* Thu Aug 23 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-2

- Update semodule man page
This commit is contained in:
Daniel J Walsh 2007-08-23 14:24:18 +00:00
parent 0f56395076
commit 4bf679be9e
3 changed files with 54 additions and 19 deletions

View File

@ -1,15 +1,15 @@
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.22/Makefile diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.23/Makefile
--- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400 --- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400
+++ policycoreutils-2.0.22/Makefile 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/Makefile 2007-08-22 16:29:22.000000000 -0400
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po -SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui +SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
all install relabel clean indent: all install relabel clean indent:
@for subdir in $(SUBDIRS); do \ @for subdir in $(SUBDIRS); do \
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.22/restorecond/restorecond.c diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.23/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/restorecond/restorecond.c 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/restorecond/restorecond.c 2007-08-22 16:29:22.000000000 -0400
@@ -210,9 +210,10 @@ @@ -210,9 +210,10 @@
} }
@ -36,9 +36,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
} }
free(scontext); free(scontext);
close(fd); close(fd);
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.22/run_init/Makefile diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/run_init/Makefile policycoreutils-2.0.23/run_init/Makefile
--- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/run_init/Makefile 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/run_init/Makefile 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/run_init/Makefile 2007-08-22 16:29:22.000000000 -0400
@@ -34,8 +34,8 @@ @@ -34,8 +34,8 @@
install: all install: all
test -d $(SBINDIR) || install -m 755 -d $(SBINDIR) test -d $(SBINDIR) || install -m 755 -d $(SBINDIR)
@ -50,9 +50,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
install -m 644 run_init.8 $(MANDIR)/man8/ install -m 644 run_init.8 $(MANDIR)/man8/
install -m 644 open_init_pty.8 $(MANDIR)/man8/ install -m 644 open_init_pty.8 $(MANDIR)/man8/
ifeq (${PAMH}, /usr/include/security/pam_appl.h) ifeq (${PAMH}, /usr/include/security/pam_appl.h)
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.22/scripts/chcat diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.23/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/scripts/chcat 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/scripts/chcat 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/scripts/chcat 2007-08-22 16:29:22.000000000 -0400
@@ -77,7 +77,7 @@ @@ -77,7 +77,7 @@
if len(cats) > 0: if len(cats) > 0:
@ -71,9 +71,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
new_serange = "%s-%s" % (serange[0], top[0]) new_serange = "%s-%s" % (serange[0], top[0])
if add_ind: if add_ind:
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.22/scripts/fixfiles diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.23/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/scripts/fixfiles 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/scripts/fixfiles 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/scripts/fixfiles 2007-08-22 16:29:22.000000000 -0400
@@ -88,7 +88,7 @@ @@ -88,7 +88,7 @@
esac; \ esac; \
fi; \ fi; \
@ -91,9 +91,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
} }
# #
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.22/scripts/genhomedircon diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.23/scripts/genhomedircon
--- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/scripts/genhomedircon 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/scripts/genhomedircon 2007-08-01 16:03:41.000000000 -0400 +++ policycoreutils-2.0.23/scripts/genhomedircon 2007-08-23 10:08:04.000000000 -0400
@@ -139,7 +139,22 @@ @@ -139,7 +139,22 @@
self.default_user = "user_u" self.default_user = "user_u"
self.default_prefix = "user" self.default_prefix = "user"
@ -117,6 +117,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
def getFileContextDir(self): def getFileContextDir(self):
return self.selinuxdir+self.type+self.filecontextdir return self.selinuxdir+self.type+self.filecontextdir
@@ -272,7 +287,7 @@
ret = ""
fd = open(self.getHomeDirTemplate(), 'r')
for i in fd.readlines():
- if i.find("USER") == 1:
+ if i.find("USER") > 0:
i = i.replace("USER", user)
i = i.replace("ROLE", prefix)
i = i.replace("system_u", sel_user)
@@ -289,20 +304,9 @@ @@ -289,20 +304,9 @@
return ret+"\n" return ret+"\n"
@ -140,9 +149,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
return 1 return 1
except: except:
continue continue
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.22/semanage/semanage diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.23/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/semanage/semanage 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/semanage/semanage 2007-07-31 15:45:57.000000000 -0400 +++ policycoreutils-2.0.23/semanage/semanage 2007-08-22 16:29:22.000000000 -0400
@@ -34,7 +34,10 @@ @@ -34,7 +34,10 @@
sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace') sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
@ -155,9 +164,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
except IOError: except IOError:
import __builtin__ import __builtin__
__builtin__.__dict__['_'] = unicode __builtin__.__dict__['_'] = unicode
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.22/semanage/seobject.py diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.23/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400 --- nsapolicycoreutils/semanage/seobject.py 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/semanage/seobject.py 2007-08-01 09:54:14.000000000 -0400 +++ policycoreutils-2.0.23/semanage/seobject.py 2007-08-22 16:29:22.000000000 -0400
@@ -210,6 +210,7 @@ @@ -210,6 +210,7 @@
os.write(fd, self.out()) os.write(fd, self.out())
os.close(fd) os.close(fd)
@ -315,3 +324,27 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po
return ddict return ddict
diff --exclude-from=exclude --exclude=sepolgen-1.0.8 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.23/semodule/semodule.8
--- nsapolicycoreutils/semodule/semodule.8 2007-07-16 14:20:42.000000000 -0400
+++ policycoreutils-2.0.23/semodule/semodule.8 2007-08-23 10:18:35.000000000 -0400
@@ -23,6 +23,9 @@
.B \-B, \-\-build
force a rebuild of policy (also reloads unless -n is used)
.TP
+.B \-D, \-\-disable_dontaudit
+Temporarily remove dontaudits from policy. Reverts whenever policy is rebuilt
+.TP
.B \-i,\-\-install=MODULE_PKG
install/replace a module package
.TP
@@ -58,6 +61,10 @@
$ semodule -i httpd.pp
# List non-base modules.
$ semodule -l
+# Turn on all AVC Messages for which SELinux currently is "dontaudit"ing.
+$ semodule -DB
+# Turn "dontaudit" rules back on.
+$ semodule -B
# Install or replace all non-base modules in the current directory.
$ semodule -i *.pp
# Install or replace all modules in the current directory.

View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.23 Version: 2.0.23
Release: 1%{?dist} Release: 2%{?dist}
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -193,6 +193,9 @@ if [ "$1" -ge "1" ]; then
fi fi
%changelog %changelog
* Thu Aug 23 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-2
- Update semodule man page
* Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1 * Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1
- Update to match NSA - Update to match NSA
* Disable dontaudits via semodule -D * Disable dontaudits via semodule -D

View File

@ -7,6 +7,5 @@ Icon=/usr/share/system-config-selinux/system-config-selinux.png
Exec=/usr/bin/system-config-selinux Exec=/usr/bin/system-config-selinux
Type=Application Type=Application
Terminal=false Terminal=false
Encoding=UTF-8 Categories=System;Security;
Categories=Application;System;X-Red-Hat-Base;
X-Desktop-File-Install-Version=0.2 X-Desktop-File-Install-Version=0.2