[policycoreutils/f17] Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
Daniel J Walsh
dwalsh at fedoraproject.org
Sun May 20 10:39:19 UTC 2012
commit 64f47b2ef05dc1b3d407a3f049b4e50c5ac493bf
Author: Dan Walsh <dwalsh at redhat.com>
Date: Sun May 20 06:38:53 2012 -0400
Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
policycoreutils-rhat.patch | 10 ++++++----
policycoreutils.spec | 5 ++++-
2 files changed, 10 insertions(+), 5 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 47bf144..9be14a6 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -5946,10 +5946,10 @@ index 0000000..55bad9d
+</glade-interface>
diff --git a/policycoreutils/gui/polgen.py b/policycoreutils/gui/polgen.py
new file mode 100644
-index 0000000..5a73fa3
+index 0000000..2a7c61e
--- /dev/null
+++ b/policycoreutils/gui/polgen.py
-@@ -0,0 +1,1370 @@
+@@ -0,0 +1,1372 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2007-2012 Red Hat
@@ -7306,9 +7306,11 @@ index 0000000..5a73fa3
+ usage(_("Executable or Name required"))
+
+ try:
++ cmd = os.path.realpath(cmds[0])
+ if not name:
-+ name = os.path.basename(cmds[0]).replace("-","_")
-+ cmd = cmds[0]
++ name = os.path.basename(cmd).replace("-","_")
++
++ print("Generating Policy for %s named %s" % (cmd, name))
+ mypolicy = policy(name, setype)
+ if setype not in USERS + [ SANDBOX ]:
+ mypolicy.set_program(cmd)
diff --git a/policycoreutils.spec b/policycoreutils.spec
index eb3e58b..44a2772 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.11
-Release: 15%{?dist}
+Release: 16%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -340,6 +340,9 @@ fi
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Sun May 20 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-16
+- Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
+
* Fri May 18 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-15
- Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
- Trigger on selinux-policy needs to change to selinux-policy-devel
More information about the scm-commits
mailing list