[policycoreutils/f15/master] Change sepolgen-ifgen to search all available policy files Exit in restorecond if it can not find a
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Mar 11 21:54:45 UTC 2011
commit 65350da6d39029aa1301fe0854af09e29878c8a7
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Mar 11 16:54:41 2011 -0500
Change sepolgen-ifgen to search all available policy files
Exit in restorecond if it can not find a UID in the passwd database
policycoreutils-rhat.patch | 29 ++++++++++++++++++++++-------
policycoreutils.spec | 8 ++++++--
2 files changed, 28 insertions(+), 9 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index ed69325..95603e6 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -192,7 +192,7 @@ index 6178cc8..b6f386d 100644
.PP
.SH AUTHOR
diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen
-index 03f95a1..5986b23 100644
+index 03f95a1..dda432e 100644
--- a/policycoreutils/audit2allow/sepolgen-ifgen
+++ b/policycoreutils/audit2allow/sepolgen-ifgen
@@ -1,4 +1,4 @@
@@ -220,7 +220,7 @@ index 03f95a1..5986b23 100644
def parse_options():
from optparse import OptionParser
-@@ -44,14 +49,43 @@ def parse_options():
+@@ -44,14 +49,55 @@ def parse_options():
help="filename to store output")
parser.add_option("-i", "--interfaces", dest="headers", default=defaults.headers(),
help="location of the interface header files")
@@ -235,9 +235,21 @@ index 03f95a1..5986b23 100644
return options
++def get_policy():
++ p = selinux.selinux_binary_policy_path() + "." + str(i)
++ while i > 0 and not os.path.exists(p):
++ i = i - 1
++ p = selinux.selinux_binary_policy_path() + "." + str(i)
++ if i > 0:
++ return p
++ return None
++
+def get_attrs():
+ try:
-+ policy_path = selinux.selinux_binary_policy_path() + "." + str(selinux.security_policyvers())
++ policy_path = get_policy()
++ if not policy_path:
++ sys.stderr.write("No installed policy to check\n")
++ return None
+ outfile = tempfile.NamedTemporaryFile()
+ except IOError, e:
+ sys.stderr.write("could not open attribute output file\n")
@@ -264,7 +276,7 @@ index 03f95a1..5986b23 100644
def main():
options = parse_options()
-@@ -68,6 +102,14 @@ def main():
+@@ -68,6 +114,14 @@ def main():
else:
log = None
@@ -279,7 +291,7 @@ index 03f95a1..5986b23 100644
try:
headers = refparser.parse_headers(options.headers, output=log, debug=options.debug)
except ValueError, e:
-@@ -76,7 +118,7 @@ def main():
+@@ -76,7 +130,7 @@ def main():
return 1
if_set = interfaces.InterfaceSet(output=log)
@@ -414,7 +426,7 @@ index b149dcb..0c14c94 100644
.SH "SEE ALSO"
.BR restorecon (8),
diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
-index 58774e6..77c8013 100644
+index 58774e6..a588e5e 100644
--- a/policycoreutils/restorecond/restorecond.c
+++ b/policycoreutils/restorecond/restorecond.c
@@ -30,9 +30,11 @@
@@ -853,7 +865,7 @@ index 58774e6..77c8013 100644
/* Register sighandlers */
sa.sa_flags = 0;
-@@ -467,36 +174,56 @@ int main(int argc, char **argv)
+@@ -467,36 +174,59 @@ int main(int argc, char **argv)
set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
@@ -891,6 +903,9 @@ index 58774e6..77c8013 100644
+
+ uid_t uid = getuid();
+ struct passwd *pwd = getpwuid(uid);
++ if (!pwd)
++ exitApp("getpwuid");
++
+ homedir = pwd->pw_dir;
+ if (uid != 0) {
+ if (run_as_user)
diff --git a/policycoreutils.spec b/policycoreutils.spec
index aa77d14..acb2d54 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.85
-Release: 19%{?dist}
+Release: 20%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -331,7 +331,11 @@ fi
exit 0
%changelog
-* Wed Mar 8 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-19
+* Fri Mar 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-20
+- Change sepolgen-ifgen to search all available policy files
+- Exit in restorecond if it can not find a UID in the passwd database
+
+* Wed Mar 9 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-19
- Fix portspage in system-config-selinux to not crash
- More fixes for seunshare from Tomas Hoger
More information about the scm-commits
mailing list