[policycoreutils/f15/master] Change fixfiles restore to delete unlabeled sockets in /tmp

Daniel J Walsh dwalsh at fedoraproject.org
Mon Apr 18 16:48:35 UTC 2011 

commit 16246ac8b2408571cc80ebf2fa3fa71642ab0880
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Mon Apr 18 12:48:35 2011 -0400

    Change fixfiles restore to delete unlabeled sockets in /tmp

 policycoreutils-rhat.patch |    9 ++++++---
 policycoreutils.spec       |    5 ++++-
 2 files changed, 10 insertions(+), 4 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 357171f..b182a09 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -3194,7 +3194,7 @@ index 3f9efba..7c6d75a 100644
 +/etc/selinux/{SELINUXTYPE}/seusers
  
 diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
-index ae519fc..7d21ea3 100755
+index ae519fc..706184d 100755
 --- a/policycoreutils/scripts/fixfiles
 +++ b/policycoreutils/scripts/fixfiles
 @@ -21,6 +21,44 @@
@@ -3278,7 +3278,7 @@ index ae519fc..7d21ea3 100755
  
  rpmlist() {
  rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
-@@ -121,24 +144,34 @@ if [ ! -z "$PREFC" ]; then
+@@ -121,33 +144,45 @@ if [ ! -z "$PREFC" ]; then
  fi
  if [ ! -z "$RPMFILES" ]; then
      for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
@@ -3321,10 +3321,13 @@ index ae519fc..7d21ea3 100755
 +fi
 +${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMS} 2>&1 | cat >> $LOGFILE
 +rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
++find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) \( -type s -o -type p \) -delete
  find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
  find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
++find /var/run \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t var_run_t {} \;
++find /var/lib/debug \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t lib_t {} \;
  exit $?
-@@ -146,8 +179,7 @@ exit $?
+ }
  
  fullrelabel() {
      logit "Cleaning out /tmp"
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 5d4e780..06e5dfd 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.85
-Release: 30%{?dist}
+Release: 31%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -331,6 +331,9 @@ fi
 exit 0
 
 %changelog
+* Mon Apr 18 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-31
+- Change fixfiles restore to delete unlabeled sockets in /tmp
+
 * Mon Apr 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-30
 - Add Elia Pinto patches to allow user to specify directories to ignore

More information about the scm-commits mailing list