[setools] - Exit seinfo and sesearch with proper status

Daniel J Walsh dwalsh at fedoraproject.org
Thu Jan 6 21:56:08 UTC 2011 

commit 26765faa8a8f69114dc3e6bc89dcf90da8e5f0c7
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu Jan 6 16:55:56 2011 -0500

    - Exit seinfo and sesearch with proper status

 setools-cmdline.patch    |   59 +++++++++++++++++++++++
 setools-exitstatus.patch |  119 ++++++++++++++++++++++++++++++++++++++++++++++
 setools.spec             |    2 +
 3 files changed, 180 insertions(+), 0 deletions(-)
---
diff --git a/setools-cmdline.patch b/setools-cmdline.patch
new file mode 100644
index 0000000..a55e214
--- /dev/null
+++ b/setools-cmdline.patch
@@ -0,0 +1,59 @@
+diff -up setools-3.3.7/man/replcon.1.cmdline setools-3.3.7/man/replcon.1
+--- setools-3.3.7/man/replcon.1.cmdline	2007-08-02 17:16:33.000000000 -0400
++++ setools-3.3.7/man/replcon.1	2010-11-17 16:31:01.000000000 -0500
+@@ -44,6 +44,8 @@ Search for files which include PATH.
+ .IP "-c CLASS, --class=CLASS"
+ Search only files of object class CLASS.
+ .SH OPTIONS
++.IP "-R, --regex"
++Enable regular expressions
+ .IP "-v, --verbose"
+ Display context info during replacement.
+ .IP "-h, --help"
+diff -up setools-3.3.7/man/seinfo.1.cmdline setools-3.3.7/man/seinfo.1
+--- setools-3.3.7/man/seinfo.1.cmdline	2010-05-03 12:39:02.000000000 -0400
++++ setools-3.3.7/man/seinfo.1	2010-11-17 16:23:36.000000000 -0500
+@@ -76,6 +76,10 @@ There is no expanded information for thi
+ .IP "--nodecon[=ADDR]"
+ Print a list of node contexts or, if ADDR is provided, print the statement for the node with address ADDR.
+ There is no expanded information for this component.
++.IP "--polcap"
++Print policy capabilities.
++.IP "--permissive"
++Print permissive types.
+ .IP "--portcon[=PORT]"
+ Print a list of port contexts or, if PORT is provided, print the statement for port PORT.
+ There is no expanded information for this component.
+@@ -93,7 +97,7 @@ These details include the types assigned
+ This option is not available for all component types; see the description of each component for the details this option will provide.
+ .IP "--stats"
+ Print policy statistics including policy type and version information and counts of all components and rules.
+-.IP "-l"
++.IP "-l, --line-breaks"
+ Print line breaks when displaying constraint statements.
+ .IP "-h, --help"
+ Print help information and exit.
+diff -up setools-3.3.7/seaudit/seaudit-report.c.cmdline setools-3.3.7/seaudit/seaudit-report.c
+--- setools-3.3.7/seaudit/seaudit-report.c.cmdline	2010-11-17 16:09:48.000000000 -0500
++++ setools-3.3.7/seaudit/seaudit-report.c	2010-11-17 16:11:06.000000000 -0500
+@@ -100,7 +100,7 @@ static void seaudit_report_info_usage(co
+ 	printf("  -s, --stdin              read log data from standard input\n");
+ 	printf("  -m, --malformed          include malformed log messages\n");
+ 	printf("  -o FILE, --output=FILE   output to FILE\n");
+-	printf("  --config=FILE            read configuration from FILE\n");
++	printf("  -c FILE, --config=FILE   read configuration from FILE\n");
+ 	printf("  --html                   set output format to HTML\n");
+ 	printf("  --stylesheet=FILE        HTML style sheet for formatting HTML report\n");
+ 	printf("                           (ignored if --html is not given)\n");
+diff -up setools-3.3.7/sediff/sediff.c.cmdline setools-3.3.7/sediff/sediff.c
+--- setools-3.3.7/sediff/sediff.c.cmdline	2007-08-02 17:16:33.000000000 -0400
++++ setools-3.3.7/sediff/sediff.c	2010-11-17 16:20:01.000000000 -0500
+@@ -420,7 +420,7 @@ int main(int argc, char **argv)
+ 	poldiff_t *diff = NULL;
+ 	size_t total = 0;
+ 
+-	while ((optc = getopt_long(argc, argv, "ctarubANDLMCRqhV", longopts, NULL)) != -1) {
++	while ((optc = getopt_long(argc, argv, "ctarubAqhV", longopts, NULL)) != -1) {
+ 		switch (optc) {
+ 		case 0:
+ 			break;
diff --git a/setools-exitstatus.patch b/setools-exitstatus.patch
new file mode 100644
index 0000000..3500aca
--- /dev/null
+++ b/setools-exitstatus.patch
@@ -0,0 +1,119 @@
+diff -up setools-3.3.7/secmds/seinfo.c.exitstatus setools-3.3.7/secmds/seinfo.c
+--- setools-3.3.7/secmds/seinfo.c.exitstatus	2010-05-03 12:39:02.000000000 -0400
++++ setools-3.3.7/secmds/seinfo.c	2010-11-05 09:54:39.000000000 -0400
+@@ -827,7 +827,7 @@ static int print_sens(FILE * fp, const c
+  */
+ static int print_cats(FILE * fp, const char *name, int expand, const apol_policy_t * policydb)
+ {
+-	int retval = 0;
++	int retval = -1;
+ 	apol_cat_query_t *query = NULL;
+ 	apol_vector_t *v = NULL;
+ 	const qpol_cat_t *cat_datum = NULL;
+@@ -911,9 +911,10 @@ static int print_fsuse(FILE * fp, const 
+ 		fprintf(fp, "   %s\n", tmp);
+ 		free(tmp);
+ 	}
+-	if (type && !apol_vector_get_size(v))
++	if (type && !apol_vector_get_size(v)) {
+ 		ERR(policydb, "No fs_use statement for filesystem of type %s.", type);
+-
++		goto cleanup;
++	}
+ 	retval = 0;
+       cleanup:
+ 	apol_fs_use_query_destroy(&query);
+@@ -949,7 +950,6 @@ static int print_genfscon(FILE * fp, con
+ 		ERR(policydb, "%s", strerror(ENOMEM));
+ 		goto cleanup;
+ 	}
+-
+ 	if (apol_genfscon_query_set_filesystem(policydb, query, type))
+ 		goto cleanup;
+ 	if (apol_genfscon_get_by_query(policydb, query, &v))
+@@ -967,8 +967,10 @@ static int print_genfscon(FILE * fp, con
+ 		free(tmp);
+ 	}
+ 
+-	if (type && !apol_vector_get_size(v))
++	if (type && !apol_vector_get_size(v)) {
+ 		ERR(policydb, "No genfscon statement for filesystem of type %s.", type);
++		goto cleanup;
++	}
+ 
+ 	retval = 0;
+       cleanup:
+@@ -1646,6 +1648,7 @@ cleanup:	// close and destroy iterators 
+ 
+ int main(int argc, char **argv)
+ {
++	int rc = 0;
+ 	int classes, types, attribs, roles, users, all, expand, stats, rt, optc, isids, bools, sens, cats, fsuse, genfs, netif,
+ 		node, port, permissives, polcaps, constrain, linebreaks;
+ 	apol_policy_t *policydb = NULL;
+@@ -1851,46 +1854,46 @@ int main(int argc, char **argv)
+ 
+ 	/* display requested info */
+ 	if (stats || all)
+-		print_stats(stdout, policydb);
++		rc = print_stats(stdout, policydb);
+ 	if (classes || all)
+-		print_classes(stdout, class_name, expand, policydb);
++		rc = print_classes(stdout, class_name, expand, policydb);
+ 	if (types || all)
+-		print_types(stdout, type_name, expand, policydb);
++		rc = print_types(stdout, type_name, expand, policydb);
+ 	if (attribs || all)
+-		print_attribs(stdout, attrib_name, expand, policydb);
++		rc = print_attribs(stdout, attrib_name, expand, policydb);
+ 	if (roles || all)
+-		print_roles(stdout, role_name, expand, policydb);
++		rc = print_roles(stdout, role_name, expand, policydb);
+ 	if (users || all)
+-		print_users(stdout, user_name, expand, policydb);
++		rc = print_users(stdout, user_name, expand, policydb);
+ 	if (bools || all)
+-		print_booleans(stdout, bool_name, expand, policydb);
++		rc = print_booleans(stdout, bool_name, expand, policydb);
+ 	if (sens || all)
+-		print_sens(stdout, sens_name, expand, policydb);
++		rc = print_sens(stdout, sens_name, expand, policydb);
+ 	if (cats || all)
+-		print_cats(stdout, cat_name, expand, policydb);
++		rc = print_cats(stdout, cat_name, expand, policydb);
+ 	if (fsuse || all)
+-		print_fsuse(stdout, fsuse_type, policydb);
++		rc = print_fsuse(stdout, fsuse_type, policydb);
+ 	if (genfs || all)
+-		print_genfscon(stdout, genfs_type, policydb);
++		rc = print_genfscon(stdout, genfs_type, policydb);
+ 	if (netif || all)
+-		print_netifcon(stdout, netif_name, policydb);
++		rc = print_netifcon(stdout, netif_name, policydb);
+ 	if (node || all)
+-		print_nodecon(stdout, node_addr, policydb);
++		rc = print_nodecon(stdout, node_addr, policydb);
+ 	if (port || all)
+-		print_portcon(stdout, port_num, protocol, policydb);
++		rc = print_portcon(stdout, port_num, protocol, policydb);
+ 	if (isids || all)
+-		print_isids(stdout, isid_name, expand, policydb);
++		rc = print_isids(stdout, isid_name, expand, policydb);
+ 	if (permissives || all)
+-		print_permissives(stdout, permissive_name, expand, policydb);
++		rc = print_permissives(stdout, permissive_name, expand, policydb);
+ 	if (polcaps || all)
+-		print_polcaps(stdout, polcap_name, expand, policydb);
++		rc = print_polcaps(stdout, polcap_name, expand, policydb);
+ 	if (constrain || all)
+-		print_constraints(stdout, expand, policydb, linebreaks);
++		rc = print_constraints(stdout, expand, policydb, linebreaks);
+ 
+ 	apol_policy_destroy(&policydb);
+ 	apol_policy_path_destroy(&pol_path);
+ 	free(policy_file);
+-	exit(0);
++	exit(rc);
+ }
+ 
+ /**
diff --git a/setools.spec b/setools.spec
index 7a74be8..b216df7 100644
--- a/setools.spec
+++ b/setools.spec
@@ -17,6 +17,7 @@ Source4: sediffx.desktop
 Patch1: setools-python.patch
 Patch2: setools-exitstatus.patch
 Patch3: setools-neverallow.patch
+Patch4: setools-cmdline.patch
 Summary: Policy analysis tools for SELinux
 Group: System Environment/Base
 Requires: setools-libs = %{version}-%{release} setools-libs-tcl = %{version}-%{release} setools-gui = %{version}-%{release} setools-console = %{version}-%{release}
@@ -191,6 +192,7 @@ This package includes the following graphical tools:
 %patch1 -p 1 -b .python
 %patch2 -p 1 -b .exitstatus
 %patch3 -p 1 -b .neverallow
+%patch4 -p 1 -b .cmdline
 
 # Fixup expected version of SWIG:
 sed -i -e "s|AC_PROG_SWIG(1.3.28)|AC_PROG_SWIG(2.0.0)|g" configure.ac

More information about the scm-commits mailing list