* Tue Dec 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-2

- Fix error checking in restorecond, for inotify_add_watch
2008-12-02 13:37:45 +00:00 · 2008-12-02 13:37:45 +00:00 · f4379014a9
commit f4379014a9
parent 461604839c
2 changed files with 109 additions and 7 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,15 +1,114 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.58/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.60/Makefile
 --- nsapolicycoreutils/Makefile	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/Makefile	2008-11-10 08:57:34.000000000 -0500
+++ policycoreutils-2.0.60/Makefile	2008-12-01 11:47:09.000000000 -0500
@@ -1,4 +1,4 @@
 -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
 +SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
 
 INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
 
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.58/scripts/chcat
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.60/audit2allow/audit2allow
+--- nsapolicycoreutils/audit2allow/audit2allow	2008-11-10 08:53:49.000000000 -0500
+++ policycoreutils-2.0.60/audit2allow/audit2allow	2008-12-01 15:16:31.000000000 -0500
+@@ -42,10 +42,10 @@
+         from optparse import OptionParser
+ 
+         parser = OptionParser(version=self.VERSION)
+-        parser.add_option("-a", "--audit", action="store_true", dest="audit", default=False,
+        parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
+                           help="read input from audit log - conflicts with -i")
+         parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
+-                          help="read input from dmesg - conflicts with --audit and --input")
+                          help="read input from dmesg - conflicts with --all and --input")
+         parser.add_option("-i", "--input", dest="input",
+                           help="read input from <input> - conflicts with -a")
+         parser.add_option("-l", "--lastreload", action="store_true", dest="lastreload", default=False,
+@@ -82,9 +82,9 @@
+         # Make -d, -a, and -i conflict
+         if options.audit is True:
+             if options.input is not None:
+-                sys.stderr.write("error: --audit conflicts with --input\n")
+                sys.stderr.write("error: --all conflicts with --input\n")
+             if options.dmesg is True:
+-                sys.stderr.write("error: --audit conflicts with --dmesg\n")
+                sys.stderr.write("error: --all conflicts with --dmesg\n")
+         if options.input is not None and options.dmesg is True:
+             sys.stderr.write("error: --input conflicts with --dmesg\n")
+ 
+@@ -200,7 +200,7 @@
+         try:
+             fd = open(filename, "w")
+         except IOError, e:
+-            sys.stderr.write("could not write output file: %s\n", str(e))
+            sys.stderr.write("could not write output file: %s\n" % str(e))
+             sys.exit(1)
+ 
+         writer.write(generator.get_module(), fd)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.60/audit2allow/audit2allow.1
+--- nsapolicycoreutils/audit2allow/audit2allow.1	2008-11-10 08:53:49.000000000 -0500
+++ policycoreutils-2.0.60/audit2allow/audit2allow.1	2008-12-01 15:10:13.000000000 -0500
+@@ -44,9 +44,6 @@
+ Note that all audit messages are not available via dmesg when
+ auditd is running; use "ausearch -m avc | audit2allow"  or "-a" instead.
+ .TP
+-.B "\-f" | "\-\-fcfile" <File Context File>
+-Add File Context File to generated Module Package. Requires -M option.
+-.TP
+ .B "\-h" | "\-\-help"
+ Print a short usage message
+ .TP
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.60/restorecond/restorecond.c
+--- nsapolicycoreutils/restorecond/restorecond.c	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.60/restorecond/restorecond.c	2008-12-02 08:36:38.000000000 -0500
+@@ -283,6 +283,8 @@
+ 	inotify_rm_watch(fd, master_wd);
+ 	master_wd =
+ 	    inotify_add_watch(fd, watch_file_path, IN_MOVED_FROM | IN_MODIFY);
+	if (master_wd == -1)
+		exitApp("Error watching config file.");
+ }
+ 
+ /* 
+@@ -411,7 +413,14 @@
+ 
+ 	if (!ptr)
+ 		exitApp("Out of Memory");
+
+ 	ptr->wd = inotify_add_watch(fd, dir, IN_CREATE | IN_MOVED_TO);
+	if (ptr->wd == -1) {
+		free(ptr);
+		syslog(LOG_ERR, "Unable to watch (%s) %s\n",
+		       path, strerror(errno));
+		return;
+	}
+ 
+ 	ptr->dir = strdup(dir);
+ 	if (!ptr->dir)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.60/restorecond/utmpwatcher.c
+--- nsapolicycoreutils/restorecond/utmpwatcher.c	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.60/restorecond/utmpwatcher.c	2008-12-02 08:35:18.000000000 -0500
+@@ -57,7 +57,7 @@
+ 	utmp_ptr = NULL;
+ 	FILE *cfg = fopen(utmp_path, "r");
+ 	if (!cfg)
+-		exitApp("Error reading config file.");
+		exitApp("Error reading utmp file.");
+ 
+ 	while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) {
+ 		if (u.ut_type == USER_PROCESS)
+@@ -69,6 +69,9 @@
+ 
+ 	utmp_wd =
+ 	    inotify_add_watch(inotify_fd, utmp_path, IN_MOVED_FROM | IN_MODIFY);
+	if (utmp_wd == -1)
+		exitApp("Error watching utmp file.");
+
+ 	if (prev_utmp_ptr) {
+ 		changed = strings_list_diff(prev_utmp_ptr, utmp_ptr);
+ 		strings_list_free(prev_utmp_ptr);
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.60/scripts/chcat
 --- nsapolicycoreutils/scripts/chcat	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/scripts/chcat	2008-11-10 08:57:34.000000000 -0500
+++ policycoreutils-2.0.60/scripts/chcat	2008-12-01 11:47:09.000000000 -0500
@@ -291,6 +291,8 @@
             for i in c.split(","):
                 if i not in newcats:
@ -19,9 +118,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
     return newcats
 
 def translate(cats):
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.58/semodule/semodule.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.60/semodule/semodule.c
 --- nsapolicycoreutils/semodule/semodule.c	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/semodule/semodule.c	2008-11-10 08:57:34.000000000 -0500
+++ policycoreutils-2.0.60/semodule/semodule.c	2008-12-01 11:47:09.000000000 -0500
@@ -60,24 +60,6 @@
 	free(commands);
 }
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.60
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -192,6 +192,9 @@ if [ "$1" -ge "1" ]; then
 fi

 %changelog
+* Tue Dec 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-2
+- Fix error checking in restorecond, for inotify_add_watch
+
 * Mon Dec 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.60-1
 - Update to upstream
 	* semanage: use semanage_mls_enabled() from Stephen Smalley.