[policycoreutils/f15/master] Fix sepolgen-ifgen call, add -p option

Daniel J Walsh dwalsh at fedoraproject.org
Wed Mar 23 21:55:31 UTC 2011 

commit 6d8189f15073ff562a63aeaf0c0ebebc38e1e93a
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Wed Mar 23 17:55:22 2011 -0400

    Fix sepolgen-ifgen call, add -p option

 policycoreutils-rhat.patch |   49 +++++++++++++++++++++++--------------------
 policycoreutils.spec       |    6 ++--
 2 files changed, 29 insertions(+), 26 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 3520885..99d6c4d 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -192,7 +192,7 @@ index 6178cc8..b6f386d 100644
  .PP
  .SH AUTHOR
 diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen
-index 03f95a1..466e8ea 100644
+index 03f95a1..dad2009 100644
 --- a/policycoreutils/audit2allow/sepolgen-ifgen
 +++ b/policycoreutils/audit2allow/sepolgen-ifgen
 @@ -1,4 +1,4 @@
@@ -220,11 +220,12 @@ index 03f95a1..466e8ea 100644
  
  def parse_options():
      from optparse import OptionParser
-@@ -44,14 +49,56 @@ def parse_options():
+@@ -44,14 +49,58 @@ def parse_options():
                        help="filename to store output")
      parser.add_option("-i", "--interfaces", dest="headers", default=defaults.headers(),
                        help="location of the interface header files")
 +    parser.add_option("-a", "--attribute_info", dest="attribute_info")
++    parser.add_option("-p", "--policy", dest="policy_path")
      parser.add_option("-v", "--verbose", action="store_true", default=False,
                        help="print debuging output")
      parser.add_option("-d", "--debug", action="store_true", default=False,
@@ -245,9 +246,10 @@ index 03f95a1..466e8ea 100644
 +        return p
 +    return None
 +
-+def get_attrs():
++def get_attrs(policy_path):
 +    try:
-+        policy_path = get_policy()
++        if not policy_path:
++            policy_path = get_policy()
 +        if not policy_path:
 +            sys.stderr.write("No installed policy to check\n")
 +            return None
@@ -277,14 +279,14 @@ index 03f95a1..466e8ea 100644
  
  def main():
      options = parse_options()
-@@ -68,6 +115,14 @@ def main():
+@@ -68,6 +117,14 @@ def main():
      else:
          log = None
  
 +    # Get the attibutes from the binary
 +    attrs = None
 +    if not options.no_attrs:
-+        attrs = get_attrs()
++        attrs = get_attrs(options.policy_path)
 +        if attrs is None:
 +            return 1
 +        
@@ -292,7 +294,7 @@ index 03f95a1..466e8ea 100644
      try:
          headers = refparser.parse_headers(options.headers, output=log, debug=options.debug)
      except ValueError, e:
-@@ -76,7 +131,7 @@ def main():
+@@ -76,7 +133,7 @@ def main():
          return 1
  
      if_set = interfaces.InterfaceSet(output=log)
@@ -2123,7 +2125,7 @@ index 0000000..e7b8991
 +and
 +.I Thomas Liu <tliu at fedoraproject.org>
 diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
-index ec692e7..05a18b3 100644
+index ec692e7..d8171d8 100644
 --- a/policycoreutils/sandbox/seunshare.c
 +++ b/policycoreutils/sandbox/seunshare.c
 @@ -1,28 +1,35 @@
@@ -2335,20 +2337,20 @@ index ec692e7..05a18b3 100644
 +	
 +	if (lstat(dir, st_out) == -1) {
 +		fprintf(stderr, _("Failed to stat %s: %s\n"), dir, strerror(errno));
++		return -1;
++	}
++	if (! S_ISDIR(st_out->st_mode)) {
++		fprintf(stderr, _("Error: %s is not a directory: %s\n"), dir, strerror(errno));
  		return -1;
  	}
 -	if (sb.st_uid != pwd->pw_uid) {
 -		errno = EPERM;
 -		syslog(LOG_AUTHPRIV | LOG_ALERT, "%s attempted to mount an invalid directory, %s", pwd->pw_name, mntdir);
 -		perror(_("Invalid mount point, reporting to administrator"));
-+	if (! S_ISDIR(st_out->st_mode)) {
-+		fprintf(stderr, _("Error: %s is not a directory: %s\n"), dir, strerror(errno));
- 		return -1;
- 	}
 +	if (st_in && !equal_stats(st_in, st_out)) {
 +		fprintf(stderr, _("Error: %s was replaced by a different directory\n"), dir);
-+		return -1;
-+	}
+ 		return -1;
+ 	}
 +
  	return 0;
  }
@@ -2362,7 +2364,7 @@ index ec692e7..05a18b3 100644
  			break;
  		}
  	}
-@@ -131,45 +236,519 @@ static int verify_shell(const char *shell_name)
+@@ -131,45 +236,520 @@ static int verify_shell(const char *shell_name)
  	return rc;
  }
  
@@ -2794,6 +2796,11 @@ index ec692e7..05a18b3 100644
 +			fprintf(stderr, _("Failed to get context of the directory %s: %s\n"), src, strerror(errno));
 +			goto err;
 +		}
++
++		if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
++			goto err;
++		}
++
 +		/* ok to not reach this if there is an error */
 +		setfsuid(0);
 +	}
@@ -2846,10 +2853,6 @@ index ec692e7..05a18b3 100644
 +		}
 +	}
 +
-+	if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
-+		goto err;
-+	}
-+
 +	if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
 +		fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
 +		cleanup_tmpdir(tmpdir, src, pwd, 0);
@@ -2896,7 +2899,7 @@ index ec692e7..05a18b3 100644
  		{NULL, 0, 0, 0}
  	};
  
-@@ -180,6 +759,12 @@ int main(int argc, char **argv) {
+@@ -180,6 +760,12 @@ int main(int argc, char **argv) {
  		return -1;
  	}
  
@@ -2909,7 +2912,7 @@ index ec692e7..05a18b3 100644
  	struct passwd *pwd=getpwuid(uid);
  	if (!pwd) {
  		perror(_("getpwduid failed"));
-@@ -187,34 +772,30 @@ int main(int argc, char **argv) {
+@@ -187,34 +773,30 @@ int main(int argc, char **argv) {
  	}
  
  	if (verify_shell(pwd->pw_shell) < 0) {
@@ -2955,7 +2958,7 @@ index ec692e7..05a18b3 100644
  			break;
  		default:
  			fprintf(stderr, "%s\n", USAGE_STRING);
-@@ -223,76 +804,84 @@ int main(int argc, char **argv) {
+@@ -223,76 +805,84 @@ int main(int argc, char **argv) {
  	}
  
  	if (! homedir_s && ! tmpdir_s) {
@@ -3089,7 +3092,7 @@ index ec692e7..05a18b3 100644
  		if (display) 
  			rc |= setenv("DISPLAY", display, 1);
  		rc |= setenv("HOME", pwd->pw_dir, 1);
-@@ -300,22 +889,41 @@ int main(int argc, char **argv) {
+@@ -300,22 +890,41 @@ int main(int argc, char **argv) {
  		rc |= setenv("USER", pwd->pw_name, 1);
  		rc |= setenv("LOGNAME", pwd->pw_name, 1);
  		rc |= setenv("PATH", DEFAULT_PATH, 1);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 623e472..6da2a16 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.85
-Release: 25%{?dist}
+Release: 26%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -331,8 +331,8 @@ fi
 exit 0
 
 %changelog
-* Wed Mar 23 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-25
-- Fix sepolgen-ifgen call
+* Wed Mar 23 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-26
+- Fix sepolgen-ifgen call, add -p option
 
 * Fri Mar 18 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-24
 - Fix rsync command to work if the directory is old.

More information about the scm-commits mailing list