* Fri Jul 27 2007 Dan Walsh <dwalsh@redhat.com> 2.0.22-11
- Fixfiles update required to match new regex
This commit is contained in:
parent
a389a8568f
commit
27013450e0
@ -3059,50 +3059,50 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.22/gui/selinux.tbl
|
||||
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.22/gui/selinux.tbl 2007-07-27 14:57:41.000000000 -0400
|
||||
@@ -0,0 +1,295 @@
|
||||
+++ policycoreutils-2.0.22/gui/selinux.tbl 2007-07-28 11:01:13.000000000 -0400
|
||||
@@ -0,0 +1,296 @@
|
||||
+allow_console_login _("Login") _("Allow direct login to the console device. Requiered for System 390")
|
||||
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
|
||||
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
|
||||
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.")
|
||||
+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys.")
|
||||
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
|
||||
+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys")
|
||||
+allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
||||
+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
|
||||
+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
|
||||
+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
||||
+allow_ftpd_full_access _("FTP") _("Allow ftpd to full access to the system")
|
||||
+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
|
||||
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.")
|
||||
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.")
|
||||
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services")
|
||||
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services")
|
||||
+allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack")
|
||||
+allow_gadmin_exec_content _("User Privs") _("Allow gadmin SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory.")
|
||||
+allow_guest_exec_content _("User Privs") _("Allow guest SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_gadmin_exec_content _("User Privs") _("Allow gadmin SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory")
|
||||
+allow_guest_exec_content _("User Privs") _("Allow guest SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t")
|
||||
+allow_httpd_dbus_avahi _("HTTPD Service") _("Allow Apache to communicate with avahi service.")
|
||||
+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam.")
|
||||
+allow_httpd_dbus_avahi _("HTTPD Service") _("Allow Apache to communicate with avahi service")
|
||||
+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam")
|
||||
+allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t")
|
||||
+allow_java_execstack _("Memory Protection") _("Allow java executable stack")
|
||||
+allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files")
|
||||
+allow_mount_anyfile _("Mount") _("Allow mount to mount any file")
|
||||
+allow_mounton_anydir _("Mount") _("Allow mount to mount any dir")
|
||||
+allow_mounton_anydir _("Mount") _("Allow mount to mount any directory")
|
||||
+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack")
|
||||
+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services.")
|
||||
+allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support.")
|
||||
+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications)
|
||||
+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services")
|
||||
+allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support")
|
||||
+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications")
|
||||
+allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t")
|
||||
+allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t")
|
||||
+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign")
|
||||
+allow_staff_exec_content _("User Privs") _("Allow staff SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_sysadm_exec_content _("User Privs") _("Allow sysadm SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_unconfined_exec_content _("User Privs") _("Allow unconfined SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_staff_exec_content _("User Privs") _("Allow staff SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_sysadm_exec_content _("User Privs") _("Allow sysadm SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_unconfined_exec_content _("User Privs") _("Allow unconfined SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_unlabeled_packets _("Network Configuration") _("Allow unlabeled packets to flow on the network")
|
||||
+allow_user_exec_content _("User Privs") _("Allow user SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_user_exec_content _("User Privs") _("Allow user SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem")
|
||||
+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket")
|
||||
+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket")
|
||||
+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory")
|
||||
+allow_xguest_exec_content _("User Privs") _("Allow xguest SELinux user accounts to execute files in his homedirectory or /tmp")
|
||||
+allow_xguest_exec_content _("User Privs") _("Allow xguest SELinux user accounts to execute files in his home directory or /tmp")
|
||||
+allow_ypbind _("NIS") _("Allow daemons to run with NIS")
|
||||
+allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files")
|
||||
+browser_confine_staff _("Web Applications") _("Transition staff SELinux user to Web Browser Domain")
|
||||
@ -3137,7 +3137,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
||||
+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon")
|
||||
+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon")
|
||||
+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts.")
|
||||
+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts")
|
||||
+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon")
|
||||
+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd backend server")
|
||||
+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon")
|
||||
@ -3164,7 +3164,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon")
|
||||
+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon")
|
||||
+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon")
|
||||
+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron.")
|
||||
+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron")
|
||||
+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail")
|
||||
+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon")
|
||||
+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon")
|
||||
@ -3172,7 +3172,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon")
|
||||
+ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd")
|
||||
+ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories")
|
||||
+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom.")
|
||||
+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom")
|
||||
+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon")
|
||||
+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon")
|
||||
+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hal daemon")
|
||||
@ -3183,18 +3183,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon")
|
||||
+httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting")
|
||||
+httpd_can_sendmail _("HTTPD Service") _("Allow HTTPD to send mail")
|
||||
+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases.")
|
||||
+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network.")
|
||||
+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay.")
|
||||
+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases")
|
||||
+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network")
|
||||
+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay")
|
||||
+httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon")
|
||||
+httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support")
|
||||
+httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server")
|
||||
+httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories")
|
||||
+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs")
|
||||
+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts.")
|
||||
+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts")
|
||||
+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec")
|
||||
+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates.")
|
||||
+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files.")
|
||||
+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates")
|
||||
+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files")
|
||||
+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon")
|
||||
+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon")
|
||||
+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon")
|
||||
@ -3249,7 +3249,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel")
|
||||
+pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon")
|
||||
+pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon")
|
||||
+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user.")
|
||||
+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user")
|
||||
+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp")
|
||||
+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon")
|
||||
+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon")
|
||||
@ -3275,6 +3275,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories")
|
||||
+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories")
|
||||
+allow_saslauthd_read_shadow _("SASL authentication server") _("Allow sasl authentication server to read /etc/shadow")
|
||||
+allow_xserver_execmem _("XServer") _("Allow X-Windows server to map a memory region as both executable and writable")
|
||||
+saslauthd_disable_trans _("SASL authentication server") _("Disable SELinux protection for saslauthd daemon")
|
||||
+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon")
|
||||
+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected")
|
||||
@ -3312,15 +3313,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon")
|
||||
+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon")
|
||||
+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon")
|
||||
+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined.")
|
||||
+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined.")
|
||||
+unlimitedRPM _("Admin") _("Allow rpm to run unconfined.")
|
||||
+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined.")
|
||||
+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined")
|
||||
+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined")
|
||||
+unlimitedRPM _("Admin") _("Allow rpm to run unconfined")
|
||||
+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined")
|
||||
+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon")
|
||||
+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon")
|
||||
+use_lpd_server _("Printing") _("Use lpd server instead of cups")
|
||||
+use_nfs_home_dirs _("NFS") _("Support NFS home directories")
|
||||
+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so.")
|
||||
+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so")
|
||||
+user_can_mount _("Mount") _("Allow users to execute the mount command")
|
||||
+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)")
|
||||
+user_dmesg _("User Privs") _("Allow users to run the dmesg command")
|
||||
@ -3347,14 +3348,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
|
||||
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
|
||||
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
|
||||
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
|
||||
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems.")
|
||||
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems.")
|
||||
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems")
|
||||
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems")
|
||||
+samba_domain_controller _("Samba") _("Allow samba to act as the domain controller, add users, groups and change passwords")
|
||||
+samba_export_all_ro _("Samba") _("Allow Samba to share any file/directory read only")
|
||||
+samba_export_all_rw _("Samba") _("Allow Samba to share any file/directory read/write")
|
||||
+samba_run_unconfined _("Samba") _("Allow Samba to run unconfined scripts in /var/lib/samba/scripts directory")
|
||||
+webadm_manage_users_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivledged users home directories.")
|
||||
+webadm_read_users_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivledged users home directories.")
|
||||
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivledged users home directories")
|
||||
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivledged users home directories")
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.22/gui/semanagePage.py
|
||||
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
|
||||
|
@ -1,6 +1,6 @@
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-2.0.22/audit2allow/Makefile
|
||||
--- nsapolicycoreutils/audit2allow/Makefile 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/audit2allow/Makefile 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/audit2allow/Makefile 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -1,6 +1,7 @@
|
||||
# Installation directories.
|
||||
PREFIX ?= ${DESTDIR}/usr
|
||||
@ -18,9 +18,20 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
-mkdir -p $(MANDIR)/man1
|
||||
install -m 644 audit2allow.1 $(MANDIR)/man1/
|
||||
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/ChangeLog policycoreutils-2.0.22/ChangeLog
|
||||
--- nsapolicycoreutils/ChangeLog 2007-07-16 14:20:43.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/ChangeLog 2007-06-21 05:17:13.000000000 -0400
|
||||
@@ -91,7 +91,6 @@
|
||||
1.33.15 2007-01-17
|
||||
* Merged unicode-to-string fix for seobject audit from Dan Walsh.
|
||||
* Merged man page updates to make "apropos selinux" work from Dan Walsh.
|
||||
-
|
||||
1.33.14 2007-01-16
|
||||
* Merged newrole man page patch from Michael Thompson.
|
||||
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.22/Makefile
|
||||
--- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/Makefile 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/Makefile 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -1,4 +1,4 @@
|
||||
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
||||
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
||||
@ -29,7 +40,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
@for subdir in $(SUBDIRS); do \
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.22/restorecond/Makefile
|
||||
--- nsapolicycoreutils/restorecond/Makefile 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/restorecond/Makefile 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/restorecond/Makefile 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -22,7 +22,7 @@
|
||||
-mkdir -p $(INITDIR)
|
||||
install -m 644 restorecond.init $(INITDIR)/restorecond
|
||||
@ -41,7 +52,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
/sbin/restorecon $(SBINDIR)/restorecond
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.22/restorecond/restorecond.c
|
||||
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/restorecond/restorecond.c 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/restorecond/restorecond.c 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -210,9 +210,10 @@
|
||||
}
|
||||
|
||||
@ -70,7 +81,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
close(fd);
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.22/run_init/Makefile
|
||||
--- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/run_init/Makefile 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/run_init/Makefile 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -34,8 +34,8 @@
|
||||
install: all
|
||||
test -d $(SBINDIR) || install -m 755 -d $(SBINDIR)
|
||||
@ -84,7 +95,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
ifeq (${PAMH}, /usr/include/security/pam_appl.h)
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.22/scripts/chcat
|
||||
--- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/chcat 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/chcat 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -77,7 +77,7 @@
|
||||
|
||||
if len(cats) > 0:
|
||||
@ -105,7 +116,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
if add_ind:
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.22/scripts/fixfiles
|
||||
--- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/fixfiles 2007-07-23 10:25:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/fixfiles 2007-07-31 15:36:53.000000000 -0400
|
||||
@@ -88,7 +88,7 @@
|
||||
esac; \
|
||||
fi; \
|
||||
done | \
|
||||
- while read pattern ; do find $pattern \
|
||||
+ while read pattern ; do sh -c "find $pattern" \
|
||||
! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o \
|
||||
\( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print; \
|
||||
done 2> /dev/null | \
|
||||
@@ -108,6 +108,7 @@
|
||||
|
||||
rpmlist() {
|
||||
@ -116,7 +136,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
#
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.22/scripts/genhomedircon
|
||||
--- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/genhomedircon 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/scripts/genhomedircon 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -302,7 +302,7 @@
|
||||
|
||||
regex = re.sub("\(\/\.\*\)\?", "", regex)
|
||||
@ -128,7 +148,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
continue
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.22/semanage/semanage
|
||||
--- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/semanage/semanage 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/semanage/semanage 2007-07-23 10:40:06.000000000 -0400
|
||||
@@ -34,7 +34,10 @@
|
||||
sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
|
||||
|
||||
@ -143,7 +163,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
__builtin__.__dict__['_'] = unicode
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.22/semanage/seobject.py
|
||||
--- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/semanage/seobject.py 2007-07-20 12:07:46.000000000 -0400
|
||||
+++ policycoreutils-2.0.22/semanage/seobject.py 2007-07-31 09:55:36.000000000 -0400
|
||||
@@ -210,6 +210,7 @@
|
||||
os.write(fd, self.out())
|
||||
os.close(fd)
|
||||
@ -152,7 +172,58 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
||||
|
||||
class semanageRecords:
|
||||
def __init__(self):
|
||||
@@ -1283,9 +1284,12 @@
|
||||
@@ -1051,26 +1052,30 @@
|
||||
raise ValueError(_("Could not create file context for %s") % target)
|
||||
|
||||
rc = semanage_fcontext_set_expr(self.sh, fcontext, target)
|
||||
- (rc, con) = semanage_context_create(self.sh)
|
||||
- if rc < 0:
|
||||
- raise ValueError(_("Could not create context for %s") % target)
|
||||
-
|
||||
- rc = semanage_context_set_user(self.sh, con, seuser)
|
||||
- if rc < 0:
|
||||
- raise ValueError(_("Could not set user in file context for %s") % target)
|
||||
-
|
||||
- rc = semanage_context_set_role(self.sh, con, "object_r")
|
||||
- if rc < 0:
|
||||
- raise ValueError(_("Could not set role in file context for %s") % target)
|
||||
-
|
||||
- rc = semanage_context_set_type(self.sh, con, type)
|
||||
- if rc < 0:
|
||||
- raise ValueError(_("Could not set type in file context for %s") % target)
|
||||
-
|
||||
- if serange != "":
|
||||
- rc = semanage_context_set_mls(self.sh, con, serange)
|
||||
- if rc < 0:
|
||||
- raise ValueError(_("Could not set mls fields in file context for %s") % target)
|
||||
+ if type == "<<none>>":
|
||||
+ rc, con = semanage_context_from_string(self.sh, type)
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not set context from string %s for %s") % (type, target))
|
||||
+ else:
|
||||
+ (rc, con) = semanage_context_create(self.sh)
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not create context for %s") % target)
|
||||
+ rc = semanage_context_set_user(self.sh, con, seuser)
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not set user in file context for %s") % target)
|
||||
+
|
||||
+ rc = semanage_context_set_role(self.sh, con, "object_r")
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not set role in file context for %s") % target)
|
||||
+
|
||||
+ rc = semanage_context_set_type(self.sh, con, type)
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not set type in file context for %s") % target)
|
||||
+
|
||||
+ if serange != "":
|
||||
+ rc = semanage_context_set_mls(self.sh, con, serange)
|
||||
+ if rc < 0:
|
||||
+ raise ValueError(_("Could not set mls fields in file context for %s") % target)
|
||||
|
||||
semanage_fcontext_set_type(fcontext, file_types[ftype])
|
||||
|
||||
@@ -1283,9 +1288,12 @@
|
||||
raise ValueError(_("Could not list booleans"))
|
||||
|
||||
for boolean in self.blist:
|
||||
|
@ -6,7 +6,7 @@
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.22
|
||||
Release: 10%{?dist}
|
||||
Release: 11%{?dist}
|
||||
License: GPL
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -192,6 +192,9 @@ if [ "$1" -ge "1" ]; then
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Fri Jul 27 2007 Dan Walsh <dwalsh@redhat.com> 2.0.22-11
|
||||
- Fixfiles update required to match new regex
|
||||
|
||||
* Fri Jul 27 2007 Dan Walsh <dwalsh@redhat.com> 2.0.22-10
|
||||
- Update booleans translations
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user