- Update to Upstream

Handle duplicate file context regexes as a fatal error from Stephen
    Smalley. This prevents adding them via semanage.
Fix audit2why shadowed variables from Stephen Smalley.
Note that freecon NULL is legal in man page from Karel Zak.
This commit is contained in:
Daniel J Walsh 2008-07-29 13:22:45 +00:00
parent ee778682f8
commit d0a06b2c34
5 changed files with 27 additions and 57 deletions

View File

@ -153,3 +153,4 @@ libselinux-2.0.61.tgz
libselinux-2.0.64.tgz libselinux-2.0.64.tgz
libselinux-2.0.65.tgz libselinux-2.0.65.tgz
libselinux-2.0.67.tgz libselinux-2.0.67.tgz
libselinux-2.0.69.tgz

View File

@ -1,18 +1,3 @@
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.67/man/man3/freecon.3
--- nsalibselinux/man/man3/freecon.3 2008-06-12 23:25:12.000000000 -0400
+++ libselinux-2.0.67/man/man3/freecon.3 2008-07-09 16:52:33.000000000 -0400
@@ -15,6 +15,11 @@
.B freeconary
frees the memory allocated for a context array.
+If
+.I con
+is NULL, no operation is performed.
+
+
.SH "SEE ALSO"
.BR selinux "(8)"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.67/man/man8/selinuxconlist.8 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.67/man/man8/selinuxconlist.8
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500 --- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
+++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-07-09 16:52:33.000000000 -0400 +++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-07-09 16:52:33.000000000 -0400
@ -156,46 +141,17 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.6
indent: indent:
../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch])) ../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.67/src/audit2why.c diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.67/src/callbacks.c
--- nsalibselinux/src/audit2why.c 2008-06-12 23:25:14.000000000 -0400 --- nsalibselinux/src/callbacks.c 2008-06-12 23:25:14.000000000 -0400
+++ libselinux-2.0.67/src/audit2why.c 2008-07-09 16:52:33.000000000 -0400 +++ libselinux-2.0.67/src/callbacks.c 2008-07-18 11:15:56.000000000 -0400
@@ -55,7 +55,7 @@ @@ -16,6 +16,7 @@
return 0;
}
-static int check_booleans(struct avc_t *avc, struct boolean_t **bools)
+static int check_booleans(struct boolean_t **bools)
{ {
char errormsg[PATH_MAX]; int rc;
struct sepol_av_decision avd; va_list ap;
@@ -376,7 +376,7 @@ + if (is_selinux_enabled() == 0) return 0;
avc->tsid = tsid; va_start(ap, fmt);
avc->tclass = tclass; rc = vfprintf(stderr, fmt, ap);
avc->av = av; va_end(ap);
- if (check_booleans(avc, &bools) == 0) {
+ if (check_booleans(&bools) == 0) {
if (av & ~avd.auditdeny) {
RETURN(DONTAUDIT)
} else {
@@ -390,15 +390,15 @@
len++; b++;
}
b = bools;
- PyObject *boollist = PyTuple_New(len);
+ PyObject *outboollist = PyTuple_New(len);
len=0;
while(b->name) {
PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
- PyTuple_SetItem(boollist, len++, bool);
+ PyTuple_SetItem(outboollist, len++, bool);
b++;
}
free(bools);
- PyTuple_SetItem(result, 1, boollist);
+ PyTuple_SetItem(result, 1, outboollist);
return result;
}
}
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.67/src/matchpathcon.c diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.67/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400 --- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400
+++ libselinux-2.0.67/src/matchpathcon.c 2008-07-09 16:52:33.000000000 -0400 +++ libselinux-2.0.67/src/matchpathcon.c 2008-07-09 16:52:33.000000000 -0400

View File

@ -4,8 +4,8 @@
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Name: libselinux Name: libselinux
Version: 2.0.67 Version: 2.0.69
Release: 4%{?dist} Release: 1%{?dist}
License: Public Domain License: Public Domain
Group: System Environment/Libraries Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@ -150,6 +150,13 @@ exit 0
%{ruby_sitearch}/selinux.so %{ruby_sitearch}/selinux.so
%changelog %changelog
* Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.69-1
- Update to Upstream
* Handle duplicate file context regexes as a fatal error from Stephen Smalley.
This prevents adding them via semanage.
* Fix audit2why shadowed variables from Stephen Smalley.
* Note that freecon NULL is legal in man page from Karel Zak.
* Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-4 * Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-4
- Add ruby support for puppet - Add ruby support for puppet

6
rubytest.rb Normal file
View File

@ -0,0 +1,6 @@
require 'selinux'
print "selinux\n"
print "Is selinux enabled? " + Selinux.is_selinux_enabled().to_s + "\n"
print "Is selinux enforce? " + Selinux.security_getenforce().to_s + "\n"
print "Setfscreatecon? " + Selinux.setfscreatecon("system_u:object_r:etc_t:s0").to_s + "\n"
print "/etc -> " + Selinux.matchpathcon("/etc", 0)[1] + "\n"

View File

@ -1 +1 @@
76f43d37b71d72ada3f5f698ece19bde libselinux-2.0.67.tgz df1da9cc1131fa5ce102928ce1cd910b libselinux-2.0.69.tgz