diff --git a/.cvsignore b/.cvsignore index efc8fa4..c352986 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -policycoreutils-1.4.tgz +policycoreutils-1.9.tgz diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch new file mode 100644 index 0000000..d922ee1 --- /dev/null +++ b/policycoreutils-rhat.patch @@ -0,0 +1,143 @@ +--- policycoreutils-1.9/restorecon/restorecon.c.rhat 2004-03-15 12:04:20.000000000 -0500 ++++ policycoreutils-1.9/restorecon/restorecon.c 2004-03-23 11:51:08.438569904 -0500 +@@ -25,13 +25,15 @@ + #include + #include + #include ++#include ++#include + #include + #include + + void usage(const char * const name) + { + fprintf(stderr, +- "usage: %s [-hnv] pathname...\n", name); ++ "usage: %s [-nv] pathname...\n", name); + exit(1); + } + +@@ -39,15 +41,18 @@ + security_context_t scontext; + security_context_t prev_context; + int i=0; ++ int retcontext=0; + int retval=0; + int errors=0; +- int links=0; + int change=1; + int verbose=0; + char opt; + char *progname=argv[0]; + +- while ((opt = getopt(argc, argv, "hnv")) > 0) { ++ if (is_selinux_enabled() <= 0 ) ++ exit(0); ++ ++ while ((opt = getopt(argc, argv, "nv")) > 0) { + switch (opt) { + case 'n': + change = 0; +@@ -55,50 +60,49 @@ + case 'v': + verbose = 1; + break; +- case 'h': +- links = 1; +- break; + case '?': + usage(argv[0]); + } + } + for (i=optind; i< argc; i++) { +- retval = matchpathcon(argv[i], 0, &scontext); ++ char *filename=argv[i]; ++ int len=strlen(filename); ++ /* ++ Eliminate trailing / ++ */ ++ if (filename[len-1]=='/' && (strcmp(filename,"/") != 0)) { ++ filename[len-1]=NULL; ++ } ++ retval = matchpathcon(filename, 0, &scontext); + if (retval < 0) { +- fprintf(stderr,"matchpathcon(%s) failed\n", argv[i]); ++ fprintf(stderr,"matchpathcon(%s) failed\n", filename); + errors++; + continue; + } +- if (links) +- retval=lgetfilecon(argv[i],&prev_context); +- else +- retval=getfilecon(argv[i],&prev_context); +- +- if (retval > 0) { +- if (strcmp(prev_context,scontext) != 0) { +- ++ retcontext=lgetfilecon(filename,&prev_context); ++ ++ if (retcontext >= 0 || errno == ENODATA) { ++ if (retcontext < 0 || strcmp(prev_context,scontext) != 0) { + if (change) { +- if ( links ) +- retval=lsetfilecon(argv[i],scontext); +- else +- retval=setfilecon(argv[i],scontext); ++ retval=lsetfilecon(filename,scontext); + } + if (retval<0) + fprintf(stderr,"%s set context %s->%s failed:'%s'\n", +- progname, argv[i], scontext, strerror(errno)); ++ progname, filename, scontext, strerror(errno)); + else + if (verbose) + fprintf(stderr,"%s set context %s->%s\n", +- progname, argv[i], scontext); +- } ++ progname, filename, scontext); ++ } ++ if (retcontext >= 0) ++ free(prev_context); + } + else { + if (verbose) + fprintf(stderr,"%s get context on %s failed: '%s'\n", +- progname, argv[i], strerror(errno)); ++ progname, filename, strerror(errno)); + } + free(scontext); +- free(prev_context); + } + return errors; + } +--- policycoreutils-1.9/restorecon/restorecon.8.rhat 2004-03-15 12:04:20.000000000 -0500 ++++ policycoreutils-1.9/restorecon/restorecon.8 2004-03-18 10:04:44.000000000 -0500 +@@ -4,7 +4,7 @@ + + .SH "SYNOPSIS" + .B restorecon +-.I [\-h] [\-n] [\-v] pathname... ++.I [\-n] [\-v] pathname... + + .SH "DESCRIPTION" + This manual page describes the +@@ -20,9 +20,6 @@ + + .SH "OPTIONS" + .TP +-.B \-h +-change symbolic links rather then the files they point at +-.TP + .B \-n + don't change any file labels. + .TP +--- policycoreutils-1.9/restorecon/Makefile.rhat 2004-03-15 12:04:20.000000000 -0500 ++++ policycoreutils-1.9/restorecon/Makefile 2004-03-18 10:04:44.000000000 -0500 +@@ -1,6 +1,6 @@ + # Installation directories. + PREFIX ?= ${DESTDIR}/usr +-SBINDIR ?= $(PREFIX)/sbin ++SBINDIR ?= $(DESTDIR)/sbin + MANDIR = $(PREFIX)/share/man + + CFLAGS = -Wall diff --git a/policycoreutils.spec b/policycoreutils.spec index 4fc47d9..de54964 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -1,16 +1,17 @@ Summary: SELinux policy core utilities. Name: policycoreutils -Version: 1.4 -Release: 7 +Version: 1.9 +Release: 12 License: GPL Group: System Environment/Base -Source: http://www.nsa.gov/selinux/archives/policycoreutils-1.4.tgz -Source2: restorecon -Source3: checkcon -Source4: genhomedircon +Source: http://www.nsa.gov/selinux/archives/policycoreutils-1.9.tgz Prefix: %{_prefix} -Patch1: setfiles-quiet.patch BuildRequires: libselinux-devel +Source1: fixfiles +Source2: checkselinux +Patch1: policycoreutils-genhomedircon.patch +Patch2: policycoreutils-rhat.patch +Patch3: policycoreutils-verbosity.patch BuildRoot: %{_tmppath}/%{name}-buildroot @@ -33,24 +34,24 @@ context. %prep %setup -q -%patch1 -p1 -b .setfilesquiet +%patch1 -p1 -b .genhomedircon +%patch2 -p1 -b .rhat +%patch3 -p1 -b .verbosity %build -make all CONSOLEHELPER="-DCONSOLEHELPER" +make all %install rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}%{_bindir} mkdir -p ${RPM_BUILD_ROOT}%{_sbindir} +mkdir -p ${RPM_BUILD_ROOT}/sbin mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1 mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8 mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d make DESTDIR="${RPM_BUILD_ROOT}" install -%__mkdir_p $RPM_BUILD_ROOT/etc/security/console.apps \ - $RPM_BUILD_ROOT/etc/pam.d -%__install -m755 %{SOURCE2} $RPM_BUILD_ROOT%{_sbindir} -%__install -m755 %{SOURCE3} $RPM_BUILD_ROOT%{_sbindir} -%__install -m755 %{SOURCE4} $RPM_BUILD_ROOT%{_sbindir} +install -m 750 %SOURCE1 ${RPM_BUILD_ROOT}/sbin +install -m 750 %SOURCE2 ${RPM_BUILD_ROOT}/sbin %find_lang %{name} @@ -60,20 +61,91 @@ rm -rf ${RPM_BUILD_ROOT} %files -f %{name}.lang %defattr(-,root,root) %{_sbindir}/setfiles -%{_sbindir}/restorecon -%{_sbindir}/checkcon +/sbin/fixfiles +/sbin/checkselinux +/sbin/restorecon +%{_mandir}/man8/restorecon.8.gz %{_sbindir}/genhomedircon -%{_sbindir}/run_init %{_mandir}/man8/setfiles.8.gz %{_sbindir}/load_policy %{_bindir}/newrole %{_bindir}/audit2allow %{_mandir}/man1/newrole.1.gz %config %{_sysconfdir}/pam.d/newrole +%{_sbindir}/run_init %config %{_sysconfdir}/pam.d/run_init %{_mandir}/man8/run_init.8.gz %changelog +* Tue Mar 23 2004 Dan Walsh 1.9-12 +- Remove setfiles-assoc patch +- Fix restorecon to not crash on missing dir + +* Thu Mar 17 2004 Dan Walsh 1.9-11 +- Eliminate trailing / in restorecon + +* Thu Mar 17 2004 Dan Walsh 1.9-10 +- Add Verbosity check + +* Thu Mar 17 2004 Dan Walsh 1.9-9 +- Change restorecon to not follow symlinks. It is too difficult and confusing +- to figure out the file context for the file pointed to by a symlink. + +* Wed Mar 17 2004 Dan Walsh 1.9-8 +- Fix restorecon +* Wed Mar 17 2004 Dan Walsh 1.9-7 +- Read restorecon patch + +* Wed Mar 17 2004 Dan Walsh 1.9-6 +- Change genhomedircon to take POLICYSOURCEDIR from command line + +* Wed Mar 17 2004 Dan Walsh 1.9-5 +- Add checkselinux +- move fixfiles and restorecon to /sbin + +* Wed Mar 17 2004 Dan Walsh 1.9-4 +- Restore patch of genhomedircon + +* Mon Mar 15 2004 Dan Walsh 1.9-3 +- Add setfiles-assoc patch to try to freeup memory use + +* Mon Mar 15 2004 Dan Walsh 1.9-2 +- Add fixlabels + +* Mon Mar 15 2004 Dan Walsh 1.9-1 +- Update to latest from NSA + +* Wed Mar 10 2004 Dan Walsh 1.6-8 +- Increase the size of buffer accepted by setfiles to BUFSIZ. + +* Tue Mar 9 2004 Dan Walsh 1.6-7 +- genhomedircon should complete even if it can't read /etc/default/useradd + +* Tue Mar 9 2004 Dan Walsh 1.6-6 +- fix restorecon to relabel unlabled files. + +* Fri Mar 5 2004 Dan Walsh 1.6-5 +- Add genhomedircon from tresys +- Fixed patch for restorecon + +* Thu Feb 26 2004 Dan Walsh 1.6-4 +- exit out when selinux is not enabled + +* Thu Feb 26 2004 Dan Walsh 1.6-3 +- Fix minor bugs in restorecon + +* Thu Feb 26 2004 Dan Walsh 1.6-2 +- Add restorecon c program + +* Tue Feb 24 2004 Dan Walsh 1.6-1 +- Update to latest tarball from NSA + +* Thu Feb 19 2004 Dan Walsh 1.4-9 +- Add sort patch + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + * Thu Jan 29 2004 Dan Walsh 1.4-7 - remove mods to run_init since init scripts don't require it anymore diff --git a/sources b/sources index b98fc94..e82854b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c047074b07068e979274ab13a7dfbc7d policycoreutils-1.4.tgz +d8479bc93519dbcd1a95e89c2be08c59 policycoreutils-1.9.tgz