diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 2c65126..a361525 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.27.27/scripts/genhomedircon --- nsapolicycoreutils/scripts/genhomedircon 2005-09-12 16:33:30.000000000 -0400 -+++ policycoreutils-1.27.27/scripts/genhomedircon 2005-11-14 13:56:01.000000000 -0500 ++++ policycoreutils-1.27.27/scripts/genhomedircon 2005-11-14 15:25:45.000000000 -0500 @@ -15,32 +15,19 @@ # The file CONTEXTDIR/files/homedir_template exists. This file is used to # set up the home directory context for each real user. @@ -220,7 +220,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po self.type=type self.selinuxdir=selinuxdir +"/" self.contextdir="/contexts" -@@ -312,48 +141,68 @@ +@@ -312,48 +141,75 @@ else: errorExit(string.join("sed error ", rc[1])) @@ -236,10 +236,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po + if self.semanaged: + ret += "# use seusers command to manage system users in order to change the file_context\n#\n#\n" + else: -+ ret += "# edit %s to change file_context\n#\n#\n" % self.selinuxdir+self.type+"/seusers" ++ ret += "# edit %s to change file_context\n#\n#\n" % (self.selinuxdir+self.type+"/seusers") return ret -+ +- def getUsers(self): +- users="" +- rc = commands.getstatusoutput('grep "^user" %s' % self.getSystemUsersFile()) +- if rc[0] == 0: +- users+=rc[1]+"\n" +- rc = commands.getstatusoutput("grep ^user %s" % self.getUsersFile()) + def defaultrole(self, name): + for idx in range(self.usize): + user = semanage_user_by_idx(self.ulist, idx) @@ -251,6 +256,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po + else: + return role + return name ++ def getOldRole(self, role): ++ rc = commands.getstatusoutput('grep "^user %s" %s' % (role, self.selinuxdir+self.type+"/users/system.users")) ++ if rc[0] != 0: ++ rc = commands.getstatusoutput('grep "^user %s" %s' % (role, self.selinuxdir+self.type+"/users/local.users")) + if rc[0] == 0: +- users+=rc[1] ++ user=rc[1].split() ++ role = user[3] ++ if role == "{": ++ role = user[4] ++ return role ++ + def adduser(self, udict, user, seuser, role): + try: + if seuser == "user_u" or user == "__default__": @@ -268,14 +285,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po + except KeyError: + sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user) + - def getUsers(self): -- users="" -- rc = commands.getstatusoutput('grep "^user" %s' % self.getSystemUsersFile()) -- if rc[0] == 0: -- users+=rc[1]+"\n" -- rc = commands.getstatusoutput("grep ^user %s" % self.getUsersFile()) -- if rc[0] == 0: -- users+=rc[1] ++ def getUsers(self): udict = {} - prefs = {} - if users != "": @@ -315,15 +325,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po - udict[user[1]] = prefs - except KeyError: - sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user[1]) -+ if user[0] == "root": -+ role="user" -+ else: -+ role=user[1] ++ role=self.getOldRole(user[1]) + self.adduser(udict, user[0], user[1], role) return udict def getHomeDirContext(self, user, home, role): -@@ -362,9 +211,8 @@ +@@ -362,9 +218,8 @@ return ret + rc[1] + "\n" def getUserContext(self, user, sel_user, role): @@ -334,7 +341,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon po def genHomeDirContext(self): users = self.getUsers() -@@ -478,10 +326,6 @@ +@@ -478,10 +333,6 @@ if type==None: type=getSELinuxType(directory)