Change fixfiles restore to delete unlabeled sockets in /tmp
This commit is contained in:
parent
822e503b13
commit
61f1bc2068
@ -3194,7 +3194,7 @@ index 3f9efba..7c6d75a 100644
|
|||||||
+/etc/selinux/{SELINUXTYPE}/seusers
|
+/etc/selinux/{SELINUXTYPE}/seusers
|
||||||
|
|
||||||
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
|
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
|
||||||
index ae519fc..7d21ea3 100755
|
index ae519fc..706184d 100755
|
||||||
--- a/policycoreutils/scripts/fixfiles
|
--- a/policycoreutils/scripts/fixfiles
|
||||||
+++ b/policycoreutils/scripts/fixfiles
|
+++ b/policycoreutils/scripts/fixfiles
|
||||||
@@ -21,6 +21,44 @@
|
@@ -21,6 +21,44 @@
|
||||||
@ -3278,7 +3278,7 @@ index ae519fc..7d21ea3 100755
|
|||||||
|
|
||||||
rpmlist() {
|
rpmlist() {
|
||||||
rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
|
rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
|
||||||
@@ -121,24 +144,34 @@ if [ ! -z "$PREFC" ]; then
|
@@ -121,33 +144,45 @@ if [ ! -z "$PREFC" ]; then
|
||||||
fi
|
fi
|
||||||
if [ ! -z "$RPMFILES" ]; then
|
if [ ! -z "$RPMFILES" ]; then
|
||||||
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
|
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
|
||||||
@ -3321,10 +3321,13 @@ index ae519fc..7d21ea3 100755
|
|||||||
+fi
|
+fi
|
||||||
+${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMS} 2>&1 | cat >> $LOGFILE
|
+${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMS} 2>&1 | cat >> $LOGFILE
|
||||||
+rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
|
+rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
|
||||||
|
+find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) \( -type s -o -type p \) -delete
|
||||||
find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
|
find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
|
||||||
find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
|
find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
|
||||||
|
+find /var/run \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t var_run_t {} \;
|
||||||
|
+find /var/lib/debug \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t lib_t {} \;
|
||||||
exit $?
|
exit $?
|
||||||
@@ -146,8 +179,7 @@ exit $?
|
}
|
||||||
|
|
||||||
fullrelabel() {
|
fullrelabel() {
|
||||||
logit "Cleaning out /tmp"
|
logit "Cleaning out /tmp"
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.86
|
Version: 2.0.86
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -331,6 +331,9 @@ fi
|
|||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Apr 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-3
|
||||||
|
- Change fixfiles restore to delete unlabeled sockets in /tmp
|
||||||
|
|
||||||
* Mon Apr 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-2
|
* Mon Apr 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-2
|
||||||
- rebuild versus latest libsepol
|
- rebuild versus latest libsepol
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user