[policycoreutils/f17] Fix sepolgen to use realpath on executables handed to it. - Brian Bickford

Daniel J Walsh dwalsh at fedoraproject.org
Thu May 24 12:54:22 UTC 2012 

commit e0bcbf6793a0824964d8fc8c59f4a9c7c2216311
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu May 24 08:54:12 2012 -0400

    Fix sepolgen to use realpath on executables handed to it. - Brian Bickford

 policycoreutils-rhat.patch |   62 ++++++++++++++++++++++++++++++++++++--------
 1 files changed, 51 insertions(+), 11 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 9be14a6..f8caa4f 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -89,10 +89,10 @@ index 0000000..53efa84
 +relabel:
 diff --git a/policycoreutils/gui/booleansPage.py b/policycoreutils/gui/booleansPage.py
 new file mode 100644
-index 0000000..dca786d
+index 0000000..1216255
 --- /dev/null
 +++ b/policycoreutils/gui/booleansPage.py
-@@ -0,0 +1,247 @@
+@@ -0,0 +1,258 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
 +#
@@ -233,6 +233,15 @@ index 0000000..dca786d
 +        self.filter=""
 +        self.load(self.filter)
 +            
++    def error(self, message):
++        dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++                                gtk.BUTTONS_CLOSE,
++                                message)
++        dlg.set_position(gtk.WIN_POS_MOUSE)
++        dlg.show_all()
++        dlg.run()
++        dlg.destroy()
++
 +    def __search(self, model, col, key, i):
 +        sort_col = self.store.get_sort_column_id()[0]
 +        if sort_col > 0:
@@ -310,8 +319,10 @@ index 0000000..dca786d
 +        key = self.store.get_value(iter, BOOLEAN)
 +        self.store.set_value(iter, ACTIVE , not val)
 +        self.wait()
-+        setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
-+        commands.getstatusoutput(setsebool)
++        setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val)
++        rc,out = commands.getstatusoutput(setsebool)
++        if rc != 0:
++            self.error(out)
 +        self.load(self.filter)
 +        self.ready()
 +
@@ -287457,7 +287468,7 @@ index 2b66bad..38abeb8 100644
  This manual page was written by Dan Walsh <dwalsh at redhat.com>.
  The program was written by Tresys Technology.
 diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
-index d6c041b..ba118f3 100644
+index d6c041b..db1d1e1 100644
 --- a/policycoreutils/setsebool/setsebool.c
 +++ b/policycoreutils/setsebool/setsebool.c
 @@ -6,6 +6,7 @@
@@ -287468,7 +287479,7 @@ index d6c041b..ba118f3 100644
  #include <pwd.h>
  #include <selinux/selinux.h>
  #include <semanage/handle.h>
-@@ -15,13 +16,14 @@
+@@ -15,21 +16,22 @@
  #include <errno.h>
  
  int permanent = 0;
@@ -287484,16 +287495,17 @@ index d6c041b..ba118f3 100644
  	     stderr);
  	exit(1);
  }
-@@ -29,7 +31,7 @@ void usage(void)
+ 
  int main(int argc, char **argv)
  {
- 	size_t rc, start;
+-	size_t rc, start;
 -
++	size_t rc;
 +	int clflag;		/* holds codes for command line flags */
  	if (argc < 2)
  		usage();
  
-@@ -38,14 +40,30 @@ int main(int argc, char **argv)
+@@ -38,37 +40,52 @@ int main(int argc, char **argv)
  		return 1;
  	}
  
@@ -287526,11 +287538,39 @@ index d6c041b..ba118f3 100644
 +		usage();
 +	}
  
-+	start = argc-optind;
  	/* Check to see which way we are being called. If a '=' is passed,
  	   we'll enforce the list syntax. If not we'll enforce the original
  	   syntax for backward compatibility. */
-@@ -165,7 +183,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
+-	if (strchr(argv[start], '=') == 0) {
++	if (strchr(argv[optind], '=') == 0) {
+ 		int len;
+ 		char *bool_list[1];
+ 
+-		if ((argc - start) != 2)
++		if ((argc - optind) != 2)
+ 			usage();
+ 
+ 		/* Add 1 for the '=' */
+-		len = strlen(argv[start]) + strlen(argv[start + 1]) + 2;
++		len = strlen(argv[optind]) + strlen(argv[optind + 1]) + 2;
+ 		bool_list[0] = (char *)malloc(len);
+ 		if (bool_list[0] == 0) {
+ 			fputs("Out of memory - aborting\n", stderr);
+ 			return 1;
+ 		}
+-		snprintf(bool_list[0], len, "%s=%s", argv[start],
+-			 argv[start + 1]);
++		snprintf(bool_list[0], len, "%s=%s", argv[optind],
++			 argv[optind + 1]);
+ 		rc = setbool(bool_list, 0, 1);
+ 		free(bool_list[0]);
+ 	} else
+-		rc = setbool(argv, start, argc);
++		rc = setbool(argv, optind, argc);
+ 
+ 	return rc;
+ }
+@@ -165,7 +182,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
  		boolean = NULL;
  	}

More information about the scm-commits mailing list