diff --git a/.cvsignore b/.cvsignore index 8b3c825..cd653d1 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -setools-1.3.tgz +setools-1.3.1.tgz diff --git a/setools-rhat.patch b/setools-rhat.patch index 525cf9d..580e583 100644 --- a/setools-rhat.patch +++ b/setools-rhat.patch @@ -1,16 +1,74 @@ ---- setools-1.3/policy/seuser.te.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/policy/seuser.te 2004-04-16 08:11:13.510100184 -0400 -@@ -54,7 +54,7 @@ - allow seuser_t locale_t:dir { search}; - allow seuser_t { var_run_t var_t}:dir search; +--- setools-1.3.1/seuser/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/seuser/Makefile 2004-05-28 15:21:50.390091152 -0400 +@@ -22,10 +22,10 @@ + SHELL = /bin/sh --allow seuser_t usr_t:dir { search }; -+r_dir_file(seuser_t, usr_t) - allow seuser_t shlib_t:file { read getattr execute}; - allow seuser_t shlib_t:lnk_file { read }; - allow seuser_t shlib_t:dir {search}; ---- setools-1.3/secmds/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/secmds/Makefile 2004-04-16 08:30:10.564241680 -0400 + seuser: $(CMD-OBJ) +- $(CC) -o $@ $(CMD-OBJ) $(LINKFLAGS) $(LIBS) ++ $(CC) -o $@ $(CMD-OBJ) $(LINKFLAGS) $(LIBS) -lselinux + + seuserx: $(GUI-OBJ) se_user.tcl +- $(CC) $(GUI_CFLAGS) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) ++ $(CC) $(GUI_CFLAGS) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux + + se_user.tcl: $(TCL-FILES) + cat $(TCL-FILES) | \ +@@ -86,7 +86,7 @@ + cat ../policy/seuser_template.fc | \ + sed -e 's|SEUSER_BINDIR|$(BINDIR)|g' | \ + sed -e 's|SEUSER_INSTALL_LIBDIR|$(INSTALL_LIBDIR)|g' > ../policy/seuser.fc +- ++ + -@if [ -e $(POLICY_SRC_DIR)/policy/Makefile -a -e ../policy/seuser.fc ]; then \ + install -d $(TE_PROGS_DIR); \ + install -d $(FC_PROGS_DIR); \ +@@ -102,11 +102,11 @@ + echo " not found. type 'make install-src' from your policy directory, or"; \ + echo " consult your SELinux documentation."; \ + fi +- ++ + -@if [ -e ../policy/seuser.fc ]; then \ + rm -f ../policy/seuser.fc; \ + fi +- ++ + + policy-install: seuser-policy + -@if [ -e $(POLICY_SRC_DIR)/policy/Makefile ]; then \ +--- setools-1.3.1/awish/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/awish/Makefile 2004-05-28 15:21:16.296274200 -0400 +@@ -4,7 +4,7 @@ + AWISH_OBJ = awish.o $(LIBSEUSER-TCL) $(LIBAPOL-TCL) + + awish: $(AWISH_OBJ) +- $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) ++ $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux + + + %.o: %.c +@@ -12,16 +12,16 @@ + + ../lib/libapol.a: + cd ../ ; $(MAKE) libapol +- ++ + ../lib/libapol-tcl.a: + cd ../ ; $(MAKE) libapol-tcl + + ../lib/libseuser-tcl.a: + cd ../ ; $(MAKE) libseuser-tcl +- ++ + ../lib/libseuser.a: + cd ../ ; $(MAKE) libseuser +- ++ + install: awish + install -m 755 awish $(BINDIR) + +--- setools-1.3.1/secmds/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/secmds/Makefile 2004-05-28 14:59:44.269692096 -0400 @@ -42,7 +42,7 @@ install: $(SE_CMDS) @@ -20,9 +78,64 @@ %.o: %.c $(CC) $(CFLAGS) $(INCLUDE) -c $< ---- setools-1.3/libseuser/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/libseuser/Makefile 2004-04-16 08:11:13.523098208 -0400 -@@ -11,6 +11,10 @@ +--- setools-1.3.1/libseuser/seuser_db.c.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/libseuser/seuser_db.c 2004-05-28 15:07:45.945466248 -0400 +@@ -17,6 +17,7 @@ + #include + #include + #include ++#include + #include "seuser_db.h" + + /* apol lib */ +@@ -751,8 +752,10 @@ + } + free(full_config); + +- +- db->policy_conf = get_config_var("policy.conf", fp); ++ /* db->policy_conf = get_config_var("policy.conf", fp);*/ ++ db->policy_conf = malloc(PATH_MAX); ++ snprintf(db->policy_conf, PATH_MAX, "%s/src/policy/policy.conf", ++ selinux_policy_root()); + if(db->policy_conf == NULL) { + fclose(fp); + free_conf_info(db); +@@ -767,7 +770,9 @@ + return 4; + } + +- db->policy_dir = get_config_var("policy_dir", fp); ++ /* db->policy_dir = get_config_var("policy_dir", fp);*/ ++ db->policy_dir = malloc(PATH_MAX); ++ snprintf(db->policy_dir, PATH_MAX, "%s/src/policy", selinux_policy_root()); + if(db->policy_dir == NULL) { + fclose(fp); + free_conf_info(db); +@@ -782,7 +787,9 @@ + return 6; + } + +- db->user_file = get_config_var("user_file", fp); ++ /* db->user_file = get_config_var("user_file", fp);*/ ++ db->user_file = malloc(PATH_MAX); ++ snprintf(db->user_file, PATH_MAX, "%s/src/policy/users", selinux_policy_root()); + if(db->user_file == NULL) { + fclose(fp); + free_conf_info(db); +@@ -791,7 +798,8 @@ + } + /* users file may not exist which is ok, so we won't check read access. */ + +- db->file_contexts_file = get_config_var("file_contexts_file", fp); ++ /* db->file_contexts_file = get_config_var("file_contexts_file", fp);*/ ++ db->file_contexts_file = strdup(selinux_file_context_path()); + if(db->file_contexts_file == NULL) { + fclose(fp); + free_conf_info(db); +--- setools-1.3.1/libseuser/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/libseuser/Makefile 2004-05-28 15:11:27.571773928 -0400 +@@ -11,8 +11,12 @@ libseuser-tcl: ../lib/libseuser-tcl.a @@ -31,8 +144,11 @@ + install -m 644 *.h $(INCLUDEDIR) + ../lib/libseuser.a: ../lib $(LIB-OBJ) - ar cr $@ $(LIB-OBJ) +- ar cr $@ $(LIB-OBJ) ++ ar cr $@ $(LIB-OBJ) -lselinux + ../lib/libseuser-tcl.a: ../lib $(LIB-OBJ-TCL) + ar cr $@ $(LIB-OBJ-TCL) @@ -20,7 +24,7 @@ %.o: %.c $(CC) $(CFLAGS) -c $< @@ -42,8 +158,8 @@ ../lib: mkdir -p $@ ---- setools-1.3/packages/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/packages/Makefile 2004-04-16 08:48:43.045118880 -0400 +--- setools-1.3.1/packages/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/packages/Makefile 2004-05-28 14:59:44.273691488 -0400 @@ -3,11 +3,13 @@ # by Kevin Carr kcarr@tresys.com @@ -67,13 +183,15 @@ - clean \ No newline at end of file + clean ---- setools-1.3/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/Makefile 2004-04-16 08:44:10.811504680 -0400 -@@ -21,7 +21,7 @@ +--- setools-1.3.1/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/Makefile 2004-05-28 15:03:16.395444080 -0400 +@@ -20,8 +20,8 @@ + # File location defaults; used in various places in code # Change these if you want different defaults - POLICY_SRC_DIR = $(DESTDIR)/etc/security/selinux/src +-POLICY_SRC_DIR = $(DESTDIR)/etc/security/selinux/src -POLICY_SRC_FILE = $(POLICY_SRC_DIR)/policy.conf ++POLICY_SRC_DIR = $(DESTDIR)/etc/selinux/strict/src +POLICY_SRC_FILE = $(POLICY_SRC_DIR)/policy/policy.conf DEFAULT_LOG_FILE = /var/log/messages @@ -140,8 +258,8 @@ # Next four targets are to support installation as part of a system # install. These targets are deprecated. ---- setools-1.3/docs-src/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/docs-src/Makefile 2004-04-16 08:11:13.549094256 -0400 +--- setools-1.3.1/docs-src/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/docs-src/Makefile 2004-05-28 14:59:44.276691032 -0400 @@ -55,3 +55,14 @@ for file in $(TOP-DOCS); do \ rm -f ../$$file; \ @@ -157,8 +275,25 @@ + install -m 644 ../sepct/sepcut_help.txt ${INSTALL_HELPDIR} + install -m 644 ../apol/*.txt ${INSTALL_HELPDIR} + ---- setools-1.3/apol/Makefile.rhat 2004-04-15 18:50:22.000000000 -0400 -+++ setools-1.3/apol/Makefile 2004-04-16 08:11:13.562092280 -0400 +--- setools-1.3.1/apol/Makefile.rhat 2004-05-05 16:14:59.000000000 -0400 ++++ setools-1.3.1/apol/Makefile 2004-05-28 15:15:29.505994336 -0400 +@@ -11,14 +11,14 @@ + APOL_HELP_FILES = apol_help.txt dta_help.txt iflow_help.txt obj_perms_help.txt + APOL_PERM_MAPS = apol_perm_mapping_ver12 apol_perm_mapping_ver15 \ + apol_perm_mapping_ver16 apol_perm_mapping_ver17 +- ++ + APOL_DFLT_PMAP = apol_perm_mapping_ver16 + LIBAPOL = ../lib/libapol-tcl.a ../lib/libapol.a + GUI-OBJ = apol_gui.o $(LIBAPOL) + CFLAGS += -DSTARTUP_SCRIPT='"$(APOL_STARTUP_SCRIPT)"' + + apol: $(GUI-OBJ) apol.tcl +- $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) ++ $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux + + + apol.tcl: $(TCL-FILES) @@ -55,6 +55,7 @@ done \ fi diff --git a/setools.spec b/setools.spec index 4f30bad..0886859 100644 --- a/setools.spec +++ b/setools.spec @@ -1,13 +1,13 @@ Summary: SELinux tools for managing policy Name: setools -Version: 1.3 -Release: 2 +Version: 1.3.1 +Release: 3 License: GPL Group: System Environment/Base Source: http://www.tresys.com/Downloads/selinux-tools/setools-%{version}.tgz Prefix: %{_prefix} BuildRoot: %{_tmppath}/%{name}-buildroot -Requires: checkpolicy, policycoreutils, policy, policy-sources +Requires: checkpolicy, policycoreutils Buildrequires: tk-devel tcl-devel Patch0: setools-rhat.patch Obsoletes: setools-devel @@ -94,8 +94,8 @@ mkdir -p $RPM_BUILD_ROOT/%_libdir mkdir -p $RPM_BUILD_ROOT/usr/include/selinux/apol mkdir -p $RPM_BUILD_ROOT/usr/share/doc/setools-%{version} make DESTDIR="${RPM_BUILD_ROOT}" INSTALL_HELPDIR=$RPM_BUILD_ROOT/usr/share/doc/setools-%{version} install -rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/domains/program/seuser.te -rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/file_contexts/program/seuser.fc +rm -f ${RPM_BUILD_ROOT}/etc/selinux/strict/src/policy/domains/program/seuser.te +rm -f ${RPM_BUILD_ROOT}/etc/selinux/strict/src/policy/file_contexts/program/seuser.fc rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon @@ -123,6 +123,11 @@ rm -rf ${RPM_BUILD_ROOT} /usr/share/doc/setools-%{version}/* %changelog +* Fri Apr 16 2004 Dan Walsh 1.3-3 +- Make changes to work with targeted/strict policy +* Fri Apr 16 2004 Dan Walsh 1.3-2 +- Take out requirement for policy file + * Fri Apr 16 2004 Dan Walsh 1.3-1 - Fix doc location diff --git a/sources b/sources index 9433001..0c07d98 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a6bfde73c1e9a05d4a1cc7c53768fc8c setools-1.3.tgz +f8011d692292d00e1c66b61aecb8b21a setools-1.3.1.tgz