[policycoreutils] Fix setsebool command, handling of = broken.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu May 24 09:55:49 UTC 2012
commit 03b8834355364b97a762ca2d2560e2ddaa28adf0
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu May 24 05:55:35 2012 -0400
Fix setsebool command, handling of = broken.
- Add missing error option in booleansPage
policycoreutils-rhat.patch | 72 ++++++++++++++++++++++++++++++++++---------
policycoreutils.spec | 6 +++-
2 files changed, 62 insertions(+), 16 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 47bf144..f8caa4f 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -89,10 +89,10 @@ index 0000000..53efa84
+relabel:
diff --git a/policycoreutils/gui/booleansPage.py b/policycoreutils/gui/booleansPage.py
new file mode 100644
-index 0000000..dca786d
+index 0000000..1216255
--- /dev/null
+++ b/policycoreutils/gui/booleansPage.py
-@@ -0,0 +1,247 @@
+@@ -0,0 +1,258 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -233,6 +233,15 @@ index 0000000..dca786d
+ self.filter=""
+ self.load(self.filter)
+
++ def error(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++ gtk.BUTTONS_CLOSE,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
+ def __search(self, model, col, key, i):
+ sort_col = self.store.get_sort_column_id()[0]
+ if sort_col > 0:
@@ -310,8 +319,10 @@ index 0000000..dca786d
+ key = self.store.get_value(iter, BOOLEAN)
+ self.store.set_value(iter, ACTIVE , not val)
+ self.wait()
-+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
-+ commands.getstatusoutput(setsebool)
++ setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val)
++ rc,out = commands.getstatusoutput(setsebool)
++ if rc != 0:
++ self.error(out)
+ self.load(self.filter)
+ self.ready()
+
@@ -5946,10 +5957,10 @@ index 0000000..55bad9d
+</glade-interface>
diff --git a/policycoreutils/gui/polgen.py b/policycoreutils/gui/polgen.py
new file mode 100644
-index 0000000..5a73fa3
+index 0000000..2a7c61e
--- /dev/null
+++ b/policycoreutils/gui/polgen.py
-@@ -0,0 +1,1370 @@
+@@ -0,0 +1,1372 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2007-2012 Red Hat
@@ -7306,9 +7317,11 @@ index 0000000..5a73fa3
+ usage(_("Executable or Name required"))
+
+ try:
++ cmd = os.path.realpath(cmds[0])
+ if not name:
-+ name = os.path.basename(cmds[0]).replace("-","_")
-+ cmd = cmds[0]
++ name = os.path.basename(cmd).replace("-","_")
++
++ print("Generating Policy for %s named %s" % (cmd, name))
+ mypolicy = policy(name, setype)
+ if setype not in USERS + [ SANDBOX ]:
+ mypolicy.set_program(cmd)
@@ -287455,7 +287468,7 @@ index 2b66bad..38abeb8 100644
This manual page was written by Dan Walsh <dwalsh at redhat.com>.
The program was written by Tresys Technology.
diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
-index d6c041b..ba118f3 100644
+index d6c041b..db1d1e1 100644
--- a/policycoreutils/setsebool/setsebool.c
+++ b/policycoreutils/setsebool/setsebool.c
@@ -6,6 +6,7 @@
@@ -287466,7 +287479,7 @@ index d6c041b..ba118f3 100644
#include <pwd.h>
#include <selinux/selinux.h>
#include <semanage/handle.h>
-@@ -15,13 +16,14 @@
+@@ -15,21 +16,22 @@
#include <errno.h>
int permanent = 0;
@@ -287482,16 +287495,17 @@ index d6c041b..ba118f3 100644
stderr);
exit(1);
}
-@@ -29,7 +31,7 @@ void usage(void)
+
int main(int argc, char **argv)
{
- size_t rc, start;
+- size_t rc, start;
-
++ size_t rc;
+ int clflag; /* holds codes for command line flags */
if (argc < 2)
usage();
-@@ -38,14 +40,30 @@ int main(int argc, char **argv)
+@@ -38,37 +40,52 @@ int main(int argc, char **argv)
return 1;
}
@@ -287524,11 +287538,39 @@ index d6c041b..ba118f3 100644
+ usage();
+ }
-+ start = argc-optind;
/* Check to see which way we are being called. If a '=' is passed,
we'll enforce the list syntax. If not we'll enforce the original
syntax for backward compatibility. */
-@@ -165,7 +183,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
+- if (strchr(argv[start], '=') == 0) {
++ if (strchr(argv[optind], '=') == 0) {
+ int len;
+ char *bool_list[1];
+
+- if ((argc - start) != 2)
++ if ((argc - optind) != 2)
+ usage();
+
+ /* Add 1 for the '=' */
+- len = strlen(argv[start]) + strlen(argv[start + 1]) + 2;
++ len = strlen(argv[optind]) + strlen(argv[optind + 1]) + 2;
+ bool_list[0] = (char *)malloc(len);
+ if (bool_list[0] == 0) {
+ fputs("Out of memory - aborting\n", stderr);
+ return 1;
+ }
+- snprintf(bool_list[0], len, "%s=%s", argv[start],
+- argv[start + 1]);
++ snprintf(bool_list[0], len, "%s=%s", argv[optind],
++ argv[optind + 1]);
+ rc = setbool(bool_list, 0, 1);
+ free(bool_list[0]);
+ } else
+- rc = setbool(argv, start, argc);
++ rc = setbool(argv, optind, argc);
+
+ return rc;
+ }
+@@ -165,7 +182,7 @@ static int semanage_set_boolean_list(size_t boolcnt,
boolean = NULL;
}
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 90cbdfa..d4a4a46 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.11
-Release: 15%{?dist}
+Release: 16%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -340,6 +340,10 @@ fi
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Thu May 24 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-16
+- Fix setsebool command, handling of = broken.
+- Add missing error option in booleansPage
+
* Fri May 18 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-15
- Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
- Trigger on selinux-policy needs to change to selinux-policy-devel
More information about the scm-commits
mailing list