Allow user to specify DPI when running sandbox
This commit is contained in:
parent
6119a6b9f8
commit
e71cb0d5d0
@ -42,6 +42,19 @@ index 99d0ed7..19e20a8 100644
|
|||||||
if (set_signal_handles())
|
if (set_signal_handles())
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile
|
||||||
|
index 554262a..a52e4b0 100644
|
||||||
|
--- a/policycoreutils/po/Makefile
|
||||||
|
+++ b/policycoreutils/po/Makefile
|
||||||
|
@@ -7,7 +7,7 @@ TOP = ../..
|
||||||
|
# What is this package?
|
||||||
|
NLSPACKAGE = policycoreutils
|
||||||
|
POTFILE = $(NLSPACKAGE).pot
|
||||||
|
-INSTALL = /usr/bin/install -c
|
||||||
|
+INSTALL = /usr/bin/install -c -p
|
||||||
|
INSTALL_DATA = $(INSTALL) -m 644
|
||||||
|
INSTALL_DIR = /usr/bin/install -d
|
||||||
|
|
||||||
diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
|
diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
|
||||||
index 89f5d97..dfd9629 100644
|
index 89f5d97..dfd9629 100644
|
||||||
--- a/policycoreutils/restorecond/restorecond.c
|
--- a/policycoreutils/restorecond/restorecond.c
|
||||||
@ -85,7 +98,7 @@ index 9db766c..068e24c 100644
|
|||||||
|
|
||||||
} /* main() */
|
} /* main() */
|
||||||
diff --git a/policycoreutils/sandbox/Makefile b/policycoreutils/sandbox/Makefile
|
diff --git a/policycoreutils/sandbox/Makefile b/policycoreutils/sandbox/Makefile
|
||||||
index 1c458f1..36042a2 100644
|
index 1c458f1..96c6795 100644
|
||||||
--- a/policycoreutils/sandbox/Makefile
|
--- a/policycoreutils/sandbox/Makefile
|
||||||
+++ b/policycoreutils/sandbox/Makefile
|
+++ b/policycoreutils/sandbox/Makefile
|
||||||
@@ -23,7 +23,7 @@ install: all
|
@@ -23,7 +23,7 @@ install: all
|
||||||
@ -93,10 +106,180 @@ index 1c458f1..36042a2 100644
|
|||||||
install -m 644 seunshare.8 $(MANDIR)/man8/
|
install -m 644 seunshare.8 $(MANDIR)/man8/
|
||||||
-mkdir -p $(MANDIR)/man5
|
-mkdir -p $(MANDIR)/man5
|
||||||
- install -m 644 sandbox.conf.5 $(MANDIR)/man5/
|
- install -m 644 sandbox.conf.5 $(MANDIR)/man5/
|
||||||
+ install -m 644 sandbox.conf.5 $(MANDIR)/man5/sandbox.5
|
+ install -m 644 sandbox.5 $(MANDIR)/man5/sandbox.5
|
||||||
-mkdir -p $(SBINDIR)
|
-mkdir -p $(SBINDIR)
|
||||||
install -m 4755 seunshare $(SBINDIR)/
|
install -m 4755 seunshare $(SBINDIR)/
|
||||||
-mkdir -p $(SHAREDIR)
|
-mkdir -p $(SHAREDIR)
|
||||||
|
diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
|
||||||
|
index 486cd4e..cdd4293 100644
|
||||||
|
--- a/policycoreutils/sandbox/sandbox
|
||||||
|
+++ b/policycoreutils/sandbox/sandbox
|
||||||
|
@@ -160,6 +160,17 @@ class Sandbox:
|
||||||
|
self.__level = None
|
||||||
|
self.__homedir = None
|
||||||
|
self.__tmpdir = None
|
||||||
|
+ self.__set_dpi()
|
||||||
|
+
|
||||||
|
+ def __set_dpi(self):
|
||||||
|
+ rc, out = commands.getstatusoutput("/usr/bin/xrdb -query")
|
||||||
|
+ if rc != 0:
|
||||||
|
+ self.dpi = 96
|
||||||
|
+ else:
|
||||||
|
+ for i in out.split("\n"):
|
||||||
|
+ if i.startswith("Xft.dpi:"):
|
||||||
|
+ self.dpi = i.split()[1]
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
def __validate_mount(self):
|
||||||
|
if self.__options.level:
|
||||||
|
@@ -278,6 +289,9 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
|
||||||
|
action="callback", callback=self.__mount_callback,
|
||||||
|
help=_("mount new home and/or tmp directory"))
|
||||||
|
|
||||||
|
+ parser.add_option("-d", "--dpi",
|
||||||
|
+ dest="dpi", action="store",default=self.dpi,
|
||||||
|
+ help=_("dots per inch for X display: (%s)" % self.dpi))
|
||||||
|
parser.add_option("-S", "--session", action="store_true", dest="session",
|
||||||
|
default=False, help=_("run complete desktop session within sandbox"))
|
||||||
|
|
||||||
|
@@ -322,7 +336,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
|
||||||
|
|
||||||
|
if self.__options.X_ind:
|
||||||
|
self.setype = DEFAULT_X_TYPE
|
||||||
|
- self.dpi=commands.getoutput("xrdb -query | grep dpi | /bin/cut -f 2")
|
||||||
|
+
|
||||||
|
if self.__options.setype:
|
||||||
|
self.setype = self.__options.setype
|
||||||
|
|
||||||
|
@@ -408,7 +422,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
|
||||||
|
|
||||||
|
self.__setup_sandboxrc(self.__options.wm)
|
||||||
|
|
||||||
|
- cmds += [ "--", SANDBOXSH, self.__options.windowsize, self.dpi ]
|
||||||
|
+ cmds += [ "--", SANDBOXSH, self.__options.windowsize, self.__options.dpi ]
|
||||||
|
else:
|
||||||
|
cmds += [ "--" ] + self.__paths
|
||||||
|
return subprocess.Popen(cmds).wait()
|
||||||
|
diff --git a/policycoreutils/sandbox/sandbox.5 b/policycoreutils/sandbox/sandbox.5
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..b3ee67d
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/policycoreutils/sandbox/sandbox.5
|
||||||
|
@@ -0,0 +1,40 @@
|
||||||
|
+.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
|
||||||
|
+.SH NAME
|
||||||
|
+sandbox.conf \- user config file for the SELinux sandbox
|
||||||
|
+.SH DESCRIPTION
|
||||||
|
+.PP
|
||||||
|
+When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
|
||||||
|
+
|
||||||
|
+.PP
|
||||||
|
+Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
|
||||||
|
+
|
||||||
|
+.PP
|
||||||
|
+These keywords are allowed.
|
||||||
|
+
|
||||||
|
+.RS
|
||||||
|
+.TP
|
||||||
|
+.B NAME
|
||||||
|
+The name of the sandbox control group. Default is "sandbox".
|
||||||
|
+
|
||||||
|
+.TP
|
||||||
|
+.B CPUAFFINITY
|
||||||
|
+Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
|
||||||
|
+
|
||||||
|
+.TP
|
||||||
|
+.B MEMUSAGE
|
||||||
|
+How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
|
||||||
|
+
|
||||||
|
+.TP
|
||||||
|
+.B CPUUSAGE
|
||||||
|
+Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+.SH "SEE ALSO"
|
||||||
|
+.TP
|
||||||
|
+sandbox(8)
|
||||||
|
+.PP
|
||||||
|
+
|
||||||
|
+.SH AUTHOR
|
||||||
|
+This manual page was written by
|
||||||
|
+.I Thomas Liu <tliu@fedoraproject.org>
|
||||||
|
diff --git a/policycoreutils/sandbox/sandbox.8 b/policycoreutils/sandbox/sandbox.8
|
||||||
|
index 2b37e63..3f05c79 100644
|
||||||
|
--- a/policycoreutils/sandbox/sandbox.8
|
||||||
|
+++ b/policycoreutils/sandbox/sandbox.8
|
||||||
|
@@ -3,11 +3,11 @@
|
||||||
|
sandbox \- Run cmd under an SELinux sandbox
|
||||||
|
.SH SYNOPSIS
|
||||||
|
.B sandbox
|
||||||
|
-[-C] [-c] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
|
||||||
|
+[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
|
||||||
|
|
||||||
|
.br
|
||||||
|
.B sandbox
|
||||||
|
-[-C] [-c] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
|
||||||
|
+[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
|
||||||
|
.br
|
||||||
|
.SH DESCRIPTION
|
||||||
|
.PP
|
||||||
|
@@ -60,6 +60,9 @@ Default to /usr/bin/matchbox-window-manager.
|
||||||
|
Create an X based Sandbox for gui apps, temporary files for
|
||||||
|
$HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
|
||||||
|
.TP
|
||||||
|
+\fB\-d\fR
|
||||||
|
+Set the DPI value for the sanbox X Server. Defaults to the current X Sever DPI.
|
||||||
|
+.TP
|
||||||
|
\fB\-c\fR
|
||||||
|
Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
|
||||||
|
.TP
|
||||||
|
diff --git a/policycoreutils/sandbox/sandbox.conf.5 b/policycoreutils/sandbox/sandbox.conf.5
|
||||||
|
deleted file mode 100644
|
||||||
|
index b3ee67d..0000000
|
||||||
|
--- a/policycoreutils/sandbox/sandbox.conf.5
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,40 +0,0 @@
|
||||||
|
-.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
|
||||||
|
-.SH NAME
|
||||||
|
-sandbox.conf \- user config file for the SELinux sandbox
|
||||||
|
-.SH DESCRIPTION
|
||||||
|
-.PP
|
||||||
|
-When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
|
||||||
|
-
|
||||||
|
-.PP
|
||||||
|
-Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
|
||||||
|
-
|
||||||
|
-.PP
|
||||||
|
-These keywords are allowed.
|
||||||
|
-
|
||||||
|
-.RS
|
||||||
|
-.TP
|
||||||
|
-.B NAME
|
||||||
|
-The name of the sandbox control group. Default is "sandbox".
|
||||||
|
-
|
||||||
|
-.TP
|
||||||
|
-.B CPUAFFINITY
|
||||||
|
-Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
|
||||||
|
-
|
||||||
|
-.TP
|
||||||
|
-.B MEMUSAGE
|
||||||
|
-How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
|
||||||
|
-
|
||||||
|
-.TP
|
||||||
|
-.B CPUUSAGE
|
||||||
|
-Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-.SH "SEE ALSO"
|
||||||
|
-.TP
|
||||||
|
-sandbox(8)
|
||||||
|
-.PP
|
||||||
|
-
|
||||||
|
-.SH AUTHOR
|
||||||
|
-This manual page was written by
|
||||||
|
-.I Thomas Liu <tliu@fedoraproject.org>
|
||||||
diff --git a/policycoreutils/sandbox/sandbox.init b/policycoreutils/sandbox/sandbox.init
|
diff --git a/policycoreutils/sandbox/sandbox.init b/policycoreutils/sandbox/sandbox.init
|
||||||
index d1ccdc2..11c391c 100644
|
index d1ccdc2..11c391c 100644
|
||||||
--- a/policycoreutils/sandbox/sandbox.init
|
--- a/policycoreutils/sandbox/sandbox.init
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.1.8
|
Version: 2.1.8
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -352,6 +352,9 @@ fi
|
|||||||
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 7 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-3
|
||||||
|
- Allow user to specify DPI when running sandbox
|
||||||
|
|
||||||
* Mon Nov 7 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-2
|
* Mon Nov 7 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-2
|
||||||
- Add Miroslav patch to return all attributes
|
- Add Miroslav patch to return all attributes
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user