From 8c7652fa1d7b255b1ccaba23c310b4aea1ddc678 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Jan 18 2006 18:55:09 +0000 Subject: * Wed Jan 18 2006 Dan Walsh 1.29.8-2 - Fix chcat -l -L to work while not root --- diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 05fd662..3a061a3 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,7 +1,7 @@ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.29.7/scripts/chcat +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.29.8/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2006-01-18 11:12:43.000000000 -0500 -+++ policycoreutils-1.29.7/scripts/chcat 2006-01-18 10:31:40.000000000 -0500 -@@ -281,6 +282,7 @@ ++++ policycoreutils-1.29.8/scripts/chcat 2006-01-18 13:52:39.000000000 -0500 +@@ -281,6 +281,7 @@ print "Usage %s -d File ..." % sys.argv[0] print "Usage %s -l -d user ..." % sys.argv[0] print "Usage %s -L" % sys.argv[0] @@ -9,7 +9,21 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore print "Use -- to end option list. For example" print "chcat -- -CompanyConfidential /docs/businessplan.odt" print "chcat -l +CompanyConfidential juser" -@@ -350,10 +352,17 @@ +@@ -298,12 +299,8 @@ + return 0 + + def listusercats(users): +- seusers = seobject.loginRecords().get_all() + for u in users: +- if u in seusers.keys(): +- cats=seobject.translate(seusers[u][1]) +- else: +- cats=seobject.translate(seusers["__default__"][1]) ++ cats=seobject.translate(selinux.getseuserbyname(u)[2]) + cats=cats.split("-") + if len(cats) > 1 and cats[1] != "s0": + print "%s: %s" % (u, cats[1]) +@@ -350,10 +347,17 @@ if delete_ind: sys.exit(chcat_replace(["s0"], ["s0"], cmds, login_ind)) @@ -29,9 +43,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycore sys.exit(listusercats(cmds)) else: if len(cmds) > 0: -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.29.7/semanage/seobject.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.29.8/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2006-01-18 11:12:43.000000000 -0500 -+++ policycoreutils-1.29.7/semanage/seobject.py 2006-01-18 11:12:01.000000000 -0500 ++++ policycoreutils-1.29.8/semanage/seobject.py 2006-01-18 13:26:43.000000000 -0500 @@ -421,11 +421,11 @@ rc = semanage_port_modify_local(self.sh, k, p) @@ -107,3 +121,28 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py pol keys=dict.keys() keys.sort() for i in keys: +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setsebool/setsebool.c policycoreutils-1.29.8/setsebool/setsebool.c +--- nsapolicycoreutils/setsebool/setsebool.c 2006-01-04 13:07:46.000000000 -0500 ++++ policycoreutils-1.29.8/setsebool/setsebool.c 2006-01-18 13:27:42.000000000 -0500 +@@ -130,7 +130,7 @@ + + for (j = 0; j < boolcnt; j++) { + +- if (semanage_bool_create(handle, &boolean) < 0) ++ if (semanage_bool_create(handle, &boolean) < 0) + goto err; + + if (semanage_bool_set_name(handle, boolean, boollist[j].name) < 0) +@@ -144,9 +144,10 @@ + if (permanent && semanage_bool_modify_local(handle, bool_key, boolean) < 0) + goto err; + +- if (semanage_bool_set_active(handle, bool_key, boolean) < 0) ++ if (semanage_bool_set_active(handle, bool_key, boolean) < 0) { ++ fprintf(stderr, "Could not change boolean %s\n", boollist[j].name); + goto err; +- ++ } + semanage_bool_key_free(bool_key); + semanage_bool_free(boolean); + bool_key = NULL; diff --git a/policycoreutils.spec b/policycoreutils.spec index 643caf5..e8d8796 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -4,7 +4,7 @@ Summary: SELinux policy core utilities. Name: policycoreutils Version: 1.29.8 -Release: 1 +Release: 2 License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -97,6 +97,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/python2.4/site-packages/seobject.py* %changelog +* Wed Jan 18 2006 Dan Walsh 1.29.8-2 +- Fix chcat -l -L to work while not root + * Wed Jan 18 2006 Dan Walsh 1.29.8-1 - Update to match NSA * Merged semanage fixes from Ivan Gyurdiev.