* Thu Aug 23 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-2
- Update semodule man page
This commit is contained in:
parent
0f56395076
commit
4bf679be9e
@ -1,15 +1,15 @@
|
|||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.22/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.23/Makefile
|
||||||
--- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400
|
--- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/Makefile 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/Makefile 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
||||||
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
||||||
|
|
||||||
all install relabel clean indent:
|
all install relabel clean indent:
|
||||||
@for subdir in $(SUBDIRS); do \
|
@for subdir in $(SUBDIRS); do \
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.22/restorecond/restorecond.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.23/restorecond/restorecond.c
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/restorecond/restorecond.c 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/restorecond/restorecond.c 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -210,9 +210,10 @@
|
@@ -210,9 +210,10 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -36,9 +36,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
}
|
}
|
||||||
free(scontext);
|
free(scontext);
|
||||||
close(fd);
|
close(fd);
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.22/run_init/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.23/run_init/Makefile
|
||||||
--- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/run_init/Makefile 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/run_init/Makefile 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -34,8 +34,8 @@
|
@@ -34,8 +34,8 @@
|
||||||
install: all
|
install: all
|
||||||
test -d $(SBINDIR) || install -m 755 -d $(SBINDIR)
|
test -d $(SBINDIR) || install -m 755 -d $(SBINDIR)
|
||||||
@ -50,9 +50,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
install -m 644 run_init.8 $(MANDIR)/man8/
|
install -m 644 run_init.8 $(MANDIR)/man8/
|
||||||
install -m 644 open_init_pty.8 $(MANDIR)/man8/
|
install -m 644 open_init_pty.8 $(MANDIR)/man8/
|
||||||
ifeq (${PAMH}, /usr/include/security/pam_appl.h)
|
ifeq (${PAMH}, /usr/include/security/pam_appl.h)
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.22/scripts/chcat
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.23/scripts/chcat
|
||||||
--- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/scripts/chcat 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/scripts/chcat 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -77,7 +77,7 @@
|
@@ -77,7 +77,7 @@
|
||||||
|
|
||||||
if len(cats) > 0:
|
if len(cats) > 0:
|
||||||
@ -71,9 +71,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
new_serange = "%s-%s" % (serange[0], top[0])
|
new_serange = "%s-%s" % (serange[0], top[0])
|
||||||
|
|
||||||
if add_ind:
|
if add_ind:
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.22/scripts/fixfiles
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.23/scripts/fixfiles
|
||||||
--- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/scripts/fixfiles 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/scripts/fixfiles 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -88,7 +88,7 @@
|
@@ -88,7 +88,7 @@
|
||||||
esac; \
|
esac; \
|
||||||
fi; \
|
fi; \
|
||||||
@ -91,9 +91,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.22/scripts/genhomedircon
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.23/scripts/genhomedircon
|
||||||
--- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/scripts/genhomedircon 2007-08-01 16:03:41.000000000 -0400
|
+++ policycoreutils-2.0.23/scripts/genhomedircon 2007-08-23 10:08:04.000000000 -0400
|
||||||
@@ -139,7 +139,22 @@
|
@@ -139,7 +139,22 @@
|
||||||
self.default_user = "user_u"
|
self.default_user = "user_u"
|
||||||
self.default_prefix = "user"
|
self.default_prefix = "user"
|
||||||
@ -117,6 +117,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
def getFileContextDir(self):
|
def getFileContextDir(self):
|
||||||
return self.selinuxdir+self.type+self.filecontextdir
|
return self.selinuxdir+self.type+self.filecontextdir
|
||||||
|
|
||||||
|
@@ -272,7 +287,7 @@
|
||||||
|
ret = ""
|
||||||
|
fd = open(self.getHomeDirTemplate(), 'r')
|
||||||
|
for i in fd.readlines():
|
||||||
|
- if i.find("USER") == 1:
|
||||||
|
+ if i.find("USER") > 0:
|
||||||
|
i = i.replace("USER", user)
|
||||||
|
i = i.replace("ROLE", prefix)
|
||||||
|
i = i.replace("system_u", sel_user)
|
||||||
@@ -289,20 +304,9 @@
|
@@ -289,20 +304,9 @@
|
||||||
return ret+"\n"
|
return ret+"\n"
|
||||||
|
|
||||||
@ -140,9 +149,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
return 1
|
return 1
|
||||||
except:
|
except:
|
||||||
continue
|
continue
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.22/semanage/semanage
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.23/semanage/semanage
|
||||||
--- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/semanage/semanage 2007-07-31 15:45:57.000000000 -0400
|
+++ policycoreutils-2.0.23/semanage/semanage 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -34,7 +34,10 @@
|
@@ -34,7 +34,10 @@
|
||||||
sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
|
sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
|
||||||
|
|
||||||
@ -155,9 +164,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
except IOError:
|
except IOError:
|
||||||
import __builtin__
|
import __builtin__
|
||||||
__builtin__.__dict__['_'] = unicode
|
__builtin__.__dict__['_'] = unicode
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.22/semanage/seobject.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.23/semanage/seobject.py
|
||||||
--- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.22/semanage/seobject.py 2007-08-01 09:54:14.000000000 -0400
|
+++ policycoreutils-2.0.23/semanage/seobject.py 2007-08-22 16:29:22.000000000 -0400
|
||||||
@@ -210,6 +210,7 @@
|
@@ -210,6 +210,7 @@
|
||||||
os.write(fd, self.out())
|
os.write(fd, self.out())
|
||||||
os.close(fd)
|
os.close(fd)
|
||||||
@ -315,3 +324,27 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
return ddict
|
return ddict
|
||||||
|
|
||||||
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.23/semodule/semodule.8
|
||||||
|
--- nsapolicycoreutils/semodule/semodule.8 2007-07-16 14:20:42.000000000 -0400
|
||||||
|
+++ policycoreutils-2.0.23/semodule/semodule.8 2007-08-23 10:18:35.000000000 -0400
|
||||||
|
@@ -23,6 +23,9 @@
|
||||||
|
.B \-B, \-\-build
|
||||||
|
force a rebuild of policy (also reloads unless -n is used)
|
||||||
|
.TP
|
||||||
|
+.B \-D, \-\-disable_dontaudit
|
||||||
|
+Temporarily remove dontaudits from policy. Reverts whenever policy is rebuilt
|
||||||
|
+.TP
|
||||||
|
.B \-i,\-\-install=MODULE_PKG
|
||||||
|
install/replace a module package
|
||||||
|
.TP
|
||||||
|
@@ -58,6 +61,10 @@
|
||||||
|
$ semodule -i httpd.pp
|
||||||
|
# List non-base modules.
|
||||||
|
$ semodule -l
|
||||||
|
+# Turn on all AVC Messages for which SELinux currently is "dontaudit"ing.
|
||||||
|
+$ semodule -DB
|
||||||
|
+# Turn "dontaudit" rules back on.
|
||||||
|
+$ semodule -B
|
||||||
|
# Install or replace all non-base modules in the current directory.
|
||||||
|
$ semodule -i *.pp
|
||||||
|
# Install or replace all modules in the current directory.
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.23
|
Version: 2.0.23
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
@ -193,6 +193,9 @@ if [ "$1" -ge "1" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Aug 23 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-2
|
||||||
|
- Update semodule man page
|
||||||
|
|
||||||
* Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1
|
* Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1
|
||||||
- Update to match NSA
|
- Update to match NSA
|
||||||
* Disable dontaudits via semodule -D
|
* Disable dontaudits via semodule -D
|
||||||
|
@ -7,6 +7,5 @@ Icon=/usr/share/system-config-selinux/system-config-selinux.png
|
|||||||
Exec=/usr/bin/system-config-selinux
|
Exec=/usr/bin/system-config-selinux
|
||||||
Type=Application
|
Type=Application
|
||||||
Terminal=false
|
Terminal=false
|
||||||
Encoding=UTF-8
|
Categories=System;Security;
|
||||||
Categories=Application;System;X-Red-Hat-Base;
|
|
||||||
X-Desktop-File-Install-Version=0.2
|
X-Desktop-File-Install-Version=0.2
|
||||||
|
Loading…
Reference in New Issue
Block a user