* Fri May 13 2005 Dan Walsh <dwalsh@redhat.com> 1.23.8-1
- Fix fixfiles to accept -f - Update to match NSA * Added audit2why utility.
This commit is contained in:
Daniel J Walsh
parent
316313f3e5
commit
a618e17dc9
@ -1,6 +1,117 @@
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.23.7/scripts/fixfiles
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-1.23.8/audit2allow/Makefile
|
||||
--- nsapolicycoreutils/audit2allow/Makefile 2005-01-25 10:32:01.000000000 -0500
|
||||
+++ policycoreutils-1.23.8/audit2allow/Makefile 2005-05-13 15:30:55.000000000 -0400
|
||||
@@ -13,7 +13,6 @@
|
||||
install -m 755 $(TARGETS) $(BINDIR)
|
||||
-mkdir -p $(MANDIR)/man1
|
||||
install -m 644 audit2allow.1 $(MANDIR)/man1/
|
||||
-
|
||||
clean:
|
||||
|
||||
relabel:
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2why/audit2why.1 policycoreutils-1.23.8/audit2why/audit2why.1
|
||||
--- nsapolicycoreutils/audit2why/audit2why.1 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-1.23.8/audit2why/audit2why.1 2005-05-13 15:28:05.000000000 -0400
|
||||
@@ -0,0 +1,62 @@
|
||||
+.\" Hey, Emacs! This is an -*- nroff -*- source file.
|
||||
+.\" Copyright (c) 2005 Dan Walsh <dwalsh@redhat.com>
|
||||
+.\"
|
||||
+.\" This is free documentation; you can redistribute it and/or
|
||||
+.\" modify it under the terms of the GNU General Public License as
|
||||
+.\" published by the Free Software Foundation; either version 2 of
|
||||
+.\" the License, or (at your option) any later version.
|
||||
+.\"
|
||||
+.\" The GNU General Public License's references to "object code"
|
||||
+.\" and "executables" are to be interpreted as the output of any
|
||||
+.\" document formatting or typesetting system, including
|
||||
+.\" intermediate and printed output.
|
||||
+.\"
|
||||
+.\" This manual is distributed in the hope that it will be useful,
|
||||
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+.\" GNU General Public License for more details.
|
||||
+.\"
|
||||
+.\" You should have received a copy of the GNU General Public
|
||||
+.\" License along with this manual; if not, write to the Free
|
||||
+.\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
|
||||
+.\" USA.
|
||||
+.\"
|
||||
+.\"
|
||||
+.TH AUDIT2ALLOW "1" "May 2005" "Security Enhanced Linux" NSA
|
||||
+.SH NAME
|
||||
+audit2why \- Translates auditmessages into a description of why the access was denied
|
||||
+.SH SYNOPSIS
|
||||
+.B audit2why
|
||||
+.RI [ options "] "
|
||||
+.SH OPTIONS
|
||||
+.TP
|
||||
+
|
||||
+.B "\-\-help"
|
||||
+Print a short usage message
|
||||
+.TP
|
||||
+.B "\-p <policyfile>"
|
||||
+Specify an alternate policy file.
|
||||
+.SH DESCRIPTION
|
||||
+.PP
|
||||
+This utility scans stdin (logfiles) for messages logged when the
|
||||
+system denied permission for operations, and generates a reason why the
|
||||
+access was denied
|
||||
+.PP
|
||||
+.SH EXAMPLE
|
||||
+$ /usr/sbin/audit2why < /var/log/audit/audit.log
|
||||
+
|
||||
+type=KERNEL msg=audit(1115316525.803:399552): avc: denied { getattr } for path=/home/sds dev=hda5 ino=1175041 scontext=root:secadm_r:secadm_t:s0-s9:c0.c127 tcontext=user_u:object_r:user_home_dir_t:s0 tclass=dir
|
||||
+ Was caused by:
|
||||
+ Missing TE allow rule for the type pair (use audit2allow).
|
||||
+
|
||||
+type=KERNEL msg=audit(1115320071.648:606858): avc: denied { append } for name=.bash_history dev=hda5 ino=1175047 scontext=user_u:user_r:user_t:s1-s9:c0.c127 tcontext=user_u:object_r:user_home_t:s0 tclass=file
|
||||
+ Was caused by:
|
||||
+ Constraint violation (add type attribute to domain to satisfy constraints or alter constraint).
|
||||
+
|
||||
+
|
||||
+.PP
|
||||
+.SH AUTHOR
|
||||
+This manual page was written by
|
||||
+.I Dan Walsh <dwalsh@redhat.com>,
|
||||
+.B audit2why
|
||||
+utility was written by Stephen Smalley <sds@tycho.nsa.gov>.
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-1.23.8/audit2why/audit2why.c
|
||||
--- nsapolicycoreutils/audit2why/audit2why.c 2005-05-13 10:56:05.000000000 -0400
|
||||
+++ policycoreutils-1.23.8/audit2why/audit2why.c 2005-05-13 15:17:46.000000000 -0400
|
||||
@@ -36,7 +36,7 @@
|
||||
char *buffer = NULL, *bufcopy = NULL;
|
||||
unsigned int lineno = 0;
|
||||
size_t len = 0, bufcopy_len = 0;
|
||||
- FILE *fp;
|
||||
+ FILE *fp=NULL;
|
||||
int opt, rc, set_path = 0;
|
||||
char *p, *scon, *tcon, *tclassstr, *permstr;
|
||||
security_id_t ssid, tsid;
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2why/Makefile policycoreutils-1.23.8/audit2why/Makefile
|
||||
--- nsapolicycoreutils/audit2why/Makefile 2005-05-13 10:56:05.000000000 -0400
|
||||
+++ policycoreutils-1.23.8/audit2why/Makefile 2005-05-13 15:31:15.000000000 -0400
|
||||
@@ -1,6 +1,6 @@
|
||||
# Installation directories.
|
||||
PREFIX ?= ${DESTDIR}/usr
|
||||
-BINDIR ?= $(PREFIX)/sbin
|
||||
+BINDIR ?= $(PREFIX)/bin
|
||||
LIBDIR ?= ${PREFIX}/lib
|
||||
MANDIR ?= $(PREFIX)/share/man
|
||||
LOCALEDIR ?= /usr/share/locale
|
||||
@@ -16,7 +16,9 @@
|
||||
|
||||
install: all
|
||||
-mkdir -p $(BINDIR)
|
||||
- install -m 755 $(TARGETS) $(SBINDIR)
|
||||
+ install -m 755 $(TARGETS) $(BINDIR)
|
||||
+ -mkdir -p $(MANDIR)/man1
|
||||
+ install -m 644 audit2why.1 $(MANDIR)/man1/
|
||||
|
||||
clean:
|
||||
rm -f $(TARGETS) *.o
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.23.8/scripts/fixfiles
|
||||
--- nsapolicycoreutils/scripts/fixfiles 2005-04-29 14:11:23.000000000 -0400
|
||||
+++ policycoreutils-1.23.7/scripts/fixfiles 2005-05-13 12:26:21.000000000 -0400
|
||||
+++ policycoreutils-1.23.8/scripts/fixfiles 2005-05-13 15:17:46.000000000 -0400
|
||||
@@ -164,7 +164,7 @@
|
||||
fi
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
%define libselinuxver 1.23.1-1
|
||||
%define libsepolver 1.5.1-1
|
||||
%define libsepolver 1.5.7-1
|
||||
Summary: SELinux policy core utilities.
|
||||
Name: policycoreutils
|
||||
Version: 1.23.8
|
||||
@ -67,12 +67,14 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%{_mandir}/man8/fixfiles.8.gz
|
||||
%{_mandir}/man8/load_policy.8.gz
|
||||
%{_mandir}/man1/audit2allow.1.gz
|
||||
%{_mandir}/man1/audit2why.1.gz
|
||||
%{_mandir}/man8/genhomedircon.8.gz
|
||||
%{_mandir}/man8/open_init_pty.8.gz
|
||||
|
||||
%{_sbindir}/load_policy
|
||||
%{_bindir}/newrole
|
||||
%{_bindir}/audit2allow
|
||||
%{_bindir}/audit2why
|
||||
%{_mandir}/man1/newrole.1.gz
|
||||
%config %{_sysconfdir}/pam.d/newrole
|
||||
%{_sbindir}/run_init
|
||||
@ -82,6 +84,11 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||
|
||||
%changelog
|
||||
* Fri May 13 2005 Dan Walsh <dwalsh@redhat.com> 1.23.8-1
|
||||
- Fix fixfiles to accept -f
|
||||
- Update to match NSA
|
||||
* Added audit2why utility.
|
||||
|
||||
* Fri Apr 29 2005 Dan Walsh <dwalsh@redhat.com> 1.23.7-1
|
||||
- Change -f flag in fixfiles to remove stuff from /tmp
|
||||
- Change -F flag to pass -F flag to restorecon/fixfiles. (IE Force relabel).
|
||||
|
||||
Loading…
Reference in New Issue
Block a user