[policycoreutils] - Don't report error on load_policy when system is disabled.

[Daniel J Walsh]

commit af19df0f009830b480cc337ad8e52b39c46ba5ec
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Mon Nov 22 13:50:29 2010 -0500

    - Don't report error on load_policy when system is disabled.

 policycoreutils-2.0.83-disable.patch |   25 +++++++++++++++++++++++++
 policycoreutils.spec                 |    7 ++++++-
 2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/policycoreutils-2.0.83-disable.patch b/policycoreutils-2.0.83-disable.patch
new file mode 100644
index 0000000..78b4b1d
--- /dev/null
+++ b/policycoreutils-2.0.83-disable.patch
@@ -0,0 +1,25 @@
+diff -up policycoreutils-2.0.83/load_policy/load_policy.c.init policycoreutils-2.0.83/load_policy/load_policy.c
+--- policycoreutils-2.0.83/load_policy/load_policy.c.init	2010-11-08 13:46:37.000000000 -0500
++++ policycoreutils-2.0.83/load_policy/load_policy.c	2010-11-22 13:43:58.000000000 -0500
+@@ -74,6 +74,7 @@ int main(int argc, char **argv)
+ 			"%s:  Warning!  Boolean file argument (%s) is no longer supported, installed booleans file is always used.  Continuing...\n",
+ 			argv[0], argv[optind++]);
+ 	}
++	errno = 0;
+ 	if (init) {
+ 		if (is_selinux_enabled() == 1) {
+ 			/* SELinux is already enabled, we should not do an initial load again */
+@@ -98,7 +99,12 @@ int main(int argc, char **argv)
+ 	else {
+ 		ret = selinux_mkload_policy(1);
+ 	}
+-	if (ret < 0) {
++
++	/* selinux_init_load_policy returns -1 if it did not load_policy
++         * On SELinux disabled system it will always return -1
++         * So check errno to see if anything went wrong
++         */
++	if (ret < 0 && errno != 0) {
+ 		char *path=policy_path();
+ 		fprintf(stderr, _("%s:  Can't load policy file %s:  %s\n"),
+ 			argv[0], path, strerror(errno));
diff --git a/policycoreutils.spec b/policycoreutils.spec
index e9c76e0..5aa1e67 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.83
-Release: 36%{?dist}
+Release: 37%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 Source:  http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -24,6 +24,7 @@ Patch:	 policycoreutils-rhat.patch
 Patch1:	 policycoreutils-po.patch
 Patch3:	 policycoreutils-gui.patch
 Patch4:	 policycoreutils-sepolgen.patch
+Patch5:	 policycoreutils-2.0.83-disable.patch
 Obsoletes: policycoreutils < 2.0.61-2
 
 %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
@@ -62,6 +63,7 @@ context.
 %patch1 -p1 -b .rhatpo
 %patch3 -p1 -b .gui
 %patch4 -p1 -b .sepolgen
+%patch5 -p1 -b .disable
 
 %build
 make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE " LDFLAGS="-pie -Wl,-z,relro" all 
@@ -327,6 +329,9 @@ fi
 exit 0
 
 %changelog
+* Mon Nov 22 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-37
+- Don't report error on load_policy when system is disabled.
+
 * Mon Nov 8 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-36
 - Fix up problems pointed out by solar designer on dropping capabilities