From 79387e42a7fbec358474d10862b40dfdccfefd1f Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Thu, 4 Jan 2007 22:11:35 +0000 Subject: [PATCH] * Thu Jan 4 2007 Dan Walsh 1.33.8-1 - Update to upstream * Merged patches from Dan Walsh to: - omit the optional name from audit2allow - use the installed python version in the Makefiles - re-open the tty with O_RDWR in newrole --- .cvsignore | 1 + policycoreutils-rhat.patch | 185 +++++++++++++++++++------------------ policycoreutils.spec | 11 ++- sources | 2 +- 4 files changed, 104 insertions(+), 95 deletions(-) diff --git a/.cvsignore b/.cvsignore index 7ea514e..37c1a33 100644 --- a/.cvsignore +++ b/.cvsignore @@ -121,3 +121,4 @@ policycoreutils-1.33.4.tgz policycoreutils-1.33.5.tgz policycoreutils-1.33.6.tgz policycoreutils-1.33.7.tgz +policycoreutils-1.33.8.tgz diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 8973095..3b0bc9f 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,30 +1,6 @@ -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.33.6/audit2allow/avc.py ---- nsapolicycoreutils/audit2allow/avc.py 2006-11-16 17:14:29.000000000 -0500 -+++ policycoreutils-1.33.6/audit2allow/avc.py 2006-12-20 14:59:04.000000000 -0500 -@@ -231,7 +231,7 @@ - else: - file = m[0][1] - ret = "\n#%s\n"% self.out() -- ret += "optional_policy(`%s', `\n" % m[0][1] -+ ret += "optional_policy(`\n" - first = True - for i in m: - if file != i[1]: -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-1.33.6/audit2allow/Makefile ---- nsapolicycoreutils/audit2allow/Makefile 2006-11-16 17:14:29.000000000 -0500 -+++ policycoreutils-1.33.6/audit2allow/Makefile 2006-12-20 14:59:04.000000000 -0500 -@@ -4,7 +4,7 @@ - LIBDIR ?= $(PREFIX)/lib - MANDIR ?= $(PREFIX)/share/man - LOCALEDIR ?= /usr/share/locale --PYLIBVER ?= python2.4 -+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') - PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER) - - TARGETS=audit2allow -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.6/gui/booleansPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.7/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/booleansPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/booleansPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,199 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -225,9 +201,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + + setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val) + commands.getstatusoutput(setsebool) -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.6/gui/fcontextPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.7/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/fcontextPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/fcontextPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,158 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -387,9 +363,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + self.store.set_value(iter, 0, fspec) + self.store.set_value(iter, 2, ftype) + self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.6/gui/loginsPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.7/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/loginsPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/loginsPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,161 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -552,9 +528,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 2, seobject.translate(serange)) + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.6/gui/Makefile +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.7/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/Makefile 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/Makefile 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,30 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -586,9 +562,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. +indent: + +relabel: -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.6/gui/mappingsPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.7/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/mappingsPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/mappingsPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,54 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -644,9 +620,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + for k in keys: + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.6/gui/modulesPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.7/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/modulesPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/modulesPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,161 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -809,9 +785,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + + + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.6/gui/portsPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.7/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/portsPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/portsPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,214 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -1027,9 +1003,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + self.store.set_value(iter, MLS_COL, mls) + + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.6/gui/selinux.tbl +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.7/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/selinux.tbl 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/selinux.tbl 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,265 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow") @@ -1296,9 +1272,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. +ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon") +ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon") +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon") -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.6/gui/semanagePage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.7/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/semanagePage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/semanagePage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,109 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -1409,9 +1385,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + self.dialog.hide() + + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.6/gui/statusPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.7/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/statusPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/statusPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,213 @@ +## statusPage.py - show selinux status +## Copyright (C) 2006 Red Hat, Inc. @@ -1626,9 +1602,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + return self.types[self.selinuxTypeOptionMenu.get_active()] + + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.6/gui/system-config-selinux.glade +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.7/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/system-config-selinux.glade 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/system-config-selinux.glade 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,2803 @@ + + @@ -4433,9 +4409,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + + + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.6/gui/system-config-selinux.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.7/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/system-config-selinux.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/system-config-selinux.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,156 @@ +#!/usr/bin/python +# @@ -4593,9 +4569,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + + app = childWindow() + app.stand_alone() -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.6/gui/translationsPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.7/gui/translationsPage.py --- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/translationsPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/translationsPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,109 @@ +## translationsPage.py - show selinux translations +## Copyright (C) 2006 Red Hat, Inc. @@ -4706,9 +4682,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + store, iter = self.view.get_selection().get_selected() + self.store.set_value(iter, 0, level) + self.store.set_value(iter, 1, translation) -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.6/gui/usersPage.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.7/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.33.6/gui/usersPage.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/gui/usersPage.py 2007-01-04 16:24:30.000000000 -0500 @@ -0,0 +1,155 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -4865,34 +4841,71 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. + except ValueError, e: + self.error(e.args[0]) + -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.6/Makefile +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.7/Makefile --- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500 -+++ policycoreutils-1.33.6/Makefile 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/Makefile 2007-01-04 16:24:30.000000000 -0500 @@ -1,4 +1,4 @@ -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui all install relabel clean indent: @for subdir in $(SUBDIRS); do \ -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.6/newrole/newrole.c ---- nsapolicycoreutils/newrole/newrole.c 2006-11-29 17:11:18.000000000 -0500 -+++ policycoreutils-1.33.6/newrole/newrole.c 2006-12-20 14:59:04.000000000 -0500 -@@ -1120,10 +1120,10 @@ - fd = open(ttyn, O_RDONLY); - if (fd != 0) - goto err_close_pam; -- fd = open(ttyn, O_WRONLY); -+ fd = open(ttyn, O_RDWR); - if (fd != 1) - goto err_close_pam; -- fd = open(ttyn, O_WRONLY); -+ fd = open(ttyn, O_RDWR); - if (fd != 2) - goto err_close_pam; +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.7/newrole/newrole.c +--- nsapolicycoreutils/newrole/newrole.c 2007-01-04 17:01:41.000000000 -0500 ++++ policycoreutils-1.33.7/newrole/newrole.c 2007-01-04 16:24:47.000000000 -0500 +@@ -67,6 +67,7 @@ + #include /* for SELINUX_DEFAULTUSER */ + #include + #include /* for getuid(), exit(), getopt() */ ++#include + #ifdef USE_AUDIT + #include + #endif +@@ -93,6 +94,19 @@ -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.6/restorecond/restorecond.c + extern char **environ; + ++static int check_isapty(int fd) { ++ struct stat buf; ++ if ((isatty(fd)) && (fstat(fd, &buf) == 0)) { ++ int dev=major(buf.st_rdev); ++ if (dev > 135 && dev < 144) { ++ return 1; ++ } else { ++ return 0; ++ } ++ } ++ return 0; ++} ++ + /** + * Construct from the current range and specified desired level a resulting + * range. If the specified level is a range, return that. If it is not, then +@@ -733,6 +747,7 @@ + security_context_t *new_context, + int *preserve_environment) + { ++ int i; /* index for open file descriptors */ + int flag_index; /* flag index in argv[] */ + int clflag; /* holds codes for command line flags */ + char *role_s = NULL; /* role spec'd by user in argv[] */ +@@ -793,6 +808,13 @@ + "specified\n")); + return -1; + } ++ for (i=0; i < 3; i++) { ++ if (check_isapty(i)) { ++ fprintf(stderr, "Error: you are not allowed to change levels on pseudo terminals\n"); ++ return -1; ++ } ++ } ++ + level_s = optarg; + break; + default: +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.7/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2006-11-16 17:14:28.000000000 -0500 -+++ policycoreutils-1.33.6/restorecond/restorecond.c 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/restorecond/restorecond.c 2007-01-04 16:24:30.000000000 -0500 @@ -210,9 +210,10 @@ } @@ -4919,43 +4932,31 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. } free(scontext); close(fd); -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.6/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.7/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500 -+++ policycoreutils-1.33.6/restorecond/restorecond.conf 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/restorecond/restorecond.conf 2007-01-04 16:24:30.000000000 -0500 @@ -1,4 +1,5 @@ /etc/resolv.conf +/etc/localtime /etc/samba/secrets.tdb /etc/mtab /var/run/utmp -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.6/scripts/fixfiles +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.7/scripts/fixfiles --- nsapolicycoreutils/scripts/fixfiles 2006-11-16 17:14:27.000000000 -0500 -+++ policycoreutils-1.33.6/scripts/fixfiles 2007-01-02 10:51:58.000000000 -0500 ++++ policycoreutils-1.33.7/scripts/fixfiles 2007-01-04 16:24:30.000000000 -0500 @@ -29,6 +29,9 @@ RPMILES="" OUTFILES="" LOGFILE=`tty` -+if [ $1 != 0 ]; then ++if [ $? != 0 ]; then + LOGFILE="/dev/null" +fi SYSLOGFLAG="-l" LOGGER=/usr/sbin/logger SETFILES=/sbin/setfiles -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/Makefile policycoreutils-1.33.6/semanage/Makefile ---- nsapolicycoreutils/semanage/Makefile 2006-11-16 17:14:26.000000000 -0500 -+++ policycoreutils-1.33.6/semanage/Makefile 2006-12-20 14:59:04.000000000 -0500 -@@ -3,7 +3,7 @@ - LIBDIR ?= $(PREFIX)/lib - SBINDIR ?= $(PREFIX)/sbin - MANDIR = $(PREFIX)/share/man --PYLIBVER ?= python2.4 -+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') - PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER) - - TARGETS=semanage -diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.6/semanage/seobject.py +diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.7/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2006-11-16 17:14:26.000000000 -0500 -+++ policycoreutils-1.33.6/semanage/seobject.py 2006-12-20 14:59:04.000000000 -0500 ++++ policycoreutils-1.33.7/semanage/seobject.py 2007-01-04 16:24:30.000000000 -0500 @@ -94,23 +94,25 @@ return re.search("^" + reg +"$",raw) @@ -5015,7 +5016,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. class semanageRecords: def __init__(self): self.sh = semanage_handle_create() -@@ -456,7 +460,8 @@ +@@ -456,7 +459,8 @@ rc = semanage_user_set_mlslevel(self.sh, u, selevel) if rc < 0: raise ValueError(_("Could not set MLS level for %s") % name) @@ -5025,7 +5026,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*. rc = semanage_user_set_prefix(self.sh, u, prefix) if rc < 0: raise ValueError(_("Could not add prefix %s for %s") % (r, prefix)) -@@ -522,11 +527,17 @@ +@@ -522,11 +526,17 @@ semanage_user_set_mlslevel(self.sh, u, untranslate(selevel)) if prefix != "": diff --git a/policycoreutils.spec b/policycoreutils.spec index da779d8..46fbbd0 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -4,7 +4,7 @@ %define libselinuxver 1.30.29-2 Summary: SELinux policy core utilities. Name: policycoreutils -Version: 1.33.7 +Version: 1.33.8 Release: 1{?dist} License: GPL Group: System Environment/Base @@ -165,9 +165,16 @@ fi %post /sbin/chkconfig --add restorecond -[ -x /sbin/service ] && /sbin/service restorecond condrestart +[ -x /sbin/service ] && /sbin/service restorecond condrestart > /dev/null %changelog +* Thu Jan 4 2007 Dan Walsh 1.33.8-1 +- Update to upstream + * Merged patches from Dan Walsh to: + - omit the optional name from audit2allow + - use the installed python version in the Makefiles + - re-open the tty with O_RDWR in newrole + * Wed Jan 3 2007 Dan Walsh 1.33.7-1 - Update to upstream * Patch from Dan Walsh to correctly suppress warnings in load_policy. diff --git a/sources b/sources index 6a0cc15..0bbea7d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -aacdcf4aa375bdea88cc1530517f95bb policycoreutils-1.33.7.tgz +c4c3ebbaf1c11e122441da38fd11478c policycoreutils-1.33.8.tgz