psss / rpms / policycoreutils

Forked from rpms/policycoreutils 5 years ago
Clone
Source Code
GIT

Files

  1.   f22a263f26cd0d29cadbe6ff392b37b5dd7ce460
  2.   policycoreutils-rhat.patch
Blob Blame History Raw 
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.5/restorecon/restorecon.c
--- nsapolicycoreutils/restorecon/restorecon.c	2005-01-25 10:32:01.000000000 -0500
+++ policycoreutils-1.21.5/restorecon/restorecon.c	2005-01-28 10:40:23.000000000 -0500
@@ -188,7 +188,7 @@
 	  fprintf(stderr,
 		  "%s:  error while labeling files under %s\n",
 		  progname, buf);
-	  exit(1);
+	  errors++;
 	}
       }
       else
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.5/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles	2005-01-26 11:30:57.000000000 -0500
+++ policycoreutils-1.21.5/scripts/fixfiles	2005-01-28 11:16:21.000000000 -0500
@@ -37,10 +37,12 @@
 SELINUXTYPE="targeted"
 if [ -e /etc/selinux/config ]; then
     . /etc/selinux/config
+    FILE_CONTEXT=/etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts 
     FC=`mktemp /etc/selinux/${SELINUXTYPE}/contexts/files/file_context.XXXXXX`
-    cat /etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts /etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts.local > $FC 2> /dev/null
+    cat ${FILE_CONTEXT} ${FILE_CONTEXT}.local > $FC 2> /dev/null
 else
-    FC=/etc/security/selinux/file_contexts
+    FILE_CONTEXT=/etc/security/selinux/file_contexts
+    FC=${FILE_CONTEXT}
 fi
 
 cleanup() {
@@ -60,7 +62,24 @@
     echo $1 >> $LOGFILE
 fi
 }
-
+#
+# Compare PREVious File Context to currently installed File Context and 
+# run restorecon on all files affected by the differences.
+#
+diff_filecontext() {
+if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
+	TEMPFILE=`mktemp /var/tmp/${SELINUXTYPE}.XXXXXXXXXX`
+	test -z "$TEMPFILE" && exit
+	/usr/bin/diff $PREFC $FILE_CONTEXT | egrep '^[<>]'|cut -c3-| grep ^/ | \
+        sed -e 's,\\.*,*,g' -e 's,(.*,*,g' -e 's,\[.*,*,g' -e 's,\..*,*,g' \
+            -e 's,[[:blank:]].*,,g' -e 's,\?.*,*,g' | sort -u | \
+        while read pattern ; do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null ; then echo "$pattern"; case "$pattern" in *"*") echo "$pattern" |sed 's,\*$,,g'>> ${TEMPFILE};;  esac; fi; done | \
+	while read pattern ; do find $pattern -print; done 2> /dev/null | \
+	${RESTORECON} $2 -v -f - 
+	rm -f ${TEMPFILE}
+fi
+}
 #
 # Log all Read Only file systems 
 #
@@ -80,6 +99,10 @@
 # if called with -n will only check file context
 #
 restore () {
+if [ ! -z "$PREFC" ]; then
+    diff_filecontext $1
+    exit $?
+fi
 if [ ! -z "$RPMFILES" ]; then
     for i in `echo $RPMFILES | sed 's/,/ /g'`; do
 	rpmlist $i | ${RESTORECON} ${OUTFILES} -R $1 -v -f - 2>&1 >> $LOGFILE
@@ -128,7 +151,7 @@
 usage() {
       	echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
 	echo or
-      	echo $"Usage: $0 -R rpmpackage[,rpmpackage...] [-l logfile ] [-o outputfile ] { check | restore }"
+      	echo $"Usage: $0 -R rpmpackage[,rpmpackage...] -C PREVIOUS_FILECONTEXT [-l logfile ] [-o outputfile ] { check | restore }"
 }
 
 if [ $# = 0 ]; then
@@ -137,7 +160,7 @@
 fi
 
 # See how we were called.
-while getopts "Fo:R:l:" i; do
+while getopts "C:Fo:R:l:" i; do
     case "$i" in
 	F)
 	fullFlag=1
@@ -151,6 +174,9 @@
         l)
 		LOGFILE=$OPTARG
 		;;
+        C)
+		PREFC=$OPTARG
+		;;
 	*)
 	    usage
 	    exit 1
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.