Stop syslogging on full restore

- Stop syslogging when restorecon is not changing values
This commit is contained in:
Dan Walsh 2012-01-31 10:58:23 -05:00
parent 662a1ad3a8
commit d4088bfa91
2 changed files with 41 additions and 3 deletions

View File

@ -8,6 +8,19 @@ index 9cfe3bc..e31f7d3 100644
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
diff --git a/policycoreutils/load_policy/Makefile b/policycoreutils/load_policy/Makefile
index c90d4dd..37a7a7a 100644
--- a/policycoreutils/load_policy/Makefile
+++ b/policycoreutils/load_policy/Makefile
@@ -18,8 +18,6 @@ install: all
install -m 755 $(TARGETS) $(SBINDIR)
test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
install -m 644 load_policy.8 $(MANDIR)/man8/
- -mkdir -p $(USRSBINDIR)
- ln -sf /sbin/load_policy $(USRSBINDIR)/load_policy
clean:
-rm -f $(TARGETS) *.o
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 99d0ed7..19e20a8 100644 index 99d0ed7..19e20a8 100644
--- a/policycoreutils/newrole/newrole.c --- a/policycoreutils/newrole/newrole.c
@ -286,6 +299,27 @@ index 17ad6ca..fe6427c 100644
-mkdir -p $(MANDIR)/man8 -mkdir -p $(MANDIR)/man8
install -m 644 fixfiles.8 $(MANDIR)/man8/ install -m 644 fixfiles.8 $(MANDIR)/man8/
install -m 644 genhomedircon.8 $(MANDIR)/man8/ install -m 644 genhomedircon.8 $(MANDIR)/man8/
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
index 27dcccf..445353e 100755
--- a/policycoreutils/scripts/fixfiles
+++ b/policycoreutils/scripts/fixfiles
@@ -121,7 +121,6 @@ LOGFILE=`tty`
if [ $? != 0 ]; then
LOGFILE="/dev/null"
fi
-SYSLOGFLAG="-l"
LOGGER=/usr/sbin/logger
SETFILES=/sbin/setfiles
RESTORECON=/sbin/restorecon
@@ -234,7 +233,7 @@ then
done
FC=$TEMPFCFILE
fi
-${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 | cat >> $LOGFILE
+${SETFILES} -q ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 | cat >> $LOGFILE
rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
UNDEFINED=`get_undefined_type` || exit $?
diff --git a/policycoreutils/scripts/genhomedircon b/policycoreutils/scripts/genhomedircon diff --git a/policycoreutils/scripts/genhomedircon b/policycoreutils/scripts/genhomedircon
index ab696a7..58b19cd 100644 index ab696a7..58b19cd 100644
--- a/policycoreutils/scripts/genhomedircon --- a/policycoreutils/scripts/genhomedircon
@ -1092,7 +1126,7 @@ index 17afe23..12cd0fe 100644
(rc, fcontext) = semanage_fcontext_create(self.sh) (rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0: if rc < 0:
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 9a7d315..e57d34f 100644 index 9a7d315..5ade9f1 100644
--- a/policycoreutils/setfiles/restore.c --- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c +++ b/policycoreutils/setfiles/restore.c
@@ -1,5 +1,6 @@ @@ -1,5 +1,6 @@
@ -1252,7 +1286,7 @@ index 9a7d315..e57d34f 100644
- if (r_opts->logging && !user_only_changed) { - if (r_opts->logging && !user_only_changed) {
- if (context) - if (context)
+ if (r_opts->logging) { + if (r_opts->logging && r_opts->change) {
+ if (curcon) + if (curcon)
syslog(LOG_INFO, "relabeling %s from %s to %s\n", syslog(LOG_INFO, "relabeling %s from %s to %s\n",
- my_file, context, newcon); - my_file, context, newcon);

View File

@ -7,7 +7,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.1.10 Version: 2.1.10
Release: 17%{?dist} Release: 18%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# Based on git repository with tag 20101221 # Based on git repository with tag 20101221
@ -356,6 +356,10 @@ fi
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog %changelog
* Mon Jan 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-18
- Stop syslogging on full restore
- Stop syslogging when restorecon is not changing values
* Fri Jan 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-17 * Fri Jan 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-17
- Change semanage to produce proper audit records for Common Criteria - Change semanage to produce proper audit records for Common Criteria
- Cleanup packaging for usrmove - Cleanup packaging for usrmove