- Update to upstream
Change semodule upgrade behavior to install even if the module is not present from Dan Walsh. Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
This commit is contained in:
parent
5aeb590264
commit
b05566938b
@ -110,3 +110,4 @@ libsemanage-2.0.33.tgz
|
||||
libsemanage-2.0.35.tgz
|
||||
libsemanage-2.0.36.tgz
|
||||
libsemanage-2.0.37.tgz
|
||||
libsemanage-2.0.38.tgz
|
||||
|
@ -35,8 +35,8 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage
|
||||
}
|
||||
conf->load_policy->args = NULL;
|
||||
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.37/src/direct_api.c
|
||||
--- nsalibsemanage/src/direct_api.c 2009-09-08 09:03:10.000000000 -0400
|
||||
+++ libsemanage-2.0.37/src/direct_api.c 2009-09-09 13:55:07.000000000 -0400
|
||||
--- nsalibsemanage/src/direct_api.c 2009-09-17 08:59:43.000000000 -0400
|
||||
+++ libsemanage-2.0.37/src/direct_api.c 2009-09-10 17:15:32.000000000 -0400
|
||||
@@ -66,6 +66,8 @@
|
||||
static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data,
|
||||
size_t data_len);
|
||||
@ -74,7 +74,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -1277,6 +1288,107 @@
|
||||
@@ -1273,6 +1284,107 @@
|
||||
return retval;
|
||||
}
|
||||
|
||||
@ -182,7 +182,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
|
||||
/* Removes a module from the sandbox. Returns 0 on success, -1 if out
|
||||
* of memory, -2 if module not found or could not be removed. */
|
||||
static int semanage_direct_remove(semanage_handle_t * sh, char *module_name)
|
||||
@@ -1297,8 +1409,7 @@
|
||||
@@ -1293,8 +1405,7 @@
|
||||
goto cleanup;
|
||||
}
|
||||
base++;
|
||||
@ -192,7 +192,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
|
||||
if (unlink(module_filenames[i]) == -1) {
|
||||
ERR(sh, "Could not remove module file %s.",
|
||||
module_filenames[i]);
|
||||
@@ -1373,6 +1484,7 @@
|
||||
@@ -1369,6 +1480,7 @@
|
||||
}
|
||||
ssize_t size;
|
||||
char *data = NULL;
|
||||
@ -200,7 +200,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
|
||||
|
||||
if ((size = bunzip(sh, fp, &data)) > 0) {
|
||||
fclose(fp);
|
||||
@@ -1397,6 +1509,7 @@
|
||||
@@ -1393,6 +1505,7 @@
|
||||
if (type == SEPOL_POLICY_MOD) {
|
||||
(*modinfo)[*num_modules].name = name;
|
||||
(*modinfo)[*num_modules].version = version;
|
||||
@ -208,42 +208,6 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
|
||||
(*num_modules)++;
|
||||
} else {
|
||||
/* file was not a module, so don't report it */
|
||||
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.37/src/genhomedircon.c
|
||||
--- nsalibsemanage/src/genhomedircon.c 2008-08-28 09:34:24.000000000 -0400
|
||||
+++ libsemanage-2.0.37/src/genhomedircon.c 2009-09-09 13:55:07.000000000 -0400
|
||||
@@ -304,10 +304,20 @@
|
||||
continue;
|
||||
if (!semanage_list_find(shells, pwbuf->pw_shell))
|
||||
continue;
|
||||
+ int len = strlen(pwbuf->pw_dir) -1;
|
||||
+ for(; len > 0 && pwbuf->pw_dir[len]=='/'; len--) {
|
||||
+ pwbuf->pw_dir[len]=0;
|
||||
+ }
|
||||
if (strcmp(pwbuf->pw_dir, "/") == 0)
|
||||
continue;
|
||||
if (semanage_str_count(pwbuf->pw_dir, '/') <= 1)
|
||||
continue;
|
||||
+
|
||||
+ if (strcmp(pwbuf->pw_dir, "/root") == 0) {
|
||||
+ /* don't relabel /root*/
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
if (!(path = strdup(pwbuf->pw_dir))) {
|
||||
break;
|
||||
}
|
||||
@@ -794,6 +804,11 @@
|
||||
* /root */
|
||||
continue;
|
||||
}
|
||||
+ if (strcmp(pwent->pw_dir, "/root") == 0) {
|
||||
+ /* don't relabel /root*/
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
if (push_user_entry(&head, name, seuname,
|
||||
prefix, pwent->pw_dir) != STATUS_SUCCESS) {
|
||||
*errors = STATUS_ERR;
|
||||
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.37/src/libsemanage.map
|
||||
--- nsalibsemanage/src/libsemanage.map 2009-07-07 15:32:32.000000000 -0400
|
||||
+++ libsemanage-2.0.37/src/libsemanage.map 2009-09-09 13:55:07.000000000 -0400
|
||||
@ -273,9 +237,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsem
|
||||
hidden_proto(semanage_module_list_nth)
|
||||
#endif
|
||||
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.37/src/modules.c
|
||||
--- nsalibsemanage/src/modules.c 2009-01-13 08:45:35.000000000 -0500
|
||||
+++ libsemanage-2.0.37/src/modules.c 2009-09-09 13:55:07.000000000 -0400
|
||||
@@ -147,6 +147,40 @@
|
||||
--- nsalibsemanage/src/modules.c 2009-09-17 08:59:43.000000000 -0400
|
||||
+++ libsemanage-2.0.37/src/modules.c 2009-09-10 17:15:42.000000000 -0400
|
||||
@@ -154,6 +153,40 @@
|
||||
return sh->funcs->install_base_file(sh, module_name);
|
||||
}
|
||||
|
||||
@ -316,7 +280,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.
|
||||
int semanage_module_remove(semanage_handle_t * sh, char *module_name)
|
||||
{
|
||||
if (sh->funcs->remove == NULL) {
|
||||
@@ -202,6 +236,13 @@
|
||||
@@ -209,6 +242,13 @@
|
||||
|
||||
hidden_def(semanage_module_get_name)
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
%define libselinuxver 2.0.0-1
|
||||
Summary: SELinux binary policy manipulation library
|
||||
Name: libsemanage
|
||||
Version: 2.0.37
|
||||
Version: 2.0.38
|
||||
Release: 1%{?dist}
|
||||
License: LGPLv2+
|
||||
Group: System Environment/Libraries
|
||||
@ -91,6 +91,12 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%{_libdir}/python*/site-packages/*
|
||||
|
||||
%changelog
|
||||
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.38-1
|
||||
- Update to upstream
|
||||
* Change semodule upgrade behavior to install even if the module
|
||||
is not present from Dan Walsh.
|
||||
* Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
|
||||
|
||||
* Wed Sep 9 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.37-1
|
||||
- Update to upstream
|
||||
* Fix persistent dontaudit support to rebuild policy if the
|
||||
|
Loading…
Reference in New Issue
Block a user