[policycoreutils/f15/master] Change sepolgen-ifgen to search all available policy files Exit in restorecond if it can not find a

Daniel J Walsh dwalsh at fedoraproject.org
Fri Mar 11 21:54:45 UTC 2011 

commit 65350da6d39029aa1301fe0854af09e29878c8a7
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri Mar 11 16:54:41 2011 -0500

    Change sepolgen-ifgen to search all available policy files
    Exit in restorecond if it can not find a UID in the passwd database

 policycoreutils-rhat.patch |   29 ++++++++++++++++++++++-------
 policycoreutils.spec       |    8 ++++++--
 2 files changed, 28 insertions(+), 9 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index ed69325..95603e6 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -192,7 +192,7 @@ index 6178cc8..b6f386d 100644
  .PP
  .SH AUTHOR
 diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen
-index 03f95a1..5986b23 100644
+index 03f95a1..dda432e 100644
 --- a/policycoreutils/audit2allow/sepolgen-ifgen
 +++ b/policycoreutils/audit2allow/sepolgen-ifgen
 @@ -1,4 +1,4 @@
@@ -220,7 +220,7 @@ index 03f95a1..5986b23 100644
  
  def parse_options():
      from optparse import OptionParser
-@@ -44,14 +49,43 @@ def parse_options():
+@@ -44,14 +49,55 @@ def parse_options():
                        help="filename to store output")
      parser.add_option("-i", "--interfaces", dest="headers", default=defaults.headers(),
                        help="location of the interface header files")
@@ -235,9 +235,21 @@ index 03f95a1..5986b23 100644
      
      return options
  
++def get_policy():
++    p = selinux.selinux_binary_policy_path() + "." + str(i)
++    while i > 0 and not os.path.exists(p):
++        i = i - 1
++        p = selinux.selinux_binary_policy_path() + "." + str(i)
++    if i > 0:
++        return p
++    return None
++
 +def get_attrs():
 +    try:
-+        policy_path = selinux.selinux_binary_policy_path() + "." + str(selinux.security_policyvers())
++        policy_path = get_policy()
++        if not policy_path:
++            sys.stderr.write("No installed policy to check\n")
++            return None
 +        outfile = tempfile.NamedTemporaryFile()
 +    except IOError, e:
 +        sys.stderr.write("could not open attribute output file\n")
@@ -264,7 +276,7 @@ index 03f95a1..5986b23 100644
  
  def main():
      options = parse_options()
-@@ -68,6 +102,14 @@ def main():
+@@ -68,6 +114,14 @@ def main():
      else:
          log = None
  
@@ -279,7 +291,7 @@ index 03f95a1..5986b23 100644
      try:
          headers = refparser.parse_headers(options.headers, output=log, debug=options.debug)
      except ValueError, e:
-@@ -76,7 +118,7 @@ def main():
+@@ -76,7 +130,7 @@ def main():
          return 1
  
      if_set = interfaces.InterfaceSet(output=log)
@@ -414,7 +426,7 @@ index b149dcb..0c14c94 100644
  .SH "SEE ALSO"
  .BR restorecon (8),
 diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
-index 58774e6..77c8013 100644
+index 58774e6..a588e5e 100644
 --- a/policycoreutils/restorecond/restorecond.c
 +++ b/policycoreutils/restorecond/restorecond.c
 @@ -30,9 +30,11 @@
@@ -853,7 +865,7 @@ index 58774e6..77c8013 100644
  
  	/* Register sighandlers */
  	sa.sa_flags = 0;
-@@ -467,36 +174,56 @@ int main(int argc, char **argv)
+@@ -467,36 +174,59 @@ int main(int argc, char **argv)
  
  	set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
  
@@ -891,6 +903,9 @@ index 58774e6..77c8013 100644
 +
 +	uid_t uid = getuid();
 +	struct passwd *pwd = getpwuid(uid);
++	if (!pwd) 
++		exitApp("getpwuid");
++
 +	homedir = pwd->pw_dir;
 +	if (uid != 0) {
 +		if (run_as_user)
diff --git a/policycoreutils.spec b/policycoreutils.spec
index aa77d14..acb2d54 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.85
-Release: 19%{?dist}
+Release: 20%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -331,7 +331,11 @@ fi
 exit 0
 
 %changelog
-* Wed Mar 8 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-19
+* Fri Mar 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-20
+- Change sepolgen-ifgen to search all available policy files
+- Exit in restorecond if it can not find a UID in the passwd database
+
+* Wed Mar 9 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-19
 - Fix portspage in system-config-selinux to not crash
 - More fixes for seunshare from Tomas Hoger

More information about the scm-commits mailing list