rpms/policycoreutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.9-1

Browse Source 
- More cleanup of sed patch
- Upgrade to latest from NSA
	* Merged updated fixfiles script from Dan Walsh.
	* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
	* Reverted fixfiles patch for file_contexts.local;
	  obsoleted by setfiles rewrite.
	* Merged error handling patch for restorecon from Dan Walsh.
	* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
	* Rewrote setfiles to use matchpathcon and the new interfaces
	  exported by libselinux (>= 1.21.5).
This commit is contained in:
Daniel J Walsh 2005-01-31 19:04:21 +00:00
parent 91c40446f1
commit 5823eec412
4 changed files with 45 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -11,3 +11,4 @@ policycoreutils-1.21.3.tgz
policycoreutils-1.21.4.tgz policycoreutils-1.21.4.tgz
policycoreutils-1.21.5.tgz policycoreutils-1.21.5.tgz
policycoreutils-1.21.7.tgz policycoreutils-1.21.7.tgz
policycoreutils-1.21.9.tgz

123
policycoreutils-rhat.patch
View File

@ -1,101 +1,28 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.7/restorecon/restorecon.c diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.9/scripts/fixfiles
--- nsapolicycoreutils/restorecon/restorecon.c 2005-01-25 10:32:01.000000000 -0500 --- nsapolicycoreutils/scripts/fixfiles 2005-01-31 09:49:15.000000000 -0500
+++ policycoreutils-1.21.7/restorecon/restorecon.c 2005-01-28 15:37:27.000000000 -0500 +++ policycoreutils-1.21.9/scripts/fixfiles 2005-01-31 13:39:27.000000000 -0500
@@ -188,7 +188,7 @@ @@ -60,12 +60,20 @@
fprintf(stderr, if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
"%s: error while labeling files under %s\n", TEMPFILE=`mktemp ${FC}.XXXXXXXXXX`
progname, buf); test -z "$TEMPFILE" && exit
- exit(1); - /usr/bin/diff $PREFC $FC | egrep '^[<>]'|cut -c3-| grep ^/ | \
+ errors++; - sed -e 's,\\.*,*,g' -e 's,(.*,*,g' -e 's,\[.*,*,g' -e 's,\..*,*,g' \
} - -e 's,[[:blank:]].*,,g' -e 's,\?.*,*,g' | sort -u | \
} + /usr/bin/diff $PREFC $FC | grep '^[<>]'|cut -c3-| grep ^/ | \
else
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.7/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2005-01-26 11:30:57.000000000 -0500
+++ policycoreutils-1.21.7/scripts/fixfiles 2005-01-28 16:05:01.000000000 -0500
@@ -37,19 +37,11 @@
SELINUXTYPE="targeted"
if [ -e /etc/selinux/config ]; then
. /etc/selinux/config
- FC=`mktemp /etc/selinux/${SELINUXTYPE}/contexts/files/file_context.XXXXXX`
- cat /etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts /etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts.local > $FC 2> /dev/null
+ FC=/etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts
else
FC=/etc/security/selinux/file_contexts
fi
-cleanup() {
- if [ -e /etc/selinux/config -a -f "$FC" ]; then
- rm -f $FC
- fi
-}
-trap "cleanup" 0 1 2 3 13 15
-
#
# Log to either syslog or a LOGFILE
#
@@ -60,7 +52,24 @@
echo $1 >> $LOGFILE
fi
}
-
+#
+# Compare PREVious File Context to currently installed File Context and
+# run restorecon on all files affected by the differences.
+#
+diff_filecontext() {
+if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
+ TEMPFILE=`mktemp ${FC}.XXXXXXXXXX`
+ test -z "$TEMPFILE" && exit
+ /usr/bin/diff $PREFC $FC | egrep '^[<>]'|cut -c3-| grep ^/ | \
+ grep -v -e ^/root -e ^/home -e ^/tmp -e ^/var/tmp | \ + grep -v -e ^/root -e ^/home -e ^/tmp -e ^/var/tmp | \
+ sed -e 's,\\.*,*,g' -e 's,(.*,*,g' -e 's,\[.*,*,g' -e 's,\..*,*,g' \ + sed -r -e 's|\(([/?[:alnum:]]+)\)\?|{\1,}|g' \
+ -e 's,[[:blank:]].*,,g' -e 's,\?.*,*,g' | sort -u | \ + -e 's|([[:alnum:]])\?|{\1,}|g' \
+ while read pattern ; do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null ; then echo "$pattern"; case "$pattern" in *"*") echo "$pattern" |sed 's,\*$,,g'>> ${TEMPFILE};; esac; fi; done | \ + -e 's,\(.*,*,g' -e 's,\[.*,*,g' \
+ while read pattern ; do find $pattern -maxdepth 0 -print; done 2> /dev/null | \ + -e 's,[[:blank:]].*,,g' \
+ -e 's,\?.*,*,g' \
+ -e 's,\.\*,*,g' \
+ -e 's,\(.*,*,g' \
+ -e 's,\[.*,*,g' | \
+ sort -u | \
while read pattern ; do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null ; then echo "$pattern"; case "$pattern" in *"*") echo "$pattern" |sed 's,\*$,,g'>> ${TEMPFILE};; esac; fi; done | \
while read pattern ; do find $pattern -maxdepth 0 -print; done 2> /dev/null | \
- ${RESTORECON} $2 -v -f -R -
+ ${RESTORECON} -R $2 -v -f - + ${RESTORECON} -R $2 -v -f -
+ rm -f ${TEMPFILE} rm -f ${TEMPFILE}
+fi
+}
#
# Log all Read Only file systems
#
@@ -80,6 +89,10 @@
# if called with -n will only check file context
#
restore () {
+if [ ! -z "$PREFC" ]; then
+ diff_filecontext $1
+ exit $?
+fi
if [ ! -z "$RPMFILES" ]; then
for i in `echo $RPMFILES | sed 's/,/ /g'`; do
rpmlist $i | ${RESTORECON} ${OUTFILES} -R $1 -v -f - 2>&1 >> $LOGFILE
@@ -128,7 +141,7 @@
usage() {
echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
echo or
- echo $"Usage: $0 -R rpmpackage[,rpmpackage...] [-l logfile ] [-o outputfile ] { check | restore }"
+ echo $"Usage: $0 -R rpmpackage[,rpmpackage...] -C PREVIOUS_FILECONTEXT [-l logfile ] [-o outputfile ] { check | restore }"
}
if [ $# = 0 ]; then
@@ -137,7 +150,7 @@
fi fi
}
# See how we were called.
-while getopts "Fo:R:l:" i; do
+while getopts "C:Fo:R:l:" i; do
case "$i" in
F)
fullFlag=1
@@ -151,6 +164,9 @@
l)
LOGFILE=$OPTARG
;;
+ C)
+ PREFC=$OPTARG
+ ;;
*)
usage
exit 1

22
policycoreutils.spec
View File

@ -1,15 +1,16 @@
#define LIBSELINUXVER 1.21.5
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.21.7 Version: 1.21.9
Release: 3 Release: 1
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
Patch: policycoreutils-rhat.patch Patch: policycoreutils-rhat.patch
Prefix: %{_prefix} Prefix: %{_prefix}
BuildRequires: libselinux-devel >= 1.15.3 pam-devel libsepol-devel >= 1.1.1 BuildRequires: libselinux-devel >= %{LIBSELINUXVER} pam-devel libsepol-devel >= 1.1.1
Requires: libselinux >= 1.15.3 libsepol >= 1.1.1 Requires: libselinux >= %{LIBSELINUXVER} libsepol >= 1.1.1
BuildRoot: %{_tmppath}/%{name}-buildroot BuildRoot: %{_tmppath}/%{name}-buildroot
@ -80,6 +81,19 @@ rm -rf ${RPM_BUILD_ROOT}
%config(noreplace) %{_sysconfdir}/sestatus.conf %config(noreplace) %{_sysconfdir}/sestatus.conf
%changelog %changelog
* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.9-1
- More cleanup of sed patch
- Upgrade to latest from NSA
* Merged updated fixfiles script from Dan Walsh.
* Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
* Reverted fixfiles patch for file_contexts.local;
obsoleted by setfiles rewrite.
* Merged error handling patch for restorecon from Dan Walsh.
* Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
* Rewrote setfiles to use matchpathcon and the new interfaces
exported by libselinux (>= 1.21.5).
* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.7-3 * Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.7-3
- Fix fixfiles patch - Fix fixfiles patch
- Upgrade to latest from NSA - Upgrade to latest from NSA

2
sources
View File

@ -1 +1 @@
9d03afb93e007c31faf284d88d982883 policycoreutils-1.21.7.tgz cdab66d56c18037d49c508a021ee5334 policycoreutils-1.21.9.tgz