[policycoreutils] Change seunshare to send kill signals to the childs session. Also add signal handler to catch sigint
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Jul 7 18:53:55 UTC 2011
commit a648c6f239252282cd213e9a17887b5ffaf8c15c
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Jul 7 14:53:37 2011 -0400
Change seunshare to send kill signals to the childs session.
Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
policycoreutils-rhat.patch | 4 ++--
policycoreutils.spec | 2 --
2 files changed, 2 insertions(+), 4 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 986eff0..0cbf513 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -2186,7 +2186,7 @@ index 0000000..c69ceda
+and
+.I Thomas Liu <tliu at fedoraproject.org>
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
-index ec692e7..431271f 100644
+index ec692e7..2718a68 100644
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -1,27 +1,35 @@
@@ -3290,7 +3290,7 @@ index ec692e7..431271f 100644
+ /* Make sure all child processes exit */
+ kill(-child,SIGTERM);
+
-+ if (execcon && kill)
++ if (execcon && kill_all)
+ killall(execcon);
+
+ if (tmpdir_r) cleanup_tmpdir(tmpdir_r, tmpdir_s, pwd, 1);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 365c37e..7eb97f1 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -356,8 +356,6 @@ fi
* Wed Jul 6 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-17
- Add -k qualifier to seunshare to have it attempt to kill all processes with
the matching MCS label.
-sandbox will default to using the -k, if the level was not specified.
-This is added to make sure all processes are killed with the sandbox exits.
* Tue Jul 5 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-16
- Add -C option to sandbox and seunshare to maintain capabilities, otherwise
More information about the scm-commits
mailing list