[policycoreutils] restorecond -u needs to watch terminal for exit if run outside of dbus.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 6 20:07:54 UTC 2011
commit 6c13d007c94f8102e8e942fcdd48b9b8526942b5
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Oct 6 16:07:50 2011 -0400
restorecond -u needs to watch terminal for exit if run outside of dbus.
policycoreutils-rhat.patch | 45 ++++++++++++++++++++++++++++++++++++-------
policycoreutils.spec | 5 +++-
2 files changed, 41 insertions(+), 9 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 54f3e2e..8b4bd09 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -786,10 +786,10 @@ index 0000000..e0c2871
+~/.config/*
diff --git a/policycoreutils/restorecond/user.c b/policycoreutils/restorecond/user.c
new file mode 100644
-index 0000000..ade3fb8
+index 0000000..4257058
--- /dev/null
+++ b/policycoreutils/restorecond/user.c
-@@ -0,0 +1,246 @@
+@@ -0,0 +1,259 @@
+/*
+ * restorecond
+ *
@@ -915,6 +915,11 @@ index 0000000..ade3fb8
+ sizeof (buffer),
+ &bytes_read);
+
++ if (! bytes_read) {
++ /* Sesssion/Terminal Ended */
++ exit(0);
++ }
++
+ while (i < bytes_read) {
+ struct inotify_event *event;
+ event = (struct inotify_event *)&buffer[i];
@@ -940,6 +945,7 @@ index 0000000..ade3fb8
+
+ if (condition & G_IO_HUP) {
+ g_io_channel_close (source);
++ exit(0);
+ return FALSE;
+ }
+
@@ -1002,6 +1008,13 @@ index 0000000..ade3fb8
+ perror("flock");
+ return -1;
+ }
++ /* watch for stdin/terminal going away */
++ GIOChannel *in = g_io_channel_unix_new(0);
++ g_io_add_watch_full( in,
++ G_PRIORITY_HIGH,
++ G_IO_IN|G_IO_ERR|G_IO_HUP,
++ io_channel_callback, NULL, NULL);
++
+ return 0;
+}
+
@@ -1013,7 +1026,7 @@ index 0000000..ade3fb8
+#ifdef HAVE_DBUS
+ if (dbus_server(loop) != 0)
+#endif /* HAVE_DBUS */
-+ if (local_server(loop))
++ if (local_server())
+ goto end;
+
+ read_config(master_fd, watch_file);
@@ -1908,6 +1921,20 @@ index 5847ba0..e4b6c0d 100644
ddict[name] = value
return ddict
+diff --git a/policycoreutils/semodule/semodule.8 b/policycoreutils/semodule/semodule.8
+index 12191f6..9fb2b78 100644
+--- a/policycoreutils/semodule/semodule.8
++++ b/policycoreutils/semodule/semodule.8
+@@ -41,6 +41,9 @@ disable existing module
+ .B \-e,\-\-enable=MODULE_NAME
+ enable existing module
+ .TP
++.B \-p,\-\-path=ROOTPATH
++use an alternate root path
++.TP
+ .B \-r,\-\-remove=MODULE_NAME
+ remove existing module
+ .TP
diff --git a/policycoreutils/semodule_package/Makefile b/policycoreutils/semodule_package/Makefile
index f84cd7e..3565f5e 100644
--- a/policycoreutils/semodule_package/Makefile
@@ -1922,7 +1949,7 @@ index f84cd7e..3565f5e 100644
indent:
../../scripts/Lindent $(wildcard *.[ch])
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
-index ce44c04..bca1694 100644
+index ce44c04..f08f8e5 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -1,5 +1,6 @@
@@ -1940,13 +1967,15 @@ index ce44c04..bca1694 100644
struct restore_opts *r_opts = NULL;
static void filespec_destroy(void);
static void filespec_eval(void);
-@@ -60,9 +60,10 @@ void restore_init(struct restore_opts *opts)
+@@ -59,10 +59,11 @@ void restore_init(struct restore_opts *opts)
+ {
r_opts = opts;
struct selinux_opt selinux_opts[] = {
- { SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
+- { SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
- { SELABEL_OPT_PATH, r_opts->selabel_opt_path }
-+ { SELABEL_OPT_PATH, r_opts->selabel_opt_path },
-+ { SELABEL_OPT_SUBSET, r_opts->selabel_opt_subset }
++ { SELABEL_OPT_VALIDATE , { r_opts->selabel_opt_validate } },
++ { SELABEL_OPT_PATH, {r_opts->selabel_opt_path }},
++ { SELABEL_OPT_SUBSET,{r_opts->selabel_opt_subset }}
};
- r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 2);
+ r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index fb8db3f..f6d69a3 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.7
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -352,6 +352,9 @@ fi
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Thu Oct 6 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-3
+- restorecond -u needs to watch terminal for exit if run outside of dbus.
+
* Tue Oct 4 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-2
- Do not drop capabilities if running newrole as root
More information about the scm-commits
mailing list