From 5aeb590264c68aff29c94e6f07d8dd8e42488132 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Wed, 9 Sep 2009 17:57:13 +0000
Subject: [PATCH] - Update to upstream Fix persistent dontaudit support to
 rebuild policy if the dontaudit state     is changed from Chad Sellers. -
 Move load_policy to /sbin

---
 .cvsignore             |  1 +
 libsemanage-rhat.patch | 66 +++++++++++++++++++++++++-----------------
 libsemanage.spec       | 10 +++++--
 sources                |  2 +-
 4 files changed, 49 insertions(+), 30 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index d590585..8e33f06 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -109,3 +109,4 @@ libsemanage-2.0.32.tgz
 libsemanage-2.0.33.tgz
 libsemanage-2.0.35.tgz
 libsemanage-2.0.36.tgz
+libsemanage-2.0.37.tgz
diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch
index 9b14939..fab061e 100644
--- a/libsemanage-rhat.patch
+++ b/libsemanage-rhat.patch
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h libsemanage-2.0.36/include/semanage/modules.h
+diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h libsemanage-2.0.37/include/semanage/modules.h
 --- nsalibsemanage/include/semanage/modules.h	2009-01-13 08:45:35.000000000 -0500
-+++ libsemanage-2.0.36/include/semanage/modules.h	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/include/semanage/modules.h	2009-09-09 13:55:07.000000000 -0400
 @@ -40,10 +40,12 @@
  				 char *module_data, size_t data_len);
  int semanage_module_install_base_file(semanage_handle_t *,
@@ -22,9 +22,21 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h l
 +int semanage_module_get_enabled(semanage_module_info_t *);
  
  #endif
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.36/src/direct_api.c
---- nsalibsemanage/src/direct_api.c	2009-08-26 15:06:22.000000000 -0400
-+++ libsemanage-2.0.36/src/direct_api.c	2009-08-28 14:00:55.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage-2.0.37/src/conf-parse.y
+--- nsalibsemanage/src/conf-parse.y	2009-08-05 15:10:56.000000000 -0400
++++ libsemanage-2.0.37/src/conf-parse.y	2009-09-09 13:55:50.000000000 -0400
+@@ -263,7 +263,7 @@
+ 	     calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) {
+ 		return -1;
+ 	}
+-	if ((conf->load_policy->path = strdup("/usr/sbin/load_policy")) == NULL) {
++	if ((conf->load_policy->path = strdup("/sbin/load_policy")) == NULL) {
+ 		return -1;
+ 	}
+ 	conf->load_policy->args = NULL;
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.37/src/direct_api.c
+--- nsalibsemanage/src/direct_api.c	2009-09-08 09:03:10.000000000 -0400
++++ libsemanage-2.0.37/src/direct_api.c	2009-09-09 13:55:07.000000000 -0400
 @@ -66,6 +66,8 @@
  static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data,
  					size_t data_len);
@@ -62,7 +74,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
  	return 0;
  }
  
-@@ -1272,6 +1283,107 @@
+@@ -1277,6 +1288,107 @@
  	return retval;
  }
  
@@ -170,7 +182,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
  /* Removes a module from the sandbox.  Returns 0 on success, -1 if out
   * of memory, -2 if module not found or could not be removed. */
  static int semanage_direct_remove(semanage_handle_t * sh, char *module_name)
-@@ -1292,8 +1404,7 @@
+@@ -1297,8 +1409,7 @@
  			goto cleanup;
  		}
  		base++;
@@ -180,7 +192,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
  			if (unlink(module_filenames[i]) == -1) {
  				ERR(sh, "Could not remove module file %s.",
  				    module_filenames[i]);
-@@ -1368,6 +1479,7 @@
+@@ -1373,6 +1484,7 @@
  		}
  		ssize_t size;
  		char *data = NULL;
@@ -188,7 +200,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
  
  		if ((size = bunzip(sh, fp, &data)) > 0) {
  			fclose(fp);
-@@ -1392,6 +1504,7 @@
+@@ -1397,6 +1509,7 @@
  		if (type == SEPOL_POLICY_MOD) {
  			(*modinfo)[*num_modules].name = name;
  			(*modinfo)[*num_modules].version = version;
@@ -196,9 +208,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
  			(*num_modules)++;
  		} else {
  			/* file was not a module, so don't report it */
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.36/src/genhomedircon.c
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.37/src/genhomedircon.c
 --- nsalibsemanage/src/genhomedircon.c	2008-08-28 09:34:24.000000000 -0400
-+++ libsemanage-2.0.36/src/genhomedircon.c	2009-08-26 15:07:35.000000000 -0400
++++ libsemanage-2.0.37/src/genhomedircon.c	2009-09-09 13:55:07.000000000 -0400
 @@ -304,10 +304,20 @@
  			continue;
  		if (!semanage_list_find(shells, pwbuf->pw_shell))
@@ -232,9 +244,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libseman
  		if (push_user_entry(&head, name, seuname,
  				    prefix, pwent->pw_dir) != STATUS_SUCCESS) {
  			*errors = STATUS_ERR;
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.36/src/libsemanage.map
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.37/src/libsemanage.map
 --- nsalibsemanage/src/libsemanage.map	2009-07-07 15:32:32.000000000 -0400
-+++ libsemanage-2.0.36/src/libsemanage.map	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/libsemanage.map	2009-09-09 13:55:07.000000000 -0400
 @@ -6,10 +6,13 @@
  	  semanage_module_install; semanage_module_install_file;
  	  semanage_module_upgrade; semanage_module_upgrade_file;
@@ -249,9 +261,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libseman
  	  semanage_reload_policy; semanage_set_reload; semanage_set_rebuild;
  	  semanage_user_*; semanage_bool_*; semanage_seuser_*;
  	  semanage_iface_*; semanage_port_*; semanage_context_*;
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsemanage-2.0.36/src/module_internal.h
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsemanage-2.0.37/src/module_internal.h
 --- nsalibsemanage/src/module_internal.h	2008-08-28 09:34:24.000000000 -0400
-+++ libsemanage-2.0.36/src/module_internal.h	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/module_internal.h	2009-09-09 13:55:07.000000000 -0400
 @@ -6,6 +6,7 @@
  
  hidden_proto(semanage_module_get_name)
@@ -260,9 +272,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsem
      hidden_proto(semanage_module_info_datum_destroy)
      hidden_proto(semanage_module_list_nth)
  #endif
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.36/src/modules.c
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.37/src/modules.c
 --- nsalibsemanage/src/modules.c	2009-01-13 08:45:35.000000000 -0500
-+++ libsemanage-2.0.36/src/modules.c	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/modules.c	2009-09-09 13:55:07.000000000 -0400
 @@ -147,6 +147,40 @@
  	return sh->funcs->install_base_file(sh, module_name);
  }
@@ -318,9 +330,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.
  const char *semanage_module_get_version(semanage_module_info_t * modinfo)
  {
  	return modinfo->version;
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2.0.36/src/modules.h
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2.0.37/src/modules.h
 --- nsalibsemanage/src/modules.h	2008-08-28 09:34:24.000000000 -0400
-+++ libsemanage-2.0.36/src/modules.h	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/modules.h	2009-09-09 13:55:07.000000000 -0400
 @@ -26,6 +26,7 @@
  struct semanage_module_info {
  	char *name;		/* Key */
@@ -329,9 +341,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2.
  };
  
  #endif
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0.36/src/policy.h
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0.37/src/policy.h
 --- nsalibsemanage/src/policy.h	2009-01-13 08:45:35.000000000 -0500
-+++ libsemanage-2.0.36/src/policy.h	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/policy.h	2009-09-09 13:55:07.000000000 -0400
 @@ -58,6 +58,12 @@
  	/* Upgrade a policy module */
  	int (*upgrade_file) (struct semanage_handle *, const char *);
@@ -345,18 +357,18 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0
  	/* Remove a policy module */
  	int (*remove) (struct semanage_handle *, char *);
  
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.36/src/semanage.conf
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.37/src/semanage.conf
 --- nsalibsemanage/src/semanage.conf	2008-08-28 09:34:24.000000000 -0400
-+++ libsemanage-2.0.36/src/semanage.conf	2009-08-26 15:07:35.000000000 -0400
++++ libsemanage-2.0.37/src/semanage.conf	2009-09-09 13:55:07.000000000 -0400
 @@ -35,4 +35,4 @@
  # given in <sepol/policydb.h>.  Change this setting if a different
  # version is necessary.
  #policy-version = 19
 -
 +expand-check=0
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.36/src/semanage_store.c
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.37/src/semanage_store.c
 --- nsalibsemanage/src/semanage_store.c	2009-08-05 15:10:56.000000000 -0400
-+++ libsemanage-2.0.36/src/semanage_store.c	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/semanage_store.c	2009-09-09 13:55:07.000000000 -0400
 @@ -57,6 +57,8 @@
  
  #include "debug.h"
@@ -459,9 +471,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsema
  	    -1 || semanage_load_module(sh, base_filename, base) == -1) {
  		goto cleanup;
  	}
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h libsemanage-2.0.36/src/semanage_store.h
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h libsemanage-2.0.37/src/semanage_store.h
 --- nsalibsemanage/src/semanage_store.h	2009-07-07 15:32:32.000000000 -0400
-+++ libsemanage-2.0.36/src/semanage_store.h	2009-08-28 14:00:55.000000000 -0400
++++ libsemanage-2.0.37/src/semanage_store.h	2009-09-09 13:55:07.000000000 -0400
 @@ -128,4 +128,6 @@
  		     size_t buf_len,
  		     char **sorted_buf, size_t * sorted_buf_len);
diff --git a/libsemanage.spec b/libsemanage.spec
index ebab8ae..7c21df4 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -2,8 +2,8 @@
 %define libselinuxver 2.0.0-1
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
-Version: 2.0.36
-Release: 2%{?dist}
+Version: 2.0.37
+Release: 1%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/libsemanage-%{version}.tgz
@@ -91,6 +91,12 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_libdir}/python*/site-packages/*
 
 %changelog
+* Wed Sep 9 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.37-1
+- Update to upstream
+  	* Fix persistent dontaudit support to rebuild policy if the 
+        dontaudit state is changed from Chad Sellers.
+- Move load_policy to /sbin
+
 * Fri Aug 28 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.36-2
 - Add enable/disable modules
 
diff --git a/sources b/sources
index 6021a15..dcf68b7 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-2d8087a2b4d47a55a34c6bb68ab32c1d  libsemanage-2.0.36.tgz
+bacf84c36e8e57a424da23eb585373ee  libsemanage-2.0.37.tgz