rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.416, 1.417 policycoreutils-sepolgen.patch, 1.22, 1.23 policycoreutils.spec, 1.603, 1.604
Daniel J Walsh
dwalsh at fedoraproject.org
Tue May 5 18:52:24 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19370
Modified Files:
policycoreutils-rhat.patch policycoreutils-sepolgen.patch
policycoreutils.spec
Log Message:
* Wed Apr 22 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-14
- Fix audit2allow -a to retun /var/log/messages
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.416
retrieving revision 1.417
diff -u -p -r1.416 -r1.417
--- policycoreutils-rhat.patch 16 Apr 2009 18:53:29 -0000 1.416
+++ policycoreutils-rhat.patch 5 May 2009 18:51:52 -0000 1.417
@@ -1,128 +1,575 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/debugfiles.list policycoreutils-2.0.62/debugfiles.list
---- nsapolicycoreutils/debugfiles.list 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.62/debugfiles.list 2009-04-03 14:13:23.000000000 -0400
-@@ -0,0 +1,64 @@
-+%dir /usr/lib/debug
-+%dir /usr/lib/debug/sbin
-+%dir /usr/lib/debug/.build-id
-+%dir /usr/lib/debug/.build-id/3d
-+%dir /usr/lib/debug/.build-id/ec
-+%dir /usr/lib/debug/.build-id/9d
-+%dir /usr/lib/debug/.build-id/cb
-+%dir /usr/lib/debug/.build-id/bc
-+%dir /usr/lib/debug/.build-id/0a
-+%dir /usr/lib/debug/.build-id/81
-+%dir /usr/lib/debug/.build-id/ad
-+%dir /usr/lib/debug/.build-id/7f
-+%dir /usr/lib/debug/.build-id/f4
-+%dir /usr/lib/debug/.build-id/15
-+%dir /usr/lib/debug/.build-id/1d
-+%dir /usr/lib/debug/.build-id/a8
-+%dir /usr/lib/debug/.build-id/d3
-+%dir /usr/lib/debug/usr
-+%dir /usr/lib/debug/usr/sbin
-+%dir /usr/lib/debug/usr/bin
-+/usr/lib/debug/sbin/setfiles.debug
-+/usr/lib/debug/sbin/restorecon.debug
-+/usr/lib/debug/.build-id/3d/c26411dac65290297678f68c7d65c43039df70.debug
-+/usr/lib/debug/.build-id/3d/c26411dac65290297678f68c7d65c43039df70
-+/usr/lib/debug/.build-id/ec/2012afb3f104620e1d260c932419e6391474ab
-+/usr/lib/debug/.build-id/ec/2012afb3f104620e1d260c932419e6391474ab.debug
-+/usr/lib/debug/.build-id/9d/511790c5b6141b50c55b8fe8bc032d84827665.debug
-+/usr/lib/debug/.build-id/9d/511790c5b6141b50c55b8fe8bc032d84827665
-+/usr/lib/debug/.build-id/cb/29543b91147fcf47889d52fa8375c3a388dcce
-+/usr/lib/debug/.build-id/cb/29543b91147fcf47889d52fa8375c3a388dcce.debug
-+/usr/lib/debug/.build-id/bc/36b9f43fecf5bdb7cbc3780aea1de9a7192865
-+/usr/lib/debug/.build-id/bc/36b9f43fecf5bdb7cbc3780aea1de9a7192865.debug
-+/usr/lib/debug/.build-id/0a/2965fb8a1c2359677db2cd583f4caa9b79e082.debug
-+/usr/lib/debug/.build-id/0a/2965fb8a1c2359677db2cd583f4caa9b79e082
-+/usr/lib/debug/.build-id/81/4a2dc779e8dc03a30550b17393f4bf38cc3401.debug
-+/usr/lib/debug/.build-id/81/4a2dc779e8dc03a30550b17393f4bf38cc3401
-+/usr/lib/debug/.build-id/ad/d96fe93d52caa86fd8119e3a250b3ff1afc8be.debug
-+/usr/lib/debug/.build-id/ad/d96fe93d52caa86fd8119e3a250b3ff1afc8be
-+/usr/lib/debug/.build-id/7f/d8c1148b921ee7ce357dcc4827a35074d8744a.debug
-+/usr/lib/debug/.build-id/7f/d8c1148b921ee7ce357dcc4827a35074d8744a
-+/usr/lib/debug/.build-id/f4/3cc2016abf9b6152b720b604ffc7b05ada92b7.debug
-+/usr/lib/debug/.build-id/f4/3cc2016abf9b6152b720b604ffc7b05ada92b7
-+/usr/lib/debug/.build-id/15/cbead7609477306808e0d90860e7e0d69ccac8.debug
-+/usr/lib/debug/.build-id/15/cbead7609477306808e0d90860e7e0d69ccac8
-+/usr/lib/debug/.build-id/1d/b4d0c26d77215c7e45aa7da8d6622ec413951f.debug
-+/usr/lib/debug/.build-id/1d/b4d0c26d77215c7e45aa7da8d6622ec413951f
-+/usr/lib/debug/.build-id/a8/4bb87bec28cd2e948c72529f4640d56178107b
-+/usr/lib/debug/.build-id/a8/4bb87bec28cd2e948c72529f4640d56178107b.debug
-+/usr/lib/debug/.build-id/d3/a79f853588fb732304975cb781fe37f686e5b9
-+/usr/lib/debug/.build-id/d3/a79f853588fb732304975cb781fe37f686e5b9.debug
-+/usr/lib/debug/usr/sbin/load_policy.debug
-+/usr/lib/debug/usr/sbin/restorecond.debug
-+/usr/lib/debug/usr/sbin/semodule.debug
-+/usr/lib/debug/usr/sbin/sestatus.debug
-+/usr/lib/debug/usr/sbin/setsebool.debug
-+/usr/lib/debug/usr/sbin/open_init_pty.debug
-+/usr/lib/debug/usr/sbin/run_init.debug
-+/usr/lib/debug/usr/bin/semodule_package.debug
-+/usr/lib/debug/usr/bin/newrole.debug
-+/usr/lib/debug/usr/bin/semodule_link.debug
-+/usr/lib/debug/usr/bin/semodule_deps.debug
-+/usr/lib/debug/usr/bin/semodule_expand.debug
-+/usr/lib/debug/usr/bin/secon.debug
-+/usr/src/debug/policycoreutils-2.0.62
-diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/debuglinks.list policycoreutils-2.0.62/debuglinks.list
---- nsapolicycoreutils/debuglinks.list 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.62/debuglinks.list 2009-04-03 14:13:23.000000000 -0400
-@@ -0,0 +1,29 @@
-+/usr/lib/debug/.build-id/f4/3cc2016abf9b6152b720b604ffc7b05ada92b7 /sbin/setfiles
-+/usr/lib/debug/.build-id/f4/3cc2016abf9b6152b720b604ffc7b05ada92b7.debug /usr/lib/debug/sbin/setfiles.debug
-+/usr/lib/debug/.build-id/3d/c26411dac65290297678f68c7d65c43039df70 /usr/sbin/open_init_pty
-+/usr/lib/debug/.build-id/3d/c26411dac65290297678f68c7d65c43039df70.debug /usr/lib/debug/usr/sbin/open_init_pty.debug
-+/usr/lib/debug/.build-id/15/cbead7609477306808e0d90860e7e0d69ccac8 /usr/sbin/sestatus
-+/usr/lib/debug/.build-id/15/cbead7609477306808e0d90860e7e0d69ccac8.debug /usr/lib/debug/usr/sbin/sestatus.debug
-+/usr/lib/debug/.build-id/81/4a2dc779e8dc03a30550b17393f4bf38cc3401 /usr/sbin/semodule
-+/usr/lib/debug/.build-id/81/4a2dc779e8dc03a30550b17393f4bf38cc3401.debug /usr/lib/debug/usr/sbin/semodule.debug
-+/usr/lib/debug/.build-id/d3/a79f853588fb732304975cb781fe37f686e5b9 /usr/sbin/load_policy
-+/usr/lib/debug/.build-id/d3/a79f853588fb732304975cb781fe37f686e5b9.debug /usr/lib/debug/usr/sbin/load_policy.debug
-+/usr/lib/debug/.build-id/a8/4bb87bec28cd2e948c72529f4640d56178107b /usr/sbin/run_init
-+/usr/lib/debug/.build-id/a8/4bb87bec28cd2e948c72529f4640d56178107b.debug /usr/lib/debug/usr/sbin/run_init.debug
-+/usr/lib/debug/.build-id/7f/d8c1148b921ee7ce357dcc4827a35074d8744a /usr/sbin/restorecond
-+/usr/lib/debug/.build-id/7f/d8c1148b921ee7ce357dcc4827a35074d8744a.debug /usr/lib/debug/usr/sbin/restorecond.debug
-+/usr/lib/debug/.build-id/ec/2012afb3f104620e1d260c932419e6391474ab /usr/sbin/setsebool
-+/usr/lib/debug/.build-id/ec/2012afb3f104620e1d260c932419e6391474ab.debug /usr/lib/debug/usr/sbin/setsebool.debug
-+/usr/lib/debug/.build-id/bc/36b9f43fecf5bdb7cbc3780aea1de9a7192865 /usr/bin/secon
-+/usr/lib/debug/.build-id/bc/36b9f43fecf5bdb7cbc3780aea1de9a7192865.debug /usr/lib/debug/usr/bin/secon.debug
-+/usr/lib/debug/.build-id/1d/b4d0c26d77215c7e45aa7da8d6622ec413951f /usr/bin/newrole
-+/usr/lib/debug/.build-id/1d/b4d0c26d77215c7e45aa7da8d6622ec413951f.debug /usr/lib/debug/usr/bin/newrole.debug
-+/usr/lib/debug/.build-id/0a/2965fb8a1c2359677db2cd583f4caa9b79e082 /usr/bin/semodule_link
-+/usr/lib/debug/.build-id/0a/2965fb8a1c2359677db2cd583f4caa9b79e082.debug /usr/lib/debug/usr/bin/semodule_link.debug
-+/usr/lib/debug/.build-id/ad/d96fe93d52caa86fd8119e3a250b3ff1afc8be /usr/bin/semodule_expand
-+/usr/lib/debug/.build-id/ad/d96fe93d52caa86fd8119e3a250b3ff1afc8be.debug /usr/lib/debug/usr/bin/semodule_expand.debug
-+/usr/lib/debug/.build-id/cb/29543b91147fcf47889d52fa8375c3a388dcce /usr/bin/semodule_package
-+/usr/lib/debug/.build-id/cb/29543b91147fcf47889d52fa8375c3a388dcce.debug /usr/lib/debug/usr/bin/semodule_package.debug
-+/usr/lib/debug/.build-id/9d/511790c5b6141b50c55b8fe8bc032d84827665 /usr/bin/semodule_deps
-+/usr/lib/debug/.build-id/9d/511790c5b6141b50c55b8fe8bc032d84827665.debug /usr/lib/debug/usr/bin/semodule_deps.debug
-+/usr/lib/debug/sbin/restorecon.debug /usr/lib/debug/sbin/setfiles.debug
-Binary files nsapolicycoreutils/debugsources.list and policycoreutils-2.0.62/debugsources.list differ
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.62/audit2allow/audit2allow
+--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
++++ policycoreutils-2.0.62/audit2allow/audit2allow 2009-05-04 13:40:26.000000000 -0400
+@@ -126,6 +126,7 @@
+ elif self.__options.audit:
+ try:
+ messages = audit.get_audit_msgs()
++ messages += audit.get_log_msgs()
+ except OSError, e:
+ sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
+ sys.exit(1)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.62/Makefile
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/Makefile 2009-04-03 14:12:56.000000000 -0400
++++ policycoreutils-2.0.62/Makefile 2009-05-04 13:40:26.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.62/restorecond/Makefile
+--- nsapolicycoreutils/restorecond/Makefile 2009-02-18 16:44:47.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/Makefile 2009-05-04 13:40:26.000000000 -0400
+@@ -2,16 +2,21 @@
+ PREFIX ?= ${DESTDIR}/usr
+ SBINDIR ?= $(PREFIX)/sbin
+ MANDIR = $(PREFIX)/share/man
++AUTOSTARTDIR = $(DESTDIR)/etc/xdg/autostart
++DBUSSERVICEDIR = $(DESTDIR)/usr/share/dbus-1/services
++
++autostart_DATA = sealertauto.desktop
+ INITDIR = $(DESTDIR)/etc/rc.d/init.d
+ SELINUXDIR = $(DESTDIR)/etc/selinux
+
+ CFLAGS ?= -g -Werror -Wall -W
+-override CFLAGS += -I$(PREFIX)/include -D_FILE_OFFSET_BITS=64
+-LDLIBS += -lselinux -L$(PREFIX)/lib
++override CFLAGS += -I$(PREFIX)/include -I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include -D_FILE_OFFSET_BITS=64 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include
++
++LDLIBS += -lselinux -ldbus-glib-1 -lglib-2.0 -L$(PREFIX)/lib
+
+ all: restorecond
+
+-restorecond: restorecond.o utmpwatcher.o stringslist.o
++restorecond: restorecond.o stringslist.o user.o
+ $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
+
+ install: all
+@@ -22,7 +27,12 @@
+ -mkdir -p $(INITDIR)
+ install -m 755 restorecond.init $(INITDIR)/restorecond
+ -mkdir -p $(SELINUXDIR)
+- install -m 600 restorecond.conf $(SELINUXDIR)/restorecond.conf
++ install -m 644 restorecond.conf $(SELINUXDIR)/restorecond.conf
++ install -m 644 restorecond_user.conf $(SELINUXDIR)/restorecond_user.conf
++ -mkdir -p $(AUTOSTARTDIR)
++ install -m 600 restorecond.desktop $(AUTOSTARTDIR)/restorecond.desktop
++ -mkdir -p $(DBUSSERVICEDIR)
++ install -m 600 org.selinux.Restorecond.service $(DBUSSERVICEDIR)/org.selinux.Restorecond.service
+
+ relabel: install
+ /sbin/restorecon $(SBINDIR)/restorecond
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.62/restorecond/org.selinux.Restorecond.service
+--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/org.selinux.Restorecond.service 2009-05-04 13:40:26.000000000 -0400
+@@ -0,0 +1,3 @@
++[D-BUS Service]
++Name=org.selinux.Restorecond
++Exec=/usr/sbin/restorecond -u
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.62/restorecond/restorecond.c
+--- nsapolicycoreutils/restorecond/restorecond.c 2009-02-18 16:44:47.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/restorecond.c 2009-05-04 13:40:26.000000000 -0400
+@@ -54,25 +54,31 @@
+ #include <syslog.h>
+ #include <limits.h>
+ #include <fcntl.h>
++#include <pwd.h>
++#include <glob.h>
+
+ #include "restorecond.h"
+ #include "stringslist.h"
+-#include "utmpwatcher.h"
+
++extern int start(void);
++extern int server(int);
+ extern char *dirname(char *path);
+ static int master_fd = -1;
+ static int master_wd = -1;
+ static int terminate = 0;
+
++static char *server_watch_file = "/etc/selinux/restorecond.conf";
++static char *user_watch_file = "/etc/selinux/restorecond_user.conf";
++static char *watch_file;
++
+ #include <selinux/selinux.h>
+-#include <utmp.h>
+
+ /* size of the event structure, not counting name */
+ #define EVENT_SIZE (sizeof (struct inotify_event))
+ /* reasonable guess as to size of 1024 events */
+ #define BUF_LEN (1024 * (EVENT_SIZE + 16))
+
+-static int debug_mode = 0;
++int debug_mode = 0;
+ static int verbose_mode = 0;
+
+ static void restore(const char *filename, int exact);
+@@ -104,7 +110,7 @@
+ see if it is one that we are watching.
+ */
+
+-static int watch_list_find(int wd, const char *file)
++int watch_list_find(int wd, const char *file)
+ {
+ struct watchList *ptr = NULL;
+ ptr = firstDir;
+@@ -135,7 +141,7 @@
+ return -1;
+ }
+
+-static void watch_list_free(int fd)
++void watch_list_free(int fd)
+ {
+ struct watchList *ptr = NULL;
+ struct watchList *prev = NULL;
+@@ -152,6 +158,12 @@
+ firstDir = NULL;
+ }
+
++static void done(void) {
++ watch_list_free(master_fd);
++ close(master_fd);
++ matchpathcon_fini();
++}
++
+ /*
+ Set the file context to the default file context for this system.
+ Same as restorecon.
+@@ -241,6 +253,8 @@
+ {
+ char *line_buf = NULL;
+ size_t len = 0;
++ uid_t uid = getuid();
++ struct passwd *pwd = getpwuid(uid);
+
+ while (getline(&line_buf, &len, cfg) > 0) {
+ char *buffer = line_buf;
+@@ -252,8 +266,12 @@
+ if (l <= 0)
+ continue;
+ buffer[l] = 0;
+- if (buffer[0] == '~')
+- utmpwatcher_add(fd, &buffer[1]);
++ if (buffer[0] == '~') {
++ char *ptr=NULL;
++ asprintf(&ptr, "%s%s", pwd->pw_dir, &buffer[1]);
++ watch_list_add(fd, ptr);
++ free(ptr);
++ }
+ else {
+ watch_list_add(fd, buffer);
+ }
+@@ -267,9 +285,8 @@
+ homedirs.
+ */
+
+-static void read_config(int fd)
++static void read_config(int fd, const char *watch_file_path)
+ {
+- char *watch_file_path = "/etc/selinux/restorecond.conf";
+
+ FILE *cfg = NULL;
+ if (debug_mode)
+@@ -278,8 +295,10 @@
+ watch_list_free(fd);
+
+ cfg = fopen(watch_file_path, "r");
+- if (!cfg)
+- exitApp("Error reading config file.");
++ if (!cfg){
++ perror(watch_file_path);
++ exitApp("Error reading config file");
++ }
+ process_config(fd, cfg);
+ fclose(cfg);
+
+@@ -316,21 +335,10 @@
+ event->wd, event->mask,
+ event->cookie, event->len);
+ if (event->wd == master_wd)
+- read_config(fd);
++ read_config(fd, watch_file);
+ else {
+- switch (utmpwatcher_handle(fd, event->wd)) {
+- case -1: /* Message was not for utmpwatcher */
+- if (event->len)
+- watch_list_find(event->wd, event->name);
+- break;
+-
+- case 1: /* utmp has changed need to reload */
+- read_config(fd);
+- break;
+-
+- default: /* No users logged in or out */
+- break;
+- }
++ if (event->len)
++ watch_list_find(event->wd, event->name);
+ }
+
+ i += EVENT_SIZE + event->len;
+@@ -374,7 +382,7 @@
+
+ static void usage(char *program)
+ {
+- printf("%s [-d] [-v] \n", program);
++ printf("%s [-d] [-s] [-f restorecond_file ] [-v] \n", program);
+ exit(0);
+ }
+
+@@ -393,7 +401,9 @@
+ void watch_list_add(int fd, const char *path)
+ {
+ struct watchList *ptr = NULL;
++ size_t i = 0;
+ struct watchList *prev = NULL;
++ glob_t globbuf;
+ char *x = strdup(path);
+ if (!x)
+ exitApp("Out of Memory");
+@@ -401,7 +411,15 @@
+ char *file = basename(path);
+ ptr = firstDir;
+
+- restore(path, 1);
++ globbuf.gl_offs = 1;
++ if (glob(path,
++ GLOB_TILDE,
++ NULL,
++ &globbuf) >= 0) {
++ for (i=0; i < globbuf.gl_pathc; i++)
++ restore(globbuf.gl_pathv[i], 1);
++ globfree(&globbuf);
++ }
+
+ while (ptr != NULL) {
+ if (strcmp(dir, ptr->dir) == 0) {
+@@ -445,14 +463,8 @@
+ {
+ int opt;
+ struct sigaction sa;
++ int run_as_user = 0;
+
+-#ifndef DEBUG
+- /* Make sure we are root */
+- if (getuid() != 0) {
+- fprintf(stderr, "You must be root to run this program.\n");
+- return 1;
+- }
+-#endif
+ /* Make sure we are root */
+ if (is_selinux_enabled() != 1) {
+ fprintf(stderr, "Daemon requires SELinux be enabled to run.\n");
+@@ -471,11 +483,18 @@
+ if (master_fd < 0)
+ exitApp("inotify_init");
+
+- while ((opt = getopt(argc, argv, "dv")) > 0) {
++ atexit( done );
++ while ((opt = getopt(argc, argv, "uf:dv")) > 0) {
+ switch (opt) {
+ case 'd':
+ debug_mode = 1;
+ break;
++ case 'f':
++ watch_file = optarg;
++ break;
++ case 'u':
++ run_as_user = 1;
++ break;
+ case 'v':
+ verbose_mode = 1;
+ break;
+@@ -483,7 +502,18 @@
+ usage(argv[0]);
+ }
+ }
+- read_config(master_fd);
++
++ if (getuid() != 0) {
++ watch_file = user_watch_file;
++ read_config(master_fd, watch_file);
++ if (run_as_user)
++ return server(master_fd);
++ else
++ return start();
++ }
++
++ watch_file = server_watch_file;
++ read_config(master_fd, watch_file);
+
+ if (!debug_mode)
+ daemon(0, 0);
+@@ -496,9 +526,10 @@
+ watch_list_free(master_fd);
+ close(master_fd);
+ matchpathcon_fini();
+- utmpwatcher_free();
+ if (pidfile)
+ unlink(pidfile);
+
+ return 0;
+ }
++
++
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.62/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-02-18 16:44:47.000000000 -0500
-+++ policycoreutils-2.0.62/restorecond/restorecond.conf 2009-04-03 14:12:56.000000000 -0400
-@@ -5,3 +5,7 @@
++++ policycoreutils-2.0.62/restorecond/restorecond.conf 2009-05-04 13:40:26.000000000 -0400
+@@ -4,4 +4,5 @@
+ /etc/mtab
/var/run/utmp
/var/log/wtmp
- ~/*
-+/root/.ssh
+-~/*
++/root/*
+/root/.ssh/*
-+
-+
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.62/restorecond/restorecond.desktop
+--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/restorecond.desktop 2009-05-04 13:40:26.000000000 -0400
+@@ -0,0 +1,7 @@
++[Desktop Entry]
++Name=File Context maintainer
++Exec=/usr/sbin/restorecond
++Comment=Fix file context in owned by the user
++Encoding=UTF-8
++Type=Application
++StartupNotify=false
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.62/restorecond/restorecond_user.conf
+--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/restorecond_user.conf 2009-05-04 13:40:26.000000000 -0400
+@@ -0,0 +1,2 @@
++~/*
++~/public_html/*
+diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.62/restorecond/user.c
+--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.62/restorecond/user.c 2009-05-04 13:40:26.000000000 -0400
+@@ -0,0 +1,223 @@
++/*
++ * restorecond
++ *
++ * Copyright (C) 2006-2009 Red Hat
++ * see file 'COPYING' for use and warranty information
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public License as
++ * published by the Free Software Foundation; either version 2 of
++ * the License, or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++.*
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
++ * 02111-1307 USA
++ *
++ * Authors:
++ * Dan Walsh <dwalsh at redhat.com>
++ *
++*/
++
++/*
++ * PURPOSE:
++ * This daemon program watches for the creation of files listed in a config file
++ * and makes sure that there security context matches the systems defaults
++ *
++ * USAGE:
++ * restorecond [-d] [-v]
++ *
++ * -d Run in debug mode
++ * -v Run in verbose mode (Report missing files)
++ *
++ * EXAMPLE USAGE:
++ * restorecond
++ *
++ */
++
++#define _GNU_SOURCE
++#include <sys/inotify.h>
++#include <errno.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <signal.h>
++#include <string.h>
++#include <unistd.h>
++#include <ctype.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <syslog.h>
++#include <limits.h>
++#include <fcntl.h>
++
++#include "restorecond.h"
++#include "stringslist.h"
++#include <glib.h>
++#include <dbus/dbus.h>
++#include <dbus/dbus-glib.h>
++#include <dbus/dbus-glib-lowlevel.h>
++
++extern int watch_list_find(int wd, const char *file);
++extern void watch_list_free(int fd);
++extern int debug_mode;
++
++static DBusHandlerResult signal_filter (DBusConnection *connection, DBusMessage *message, void *user_data);
++
++static const char *PATH="/org/selinux/Restorecond";
++//static const char *BUSNAME="org.selinux.Restorecond";
++static const char *INTERFACE="org.selinux.RestorecondIface";
++static const char *RULE="type='signal',interface='org.selinux.RestorecondIface'";
++
++#include <selinux/selinux.h>
++
++/* size of the event structure, not counting name */
++#define EVENT_SIZE (sizeof (struct inotify_event))
++/* reasonable guess as to size of 1024 events */
++#define BUF_LEN (1024 * (EVENT_SIZE + 16))
++
++static gboolean
++io_channel_callback
++ (GIOChannel *source,
++ GIOCondition condition,
++ gpointer data __attribute__((__unused__)))
++{
++
++ char buffer[BUF_LEN+1];
++ gsize bytes_read;
++ unsigned int i = 0;
++
++ if (condition & G_IO_IN) {
++ /* Data is available. */
++ g_io_channel_read
++ (source, buffer,
++ sizeof (buffer),
++ &bytes_read);
++
++ while (i < bytes_read) {
++ struct inotify_event *event;
++ event = (struct inotify_event *)&buffer[i];
++ if (debug_mode)
++ printf("wd=%d mask=%u cookie=%u len=%u\n",
++ event->wd, event->mask,
++ event->cookie, event->len);
++ if (event->len)
++ watch_list_find(event->wd, event->name);
++
++ i += EVENT_SIZE + event->len;
++ }
++ }
++
++ /* An error happened while reading
++ the file. */
++
++ if (condition & G_IO_NVAL)
++ return FALSE;
++
++ /* We have reached the end of the
++ file. */
++
++ if (condition & G_IO_HUP) {
++ g_io_channel_close (source);
++ return FALSE;
++ }
++
++ /* Returning TRUE will make sure
++ the callback remains associated
++ to the channel. */
++
++ return TRUE;
++}
++
++static DBusHandlerResult
++signal_filter (DBusConnection *connection __attribute__ ((__unused__)), DBusMessage *message, void *user_data)
++{
++ /* User data is the event loop we are running in */
++ GMainLoop *loop = user_data;
++
++ /* A signal from the bus saying we are about to be disconnected */
++ if (dbus_message_is_signal
++ (message, INTERFACE, "Stop")) {
++
++ /* Tell the main loop to quit */
++ g_main_loop_quit (loop);
++ /* We have handled this message, don't pass it on */
++ return DBUS_HANDLER_RESULT_HANDLED;
++ }
++ /* A Ping signal on the com.burtonini.dbus.Signal interface */
++ else if (dbus_message_is_signal (message, INTERFACE, "Start")) {
++ DBusError error;
++ dbus_error_init (&error);
++ g_print("Start received\n");
++ return DBUS_HANDLER_RESULT_HANDLED;
++ }
++ return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
++}
++
++
++int start() {
++ DBusConnection *bus;
++ DBusError error;
++ DBusMessage *message;
++
++ /* Get a connection to the session bus */
++ dbus_error_init (&error);
++ bus = dbus_bus_get (DBUS_BUS_SESSION, &error);
++ if (!bus) {
++ g_warning ("Failed to connect to the D-BUS daemon: %s", error.message);
++ dbus_error_free (&error);
++ return 1;
++ }
++
++
++ /* Create a new signal "Start" on the interface,
++ * from the object */
++ message = dbus_message_new_signal (PATH,
++ INTERFACE, "Start");
++ /* Send the signal */
++ dbus_connection_send (bus, message, NULL);
++ /* Free the signal now we have finished with it */
++ dbus_message_unref (message);
++ return 0;
++}
++
++int server(int master_fd) {
++ GMainLoop *loop;
++ DBusConnection *bus;
++ DBusError error;
++
++ loop = g_main_loop_new (NULL, FALSE);
++
++ dbus_error_init (&error);
++ if(getuid() == 0) {
++ bus = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
++ } else {
++ bus = dbus_bus_get (DBUS_BUS_SESSION, &error);
++ }
++ if (!bus) {
++ g_warning ("Failed to connect to the D-BUS daemon: %s", error.message);
++ dbus_error_free (&error);
++ return 1;
++ }
++ dbus_connection_setup_with_g_main (bus, NULL);
++
++ /* listening to messages from all objects as no path is specified */
++ dbus_bus_add_match (bus, RULE, &error); // see signals from the given interfacey
++ dbus_connection_add_filter (bus, signal_filter, loop, NULL);
++
++ set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
++
++ GIOChannel *c = g_io_channel_unix_new(master_fd);
++
++ g_io_add_watch_full( c,
++ G_PRIORITY_HIGH,
++ G_IO_IN|G_IO_ERR|G_IO_HUP,
++ io_channel_callback, NULL, NULL);
++
++ g_main_loop_run (loop);
++ return 0;
++}
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.62/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2009-01-13 08:45:35.000000000 -0500
-+++ policycoreutils-2.0.62/scripts/chcat 2009-04-09 12:28:34.000000000 -0400
++++ policycoreutils-2.0.62/scripts/chcat 2009-05-04 13:40:26.000000000 -0400
@@ -281,14 +281,14 @@
def expandCats(cats):
newcats = []
@@ -148,8 +595,17 @@ diff --exclude-from=exclude --exclude=se
if len(newcats) > 25:
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.62/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2009-02-18 16:44:47.000000000 -0500
-+++ policycoreutils-2.0.62/scripts/fixfiles 2009-04-03 14:12:56.000000000 -0400
-@@ -122,7 +122,7 @@
++++ policycoreutils-2.0.62/scripts/fixfiles 2009-05-05 10:47:08.000000000 -0400
+@@ -89,7 +89,7 @@
+ fi; \
+ done | \
+ while read pattern ; do sh -c "find $pattern \
+- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o \
++ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o -fstype btrfs \) -prune -o \
+ \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \
+ done 2> /dev/null | \
+ ${RESTORECON} $* -0 -f -
+@@ -122,14 +122,14 @@
fi
if [ ! -z "$RPMFILES" ]; then
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
@@ -158,9 +614,17 @@ diff --exclude-from=exclude --exclude=se
done
exit $?
fi
+ if [ ! -z "$FILEPATH" ]; then
+ if [ -x /usr/bin/find ]; then
+ /usr/bin/find "$FILEPATH" \
+- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o -print0 | \
++ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o fstype btrfs \) -prune -o -print0 | \
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
+ else
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.62/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2009-02-18 16:44:47.000000000 -0500
-+++ policycoreutils-2.0.62/semanage/semanage 2009-04-16 14:46:41.000000000 -0400
++++ policycoreutils-2.0.62/semanage/semanage 2009-05-04 13:40:26.000000000 -0400
@@ -44,16 +44,17 @@
text = _("""
semanage [ -S store ] -i [ input_file | - ]
@@ -260,7 +724,7 @@ diff --exclude-from=exclude --exclude=se
use_file = True
+ if o == "--dontaudit":
-+ dontaudit = a
++ dontaudit = not int(a)
+
if o == "-h" or o == "--help":
raise ValueError(_("%s bad option") % o)
@@ -354,7 +818,7 @@ diff --exclude-from=exclude --exclude=se
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.62/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/semanage/semanage.8 2009-04-16 13:51:38.000000000 -0400
++++ policycoreutils-2.0.62/semanage/semanage.8 2009-05-04 13:40:26.000000000 -0400
@@ -21,6 +21,8 @@
.br
.B semanage permissive \-{a|d} type
@@ -366,7 +830,14 @@ diff --exclude-from=exclude --exclude=se
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.62/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2008-11-14 17:10:15.000000000 -0500
-+++ policycoreutils-2.0.62/semanage/seobject.py 2009-04-16 14:46:58.000000000 -0400
++++ policycoreutils-2.0.62/semanage/seobject.py 2009-05-05 14:45:58.000000000 -0400
+@@ -1,5 +1,5 @@
+ #! /usr/bin/python -E
+-# Copyright (C) 2005, 2006, 2007, 2008 Red Hat
++# Copyright (C) 2005, 2006, 2007, 2008, 2009 Red Hat
+ # see file 'COPYING' for use and warranty information
+ #
+ # semanage is a tool for managing SELinux configuration files
@@ -21,16 +21,16 @@
#
#
@@ -514,7 +985,7 @@ diff --exclude-from=exclude --exclude=se
+
+ def dontaudit(self, dontaudit = 0):
+ self.begin()
-+ rc = semanage_set_disable_dontaudit(self.sh, int(dontaudit))
++ rc = semanage_set_disable_dontaudit(self.sh, dontaudit)
+ self.commit()
+ rc = semanage_reload_policy(self.sh)
+
@@ -940,7 +1411,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface)
if not exists:
-@@ -1393,6 +1452,45 @@
+@@ -1393,6 +1452,48 @@
class fcontextRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@@ -963,7 +1434,10 @@ diff --exclude-from=exclude --exclude=se
+ for src in self.equiv.keys():
+ fd.write("%s %s\n" % (src, self.equiv[src]))
+ fd.close()
-+ os.chmod(tmpfile, os.stat(subs_file)[stat.ST_MODE])
++ try:
++ os.chmod(tmpfile, os.stat(subs_file)[stat.ST_MODE])
++ except:
++ pass
+ os.rename(tmpfile,subs_file)
+ self.equil_ind = False
+ semanageRecords.commit(self)
@@ -986,7 +1460,7 @@ diff --exclude-from=exclude --exclude=se
def createcon(self, target, seuser = "system_u"):
(rc, con) = semanage_context_create(self.sh)
-@@ -1429,23 +1527,23 @@
+@@ -1429,23 +1530,23 @@
if type == "":
raise ValueError(_("SELinux Type is required"))
@@ -1014,7 +1488,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not create file context for %s") % target)
-@@ -1486,21 +1584,21 @@
+@@ -1486,21 +1587,21 @@
raise ValueError(_("Requires setype, serange or seuser"))
self.validate(target)
@@ -1041,7 +1515,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not query file context for %s") % target)
-@@ -1550,7 +1648,7 @@
+@@ -1550,7 +1651,7 @@
target = semanage_fcontext_get_expr(fcontext)
ftype = semanage_fcontext_get_type(fcontext)
ftype_str = semanage_fcontext_get_type_str(ftype)
@@ -1050,7 +1524,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not create a key for %s") % target)
-@@ -1558,19 +1656,26 @@
+@@ -1558,19 +1659,26 @@
if rc < 0:
raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k)
@@ -1081,7 +1555,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not check if file context for %s is defined") % target)
if exists:
-@@ -1617,11 +1722,11 @@
+@@ -1617,11 +1725,11 @@
return ddict
def list(self, heading = 1, locallist = 0 ):
@@ -1095,7 +1569,7 @@ diff --exclude-from=exclude --exclude=se
for k in keys:
if fcon_dict[k]:
if is_mls_enabled:
-@@ -1630,11 +1735,17 @@
+@@ -1630,11 +1738,17 @@
print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
else:
print "%-50s %-18s <<None>>" % (k[0], k[1])
@@ -1114,7 +1588,7 @@ diff --exclude-from=exclude --exclude=se
self.dict["TRUE"] = 1
self.dict["FALSE"] = 0
self.dict["ON"] = 1
-@@ -1643,16 +1754,16 @@
+@@ -1643,16 +1757,16 @@
self.dict["0"] = 0
def __mod(self, name, value):
@@ -1134,7 +1608,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not query file context %s") % name)
-@@ -1670,7 +1781,7 @@
+@@ -1670,7 +1784,7 @@
semanage_bool_key_free(k)
semanage_bool_free(b)
@@ -1143,7 +1617,7 @@ diff --exclude-from=exclude --exclude=se
self.begin()
-@@ -1694,16 +1805,16 @@
+@@ -1694,16 +1808,16 @@
def __delete(self, name):
@@ -1163,7 +1637,7 @@ diff --exclude-from=exclude --exclude=se
if rc < 0:
raise ValueError(_("Could not check if boolean %s is defined") % name)
if not exists:
-@@ -1762,7 +1873,7 @@
+@@ -1762,7 +1876,7 @@
return _("unknown")
def list(self, heading = True, locallist = False, use_file = False):
@@ -1172,11 +1646,9 @@ diff --exclude-from=exclude --exclude=se
if use_file:
ddict = self.get_all(locallist)
keys = ddict.keys()
-Binary files nsapolicycoreutils/setfiles/restorecon and policycoreutils-2.0.62/setfiles/restorecon differ
-Binary files nsapolicycoreutils/setfiles/setfiles and policycoreutils-2.0.62/setfiles/setfiles differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.62/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/setfiles/setfiles.c 2009-04-14 09:38:55.000000000 -0400
++++ policycoreutils-2.0.62/setfiles/setfiles.c 2009-05-04 13:40:26.000000000 -0400
@@ -29,6 +29,8 @@
static int mass_relabel;
static int mass_relabel_errs;
@@ -1209,4 +1681,3 @@ diff --exclude-from=exclude --exclude=se
printf("\n");
exit(errors);
}
-Binary files nsapolicycoreutils/setfiles/setfiles.o and policycoreutils-2.0.62/setfiles/setfiles.o differ
policycoreutils-sepolgen.patch:
Index: policycoreutils-sepolgen.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-sepolgen.patch,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -p -r1.22 -r1.23
--- policycoreutils-sepolgen.patch 9 Apr 2009 02:05:30 -0000 1.22
+++ policycoreutils-sepolgen.patch 5 May 2009 18:51:54 -0000 1.23
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/access.py
--- nsasepolgen/src/sepolgen/access.py 2009-01-13 08:45:35.000000000 -0500
-+++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/access.py 2009-04-01 10:03:43.000000000 -0400
++++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/access.py 2009-04-21 14:54:12.000000000 -0400
@@ -313,7 +313,7 @@
def __len__(self):
@@ -10,9 +10,30 @@ diff --exclude-from=exclude -N -u -r nsa
def add(self, role, type):
if self.role_types.has_key(role):
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/audit.py
+--- nsasepolgen/src/sepolgen/audit.py 2008-08-28 09:34:24.000000000 -0400
++++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/audit.py 2009-04-24 13:19:39.000000000 -0400
+@@ -47,6 +47,17 @@
+ stdout=subprocess.PIPE).communicate()[0]
+ return output
+
++def get_log_msgs():
++ """Obtain all of the avc and policy load messages from /var/log/messages.
++
++ Returns:
++ string contain all of the audit messages returned by /var/log/messages.
++ """
++ import subprocess
++ output = subprocess.Popen(["/bin/grep", "avc", "/var/log/messages"],
++ stdout=subprocess.PIPE).communicate()[0]
++ return output
++
+ # Classes representing audit messages
+
+ class AuditMessage:
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/refparser.py 2009-02-18 16:52:27.000000000 -0500
++++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/refparser.py 2009-04-21 14:54:12.000000000 -0400
@@ -919,7 +919,7 @@
def list_headers(root):
modules = []
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.603
retrieving revision 1.604
diff -u -p -r1.603 -r1.604
--- policycoreutils.spec 16 Apr 2009 18:53:29 -0000 1.603
+++ policycoreutils.spec 5 May 2009 18:51:54 -0000 1.604
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.62
-Release: 11%{?dist}
+Release: 14%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -201,6 +201,9 @@ rm -rf %{buildroot}
%config(noreplace) %{_sysconfdir}/sestatus.conf
%attr(755,root,root) /etc/rc.d/init.d/restorecond
%config(noreplace) /etc/selinux/restorecond.conf
+%config(noreplace) /etc/selinux/restorecond_user.conf
+%{_sysconfdir}/xdg/autostart/restorecond.desktop
+%{_datadir}/dbus-1/services/org.selinux.Restorecond.service
%preun
if [ $1 -eq 0 ]; then
@@ -221,7 +224,13 @@ else
fi
%changelog
-* Thu Apr 16 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-11
+* Wed Apr 22 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-14
+- Fix audit2allow -a to retun /var/log/messages
+
+* Wed Apr 22 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-13
+- Run restorecond as a user service
+
+* Thu Apr 16 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-12
- Add semanage module support
* Tue Apr 14 2009 Dan Walsh <dwalsh at redhat.com> 2.0.62-10
More information about the scm-commits
mailing list