libsemanage-2.8-5

- Include user name in ROLE_REMOVE audit events
2018-09-17 14:31:33 +02:00 · 2018-09-17 14:31:33 +02:00 · 610584a4f1
commit 610584a4f1
parent 0e04653dfb
2 changed files with 34 additions and 3 deletions
--- a/libsemanage-fedora.patch
+++ b/libsemanage-fedora.patch
@ -156,3 +156,31 @@ index f1984c5..58dded6 100644
 	return 0;
 
       cleanup:
+diff --git libsemanage-2.8/src/seusers_local.c libsemanage-2.8/src/seusers_local.c
+index 413ebdd..a79e2d3 100644
+--- libsemanage-2.8/src/seusers_local.c
+++ libsemanage-2.8/src/seusers_local.c
+@@ -71,17 +71,18 @@ static int semanage_seuser_audit(semanage_handle_t * handle,
+ 	const char *sep = "-";
+ 	int rc = -1;
+ 	strcpy(msg, "login");
+	if (previous) {
+		name = semanage_seuser_get_name(previous);
+		psename = semanage_seuser_get_sename(previous);
+		pmls = semanage_seuser_get_mlsrange(previous);
+		proles = semanage_user_roles(handle, psename);
+	}
+ 	if (seuser) {
+ 		name = semanage_seuser_get_name(seuser);
+ 		sename = semanage_seuser_get_sename(seuser);
+ 		mls = semanage_seuser_get_mlsrange(seuser);
+ 		roles = semanage_user_roles(handle, sename);
+ 	}
+-	if (previous) {
+-		psename = semanage_seuser_get_sename(previous);
+-		pmls = semanage_seuser_get_mlsrange(previous);
+-		proles = semanage_user_roles(handle, psename);
+-	}
+ 	if (audit_type != AUDIT_ROLE_REMOVE) {
+ 		if (sename && (!psename || strcmp(psename, sename) != 0)) {
+ 			strcat(msg,sep);
--- a/libsemanage.spec
+++ b/libsemanage.spec
@ -4,14 +4,14 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
 Version: 2.8
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: LGPLv2+
 Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/libsemanage-2.8.tar.gz
 # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
 # run:
 # $ VERSION=2.8 ./make-fedora-selinux-patch.sh libsemanage
-# HEAD https://github.com/fedora-selinux/selinux/commit/db1433d3b785eadb4eecf5c82430d57c92855a35
-# Patch1: libsemanage-fedora.patch
+# HEAD https://github.com/fedora-selinux/selinux/commit/23336180581f2ea967f7b3999969013e5917718c
+Patch1: libsemanage-fedora.patch
 URL: https://github.com/SELinuxProject/selinux/wiki
 Source1: semanage.conf

@ -179,6 +179,9 @@ sed -i '1s%\(#! */usr/bin/python\)\([^3].*\|\)$%\13\2%' %{buildroot}%{_libexecdi
 %{_libexecdir}/selinux/semanage_migrate_store

 %changelog
+* Mon Sep 17 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-5
+- Include user name in ROLE_REMOVE audit events
+
 * Tue Sep  4 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-4
 - Reset umask before creating directories (#1186422)