[drbdlinks] - Handle visible SELinux range label if mcstrans is not used - Added configuration file for tmpfiles

Robert Scheck robert at fedoraproject.org
Sun Jul 17 17:17:59 UTC 2011 

commit 1c3013d6f9310d3ec897557b9d40c9ec95b11dcd
Author: Robert Scheck <robert at fedoraproject.org>
Date:   Sun Jul 17 19:17:44 2011 +0200

    - Handle visible SELinux range label if mcstrans is not used
    - Added configuration file for tmpfiles handling (#656578)
    - Added logrotate configuration to ignore possible *.drbdlinks

 drbdlinks-1.19-selinux.patch |   24 ++++++++++++++++++++++++
 drbdlinks.logrotate          |    2 ++
 drbdlinks.spec               |   23 ++++++++++++++++++++++-
 drbdlinks.tmpfiles           |    2 ++
 4 files changed, 50 insertions(+), 1 deletions(-)
---
diff --git a/drbdlinks-1.19-selinux.patch b/drbdlinks-1.19-selinux.patch
new file mode 100644
index 0000000..40d9a3f
--- /dev/null
+++ b/drbdlinks-1.19-selinux.patch
@@ -0,0 +1,24 @@
+Patch by Robert Scheck <robert at fedoraproject.org> for drbdlinks <= 1.19, which
+fixes "ValueError: too many values to unpack" if the SELinux filesystem element
+label includes range as well, e.g. "system_u:object_r:admin_home_t:s0" rather
+only "system_u:object_r:admin_home_t". If you are running mcstrans daemon, you
+will also maybe not see the range. As drbdlinks is also still in use on systems
+with Red Hat Enterprise Linux 4, this patch should be python 2.3 compatible.
+
+--- drbdlinks-1.19/drbdlinks			2011-05-06 01:48:53.000000000 +0200
++++ drbdlinks-1.19/drbdlinks.selinux		2011-07-09 15:32:23.000000000 +0200
+@@ -328,9 +328,11 @@
+ 			fp.close()
+ 			if line:
+ 				line = string.split(line, ' ')[0]
+-				seUser, seRole, seType = string.split(line, ':')
+-				os.system('chcon -h -u "%s" -r "%s" -t "%s" "%s"'
+-						% ( seUser, seRole, seType, linkLocal ))
++				seUser, seRole, seType, seRange = (string.split(line, ':') + [None] * 4)[:4]
++				if seRange:
++					os.system('chcon -h -u "%s" -r "%s" -t "%s" -l "%s" "%s"' % ( seUser, seRole, seType, seRange, linkLocal ))
++				else:
++					os.system('chcon -h -u "%s" -r "%s" -t "%s" "%s"' % ( seUser, seRole, seType, linkLocal ))
+ 	
+ 	if anyLinksChanged:
+ 		if restartSyslog(config): errorCount = errorCount + 1
diff --git a/drbdlinks.logrotate b/drbdlinks.logrotate
new file mode 100644
index 0000000..055d48a
--- /dev/null
+++ b/drbdlinks.logrotate
@@ -0,0 +1,2 @@
+# Ignore possible logrotate copies caused by drbdlinks
+tabooext + .drbdlinks
diff --git a/drbdlinks.spec b/drbdlinks.spec
index a1e9323..f909f6f 100644
--- a/drbdlinks.spec
+++ b/drbdlinks.spec
@@ -1,12 +1,15 @@
 Summary:         A program for managing links into a DRBD shared partition
 Name:            drbdlinks
 Version:         1.19
-Release:         1%{?dist}
+Release:         2%{?dist}
 License:         GPLv2
 Group:           Applications/System
 URL:             http://www.tummy.com/Community/software/%{name}/
 Source0:         ftp://ftp.tummy.com/pub/tummy/%{name}/%{name}-%{version}.tar.gz
 Source1:         drbdlinksclean
+Source2:         drbdlinks.logrotate
+Source3:         drbdlinks.tmpfiles
+Patch0:          drbdlinks-1.19-selinux.patch
 Requires:        python
 Requires(post):  /sbin/chkconfig
 Requires(preun): /sbin/chkconfig
@@ -32,6 +35,7 @@ partition isn't mounted, the links are in their normal state.
 
 %prep
 %setup -q
+%patch0 -p1 -b .selinux
 
 %build
 
@@ -49,6 +53,14 @@ install -p -m 644 %{name}.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}.conf
 install -p -m 755 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/drbdlinksclean
 install -p -m 644 %{name}.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}.8
 
+# Install logrotate extension
+install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/%{name}
+
+# Install tmpfiles configuration
+%if 0%{?fedora} >= 15
+install -D -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/%{name}.conf
+%endif
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -66,12 +78,21 @@ fi
 %doc LICENSE README WHATSNEW
 %{_sysconfdir}/rc.d/init.d/drbdlinksclean
 %config(noreplace) %{_sysconfdir}/%{name}.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%if 0%{?fedora} >= 15
+%config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
+%endif
 %{_sbindir}/%{name}
 %{_sysconfdir}/ha.d/
 %{_mandir}/man8/%{name}.8*
 %{_localstatedir}/run/%{name}/
 
 %changelog
+* Sun Jul 17 2011 Robert Scheck <robert at fedoraproject.org> 1.19-2
+- Handle visible SELinux range label if mcstrans is not used
+- Added configuration file for tmpfiles handling (#656578)
+- Added logrotate configuration to ignore possible *.drbdlinks
+
 * Mon May 16 2011 Robert Scheck <robert at fedoraproject.org> 1.19-1
 - Upgrade to 1.19
 
diff --git a/drbdlinks.tmpfiles b/drbdlinks.tmpfiles
new file mode 100644
index 0000000..56fdce6
--- /dev/null
+++ b/drbdlinks.tmpfiles
@@ -0,0 +1,2 @@
+d /var/run/drbdlinks 0755 root root -
+d /var/run/drbdlinks/configs-to-clean 0755 root root -

More information about the scm-commits mailing list