From f18648890171762ebfdceeea4203de69199c39de Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Wed, 19 Jan 2022 21:23:42 +0000 Subject: [PATCH] import policycoreutils-2.9-18.el8 --- ...Improve-error-message-when-selabel_o.patch | 41 +++++++++++++++++++ SPECS/policycoreutils.spec | 6 ++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0044-policycoreutils-Improve-error-message-when-selabel_o.patch diff --git a/SOURCES/0044-policycoreutils-Improve-error-message-when-selabel_o.patch b/SOURCES/0044-policycoreutils-Improve-error-message-when-selabel_o.patch new file mode 100644 index 0000000..634a69b --- /dev/null +++ b/SOURCES/0044-policycoreutils-Improve-error-message-when-selabel_o.patch @@ -0,0 +1,41 @@ +From 69da6239d8505a9d6ca547187f71a351df17f157 Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Mon, 10 Jan 2022 18:35:27 +0100 +Subject: [PATCH] policycoreutils: Improve error message when selabel_open + fails + +When selabel_open fails to locate file_context files and +selabel_opt_path is not specified (e.g. when the policy type is +missconfigured in /etc/selinux/config), perror only prints +"No such file or directory". +This can be confusing in case of "restorecon" since it's +not apparent that the issue is in policy store. + +Before: + \# restorecon -v /tmp/foo.txt + No such file or directory +After: + \# restorecon -v /tmp/foo.txt + /etc/selinux/yolo/contexts/files/file_contexts: No such file or directory + +Signed-off-by: Vit Mojzis +--- + policycoreutils/setfiles/restore.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c +index d3335d1a..ba2668b3 100644 +--- a/policycoreutils/setfiles/restore.c ++++ b/policycoreutils/setfiles/restore.c +@@ -29,7 +29,7 @@ void restore_init(struct restore_opts *opts) + + opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3); + if (!opts->hnd) { +- perror(opts->selabel_opt_path); ++ perror(opts->selabel_opt_path ? opts->selabel_opt_path : selinux_file_context_path()); + exit(1); + } + +-- +2.30.2 + diff --git a/SPECS/policycoreutils.spec b/SPECS/policycoreutils.spec index 79c55cd..4ef0cd6 100644 --- a/SPECS/policycoreutils.spec +++ b/SPECS/policycoreutils.spec @@ -12,7 +12,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.9 -Release: 17%{?dist} +Release: 18%{?dist} License: GPLv2 # https://github.com/SELinuxProject/selinux/wiki/Releases Source0: https://github.com/SELinuxProject/selinux/releases/download/20190315/policycoreutils-2.9.tar.gz @@ -81,6 +81,7 @@ Patch0040: 0040-policycoreutils-setfiles-do-not-restrict-checks-agai.patch Patch0041: 0041-semodule-add-m-checksum-option.patch Patch0042: 0042-semodule-Fix-lang_ext-column-index.patch Patch0043: 0043-semodule-Don-t-forget-to-munmap-data.patch +Patch0044: 0044-policycoreutils-Improve-error-message-when-selabel_o.patch Obsoletes: policycoreutils < 2.0.61-2 Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138 @@ -520,6 +521,9 @@ The policycoreutils-restorecond package contains the restorecond service. %systemd_postun_with_restart restorecond.service %changelog +* Fri Jan 14 2022 Vit Mojzis - 2.9-18 +- Improve error message when selabel_open fails (#1926511) + * Tue Nov 30 2021 Petr Lautrbach - 2.9-17 - semodule: add -m | --checksum option