From e1affd86ed501af1666f5d39505707f913b3aebf Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jan 24 2005 16:26:39 +0000
Subject: * Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-1

- Upgrade to latest from NSA
	* Fixed restorecon to not treat errors from is_context_customizable()
	  as a customizable context.
	* Merged setfiles/restorecon patch to not reset user field unless
	  -F option is specified from Dan Walsh.
	* Merged open_init_pty helper for run_init from Manoj Srivastava.
	* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.

---

diff --git a/.cvsignore b/.cvsignore
index 9c83adb..f9c8fab 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -7,3 +7,4 @@ policycoreutils-1.19.2.tgz
 policycoreutils-1.19.3.tgz
 policycoreutils-1.20.1.tgz
 policycoreutils-1.21.1.tgz
+policycoreutils-1.21.3.tgz
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index a82dcd4..85acc1d 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1,56 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.1/restorecon/restorecon.c
---- nsapolicycoreutils/restorecon/restorecon.c	2005-01-20 15:59:21.000000000 -0500
-+++ policycoreutils-1.21.1/restorecon/restorecon.c	2005-01-21 13:55:19.371402000 -0500
-@@ -50,15 +50,12 @@
- static int only_changed_user(const char *a, const char *b)
- {
- 	char *rest_a, *rest_b; /* Rest of the context after the user */
--	if (!a || !b)
--		return 0;
-+	if (force) return 0;
-+	if (!a || !b) return 0;
- 	rest_a = strchr(a, ':');
- 	rest_b = strchr(b, ':');
--	if (!rest_a || !rest_b)
--		return 0;
--	if (strcmp(rest_a, rest_b) == 0)
--		return 1;
--	return 0;
-+	if (!rest_a || !rest_b) return 0;
-+	return  (strcmp(rest_a, rest_b) == 0);
- }
- 
- void usage(const char * const name)
-@@ -75,6 +72,7 @@
-   int len=strlen(filename);
-   struct stat st;
-   char path[PATH_MAX+1];
-+  int user_only_changed=0;
-   /* 
-      Eliminate trailing /
-   */
-@@ -139,7 +137,8 @@
-       if (outfile) {
- 	fprintf(outfile, "%s\n", filename);
-       }
--      if (change) {
-+      user_only_changed = only_changed_user(scontext, prev_context);
-+      if (change && !user_only_changed) {
- 	retval=lsetfilecon(filename,scontext);
-       }
-       if (retval<0) {
-@@ -151,7 +150,7 @@
- 	  return 1;
-       } else 	
- 	      if (verbose && 
--		  (verbose > 1 || !only_changed_user(scontext, prev_context)))
-+		  (verbose > 1 || !user_only_changed))
- 		      fprintf(stderr,"%s reset context %s:%s->%s\n",
- 			      progname, filename, (retcontext >= 0 ? prev_context : ""), scontext);
-     }
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.1/scripts/fixfiles
---- nsapolicycoreutils/scripts/fixfiles	2005-01-20 15:59:21.000000000 -0500
-+++ policycoreutils-1.21.1/scripts/fixfiles	2005-01-21 13:55:29.074689000 -0500
+--- nsapolicycoreutils/scripts/fixfiles	2005-01-24 11:19:10.103136000 -0500
++++ policycoreutils-1.21.1/scripts/fixfiles	2005-01-24 11:19:28.998223000 -0500
 @@ -37,11 +37,19 @@
  SELINUXTYPE="targeted"
  if [ -e /etc/selinux/config ]; then
@@ -72,75 +22,3 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
  #
  # Log to either syslog or a LOGFILE
  #
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.21.1/setfiles/setfiles.c
---- nsapolicycoreutils/setfiles/setfiles.c	2005-01-20 15:59:22.000000000 -0500
-+++ policycoreutils-1.21.1/setfiles/setfiles.c	2005-01-21 13:55:19.386387000 -0500
-@@ -583,13 +583,12 @@
- static int only_changed_user(const char *a, const char *b)
- {
- 	char *rest_a, *rest_b; /* Rest of the context after the user */
-+	if (force) return 0;
-+	if (!a || !b) return 0;
- 	rest_a = strchr(a, ':');
- 	rest_b = strchr(b, ':');
--	if (!rest_a || !rest_b)
--		return 0;
--	if (strcmp(rest_a, rest_b) == 0)
--		return 1;
--	return 0;
-+	if (!rest_a || !rest_b) return 0;
-+	return  (strcmp(rest_a, rest_b) == 0);
- }
- 
- /*
-@@ -605,6 +604,7 @@
- 	struct stat my_sb;
- 	int i, ret;
- 	char *context; 
-+	int user_only_changed=0;
- 
- 	/* Skip the extra slash at the beginning, if present. */
- 	if (file[0] == '/' && file[1] == '/')
-@@ -666,6 +666,8 @@
- 		}
- 	}
- 
-+	user_only_changed=only_changed_user(context, spec_arr[i].context);
-+
- 	/*
- 	 * Do not relabel the file if the matching specification is 
- 	 * <<none>> or the file is already labeled according to the 
-@@ -690,21 +692,18 @@
- 		/* If we're just doing "-v", trim out any relabels where
- 		 * the user has changed but the role and type are the
- 		 * same.  For "-vv", emit everything. */
--		if (verbose > 1 || 
--		    !only_changed_user(context, spec_arr[i].context)) {
-+		if (verbose > 1 || !user_only_changed) {
- 			printf("%s:  relabeling %s from %s to %s\n", progname,
- 			       my_file, context, spec_arr[i].context);
- 		}
- 	}
- 
--	if (log &&
--	    !only_changed_user(context, spec_arr[i].context)) {
-+	if ( log && !user_only_changed ) {
- 		syslog(LOG_INFO, "relabeling %s from %s to %s\n", 
- 		       my_file, context, spec_arr[i].context);
- 	}
- 
--	if (outfile &&
--	    !only_changed_user(context, spec_arr[i].context)) 
-+	if (outfile && !user_only_changed)
- 		fprintf(outfile, "%s\n", my_file);
- 
- 	freecon(context);
-@@ -712,7 +711,7 @@
- 	/*
- 	 * Do not relabel the file if -n was used.
- 	 */
--	if (!change)
-+	if (!change || user_only_changed) 
- 		return 0;
- 
- 	/*
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 837e00f..01f6a5f 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -1,7 +1,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
-Version: 1.21.1
-Release: 3
+Version: 1.21.3
+Release: 1
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -76,6 +76,15 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.3-1
+- Upgrade to latest from NSA
+	* Fixed restorecon to not treat errors from is_context_customizable()
+	  as a customizable context.
+	* Merged setfiles/restorecon patch to not reset user field unless
+	  -F option is specified from Dan Walsh.
+	* Merged open_init_pty helper for run_init from Manoj Srivastava.
+	* Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
+
 * Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3
 - Don't change user componant if it is all that changed unless forced.
 - Change fixfiles to concatinate file_context.local for setfiles
diff --git a/sources b/sources
index 90830c1..864692f 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
 d2ef0ce3b9692e34ac489bf35aa625ff  policycoreutils-1.21.1.tgz
+0ac59d3c300ac05f1e48a26f50698e83  policycoreutils-1.21.3.tgz