rpms/libsemanage
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- Update to upstream

Browse Source 
Change semodule upgrade behavior to install even if the module is not
    present from Dan Walsh.
Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
This commit is contained in:
Daniel J Walsh 2009-09-17 13:02:59 +00:00
parent 5aeb590264
commit b05566938b
4 changed files with 19 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -110,3 +110,4 @@ libsemanage-2.0.33.tgz
libsemanage-2.0.35.tgz libsemanage-2.0.35.tgz
libsemanage-2.0.36.tgz libsemanage-2.0.36.tgz
libsemanage-2.0.37.tgz libsemanage-2.0.37.tgz
libsemanage-2.0.38.tgz

56
libsemanage-rhat.patch
View File

@ -35,8 +35,8 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage
} }
conf->load_policy->args = NULL; conf->load_policy->args = NULL;
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.37/src/direct_api.c diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.37/src/direct_api.c
--- nsalibsemanage/src/direct_api.c 2009-09-08 09:03:10.000000000 -0400 --- nsalibsemanage/src/direct_api.c 2009-09-17 08:59:43.000000000 -0400
+++ libsemanage-2.0.37/src/direct_api.c 2009-09-09 13:55:07.000000000 -0400 +++ libsemanage-2.0.37/src/direct_api.c 2009-09-10 17:15:32.000000000 -0400
@@ -66,6 +66,8 @@ @@ -66,6 +66,8 @@
static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data, static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data,
size_t data_len); size_t data_len);
@ -74,7 +74,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
return 0; return 0;
} }
@@ -1277,6 +1288,107 @@ @@ -1273,6 +1284,107 @@
return retval; return retval;
} }
@ -182,7 +182,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
/* Removes a module from the sandbox. Returns 0 on success, -1 if out /* Removes a module from the sandbox. Returns 0 on success, -1 if out
* of memory, -2 if module not found or could not be removed. */ * of memory, -2 if module not found or could not be removed. */
static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) static int semanage_direct_remove(semanage_handle_t * sh, char *module_name)
@@ -1297,8 +1409,7 @@ @@ -1293,8 +1405,7 @@
goto cleanup; goto cleanup;
} }
base++; base++;
@ -192,7 +192,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
if (unlink(module_filenames[i]) == -1) { if (unlink(module_filenames[i]) == -1) {
ERR(sh, "Could not remove module file %s.", ERR(sh, "Could not remove module file %s.",
module_filenames[i]); module_filenames[i]);
@@ -1373,6 +1484,7 @@ @@ -1369,6 +1480,7 @@
} }
ssize_t size; ssize_t size;
char *data = NULL; char *data = NULL;
@ -200,7 +200,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
if ((size = bunzip(sh, fp, &data)) > 0) { if ((size = bunzip(sh, fp, &data)) > 0) {
fclose(fp); fclose(fp);
@@ -1397,6 +1509,7 @@ @@ -1393,6 +1505,7 @@
if (type == SEPOL_POLICY_MOD) { if (type == SEPOL_POLICY_MOD) {
(*modinfo)[*num_modules].name = name; (*modinfo)[*num_modules].name = name;
(*modinfo)[*num_modules].version = version; (*modinfo)[*num_modules].version = version;
@ -208,42 +208,6 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage
(*num_modules)++; (*num_modules)++;
} else { } else {
/* file was not a module, so don't report it */ /* file was not a module, so don't report it */
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.37/src/genhomedircon.c
--- nsalibsemanage/src/genhomedircon.c 2008-08-28 09:34:24.000000000 -0400
+++ libsemanage-2.0.37/src/genhomedircon.c 2009-09-09 13:55:07.000000000 -0400
@@ -304,10 +304,20 @@
continue;
if (!semanage_list_find(shells, pwbuf->pw_shell))
continue;
+ int len = strlen(pwbuf->pw_dir) -1;
+ for(; len > 0 && pwbuf->pw_dir[len]=='/'; len--) {
+ pwbuf->pw_dir[len]=0;
+ }
if (strcmp(pwbuf->pw_dir, "/") == 0)
continue;
if (semanage_str_count(pwbuf->pw_dir, '/') <= 1)
continue;
+
+ if (strcmp(pwbuf->pw_dir, "/root") == 0) {
+ /* don't relabel /root*/
+ continue;
+ }
+
if (!(path = strdup(pwbuf->pw_dir))) {
break;
}
@@ -794,6 +804,11 @@
* /root */
continue;
}
+ if (strcmp(pwent->pw_dir, "/root") == 0) {
+ /* don't relabel /root*/
+ continue;
+ }
+
if (push_user_entry(&head, name, seuname,
prefix, pwent->pw_dir) != STATUS_SUCCESS) {
*errors = STATUS_ERR;
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.37/src/libsemanage.map diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.37/src/libsemanage.map
--- nsalibsemanage/src/libsemanage.map 2009-07-07 15:32:32.000000000 -0400 --- nsalibsemanage/src/libsemanage.map 2009-07-07 15:32:32.000000000 -0400
+++ libsemanage-2.0.37/src/libsemanage.map 2009-09-09 13:55:07.000000000 -0400 +++ libsemanage-2.0.37/src/libsemanage.map 2009-09-09 13:55:07.000000000 -0400
@ -273,9 +237,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsem
hidden_proto(semanage_module_list_nth) hidden_proto(semanage_module_list_nth)
#endif #endif
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.37/src/modules.c diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.37/src/modules.c
--- nsalibsemanage/src/modules.c 2009-01-13 08:45:35.000000000 -0500 --- nsalibsemanage/src/modules.c 2009-09-17 08:59:43.000000000 -0400
+++ libsemanage-2.0.37/src/modules.c 2009-09-09 13:55:07.000000000 -0400 +++ libsemanage-2.0.37/src/modules.c 2009-09-10 17:15:42.000000000 -0400
@@ -147,6 +147,40 @@ @@ -154,6 +153,40 @@
return sh->funcs->install_base_file(sh, module_name); return sh->funcs->install_base_file(sh, module_name);
} }
@ -316,7 +280,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.
int semanage_module_remove(semanage_handle_t * sh, char *module_name) int semanage_module_remove(semanage_handle_t * sh, char *module_name)
{ {
if (sh->funcs->remove == NULL) { if (sh->funcs->remove == NULL) {
@@ -202,6 +236,13 @@ @@ -209,6 +242,13 @@
hidden_def(semanage_module_get_name) hidden_def(semanage_module_get_name)

8
libsemanage.spec
View File

@ -2,7 +2,7 @@
%define libselinuxver 2.0.0-1 %define libselinuxver 2.0.0-1
Summary: SELinux binary policy manipulation library Summary: SELinux binary policy manipulation library
Name: libsemanage Name: libsemanage
Version: 2.0.37 Version: 2.0.38
Release: 1%{?dist} Release: 1%{?dist}
License: LGPLv2+ License: LGPLv2+
Group: System Environment/Libraries Group: System Environment/Libraries
@ -91,6 +91,12 @@ rm -rf ${RPM_BUILD_ROOT}
%{_libdir}/python*/site-packages/* %{_libdir}/python*/site-packages/*
%changelog %changelog
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.38-1
- Update to upstream
* Change semodule upgrade behavior to install even if the module
is not present from Dan Walsh.
* Make genhomedircon trim excess '/' from homedirs from Dan Walsh.
* Wed Sep 9 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.37-1 * Wed Sep 9 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.37-1
- Update to upstream - Update to upstream
* Fix persistent dontaudit support to rebuild policy if the * Fix persistent dontaudit support to rebuild policy if the

2
sources
View File

@ -1 +1 @@
bacf84c36e8e57a424da23eb585373ee libsemanage-2.0.37.tgz e4cde213b36fe94b30704600026c39f2 libsemanage-2.0.38.tgz