diff --git a/.cvsignore b/.cvsignore index b93cc88..b7512dc 100644 --- a/.cvsignore +++ b/.cvsignore @@ -155,3 +155,4 @@ policycoreutils-2.0.20.tgz policycoreutils-2.0.21.tgz policycoreutils-2.0.22.tgz policycoreutils-2.0.23.tgz +policycoreutils-2.0.25.tgz diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 6f816bc..aa694eb 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -36,68 +36,151 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po } free(scontext); close(fd); -diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.23/run_init/Makefile ---- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400 -+++ policycoreutils-2.0.23/run_init/Makefile 2007-08-22 16:29:22.000000000 -0400 -@@ -34,8 +34,8 @@ - install: all - test -d $(SBINDIR) || install -m 755 -d $(SBINDIR) - test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1 -- install -m 555 run_init $(SBINDIR) -- install -m 555 open_init_pty $(SBINDIR) -+ install -m 755 run_init $(SBINDIR) -+ install -m 755 open_init_pty $(SBINDIR) - install -m 644 run_init.8 $(MANDIR)/man8/ - install -m 644 open_init_pty.8 $(MANDIR)/man8/ - ifeq (${PAMH}, /usr/include/security/pam_appl.h) -diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.23/scripts/chcat ---- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400 -+++ policycoreutils-2.0.23/scripts/chcat 2007-08-22 16:29:22.000000000 -0400 -@@ -77,7 +77,7 @@ - - if len(cats) > 0: - new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats)) -- else -+ else: - new_serange = "%s-%s" % (serange[0], top[0]) - - if add_ind: -@@ -155,7 +155,7 @@ - - if len(cats) > 0: - new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats)) -- else -+ else: - new_serange = "%s-%s" % (serange[0], top[0]) - - if add_ind: -diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.23/scripts/fixfiles ---- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400 -+++ policycoreutils-2.0.23/scripts/fixfiles 2007-08-22 16:29:22.000000000 -0400 -@@ -88,7 +88,7 @@ - esac; \ - fi; \ - done | \ -- while read pattern ; do find $pattern \ -+ while read pattern ; do sh -c "find $pattern" \ - ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o \ - \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print; \ - done 2> /dev/null | \ -@@ -108,6 +108,7 @@ - - rpmlist() { - rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' ' -+[ ${PIPESTATUS[0]} != 0 ] && echo "$1 not found" >/dev/stderr - } - - # diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.23/scripts/genhomedircon ---- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400 +--- nsapolicycoreutils/scripts/genhomedircon 1969-12-31 19:00:00.000000000 -0500 +++ policycoreutils-2.0.23/scripts/genhomedircon 2007-08-23 10:08:04.000000000 -0400 -@@ -139,7 +139,22 @@ - self.default_user = "user_u" - self.default_prefix = "user" - self.users = self.getUsers() +@@ -0,0 +1,404 @@ ++#! /usr/bin/python -E ++# Copyright (C) 2004 Tresys Technology, LLC ++# see file 'COPYING' for use and warranty information ++# ++# genhomedircon - this script is used to generate file context ++# configuration entries for user home directories based on their ++# default prefixes and is run when building the policy. Specifically, we ++# replace HOME_ROOT, HOME_DIR, and ROLE macros in .fc files with ++# generic and user-specific values. ++# ++# Based off original script by Dan Walsh, ++# ++# ASSUMPTIONS: ++# ++# The file CONTEXTDIR/files/homedir_template exists. This file is used to ++# set up the home directory context for each real user. ++# ++# If a user is not listed in CONTEXTDIR/seusers, he will default to user_u, prefix user ++# ++# "Real" users (as opposed to system users) are those whose UID is greater than ++# or equal STARTING_UID (usually 500) and whose login is not a member of ++# EXCLUDE_LOGINS. Users who are explicitly defined in CONTEXTDIR/seusers ++# are always "real" (including root, in the default configuration). ++# ++# ++ ++import sys, os, pwd, string, getopt, re ++from semanage import *; ++import selinux ++import gettext ++gettext.install('policycoreutils') ++ ++def grep(file, var): ++ ret = "" ++ fd = open(file, 'r') ++ ++ for i in fd.readlines(): ++ if re.search(var, i, 0) != None: ++ ret = i ++ break ++ fd.close() ++ return ret ++ ++def findval(file, var, delim = ""): ++ val = "" ++ try: ++ fd = open(file, 'r') ++ for i in fd.readlines(): ++ if i.startswith(var) == 1: ++ if delim == "": ++ val = i.split()[1] ++ else: ++ val = i.split(delim)[1] ++ val = val.split("#")[0] ++ val = val.strip() ++ fd.close() ++ except: ++ val = "" ++ return val ++ ++def getStartingUID(): ++ starting_uid = sys.maxint ++ uid_min = findval("/etc/login.defs", "UID_MIN") ++ if uid_min != "": ++ uid_min = uid_min.split("#")[0] ++ uid_min = uid_min.strip() ++ if int(uid_min) < starting_uid: ++ starting_uid = int(uid_min) ++ ++ uid_min = findval("/etc/libuser.conf", "LU_UIDNUMBER", "=") ++ if uid_min != "": ++ uid_min = uid_min.split("#")[0] ++ uid_min = uid_min.strip() ++ if int(uid_min) < starting_uid: ++ starting_uid = int(uid_min) ++ ++ if starting_uid == sys.maxint: ++ starting_uid = 500 ++ return starting_uid ++ ++def getDefaultHomeDir(): ++ ret = [] ++ homedir = findval("/etc/default/useradd", "HOME", "=") ++ if homedir != "" and not homedir in ret: ++ ret.append(homedir) ++ ++ homedir = findval("/etc/libuser.conf", "LU_HOMEDIRECTORY", "=") ++ if homedir != "" and not homedir in ret: ++ ret.append(homedir) ++ ++ if ret == []: ++ ret.append("/home") ++ ++ # Add /export/home if it exists ++ # Some customers use this for automounted homedirs ++ if os.path.exists("/export/home"): ++ ret.append("/export/home") ++ ++ return ret ++ ++def getSELinuxType(directory): ++ val = findval(directory+"/config", "SELINUXTYPE", "=") ++ if val != "": ++ return val ++ return "targeted" ++ ++def usage(rc=0, error = ""): ++ if error != "": ++ sys.stderr.write("%s\n" % error) ++ rc = 1 ++ sys.stderr.write("Usage: %s [ -d selinuxdir ] [-n | --nopasswd] [-t selinuxtype ]\n" % sys.argv[0]) ++ sys.stderr.flush() ++ sys.exit(rc) ++ ++def warning(warning = ""): ++ sys.stderr.write("%s\n" % warning) ++ sys.stderr.flush() ++ ++def errorExit(error): ++ sys.stderr.write("%s exiting for: " % sys.argv[0]) ++ sys.stderr.write("%s\n" % error) ++ sys.stderr.flush() ++ sys.exit(1) ++ ++class selinuxConfig: ++ def __init__(self, selinuxdir = "/etc/selinux", type = "targeted", usepwd = 1): ++ self.semanageHandle = semanage_handle_create() ++ self.semanaged = semanage_is_managed(self.semanageHandle) ++ if self.semanaged: ++ rc = semanage_connect(self.semanageHandle) ++ if rc: ++ errorExit("Unable to connect to semanage") ++ (status, self.ulist) = semanage_user_list(self.semanageHandle) ++ self.type = type ++ self.selinuxdir = selinuxdir +"/" ++ self.contextdir = "/contexts" ++ self.filecontextdir = self.contextdir+"/files" ++ self.usepwd = usepwd ++ self.default_user = "user_u" ++ self.default_prefix = "user" ++ self.users = self.getUsers() + fd = open(self.getFileContextFile()) + self.fclines=[] + for i in fd.readlines(): @@ -111,59 +194,365 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po + self.fclines.append(re.compile(regex)) + except: + continue - ++ + fd.close() + - def getFileContextDir(self): - return self.selinuxdir+self.type+self.filecontextdir - -@@ -272,7 +287,7 @@ - ret = "" - fd = open(self.getHomeDirTemplate(), 'r') - for i in fd.readlines(): -- if i.find("USER") == 1: ++ def getFileContextDir(self): ++ return self.selinuxdir+self.type+self.filecontextdir ++ ++ def getFileContextFile(self): ++ return self.getFileContextDir()+"/file_contexts" ++ ++ def getContextDir(self): ++ return self.selinuxdir+self.type+self.contextdir ++ ++ def getHomeDirTemplate(self): ++ return self.getFileContextDir()+"/homedir_template" ++ ++ def getHomeRootContext(self, homedir): ++ ret = "" ++ fd = open(self.getHomeDirTemplate(), 'r') ++ ++ for i in fd.readlines(): ++ if i.find("HOME_ROOT") == 0: ++ i = i.replace("HOME_ROOT", homedir) ++ ret += i ++ fd.close() ++ if ret == "": ++ errorExit("No Home Root Context Found") ++ return ret ++ ++ def heading(self): ++ ret = "\n#\n#\n# User-specific file contexts, generated via %s\n" % sys.argv[0] ++ if self.semanaged: ++ ret += "# use semanage command to manage system users in order to change the file_context\n#\n#\n" ++ else: ++ ret += "# edit %s to change file_context\n#\n#\n" % (self.selinuxdir+self.type+"/seusers") ++ return ret ++ ++ def get_default_prefix(self, name): ++ for user in self.ulist: ++ if semanage_user_get_name(user) == name: ++ return semanage_user_get_prefix(user) ++ return name ++ ++ def get_old_prefix(self, user): ++ rc = grep(self.selinuxdir+self.type+"/users/system.users", "^user %s" % user) ++ if rc == "": ++ rc = grep(self.selinuxdir+self.type+"/users/local.users", "^user %s" % user) ++ if rc != "": ++ user = rc.split() ++ prefix = user[3] ++ if prefix == "{": ++ prefix = user[4] ++ if len(prefix) > 2 and (prefix[-2:] == "_r" or prefix[-2:] == "_u"): ++ prefix = prefix[:-2] ++ return prefix ++ ++ def adduser(self, udict, user, seuser, prefix): ++ if seuser == self.default_user or user == "__default__" or user == "system_u": ++ return ++ # !!! chooses first prefix in the list to use in the file context !!! ++ try: ++ home = pwd.getpwnam(user)[5] ++ if home == "/": ++ # Probably install so hard code to /root ++ if user == "root": ++ home = "/root" ++ else: ++ return ++ except KeyError: ++ if user == "root": ++ home = "/root" ++ else: ++ sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user) ++ return ++ prefs = {} ++ prefs["seuser"] = seuser ++ prefs["prefix"] = prefix ++ prefs["home"] = home ++ udict[user] = prefs ++ ++ def setDefaultUser(self, user, prefix): ++ self.default_user = user ++ self.default_prefix = prefix ++ ++ def getUsers(self): ++ udict = {} ++ if self.semanaged: ++ (status, list) = semanage_seuser_list(self.semanageHandle) ++ for seuser in list: ++ user = [] ++ seusername = semanage_seuser_get_sename(seuser) ++ prefix = self.get_default_prefix(seusername) ++ if semanage_seuser_get_name(seuser) == "__default__": ++ self.setDefaultUser(seusername, prefix) ++ ++ self.adduser(udict, semanage_seuser_get_name(seuser), seusername, prefix) ++ ++ else: ++ try: ++ fd = open(self.selinuxdir+self.type+"/seusers") ++ for u in fd.readlines(): ++ u = u.strip() ++ if len(u) == 0 or u[0] == "#": ++ continue ++ user = u.split(":") ++ if len(user) < 2: ++ continue ++ ++ prefix = self.get_old_prefix(user[1]) ++ self.adduser(udict, user[0], user[1], prefix) ++ fd.close() ++ except IOError, error: ++ # Must be install so force add of root ++ self.adduser(udict, "root", "root", "root") ++ ++ return udict ++ ++ def getHomeDirContext(self, user, seuser, home, prefix): ++ ret = "\n\n#\n# Home Context for user %s\n#\n\n" % user ++ fd = open(self.getHomeDirTemplate(), 'r') ++ for i in fd.readlines(): ++ if i.startswith("HOME_DIR") == 1: ++ i = i.replace("HOME_DIR", home) ++ i = i.replace("ROLE", prefix) ++ i = i.replace("system_u", seuser) ++ # Validate if the generated context exists. Some user types may not exist ++ scon = i.split()[-1] ++ if selinux.is_selinux_enabled() < 1 or selinux.security_check_context(scon) == 0: ++ ret = ret+i ++ fd.close() ++ return ret ++ ++ def getUserContext(self, user, sel_user, prefix): ++ ret = "" ++ fd = open(self.getHomeDirTemplate(), 'r') ++ for i in fd.readlines(): + if i.find("USER") > 0: - i = i.replace("USER", user) - i = i.replace("ROLE", prefix) - i = i.replace("system_u", sel_user) -@@ -289,20 +304,9 @@ - return ret+"\n" - - def checkExists(self, home): -- fd = open(self.getFileContextFile()) -- for i in fd.readlines(): -- if len(i) == 0: -- continue ++ i = i.replace("USER", user) ++ i = i.replace("ROLE", prefix) ++ i = i.replace("system_u", sel_user) ++ ret = ret+i ++ fd.close() ++ return ret ++ ++ def genHomeDirContext(self): ++ ret = "" ++ # Fill in HOME and prefix for users that are defined ++ for u in self.users.keys(): ++ ret += self.getHomeDirContext (u, self.users[u]["seuser"], self.users[u]["home"], self.users[u]["prefix"]) ++ ret += self.getUserContext (u, self.users[u]["seuser"], self.users[u]["prefix"]) ++ return ret+"\n" ++ ++ def checkExists(self, home): + for i in self.fclines: - try: -- regex = i.split()[0] -- #match a trailing .+ -- regex = re.sub("\.+$", "", regex) -- regex = re.sub("\.\*$", "", regex) -- #strip a (/.*)? which matches anything trailing to a /*$ which matches trailing /'s -- -- regex = re.sub("\(\/\.\*\)\?", "", regex) -- regex = regex + "/*$" -- if re.search(regex,home, 0): ++ try: + if i.match(home): - return 1 - except: - continue -diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.23/semanage/semanage ---- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400 -+++ policycoreutils-2.0.23/semanage/semanage 2007-08-22 16:29:22.000000000 -0400 -@@ -34,7 +34,10 @@ - sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace') ++ return 1 ++ except: ++ continue ++ return 0 ++ ++ def getHomeDirs(self): ++ homedirs = getDefaultHomeDir() ++ starting_uid = getStartingUID() ++ if self.usepwd == 0: ++ return homedirs ++ ulist = pwd.getpwall() ++ for u in ulist: ++ if u[2] >= starting_uid and \ ++ u[6] in VALID_SHELLS and \ ++ u[5] != "/" and \ ++ string.count(u[5], "/") > 1: ++ homedir = u[5][:string.rfind(u[5], "/")] ++ if not homedir in homedirs: ++ if self.checkExists(homedir) == 1: ++ warning("%s homedir %s or its parent directory conflicts with a\ndefined context in %s,\n%s will not create a new context. This usually indicates an incorrectly defined system account. If it is a system account please make sure its login shell is /sbin/nologin." % (u[0], u[5], self.getFileContextFile(), sys.argv[0])) ++ else: ++ homedirs.append(homedir) ++ ++ homedirs.sort() ++ return homedirs ++ ++ def genoutput(self): ++ ret = self.heading() ++ for h in self.getHomeDirs(): ++ ret += self.getHomeDirContext (self.default_user, self.default_user, h+'/[^/]*', self.default_prefix) ++ ret += self.getHomeRootContext(h) ++ ret += self.getUserContext(".*", self.default_user, self.default_prefix) + "\n" ++ ret += self.genHomeDirContext() ++ return ret ++ ++ def printout(self): ++ print self.genoutput() ++ ++ def write(self): ++ fd = open(self.getFileContextDir()+"/file_contexts.homedirs", "w") ++ fd.write(self.genoutput()) ++ fd.close() ++ ++if os.getuid() > 0 or os.geteuid() > 0: ++ print _("You must be root to run %s.") % sys.argv[0] ++ sys.exit(1) ++ ++try: ++ fd = open("/etc/shells", 'r') ++ VALID_SHELLS = fd.read().split("\n") ++ fd.close() ++ if "/sbin/nologin" in VALID_SHELLS: ++ VALID_SHELLS.remove("/sbin/nologin") ++ if "" in VALID_SHELLS: ++ VALID_SHELLS.remove("") ++except: ++ VALID_SHELLS = ['/bin/sh', '/bin/bash', '/bin/ash', '/bin/bsh', '/bin/ksh', '/usr/bin/ksh', '/usr/bin/pdksh', '/bin/tcsh', '/bin/csh', '/bin/zsh'] ++ ++# ++# This script will generate home dir file context ++# based off the homedir_template file, entries in the password file, and ++# ++try: ++ usepwd = 1 ++ directory = "/etc/selinux" ++ type = None ++ gopts, cmds = getopt.getopt(sys.argv[1:], 'hnd:t:', ['help', ++ 'type=', ++ 'nopasswd', ++ 'dir=']) ++ for o,a in gopts: ++ if o == '--type' or o == "-t": ++ type = a ++ if o == '--nopasswd' or o == "-n": ++ usepwd = 0 ++ if o == '--dir' or o == "-d": ++ directory = a ++ if o == '--help' or o == "-h": ++ usage() ++except getopt.error, error: ++ errorExit(_("Options Error %s ") % error) ++ ++if type == None: ++ type = getSELinuxType(directory) ++ ++if len(cmds) != 0: ++ usage(1) ++ ++selconf = selinuxConfig(directory, type, usepwd) ++try: ++ selconf.write() ++except IOError, error: ++ sys.stderr.write("%s: %s\n" % ( sys.argv[0], error )) ++ sys.exit(1) ++ +diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon.8 policycoreutils-2.0.23/scripts/genhomedircon.8 +--- nsapolicycoreutils/scripts/genhomedircon.8 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.23/scripts/genhomedircon.8 2007-08-20 19:16:35.000000000 -0400 +@@ -0,0 +1,82 @@ ++.\" Hey, Emacs! This is an -*- nroff -*- source file. ++.\" Copyright (c) 2005 Manoj Srivastava ++.\" ++.\" This is free documentation; you can redistribute it and/or ++.\" modify it under the terms of the GNU General Public License as ++.\" published by the Free Software Foundation; either version 2 of ++.\" the License, or (at your option) any later version. ++.\" ++.\" The GNU General Public License's references to "object code" ++.\" and "executables" are to be interpreted as the output of any ++.\" document formatting or typesetting system, including ++.\" intermediate and printed output. ++.\" ++.\" This manual is distributed in the hope that it will be useful, ++.\" but WITHOUT ANY WARRANTY; without even the implied warranty of ++.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++.\" GNU General Public License for more details. ++.\" ++.\" You should have received a copy of the GNU General Public ++.\" License along with this manual; if not, write to the Free ++.\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, ++.\" USA. ++.\" ++.\" ++.TH GENHOMEDIRCON "8" "January 2005" "Security Enhanced Linux" "" ++.SH NAME ++genhomedircon \- generate SELinux file context configuration entries for user home directories ++.SH SYNOPSIS ++.B genhomedircon [ -d selinuxdir ] [-n | --nopasswd] [-t selinuxtype ] [-h] ++ ++.SH OPTIONS ++.TP ++.B "\-h" ++Print a short usage message ++.TP ++.B "\-d selinuxdir (\-\-directory)" ++Directory where selinux files are installed defaults to /etc/selinux ++.TP ++.B ++\-n \-\-nopasswd ++Indicates to the utility not to read homedirectories out of the password database. ++.TP ++\-t selinuxtype (\-\-type) ++Indicates the selinux type of this install. Defaults to "targeted". ++.SH DESCRIPTION ++.PP ++This utility is used to generate file context configuration entries for ++user home directories based on their ++.B prefix ++entry in the the ++.B semanage user record. ++genhomedircon is run when building ++the policy. It is also run automaticaly when ever the ++.B semanage ++utility modifies ++.B user ++or ++.B login ++records. ++Specifically, we replace HOME_ROOT, HOME_DIR, and ROLE macros in the ++.I /etc/selinux/<>/contexts/files/homedir_template ++file with generic and user-specific values. HOME_ROOT and HOME_DIR is replaced with each distinct location where login users homedirectories are located. Defaults to /home. ROLE is replaced based on the prefix entry in the ++.B user ++record. ++.PP ++genhomedircon searches through all password entires for all "login" user home directories, (as opposed ++to system users). Login users are those whose UID is greater than or equal ++.I STARTING_UID ++(default 500) and whose login shell is not "/sbin/nologin", or ++"/bin/false". ++.PP ++.SH AUTHOR ++This manual page was originally written by ++.I Manoj Srivastava , ++for the Debian GNU/Linux system, based on the comments and the code ++in the utility, and then updated by Dan Walsh of Red Hat. The ++.B genhomedircon ++utility was originally written by ++.I Dan Walsh of Red Hat ++with some modifications by ++.I Tresys Technology, LLC. ++ +diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.23/scripts/Makefile +--- nsapolicycoreutils/scripts/Makefile 2007-08-23 16:52:26.000000000 -0400 ++++ policycoreutils-2.0.23/scripts/Makefile 2007-08-20 19:16:35.000000000 -0400 +@@ -5,14 +5,18 @@ + MANDIR ?= $(PREFIX)/share/man + LOCALEDIR ?= /usr/share/locale - try: -- gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+ gettext.install(PROGNAME, -+ localedir="/usr/share/locale", -+ unicode=False, -+ codeset = 'utf-8') - except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode +-all: fixfiles ++TARGETS=genhomedircon ++ ++all: $(TARGETS) fixfiles + + install: all + -mkdir -p $(BINDIR) ++ install -m 755 $(TARGETS) $(SBINDIR) + install -m 755 chcat $(BINDIR) + install -m 755 fixfiles $(DESTDIR)/sbin + -mkdir -p $(MANDIR)/man8 + install -m 644 fixfiles.8 $(MANDIR)/man8/ ++ install -m 644 genhomedircon.8 $(MANDIR)/man8/ + install -m 644 chcat.8 $(MANDIR)/man8/ + + clean: diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.23/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400 +++ policycoreutils-2.0.23/semanage/seobject.py 2007-08-22 16:29:22.000000000 -0400 diff --git a/policycoreutils.spec b/policycoreutils.spec index ae22438..3673dfe 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -5,8 +5,8 @@ %define sepolgenver 1.0.8 Summary: SELinux policy core utilities Name: policycoreutils -Version: 2.0.23 -Release: 2%{?dist} +Version: 2.0.25 +Release: 1%{?dist} License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -193,6 +193,15 @@ if [ "$1" -ge "1" ]; then fi %changelog +* Thu Aug 23 2007 Dan Walsh 2.0.25-1 +- Update semodule man page + * Fix genhomedircon searching for USER from Todd Miller + * Install run_init with mode 0755 from Dan Walsh. + * Fix chcat from Dan Walsh. + * Fix fixfiles pattern expansion and error reporting from Dan Walsh. + * Optimize genhomedircon to compile regexes once from Dan Walsh. + * Fix semanage gettext call from Dan Walsh. + * Thu Aug 23 2007 Dan Walsh 2.0.23-2 - Update semodule man page diff --git a/sources b/sources index 47a8c43..da91a8f 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ 4d6e57c7fc396efbcf96b7accab4ba30 sepolgen-1.0.8.tgz -a730de6fcaab275b924c87c9207a0b03 policycoreutils-2.0.23.tgz +43c5df63e94b6e35d1f830b5b7ee6cfc policycoreutils-2.0.25.tgz