- Don't report error on load_policy when system is disabled.
This commit is contained in:
Dan Walsh
parent
b9b7f4161c
commit
af19df0f00
25
policycoreutils-2.0.83-disable.patch
Normal file
25
policycoreutils-2.0.83-disable.patch
Normal file
@ -0,0 +1,25 @@
|
||||
diff -up policycoreutils-2.0.83/load_policy/load_policy.c.init policycoreutils-2.0.83/load_policy/load_policy.c
|
||||
--- policycoreutils-2.0.83/load_policy/load_policy.c.init 2010-11-08 13:46:37.000000000 -0500
|
||||
+++ policycoreutils-2.0.83/load_policy/load_policy.c 2010-11-22 13:43:58.000000000 -0500
|
||||
@@ -74,6 +74,7 @@ int main(int argc, char **argv)
|
||||
"%s: Warning! Boolean file argument (%s) is no longer supported, installed booleans file is always used. Continuing...\n",
|
||||
argv[0], argv[optind++]);
|
||||
}
|
||||
+ errno = 0;
|
||||
if (init) {
|
||||
if (is_selinux_enabled() == 1) {
|
||||
/* SELinux is already enabled, we should not do an initial load again */
|
||||
@@ -98,7 +99,12 @@ int main(int argc, char **argv)
|
||||
else {
|
||||
ret = selinux_mkload_policy(1);
|
||||
}
|
||||
- if (ret < 0) {
|
||||
+
|
||||
+ /* selinux_init_load_policy returns -1 if it did not load_policy
|
||||
+ * On SELinux disabled system it will always return -1
|
||||
+ * So check errno to see if anything went wrong
|
||||
+ */
|
||||
+ if (ret < 0 && errno != 0) {
|
||||
char *path=policy_path();
|
||||
fprintf(stderr, _("%s: Can't load policy file %s: %s\n"),
|
||||
argv[0], path, strerror(errno));
|
||||
@ -7,7 +7,7 @@
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.83
|
||||
Release: 36%{?dist}
|
||||
Release: 37%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -24,6 +24,7 @@ Patch: policycoreutils-rhat.patch
|
||||
Patch1: policycoreutils-po.patch
|
||||
Patch3: policycoreutils-gui.patch
|
||||
Patch4: policycoreutils-sepolgen.patch
|
||||
Patch5: policycoreutils-2.0.83-disable.patch
|
||||
Obsoletes: policycoreutils < 2.0.61-2
|
||||
|
||||
%global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
|
||||
@ -62,6 +63,7 @@ context.
|
||||
%patch1 -p1 -b .rhatpo
|
||||
%patch3 -p1 -b .gui
|
||||
%patch4 -p1 -b .sepolgen
|
||||
%patch5 -p1 -b .disable
|
||||
|
||||
%build
|
||||
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE " LDFLAGS="-pie -Wl,-z,relro" all
|
||||
@ -327,6 +329,9 @@ fi
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Mon Nov 22 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-37
|
||||
- Don't report error on load_policy when system is disabled.
|
||||
|
||||
* Mon Nov 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-36
|
||||
- Fix up problems pointed out by solar designer on dropping capabilities
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user