is selinux enforce? " + Selinux.security_getenforce().to_s + "\n"
|
||||||
|
print "Setfscreatecon? " + Selinux.setfscreatecon("system_u:object_r:etc_t:s0").to_s + "\n"
|
||||||
|
print "/etc -> " + Selinux.matchpathcon("/etc", 0)[1] + "\n"
|
Loading…
Reference in New Issue
Block a user