Fix setsebool command, handling of = broken.

- Add missing error option in booleansPage
2012-05-24 05:55:35 -04:00 · 2012-05-24 05:55:35 -04:00 · 03b8834355
commit 03b8834355
parent 1b634710d1
2 changed files with 62 additions and 16 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -89,10 +89,10 @@ index 0000000..53efa84
 +relabel:
 diff --git a/policycoreutils/gui/booleansPage.py b/policycoreutils/gui/booleansPage.py
 new file mode 100644
-index 0000000..dca786d
+index 0000000..1216255
 --- /dev/null
 +++ b/policycoreutils/gui/booleansPage.py
-@@ -0,0 +1,247 @@
+@@ -0,0 +1,258 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
 +#
@ -233,6 +233,15 @@ index 0000000..dca786d
 +        self.filter=""
 +        self.load(self.filter)
 +            
 +    def error(self, message):
 +        dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
 +                                gtk.BUTTONS_CLOSE,
 +                                message)
 +        dlg.set_position(gtk.WIN_POS_MOUSE)
 +        dlg.show_all()
 +        dlg.run()
 +        dlg.destroy()
 +
 +    def __search(self, model, col, key, i):
 +        sort_col = self.store.get_sort_column_id()[0]
 +        if sort_col > 0:
@ -310,8 +319,10 @@ index 0000000..dca786d
 +        key = self.store.get_value(iter, BOOLEAN)
 +        self.store.set_value(iter, ACTIVE , not val)
 +        self.wait()
-+        setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
+        setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val)
-+        commands.getstatusoutput(setsebool)
+        rc,out = commands.getstatusoutput(setsebool)
 +        if rc != 0:
 +            self.error(out)
 +        self.load(self.filter)
 +        self.ready()
 +
@ -5946,10 +5957,10 @@ index 0000000..55bad9d
 +</glade-interface>
 diff --git a/policycoreutils/gui/polgen.py b/policycoreutils/gui/polgen.py
 new file mode 100644
-index 0000000..5a73fa3
+index 0000000..2a7c61e
 --- /dev/null
 +++ b/policycoreutils/gui/polgen.py
-@@ -0,0 +1,1370 @@
+@@ -0,0 +1,1372 @@
 +#!/usr/bin/python -Es
 +#
 +# Copyright (C) 2007-2012 Red Hat 
@ -7306,9 +7317,11 @@ index 0000000..5a73fa3
 +           usage(_("Executable or Name required"))
 +
 +    try:
 +        cmd = os.path.realpath(cmds[0])
 +        if not name:
-+            name = os.path.basename(cmds[0]).replace("-","_")
+            name = os.path.basename(cmd).replace("-","_")
-+        cmd = cmds[0]
+
 +        print("Generating Policy for %s named %s" % (cmd, name))
 +        mypolicy = policy(name, setype)
 +        if setype not in USERS +  [ SANDBOX ]:
 +            mypolicy.set_program(cmd)
@ -287455,7 +287468,7 @@ index 2b66bad..38abeb8 100644
 This manual page was written by Dan Walsh <dwalsh@redhat.com>.
 The program was written by Tresys Technology.
 diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
-index d6c041b..ba118f3 100644
+index d6c041b..db1d1e1 100644
 --- a/policycoreutils/setsebool/setsebool.c
 +++ b/policycoreutils/setsebool/setsebool.c
@@ -6,6 +6,7 @@
@ -287466,7 +287479,7 @@ index d6c041b..ba118f3 100644
 #include <pwd.h>
 #include <selinux/selinux.h>
 #include <semanage/handle.h>
-@@ -15,13 +16,14 @@
+@@ -15,21 +16,22 @@
 #include <errno.h>
 int permanent = 0;
@ -287482,16 +287495,17 @@ index d6c041b..ba118f3 100644
 	     stderr);
 	exit(1);
 }
-@@ -29,7 +31,7 @@ void usage(void)
+ 
 int main(int argc, char **argv)
 {
- 	size_t rc, start;
+-	size_t rc, start;
 -
 +	size_t rc;
 +	int clflag;		/* holds codes for command line flags */
 	if (argc < 2)
 		usage();
-@@ -38,14 +40,30 @@ int main(int argc, char **argv)
+@@ -38,37 +40,52 @@ int main(int argc, char **argv)
 		return 1;
 	}
@ -287524,11 +287538,39 @@ index d6c041b..ba118f3 100644
 +		usage();
 +	}
 +	start = argc-optind;
 	/* Check to see which way we are being called. If a '=' is passed,
 	   we'll enforce the list syntax. If not we'll enforce the original
 	   syntax for backward compatibility. */
-@@ -165,7 +183,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
+-	if (strchr(argv[start], '=') == 0) {
 +	if (strchr(argv[optind], '=') == 0) {
 		int len;
 		char *bool_list[1];
 -		if ((argc - start) != 2)
 +		if ((argc - optind) != 2)
 			usage();
 		/* Add 1 for the '=' */
 -		len = strlen(argv[start]) + strlen(argv[start + 1]) + 2;
 +		len = strlen(argv[optind]) + strlen(argv[optind + 1]) + 2;
 		bool_list[0] = (char *)malloc(len);
 		if (bool_list[0] == 0) {
 			fputs("Out of memory - aborting\n", stderr);
 			return 1;
 		}
 -		snprintf(bool_list[0], len, "%s=%s", argv[start],
 -			 argv[start + 1]);
 +		snprintf(bool_list[0], len, "%s=%s", argv[optind],
 +			 argv[optind + 1]);
 		rc = setbool(bool_list, 0, 1);
 		free(bool_list[0]);
 	} else
 -		rc = setbool(argv, start, argc);
 +		rc = setbool(argv, optind, argc);
 	return rc;
 }
@@ -165,7 +182,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
 		boolean = NULL;
 	}
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.11
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@ -340,6 +340,10 @@ fi
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 %changelog
 * Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-16
 - Fix setsebool command, handling of = broken.
 - Add missing error option in booleansPage
 * Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-15
 - Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
 - Trigger on selinux-policy needs to change to selinux-policy-devel