* Thu Aug 3 2006 Dan Walsh <dwalsh@redhat.com> 1.30.25-1
- Update to upstream * Merged patch from Dan Walsh with: * audit2allow: process MAC_POLICY_LOAD events * newrole: run shell with - prefix to start a login shell * po: po file updates * restorecond: bail if SELinux not enabled * fixfiles: omit -q * genhomedircon: fix exit code if non-root * semodule_deps: install man page * Merged secon Makefile fix from Joshua Brindle. * Merged netfilter contexts support patch from Chris PeBenito.
This commit is contained in:
parent
d06137bce3
commit
d7dcedebef
@ -108,3 +108,4 @@ policycoreutils-1.30.12.tgz
|
|||||||
policycoreutils-1.30.14.tgz
|
policycoreutils-1.30.14.tgz
|
||||||
policycoreutils-1.30.17.tgz
|
policycoreutils-1.30.17.tgz
|
||||||
policycoreutils-1.30.22.tgz
|
policycoreutils-1.30.22.tgz
|
||||||
|
policycoreutils-1.30.25.tgz
|
||||||
|
@ -1,60 +1,3 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.30.22/audit2allow/audit2allow
|
|
||||||
--- nsapolicycoreutils/audit2allow/audit2allow 2006-08-01 09:47:23.000000000 -0400
|
|
||||||
+++ policycoreutils-1.30.22/audit2allow/audit2allow 2006-08-02 16:50:29.000000000 -0400
|
|
||||||
@@ -176,7 +176,7 @@
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
if auditlogs and os.path.exists("/var/log/audit/audit.log"):
|
|
||||||
- inputfd = os.popen("ausearch -m avc")
|
|
||||||
+ inputfd = os.popen("ausearch -m avc,MAC_POLICY_LOAD")
|
|
||||||
serules.load(inputfd)
|
|
||||||
|
|
||||||
if buildPP:
|
|
||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.30.22/audit2allow/avc.py
|
|
||||||
--- nsapolicycoreutils/audit2allow/avc.py 2006-07-03 07:52:43.000000000 -0400
|
|
||||||
+++ policycoreutils-1.30.22/audit2allow/avc.py 2006-08-02 16:50:50.000000000 -0400
|
|
||||||
@@ -352,6 +352,9 @@
|
|
||||||
if i == "security_compute_sid:":
|
|
||||||
self.security_compute_sid(rec)
|
|
||||||
found = 1
|
|
||||||
+ elif i == "type=MAC_POLICY_LOAD" and self.last_reload:
|
|
||||||
+ self.initialize()
|
|
||||||
+ break
|
|
||||||
else:
|
|
||||||
dict.append(i)
|
|
||||||
if found:
|
|
||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.30.22/newrole/newrole.c
|
|
||||||
--- nsapolicycoreutils/newrole/newrole.c 2006-07-03 07:52:43.000000000 -0400
|
|
||||||
+++ policycoreutils-1.30.22/newrole/newrole.c 2006-08-02 14:22:10.000000000 -0400
|
|
||||||
@@ -47,6 +47,7 @@
|
|
||||||
*
|
|
||||||
*************************************************************************/
|
|
||||||
|
|
||||||
+#define _GNU_SOURCE
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h> /* for malloc(), realloc(), free() */
|
|
||||||
#include <pwd.h> /* for getpwuid() */
|
|
||||||
@@ -855,7 +856,10 @@
|
|
||||||
|
|
||||||
if (optind < 1)
|
|
||||||
optind = 1;
|
|
||||||
- argv[optind - 1] = pw->pw_shell;
|
|
||||||
+ if (asprintf(&argv[optind - 1], "-%s", pw->pw_shell) < 0) {
|
|
||||||
+ fprintf(stderr, _("Error allocating shell.\n"));
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifdef CANTSPELLGDB
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
@@ -897,7 +901,7 @@
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
freecon(old_context);
|
|
||||||
- execv(argv[optind - 1], argv + optind - 1);
|
|
||||||
+ execv(pw->pw_shell, argv + optind - 1);
|
|
||||||
|
|
||||||
/* If we reach here, then we failed to exec the new shell. */
|
|
||||||
perror(_("failed to exec shell\n"));
|
|
||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fr.po policycoreutils-1.30.22/po/fr.po
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fr.po policycoreutils-1.30.22/po/fr.po
|
||||||
--- nsapolicycoreutils/po/fr.po 2006-08-01 09:47:27.000000000 -0400
|
--- nsapolicycoreutils/po/fr.po 2006-08-01 09:47:27.000000000 -0400
|
||||||
+++ policycoreutils-1.30.22/po/fr.po 2006-08-02 14:22:10.000000000 -0400
|
+++ policycoreutils-1.30.22/po/fr.po 2006-08-02 14:22:10.000000000 -0400
|
||||||
|
@ -1,15 +1,14 @@
|
|||||||
%define libauditver 1.1.4-3
|
%define libauditver 1.1.4-3
|
||||||
%define libsepolver 1.12.21-1
|
%define libsepolver 1.12.23-1
|
||||||
%define libsemanagever 1.6.11-1
|
%define libsemanagever 1.6.13-1
|
||||||
%define libselinuxver 1.30.19-1
|
%define libselinuxver 1.30.22-1
|
||||||
Summary: SELinux policy core utilities.
|
Summary: SELinux policy core utilities.
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 1.30.22
|
Version: 1.30.25
|
||||||
Release: 3
|
Release: 1
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
Patch: policycoreutils-rhat.patch
|
|
||||||
|
|
||||||
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel gettext
|
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel gettext
|
||||||
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
|
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
|
||||||
@ -36,7 +35,6 @@ context.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch -p1 -b .rhat
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
make LOG_AUDIT_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all
|
make LOG_AUDIT_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all
|
||||||
@ -119,6 +117,19 @@ fi
|
|||||||
[ -x /sbin/service ] && /sbin/service restorecond condrestart
|
[ -x /sbin/service ] && /sbin/service restorecond condrestart
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Aug 3 2006 Dan Walsh <dwalsh@redhat.com> 1.30.25-1
|
||||||
|
- Update to upstream
|
||||||
|
* Merged patch from Dan Walsh with:
|
||||||
|
* audit2allow: process MAC_POLICY_LOAD events
|
||||||
|
* newrole: run shell with - prefix to start a login shell
|
||||||
|
* po: po file updates
|
||||||
|
* restorecond: bail if SELinux not enabled
|
||||||
|
* fixfiles: omit -q
|
||||||
|
* genhomedircon: fix exit code if non-root
|
||||||
|
* semodule_deps: install man page
|
||||||
|
* Merged secon Makefile fix from Joshua Brindle.
|
||||||
|
* Merged netfilter contexts support patch from Chris PeBenito.
|
||||||
|
|
||||||
* Wed Aug 2 2006 Dan Walsh <dwalsh@redhat.com> 1.30.22-3
|
* Wed Aug 2 2006 Dan Walsh <dwalsh@redhat.com> 1.30.22-3
|
||||||
- Fix audit2allow to handle reload of policy
|
- Fix audit2allow to handle reload of policy
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user