[policycoreutils] - Don't report error on load_policy when system is disabled.
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Nov 22 18:50:23 UTC 2010
commit af19df0f009830b480cc337ad8e52b39c46ba5ec
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Nov 22 13:50:29 2010 -0500
- Don't report error on load_policy when system is disabled.
policycoreutils-2.0.83-disable.patch | 25 +++++++++++++++++++++++++
policycoreutils.spec | 7 ++++++-
2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/policycoreutils-2.0.83-disable.patch b/policycoreutils-2.0.83-disable.patch
new file mode 100644
index 0000000..78b4b1d
--- /dev/null
+++ b/policycoreutils-2.0.83-disable.patch
@@ -0,0 +1,25 @@
+diff -up policycoreutils-2.0.83/load_policy/load_policy.c.init policycoreutils-2.0.83/load_policy/load_policy.c
+--- policycoreutils-2.0.83/load_policy/load_policy.c.init 2010-11-08 13:46:37.000000000 -0500
++++ policycoreutils-2.0.83/load_policy/load_policy.c 2010-11-22 13:43:58.000000000 -0500
+@@ -74,6 +74,7 @@ int main(int argc, char **argv)
+ "%s: Warning! Boolean file argument (%s) is no longer supported, installed booleans file is always used. Continuing...\n",
+ argv[0], argv[optind++]);
+ }
++ errno = 0;
+ if (init) {
+ if (is_selinux_enabled() == 1) {
+ /* SELinux is already enabled, we should not do an initial load again */
+@@ -98,7 +99,12 @@ int main(int argc, char **argv)
+ else {
+ ret = selinux_mkload_policy(1);
+ }
+- if (ret < 0) {
++
++ /* selinux_init_load_policy returns -1 if it did not load_policy
++ * On SELinux disabled system it will always return -1
++ * So check errno to see if anything went wrong
++ */
++ if (ret < 0 && errno != 0) {
+ char *path=policy_path();
+ fprintf(stderr, _("%s: Can't load policy file %s: %s\n"),
+ argv[0], path, strerror(errno));
diff --git a/policycoreutils.spec b/policycoreutils.spec
index e9c76e0..5aa1e67 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.83
-Release: 36%{?dist}
+Release: 37%{?dist}
License: GPLv2
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -24,6 +24,7 @@ Patch: policycoreutils-rhat.patch
Patch1: policycoreutils-po.patch
Patch3: policycoreutils-gui.patch
Patch4: policycoreutils-sepolgen.patch
+Patch5: policycoreutils-2.0.83-disable.patch
Obsoletes: policycoreutils < 2.0.61-2
%global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
@@ -62,6 +63,7 @@ context.
%patch1 -p1 -b .rhatpo
%patch3 -p1 -b .gui
%patch4 -p1 -b .sepolgen
+%patch5 -p1 -b .disable
%build
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE " LDFLAGS="-pie -Wl,-z,relro" all
@@ -327,6 +329,9 @@ fi
exit 0
%changelog
+* Mon Nov 22 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-37
+- Don't report error on load_policy when system is disabled.
+
* Mon Nov 8 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-36
- Fix up problems pointed out by solar designer on dropping capabilities
More information about the scm-commits
mailing list