policycoreutils-3.4-5
- gettext: handle unsupported languages properly (#2100378) - semodule: rename --rebuild-if-modules-changed to --refresh - python: Split "semanage import" into two transactions (#2063353) - selinux-autorelabel: Do not force reboot (#2093133)
This commit is contained in:
parent
7732783e1f
commit
2a7fa6a48c
349
0012-gettext-handle-unsupported-languages-properly.patch
Normal file
349
0012-gettext-handle-unsupported-languages-properly.patch
Normal file
@ -0,0 +1,349 @@
|
|||||||
|
From ff2aba6d202f49749cbb19a84bf0e1cdae54c5e9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
Date: Fri, 24 Jun 2022 16:24:25 +0200
|
||||||
|
Subject: [PATCH] gettext: handle unsupported languages properly
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
With "fallback=True" gettext.translation behaves the same as
|
||||||
|
gettext.install and uses NullTranslations in case the
|
||||||
|
translation file for given language was not found (as opposed to
|
||||||
|
throwing an exception).
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
# LANG is set to any "unsupported" language, e.g. en_US.UTF-8
|
||||||
|
$ chcat --help
|
||||||
|
Traceback (most recent call last):
|
||||||
|
File "/usr/bin/chcat", line 39, in <module>
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
File "/usr/lib64/python3.9/gettext.py", line 592, in translation
|
||||||
|
raise FileNotFoundError(ENOENT,
|
||||||
|
FileNotFoundError: [Errno 2] No translation file found for domain: 'selinux-python'
|
||||||
|
|
||||||
|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
Reviewed-by: Daniel Burgener <dburgener@linux.microsoft.com>
|
||||||
|
Acked-by: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
---
|
||||||
|
gui/booleansPage.py | 3 ++-
|
||||||
|
gui/domainsPage.py | 3 ++-
|
||||||
|
gui/fcontextPage.py | 3 ++-
|
||||||
|
gui/loginsPage.py | 3 ++-
|
||||||
|
gui/modulesPage.py | 3 ++-
|
||||||
|
gui/polgengui.py | 3 ++-
|
||||||
|
gui/portsPage.py | 3 ++-
|
||||||
|
gui/semanagePage.py | 3 ++-
|
||||||
|
gui/statusPage.py | 3 ++-
|
||||||
|
gui/system-config-selinux.py | 3 ++-
|
||||||
|
gui/usersPage.py | 3 ++-
|
||||||
|
python/chcat/chcat | 5 +++--
|
||||||
|
python/semanage/semanage | 3 ++-
|
||||||
|
python/semanage/seobject.py | 3 ++-
|
||||||
|
python/sepolgen/src/sepolgen/sepolgeni18n.py | 4 +++-
|
||||||
|
python/sepolicy/sepolicy.py | 3 ++-
|
||||||
|
python/sepolicy/sepolicy/__init__.py | 3 ++-
|
||||||
|
python/sepolicy/sepolicy/generate.py | 3 ++-
|
||||||
|
python/sepolicy/sepolicy/gui.py | 3 ++-
|
||||||
|
python/sepolicy/sepolicy/interface.py | 3 ++-
|
||||||
|
sandbox/sandbox | 3 ++-
|
||||||
|
21 files changed, 44 insertions(+), 22 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/gui/booleansPage.py b/gui/booleansPage.py
|
||||||
|
index 5beec58bc360..ad11a9b24c79 100644
|
||||||
|
--- a/gui/booleansPage.py
|
||||||
|
+++ b/gui/booleansPage.py
|
||||||
|
@@ -46,7 +46,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/domainsPage.py b/gui/domainsPage.py
|
||||||
|
index e08f34b4d3a9..e6eadd61c1bc 100644
|
||||||
|
--- a/gui/domainsPage.py
|
||||||
|
+++ b/gui/domainsPage.py
|
||||||
|
@@ -38,7 +38,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/fcontextPage.py b/gui/fcontextPage.py
|
||||||
|
index bac2bec3ebbd..767664f26ec8 100644
|
||||||
|
--- a/gui/fcontextPage.py
|
||||||
|
+++ b/gui/fcontextPage.py
|
||||||
|
@@ -55,7 +55,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/loginsPage.py b/gui/loginsPage.py
|
||||||
|
index 18b93d8c9756..7e08232a90b5 100644
|
||||||
|
--- a/gui/loginsPage.py
|
||||||
|
+++ b/gui/loginsPage.py
|
||||||
|
@@ -37,7 +37,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/modulesPage.py b/gui/modulesPage.py
|
||||||
|
index c546d455d4cd..02b79f150a13 100644
|
||||||
|
--- a/gui/modulesPage.py
|
||||||
|
+++ b/gui/modulesPage.py
|
||||||
|
@@ -38,7 +38,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/polgengui.py b/gui/polgengui.py
|
||||||
|
index a18f1cba17b9..7a3ecd50c91c 100644
|
||||||
|
--- a/gui/polgengui.py
|
||||||
|
+++ b/gui/polgengui.py
|
||||||
|
@@ -71,7 +71,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/portsPage.py b/gui/portsPage.py
|
||||||
|
index 54aa80ded327..bee2bdf17b99 100644
|
||||||
|
--- a/gui/portsPage.py
|
||||||
|
+++ b/gui/portsPage.py
|
||||||
|
@@ -43,7 +43,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/semanagePage.py b/gui/semanagePage.py
|
||||||
|
index 1371d4e7dabe..efad14d9b375 100644
|
||||||
|
--- a/gui/semanagePage.py
|
||||||
|
+++ b/gui/semanagePage.py
|
||||||
|
@@ -30,7 +30,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/statusPage.py b/gui/statusPage.py
|
||||||
|
index c241ef83dfa0..832849e60d60 100644
|
||||||
|
--- a/gui/statusPage.py
|
||||||
|
+++ b/gui/statusPage.py
|
||||||
|
@@ -43,7 +43,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/system-config-selinux.py b/gui/system-config-selinux.py
|
||||||
|
index 1b460c99363b..9f53b7fe9020 100644
|
||||||
|
--- a/gui/system-config-selinux.py
|
||||||
|
+++ b/gui/system-config-selinux.py
|
||||||
|
@@ -53,7 +53,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/gui/usersPage.py b/gui/usersPage.py
|
||||||
|
index d51bd968b77e..9acd3b844056 100644
|
||||||
|
--- a/gui/usersPage.py
|
||||||
|
+++ b/gui/usersPage.py
|
||||||
|
@@ -37,7 +37,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/chcat/chcat b/python/chcat/chcat
|
||||||
|
index e779fcc6ebd7..952cb8187599 100755
|
||||||
|
--- a/python/chcat/chcat
|
||||||
|
+++ b/python/chcat/chcat
|
||||||
|
@@ -38,9 +38,10 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
-except ImportError:
|
||||||
|
+except:
|
||||||
|
try:
|
||||||
|
import builtins
|
||||||
|
builtins.__dict__['_'] = str
|
||||||
|
diff --git a/python/semanage/semanage b/python/semanage/semanage
|
||||||
|
index 8f4e44a7a9cd..f45061a601f9 100644
|
||||||
|
--- a/python/semanage/semanage
|
||||||
|
+++ b/python/semanage/semanage
|
||||||
|
@@ -38,7 +38,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
|
||||||
|
index ff8f4e9c3008..0782c082dc0c 100644
|
||||||
|
--- a/python/semanage/seobject.py
|
||||||
|
+++ b/python/semanage/seobject.py
|
||||||
|
@@ -42,7 +42,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/sepolgen/src/sepolgen/sepolgeni18n.py b/python/sepolgen/src/sepolgen/sepolgeni18n.py
|
||||||
|
index 56ebd807c69c..1ff307d9b27d 100644
|
||||||
|
--- a/python/sepolgen/src/sepolgen/sepolgeni18n.py
|
||||||
|
+++ b/python/sepolgen/src/sepolgen/sepolgeni18n.py
|
||||||
|
@@ -19,7 +19,9 @@
|
||||||
|
|
||||||
|
try:
|
||||||
|
import gettext
|
||||||
|
- t = gettext.translation( 'selinux-python' )
|
||||||
|
+ t = gettext.translation("selinux-python",
|
||||||
|
+ localedir="/usr/share/locale",
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
def _(str):
|
||||||
|
diff --git a/python/sepolicy/sepolicy.py b/python/sepolicy/sepolicy.py
|
||||||
|
index 7ebe0efa88a1..c7a70e094b0c 100755
|
||||||
|
--- a/python/sepolicy/sepolicy.py
|
||||||
|
+++ b/python/sepolicy/sepolicy.py
|
||||||
|
@@ -36,7 +36,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
|
||||||
|
index 95520f9bc35d..6bde1971fd7c 100644
|
||||||
|
--- a/python/sepolicy/sepolicy/__init__.py
|
||||||
|
+++ b/python/sepolicy/sepolicy/__init__.py
|
||||||
|
@@ -31,7 +31,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
|
||||||
|
index 3e8b9f9c291d..eff3a8973917 100644
|
||||||
|
--- a/python/sepolicy/sepolicy/generate.py
|
||||||
|
+++ b/python/sepolicy/sepolicy/generate.py
|
||||||
|
@@ -56,7 +56,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/sepolicy/sepolicy/gui.py b/python/sepolicy/sepolicy/gui.py
|
||||||
|
index b0263740a79f..5bdbfebade1d 100644
|
||||||
|
--- a/python/sepolicy/sepolicy/gui.py
|
||||||
|
+++ b/python/sepolicy/sepolicy/gui.py
|
||||||
|
@@ -49,7 +49,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/python/sepolicy/sepolicy/interface.py b/python/sepolicy/sepolicy/interface.py
|
||||||
|
index 599f97fdc6e7..43f86443f2c8 100644
|
||||||
|
--- a/python/sepolicy/sepolicy/interface.py
|
||||||
|
+++ b/python/sepolicy/sepolicy/interface.py
|
||||||
|
@@ -38,7 +38,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
diff --git a/sandbox/sandbox b/sandbox/sandbox
|
||||||
|
index 3ef444a12561..53cc504149c9 100644
|
||||||
|
--- a/sandbox/sandbox
|
||||||
|
+++ b/sandbox/sandbox
|
||||||
|
@@ -45,7 +45,8 @@ try:
|
||||||
|
kwargs['unicode'] = True
|
||||||
|
t = gettext.translation(PROGNAME,
|
||||||
|
localedir="/usr/share/locale",
|
||||||
|
- **kwargs)
|
||||||
|
+ **kwargs,
|
||||||
|
+ fallback=True)
|
||||||
|
_ = t.gettext
|
||||||
|
except:
|
||||||
|
try:
|
||||||
|
--
|
||||||
|
2.36.1
|
||||||
|
|
@ -0,0 +1,82 @@
|
|||||||
|
From afafe02fa9b6b7fdcce883c5e873d46b9d811d66 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
||||||
|
Date: Wed, 8 Jun 2022 19:09:54 +0200
|
||||||
|
Subject: [PATCH] semodule: rename --rebuild-if-modules-changed to --refresh
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
After the last commit this option's name and description no longer
|
||||||
|
matches the semantic, so give it a new one and update the descriptions.
|
||||||
|
The old name is still recognized and aliased to the new one for
|
||||||
|
backwards compatibility.
|
||||||
|
|
||||||
|
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
|
||||||
|
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
||||||
|
---
|
||||||
|
policycoreutils/semodule/semodule.8 | 12 ++++++------
|
||||||
|
policycoreutils/semodule/semodule.c | 13 ++++++++++---
|
||||||
|
2 files changed, 16 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/policycoreutils/semodule/semodule.8 b/policycoreutils/semodule/semodule.8
|
||||||
|
index d1735d216276..c56e580f27b8 100644
|
||||||
|
--- a/policycoreutils/semodule/semodule.8
|
||||||
|
+++ b/policycoreutils/semodule/semodule.8
|
||||||
|
@@ -23,12 +23,12 @@ force a reload of policy
|
||||||
|
.B \-B, \-\-build
|
||||||
|
force a rebuild of policy (also reloads unless \-n is used)
|
||||||
|
.TP
|
||||||
|
-.B \-\-rebuild-if-modules-changed
|
||||||
|
-Force a rebuild of the policy if any changes to module content are detected
|
||||||
|
-(by comparing with checksum from the last transaction). One can use this
|
||||||
|
-instead of \-B to ensure that any changes to the module store done by an
|
||||||
|
-external tool (e.g. a package manager) are applied, while automatically
|
||||||
|
-skipping the rebuild if there are no new changes.
|
||||||
|
+.B \-\-refresh
|
||||||
|
+Like \-\-build, but reuses existing linked policy if no changes to module
|
||||||
|
+files are detected (by comparing with checksum from the last transaction).
|
||||||
|
+One can use this instead of \-B to ensure that any changes to the module
|
||||||
|
+store done by an external tool (e.g. a package manager) are applied, while
|
||||||
|
+automatically skipping the module re-linking if there are no module changes.
|
||||||
|
.TP
|
||||||
|
.B \-D, \-\-disable_dontaudit
|
||||||
|
Temporarily remove dontaudits from policy. Reverts whenever policy is rebuilt
|
||||||
|
diff --git a/policycoreutils/semodule/semodule.c b/policycoreutils/semodule/semodule.c
|
||||||
|
index 1ed8e69054e0..ec0794866daa 100644
|
||||||
|
--- a/policycoreutils/semodule/semodule.c
|
||||||
|
+++ b/policycoreutils/semodule/semodule.c
|
||||||
|
@@ -150,9 +150,12 @@ static void usage(char *progname)
|
||||||
|
printf(" -c, --cil extract module as cil. This only affects module extraction.\n");
|
||||||
|
printf(" -H, --hll extract module as hll. This only affects module extraction.\n");
|
||||||
|
printf(" -m, --checksum print module checksum (SHA256).\n");
|
||||||
|
- printf(" --rebuild-if-modules-changed\n"
|
||||||
|
- " force policy rebuild if module content changed since\n"
|
||||||
|
- " last rebuild (based on checksum)\n");
|
||||||
|
+ printf(" --refresh like --build, but reuses existing linked policy if no\n"
|
||||||
|
+ " changes to module files are detected (via checksum)\n");
|
||||||
|
+ printf("Deprecated options:\n");
|
||||||
|
+ printf(" -b,--base same as --install\n");
|
||||||
|
+ printf(" --rebuild-if-modules-changed\n"
|
||||||
|
+ " same as --refresh\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Sets the global mode variable to new_mode, but only if no other
|
||||||
|
@@ -185,6 +188,7 @@ static void parse_command_line(int argc, char **argv)
|
||||||
|
{
|
||||||
|
static struct option opts[] = {
|
||||||
|
{"rebuild-if-modules-changed", 0, NULL, '\0'},
|
||||||
|
+ {"refresh", 0, NULL, '\0'},
|
||||||
|
{"store", required_argument, NULL, 's'},
|
||||||
|
{"base", required_argument, NULL, 'b'},
|
||||||
|
{"help", 0, NULL, 'h'},
|
||||||
|
@@ -225,6 +229,9 @@ static void parse_command_line(int argc, char **argv)
|
||||||
|
case '\0':
|
||||||
|
switch(longind) {
|
||||||
|
case 0: /* --rebuild-if-modules-changed */
|
||||||
|
+ fprintf(stderr, "The --rebuild-if-modules-changed option is deprecated. Use --refresh instead.\n");
|
||||||
|
+ /* fallthrough */
|
||||||
|
+ case 1: /* --refresh */
|
||||||
|
check_ext_changes = 1;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
--
|
||||||
|
2.36.1
|
||||||
|
|
@ -0,0 +1,65 @@
|
|||||||
|
From 4a53c0c3ee0edba37ba8e62064175c4928f761a8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
Date: Mon, 30 May 2022 14:20:21 +0200
|
||||||
|
Subject: [PATCH] python: Split "semanage import" into two transactions
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
First transaction applies all deletion operations, so that there are no
|
||||||
|
collisions when applying the rest of the changes.
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
# semanage port -a -t http_cache_port_t -r s0 -p tcp 3024
|
||||||
|
# semanage export | semanage import
|
||||||
|
ValueError: Port tcp/3024 already defined
|
||||||
|
|
||||||
|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
---
|
||||||
|
python/semanage/semanage | 21 +++++++++++++++++++--
|
||||||
|
1 file changed, 19 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/python/semanage/semanage b/python/semanage/semanage
|
||||||
|
index f45061a601f9..4e8d64d6863a 100644
|
||||||
|
--- a/python/semanage/semanage
|
||||||
|
+++ b/python/semanage/semanage
|
||||||
|
@@ -853,10 +853,29 @@ def handleImport(args):
|
||||||
|
trans = seobject.semanageRecords(args)
|
||||||
|
trans.start()
|
||||||
|
|
||||||
|
+ deleteCommands = []
|
||||||
|
+ commands = []
|
||||||
|
+ # separate commands for deletion from the rest so they can be
|
||||||
|
+ # applied in a separate transaction
|
||||||
|
for l in sys.stdin.readlines():
|
||||||
|
if len(l.strip()) == 0:
|
||||||
|
continue
|
||||||
|
+ if "-d" in l or "-D" in l:
|
||||||
|
+ deleteCommands.append(l)
|
||||||
|
+ else:
|
||||||
|
+ commands.append(l)
|
||||||
|
+
|
||||||
|
+ if deleteCommands:
|
||||||
|
+ importHelper(deleteCommands)
|
||||||
|
+ trans.finish()
|
||||||
|
+ trans.start()
|
||||||
|
+
|
||||||
|
+ importHelper(commands)
|
||||||
|
+ trans.finish()
|
||||||
|
|
||||||
|
+
|
||||||
|
+def importHelper(commands):
|
||||||
|
+ for l in commands:
|
||||||
|
try:
|
||||||
|
commandParser = createCommandParser()
|
||||||
|
args = commandParser.parse_args(mkargv(l))
|
||||||
|
@@ -870,8 +889,6 @@ def handleImport(args):
|
||||||
|
except KeyboardInterrupt:
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
- trans.finish()
|
||||||
|
-
|
||||||
|
|
||||||
|
def setupImportParser(subparsers):
|
||||||
|
importParser = subparsers.add_parser('import', help=_('Import local customizations'))
|
||||||
|
--
|
||||||
|
2.36.1
|
||||||
|
|
@ -11,7 +11,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 3.4
|
Version: 3.4
|
||||||
Release: 4%{?dist}
|
Release: 5%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||||
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4/selinux-3.4.tar.gz
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4/selinux-3.4.tar.gz
|
||||||
@ -42,6 +42,9 @@ Patch0008: 0008-sepolicy-generate-Handle-more-reserved-port-types.patch
|
|||||||
Patch0009: 0009-sandbox-Use-matchbox-window-manager-instead-of-openb.patch
|
Patch0009: 0009-sandbox-Use-matchbox-window-manager-instead-of-openb.patch
|
||||||
Patch0010: 0010-Use-SHA-2-instead-of-SHA-1.patch
|
Patch0010: 0010-Use-SHA-2-instead-of-SHA-1.patch
|
||||||
Patch0011: 0011-sepolicy-Drop-old-interface-file_type_is_executable-.patch
|
Patch0011: 0011-sepolicy-Drop-old-interface-file_type_is_executable-.patch
|
||||||
|
Patch0012: 0012-gettext-handle-unsupported-languages-properly.patch
|
||||||
|
Patch0013: 0013-semodule-rename-rebuild-if-modules-changed-to-refres.patch
|
||||||
|
Patch0014: 0014-python-Split-semanage-import-into-two-transactions.patch
|
||||||
# Patch list end
|
# Patch list end
|
||||||
|
|
||||||
Obsoletes: policycoreutils < 2.0.61-2
|
Obsoletes: policycoreutils < 2.0.61-2
|
||||||
@ -469,6 +472,12 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%systemd_postun_with_restart restorecond.service
|
%systemd_postun_with_restart restorecond.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jul 25 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-
|
||||||
|
- gettext: handle unsupported languages properly (#2100378)
|
||||||
|
- semodule: rename --rebuild-if-modules-changed to --refresh
|
||||||
|
- python: Split "semanage import" into two transactions (#2063353)
|
||||||
|
- selinux-autorelabel: Do not force reboot (#2093133)
|
||||||
|
|
||||||
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.4-4
|
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.4-4
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user