[policycoreutils] restorecond -u needs to watch terminal for exit if run outside of dbus.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 6 20:07:54 UTC 2011 

commit 6c13d007c94f8102e8e942fcdd48b9b8526942b5
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu Oct 6 16:07:50 2011 -0400

    restorecond -u needs to watch terminal for exit if run outside of dbus.

 policycoreutils-rhat.patch |   45 ++++++++++++++++++++++++++++++++++++-------
 policycoreutils.spec       |    5 +++-
 2 files changed, 41 insertions(+), 9 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 54f3e2e..8b4bd09 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -786,10 +786,10 @@ index 0000000..e0c2871
 +~/.config/*
 diff --git a/policycoreutils/restorecond/user.c b/policycoreutils/restorecond/user.c
 new file mode 100644
-index 0000000..ade3fb8
+index 0000000..4257058
 --- /dev/null
 +++ b/policycoreutils/restorecond/user.c
-@@ -0,0 +1,246 @@
+@@ -0,0 +1,259 @@
 +/*
 + * restorecond
 + *
@@ -915,6 +915,11 @@ index 0000000..ade3fb8
 +       sizeof (buffer),
 +       &bytes_read);
 +
++    if (! bytes_read) {
++	    /* Sesssion/Terminal Ended */
++	    exit(0);
++    }
++
 +    while (i < bytes_read) {
 +	    struct inotify_event *event;
 +	    event = (struct inotify_event *)&buffer[i];
@@ -940,6 +945,7 @@ index 0000000..ade3fb8
 +
 +  if (condition & G_IO_HUP) {
 +    g_io_channel_close (source);
++    exit(0);
 +    return FALSE;
 +  }
 +
@@ -1002,6 +1008,13 @@ index 0000000..ade3fb8
 +			perror("flock");
 +		return -1;
 +	}
++	/* watch for stdin/terminal going away */
++	GIOChannel *in = g_io_channel_unix_new(0);
++	g_io_add_watch_full( in,
++			     G_PRIORITY_HIGH,
++			     G_IO_IN|G_IO_ERR|G_IO_HUP,
++			     io_channel_callback, NULL, NULL);
++
 +	return 0;
 +}
 +
@@ -1013,7 +1026,7 @@ index 0000000..ade3fb8
 +#ifdef HAVE_DBUS
 +    if (dbus_server(loop) != 0)
 +#endif /* HAVE_DBUS */
-+	    if (local_server(loop))
++	    if (local_server())
 +		    goto end;
 +
 +    read_config(master_fd, watch_file);
@@ -1908,6 +1921,20 @@ index 5847ba0..e4b6c0d 100644
                         ddict[name] = value
  
  		return ddict
+diff --git a/policycoreutils/semodule/semodule.8 b/policycoreutils/semodule/semodule.8
+index 12191f6..9fb2b78 100644
+--- a/policycoreutils/semodule/semodule.8
++++ b/policycoreutils/semodule/semodule.8
+@@ -41,6 +41,9 @@ disable existing module
+ .B  \-e,\-\-enable=MODULE_NAME
+ enable existing module
+ .TP
++.B \-p,\-\-path=ROOTPATH
++use an alternate root path
++.TP
+ .B  \-r,\-\-remove=MODULE_NAME
+ remove existing module
+ .TP
 diff --git a/policycoreutils/semodule_package/Makefile b/policycoreutils/semodule_package/Makefile
 index f84cd7e..3565f5e 100644
 --- a/policycoreutils/semodule_package/Makefile
@@ -1922,7 +1949,7 @@ index f84cd7e..3565f5e 100644
  indent:
  	../../scripts/Lindent $(wildcard *.[ch])
 diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
-index ce44c04..bca1694 100644
+index ce44c04..f08f8e5 100644
 --- a/policycoreutils/setfiles/restore.c
 +++ b/policycoreutils/setfiles/restore.c
 @@ -1,5 +1,6 @@
@@ -1940,13 +1967,15 @@ index ce44c04..bca1694 100644
  struct restore_opts *r_opts = NULL;
  static void filespec_destroy(void);
  static void filespec_eval(void);
-@@ -60,9 +60,10 @@ void restore_init(struct restore_opts *opts)
+@@ -59,10 +59,11 @@ void restore_init(struct restore_opts *opts)
+ {	
  	r_opts = opts;
  	struct selinux_opt selinux_opts[] = {
- 		{ SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
+-		{ SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
 -		{ SELABEL_OPT_PATH, r_opts->selabel_opt_path }
-+		{ SELABEL_OPT_PATH, r_opts->selabel_opt_path },
-+		{ SELABEL_OPT_SUBSET, r_opts->selabel_opt_subset }
++		{ SELABEL_OPT_VALIDATE , { r_opts->selabel_opt_validate } },
++		{ SELABEL_OPT_PATH, {r_opts->selabel_opt_path }},
++		{ SELABEL_OPT_SUBSET,{r_opts->selabel_opt_subset }}
  	};
 -	r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 2);
 +	r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index fb8db3f..f6d69a3 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.7
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -352,6 +352,9 @@ fi
 /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Thu Oct 6 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-3
+- restorecond -u needs to watch terminal for exit if run outside of dbus.
+
 * Tue Oct 4 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-2
 - Do not drop capabilities if running newrole as root

More information about the scm-commits mailing list