From f23e0fcdf3467083acb0b0161f16b14946ec4729 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 10 Aug 2009 15:26:43 +0000 Subject: [PATCH] * Mon Aug 10 2009 Dan Walsh 2.0.70-2 - Don't warn if the user did not specify the exclude if root can not stat file system --- policycoreutils-rhat.patch | 113 +++++++++++++++++++++++++------------ policycoreutils.spec | 5 +- 2 files changed, 81 insertions(+), 37 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index bdc9896..f94cb1a 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,15 +1,15 @@ -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.68/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.70/Makefile --- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.68/Makefile 2009-07-29 09:34:07.000000000 -0400 ++++ policycoreutils-2.0.70/Makefile 2009-08-05 15:24:16.000000000 -0400 @@ -1,4 +1,4 @@ -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.68/restorecond/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.70/restorecond/Makefile --- nsapolicycoreutils/restorecond/Makefile 2009-02-18 16:44:47.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/Makefile 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/Makefile 2009-08-05 15:24:16.000000000 -0400 @@ -2,16 +2,23 @@ PREFIX ?= ${DESTDIR}/usr SBINDIR ?= $(PREFIX)/sbin @@ -51,16 +51,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po relabel: install /sbin/restorecon $(SBINDIR)/restorecond -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.70/restorecond/org.selinux.Restorecond.service --- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/org.selinux.Restorecond.service 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,3 @@ +[D-BUS Service] +Name=org.selinux.Restorecond +Exec=/usr/sbin/restorecond -u -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.68/restorecond/restorecond.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.70/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2009-02-18 16:44:47.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/restorecond.c 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/restorecond.c 2009-08-05 15:24:16.000000000 -0400 @@ -48,294 +48,37 @@ #include #include @@ -529,9 +529,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po } + + -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.68/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.70/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2009-05-18 13:53:14.000000000 -0400 -+++ policycoreutils-2.0.68/restorecond/restorecond.conf 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/restorecond.conf 2009-08-05 15:24:16.000000000 -0400 @@ -4,8 +4,5 @@ /etc/mtab /var/run/utmp @@ -542,9 +542,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po /root/.ssh/* - - -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.68/restorecond/restorecond.desktop +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.70/restorecond/restorecond.desktop --- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/restorecond.desktop 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/restorecond.desktop 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,7 @@ +[Desktop Entry] +Name=File Context maintainer @@ -553,9 +553,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po +Encoding=UTF-8 +Type=Application +StartupNotify=false -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.68/restorecond/restorecond.h +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.70/restorecond/restorecond.h --- nsapolicycoreutils/restorecond/restorecond.h 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.68/restorecond/restorecond.h 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/restorecond.h 2009-08-05 15:24:16.000000000 -0400 @@ -24,7 +24,22 @@ #ifndef RESTORED_CONFIG_H #define RESTORED_CONFIG_H @@ -581,15 +581,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po +extern void watch_list_free(int fd); #endif -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.68/restorecond/restorecond_user.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.70/restorecond/restorecond_user.conf --- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/restorecond_user.conf 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/restorecond_user.conf 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,2 @@ +~/* +~/public_html/* -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.68/restorecond/user.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.70/restorecond/user.c --- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/user.c 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/user.c 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,220 @@ +/* + * restorecond @@ -811,9 +811,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po + return 0; +} + -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.68/restorecond/walk.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.70/restorecond/walk.c --- nsapolicycoreutils/restorecond/walk.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/walk.c 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/walk.c 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,30 @@ +#define _XOPEN_SOURCE 500 +#include @@ -845,9 +845,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po + printf("Total Dirs %d\n",ctr); + exit(EXIT_SUCCESS); +} -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.68/restorecond/watch.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.70/restorecond/watch.c --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/restorecond/watch.c 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/restorecond/watch.c 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,346 @@ +#define _GNU_SOURCE +#include @@ -1195,9 +1195,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po + exitApp("Error watching config file."); +} + -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.68/scripts/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.70/scripts/Makefile --- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.68/scripts/Makefile 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/scripts/Makefile 2009-08-05 15:24:16.000000000 -0400 @@ -5,11 +5,12 @@ MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale @@ -1212,9 +1212,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po install -m 755 fixfiles $(DESTDIR)/sbin install -m 755 genhomedircon $(SBINDIR) -mkdir -p $(MANDIR)/man8 -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.68/scripts/sandbox +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.70/scripts/sandbox --- nsapolicycoreutils/scripts/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/scripts/sandbox 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/scripts/sandbox 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,139 @@ +#!/usr/bin/python -E +import os, sys, getopt, socket, random, fcntl @@ -1355,9 +1355,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po + error_exit(error.args[1]) + + sys.exit(rc) -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.68/scripts/sandbox.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.70/scripts/sandbox.8 --- nsapolicycoreutils/scripts/sandbox.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/scripts/sandbox.8 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/scripts/sandbox.8 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,22 @@ +.TH SANDBOX "8" "May 2009" "chcat" "User Commands" +.SH NAME @@ -1381,9 +1381,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po +.TP +runcon(1) +.PP -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.68/scripts/sandbox.py +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.70/scripts/sandbox.py --- nsapolicycoreutils/scripts/sandbox.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.68/scripts/sandbox.py 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/scripts/sandbox.py 2009-08-05 15:24:16.000000000 -0400 @@ -0,0 +1,67 @@ +#!/usr/bin/python +import os, sys, getopt, socket, random, fcntl @@ -1452,9 +1452,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po + mount(mount_src, filecon) + umount(filecon) +os.execvp(cmds[0], cmds) -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.68/semanage/semanage +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.70/semanage/semanage --- nsapolicycoreutils/semanage/semanage 2009-05-18 13:53:14.000000000 -0400 -+++ policycoreutils-2.0.68/semanage/semanage 2009-07-29 09:34:44.000000000 -0400 ++++ policycoreutils-2.0.70/semanage/semanage 2009-08-05 15:24:16.000000000 -0400 @@ -44,16 +44,17 @@ text = _(""" semanage [ -S store ] -i [ input_file | - ] @@ -1633,9 +1633,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po elif object == "node": OBJECT.delete(target, mask, proto) -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.68/semanage/semanage.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.70/semanage/semanage.8 --- nsapolicycoreutils/semanage/semanage.8 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.68/semanage/semanage.8 2009-07-29 09:30:07.000000000 -0400 ++++ policycoreutils-2.0.70/semanage/semanage.8 2009-08-05 15:24:16.000000000 -0400 @@ -21,6 +21,8 @@ .br .B semanage permissive \-{a|d} type @@ -1645,9 +1645,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po .B semanage translation \-{a|d|m} [\-T] level .P -diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.68/semanage/seobject.py +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.70/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2009-05-18 13:53:14.000000000 -0400 -+++ policycoreutils-2.0.68/semanage/seobject.py 2009-07-29 09:35:07.000000000 -0400 ++++ policycoreutils-2.0.70/semanage/seobject.py 2009-08-05 15:24:16.000000000 -0400 @@ -1,5 +1,5 @@ #! /usr/bin/python -E -# Copyright (C) 2005, 2006, 2007, 2008 Red Hat @@ -2427,3 +2427,44 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po if use_file: ddict = self.get_all(locallist) keys = ddict.keys() +diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.70/setfiles/setfiles.c +--- nsapolicycoreutils/setfiles/setfiles.c 2009-08-05 15:10:56.000000000 -0400 ++++ policycoreutils-2.0.70/setfiles/setfiles.c 2009-08-10 11:06:54.000000000 -0400 +@@ -234,7 +234,7 @@ + fl_head = NULL; + } + +-static int add_exclude(const char *directory) ++static int add_exclude(const char *directory, int warn) + { + struct stat sb; + size_t len = 0; +@@ -244,8 +244,8 @@ + return 1; + } + if (lstat(directory, &sb)) { +- fprintf(stderr, "Can't stat directory \"%s\", %s.\n", +- directory, strerror(errno)); ++ if (warn) fprintf(stderr, "Can't stat directory \"%s\", %s.\n", ++ directory, strerror(errno)); + return 0; + } + if ((sb.st_mode & S_IFDIR) == 0) { +@@ -727,7 +727,7 @@ + + /* exclude mount points without the seclabel option */ + if (!found) +- add_exclude(mount_info[1]); ++ add_exclude(mount_info[1], 0); + } + + free(buf); +@@ -840,7 +840,7 @@ + } + case 'e': + remove_exclude(optarg); +- if (add_exclude(optarg)) ++ if (add_exclude(optarg, 1)) + exit(1); + break; + case 'f': diff --git a/policycoreutils.spec b/policycoreutils.spec index 54478a5..b4e6c5e 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.70 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -266,6 +266,9 @@ else fi %changelog +* Mon Aug 10 2009 Dan Walsh 2.0.70-2 +- Don't warn if the user did not specify the exclude if root can not stat file system + * Wed Aug 5 2009 Dan Walsh 2.0.70-1 - Update to upstream * Modify restorecon to only call realpath() on user-supplied pathnames