diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch index f517682..bb15816 100644 --- a/libsemanage-rhat.patch +++ b/libsemanage-rhat.patch @@ -1,8 +1,30 @@ diff --git libsemanage-2.4/src/direct_api.c libsemanage-2.4/src/direct_api.c -index b0ed338..ba5f475 100644 +index b0ed338..875c513 100644 --- libsemanage-2.4/src/direct_api.c +++ libsemanage-2.4/src/direct_api.c -@@ -1355,7 +1355,7 @@ static int semanage_direct_install_file(semanage_handle_t * sh, +@@ -1137,6 +1137,9 @@ static int semanage_direct_commit(semanage_handle_t * sh) + if (retval < 0) + goto cleanup; + ++ /* remove FC_TMPL now that it is now longer needed */ ++ unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); ++ + pfcontexts->dtable->drop_cache(pfcontexts->dbase); + + /* SEUsers */ +@@ -1241,11 +1244,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) + sepol_policydb_free(out); + out = NULL; + +- /* remove files that are automatically generated and no longer needed */ +- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); +- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); +- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); +- + if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { + retval = semanage_install_sandbox(sh); + } +@@ -1355,7 +1353,7 @@ static int semanage_direct_install_file(semanage_handle_t * sh, int in_fd = -1; char *path = NULL; char *filename; @@ -11,7 +33,7 @@ index b0ed338..ba5f475 100644 char *separator; if ((in_fd = open(install_filename, O_RDONLY)) == -1) { -@@ -1387,17 +1387,20 @@ static int semanage_direct_install_file(semanage_handle_t * sh, +@@ -1387,17 +1385,20 @@ static int semanage_direct_install_file(semanage_handle_t * sh, goto cleanup; } *separator = '\0'; @@ -52,7 +74,7 @@ index 4d25b07..32cc33c 100644 int fd; FILE *fptr; diff --git libsemanage-2.4/utils/semanage_migrate_store libsemanage-2.4/utils/semanage_migrate_store -index 03b492e..ba8a1f3 100755 +index 03b492e..22842fc 100755 --- libsemanage-2.4/utils/semanage_migrate_store +++ libsemanage-2.4/utils/semanage_migrate_store @@ -1,4 +1,4 @@ @@ -108,3 +130,18 @@ index 03b492e..ba8a1f3 100755 # List of paths that go in the active 'root' TOPPATHS = [ "commit_num", +@@ -282,9 +288,13 @@ if __name__ == "__main__": + "file_contexts.local", + "seusers", + "users.local", ++ "users_extra", + "users_extra.local", + "disable_dontaudit", +- "preserve_tunables" ] ++ "preserve_tunables", ++ "policy.kern", ++ "file_contexts", ++ "homedir_template"] + + + create_dir_from(oldroot_path(), newroot_path(), 0o755) diff --git a/libsemanage.spec b/libsemanage.spec index 711e523..6c8ee05 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -7,12 +7,12 @@ Summary: SELinux binary policy manipulation library Name: libsemanage Version: 2.4 -Release: 3%{?dist} +Release: 4%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/libsemanage-%{version}.tar.gz # use make-rhat-patches.sh to create following patch from https://github.com/bachradsusi/selinux.git -# HEAD https://github.com/fedora-selinux/selinux/commit/336103fb6eb115f437f006b065a4f90b63056102 +# HEAD https://github.com/fedora-selinux/selinux/commit/ab9d1d2458908164ae5dc74aaa084af19ded8a51 Patch: libsemanage-rhat.patch URL: https://github.com/SELinuxProject/selinux/wiki Source1: semanage.conf @@ -191,6 +191,10 @@ rm -rf ${RPM_BUILD_ROOT} %endif # if with_python3 %changelog +* Fri Sep 04 2015 Petr Lautrbach 2.4-4 +- Save homedir_template in the policy store for genhomedircon + https://bugs.gentoo.org/558686 + * Fri Aug 14 2015 Adam Jackson 2.4-3 - Pass ldflags into the build so hardening works