[shadow-utils] - fix selinux context handling - reset selinux context on files copied from skel
Peter Vrabec
pvrabec at fedoraproject.org
Thu Mar 22 15:53:42 UTC 2012
commit 8994f4c05c66aa363cf443dbc69a8b60025965b2
Author: Peter Vrabec <pvrabec at redhat.com>
Date: Thu Mar 22 16:51:40 2012 +0100
- fix selinux context handling
- reset selinux context on files copied from skel
shadow-4.1.5-selinux.patch | 41 +++++++++++++++++++++++++++++++++++++++++
shadow-utils.spec | 8 +++++++-
2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/shadow-4.1.5-selinux.patch b/shadow-4.1.5-selinux.patch
new file mode 100644
index 0000000..d138e58
--- /dev/null
+++ b/shadow-4.1.5-selinux.patch
@@ -0,0 +1,41 @@
+diff -up shadow-4.1.5/lib/commonio.c.selinux shadow-4.1.5/lib/commonio.c
+--- shadow-4.1.5/lib/commonio.c.selinux 2011-12-09 23:23:16.000000000 +0100
++++ shadow-4.1.5/lib/commonio.c 2012-03-22 16:42:00.952464092 +0100
+@@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *
+
+ snprintf (buf, sizeof buf, "%s+", db->filename);
+
++#ifdef WITH_SELINUX
++ if (set_selinux_file_context (buf) != 0) {
++ errors++;
++ }
++#endif
++
+ db->fp = fopen_set_perms (buf, "w", &sb);
+ if (NULL == db->fp) {
+ goto fail;
+@@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *
+ goto fail;
+ }
+
++#ifdef WITH_SELINUX
++ if (reset_selinux_file_context () != 0) {
++ goto fail;
++ }
++#endif
++
+ nscd_need_reload = true;
+ goto success;
+ fail:
+diff -up shadow-4.1.5/src/useradd.c.selinux shadow-4.1.5/src/useradd.c
+--- shadow-4.1.5/src/useradd.c.selinux 2012-03-22 16:46:11.007377548 +0100
++++ shadow-4.1.5/src/useradd.c 2012-03-22 16:46:35.037251897 +0100
+@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
+ if (mflg) {
+ create_home ();
+ if (home_added) {
+- copy_tree (def_template, user_home, false, false,
++ copy_tree (def_template, user_home, false, true,
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
+ } else {
+ fprintf (stderr,
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 11c5f0e..269fb40 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
Version: 4.1.5
-Release: 1%{?dist}
+Release: 2%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@@ -13,6 +13,7 @@ Patch2: shadow-4.1.4.2-infoParentDir.patch
Patch3: shadow-4.1.5-uflg.patch
Patch4: shadow-4.1.5-man.patch
Patch5: shadow-4.1.5-grremove.patch
+Patch6: shadow-4.1.5-selinux.patch
License: BSD and GPLv2+
Group: System Environment/Base
BuildRequires: libselinux-devel >= 1.25.2-1
@@ -47,6 +48,7 @@ are used for managing group accounts.
%patch3 -p1 -b .uflg
%patch4 -p1 -b .man
%patch5 -p1 -b .grremove
+%patch6 -p1 -b .selinux
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
@@ -202,6 +204,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8*
%changelog
+* Wed Mar 22 2012 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.5-2
+- fix selinux context handling
+- reset selinux context on files copied from skel
+
* Mon Mar 19 2012 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.5-1
- upgrade
More information about the scm-commits
mailing list