[libsemanage/f16] Add Stephen Smalley patch to make sure selinux config files are created with the correct permissions
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 20 19:42:02 UTC 2011
commit 018c5c8f382e0c86b7526e4cf2f615c884235e96
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Oct 20 15:41:58 2011 -0400
Add Stephen Smalley patch to make sure selinux config files are created with the correct permissions,
ignoring the umask
libsemanage-umask.patch | 30 ++++++++++++++++++++++++++++++
libsemanage.spec | 8 +++++++-
2 files changed, 37 insertions(+), 1 deletions(-)
---
diff --git a/libsemanage-umask.patch b/libsemanage-umask.patch
new file mode 100644
index 0000000..b909686
--- /dev/null
+++ b/libsemanage-umask.patch
@@ -0,0 +1,30 @@
+diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
+index e322992..a223aa7 100644
+--- a/libsemanage/src/semanage_store.c
++++ b/libsemanage/src/semanage_store.c
+@@ -495,6 +495,7 @@ static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
+ int in, out, retval = 0, amount_read, n, errsv = errno;
+ char tmp[PATH_MAX];
+ char buf[4192];
++ mode_t mask;
+
+ n = snprintf(tmp, PATH_MAX, "%s.tmp", dst);
+ if (n < 0 || n >= PATH_MAX)
+@@ -506,13 +507,16 @@ static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
+
+ if (!mode)
+ mode = S_IRUSR | S_IWUSR;
+-
++
++ mask = umask(0);
+ if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) {
++ umask(mask);
+ errsv = errno;
+ close(in);
+ retval = -1;
+ goto out;
+ }
++ umask(mask);
+ while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) {
+ if (write(out, buf, amount_read) < 0) {
+ errsv = errno;
diff --git a/libsemanage.spec b/libsemanage.spec
index 593dfd5..a23ac76 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -10,11 +10,12 @@
Summary: SELinux binary policy manipulation library
Name: libsemanage
Version: 2.1.2
-Release: 1%{?dist}
+Release: 1.1%{?dist}
License: LGPLv2+
Group: System Environment/Libraries
Source: libsemanage-%{version}.tgz
Patch: libsemanage-rhat.patch
+Patch1: libsemanage-umask.patch
URL: http://oss.tresys.com/git/selinux.git
Source1: semanage.conf
@@ -86,6 +87,7 @@ SELinux management applications.
%prep
%setup -q
%patch -p2 -b .rhat
+%patch1 -p2 -b .umask
%build
# To support building the Python wrapper against multiple Python runtimes
@@ -179,6 +181,10 @@ rm -rf ${RPM_BUILD_ROOT}
%endif # if with_python3
%changelog
+* Thu Oct 20 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.2-1.1
+- Add Stephen Smalley patch to make sure selinux config files are created with the correct permissions,
+- ignoring the umask
+
* Thu Aug 18 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.2-1
-Update to upstream
2.1.2 2011-08-17
More information about the scm-commits
mailing list