* Fri Jan 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-17

- Change seobject to use translations properly
This commit is contained in:
Daniel J Walsh 2010-02-01 14:40:42 +00:00
parent ab47b01339
commit db71b70994
2 changed files with 171 additions and 54 deletions

View File

@ -1097,7 +1097,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ +
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.78/restorecond/watch.c diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.78/restorecond/watch.c
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.78/restorecond/watch.c 2009-12-16 08:16:27.000000000 -0500 +++ policycoreutils-2.0.78/restorecond/watch.c 2010-01-29 16:35:39.000000000 -0500
@@ -0,0 +1,260 @@ @@ -0,0 +1,260 @@
+#define _GNU_SOURCE +#define _GNU_SOURCE
+#include <sys/inotify.h> +#include <sys/inotify.h>
@ -2780,6 +2780,48 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ return status; + return status;
+} +}
Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.78/sandbox/seunshare.o differ Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.78/sandbox/seunshare.o differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.78/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2009-12-01 15:46:50.000000000 -0500
+++ policycoreutils-2.0.78/scripts/fixfiles 2010-01-29 14:02:43.000000000 -0500
@@ -87,11 +87,9 @@
esac; \
fi; \
done | \
- while read pattern ; do sh -c "find $pattern \
- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o -fstype btrfs \) -prune -o \
- \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \
- done 2> /dev/null | \
- ${RESTORECON} $* -0 -f -
+ while read pattern ; do \
+ ${RESTORECON} -f -R -v $pattern -e /home -e /tmp -r /dev; \
+ done
rm -f ${TEMPFILE} ${PREFCTEMPFILE}
fi
}
@@ -126,13 +124,7 @@
exit $?
fi
if [ ! -z "$FILEPATH" ]; then
- if [ -x /usr/bin/find ]; then
- /usr/bin/find "$FILEPATH" \
- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o -fstype btrfs \) -prune -o -print0 | \
- ${RESTORECON} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
- else
- ${RESTORECON} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
- fi
+ ${RESTORECON} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
return
fi
[ -x /usr/sbin/genhomedircon ] && /usr/sbin/genhomedircon
@@ -146,7 +138,7 @@
fullrelabel() {
logit "Cleaning out /tmp"
- find /tmp/ -mindepth 1 -print0 | xargs -0 /bin/rm -f
+ find /tmp/ -mindepth 1 -delete
LogReadOnly
restore
}
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.78/semanage/semanage diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.78/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2009-11-18 17:06:03.000000000 -0500 --- nsapolicycoreutils/semanage/semanage 2009-11-18 17:06:03.000000000 -0500
+++ policycoreutils-2.0.78/semanage/semanage 2010-01-08 09:24:07.000000000 -0500 +++ policycoreutils-2.0.78/semanage/semanage 2010-01-08 09:24:07.000000000 -0500
@ -3150,10 +3192,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
# Change apache to a permissive domain # Change apache to a permissive domain
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.78/semanage/seobject.py diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.78/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2009-11-20 10:51:25.000000000 -0500 --- nsapolicycoreutils/semanage/seobject.py 2009-11-20 10:51:25.000000000 -0500
+++ policycoreutils-2.0.78/semanage/seobject.py 2009-12-08 17:05:49.000000000 -0500 +++ policycoreutils-2.0.78/semanage/seobject.py 2010-01-29 13:44:51.000000000 -0500
@@ -37,40 +37,6 @@ @@ -29,47 +29,12 @@
import gettext
import syslog gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
-try:
- gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
-except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
-
-import syslog
-handle = None -handle = None
- -
@ -3186,13 +3236,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
- if is_mls_enabled < 0: - if is_mls_enabled < 0:
- semanage_handle_destroy(handle) - semanage_handle_destroy(handle)
- raise ValueError(_("Could not test MLS enabled status")) - raise ValueError(_("Could not test MLS enabled status"))
- +import gettext
+translation=gettext.translation(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
+_=translation.ugettext
- return handle - return handle
- +import syslog
file_types = {} file_types = {}
file_types[""] = SEMANAGE_FCONTEXT_ALL; file_types[""] = SEMANAGE_FCONTEXT_ALL;
file_types["all files"] = SEMANAGE_FCONTEXT_ALL; @@ -194,45 +159,152 @@
@@ -194,44 +160,151 @@
return trans return trans
else: else:
return raw return raw
@ -3283,8 +3336,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
raise ValueError(_("Semanage transaction not in progress")) raise ValueError(_("Semanage transaction not in progress"))
- self.transaction = False - self.transaction = False
+ semanageRecords.transaction = False + semanageRecords.transaction = False
+ self.commit() self.commit()
+
+class moduleRecords(semanageRecords): +class moduleRecords(semanageRecords):
+ def __init__(self, store): + def __init__(self, store):
+ semanageRecords.__init__(self, store) + semanageRecords.__init__(self, store)
@ -3348,17 +3401,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ if rc < 0 and rc != -2: + if rc < 0 and rc != -2:
+ raise ValueError(_("Could not remove module %s (remove failed)") % m) + raise ValueError(_("Could not remove module %s (remove failed)") % m)
+ +
self.commit() + self.commit()
+ +
+ def deleteall(self): + def deleteall(self):
+ l = self.get_all() + l = self.get_all()
+ if len(l) > 0: + if len(l) > 0:
+ all = " ".join(l[0]) + all = " ".join(l[0])
+ self.delete(all) + self.delete(all)
+
class dontauditClass(semanageRecords): class dontauditClass(semanageRecords):
def __init__(self, store): def __init__(self, store):
@@ -259,6 +332,7 @@ semanageRecords.__init__(self, store)
@@ -259,6 +331,7 @@
name = semanage_module_get_name(mod) name = semanage_module_get_name(mod)
if name and name.startswith("permissive_"): if name and name.startswith("permissive_"):
l.append(name.split("permissive_")[1]) l.append(name.split("permissive_")[1])
@ -3366,7 +3420,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
return l return l
def list(self, heading = 1, locallist = 0): def list(self, heading = 1, locallist = 0):
@@ -343,7 +417,9 @@ @@ -343,7 +416,9 @@
if rc < 0: if rc < 0:
raise ValueError(_("Could not check if login mapping for %s is defined") % name) raise ValueError(_("Could not check if login mapping for %s is defined") % name)
if exists: if exists:
@ -3377,7 +3431,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
if name[0] == '%': if name[0] == '%':
try: try:
grp.getgrnam(name[1:]) grp.getgrnam(name[1:])
@@ -475,6 +551,16 @@ @@ -475,6 +550,16 @@
mylog.log(1, "delete SELinux user mapping", name); mylog.log(1, "delete SELinux user mapping", name);
@ -3394,7 +3448,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def get_all(self, locallist = 0): def get_all(self, locallist = 0):
ddict = {} ddict = {}
if locallist: if locallist:
@@ -489,6 +575,15 @@ @@ -489,6 +574,15 @@
ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u)) ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u))
return ddict return ddict
@ -3410,7 +3464,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self,heading = 1, locallist = 0): def list(self,heading = 1, locallist = 0):
ddict = self.get_all(locallist) ddict = self.get_all(locallist)
keys = ddict.keys() keys = ddict.keys()
@@ -531,7 +626,8 @@ @@ -531,7 +625,8 @@
if rc < 0: if rc < 0:
raise ValueError(_("Could not check if SELinux user %s is defined") % name) raise ValueError(_("Could not check if SELinux user %s is defined") % name)
if exists: if exists:
@ -3420,7 +3474,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
(rc, u) = semanage_user_create(self.sh) (rc, u) = semanage_user_create(self.sh)
if rc < 0: if rc < 0:
@@ -682,6 +778,16 @@ @@ -682,6 +777,16 @@
mylog.log(1,"delete SELinux user record", name) mylog.log(1,"delete SELinux user record", name)
@ -3437,7 +3491,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def get_all(self, locallist = 0): def get_all(self, locallist = 0):
ddict = {} ddict = {}
if locallist: if locallist:
@@ -702,6 +808,15 @@ @@ -702,6 +807,15 @@
return ddict return ddict
@ -3453,7 +3507,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self, heading = 1, locallist = 0): def list(self, heading = 1, locallist = 0):
ddict = self.get_all(locallist) ddict = self.get_all(locallist)
keys = ddict.keys() keys = ddict.keys()
@@ -740,12 +855,16 @@ @@ -740,12 +854,16 @@
low = int(ports[0]) low = int(ports[0])
high = int(ports[1]) high = int(ports[1])
@ -3470,7 +3524,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
if is_mls_enabled == 1: if is_mls_enabled == 1:
if serange == "": if serange == "":
serange = "s0" serange = "s0"
@@ -808,6 +927,7 @@ @@ -808,6 +926,7 @@
self.commit() self.commit()
def __modify(self, port, proto, serange, setype): def __modify(self, port, proto, serange, setype):
@ -3478,7 +3532,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
if serange == "" and setype == "": if serange == "" and setype == "":
if is_mls_enabled == 1: if is_mls_enabled == 1:
raise ValueError(_("Requires setype or serange")) raise ValueError(_("Requires setype or serange"))
@@ -942,6 +1062,18 @@ @@ -942,6 +1061,18 @@
ddict[(ctype,proto_str)].append("%d-%d" % (low, high)) ddict[(ctype,proto_str)].append("%d-%d" % (low, high))
return ddict return ddict
@ -3497,7 +3551,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self, heading = 1, locallist = 0): def list(self, heading = 1, locallist = 0):
if heading: if heading:
print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number")) print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
@@ -958,7 +1090,8 @@ @@ -958,7 +1089,8 @@
class nodeRecords(semanageRecords): class nodeRecords(semanageRecords):
def __init__(self, store = ""): def __init__(self, store = ""):
semanageRecords.__init__(self,store) semanageRecords.__init__(self,store)
@ -3507,7 +3561,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def __add(self, addr, mask, proto, serange, ctype): def __add(self, addr, mask, proto, serange, ctype):
if addr == "": if addr == "":
raise ValueError(_("Node Address is required")) raise ValueError(_("Node Address is required"))
@@ -966,14 +1099,11 @@ @@ -966,14 +1098,11 @@
if mask == "": if mask == "":
raise ValueError(_("Node Netmask is required")) raise ValueError(_("Node Netmask is required"))
@ -3525,7 +3579,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
if is_mls_enabled == 1: if is_mls_enabled == 1:
if serange == "": if serange == "":
serange = "s0" serange = "s0"
@@ -991,7 +1121,8 @@ @@ -991,7 +1120,8 @@
(rc, exists) = semanage_node_exists(self.sh, k) (rc, exists) = semanage_node_exists(self.sh, k)
if exists: if exists:
@ -3535,7 +3589,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
(rc, node) = semanage_node_create(self.sh) (rc, node) = semanage_node_create(self.sh)
if rc < 0: if rc < 0:
@@ -1047,13 +1178,10 @@ @@ -1047,13 +1177,10 @@
if mask == "": if mask == "":
raise ValueError(_("Node Netmask is required")) raise ValueError(_("Node Netmask is required"))
@ -3553,7 +3607,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
if serange == "" and setype == "": if serange == "" and setype == "":
raise ValueError(_("Requires setype or serange")) raise ValueError(_("Requires setype or serange"))
@@ -1098,11 +1226,9 @@ @@ -1098,11 +1225,9 @@
if mask == "": if mask == "":
raise ValueError(_("Node Netmask is required")) raise ValueError(_("Node Netmask is required"))
@ -3568,7 +3622,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
raise ValueError(_("Unknown or missing protocol")) raise ValueError(_("Unknown or missing protocol"))
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
@@ -1132,6 +1258,16 @@ @@ -1132,6 +1257,16 @@
self.__delete(addr, mask, proto) self.__delete(addr, mask, proto)
self.commit() self.commit()
@ -3585,7 +3639,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def get_all(self, locallist = 0): def get_all(self, locallist = 0):
ddict = {} ddict = {}
if locallist : if locallist :
@@ -1145,15 +1281,20 @@ @@ -1145,15 +1280,20 @@
con = semanage_node_get_con(node) con = semanage_node_get_con(node)
addr = semanage_node_get_addr(self.sh, node) addr = semanage_node_get_addr(self.sh, node)
mask = semanage_node_get_mask(self.sh, node) mask = semanage_node_get_mask(self.sh, node)
@ -3611,7 +3665,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self, heading = 1, locallist = 0): def list(self, heading = 1, locallist = 0):
if heading: if heading:
print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context") print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
@@ -1193,7 +1334,8 @@ @@ -1193,7 +1333,8 @@
if rc < 0: if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface) raise ValueError(_("Could not check if interface %s is defined") % interface)
if exists: if exists:
@ -3621,7 +3675,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
(rc, iface) = semanage_iface_create(self.sh) (rc, iface) = semanage_iface_create(self.sh)
if rc < 0: if rc < 0:
@@ -1307,6 +1449,16 @@ @@ -1307,6 +1448,16 @@
self.__delete(interface) self.__delete(interface)
self.commit() self.commit()
@ -3638,7 +3692,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def get_all(self, locallist = 0): def get_all(self, locallist = 0):
ddict = {} ddict = {}
if locallist: if locallist:
@@ -1322,6 +1474,15 @@ @@ -1322,6 +1473,15 @@
return ddict return ddict
@ -3654,7 +3708,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self, heading = 1, locallist = 0): def list(self, heading = 1, locallist = 0):
if heading: if heading:
print "%-30s %s\n" % (_("SELinux Interface"), _("Context")) print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
@@ -1338,6 +1499,48 @@ @@ -1338,6 +1498,48 @@
class fcontextRecords(semanageRecords): class fcontextRecords(semanageRecords):
def __init__(self, store = ""): def __init__(self, store = ""):
semanageRecords.__init__(self, store) semanageRecords.__init__(self, store)
@ -3703,7 +3757,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def createcon(self, target, seuser = "system_u"): def createcon(self, target, seuser = "system_u"):
(rc, con) = semanage_context_create(self.sh) (rc, con) = semanage_context_create(self.sh)
@@ -1364,6 +1567,8 @@ @@ -1364,6 +1566,8 @@
def validate(self, target): def validate(self, target):
if target == "" or target.find("\n") >= 0: if target == "" or target.find("\n") >= 0:
raise ValueError(_("Invalid file specification")) raise ValueError(_("Invalid file specification"))
@ -3712,7 +3766,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"): def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
self.validate(target) self.validate(target)
@@ -1388,7 +1593,8 @@ @@ -1388,7 +1592,8 @@
raise ValueError(_("Could not check if file context for %s is defined") % target) raise ValueError(_("Could not check if file context for %s is defined") % target)
if exists: if exists:
@ -3722,7 +3776,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
(rc, fcontext) = semanage_fcontext_create(self.sh) (rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0: if rc < 0:
@@ -1504,9 +1710,16 @@ @@ -1504,9 +1709,16 @@
raise ValueError(_("Could not delete the file context %s") % target) raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k) semanage_fcontext_key_free(k)
@ -3739,7 +3793,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
if rc < 0: if rc < 0:
raise ValueError(_("Could not create a key for %s") % target) raise ValueError(_("Could not create a key for %s") % target)
@@ -1561,12 +1774,22 @@ @@ -1561,12 +1773,22 @@
return ddict return ddict
@ -3764,7 +3818,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
for k in keys: for k in keys:
if fcon_dict[k]: if fcon_dict[k]:
if is_mls_enabled: if is_mls_enabled:
@@ -1575,6 +1798,12 @@ @@ -1575,6 +1797,12 @@
print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2]) print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
else: else:
print "%-50s %-18s <<None>>" % (k[0], k[1]) print "%-50s %-18s <<None>>" % (k[0], k[1])
@ -3777,7 +3831,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
class booleanRecords(semanageRecords): class booleanRecords(semanageRecords):
def __init__(self, store = ""): def __init__(self, store = ""):
@@ -1706,6 +1935,16 @@ @@ -1706,6 +1934,16 @@
else: else:
return _("unknown") return _("unknown")
@ -3932,8 +3986,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
} }
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.78/setfiles/restore.c diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.78/setfiles/restore.c
--- nsapolicycoreutils/setfiles/restore.c 2009-11-03 09:21:40.000000000 -0500 --- nsapolicycoreutils/setfiles/restore.c 2009-11-03 09:21:40.000000000 -0500
+++ policycoreutils-2.0.78/setfiles/restore.c 2009-12-16 08:14:21.000000000 -0500 +++ policycoreutils-2.0.78/setfiles/restore.c 2010-01-29 16:37:02.000000000 -0500
@@ -31,7 +31,6 @@ @@ -1,4 +1,5 @@
#include "restore.h"
+#include <glob.h>
#define SKIP -2
#define ERR -1
@@ -31,7 +32,6 @@
static file_spec_t *fl_head; static file_spec_t *fl_head;
@ -3941,7 +4001,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
static int filespec_add(ino_t ino, const security_context_t con, const char *file); static int filespec_add(ino_t ino, const security_context_t con, const char *file);
static int only_changed_user(const char *a, const char *b); static int only_changed_user(const char *a, const char *b);
struct restore_opts *r_opts = NULL; struct restore_opts *r_opts = NULL;
@@ -53,7 +52,6 @@ @@ -53,7 +53,6 @@
} }
} }
return; return;
@ -3949,7 +4009,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
} }
void restore_init(struct restore_opts *opts) void restore_init(struct restore_opts *opts)
@@ -303,6 +301,12 @@ @@ -303,6 +302,12 @@
FTS *fts_handle; FTS *fts_handle;
FTSENT *ftsent; FTSENT *ftsent;
@ -3962,7 +4022,37 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
fts_handle = fts_open((char **)namelist, r_opts->fts_flags, NULL); fts_handle = fts_open((char **)namelist, r_opts->fts_flags, NULL);
if (fts_handle == NULL) { if (fts_handle == NULL) {
fprintf(stderr, fprintf(stderr,
@@ -374,6 +378,7 @@ @@ -357,6 +362,29 @@
goto out;
}
+int process_glob(char *name, int recurse) {
+ glob_t globbuf;
+ size_t i = 0;
+ int errors = 0;
+ memset(&globbuf, 0, sizeof(globbuf));
+ globbuf.gl_offs = 0;
+ if (glob(name,
+ GLOB_TILDE | GLOB_PERIOD,
+ NULL,
+ &globbuf) >= 0) {
+ for (i = 0; i < globbuf.gl_pathc; i++) {
+ int len = strlen(globbuf.gl_pathv[i]) -2;
+ if (len > 0 && strcmp(&globbuf.gl_pathv[i][len--], "/.") == 0) continue;
+ if (len > 0 && strcmp(&globbuf.gl_pathv[i][len], "/..") == 0) continue;
+ errors |= process_one_realpath(globbuf.gl_pathv[i], recurse) < 0;
+ }
+ globfree(&globbuf);
+ }
+ else
+ errors |= process_one_realpath(name, recurse) < 0;
+ return errors;
+}
+
int process_one_realpath(char *name, int recurse)
{
int rc = 0;
@@ -374,6 +402,7 @@
} else { } else {
rc = lstat(name, &sb); rc = lstat(name, &sb);
if (rc < 0) { if (rc < 0) {
@ -3970,7 +4060,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
fprintf(stderr, "%s: lstat(%s) failed: %s\n", fprintf(stderr, "%s: lstat(%s) failed: %s\n",
r_opts->progname, name, strerror(errno)); r_opts->progname, name, strerror(errno));
return -1; return -1;
@@ -409,7 +414,7 @@ @@ -409,7 +438,7 @@
} }
} }
@ -3979,7 +4069,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
{ {
int i = 0; int i = 0;
for (i = 0; i < excludeCtr; i++) { for (i = 0; i < excludeCtr; i++) {
@@ -602,5 +607,67 @@ @@ -602,5 +631,67 @@
return -1; return -1;
} }
@ -4008,7 +4098,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ fp = fopen("/proc/mounts", "r"); + fp = fopen("/proc/mounts", "r");
+ if (!fp) + if (!fp)
+ return; + return;
+
+ while ((num = getline(&buf, &len, fp)) != -1) { + while ((num = getline(&buf, &len, fp)) != -1) {
+ found = 0; + found = 0;
+ index = 0; + index = 0;
@ -4026,7 +4116,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ buf); + buf);
+ continue; + continue;
+ } + }
+
+ /* remove pre-existing entry */ + /* remove pre-existing entry */
+ remove_exclude(mount_info[1]); + remove_exclude(mount_info[1]);
+ +
@ -4047,6 +4137,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ free(buf); + free(buf);
+} +}
Binary files nsapolicycoreutils/setfiles/restorecon and policycoreutils-2.0.78/setfiles/restorecon differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.78/setfiles/restorecon.8 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.78/setfiles/restorecon.8
--- nsapolicycoreutils/setfiles/restorecon.8 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/setfiles/restorecon.8 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.78/setfiles/restorecon.8 2009-12-16 08:14:22.000000000 -0500 +++ policycoreutils-2.0.78/setfiles/restorecon.8 2009-12-16 08:14:22.000000000 -0500
@ -4075,7 +4166,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
show changes in file labels. show changes in file labels.
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.78/setfiles/restore.h diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.78/setfiles/restore.h
--- nsapolicycoreutils/setfiles/restore.h 2009-11-03 09:21:40.000000000 -0500 --- nsapolicycoreutils/setfiles/restore.h 2009-11-03 09:21:40.000000000 -0500
+++ policycoreutils-2.0.78/setfiles/restore.h 2009-12-16 08:14:23.000000000 -0500 +++ policycoreutils-2.0.78/setfiles/restore.h 2010-01-29 16:27:56.000000000 -0500
@@ -27,6 +27,7 @@ @@ -27,6 +27,7 @@
int hard_links; int hard_links;
int verbose; int verbose;
@ -4084,16 +4175,19 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
char *rootpath; char *rootpath;
int rootpathlen; int rootpathlen;
char *progname; char *progname;
@@ -44,7 +45,9 @@ @@ -44,7 +45,10 @@
void restore_init(struct restore_opts *opts); void restore_init(struct restore_opts *opts);
void restore_finish(); void restore_finish();
int add_exclude(const char *directory); int add_exclude(const char *directory);
+int exclude(const char *path); +int exclude(const char *path);
void remove_exclude(const char *directory); void remove_exclude(const char *directory);
int process_one_realpath(char *name, int recurse); int process_one_realpath(char *name, int recurse);
+void exclude_non_seclabel_mounts(); +int process_glob(char *name, int recurse);
+void exclude_non_seclabel_mounts();
#endif #endif
Binary files nsapolicycoreutils/setfiles/restore.o and policycoreutils-2.0.78/setfiles/restore.o differ
Binary files nsapolicycoreutils/setfiles/setfiles and policycoreutils-2.0.78/setfiles/setfiles differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.78/setfiles/setfiles.8 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.78/setfiles/setfiles.8
--- nsapolicycoreutils/setfiles/setfiles.8 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/setfiles/setfiles.8 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.78/setfiles/setfiles.8 2009-12-16 08:14:25.000000000 -0500 +++ policycoreutils-2.0.78/setfiles/setfiles.8 2009-12-16 08:14:25.000000000 -0500
@ -4109,7 +4203,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
suppress non-error output. suppress non-error output.
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.78/setfiles/setfiles.c diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.78/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2009-11-03 09:21:40.000000000 -0500 --- nsapolicycoreutils/setfiles/setfiles.c 2009-11-03 09:21:40.000000000 -0500
+++ policycoreutils-2.0.78/setfiles/setfiles.c 2009-12-16 08:14:26.000000000 -0500 +++ policycoreutils-2.0.78/setfiles/setfiles.c 2010-01-29 16:31:10.000000000 -0500
@@ -5,7 +5,6 @@ @@ -5,7 +5,6 @@
#include <ctype.h> #include <ctype.h>
#include <regex.h> #include <regex.h>
@ -4230,3 +4324,23 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
argv[0]); argv[0]);
exit(1); exit(1);
} }
@@ -475,7 +410,7 @@
buf[len - 1] = 0;
if (!strcmp(buf, "/"))
mass_relabel = 1;
- errors |= process_one_realpath(buf, recurse) < 0;
+ errors |= process_glob(buf, recurse) < 0;
}
if (strcmp(input_filename, "-") != 0)
fclose(f);
@@ -483,7 +418,8 @@
for (i = optind; i < argc; i++) {
if (!strcmp(argv[i], "/"))
mass_relabel = 1;
- errors |= process_one_realpath(argv[i], recurse) < 0;
+
+ errors |= process_glob(argv[i], recurse) < 0;
}
}
Binary files nsapolicycoreutils/setfiles/setfiles.o and policycoreutils-2.0.78/setfiles/setfiles.o differ

View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.78 Version: 2.0.78
Release: 16%{?dist} Release: 17%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -298,6 +298,9 @@ fi
exit 0 exit 0
%changelog %changelog
* Fri Jan 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-17
- Change seobject to use translations properly
* Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-16 * Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-16
- Cleanup spec file - Cleanup spec file
Resolves: 555835 Resolves: 555835