* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
- Update to upstream * Change semodule upgrade behavior to install even if the module is not present from Dan Walsh. * Make setfiles label if selinux is disabled and a seclabel aware kernel is running from Caleb Case. * Clarify forkpty() error message in run_init from Manoj Srivastava.
This commit is contained in:
Daniel J Walsh
parent
1696e8f7d1
commit
26d020dedb
@ -207,3 +207,4 @@ policycoreutils_man_ru2.tar.bz2
|
||||
policycoreutils-2.0.71.tgz
|
||||
sepolgen-1.0.17.tgz
|
||||
policycoreutils-2.0.73.tgz
|
||||
policycoreutils-2.0.74.tgz
|
||||
|
||||
@ -1835,9 +1835,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
if fcon_dict[k]:
|
||||
if is_mls_enabled:
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.73/semodule/semodule.8
|
||||
--- nsapolicycoreutils/semodule/semodule.8 2008-08-28 09:34:24.000000000 -0400
|
||||
--- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400
|
||||
+++ policycoreutils-2.0.73/semodule/semodule.8 2009-09-09 17:05:42.000000000 -0400
|
||||
@@ -35,6 +35,12 @@
|
||||
@@ -30,11 +30,17 @@
|
||||
install/replace a module package
|
||||
.TP
|
||||
.B \-u,\-\-upgrade=MODULE_PKG
|
||||
-upgrade an existing module package, or install if the module does not exist
|
||||
+upgrade an existing module package
|
||||
.TP
|
||||
.B \-b,\-\-base=MODULE_PKG
|
||||
install/replace base module package
|
||||
.TP
|
||||
@ -1851,7 +1857,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
remove existing module
|
||||
.TP
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.73/semodule/semodule.c
|
||||
--- nsapolicycoreutils/semodule/semodule.c 2009-07-07 15:32:32.000000000 -0400
|
||||
--- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400
|
||||
+++ policycoreutils-2.0.73/semodule/semodule.c 2009-09-09 17:05:42.000000000 -0400
|
||||
@@ -22,12 +22,12 @@
|
||||
|
||||
@ -1868,9 +1874,12 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
0, 0
|
||||
};
|
||||
|
||||
@@ -106,7 +106,9 @@
|
||||
@@ -104,9 +104,11 @@
|
||||
printf(" -R, --reload reload policy\n");
|
||||
printf(" -B, --build build and reload policy\n");
|
||||
printf(" -i,--install=MODULE_PKG install a new module\n");
|
||||
printf(" -u,--upgrade=MODULE_PKG upgrade existing module\n");
|
||||
- printf(" -u,--upgrade=MODULE_PKG upgrades or install module to a newer version\n");
|
||||
+ printf(" -u,--upgrade=MODULE_PKG upgrade existing module\n");
|
||||
printf(" -b,--base=MODULE_PKG install new base module\n");
|
||||
- printf(" -r,--remove=MODULE_NAME remove existing module\n");
|
||||
+ printf(" -e,--enable=MODULE_PKG enable existing module\n");
|
||||
@ -2565,7 +2574,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
+
|
||||
+#endif
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.73/setfiles/setfiles.c
|
||||
--- nsapolicycoreutils/setfiles/setfiles.c 2009-09-14 15:36:23.000000000 -0400
|
||||
--- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:43.000000000 -0400
|
||||
+++ policycoreutils-2.0.73/setfiles/setfiles.c 2009-09-09 17:05:42.000000000 -0400
|
||||
@@ -1,26 +1,12 @@
|
||||
-#ifndef _GNU_SOURCE
|
||||
@ -3018,7 +3027,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
-
|
||||
- if (context)
|
||||
- freecon(context);
|
||||
|
||||
-
|
||||
- /*
|
||||
- * Do not relabel the file if -n was used.
|
||||
- */
|
||||
@ -3057,7 +3066,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
- progname, ftsent->fts_path);
|
||||
- return SKIP;
|
||||
- }
|
||||
-
|
||||
|
||||
- int rc = restore(ftsent);
|
||||
- if (rc == ERR) {
|
||||
- if (!abort_on_error)
|
||||
@ -3180,7 +3189,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -802,20 +298,30 @@
|
||||
@@ -804,20 +298,30 @@
|
||||
char *buf = NULL;
|
||||
size_t buf_len;
|
||||
char *base;
|
||||
@ -3219,7 +3228,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
|
||||
if (!strcmp(base, SETFILES)) {
|
||||
/*
|
||||
@@ -830,28 +336,28 @@
|
||||
@@ -832,28 +336,28 @@
|
||||
iamrestorecon = 0;
|
||||
recurse = 1;
|
||||
expand_realpath = 0;
|
||||
@ -3256,7 +3265,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
ctx_validate = 0;
|
||||
|
||||
/* restorecon only: silent exit if no SELinux.
|
||||
@@ -913,37 +419,37 @@
|
||||
@@ -915,37 +419,37 @@
|
||||
input_filename = optarg;
|
||||
break;
|
||||
case 'd':
|
||||
@ -3303,7 +3312,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
break;
|
||||
case 'R':
|
||||
case 'r':
|
||||
@@ -956,7 +462,7 @@
|
||||
@@ -958,7 +462,7 @@
|
||||
argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
@ -3312,7 +3321,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
fprintf(stderr,
|
||||
"%s: only one -r can be specified\n",
|
||||
argv[0]);
|
||||
@@ -967,23 +473,23 @@
|
||||
@@ -969,23 +473,23 @@
|
||||
case 's':
|
||||
use_input_file = 1;
|
||||
input_filename = "-";
|
||||
@ -3341,7 +3350,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
break;
|
||||
case 'W':
|
||||
warn_no_match = 1;
|
||||
@@ -1031,18 +537,13 @@
|
||||
@@ -1033,18 +537,13 @@
|
||||
}
|
||||
|
||||
/* Load the file contexts configuration and check it. */
|
||||
@ -3363,7 +3372,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
if (use_input_file) {
|
||||
FILE *f = stdin;
|
||||
ssize_t len;
|
||||
@@ -1059,6 +560,9 @@
|
||||
@@ -1061,6 +560,9 @@
|
||||
delim = (null_terminated != 0) ? '\0' : '\n';
|
||||
while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) {
|
||||
buf[len - 1] = 0;
|
||||
@ -3373,7 +3382,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
errors |= process_one_realpath(buf);
|
||||
}
|
||||
if (strcmp(input_filename, "-") != 0)
|
||||
@@ -1068,22 +572,21 @@
|
||||
@@ -1070,22 +572,21 @@
|
||||
errors |= process_one_realpath(argv[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,8 +5,8 @@
|
||||
%define sepolgenver 1.0.17
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.73
|
||||
Release: 5%{?dist}
|
||||
Version: 2.0.74
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -297,6 +297,14 @@ fi
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
|
||||
- Update to upstream
|
||||
* Change semodule upgrade behavior to install even if the module
|
||||
is not present from Dan Walsh.
|
||||
* Make setfiles label if selinux is disabled and a seclabel aware
|
||||
kernel is running from Caleb Case.
|
||||
* Clarify forkpty() error message in run_init from Manoj Srivastava.
|
||||
|
||||
* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
|
||||
- Fix sandbox to handle relative paths
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user