rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Nov 6 2006 Dan Walsh <dwalsh@redhat.com> 1.32-2

Browse Source 
- Fix genhomedircon man page
This commit is contained in:
Daniel J Walsh 2006-11-07 16:49:02 +00:00
parent deeee024b1
commit 2ce739f558
3 changed files with 83549 additions and 607 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84069
policycoreutils-po.patch
View File

File diff suppressed because it is too large Load Diff

82
policycoreutils-rhat.patch
View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.32/newrole/newrole.c diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.32/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c 2006-09-29 11:50:09.000000000 -0400 --- nsapolicycoreutils/newrole/newrole.c 2006-09-29 11:50:09.000000000 -0400
+++ policycoreutils-1.32/newrole/newrole.c 2006-10-20 09:04:57.000000000 -0400 +++ policycoreutils-1.32/newrole/newrole.c 2006-11-07 11:47:21.000000000 -0500
@@ -680,6 +680,7 @@ @@ -680,6 +680,7 @@
{ {
fprintf(stderr, _("newrole: incorrect password for %s\n"), fprintf(stderr, _("newrole: incorrect password for %s\n"),
@ -9,9 +9,9 @@ diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/newrole
return (-1); return (-1);
} }
/* If we reach here, then we have authenticated the user. */ /* If we reach here, then we have authenticated the user. */
diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-1.32/restorecond/Makefile diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-1.32/restorecond/Makefile
--- nsapolicycoreutils/restorecond/Makefile 2006-08-28 16:58:19.000000000 -0400 --- nsapolicycoreutils/restorecond/Makefile 2006-08-28 16:58:19.000000000 -0400
+++ policycoreutils-1.32/restorecond/Makefile 2006-10-17 12:59:55.000000000 -0400 +++ policycoreutils-1.32/restorecond/Makefile 2006-11-07 11:47:21.000000000 -0500
@@ -5,8 +5,9 @@ @@ -5,8 +5,9 @@
INITDIR = $(DESTDIR)/etc/rc.d/init.d INITDIR = $(DESTDIR)/etc/rc.d/init.d
SELINUXDIR = $(DESTDIR)/etc/selinux SELINUXDIR = $(DESTDIR)/etc/selinux
@ -24,9 +24,75 @@ diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/restore
LDLIBS += -lselinux -lsepol -L$(PREFIX)/lib LDLIBS += -lselinux -lsepol -L$(PREFIX)/lib
all: restorecond all: restorecond
diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-1.32/semanage/semanage.8 diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.32/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-08-28 16:58:19.000000000 -0400
+++ policycoreutils-1.32/restorecond/restorecond.conf 2006-11-07 11:47:21.000000000 -0500
@@ -2,5 +2,6 @@
/etc/samba/secrets.tdb
/etc/mtab
/var/run/utmp
+/var/log/wtmp
~/public_html
~/.mozilla/plugins/libflashplayer.so
diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/genhomedircon.8 policycoreutils-1.32/scripts/genhomedircon.8
--- nsapolicycoreutils/scripts/genhomedircon.8 2006-08-28 16:58:19.000000000 -0400
+++ policycoreutils-1.32/scripts/genhomedircon.8 2006-11-07 11:47:21.000000000 -0500
@@ -45,35 +45,30 @@
.SH DESCRIPTION
.PP
This utility is used to generate file context configuration entries for
-user home directories based on their default roles and is run when building
-the policy. It can also be run when ever the
-.I /etc/selinux/<<SELINUXTYPE>>/users/local.users
-file is changed
+user home directories based on their
+.B prefix
+entry in the the
+.B semanage user record.
+genhomedircon is run when building
+the policy. It is also run automaticaly when ever the
+.B semanage
+utility modifies
+.B user
+or
+.B login
+records.
Specifically, we replace HOME_ROOT, HOME_DIR, and ROLE macros in the
.I /etc/selinux/<<SELINUXTYPE>>/contexts/files/homedir_template
-file with generic and user-specific values.
-.I local.users
-file. If a user has more than one role in
-.I local.users,
-.B genhomedircon
-uses the first role in the list.
+file with generic and user-specific values. HOME_ROOT and HOME_DIR is replaced with each distinct location where login users homedirectories are located. Defaults to /home. ROLE is replaced based on the prefix entry in the
+.B user
+record.
.PP
-If a user is not listed in
-.I local.users,
-.B genhomedircon
-assumes that the user's home dir will be found in one of the
-HOME_ROOTs.
-When looking for these users,
-.B genhomedircon
-only considers real users. "Real" users (as opposed
-to system users) are those whose UID is greater than or equal
+genhomedircon searches through all password entires for all "login" user home directories, (as opposed
+to system users). Login users are those whose UID is greater than or equal
.I STARTING_UID
(default 500) and whose login shell is not "/sbin/nologin", or
"/bin/false".
.PP
-Users who are explicitly defined in
-.I local.users,
-are always "real" (including root, in the default configuration).
.SH AUTHOR
This manual page was originally written by
.I Manoj Srivastava <srivasta@debian.org>,
diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-1.32/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2006-09-14 08:07:24.000000000 -0400 --- nsapolicycoreutils/semanage/semanage.8 2006-09-14 08:07:24.000000000 -0400
+++ policycoreutils-1.32/semanage/semanage.8 2006-10-19 07:55:00.000000000 -0400 +++ policycoreutils-1.32/semanage/semanage.8 2006-11-07 11:47:21.000000000 -0500
@@ -7,7 +7,7 @@ @@ -7,7 +7,7 @@
.br .br
.B semanage login \-{a|d|m} [\-sr] login_name .B semanage login \-{a|d|m} [\-sr] login_name
@ -46,9 +112,9 @@ diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/semanag
.I \-s, \-\-seuser .I \-s, \-\-seuser
SELinux user name SELinux user name
.TP .TP
diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.32/semanage/seobject.py diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.32/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2006-10-17 12:04:55.000000000 -0400 --- nsapolicycoreutils/semanage/seobject.py 2006-10-17 12:04:55.000000000 -0400
+++ policycoreutils-1.32/semanage/seobject.py 2006-10-17 12:59:55.000000000 -0400 +++ policycoreutils-1.32/semanage/seobject.py 2006-11-07 11:47:21.000000000 -0500
@@ -456,7 +456,8 @@ @@ -456,7 +456,8 @@
rc = semanage_user_set_mlslevel(self.sh, u, selevel) rc = semanage_user_set_mlslevel(self.sh, u, selevel)
if rc < 0: if rc < 0:

5
policycoreutils.spec
View File

@ -5,7 +5,7 @@
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.32 Version: 1.32
Release: 1 Release: 2
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -133,6 +133,9 @@ fi
[ -x /sbin/service ] && /sbin/service restorecond condrestart [ -x /sbin/service ] && /sbin/service restorecond condrestart
%changelog %changelog
* Fri Nov 6 2006 Dan Walsh <dwalsh@redhat.com> 1.32-2
- Fix genhomedircon man page
* Fri Oct 9 2006 Dan Walsh <dwalsh@redhat.com> 1.32-1 * Fri Oct 9 2006 Dan Walsh <dwalsh@redhat.com> 1.32-1
- Add newrole audit patch from sgrubb - Add newrole audit patch from sgrubb
- Update to upstream - Update to upstream