rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Thu Jan 4 2007 Dan Walsh <dwalsh@redhat.com> 1.33.8-1

Browse Source 
- Update to upstream
	* Merged patches from Dan Walsh to:
	  - omit the optional name from audit2allow
	  - use the installed python version in the Makefiles
	  - re-open the tty with O_RDWR in newrole
This commit is contained in:
Daniel J Walsh 2007-01-04 22:11:35 +00:00
parent 06aa46e29d
commit 79387e42a7
4 changed files with 104 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -121,3 +121,4 @@ policycoreutils-1.33.4.tgz
policycoreutils-1.33.5.tgz policycoreutils-1.33.5.tgz
policycoreutils-1.33.6.tgz policycoreutils-1.33.6.tgz
policycoreutils-1.33.7.tgz policycoreutils-1.33.7.tgz
policycoreutils-1.33.8.tgz

185
policycoreutils-rhat.patch
View File

@ -1,30 +1,6 @@
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.33.6/audit2allow/avc.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.7/gui/booleansPage.py
--- nsapolicycoreutils/audit2allow/avc.py 2006-11-16 17:14:29.000000000 -0500
+++ policycoreutils-1.33.6/audit2allow/avc.py 2006-12-20 14:59:04.000000000 -0500
@@ -231,7 +231,7 @@
else:
file = m[0][1]
ret = "\n#%s\n"% self.out()
- ret += "optional_policy(`%s', `\n" % m[0][1]
+ ret += "optional_policy(`\n"
first = True
for i in m:
if file != i[1]:
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-1.33.6/audit2allow/Makefile
--- nsapolicycoreutils/audit2allow/Makefile 2006-11-16 17:14:29.000000000 -0500
+++ policycoreutils-1.33.6/audit2allow/Makefile 2006-12-20 14:59:04.000000000 -0500
@@ -4,7 +4,7 @@
LIBDIR ?= $(PREFIX)/lib
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
-PYLIBVER ?= python2.4
+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
TARGETS=audit2allow
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.6/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/booleansPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/booleansPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,199 @@ @@ -0,0 +1,199 @@
+# +#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -225,9 +201,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ +
+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val) + setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
+ commands.getstatusoutput(setsebool) + commands.getstatusoutput(setsebool)
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.6/gui/fcontextPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.7/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/fcontextPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/fcontextPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,158 @@ @@ -0,0 +1,158 @@
+## fcontextPage.py - show selinux mappings +## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -387,9 +363,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ self.store.set_value(iter, 0, fspec) + self.store.set_value(iter, 0, fspec)
+ self.store.set_value(iter, 2, ftype) + self.store.set_value(iter, 2, ftype)
+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) + self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.6/gui/loginsPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.7/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/loginsPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/loginsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,161 @@ @@ -0,0 +1,161 @@
+## loginsPage.py - show selinux mappings +## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -552,9 +528,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange)) + self.store.set_value(iter, 2, seobject.translate(serange))
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.6/gui/Makefile diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.7/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/Makefile 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/Makefile 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,30 @@ @@ -0,0 +1,30 @@
+# Installation directories. +# Installation directories.
+PREFIX ?= ${DESTDIR}/usr +PREFIX ?= ${DESTDIR}/usr
@ -586,9 +562,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+indent: +indent:
+ +
+relabel: +relabel:
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.6/gui/mappingsPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.7/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/mappingsPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/mappingsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
+## mappingsPage.py - show selinux mappings +## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -644,9 +620,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ for k in keys: + for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.6/gui/modulesPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.7/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/modulesPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/modulesPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,161 @@ @@ -0,0 +1,161 @@
+## modulesPage.py - show selinux mappings +## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -809,9 +785,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ +
+ +
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.6/gui/portsPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.7/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/portsPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/portsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,214 @@ @@ -0,0 +1,214 @@
+## portsPage.py - show selinux mappings +## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -1027,9 +1003,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ self.store.set_value(iter, MLS_COL, mls) + self.store.set_value(iter, MLS_COL, mls)
+ +
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.6/gui/selinux.tbl diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.7/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/selinux.tbl 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/selinux.tbl 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,265 @@ @@ -0,0 +1,265 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow") +allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
@ -1296,9 +1272,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon") +ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon") +ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon") +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.6/gui/semanagePage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.7/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/semanagePage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/semanagePage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,109 @@ @@ -0,0 +1,109 @@
+## semanagePage.py - show selinux mappings +## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -1409,9 +1385,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ self.dialog.hide() + self.dialog.hide()
+ +
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.6/gui/statusPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.7/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/statusPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/statusPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,213 @@ @@ -0,0 +1,213 @@
+## statusPage.py - show selinux status +## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -1626,9 +1602,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ return self.types[self.selinuxTypeOptionMenu.get_active()] + return self.types[self.selinuxTypeOptionMenu.get_active()]
+ +
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.6/gui/system-config-selinux.glade diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.7/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/system-config-selinux.glade 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/system-config-selinux.glade 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,2803 @@ @@ -0,0 +1,2803 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -4433,9 +4409,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.6/gui/system-config-selinux.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.7/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/system-config-selinux.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/system-config-selinux.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,156 @@ @@ -0,0 +1,156 @@
+#!/usr/bin/python +#!/usr/bin/python
+# +#
@ -4593,9 +4569,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ +
+ app = childWindow() + app = childWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.6/gui/translationsPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.7/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/translationsPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/translationsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,109 @@ @@ -0,0 +1,109 @@
+## translationsPage.py - show selinux translations +## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -4706,9 +4682,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ store, iter = self.view.get_selection().get_selected() + store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level) + self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation) + self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.6/gui/usersPage.py diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.7/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.6/gui/usersPage.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/gui/usersPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,155 @@ @@ -0,0 +1,155 @@
+## usersPage.py - show selinux mappings +## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -4865,34 +4841,71 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
+ except ValueError, e: + except ValueError, e:
+ self.error(e.args[0]) + self.error(e.args[0])
+ +
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.6/Makefile diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.7/Makefile
--- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500 --- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500
+++ policycoreutils-1.33.6/Makefile 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/Makefile 2007-01-04 16:24:30.000000000 -0500
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
all install relabel clean indent: all install relabel clean indent:
@for subdir in $(SUBDIRS); do \ @for subdir in $(SUBDIRS); do \
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.6/newrole/newrole.c diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.7/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c 2006-11-29 17:11:18.000000000 -0500 --- nsapolicycoreutils/newrole/newrole.c 2007-01-04 17:01:41.000000000 -0500
+++ policycoreutils-1.33.6/newrole/newrole.c 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/newrole/newrole.c 2007-01-04 16:24:47.000000000 -0500
@@ -1120,10 +1120,10 @@ @@ -67,6 +67,7 @@
fd = open(ttyn, O_RDONLY); #include <selinux/get_context_list.h> /* for SELINUX_DEFAULTUSER */
if (fd != 0) #include <signal.h>
goto err_close_pam; #include <unistd.h> /* for getuid(), exit(), getopt() */
- fd = open(ttyn, O_WRONLY); +#include <sys/stat.h>
+ fd = open(ttyn, O_RDWR); #ifdef USE_AUDIT
if (fd != 1) #include <libaudit.h>
goto err_close_pam; #endif
- fd = open(ttyn, O_WRONLY); @@ -93,6 +94,19 @@
+ fd = open(ttyn, O_RDWR);
if (fd != 2)
goto err_close_pam;
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.6/restorecond/restorecond.c extern char **environ;
+static int check_isapty(int fd) {
+ struct stat buf;
+ if ((isatty(fd)) && (fstat(fd, &buf) == 0)) {
+ int dev=major(buf.st_rdev);
+ if (dev > 135 && dev < 144) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
+ return 0;
+}
+
/**
* Construct from the current range and specified desired level a resulting
* range. If the specified level is a range, return that. If it is not, then
@@ -733,6 +747,7 @@
security_context_t *new_context,
int *preserve_environment)
{
+ int i; /* index for open file descriptors */
int flag_index; /* flag index in argv[] */
int clflag; /* holds codes for command line flags */
char *role_s = NULL; /* role spec'd by user in argv[] */
@@ -793,6 +808,13 @@
"specified\n"));
return -1;
}
+ for (i=0; i < 3; i++) {
+ if (check_isapty(i)) {
+ fprintf(stderr, "Error: you are not allowed to change levels on pseudo terminals\n");
+ return -1;
+ }
+ }
+
level_s = optarg;
break;
default:
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.7/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2006-11-16 17:14:28.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond.c 2006-11-16 17:14:28.000000000 -0500
+++ policycoreutils-1.33.6/restorecond/restorecond.c 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/restorecond/restorecond.c 2007-01-04 16:24:30.000000000 -0500
@@ -210,9 +210,10 @@ @@ -210,9 +210,10 @@
} }
@ -4919,43 +4932,31 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
} }
free(scontext); free(scontext);
close(fd); close(fd);
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.6/restorecond/restorecond.conf diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.7/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500
+++ policycoreutils-1.33.6/restorecond/restorecond.conf 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/restorecond/restorecond.conf 2007-01-04 16:24:30.000000000 -0500
@@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
/etc/resolv.conf /etc/resolv.conf
+/etc/localtime +/etc/localtime
/etc/samba/secrets.tdb /etc/samba/secrets.tdb
/etc/mtab /etc/mtab
/var/run/utmp /var/run/utmp
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.6/scripts/fixfiles diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.7/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2006-11-16 17:14:27.000000000 -0500 --- nsapolicycoreutils/scripts/fixfiles 2006-11-16 17:14:27.000000000 -0500
+++ policycoreutils-1.33.6/scripts/fixfiles 2007-01-02 10:51:58.000000000 -0500 +++ policycoreutils-1.33.7/scripts/fixfiles 2007-01-04 16:24:30.000000000 -0500
@@ -29,6 +29,9 @@ @@ -29,6 +29,9 @@
RPMILES="" RPMILES=""
OUTFILES="" OUTFILES=""
LOGFILE=`tty` LOGFILE=`tty`
+if [ $1 != 0 ]; then +if [ $? != 0 ]; then
+ LOGFILE="/dev/null" + LOGFILE="/dev/null"
+fi +fi
SYSLOGFLAG="-l" SYSLOGFLAG="-l"
LOGGER=/usr/sbin/logger LOGGER=/usr/sbin/logger
SETFILES=/sbin/setfiles SETFILES=/sbin/setfiles
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/Makefile policycoreutils-1.33.6/semanage/Makefile diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.7/semanage/seobject.py
--- nsapolicycoreutils/semanage/Makefile 2006-11-16 17:14:26.000000000 -0500
+++ policycoreutils-1.33.6/semanage/Makefile 2006-12-20 14:59:04.000000000 -0500
@@ -3,7 +3,7 @@
LIBDIR ?= $(PREFIX)/lib
SBINDIR ?= $(PREFIX)/sbin
MANDIR = $(PREFIX)/share/man
-PYLIBVER ?= python2.4
+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
TARGETS=semanage
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.6/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2006-11-16 17:14:26.000000000 -0500 --- nsapolicycoreutils/semanage/seobject.py 2006-11-16 17:14:26.000000000 -0500
+++ policycoreutils-1.33.6/semanage/seobject.py 2006-12-20 14:59:04.000000000 -0500 +++ policycoreutils-1.33.7/semanage/seobject.py 2007-01-04 16:24:30.000000000 -0500
@@ -94,23 +94,25 @@ @@ -94,23 +94,25 @@
return re.search("^" + reg +"$",raw) return re.search("^" + reg +"$",raw)
@ -5015,7 +5016,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
class semanageRecords: class semanageRecords:
def __init__(self): def __init__(self):
self.sh = semanage_handle_create() self.sh = semanage_handle_create()
@@ -456,7 +460,8 @@ @@ -456,7 +459,8 @@
rc = semanage_user_set_mlslevel(self.sh, u, selevel) rc = semanage_user_set_mlslevel(self.sh, u, selevel)
if rc < 0: if rc < 0:
raise ValueError(_("Could not set MLS level for %s") % name) raise ValueError(_("Could not set MLS level for %s") % name)
@ -5025,7 +5026,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
rc = semanage_user_set_prefix(self.sh, u, prefix) rc = semanage_user_set_prefix(self.sh, u, prefix)
if rc < 0: if rc < 0:
raise ValueError(_("Could not add prefix %s for %s") % (r, prefix)) raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
@@ -522,11 +527,17 @@ @@ -522,11 +526,17 @@
semanage_user_set_mlslevel(self.sh, u, untranslate(selevel)) semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
if prefix != "": if prefix != "":

11
policycoreutils.spec
View File

@ -4,7 +4,7 @@
%define libselinuxver 1.30.29-2 %define libselinuxver 1.30.29-2
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.33.7 Version: 1.33.8
Release: 1{?dist} Release: 1{?dist}
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
@ -165,9 +165,16 @@ fi
%post %post
/sbin/chkconfig --add restorecond /sbin/chkconfig --add restorecond
[ -x /sbin/service ] && /sbin/service restorecond condrestart [ -x /sbin/service ] && /sbin/service restorecond condrestart > /dev/null
%changelog %changelog
* Thu Jan 4 2007 Dan Walsh <dwalsh@redhat.com> 1.33.8-1
- Update to upstream
* Merged patches from Dan Walsh to:
- omit the optional name from audit2allow
- use the installed python version in the Makefiles
- re-open the tty with O_RDWR in newrole
* Wed Jan 3 2007 Dan Walsh <dwalsh@redhat.com> 1.33.7-1 * Wed Jan 3 2007 Dan Walsh <dwalsh@redhat.com> 1.33.7-1
- Update to upstream - Update to upstream
* Patch from Dan Walsh to correctly suppress warnings in load_policy. * Patch from Dan Walsh to correctly suppress warnings in load_policy.

2
sources
View File

@ -1 +1 @@
aacdcf4aa375bdea88cc1530517f95bb policycoreutils-1.33.7.tgz c4c3ebbaf1c11e122441da38fd11478c policycoreutils-1.33.8.tgz