* Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1
- Fix location of man pages - Update to upstream * Modify setfiles to exclude mounts without seclabel option in /proc/mounts on kernels >= 2.6.30 from Thomas Liu. * Re-enable disable_dontaudit rules upon semodule -B from Christopher Pardy and Dan Walsh. * setfiles converted to fts from Thomas Liu.
This commit is contained in:
parent
d34f2573e0
commit
d03de9fdcd
@ -199,3 +199,6 @@ policycoreutils-2.0.62.tgz
|
||||
sepolgen-1.0.16.tgz
|
||||
policycoreutils-2.0.63.tgz
|
||||
policycoreutils-2.0.64.tgz
|
||||
policycoreutils-2.0.65.tgz
|
||||
policycoreutils-2.0.67.tgz
|
||||
policycoreutils-2.0.68.tgz
|
||||
|
319802
policycoreutils-po.patch
319802
policycoreutils-po.patch
File diff suppressed because it is too large
Load Diff
@ -1,26 +1,15 @@
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.64/audit2allow/audit2allow
|
||||
--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/audit2allow/audit2allow 2009-06-26 14:57:32.000000000 -0400
|
||||
@@ -126,6 +126,7 @@
|
||||
elif self.__options.audit:
|
||||
try:
|
||||
messages = audit.get_audit_msgs()
|
||||
+ messages += audit.get_log_msgs()
|
||||
except OSError, e:
|
||||
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
|
||||
sys.exit(1)
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.64/Makefile
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.68/Makefile
|
||||
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/Makefile 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/Makefile 2009-07-29 09:34:07.000000000 -0400
|
||||
@@ -1,4 +1,4 @@
|
||||
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
||||
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
||||
|
||||
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
||||
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.64/restorecond/Makefile
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.68/restorecond/Makefile
|
||||
--- nsapolicycoreutils/restorecond/Makefile 2009-02-18 16:44:47.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/Makefile 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/Makefile 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -2,16 +2,23 @@
|
||||
PREFIX ?= ${DESTDIR}/usr
|
||||
SBINDIR ?= $(PREFIX)/sbin
|
||||
@ -62,16 +51,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
|
||||
relabel: install
|
||||
/sbin/restorecon $(SBINDIR)/restorecond
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.64/restorecond/org.selinux.Restorecond.service
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service
|
||||
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/org.selinux.Restorecond.service 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,3 @@
|
||||
+[D-BUS Service]
|
||||
+Name=org.selinux.Restorecond
|
||||
+Exec=/usr/sbin/restorecond -u
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.64/restorecond/restorecond.c
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.68/restorecond/restorecond.c
|
||||
--- nsapolicycoreutils/restorecond/restorecond.c 2009-02-18 16:44:47.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/restorecond.c 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/restorecond.c 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -48,294 +48,37 @@
|
||||
#include <signal.h>
|
||||
#include <string.h>
|
||||
@ -540,9 +529,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
}
|
||||
+
|
||||
+
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.64/restorecond/restorecond.conf
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.68/restorecond/restorecond.conf
|
||||
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-05-18 13:53:14.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/restorecond/restorecond.conf 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/restorecond.conf 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -4,8 +4,5 @@
|
||||
/etc/mtab
|
||||
/var/run/utmp
|
||||
@ -553,9 +542,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
/root/.ssh/*
|
||||
-
|
||||
-
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.64/restorecond/restorecond.desktop
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.68/restorecond/restorecond.desktop
|
||||
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/restorecond.desktop 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/restorecond.desktop 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,7 @@
|
||||
+[Desktop Entry]
|
||||
+Name=File Context maintainer
|
||||
@ -564,9 +553,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+Encoding=UTF-8
|
||||
+Type=Application
|
||||
+StartupNotify=false
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.64/restorecond/restorecond.h
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.68/restorecond/restorecond.h
|
||||
--- nsapolicycoreutils/restorecond/restorecond.h 2008-08-28 09:34:24.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/restorecond/restorecond.h 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/restorecond.h 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -24,7 +24,22 @@
|
||||
#ifndef RESTORED_CONFIG_H
|
||||
#define RESTORED_CONFIG_H
|
||||
@ -592,15 +581,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+extern void watch_list_free(int fd);
|
||||
|
||||
#endif
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.64/restorecond/restorecond_user.conf
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.68/restorecond/restorecond_user.conf
|
||||
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/restorecond_user.conf 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/restorecond_user.conf 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,2 @@
|
||||
+~/*
|
||||
+~/public_html/*
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.64/restorecond/user.c
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.68/restorecond/user.c
|
||||
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/user.c 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/user.c 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,220 @@
|
||||
+/*
|
||||
+ * restorecond
|
||||
@ -822,9 +811,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.64/restorecond/walk.c
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.68/restorecond/walk.c
|
||||
--- nsapolicycoreutils/restorecond/walk.c 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/walk.c 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/walk.c 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,30 @@
|
||||
+#define _XOPEN_SOURCE 500
|
||||
+#include <ftw.h>
|
||||
@ -856,9 +845,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ printf("Total Dirs %d\n",ctr);
|
||||
+ exit(EXIT_SUCCESS);
|
||||
+}
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.64/restorecond/watch.c
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.68/restorecond/watch.c
|
||||
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/restorecond/watch.c 2009-06-26 14:57:32.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/restorecond/watch.c 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,346 @@
|
||||
+#define _GNU_SOURCE
|
||||
+#include <sys/inotify.h>
|
||||
@ -1206,9 +1195,21 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ exitApp("Error watching config file.");
|
||||
+}
|
||||
+
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.64/scripts/Makefile
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.68/scripts/fixfiles
|
||||
--- nsapolicycoreutils/scripts/fixfiles 2009-06-23 15:36:07.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/scripts/fixfiles 2009-07-29 09:31:44.000000000 -0400
|
||||
@@ -129,7 +129,7 @@
|
||||
if [ ! -z "$FILEPATH" ]; then
|
||||
if [ -x /usr/bin/find ]; then
|
||||
/usr/bin/find "$FILEPATH" \
|
||||
- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o fstype btrfs \) -prune -o -print0 | \
|
||||
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o -fstype btrfs \) -prune -o -print0 | \
|
||||
${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
|
||||
else
|
||||
${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.68/scripts/Makefile
|
||||
--- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/scripts/Makefile 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/scripts/Makefile 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -5,11 +5,12 @@
|
||||
MANDIR ?= $(PREFIX)/share/man
|
||||
LOCALEDIR ?= /usr/share/locale
|
||||
@ -1223,9 +1224,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
install -m 755 fixfiles $(DESTDIR)/sbin
|
||||
install -m 755 genhomedircon $(SBINDIR)
|
||||
-mkdir -p $(MANDIR)/man8
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.64/scripts/sandbox
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.68/scripts/sandbox
|
||||
--- nsapolicycoreutils/scripts/sandbox 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/scripts/sandbox 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/scripts/sandbox 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,139 @@
|
||||
+#!/usr/bin/python -E
|
||||
+import os, sys, getopt, socket, random, fcntl
|
||||
@ -1366,9 +1367,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ error_exit(error.args[1])
|
||||
+
|
||||
+ sys.exit(rc)
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.64/scripts/sandbox.8
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.68/scripts/sandbox.8
|
||||
--- nsapolicycoreutils/scripts/sandbox.8 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/scripts/sandbox.8 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/scripts/sandbox.8 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,22 @@
|
||||
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
|
||||
+.SH NAME
|
||||
@ -1392,9 +1393,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+.TP
|
||||
+runcon(1)
|
||||
+.PP
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.64/scripts/sandbox.py
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.68/scripts/sandbox.py
|
||||
--- nsapolicycoreutils/scripts/sandbox.py 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.64/scripts/sandbox.py 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/scripts/sandbox.py 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -0,0 +1,67 @@
|
||||
+#!/usr/bin/python
|
||||
+import os, sys, getopt, socket, random, fcntl
|
||||
@ -1463,9 +1464,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ mount(mount_src, filecon)
|
||||
+ umount(filecon)
|
||||
+os.execvp(cmds[0], cmds)
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.64/semanage/semanage
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.68/semanage/semanage
|
||||
--- nsapolicycoreutils/semanage/semanage 2009-05-18 13:53:14.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/semanage/semanage 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/semanage/semanage 2009-07-29 09:34:44.000000000 -0400
|
||||
@@ -44,16 +44,17 @@
|
||||
text = _("""
|
||||
semanage [ -S store ] -i [ input_file | - ]
|
||||
@ -1499,7 +1500,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
-F, --file Treat target as an input file for command, change multiple settings
|
||||
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
|
||||
-M, --mask Netmask
|
||||
+ -e, --equil Make target equil to this paths labeling
|
||||
+ -e, --equal Make target equal to this paths labeling
|
||||
-P, --prefix Prefix for home directory labeling
|
||||
-L, --level Default SELinux Level (MLS/MCS Systems only)
|
||||
-R, --roles SELinux Roles (ex: "sysadm_r staff_r")
|
||||
@ -1508,7 +1509,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
|
||||
valid_option["fcontext"] = []
|
||||
- valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
|
||||
+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equil', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
|
||||
+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
|
||||
valid_option["translation"] = []
|
||||
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
|
||||
valid_option["boolean"] = []
|
||||
@ -1523,7 +1524,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
locallist = False
|
||||
use_file = False
|
||||
store = ""
|
||||
+ equil=""
|
||||
+ equal=""
|
||||
|
||||
+ dontaudit = ""
|
||||
+
|
||||
@ -1540,7 +1541,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
'delete',
|
||||
'deleteall',
|
||||
+ 'dontaudit=',
|
||||
+ 'equil=',
|
||||
+ 'equal=',
|
||||
'ftype=',
|
||||
'file',
|
||||
'help',
|
||||
@ -1558,8 +1559,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
- ftype=a
|
||||
+ ftype = a
|
||||
+
|
||||
+ if o == "-e" or o == "--equil":
|
||||
+ equil = a
|
||||
+ if o == "-e" or o == "--equal":
|
||||
+ equal = a
|
||||
|
||||
if o == "-F" or o == "--file":
|
||||
use_file = True
|
||||
@ -1606,10 +1607,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
|
||||
if object == "fcontext":
|
||||
- OBJECT.add(target, setype, ftype, serange, seuser)
|
||||
+ if equil == "":
|
||||
+ if equal == "":
|
||||
+ OBJECT.add(target, setype, ftype, serange, seuser)
|
||||
+ else:
|
||||
+ OBJECT.add_equil(target, equil)
|
||||
+ OBJECT.add_equal(target, equal)
|
||||
if object == "permissive":
|
||||
OBJECT.add(target)
|
||||
|
||||
@ -1628,10 +1629,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
|
||||
if object == "fcontext":
|
||||
- OBJECT.modify(target, setype, ftype, serange, seuser)
|
||||
+ if equil == "":
|
||||
+ if equal == "":
|
||||
+ OBJECT.modify(target, setype, ftype, serange, seuser)
|
||||
+ else:
|
||||
+ OBJECT.modify_equil(target, equil)
|
||||
+ OBJECT.modify_equal(target, equal)
|
||||
|
||||
return
|
||||
|
||||
@ -1644,9 +1645,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
|
||||
elif object == "node":
|
||||
OBJECT.delete(target, mask, proto)
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.64/semanage/semanage.8
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.68/semanage/semanage.8
|
||||
--- nsapolicycoreutils/semanage/semanage.8 2008-08-28 09:34:24.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/semanage/semanage.8 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/semanage/semanage.8 2009-07-29 09:30:07.000000000 -0400
|
||||
@@ -21,6 +21,8 @@
|
||||
.br
|
||||
.B semanage permissive \-{a|d} type
|
||||
@ -1656,9 +1657,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
.B semanage translation \-{a|d|m} [\-T] level
|
||||
.P
|
||||
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.64/semanage/seobject.py
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.68/semanage/seobject.py
|
||||
--- nsapolicycoreutils/semanage/seobject.py 2009-05-18 13:53:14.000000000 -0400
|
||||
+++ policycoreutils-2.0.64/semanage/seobject.py 2009-06-26 14:57:40.000000000 -0400
|
||||
+++ policycoreutils-2.0.68/semanage/seobject.py 2009-07-29 09:35:07.000000000 -0400
|
||||
@@ -1,5 +1,5 @@
|
||||
#! /usr/bin/python -E
|
||||
-# Copyright (C) 2005, 2006, 2007, 2008 Red Hat
|
||||
@ -2208,7 +2209,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
def __init__(self, store = ""):
|
||||
semanageRecords.__init__(self, store)
|
||||
+ self.equiv = {}
|
||||
+ self.equil_ind = False
|
||||
+ self.equal_ind = False
|
||||
+ try:
|
||||
+ fd = open(selinux.selinux_file_context_subs_path(), "r")
|
||||
+ for i in fd.readlines():
|
||||
@ -2219,7 +2220,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ pass
|
||||
+
|
||||
+ def commit(self):
|
||||
+ if self.equil_ind:
|
||||
+ if self.equal_ind:
|
||||
+ subs_file = selinux.selinux_file_context_subs_path()
|
||||
+ tmpfile = "%s.tmp" % subs_file
|
||||
+ fd = open(tmpfile, "w")
|
||||
@ -2231,23 +2232,23 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
+ except:
|
||||
+ pass
|
||||
+ os.rename(tmpfile,subs_file)
|
||||
+ self.equil_ind = False
|
||||
+ self.equal_ind = False
|
||||
+ semanageRecords.commit(self)
|
||||
+
|
||||
+ def add_equil(self, src, dst):
|
||||
+ def add_equal(self, src, dst):
|
||||
+ self.begin()
|
||||
+ if src in self.equiv.keys():
|
||||
+ raise ValueError(_("Equivalence class for %s already exists") % src)
|
||||
+ self.equiv[src] = dst
|
||||
+ self.equil_ind = True
|
||||
+ self.equal_ind = True
|
||||
+ self.commit()
|
||||
+
|
||||
+ def modify_equil(self, src, dst):
|
||||
+ def modify_equal(self, src, dst):
|
||||
+ self.begin()
|
||||
+ if src not in self.equiv.keys():
|
||||
+ raise ValueError(_("Equivalence class for %s does not exists") % src)
|
||||
+ self.equiv[src] = dst
|
||||
+ self.equil_ind = True
|
||||
+ self.equal_ind = True
|
||||
+ self.commit()
|
||||
|
||||
def createcon(self, target, seuser = "system_u"):
|
||||
@ -2323,14 +2324,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
|
||||
-
|
||||
+
|
||||
+ self.equiv = {}
|
||||
+ self.equil_ind = True
|
||||
+ self.equal_ind = True
|
||||
self.commit()
|
||||
|
||||
def __delete(self, target, ftype):
|
||||
- (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
|
||||
+ if target in self.equiv.keys():
|
||||
+ self.equiv.pop(target)
|
||||
+ self.equil_ind = True
|
||||
+ self.equal_ind = True
|
||||
+ return
|
||||
+
|
||||
+ (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
|
||||
|
@ -5,8 +5,8 @@
|
||||
%define sepolgenver 1.0.16
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.64
|
||||
Release: 3%{?dist}
|
||||
Version: 2.0.68
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -81,6 +81,7 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui
|
||||
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux
|
||||
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/security/console.apps/selinux-polgengui
|
||||
tar -jxf %{SOURCE8} -C %{buildroot}/
|
||||
rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
|
||||
ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
|
||||
ln -sf consolehelper %{buildroot}%{_bindir}/selinux-polgengui
|
||||
|
||||
@ -121,6 +122,17 @@ The policycoreutils-python package contains the management tools use to manage a
|
||||
%dir /var/lib/sepolgen
|
||||
%dir /var/lib/selinux
|
||||
/var/lib/sepolgen/perm_map
|
||||
%dir %{_datadir}/sandbox
|
||||
%{_mandir}/man1/audit2allow.1*
|
||||
%{_mandir}/ru/man1/audit2allow.1*
|
||||
%{_mandir}/man1/audit2why.1*
|
||||
%{_mandir}/ru/man1/audit2why.1*
|
||||
%{_mandir}/man8/chcat.8*
|
||||
%{_mandir}/ru/man8/chcat.8*
|
||||
%{_mandir}/man8/semanage.8*
|
||||
%{_mandir}/ru/man8/semanage.8*
|
||||
%{_mandir}/man8/fixfiles.8*
|
||||
%{_mandir}/ru/man8/fixfiles.8*
|
||||
|
||||
%post python
|
||||
[ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen
|
||||
@ -198,9 +210,6 @@ rm -rf %{buildroot}
|
||||
%{_bindir}/semodule_expand
|
||||
%{_bindir}/semodule_link
|
||||
%{_bindir}/semodule_package
|
||||
%{_mandir}/man*/*
|
||||
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
|
||||
%{_mandir}/ru/
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/newrole
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/run_init
|
||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||
@ -209,6 +218,35 @@ rm -rf %{buildroot}
|
||||
%config(noreplace) /etc/selinux/restorecond_user.conf
|
||||
%{_sysconfdir}/xdg/autostart/restorecond.desktop
|
||||
%{_datadir}/dbus-1/services/org.selinux.Restorecond.service
|
||||
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
|
||||
%{_mandir}/man8/load_policy.8*
|
||||
%{_mandir}/ru/man8/load_policy.8*
|
||||
%{_mandir}/man8/open_init_pty.8*
|
||||
%{_mandir}/ru/man8/open_init_pty.8*
|
||||
%{_mandir}/man8/restorecon.8*
|
||||
%{_mandir}/ru/man8/restorecon.8*
|
||||
%{_mandir}/man8/restorecond.8*
|
||||
%{_mandir}/ru/man8/restorecond.8*
|
||||
%{_mandir}/man8/run_init.8*
|
||||
%{_mandir}/ru/man8/run_init.8*
|
||||
%{_mandir}/man8/semodule.8*
|
||||
%{_mandir}/ru/man8/semodule.8*
|
||||
%{_mandir}/man8/semodule_deps.8*
|
||||
%{_mandir}/ru/man8/semodule_deps.8*
|
||||
%{_mandir}/man8/semodule_expand.8*
|
||||
%{_mandir}/ru/man8/semodule_expand.8*
|
||||
%{_mandir}/man8/semodule_link.8*
|
||||
%{_mandir}/ru/man8/semodule_link.8*
|
||||
%{_mandir}/man8/semodule_package.8*
|
||||
%{_mandir}/ru/man8/semodule_package.8*
|
||||
%{_mandir}/man8/sestatus.8*
|
||||
%{_mandir}/ru/man8/sestatus.8*
|
||||
%{_mandir}/man8/setfiles.8*
|
||||
%{_mandir}/ru/man8/setfiles.8*
|
||||
%{_mandir}/man8/setsebool.8*
|
||||
%{_mandir}/ru/man8/setsebool.8*
|
||||
%{_mandir}/man1/secon.1*
|
||||
%{_mandir}/ru/man1/secon.1*
|
||||
|
||||
%preun
|
||||
if [ $1 -eq 0 ]; then
|
||||
@ -229,6 +267,15 @@ else
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1
|
||||
- Fix location of man pages
|
||||
- Update to upstream
|
||||
* Modify setfiles to exclude mounts without seclabel option in
|
||||
/proc/mounts on kernels >= 2.6.30 from Thomas Liu.
|
||||
* Re-enable disable_dontaudit rules upon semodule -B from Christopher
|
||||
Pardy and Dan Walsh.
|
||||
* setfiles converted to fts from Thomas Liu.
|
||||
|
||||
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.64-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
|
Binary file not shown.
Loading…
Reference in New Issue
Block a user