rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity
3a6c8251f5
policycoreutils/policycoreutils-fedora.patch
Petr Lautrbach e3a75fa174 policycoreutils-2.8-15 
- setsebool: support use of -P on SELinux-disabled hosts
- sepolicy: initialize mislabeled_files in __init__()
- audit2allow: use local sepolgen-ifgen-attr-helper for tests
- audit2allow: allow using audit2why as non-root user
- audit2allow/sepolgen-ifgen: show errors on stderr
- audit2allow/sepolgen-ifgen: add missing \n to error message
- sepolgen: close /etc/selinux/sepolgen.conf after parsing it
- sepolicy: Make policy files sorting more robust
- semanage: Load a store policy and set the store SELinux policy root
2019-01-21 17:56:37 +01:00

214 lines
6.3 KiB
Diff
Raw Blame History

diff --git policycoreutils-2.8/newrole/newrole.1 policycoreutils-2.8/newrole/newrole.1
index 0d9738a..893c42f 100644
--- policycoreutils-2.8/newrole/newrole.1
+++ policycoreutils-2.8/newrole/newrole.1
@@ -44,7 +44,7 @@ specified by that range. If the
or
.B --preserve-environment
option is specified, the shell with the new SELinux context will preserve environment variables,
-otherwise a new minimal enviroment is created.
+otherwise a new minimal environment is created.
.PP
Additional arguments
.I ARGS
diff --git policycoreutils-2.8/po/Makefile policycoreutils-2.8/po/Makefile
index 575e143..18bc1df 100644
--- policycoreutils-2.8/po/Makefile
+++ policycoreutils-2.8/po/Makefile
@@ -3,7 +3,6 @@
#
PREFIX ?= /usr
-TOP = ../..
# What is this package?
NLSPACKAGE = policycoreutils
@@ -32,74 +31,13 @@ USE_LINGUAS := $(if $(USER_LINGUAS),$(USER_LINGUAS),$(PO_LINGUAS))
POFILES = $(patsubst %,%.po,$(USE_LINGUAS))
MOFILES = $(patsubst %.po,%.mo,$(POFILES))
-POTFILES = \
- ../run_init/open_init_pty.c \
- ../run_init/run_init.c \
- ../semodule_link/semodule_link.c \
- ../audit2allow/audit2allow \
- ../semanage/seobject.py \
- ../setsebool/setsebool.c \
- ../newrole/newrole.c \
- ../load_policy/load_policy.c \
- ../sestatus/sestatus.c \
- ../semodule/semodule.c \
- ../setfiles/setfiles.c \
- ../semodule_package/semodule_package.c \
- ../semodule_deps/semodule_deps.c \
- ../semodule_expand/semodule_expand.c \
- ../scripts/chcat \
- ../scripts/fixfiles \
- ../restorecond/stringslist.c \
- ../restorecond/restorecond.h \
- ../restorecond/utmpwatcher.h \
- ../restorecond/stringslist.h \
- ../restorecond/restorecond.c \
- ../restorecond/utmpwatcher.c \
- ../gui/booleansPage.py \
- ../gui/fcontextPage.py \
- ../gui/loginsPage.py \
- ../gui/mappingsPage.py \
- ../gui/modulesPage.py \
- ../gui/polgen.glade \
- ../gui/polgengui.py \
- ../gui/portsPage.py \
- ../gui/semanagePage.py \
- ../gui/statusPage.py \
- ../gui/system-config-selinux.glade \
- ../gui/system-config-selinux.py \
- ../gui/usersPage.py \
- ../secon/secon.c \
- booleans.py \
- ../sepolicy/sepolicy.py \
- ../sepolicy/sepolicy/communicate.py \
- ../sepolicy/sepolicy/__init__.py \
- ../sepolicy/sepolicy/network.py \
- ../sepolicy/sepolicy/generate.py \
- ../sepolicy/sepolicy/sepolicy.glade \
- ../sepolicy/sepolicy/gui.py \
- ../sepolicy/sepolicy/manpage.py \
- ../sepolicy/sepolicy/transition.py \
- ../sepolicy/sepolicy/templates/executable.py \
- ../sepolicy/sepolicy/templates/__init__.py \
- ../sepolicy/sepolicy/templates/network.py \
- ../sepolicy/sepolicy/templates/rw.py \
- ../sepolicy/sepolicy/templates/script.py \
- ../sepolicy/sepolicy/templates/semodule.py \
- ../sepolicy/sepolicy/templates/tmp.py \
- ../sepolicy/sepolicy/templates/user.py \
- ../sepolicy/sepolicy/templates/var_lib.py \
- ../sepolicy/sepolicy/templates/var_log.py \
- ../sepolicy/sepolicy/templates/var_run.py \
- ../sepolicy/sepolicy/templates/var_spool.py
+POTFILES = $(shell cat POTFILES)
#default:: clean
-all:: $(MOFILES)
+all:: $(POTFILE) $(MOFILES)
-booleans.py:
- sepolicy booleans -a > booleans.py
-
-$(POTFILE): $(POTFILES) booleans.py
+$(POTFILE): $(POTFILES)
$(XGETTEXT) --keyword=_ --keyword=N_ $(POTFILES)
@if cmp -s $(NLSPACKAGE).po $(POTFILE); then \
rm -f $(NLSPACKAGE).po; \
@@ -107,8 +45,6 @@ $(POTFILE): $(POTFILES) booleans.py
mv -f $(NLSPACKAGE).po $(POTFILE); \
fi; \
-update-po: Makefile $(POTFILE) refresh-po
- @rm -f booleans.py
refresh-po: Makefile
for cat in $(POFILES); do \
diff --git policycoreutils-2.8/po/POTFILES policycoreutils-2.8/po/POTFILES
new file mode 100644
index 0000000..12237dc
--- /dev/null
+++ policycoreutils-2.8/po/POTFILES
@@ -0,0 +1,9 @@
+../run_init/open_init_pty.c
+../run_init/run_init.c
+../setsebool/setsebool.c
+../newrole/newrole.c
+../load_policy/load_policy.c
+../sestatus/sestatus.c
+../semodule/semodule.c
+../setfiles/setfiles.c
+../secon/secon.c
diff --git policycoreutils-2.8/scripts/fixfiles policycoreutils-2.8/scripts/fixfiles
index b277958..53d28c7 100755
--- policycoreutils-2.8/scripts/fixfiles
+++ policycoreutils-2.8/scripts/fixfiles
@@ -108,6 +108,7 @@ exclude_dirs_from_relabelling() {
fullFlag=0
BOOTTIME=""
VERBOSE="-p"
+[ -t 1 ] || VERBOSE=""
FORCEFLAG=""
RPMFILES=""
PREFC=""
diff --git policycoreutils-2.8/setfiles/setfiles.8 policycoreutils-2.8/setfiles/setfiles.8
index ccaaf4d..a8a76c8 100644
--- policycoreutils-2.8/setfiles/setfiles.8
+++ policycoreutils-2.8/setfiles/setfiles.8
@@ -57,7 +57,7 @@ check the validity of the contexts against the specified binary policy.
.TP
.B \-d
show what specification matched each file (do not abort validation
-after ABORT_ON_ERRORS errors).
+after ABORT_ON_ERRORS errors). Not affected by "\-q"
.TP
.BI \-e \ directory
directory to exclude (repeat option for more than one directory).
diff --git policycoreutils-2.8/setsebool/setsebool.c policycoreutils-2.8/setsebool/setsebool.c
index 53d3566..a5157ef 100644
--- policycoreutils-2.8/setsebool/setsebool.c
+++ policycoreutils-2.8/setsebool/setsebool.c
@@ -18,7 +18,7 @@
#include <errno.h>
int permanent = 0;
-int reload = 1;
+int no_reload = 0;
int verbose = 0;
int setbool(char **list, size_t start, size_t end);
@@ -38,11 +38,6 @@ int main(int argc, char **argv)
if (argc < 2)
usage();
- if (is_selinux_enabled() <= 0) {
- fputs("setsebool: SELinux is disabled.\n", stderr);
- return 1;
- }
-
while (1) {
clflag = getopt(argc, argv, "PNV");
if (clflag == -1)
@@ -53,7 +48,7 @@ int main(int argc, char **argv)
permanent = 1;
break;
case 'N':
- reload = 0;
+ no_reload = 1;
break;
case 'V':
verbose = 1;
@@ -130,6 +125,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
semanage_bool_key_t *bool_key = NULL;
int managed;
int result;
+ int enabled = is_selinux_enabled();
handle = semanage_handle_create();
if (handle == NULL) {
@@ -191,7 +187,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
boolean) < 0)
goto err;
- if (semanage_bool_set_active(handle, bool_key, boolean) < 0) {
+ if (enabled && semanage_bool_set_active(handle, bool_key, boolean) < 0) {
fprintf(stderr, "Failed to change boolean %s: %m\n",
boollist[j].name);
goto err;
@@ -202,7 +198,8 @@ static int semanage_set_boolean_list(size_t boolcnt,
boolean = NULL;
}
- semanage_set_reload(handle, reload);
+ if (no_reload)
+ semanage_set_reload(handle, 0);
if (semanage_commit(handle) < 0)
goto err;
Reference in New Issue View Git Blame Copy Permalink