diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 8ac7bf7..9d3222c 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.27.37/audit2allow/audit2allow +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.28/audit2allow/audit2allow --- nsapolicycoreutils/audit2allow/audit2allow 2005-12-01 10:11:27.000000000 -0500 -+++ policycoreutils-1.27.37/audit2allow/audit2allow 2005-12-07 12:26:00.000000000 -0500 ++++ policycoreutils-1.28/audit2allow/audit2allow 2005-12-07 15:30:48.000000000 -0500 @@ -355,7 +355,7 @@ 'lastreload', 'module=', @@ -10,113 +10,48 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow 'tefile', 'verbose' ]) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/debugfiles.list policycoreutils-1.27.37/debugfiles.list ---- nsapolicycoreutils/debugfiles.list 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.27.37/debugfiles.list 2005-12-07 11:56:28.000000000 -0500 -@@ -0,0 +1,14 @@ -+/usr/lib/debug/usr/bin/newrole.debug -+/usr/lib/debug/usr/bin/semodule_link.debug -+/usr/lib/debug/usr/bin/semodule_expand.debug -+/usr/lib/debug/usr/bin/semodule_package.debug -+/usr/lib/debug/usr/sbin/sestatus.debug -+/usr/lib/debug/usr/sbin/setfiles.debug -+/usr/lib/debug/usr/sbin/open_init_pty.debug -+/usr/lib/debug/usr/sbin/run_init.debug -+/usr/lib/debug/usr/sbin/load_policy.debug -+/usr/lib/debug/usr/sbin/semodule.debug -+/usr/lib/debug/usr/sbin/audit2why.debug -+/usr/lib/debug/usr/sbin/setsebool.debug -+/usr/lib/debug/sbin/restorecon.debug -+/usr/src/debug/policycoreutils-1.27.37 -Binary files nsapolicycoreutils/debugsources.list and policycoreutils-1.27.37/debugsources.list differ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/policycoreutils.lang policycoreutils-1.27.37/policycoreutils.lang ---- nsapolicycoreutils/policycoreutils.lang 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.27.37/policycoreutils.lang 2005-12-07 11:56:27.000000000 -0500 -@@ -0,0 +1,80 @@ -+%defattr (644, root, root, 755) -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+%lang(sv) /usr/share/locale/sv/LC_MESSAGES/policycoreutils.mo -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.27.37/scripts/chcat +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.8 policycoreutils-1.28/restorecon/restorecon.8 +--- nsapolicycoreutils/restorecon/restorecon.8 2005-02-02 13:31:48.000000000 -0500 ++++ policycoreutils-1.28/restorecon/restorecon.8 2005-12-07 15:32:14.000000000 -0500 +@@ -29,7 +29,7 @@ + .B \-e directory + directory to exclude (repeat option for more than one directory.) + .TP +-.B \-R ++.B \-R \-r + change files and directories file labels recursively + .TP + .B \-n +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.28/restorecon/restorecon.c +--- nsapolicycoreutils/restorecon/restorecon.c 2005-09-20 14:13:05.000000000 -0400 ++++ policycoreutils-1.28/restorecon/restorecon.c 2005-12-07 15:31:40.000000000 -0500 +@@ -112,7 +112,7 @@ + void usage(const char * const name) + { + fprintf(stderr, +- "usage: %s [-Rnv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n", name); ++ "usage: %s [-rRnv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n", name); + exit(1); + } + int restore(char *filename) { +@@ -271,11 +271,12 @@ + + memset(buf,0, sizeof(buf)); + +- while ((opt = getopt(argc, argv, "FRnvf:o:e:")) > 0) { ++ while ((opt = getopt(argc, argv, "FrRnvf:o:e:")) > 0) { + switch (opt) { + case 'n': + change = 0; + break; ++ case 'r': + case 'R': + recurse = 1; + break; +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.28/scripts/chcat --- nsapolicycoreutils/scripts/chcat 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.27.37/scripts/chcat 2005-12-07 11:56:20.000000000 -0500 -@@ -0,0 +1,175 @@ ++++ policycoreutils-1.28/scripts/chcat 2005-12-08 11:31:57.000000000 -0500 +@@ -0,0 +1,191 @@ +#! /usr/bin/env python +# Copyright (C) 2005 Red Hat +# see file 'COPYING' for use and warranty information @@ -146,48 +81,65 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore +def chcat_add(orig, newcat, files): + errors=0 + cmd='chcon -l ' -+ sensitivity=newcat[0] -+ cat=newcat[1] ++ if len(newcat) > 1: ++ sensitivity=newcat[0] ++ cat=newcat[1] ++ else: ++ sensitivity=0 ++ cat=newcat[0] ++ ++ + for f in files: + (rc, con) = selinux.getfilecon(f) + (rc, raw) = selinux.selinux_trans_to_raw_context(con) + clist=raw.split(":")[3:] ++ if sensitivity == 0: ++ sensitivity = clist[0] + if len(clist) > 1: + if clist[0] != sensitivity: + print("Can not modify sensitivity levels using '+' on %s" % f) + continue + cats=clist[1].split(",") -+ if newcat[1] in cats: ++ if cat in cats: + print "%s is already in %s" % (f, orig) + continue -+ cats.append(newcat[1]) ++ cats.append(cat) + cats.sort() -+ cat=cats[0] ++ cat_string=cats[0] + for c in cats[1:]: -+ cat="%s,%s" % (cat, c) -+ cmd='chcon -l %s:%s %s' % (sensitivity, cat, f) ++ cat_string="%s,%s" % (cat_string, c) ++ else: ++ cat_string=cat ++ cmd='chcon -l %s:%s %s' % (sensitivity, cat_string, f) + rc=commands.getstatusoutput(cmd) + if rc[0] != 0: ++ print rc[1] + errors+=1 + return errors + +def chcat_remove(orig, newcat, files): + errors=0 -+ sensitivity=newcat[0] -+ cat=newcat[1] ++ if len(newcat) > 1: ++ sensitivity=newcat[0] ++ cat=newcat[1] ++ else: ++ sensitivity=0 ++ cat=newcat[0] + for f in files: + (rc, con) = selinux.getfilecon(f) + (rc, raw) = selinux.selinux_trans_to_raw_context(con) + clist=raw.split(":")[3:] ++ if sensitivity == 0: ++ sensitivity = clist[0] + if len(clist) > 1: + if clist[0] != sensitivity: + print("Can not modify sensitivity levels using '+' on %s" % f) + continue + cats=clist[1].split(",") -+ if newcat[1] not in cats: ++ if cat not in cats: + print "%s is not in %s" % (f, orig) + continue -+ cats.remove(newcat[1]) ++ cats.remove(cat) + if len(cats) > 0: + cat=cats[0] + for c in cats[1:]: @@ -204,6 +156,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore + cmd='chcon -l %s:%s %s' % (sensitivity, cat, f) + rc=commands.getstatusoutput(cmd) + if rc[0] != 0: ++ print rc[1] + errors+=1 + return errors + @@ -213,17 +166,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore + if len(c) > 0 and c[0] == "+": + (rc, raw) = selinux.selinux_trans_to_raw_context("a:b:c:%s" % c[1:]) + rlist=raw.split(":") -+ if len(rlist) < 5: -+ print "%s must have a sensitivity and at least one category" % c[1:] -+ continue + errors += chcat_add(c[1:], rlist[3:], files) + continue + if len(c) > 0 and c[0] == "-": + (rc, raw) = selinux.selinux_trans_to_raw_context("a:b:c:%s" % c[1:]) + rlist=raw.split(":") -+ if len(rlist) < 5: -+ print "%s must have a sensitivity and at least one category" % c[1:] -+ continue + errors += chcat_remove(c[1:], rlist[3:], files) + continue + @@ -241,6 +188,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore + print "Usage %s CATEGORY File ..." % sys.argv[0] + print "Usage %s [[+|-]CATEGORY],...]q File ..." % sys.argv[0] + print "Usage %s -d File ..." % sys.argv[0] ++ print "Use -- to end option list. For example" ++ print "chcat -- -CompanyConfidential /docs/businessplan.odt." + sys.exit(1) + +def error(msg): @@ -255,20 +204,22 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore + error("Requires an SELinux enabled system") + + delete_ind=0 -+ gopts, cmds = getopt.getopt(sys.argv[1:], -+ 'dh', -+ ['help', -+ 'delete']) ++ try: ++ gopts, cmds = getopt.getopt(sys.argv[1:], ++ 'dh', ++ ['help', ++ 'delete']) + -+ for o,a in gopts: -+ if o == "-h" or o == "--help": ++ for o,a in gopts: ++ if o == "-h" or o == "--help": ++ usage() ++ if o == "-d" or o == "--delete": ++ delete_ind=1 ++ ++ if len(cmds) < 1: + usage() -+ if o == "-d" or o == "--delete": -+ delete_ind=1 -+ -+ if len(cmds) < 1: ++ except: + usage() -+ + if delete_ind: + sys.exit(chcat([""], cmds)) + @@ -292,9 +243,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore + sys.exit(chcat(cats, files)) + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat.8 policycoreutils-1.27.37/scripts/chcat.8 +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat.8 policycoreutils-1.28/scripts/chcat.8 --- nsapolicycoreutils/scripts/chcat.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.27.37/scripts/chcat.8 2005-12-07 11:56:20.000000000 -0500 ++++ policycoreutils-1.28/scripts/chcat.8 2005-12-07 15:30:48.000000000 -0500 @@ -0,0 +1,29 @@ +.TH CHCAT "8" "September 2005" "chcat" "User Commands" +.SH NAME @@ -325,9 +276,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat.8 policyco +.SH "FILES" +/etc/selinux/{SELINUXTYPE}/setrans.conf + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-1.27.37/scripts/Makefile +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-1.28/scripts/Makefile --- nsapolicycoreutils/scripts/Makefile 2005-01-28 15:24:12.000000000 -0500 -+++ policycoreutils-1.27.37/scripts/Makefile 2005-12-07 11:56:20.000000000 -0500 ++++ policycoreutils-1.28/scripts/Makefile 2005-12-07 15:30:48.000000000 -0500 @@ -1,20 +1,23 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr diff --git a/policycoreutils.spec b/policycoreutils.spec index 82ebbc7..01a9abe 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -1,6 +1,6 @@ -%define libsepolver 1.9.41-1 -%define libsemanagever 1.3.64-1 -%define libselinuxver 1.27.28-2 +%define libsepolver 1.10-1 +%define libsemanagever 1.4-1 +%define libselinuxver 1.28-1 Summary: SELinux policy core utilities. Name: policycoreutils Version: 1.28 @@ -12,7 +12,7 @@ Patch: policycoreutils-rhat.patch BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} PreReq: /bin/mount /bin/egrep /bin/awk /usr/bin/diff -Requires: libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} libselinux-python +Requires: libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} libselinux-python coreutils BuildRoot: %{_tmppath}/%{name}-buildroot %description