From c617c0cebf8f188b3eac221ece560fe7232f960d Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Fri, 22 Feb 2013 14:06:28 +0100 Subject: [PATCH] sepolgen-ifgen should use the current policy path if selinux is enabled --- policycoreutils-rhat.patch | 14 ++++++++++++++ policycoreutils.spec | 5 ++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 6f127ac..c071d9e 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -72,6 +72,20 @@ index 0000000..a9e8893 +++ b/policycoreutils/audit2allow/audit2why.1 @@ -0,0 +1 @@ +.so man1/audit2allow.1 +diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen +index ef4bec3..3967ba5 100644 +--- a/policycoreutils/audit2allow/sepolgen-ifgen ++++ b/policycoreutils/audit2allow/sepolgen-ifgen +@@ -62,6 +62,9 @@ def parse_options(): + return options + + def get_policy(): ++ p = selinux.selinux_current_policy_path() ++ if os.path.exists(p): ++ return p + i = selinux.security_policyvers() + p = selinux.selinux_binary_policy_path() + "." + str(i) + while i > 0 and not os.path.exists(p): diff --git a/policycoreutils/audit2why/Makefile b/policycoreutils/audit2why/Makefile deleted file mode 100644 index 63eb8b3..0000000 diff --git a/policycoreutils.spec b/policycoreutils.spec index 417e61b..06eac76 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.1.14 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -324,6 +324,9 @@ The policycoreutils-restorecond package contains the restorecond service. %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %changelog +* Fri Feb 22 2013 Dan Walsh - 2.1.14-11 +- sepolgen-ifgen should use the current policy path if selinux is enabled + * Fri Feb 22 2013 Dan Walsh - 2.1.14-10 - Fix sepolicy to be able to work on an SELinux disabled system. - Needed to be able to build man pages in selinux-policy package