rpms/policycoreutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-1

Browse Source 
- Upgrade to latest from NSA
	* Fixed restorecon to not treat errors from is_context_customizable()
	  as a customizable context.
	* Merged setfiles/restorecon patch to not reset user field unless
	  -F option is specified from Dan Walsh.
	* Merged open_init_pty helper for run_init from Manoj Srivastava.
	* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
This commit is contained in:
Daniel J Walsh 2005-01-24 16:26:39 +00:00
parent a64186fd3d
commit e1affd86ed
4 changed files with 15 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -7,3 +7,4 @@ policycoreutils-1.19.2.tgz
policycoreutils-1.19.3.tgz policycoreutils-1.19.3.tgz
policycoreutils-1.20.1.tgz policycoreutils-1.20.1.tgz
policycoreutils-1.21.1.tgz policycoreutils-1.21.1.tgz
policycoreutils-1.21.3.tgz

126
policycoreutils-rhat.patch
View File

@ -1,56 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.1/restorecon/restorecon.c
--- nsapolicycoreutils/restorecon/restorecon.c 2005-01-20 15:59:21.000000000 -0500
+++ policycoreutils-1.21.1/restorecon/restorecon.c 2005-01-21 13:55:19.371402000 -0500
@@ -50,15 +50,12 @@
static int only_changed_user(const char *a, const char *b)
{
char *rest_a, *rest_b; /* Rest of the context after the user */
- if (!a || !b)
- return 0;
+ if (force) return 0;
+ if (!a || !b) return 0;
rest_a = strchr(a, ':');
rest_b = strchr(b, ':');
- if (!rest_a || !rest_b)
- return 0;
- if (strcmp(rest_a, rest_b) == 0)
- return 1;
- return 0;
+ if (!rest_a || !rest_b) return 0;
+ return (strcmp(rest_a, rest_b) == 0);
}
void usage(const char * const name)
@@ -75,6 +72,7 @@
int len=strlen(filename);
struct stat st;
char path[PATH_MAX+1];
+ int user_only_changed=0;
/*
Eliminate trailing /
*/
@@ -139,7 +137,8 @@
if (outfile) {
fprintf(outfile, "%s\n", filename);
}
- if (change) {
+ user_only_changed = only_changed_user(scontext, prev_context);
+ if (change && !user_only_changed) {
retval=lsetfilecon(filename,scontext);
}
if (retval<0) {
@@ -151,7 +150,7 @@
return 1;
} else
if (verbose &&
- (verbose > 1 || !only_changed_user(scontext, prev_context)))
+ (verbose > 1 || !user_only_changed))
fprintf(stderr,"%s reset context %s:%s->%s\n",
progname, filename, (retcontext >= 0 ? prev_context : ""), scontext);
}
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.1/scripts/fixfiles diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.1/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2005-01-20 15:59:21.000000000 -0500 --- nsapolicycoreutils/scripts/fixfiles 2005-01-24 11:19:10.103136000 -0500
+++ policycoreutils-1.21.1/scripts/fixfiles 2005-01-21 13:55:29.074689000 -0500 +++ policycoreutils-1.21.1/scripts/fixfiles 2005-01-24 11:19:28.998223000 -0500
@@ -37,11 +37,19 @@ @@ -37,11 +37,19 @@
SELINUXTYPE="targeted" SELINUXTYPE="targeted"
if [ -e /etc/selinux/config ]; then if [ -e /etc/selinux/config ]; then
@ -72,75 +22,3 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
# #
# Log to either syslog or a LOGFILE # Log to either syslog or a LOGFILE
# #
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.21.1/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2005-01-20 15:59:22.000000000 -0500
+++ policycoreutils-1.21.1/setfiles/setfiles.c 2005-01-21 13:55:19.386387000 -0500
@@ -583,13 +583,12 @@
static int only_changed_user(const char *a, const char *b)
{
char *rest_a, *rest_b; /* Rest of the context after the user */
+ if (force) return 0;
+ if (!a || !b) return 0;
rest_a = strchr(a, ':');
rest_b = strchr(b, ':');
- if (!rest_a || !rest_b)
- return 0;
- if (strcmp(rest_a, rest_b) == 0)
- return 1;
- return 0;
+ if (!rest_a || !rest_b) return 0;
+ return (strcmp(rest_a, rest_b) == 0);
}
/*
@@ -605,6 +604,7 @@
struct stat my_sb;
int i, ret;
char *context;
+ int user_only_changed=0;
/* Skip the extra slash at the beginning, if present. */
if (file[0] == '/' && file[1] == '/')
@@ -666,6 +666,8 @@
}
}
+ user_only_changed=only_changed_user(context, spec_arr[i].context);
+
/*
* Do not relabel the file if the matching specification is
* <<none>> or the file is already labeled according to the
@@ -690,21 +692,18 @@
/* If we're just doing "-v", trim out any relabels where
* the user has changed but the role and type are the
* same. For "-vv", emit everything. */
- if (verbose > 1 ||
- !only_changed_user(context, spec_arr[i].context)) {
+ if (verbose > 1 || !user_only_changed) {
printf("%s: relabeling %s from %s to %s\n", progname,
my_file, context, spec_arr[i].context);
}
}
- if (log &&
- !only_changed_user(context, spec_arr[i].context)) {
+ if ( log && !user_only_changed ) {
syslog(LOG_INFO, "relabeling %s from %s to %s\n",
my_file, context, spec_arr[i].context);
}
- if (outfile &&
- !only_changed_user(context, spec_arr[i].context))
+ if (outfile && !user_only_changed)
fprintf(outfile, "%s\n", my_file);
freecon(context);
@@ -712,7 +711,7 @@
/*
* Do not relabel the file if -n was used.
*/
- if (!change)
+ if (!change || user_only_changed)
return 0;
/*

13
policycoreutils.spec
View File

@ -1,7 +1,7 @@
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.21.1 Version: 1.21.3
Release: 3 Release: 1
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -76,6 +76,15 @@ rm -rf ${RPM_BUILD_ROOT}
%changelog %changelog
* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-1
- Upgrade to latest from NSA
* Fixed restorecon to not treat errors from is_context_customizable()
as a customizable context.
* Merged setfiles/restorecon patch to not reset user field unless
-F option is specified from Dan Walsh.
* Merged open_init_pty helper for run_init from Manoj Srivastava.
* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3 * Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3
- Don't change user componant if it is all that changed unless forced. - Don't change user componant if it is all that changed unless forced.
- Change fixfiles to concatinate file_context.local for setfiles - Change fixfiles to concatinate file_context.local for setfiles

1
sources
View File

@ -1 +1,2 @@
d2ef0ce3b9692e34ac489bf35aa625ff policycoreutils-1.21.1.tgz d2ef0ce3b9692e34ac489bf35aa625ff policycoreutils-1.21.1.tgz
0ac59d3c300ac05f1e48a26f50698e83 policycoreutils-1.21.3.tgz