From 9057b25d2b6ece1668c3d53b78490a7b60eb242a Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Thu, 14 Feb 2013 08:28:08 -0500 Subject: [PATCH] Revert some changes which are causing the wrong policy version file to be created - Switch sandbox to start using openbox rather then matchpbox - Make sepolgen a symlink to sepolicy - update translations --- policycoreutils-rhat.patch | 497 ++++++++++++++++++++++++++++++++++--- policycoreutils.spec | 11 +- 2 files changed, 471 insertions(+), 37 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index dc789e8..2ce6e79 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -9,14 +9,23 @@ index 3980799..6624804 100644 INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --git a/policycoreutils/audit2allow/Makefile b/policycoreutils/audit2allow/Makefile -index 88635d4..41d37b0 100644 +index 88635d4..fc290ea 100644 --- a/policycoreutils/audit2allow/Makefile +++ b/policycoreutils/audit2allow/Makefile -@@ -10,9 +10,11 @@ all: ; +@@ -5,14 +5,19 @@ LIBDIR ?= $(PREFIX)/lib + MANDIR ?= $(PREFIX)/share/man + LOCALEDIR ?= /usr/share/locale + +-all: ; ++all: audit2why ++ ++audit2why: ++ ln -sf audit2allow audit2why + install: all -mkdir -p $(BINDIR) install -m 755 audit2allow $(BINDIR) -+ (cd $(BINDIR); ln audit2allow audit2why) ++ (cd $(BINDIR); ln -sf audit2allow audit2why) install -m 755 sepolgen-ifgen $(BINDIR) -mkdir -p $(MANDIR)/man1 install -m 644 audit2allow.1 $(MANDIR)/man1/ @@ -63,32 +72,6 @@ index 0000000..a9e8893 +++ b/policycoreutils/audit2allow/audit2why.1 @@ -0,0 +1 @@ +.so man1/audit2allow.1 -diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen -index ef4bec3..9b313ec 100644 ---- a/policycoreutils/audit2allow/sepolgen-ifgen -+++ b/policycoreutils/audit2allow/sepolgen-ifgen -@@ -61,20 +61,10 @@ def parse_options(): - - return options - --def get_policy(): -- i = selinux.security_policyvers() -- p = selinux.selinux_binary_policy_path() + "." + str(i) -- while i > 0 and not os.path.exists(p): -- i = i - 1 -- p = selinux.selinux_binary_policy_path() + "." + str(i) -- if i > 0: -- return p -- return None -- - def get_attrs(policy_path): - try: - if not policy_path: -- policy_path = get_policy() -+ policy_path = selinux.selinux_current_policy_path() - if not policy_path: - sys.stderr.write("No installed policy to check\n") - return None diff --git a/policycoreutils/audit2why/Makefile b/policycoreutils/audit2why/Makefile deleted file mode 100644 index 63eb8b3..0000000 @@ -129,7 +112,7 @@ index a9e8893..0000000 @@ -1 +0,0 @@ -.so man1/audit2allow.1 diff --git a/policycoreutils/gui/Makefile b/policycoreutils/gui/Makefile -index b5abbb9..1148b36 100644 +index b5abbb9..7218c3e 100644 --- a/policycoreutils/gui/Makefile +++ b/policycoreutils/gui/Makefile @@ -1,7 +1,10 @@ @@ -151,7 +134,7 @@ index b5abbb9..1148b36 100644 usersPage.py all: $(TARGETS) system-config-selinux.py polgengui.py -@@ -23,10 +27,21 @@ all: $(TARGETS) system-config-selinux.py polgengui.py +@@ -23,10 +27,20 @@ all: $(TARGETS) system-config-selinux.py polgengui.py install: all -mkdir -p $(SHAREDIR) -mkdir -p $(BINDIR) @@ -162,7 +145,7 @@ index b5abbb9..1148b36 100644 + -mkdir -p $(SYSCONFDIR)/security/console.apps/system-config-selinux install -m 755 system-config-selinux.py $(SHAREDIR) install -m 755 polgengui.py $(SHAREDIR) - install -m 755 sepolgen $(BINDIR) +- install -m 755 sepolgen $(BINDIR) install -m 644 $(TARGETS) $(SHAREDIR) + install -m 644 system-config-selinux.png $(DATADIR)/pixmaps + install -m 644 system-config-selinux.png $(DATADIR)/icons/hicolor/24x24/apps @@ -246,6 +229,14 @@ index 0000000..0c2f399 +Categories=System;Security; +X-Desktop-File-Install-Version=0.2 +Keywords=policy;security;selinux;avc;permission;mac; +diff --git a/policycoreutils/gui/sepolgen b/policycoreutils/gui/sepolgen +deleted file mode 100644 +index 2f0c1cc..0000000 +--- a/policycoreutils/gui/sepolgen ++++ /dev/null +@@ -1,2 +0,0 @@ +-#!/bin/sh +-sepolicy generate $* diff --git a/policycoreutils/gui/system-config-selinux.console b/policycoreutils/gui/system-config-selinux.console new file mode 100644 index 0000000..42b48a3 @@ -442,6 +433,309 @@ index a377996..9c1486e 100644 refresh-po: Makefile for cat in $(POFILES); do \ +diff --git a/policycoreutils/po/ja.po b/policycoreutils/po/ja.po +index 72ae12d..649d288 100644 +--- a/policycoreutils/po/ja.po ++++ b/policycoreutils/po/ja.po +@@ -9,14 +9,14 @@ + # , 2012. + # Noriko Mizumoto , 2006, 2008, 2009. + # Takuro Nagamoto , 2006. +-# Tomoyuki KATO , 2012. ++# Tomoyuki KATO , 2012-2013. + msgid "" + msgstr "" + "Project-Id-Version: Policycoreutils\n" + "Report-Msgid-Bugs-To: \n" + "POT-Creation-Date: 2013-01-04 12:01-0500\n" +-"PO-Revision-Date: 2013-01-04 17:02+0000\n" +-"Last-Translator: dwalsh \n" ++"PO-Revision-Date: 2013-02-14 03:32+0000\n" ++"Last-Translator: Tomoyuki KATO \n" + "Language-Team: Japanese \n" + "MIME-Version: 1.0\n" + "Content-Type: text/plain; charset=UTF-8\n" +@@ -292,7 +292,7 @@ msgstr "MLS/MCS 範囲" + + #: ../semanage/seobject.py:672 + msgid "Service" +-msgstr "" ++msgstr "サービス" + + #: ../semanage/seobject.py:698 ../semanage/seobject.py:729 + #: ../semanage/seobject.py:796 ../semanage/seobject.py:853 +@@ -429,7 +429,7 @@ msgstr "タイプが必要です" + #: ../semanage/seobject.py:1814 + #, python-format + msgid "Type %s is invalid, must be a port type" +-msgstr "" ++msgstr "形式 %s が無効です、ポート形式である必要があります" + + #: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 + #: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 +@@ -551,12 +551,12 @@ msgstr "不明又は欠如したプロトコル" + + #: ../semanage/seobject.py:1256 + msgid "SELinux node type is required" +-msgstr "" ++msgstr "SELinux ノード形式が必要です" + + #: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 + #, python-format + msgid "Type %s is invalid, must be a node type" +-msgstr "" ++msgstr "形式 %s が無効です、ノード形式である必要があります" + + #: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331 + #: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 +@@ -790,7 +790,7 @@ msgstr "ファイル仕様 %s は、等価規則 '%s %s' と競合します; 代 + #: ../semanage/seobject.py:1755 + #, python-format + msgid "Type %s is invalid, must be a file or device type" +-msgstr "" ++msgstr "形式 %s が無効です、ファイルまたはデバイス形式である必要があります" + + #: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 + #: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 +@@ -2178,11 +2178,11 @@ msgstr "生成された SELinux の man ページの格納先となるパス" + + #: ../sepolicy/sepolicy.py:207 + msgid "name of the OS for man pages" +-msgstr "" ++msgstr "マニュアルページ向け OS 名称" + + #: ../sepolicy/sepolicy.py:209 + msgid "Generate HTML man pages structure for selected SELinux man page" +-msgstr "" ++msgstr "選択された SELinux マニュアルページ向けの HTML マニュアルページの構成を生成する" + + #: ../sepolicy/sepolicy.py:213 + msgid "All domains" +@@ -2230,7 +2230,7 @@ msgstr "SELinux に問い合わせて boolean の詳細を表示する" + + #: ../sepolicy/sepolicy.py:280 + msgid "get all booleans descriptions" +-msgstr "" ++msgstr "すべてのブーリアンの説明を取得する" + + #: ../sepolicy/sepolicy.py:282 + msgid "boolean to get description" +@@ -2252,11 +2252,11 @@ msgstr "ターゲットプロセスドメイン" + + #: ../sepolicy/sepolicy.py:327 + msgid "Command required for this type of policy" +-msgstr "" ++msgstr "この種類のポリシーに対して要求されるコマンド" + + #: ../sepolicy/sepolicy.py:347 + msgid "List SELinux Policy interfaces" +-msgstr "" ++msgstr "SELinux ポリシー・インターフェースの一覧表示" + + #: ../sepolicy/sepolicy.py:362 + msgid "Generate SELinux Policy module template" +@@ -2294,7 +2294,7 @@ msgstr "制限を課す実行ファイル" + #: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 + #, python-format + msgid "Generate Policy for %s" +-msgstr "" ++msgstr "%s 向けのポリシーの生成" + + #: ../sepolicy/sepolicy.py:422 + msgid "commands" +@@ -2306,12 +2306,12 @@ msgstr "" + + #: ../sepolicy/sepolicy/__init__.py:48 + msgid "No SELinux Policy installed" +-msgstr "" ++msgstr "インストールされている SELinux ポリシーがありません" + + #: ../sepolicy/sepolicy/__init__.py:54 + #, python-format + msgid "Failed to read %s policy file" +-msgstr "" ++msgstr "%s ポリシーファイルの読み込みに失敗しました" + + #: ../sepolicy/sepolicy/__init__.py:127 + msgid "unknown" +@@ -2335,15 +2335,15 @@ msgstr "" + + #: ../sepolicy/sepolicy/generate.py:180 + msgid "Desktop Login User Role" +-msgstr "" ++msgstr "デスクトップログインユーザーロール" + + #: ../sepolicy/sepolicy/generate.py:181 + msgid "Administrator Login User Role" +-msgstr "" ++msgstr "管理者のログインユーザーロール" + + #: ../sepolicy/sepolicy/generate.py:182 + msgid "Confined Root Administrator Role" +-msgstr "" ++msgstr "制限された root 管理者ロール" + + #: ../sepolicy/sepolicy/generate.py:187 + msgid "Valid Types:\n" +@@ -2356,7 +2356,7 @@ msgstr "ポートは数字、又は 1 から %d までの数字の範囲でな + + #: ../sepolicy/sepolicy/generate.py:231 + msgid "You must enter a valid policy type" +-msgstr "" ++msgstr "有効なポリシー種別を入力する必要があります" + + #: ../sepolicy/sepolicy/generate.py:234 + #, python-format +@@ -2460,11 +2460,11 @@ msgstr "ユーザーが RADIUS サーバーを使用してログインするこ + + #: booleans.py:8 + msgid "Allow users to login using a yubikey server" +-msgstr "" ++msgstr "ユーザーが yubikey サーバーを使用してログインすることを許可する" + + #: booleans.py:9 + msgid "Allow awstats to purge Apache logs" +-msgstr "" ++msgstr "awstats が Apache のログを消去することを許可する" + + #: booleans.py:10 + msgid "" +@@ -2532,11 +2532,11 @@ msgstr "すべてのデーモンが端末を読み書きすることを許可し + + #: booleans.py:25 + msgid "Allow dan to manage user files" +-msgstr "" ++msgstr "dan がユーザーファイルを管理することを許可する" + + #: booleans.py:26 + msgid "Allow dan to read user files" +-msgstr "" ++msgstr "dan がユーザーファイルを読み取ることを許可する" + + #: booleans.py:27 + msgid "Allow dbadm to manage files in users home directories" +@@ -2603,7 +2603,7 @@ msgstr "隔離ドメインによる ssh の実行を許可します。" + + #: booleans.py:42 + msgid "Allow all domains to execute in fips_mode" +-msgstr "" ++msgstr "すべてのドメインが fips_mode で実行することを許可する" + + #: booleans.py:43 + msgid "Allow ftp to read and write files in the user home directories" +@@ -2872,7 +2872,7 @@ msgstr "あらゆるポートへの接続および予約されていないポー + + #: booleans.py:103 + msgid "Allow confined applications to run with kerberos." +-msgstr "" ++msgstr "制限されたアプリケーションが Kerberos とともに動作することを許可する" + + #: booleans.py:104 + msgid "Allow syslogd daemon to send mail" +@@ -2880,11 +2880,11 @@ msgstr "syslogd デーモンがメールを送信することを許可します + + #: booleans.py:105 + msgid "Allow syslogd the ability to read/write terminals" +-msgstr "" ++msgstr "syslogd が端末を読み書きすることを許可する" + + #: booleans.py:106 + msgid "Allow logging in and using the system from /dev/console." +-msgstr "" ++msgstr "/dev/console からログインしてシステムを使用することを許可する" + + #: booleans.py:107 + msgid "" +@@ -2947,7 +2947,7 @@ msgstr "" + + #: booleans.py:120 + msgid "Allow system to run with NIS" +-msgstr "" ++msgstr "システムが NIS を使用することを許可する" + + #: booleans.py:121 + msgid "Allow confined applications to use nscd shared memory." +@@ -3361,7 +3361,7 @@ msgstr "" + + #: booleans.py:211 + msgid "Allow varnishd to connect to all ports, not just HTTP." +-msgstr "" ++msgstr "varnishd が HTTP 以外のすべてのポートに接続することを許可する" + + #: booleans.py:212 + msgid "Ignore vbetool mmap_zero errors." +@@ -3370,20 +3370,20 @@ msgstr "vbetool mmap_zero エラーを無視します。" + #: booleans.py:213 + msgid "" + "Allow confined virtual guests to use serial/parallel communication ports" +-msgstr "" ++msgstr "制限された仮想マシンがシリアル/パラレル通信ポートを使用することを許可する" + + #: booleans.py:214 + msgid "" + "Allow confined virtual guests to use executable memory and executable stack" +-msgstr "" ++msgstr "制限された仮想マシンが実行可能なメモリおよび実行可能なスタックを使用することを許可する" + + #: booleans.py:215 + msgid "Allow confined virtual guests to read fuse files" +-msgstr "" ++msgstr "制限された仮想マシンが FUSE ファイルを読み込むことを許可する" + + #: booleans.py:216 + msgid "Allow confined virtual guests to manage nfs files" +-msgstr "" ++msgstr "制限された仮想マシンが NFS ファイルを管理することを許可する" + + #: booleans.py:217 + msgid "Allow confined virtual guests to interact with rawip sockets" +@@ -3391,15 +3391,15 @@ msgstr "" + + #: booleans.py:218 + msgid "Allow confined virtual guests to manage cifs files" +-msgstr "" ++msgstr "制限された仮想マシンが CIFS ファイルを管理することを許可する" + + #: booleans.py:219 + msgid "Allow confined virtual guests to interact with the sanlock" +-msgstr "" ++msgstr "制限された仮想マシンが sanlock と通信することを許可する" + + #: booleans.py:220 + msgid "Allow confined virtual guests to manage device configuration, (pci)" +-msgstr "" ++msgstr "制限された仮想マシンがデバイス設定 (pci) を管理することを許可する" + + #: booleans.py:221 + msgid "Allow confined virtual guests to use usb devices" +@@ -3438,11 +3438,11 @@ msgstr "Xen が NFS ファイルを管理することを許可する" + msgid "" + "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " + "logical volumes for disk images." +-msgstr "" ++msgstr "xend が blktapctrl/tapdisk を実行することを許可する。ディスクイメージ用の専用論理ボリュームを使用していなければ、必要ありません。" + + #: booleans.py:230 + msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." +-msgstr "" ++msgstr "xend が qemu-dm を実行することを許可する。準仮想化を使用していて、vfb がなければ、必要ありません。" + + #: booleans.py:231 + msgid "" +@@ -3455,11 +3455,11 @@ msgstr "" + + #: booleans.py:233 + msgid "Allow xguest users to mount removable media" +-msgstr "" ++msgstr "xguest ユーザーがリムーバブルメディアをマウントすることを許可する" + + #: booleans.py:234 + msgid "Allow xguest to use blue tooth devices" +-msgstr "" ++msgstr "xguest が Bluetooth デバイスを使用することを許可する" + + #: booleans.py:235 + msgid "Allows clients to write to the X server shared memory segments." diff --git a/policycoreutils/restorecond/Makefile b/policycoreutils/restorecond/Makefile index 3074542..3b704d8 100644 --- a/policycoreutils/restorecond/Makefile @@ -537,6 +831,66 @@ index 00a646f..2c28676 100644 g_main_loop_unref (loop); return 0; } +diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox +index b629006..6631c2d 100644 +--- a/policycoreutils/sandbox/sandbox ++++ b/policycoreutils/sandbox/sandbox +@@ -243,7 +243,7 @@ class Sandbox: + copyfile(f, "/tmp", self.__tmpdir) + copyfile(f, "/var/tmp", self.__tmpdir) + +- def __setup_sandboxrc(self, wm = "/usr/bin/matchbox-window-manager -use_titlebar no"): ++ def __setup_sandboxrc(self, wm = "/usr/bin/openbox"): + execfile =self.__homedir + "/.sandboxrc" + fd = open(execfile, "w+") + if self.__options.session: +@@ -333,7 +333,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile + + parser.add_option("-W", "--windowmanager", dest="wm", + type="string", +- default="/usr/bin/matchbox-window-manager -use_titlebar no", ++ default="/usr/bin/openbox", + help=_("alternate window manager")) + + parser.add_option("-l", "--level", dest="level", +diff --git a/policycoreutils/sandbox/sandbox.8 b/policycoreutils/sandbox/sandbox.8 +index 521afcd..a50eef2 100644 +--- a/policycoreutils/sandbox/sandbox.8 ++++ b/policycoreutils/sandbox/sandbox.8 +@@ -70,7 +70,7 @@ Specifies the windowsize when creating an X based Sandbox. The default windowsiz + \fB\-W windowmanager\fR + Select alternative window manager to run within + .B sandbox -X. +-Default to /usr/bin/matchbox-window-manager. ++Default to /usr/bin/openbox. + .TP + \fB\-X\fR + Create an X based Sandbox for gui apps, temporary files for +diff --git a/policycoreutils/sandbox/sandboxX.sh b/policycoreutils/sandbox/sandboxX.sh +index 23de6f6..171bb05 100644 +--- a/policycoreutils/sandbox/sandboxX.sh ++++ b/policycoreutils/sandbox/sandboxX.sh +@@ -6,6 +6,20 @@ export TITLE="Sandbox $context -- `grep ^#TITLE: ~/.sandboxrc | /usr/bin/cut -b8 + [ -z $2 ] && export DPI="96" || export DPI="$2" + trap "exit 0" HUP + ++mkdir -p ~/.config/openbox ++cat > ~/.config/openbox/rc.xml << EOF ++ ++ ++ ++ no ++ all ++ yes ++ ++ ++ ++EOF ++ + (/usr/bin/Xephyr -title "$TITLE" -terminate -screen $SCREENSIZE -dpi $DPI -nolisten tcp -displayfd 5 5>&1 2>/dev/null) | while read D; do + export DISPLAY=:$D + cat > ~/seremote << __EOF diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c index dbd5977..f10df39 100644 --- a/policycoreutils/sandbox/seunshare.c @@ -845,14 +1199,29 @@ index 85bc37f..02b1acd 100644 (rc, fcontext) = semanage_fcontext_create(self.sh) if rc < 0: diff --git a/policycoreutils/semodule/Makefile b/policycoreutils/semodule/Makefile -index 4c5243a..9d7567b 100644 +index 4c5243a..036c418 100644 --- a/policycoreutils/semodule/Makefile +++ b/policycoreutils/semodule/Makefile -@@ -22,8 +22,10 @@ semodule: $(SEMODULE_OBJS) +@@ -11,7 +11,7 @@ LDLIBS = -lsepol -lselinux -lsemanage -L$(LIBDIR) + SEMODULE_OBJS = semodule.o + + .PHONY: all semodule_path +-all: semodule semodule_path ++all: semodule semodule_path genhomedircon + + semodule_path: + @echo -n $(SBINDIR) > ../scripts/semodule_path +@@ -19,11 +19,16 @@ semodule_path: + semodule: $(SEMODULE_OBJS) + $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS) + ++genhomedircon: ++ ln -sf semodule genhomedircon ++ install: all -mkdir -p $(SBINDIR) install -m 755 semodule $(SBINDIR) -+ (cd $(SBINDIR); ln semodule genhomedircon) ++ (cd $(SBINDIR); ln -sf semodule genhomedircon) test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8 install -m 644 semodule.8 $(MANDIR)/man8/ + install -m 644 genhomedircon.8 $(MANDIR)/man8/ @@ -915,6 +1284,64 @@ index 17b4fa5..6947b37 100644 parse_command_line(argc, argv); if (build) +diff --git a/policycoreutils/sepolicy/Makefile b/policycoreutils/sepolicy/Makefile +index 11b534f..eb86eae 100644 +--- a/policycoreutils/sepolicy/Makefile ++++ b/policycoreutils/sepolicy/Makefile +@@ -22,10 +22,14 @@ clean: + $(PYTHON) setup.py clean + -rm -rf build *~ \#* *pyc .#* + ++sepolgen: ++ ln -sf sepolicy sepolgen ++ + install: + $(PYTHON) setup.py install `test -n "$(DESTDIR)" && echo --root $(DESTDIR)` + [ -d $(BINDIR) ] || mkdir -p $(BINDIR) + install -m 755 sepolicy.py $(BINDIR)/sepolicy ++ (cd $(BINDIR); ln -sf sepolicy sepolgen) + -mkdir -p $(MANDIR)/man8 + install -m 644 *.8 $(MANDIR)/man8 + -mkdir -p $(BASHCOMPLETIONDIR) +diff --git a/policycoreutils/sepolicy/sepolgen.8 b/policycoreutils/sepolicy/sepolgen.8 +new file mode 100644 +index 0000000..3ecf3eb +--- /dev/null ++++ b/policycoreutils/sepolicy/sepolgen.8 +@@ -0,0 +1 @@ ++.so man8/sepolicy-generate.8 +diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py +index b25d3b2..e120959 100755 +--- a/policycoreutils/sepolicy/sepolicy.py ++++ b/policycoreutils/sepolicy/sepolicy.py +@@ -461,7 +461,10 @@ if __name__ == '__main__': + gen_transition_args(subparsers) + + try: +- args = parser.parse_args() ++ if os.path.basename(sys.argv[0]) == "sepolgen": ++ args = parser.parse_args([ "generate" ] + sys.argv[1:]) ++ else: ++ args = parser.parse_args() + args.func(args) + sys.exit(0) + except ValueError,e: +diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py +index 5e7415c..37cd5dd 100644 +--- a/policycoreutils/sepolicy/sepolicy/__init__.py ++++ b/policycoreutils/sepolicy/sepolicy/__init__.py +@@ -145,10 +145,7 @@ def policy(policy_file): + raise ValueError(_("Failed to read %s policy file") % policy_file) + + +-policy_file = selinux.selinux_current_policy_path() +-if not policy_file: +- policy_file = __get_installed_policy() +- ++policy_file = __get_installed_policy() + try: + policy(policy_file) + except ValueError, e: diff --git a/policycoreutils/setfiles/restorecon.8 b/policycoreutils/setfiles/restorecon.8 index 80b6d6e..07c5ee2 100644 --- a/policycoreutils/setfiles/restorecon.8 diff --git a/policycoreutils.spec b/policycoreutils.spec index ecc8479..6f525e6 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.1.14 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -139,6 +139,7 @@ The policycoreutils-python package contains the management tools use to manage a %{_mandir}/man8/sandbox.8* %{_mandir}/man8/semanage.8* %{_mandir}/man8/sepolicy*.8* +%{_mandir}/man8/sepolgen.8* %{_mandir}/ru/man8/semanage.8* %dir %{_sysconfdir}/bash_completion.d %{_sysconfdir}/bash_completion.d/semanage-bash-completion.sh @@ -182,7 +183,7 @@ Summary: SELinux sandbox utilities Group: System Environment/Base Requires: policycoreutils-python = %{version}-%{release} Requires: xorg-x11-server-Xephyr /usr/bin/rsync /usr/bin/xmodmap -Requires: matchbox-window-manager +Requires: openbox BuildRequires: libcap-ng-devel %description sandbox @@ -325,6 +326,12 @@ The policycoreutils-restorecond package contains the restorecond service. %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %changelog +* Thu Feb 14 2013 Dan Walsh - 2.1.14-4 +- Revert some changes which are causing the wrong policy version file to be created +- Switch sandbox to start using openbox rather then matchpbox +- Make sepolgen a symlink to sepolicy +- update translations + * Wed Feb 13 2013 Dan Walsh - 2.1.14-3 - Fix empty system-config-selinux.png, again