rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1

Browse Source 
- Update to upstream
	* Change semodule upgrade behavior to install even if the module
	  is not present from Dan Walsh.
	* Make setfiles label if selinux is disabled and a seclabel aware
	  kernel is running from Caleb Case.
	* Clarify forkpty() error message in run_init from Manoj Srivastava.
This commit is contained in:
Daniel J Walsh 2009-09-17 13:07:45 +00:00
parent 1696e8f7d1
commit 26d020dedb
4 changed files with 37 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -207,3 +207,4 @@ policycoreutils_man_ru2.tar.bz2
policycoreutils-2.0.71.tgz policycoreutils-2.0.71.tgz
sepolgen-1.0.17.tgz sepolgen-1.0.17.tgz
policycoreutils-2.0.73.tgz policycoreutils-2.0.73.tgz
policycoreutils-2.0.74.tgz

41
policycoreutils-rhat.patch
View File

@ -1835,9 +1835,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
if fcon_dict[k]: if fcon_dict[k]:
if is_mls_enabled: if is_mls_enabled:
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.73/semodule/semodule.8 diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.73/semodule/semodule.8
--- nsapolicycoreutils/semodule/semodule.8 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400
+++ policycoreutils-2.0.73/semodule/semodule.8 2009-09-09 17:05:42.000000000 -0400 +++ policycoreutils-2.0.73/semodule/semodule.8 2009-09-09 17:05:42.000000000 -0400
@@ -35,6 +35,12 @@ @@ -30,11 +30,17 @@
install/replace a module package
.TP
.B \-u,\-\-upgrade=MODULE_PKG
-upgrade an existing module package, or install if the module does not exist
+upgrade an existing module package
.TP
.B \-b,\-\-base=MODULE_PKG .B \-b,\-\-base=MODULE_PKG
install/replace base module package install/replace base module package
.TP .TP
@ -1851,7 +1857,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
remove existing module remove existing module
.TP .TP
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.73/semodule/semodule.c diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.73/semodule/semodule.c
--- nsapolicycoreutils/semodule/semodule.c 2009-07-07 15:32:32.000000000 -0400 --- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400
+++ policycoreutils-2.0.73/semodule/semodule.c 2009-09-09 17:05:42.000000000 -0400 +++ policycoreutils-2.0.73/semodule/semodule.c 2009-09-09 17:05:42.000000000 -0400
@@ -22,12 +22,12 @@ @@ -22,12 +22,12 @@
@ -1868,9 +1874,12 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
0, 0 0, 0
}; };
@@ -106,7 +106,9 @@ @@ -104,9 +104,11 @@
printf(" -R, --reload reload policy\n");
printf(" -B, --build build and reload policy\n");
printf(" -i,--install=MODULE_PKG install a new module\n"); printf(" -i,--install=MODULE_PKG install a new module\n");
printf(" -u,--upgrade=MODULE_PKG upgrade existing module\n"); - printf(" -u,--upgrade=MODULE_PKG upgrades or install module to a newer version\n");
+ printf(" -u,--upgrade=MODULE_PKG upgrade existing module\n");
printf(" -b,--base=MODULE_PKG install new base module\n"); printf(" -b,--base=MODULE_PKG install new base module\n");
- printf(" -r,--remove=MODULE_NAME remove existing module\n"); - printf(" -r,--remove=MODULE_NAME remove existing module\n");
+ printf(" -e,--enable=MODULE_PKG enable existing module\n"); + printf(" -e,--enable=MODULE_PKG enable existing module\n");
@ -2565,7 +2574,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
+ +
+#endif +#endif
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.73/setfiles/setfiles.c diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.73/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2009-09-14 15:36:23.000000000 -0400 --- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:43.000000000 -0400
+++ policycoreutils-2.0.73/setfiles/setfiles.c 2009-09-09 17:05:42.000000000 -0400 +++ policycoreutils-2.0.73/setfiles/setfiles.c 2009-09-09 17:05:42.000000000 -0400
@@ -1,26 +1,12 @@ @@ -1,26 +1,12 @@
-#ifndef _GNU_SOURCE -#ifndef _GNU_SOURCE
@ -3018,7 +3027,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
- -
- if (context) - if (context)
- freecon(context); - freecon(context);
-
- /* - /*
- * Do not relabel the file if -n was used. - * Do not relabel the file if -n was used.
- */ - */
@ -3057,7 +3066,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
- progname, ftsent->fts_path); - progname, ftsent->fts_path);
- return SKIP; - return SKIP;
- } - }
-
- int rc = restore(ftsent); - int rc = restore(ftsent);
- if (rc == ERR) { - if (rc == ERR) {
- if (!abort_on_error) - if (!abort_on_error)
@ -3180,7 +3189,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
return -1; return -1;
} }
@@ -802,20 +298,30 @@ @@ -804,20 +298,30 @@
char *buf = NULL; char *buf = NULL;
size_t buf_len; size_t buf_len;
char *base; char *base;
@ -3219,7 +3228,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
if (!strcmp(base, SETFILES)) { if (!strcmp(base, SETFILES)) {
/* /*
@@ -830,28 +336,28 @@ @@ -832,28 +336,28 @@
iamrestorecon = 0; iamrestorecon = 0;
recurse = 1; recurse = 1;
expand_realpath = 0; expand_realpath = 0;
@ -3256,7 +3265,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
ctx_validate = 0; ctx_validate = 0;
/* restorecon only: silent exit if no SELinux. /* restorecon only: silent exit if no SELinux.
@@ -913,37 +419,37 @@ @@ -915,37 +419,37 @@
input_filename = optarg; input_filename = optarg;
break; break;
case 'd': case 'd':
@ -3303,7 +3312,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
break; break;
case 'R': case 'R':
case 'r': case 'r':
@@ -956,7 +462,7 @@ @@ -958,7 +462,7 @@
argv[0]); argv[0]);
exit(1); exit(1);
} }
@ -3312,7 +3321,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
fprintf(stderr, fprintf(stderr,
"%s: only one -r can be specified\n", "%s: only one -r can be specified\n",
argv[0]); argv[0]);
@@ -967,23 +473,23 @@ @@ -969,23 +473,23 @@
case 's': case 's':
use_input_file = 1; use_input_file = 1;
input_filename = "-"; input_filename = "-";
@ -3341,7 +3350,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
break; break;
case 'W': case 'W':
warn_no_match = 1; warn_no_match = 1;
@@ -1031,18 +537,13 @@ @@ -1033,18 +537,13 @@
} }
/* Load the file contexts configuration and check it. */ /* Load the file contexts configuration and check it. */
@ -3363,7 +3372,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
if (use_input_file) { if (use_input_file) {
FILE *f = stdin; FILE *f = stdin;
ssize_t len; ssize_t len;
@@ -1059,6 +560,9 @@ @@ -1061,6 +560,9 @@
delim = (null_terminated != 0) ? '\0' : '\n'; delim = (null_terminated != 0) ? '\0' : '\n';
while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) { while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) {
buf[len - 1] = 0; buf[len - 1] = 0;
@ -3373,7 +3382,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
errors |= process_one_realpath(buf); errors |= process_one_realpath(buf);
} }
if (strcmp(input_filename, "-") != 0) if (strcmp(input_filename, "-") != 0)
@@ -1068,22 +572,21 @@ @@ -1070,22 +572,21 @@
errors |= process_one_realpath(argv[i]); errors |= process_one_realpath(argv[i]);
} }
} }

12
policycoreutils.spec
View File

@ -5,8 +5,8 @@
%define sepolgenver 1.0.17 %define sepolgenver 1.0.17
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.73 Version: 2.0.74
Release: 5%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -297,6 +297,14 @@ fi
exit 0 exit 0
%changelog %changelog
* Thu Sep 17 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-1
- Update to upstream
* Change semodule upgrade behavior to install even if the module
is not present from Dan Walsh.
* Make setfiles label if selinux is disabled and a seclabel aware
kernel is running from Caleb Case.
* Clarify forkpty() error message in run_init from Manoj Srivastava.
* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
- Fix sandbox to handle relative paths - Fix sandbox to handle relative paths

2
sources
View File

@ -1,3 +1,3 @@
480cc64a050735fa1163a87dc89c4f49 sepolgen-1.0.17.tgz 480cc64a050735fa1163a87dc89c4f49 sepolgen-1.0.17.tgz
08fa7fe2f943b7776ee767824318f615 policycoreutils-2.0.73.tgz 60aa41df668a557892296ff02c7411aa policycoreutils-2.0.74.tgz
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2 59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2