policycoreutils/policycoreutils-rhat.patch
Daniel J Walsh dc637d77fd * Thu Jan 24 2008 Dan Walsh <dwalsh@redhat.com> 2.0.39-1
- Don't initialize audit2allow for audit2why call.  Use default
- Update to upstream
	* Merged fixfiles -C fix from Marshall Miller.
2008-01-25 16:14:52 +00:00

102 lines
4.2 KiB
Diff

diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.38/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2008-01-24 14:41:25.000000000 -0500
+++ policycoreutils-2.0.38/audit2allow/audit2allow 2008-01-25 11:12:17.000000000 -0500
@@ -221,7 +221,7 @@
import selinux
import selinux.audit2why as audit2why
import seobject
- audit2why.init("%s.%s" % (selinux.selinux_binary_policy_path(), selinux.security_policyvers()))
+ audit2why.init()
for i in self.__parser.avc_msgs:
rc, bools = audit2why.analyze(i.scontext.to_string(), i.tcontext.to_string(), i.tclass, i.accesses)
if rc >= 0:
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.38/Makefile
--- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
+++ policycoreutils-2.0.38/Makefile 2008-01-24 15:31:27.000000000 -0500
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.38/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.38/restorecond/restorecond.c 2008-01-24 15:31:27.000000000 -0500
@@ -210,9 +210,10 @@
}
if (fsetfilecon(fd, scontext) < 0) {
- syslog(LOG_ERR,
- "set context %s->%s failed:'%s'\n",
- filename, scontext, strerror(errno));
+ if (errno != EOPNOTSUPP)
+ syslog(LOG_ERR,
+ "set context %s->%s failed:'%s'\n",
+ filename, scontext, strerror(errno));
if (retcontext >= 0)
free(prev_context);
free(scontext);
@@ -225,8 +226,9 @@
if (retcontext >= 0)
free(prev_context);
} else {
- syslog(LOG_ERR, "get context on %s failed: '%s'\n",
- filename, strerror(errno));
+ if (errno != EOPNOTSUPP)
+ syslog(LOG_ERR, "get context on %s failed: '%s'\n",
+ filename, strerror(errno));
}
free(scontext);
close(fd);
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.38/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-01-23 14:36:28.000000000 -0500
+++ policycoreutils-2.0.38/semanage/semanage 2008-01-24 15:31:27.000000000 -0500
@@ -111,7 +111,7 @@
valid_option["translation"] = []
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = []
- valid_option["boolean"] += valid_everyone
+ valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0" ]
return valid_option
#
@@ -131,7 +131,7 @@
seuser = ""
prefix = ""
heading=1
-
+ value=0
add = 0
modify = 0
delete = 0
@@ -150,7 +150,7 @@
args = sys.argv[2:]
gopts, cmds = getopt.getopt(args,
- 'adf:lhmnp:s:CDR:L:r:t:T:P:S:',
+ '01adf:lhmnp:s:CDR:L:r:t:T:P:S:',
['add',
'delete',
'deleteall',
@@ -160,6 +160,8 @@
'modify',
'noheading',
'localist',
+ 'off',
+ 'on',
'proto=',
'seuser=',
'store=',
@@ -238,6 +240,11 @@
if o == "-T" or o == "--trans":
setrans = a
+ if o == "--on" or o == "-1":
+ value = 1
+ if o == "-off" or o == "-0":
+ value = 0
+
if object == "login":
OBJECT = seobject.loginRecords(store)