[drbdlinks] - Handle visible SELinux range label if mcstrans is not used - Added configuration file for tmpfiles
Robert Scheck
robert at fedoraproject.org
Sun Jul 17 17:17:59 UTC 2011
commit 1c3013d6f9310d3ec897557b9d40c9ec95b11dcd
Author: Robert Scheck <robert at fedoraproject.org>
Date: Sun Jul 17 19:17:44 2011 +0200
- Handle visible SELinux range label if mcstrans is not used
- Added configuration file for tmpfiles handling (#656578)
- Added logrotate configuration to ignore possible *.drbdlinks
drbdlinks-1.19-selinux.patch | 24 ++++++++++++++++++++++++
drbdlinks.logrotate | 2 ++
drbdlinks.spec | 23 ++++++++++++++++++++++-
drbdlinks.tmpfiles | 2 ++
4 files changed, 50 insertions(+), 1 deletions(-)
---
diff --git a/drbdlinks-1.19-selinux.patch b/drbdlinks-1.19-selinux.patch
new file mode 100644
index 0000000..40d9a3f
--- /dev/null
+++ b/drbdlinks-1.19-selinux.patch
@@ -0,0 +1,24 @@
+Patch by Robert Scheck <robert at fedoraproject.org> for drbdlinks <= 1.19, which
+fixes "ValueError: too many values to unpack" if the SELinux filesystem element
+label includes range as well, e.g. "system_u:object_r:admin_home_t:s0" rather
+only "system_u:object_r:admin_home_t". If you are running mcstrans daemon, you
+will also maybe not see the range. As drbdlinks is also still in use on systems
+with Red Hat Enterprise Linux 4, this patch should be python 2.3 compatible.
+
+--- drbdlinks-1.19/drbdlinks 2011-05-06 01:48:53.000000000 +0200
++++ drbdlinks-1.19/drbdlinks.selinux 2011-07-09 15:32:23.000000000 +0200
+@@ -328,9 +328,11 @@
+ fp.close()
+ if line:
+ line = string.split(line, ' ')[0]
+- seUser, seRole, seType = string.split(line, ':')
+- os.system('chcon -h -u "%s" -r "%s" -t "%s" "%s"'
+- % ( seUser, seRole, seType, linkLocal ))
++ seUser, seRole, seType, seRange = (string.split(line, ':') + [None] * 4)[:4]
++ if seRange:
++ os.system('chcon -h -u "%s" -r "%s" -t "%s" -l "%s" "%s"' % ( seUser, seRole, seType, seRange, linkLocal ))
++ else:
++ os.system('chcon -h -u "%s" -r "%s" -t "%s" "%s"' % ( seUser, seRole, seType, linkLocal ))
+
+ if anyLinksChanged:
+ if restartSyslog(config): errorCount = errorCount + 1
diff --git a/drbdlinks.logrotate b/drbdlinks.logrotate
new file mode 100644
index 0000000..055d48a
--- /dev/null
+++ b/drbdlinks.logrotate
@@ -0,0 +1,2 @@
+# Ignore possible logrotate copies caused by drbdlinks
+tabooext + .drbdlinks
diff --git a/drbdlinks.spec b/drbdlinks.spec
index a1e9323..f909f6f 100644
--- a/drbdlinks.spec
+++ b/drbdlinks.spec
@@ -1,12 +1,15 @@
Summary: A program for managing links into a DRBD shared partition
Name: drbdlinks
Version: 1.19
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Group: Applications/System
URL: http://www.tummy.com/Community/software/%{name}/
Source0: ftp://ftp.tummy.com/pub/tummy/%{name}/%{name}-%{version}.tar.gz
Source1: drbdlinksclean
+Source2: drbdlinks.logrotate
+Source3: drbdlinks.tmpfiles
+Patch0: drbdlinks-1.19-selinux.patch
Requires: python
Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig
@@ -32,6 +35,7 @@ partition isn't mounted, the links are in their normal state.
%prep
%setup -q
+%patch0 -p1 -b .selinux
%build
@@ -49,6 +53,14 @@ install -p -m 644 %{name}.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}.conf
install -p -m 755 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/drbdlinksclean
install -p -m 644 %{name}.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}.8
+# Install logrotate extension
+install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/%{name}
+
+# Install tmpfiles configuration
+%if 0%{?fedora} >= 15
+install -D -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/%{name}.conf
+%endif
+
%clean
rm -rf $RPM_BUILD_ROOT
@@ -66,12 +78,21 @@ fi
%doc LICENSE README WHATSNEW
%{_sysconfdir}/rc.d/init.d/drbdlinksclean
%config(noreplace) %{_sysconfdir}/%{name}.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%if 0%{?fedora} >= 15
+%config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
+%endif
%{_sbindir}/%{name}
%{_sysconfdir}/ha.d/
%{_mandir}/man8/%{name}.8*
%{_localstatedir}/run/%{name}/
%changelog
+* Sun Jul 17 2011 Robert Scheck <robert at fedoraproject.org> 1.19-2
+- Handle visible SELinux range label if mcstrans is not used
+- Added configuration file for tmpfiles handling (#656578)
+- Added logrotate configuration to ignore possible *.drbdlinks
+
* Mon May 16 2011 Robert Scheck <robert at fedoraproject.org> 1.19-1
- Upgrade to 1.19
diff --git a/drbdlinks.tmpfiles b/drbdlinks.tmpfiles
new file mode 100644
index 0000000..56fdce6
--- /dev/null
+++ b/drbdlinks.tmpfiles
@@ -0,0 +1,2 @@
+d /var/run/drbdlinks 0755 root root -
+d /var/run/drbdlinks/configs-to-clean 0755 root root -
More information about the scm-commits
mailing list