[policycoreutils/f17] Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
Daniel J Walsh
dwalsh at fedoraproject.org
Thu May 24 12:54:22 UTC 2012
commit e0bcbf6793a0824964d8fc8c59f4a9c7c2216311
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu May 24 08:54:12 2012 -0400
Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
policycoreutils-rhat.patch | 62 ++++++++++++++++++++++++++++++++++++--------
1 files changed, 51 insertions(+), 11 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 9be14a6..f8caa4f 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -89,10 +89,10 @@ index 0000000..53efa84
+relabel:
diff --git a/policycoreutils/gui/booleansPage.py b/policycoreutils/gui/booleansPage.py
new file mode 100644
-index 0000000..dca786d
+index 0000000..1216255
--- /dev/null
+++ b/policycoreutils/gui/booleansPage.py
-@@ -0,0 +1,247 @@
+@@ -0,0 +1,258 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -233,6 +233,15 @@ index 0000000..dca786d
+ self.filter=""
+ self.load(self.filter)
+
++ def error(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++ gtk.BUTTONS_CLOSE,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
+ def __search(self, model, col, key, i):
+ sort_col = self.store.get_sort_column_id()[0]
+ if sort_col > 0:
@@ -310,8 +319,10 @@ index 0000000..dca786d
+ key = self.store.get_value(iter, BOOLEAN)
+ self.store.set_value(iter, ACTIVE , not val)
+ self.wait()
-+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
-+ commands.getstatusoutput(setsebool)
++ setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val)
++ rc,out = commands.getstatusoutput(setsebool)
++ if rc != 0:
++ self.error(out)
+ self.load(self.filter)
+ self.ready()
+
@@ -287457,7 +287468,7 @@ index 2b66bad..38abeb8 100644
This manual page was written by Dan Walsh <dwalsh at redhat.com>.
The program was written by Tresys Technology.
diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
-index d6c041b..ba118f3 100644
+index d6c041b..db1d1e1 100644
--- a/policycoreutils/setsebool/setsebool.c
+++ b/policycoreutils/setsebool/setsebool.c
@@ -6,6 +6,7 @@
@@ -287468,7 +287479,7 @@ index d6c041b..ba118f3 100644
#include <pwd.h>
#include <selinux/selinux.h>
#include <semanage/handle.h>
-@@ -15,13 +16,14 @@
+@@ -15,21 +16,22 @@
#include <errno.h>
int permanent = 0;
@@ -287484,16 +287495,17 @@ index d6c041b..ba118f3 100644
stderr);
exit(1);
}
-@@ -29,7 +31,7 @@ void usage(void)
+
int main(int argc, char **argv)
{
- size_t rc, start;
+- size_t rc, start;
-
++ size_t rc;
+ int clflag; /* holds codes for command line flags */
if (argc < 2)
usage();
-@@ -38,14 +40,30 @@ int main(int argc, char **argv)
+@@ -38,37 +40,52 @@ int main(int argc, char **argv)
return 1;
}
@@ -287526,11 +287538,39 @@ index d6c041b..ba118f3 100644
+ usage();
+ }
-+ start = argc-optind;
/* Check to see which way we are being called. If a '=' is passed,
we'll enforce the list syntax. If not we'll enforce the original
syntax for backward compatibility. */
-@@ -165,7 +183,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
+- if (strchr(argv[start], '=') == 0) {
++ if (strchr(argv[optind], '=') == 0) {
+ int len;
+ char *bool_list[1];
+
+- if ((argc - start) != 2)
++ if ((argc - optind) != 2)
+ usage();
+
+ /* Add 1 for the '=' */
+- len = strlen(argv[start]) + strlen(argv[start + 1]) + 2;
++ len = strlen(argv[optind]) + strlen(argv[optind + 1]) + 2;
+ bool_list[0] = (char *)malloc(len);
+ if (bool_list[0] == 0) {
+ fputs("Out of memory - aborting\n", stderr);
+ return 1;
+ }
+- snprintf(bool_list[0], len, "%s=%s", argv[start],
+- argv[start + 1]);
++ snprintf(bool_list[0], len, "%s=%s", argv[optind],
++ argv[optind + 1]);
+ rc = setbool(bool_list, 0, 1);
+ free(bool_list[0]);
+ } else
+- rc = setbool(argv, start, argc);
++ rc = setbool(argv, optind, argc);
+
+ return rc;
+ }
+@@ -165,7 +182,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
boolean = NULL;
}
More information about the scm-commits
mailing list