rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Remove run_init, no longer needed with systemd.

Browse Source 
- Fix sepolicy generate to not include subdirs in generated fcontext file.  (mgrepl patch)
This commit is contained in:
Dan Walsh 2012-11-05 13:23:00 -05:00
parent cc08d7735b
commit ddeee18742
2 changed files with 28 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
policycoreutils-rhat.patch
View File

@ -342434,7 +342434,7 @@ index 0000000..a179d95
+ +
diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
new file mode 100644 new file mode 100644
index 0000000..93b0762 index 0000000..de040af
--- /dev/null --- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy/generate.py +++ b/policycoreutils/sepolicy/sepolicy/generate.py
@@ -0,0 +1,1284 @@ @@ -0,0 +1,1284 @@
@ -343632,7 +343632,7 @@ index 0000000..93b0762
+ +
+ for pkg in yb.rpmdb.searchProvides(self.program): + for pkg in yb.rpmdb.searchProvides(self.program):
+ self.rpms.append(pkg.name) + self.rpms.append(pkg.name)
+ for fname in pkg.filelist + pkg.ghostlist + pkg.dirlist: + for fname in pkg.dirlist + pkg.filelist + pkg.ghostlist:
+ for b in self.DEFAULT_DIRS: + for b in self.DEFAULT_DIRS:
+ if b == "/etc": + if b == "/etc":
+ continue + continue
@ -343643,7 +343643,7 @@ index 0000000..93b0762
+ self.add_dir(fname) + self.add_dir(fname)
+ +
+ for bpkg in yb.rpmdb.searchNames([pkg.base_package_name]): + for bpkg in yb.rpmdb.searchNames([pkg.base_package_name]):
+ for fname in bpkg.filelist + bpkg.ghostlist + bpkg.dirlist: + for fname in bpkg.dirlist + bpkg.filelist + bpkg.ghostlist:
+ for b in self.DEFAULT_DIRS: + for b in self.DEFAULT_DIRS:
+ if b == "/etc": + if b == "/etc":
+ continue + continue
@ -347623,18 +347623,23 @@ index 0000000..ec9c071
+ +
+setup(name = "sepolicy", version="1.1", description="Python SELinux Policy Analysys bindings", author="Daniel Walsh", author_email="dwalsh@redhat.com", ext_modules=[policy], packages=["sepolicy", "sepolicy.templates"]) +setup(name = "sepolicy", version="1.1", description="Python SELinux Policy Analysys bindings", author="Daniel Walsh", author_email="dwalsh@redhat.com", ext_modules=[policy], packages=["sepolicy", "sepolicy.templates"])
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 4c62b41..01fc818 100644 index 4c62b41..bb42221 100644
--- a/policycoreutils/setfiles/restore.c --- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c +++ b/policycoreutils/setfiles/restore.c
@@ -105,6 +105,7 @@ static int restore(FTSENT *ftsent) @@ -105,15 +105,26 @@ static int restore(FTSENT *ftsent)
char *my_file = strdupa(ftsent->fts_path); char *my_file = strdupa(ftsent->fts_path);
int ret = -1; int ret = -1;
security_context_t curcon = NULL, newcon = NULL; security_context_t curcon = NULL, newcon = NULL;
+ float progress; + float progress;
+ if (match(my_file, ftsent->fts_statp, &newcon) < 0) {
+ if (errno == ENOENT)
+ fprintf(stdout, "%s: No default label for %s\n", r_opts->progname, my_file);
if (match(my_file, ftsent->fts_statp, &newcon) < 0) - if (match(my_file, ftsent->fts_statp, &newcon) < 0)
/* Check for no matching specification. */ /* Check for no matching specification. */
@@ -113,7 +114,14 @@ static int restore(FTSENT *ftsent) return (errno == ENOENT) ? 0 : -1;
+ }
if (r_opts->progress) { if (r_opts->progress) {
r_opts->count++; r_opts->count++;
if (r_opts->count % STAR_COUNT == 0) { if (r_opts->count % STAR_COUNT == 0) {
@ -347650,7 +347655,7 @@ index 4c62b41..01fc818 100644
fflush(stdout); fflush(stdout);
} }
} }
@@ -283,6 +291,8 @@ static int apply_spec(FTSENT *ftsent) @@ -283,6 +294,8 @@ static int apply_spec(FTSENT *ftsent)
return rc; return rc;
} }
@ -347659,7 +347664,7 @@ index 4c62b41..01fc818 100644
static int process_one(char *name, int recurse_this_path) static int process_one(char *name, int recurse_this_path)
{ {
int rc = 0; int rc = 0;
@@ -332,6 +342,7 @@ static int process_one(char *name, int recurse_this_path) @@ -332,6 +345,7 @@ static int process_one(char *name, int recurse_this_path)
continue; continue;
} }
} }
@ -347667,7 +347672,7 @@ index 4c62b41..01fc818 100644
rc = apply_spec(ftsent); rc = apply_spec(ftsent);
if (rc == SKIP) if (rc == SKIP)
fts_set(fts_handle, ftsent, FTS_SKIP); fts_set(fts_handle, ftsent, FTS_SKIP);
@@ -611,12 +622,22 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil @@ -611,12 +625,22 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil
} }
#include <sys/utsname.h> #include <sys/utsname.h>
@ -347692,7 +347697,7 @@ index 4c62b41..01fc818 100644
{ {
struct utsname uts; struct utsname uts;
FILE *fp; FILE *fp;
@@ -625,16 +646,16 @@ void exclude_non_seclabel_mounts() @@ -625,16 +649,16 @@ void exclude_non_seclabel_mounts()
int index = 0, found = 0; int index = 0, found = 0;
char *mount_info[4]; char *mount_info[4];
char *buf = NULL, *item; char *buf = NULL, *item;
@ -347713,7 +347718,7 @@ index 4c62b41..01fc818 100644
while ((num = getline(&buf, &len, fp)) != -1) { while ((num = getline(&buf, &len, fp)) != -1) {
found = 0; found = 0;
@@ -661,6 +682,7 @@ void exclude_non_seclabel_mounts() @@ -661,6 +685,7 @@ void exclude_non_seclabel_mounts()
while (item != NULL) { while (item != NULL) {
if (strcmp(item, "seclabel") == 0) { if (strcmp(item, "seclabel") == 0) {
found = 1; found = 1;
@ -347721,7 +347726,7 @@ index 4c62b41..01fc818 100644
break; break;
} }
item = strtok(NULL, ","); item = strtok(NULL, ",");
@@ -673,5 +695,7 @@ void exclude_non_seclabel_mounts() @@ -673,5 +698,7 @@ void exclude_non_seclabel_mounts()
free(buf); free(buf);
fclose(fp); fclose(fp);

17
policycoreutils.spec
View File

@ -7,7 +7,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.1.13 Version: 2.1.13
Release: 24%{?dist} Release: 25%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# Based on git repository with tag 20101221 # Based on git repository with tag 20101221
@ -57,8 +57,7 @@ Control, and Multi-level Security.
policycoreutils contains the policy core utilities that are required policycoreutils contains the policy core utilities that are required
for basic operation of a SELinux system. These utilities include for basic operation of a SELinux system. These utilities include
load_policy to load policies, setfiles to label filesystems, newrole load_policy to load policies, setfiles to label filesystems, newrole
to switch roles, and run_init to run /etc/init.d scripts in the proper to switch roles.
context.
%prep %prep
%setup -q -a 1 %setup -q -a 1
@ -103,6 +102,10 @@ rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
rm -f %{buildroot}/usr/share/man/ru/man8/open_init_pty.8.gz rm -f %{buildroot}/usr/share/man/ru/man8/open_init_pty.8.gz
rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8 rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8
rm -f %{buildroot}/usr/sbin/open_init_pty rm -f %{buildroot}/usr/sbin/open_init_pty
rm -f %{buildroot}/usr/sbin/run_init
rm -f %{buildroot}/usr/share/man/ru/man8/run_init.8*
rm -f %{buildroot}/usr/share/man/man8/run_init.8*
rm -f %{buildroot}/etc/pam.d/run_init*
ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui
@ -253,14 +256,12 @@ rm -rf %{buildroot}
%{_sbindir}/setsebool %{_sbindir}/setsebool
%{_sbindir}/semodule %{_sbindir}/semodule
%{_sbindir}/sestatus %{_sbindir}/sestatus
%{_sbindir}/run_init
%{_bindir}/secon %{_bindir}/secon
%{_bindir}/semodule_deps %{_bindir}/semodule_deps
%{_bindir}/semodule_expand %{_bindir}/semodule_expand
%{_bindir}/semodule_link %{_bindir}/semodule_link
%{_bindir}/semodule_package %{_bindir}/semodule_package
%{_bindir}/semodule_unpackage %{_bindir}/semodule_unpackage
%config(noreplace) %{_sysconfdir}/pam.d/run_init
%config(noreplace) %{_sysconfdir}/sestatus.conf %config(noreplace) %{_sysconfdir}/sestatus.conf
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them # selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
%{_mandir}/man5/selinux_config.5.gz %{_mandir}/man5/selinux_config.5.gz
@ -271,8 +272,6 @@ rm -rf %{buildroot}
%{_mandir}/ru/man8/load_policy.8* %{_mandir}/ru/man8/load_policy.8*
%{_mandir}/man8/restorecon.8* %{_mandir}/man8/restorecon.8*
%{_mandir}/ru/man8/restorecon.8* %{_mandir}/ru/man8/restorecon.8*
%{_mandir}/man8/run_init.8*
%{_mandir}/ru/man8/run_init.8*
%{_mandir}/man8/semodule.8* %{_mandir}/man8/semodule.8*
%{_mandir}/ru/man8/semodule.8* %{_mandir}/ru/man8/semodule.8*
%{_mandir}/man8/semodule_deps.8* %{_mandir}/man8/semodule_deps.8*
@ -329,6 +328,10 @@ The policycoreutils-restorecond package contains the restorecond service.
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog %changelog
* Mon Nov 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-25
- Remove run_init, no longer needed with systemd.
- Fix sepolicy generate to not include subdirs in generated fcontext file. (mgrepl patch)
* Sat Nov 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-24 * Sat Nov 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-24
- Fix manpage to generate proper man pages for alternate policy, - Fix manpage to generate proper man pages for alternate policy,
basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as