diff --git a/.cvsignore b/.cvsignore index b46fd1a..33c43f1 100644 --- a/.cvsignore +++ b/.cvsignore @@ -135,3 +135,5 @@ sepolgen-1.0.0.tgz policycoreutils-2.0.2.tgz policycoreutils-2.0.3.tgz sepolgen-1.0.1.tgz +policycoreutils-2.0.6.tgz +sepolgen-1.0.2.tgz diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 136fa3b..1e090cd 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,54 +1,15 @@ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.2/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.3/Makefile --- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500 -+++ policycoreutils-2.0.2/Makefile 2007-02-20 17:00:14.000000000 -0500 ++++ policycoreutils-2.0.3/Makefile 2007-02-22 12:32:39.000000000 -0500 @@ -1,4 +1,4 @@ -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui all install relabel clean indent: @for subdir in $(SUBDIRS); do \ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.2/newrole/newrole.c ---- nsapolicycoreutils/newrole/newrole.c 2007-01-24 10:03:59.000000000 -0500 -+++ policycoreutils-2.0.2/newrole/newrole.c 2007-02-20 17:00:14.000000000 -0500 -@@ -640,11 +640,12 @@ - } - - /* Re-open TTY descriptor */ -- fd = open(ttyn, O_RDWR); -+ fd = open(ttyn, O_RDWR|O_NONBLOCK); - if (fd < 0) { - fprintf(stderr, _("Error! Could not open %s.\n"), ttyn); - return fd; - } -+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); - - if (fgetfilecon(fd, &tty_con) < 0) { - fprintf(stderr, _("%s! Could not get current context " -@@ -1131,15 +1132,18 @@ - fprintf(stderr, _("Could not close descriptors.\n")); - goto err_close_pam; - } -- fd = open(ttyn, O_RDONLY); -+ fd = open(ttyn, O_RDONLY|O_NONBLOCK); - if (fd != 0) - goto err_close_pam; -- fd = open(ttyn, O_RDWR); -+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ fd = open(ttyn, O_RDWR|O_NONBLOCK); - if (fd != 1) - goto err_close_pam; -- fd = open(ttyn, O_RDWR); -+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ fd = open(ttyn, O_RDWR|O_NONBLOCK); - if (fd != 2) - goto err_close_pam; -+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); - - /* - * Step 5: Execute a new shell with the new context in `new_context'. -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.2/restorecond/restorecond.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.3/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2007-02-22 08:53:22.000000000 -0500 -+++ policycoreutils-2.0.2/restorecond/restorecond.c 2007-02-20 17:00:14.000000000 -0500 ++++ policycoreutils-2.0.3/restorecond/restorecond.c 2007-02-22 12:32:39.000000000 -0500 @@ -210,9 +210,10 @@ } @@ -84,10 +45,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po if (pidfile) unlink(pidfile); -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.2/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.3/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500 -+++ policycoreutils-2.0.2/restorecond/restorecond.conf 2007-02-20 17:00:14.000000000 -0500 -@@ -1,7 +1,9 @@ ++++ policycoreutils-2.0.3/restorecond/restorecond.conf 2007-02-23 09:55:54.000000000 -0500 +@@ -1,7 +1,10 @@ /etc/resolv.conf +/etc/localtime /etc/samba/secrets.tdb @@ -95,11 +56,46 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po /var/run/utmp +/var/run/faillog /var/log/wtmp ++/etc/lvm/.cache ~/public_html ~/.mozilla/plugins/libflashplayer.so -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.2/semanage/seobject.py +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.3/scripts/chcat +--- nsapolicycoreutils/scripts/chcat 2007-02-22 08:53:22.000000000 -0500 ++++ policycoreutils-2.0.3/scripts/chcat 2007-02-22 12:37:17.000000000 -0500 +@@ -74,9 +74,11 @@ + if i not in cats: + cats.append(i) + +- new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ",")) +- if new_serange[-1:] == ":": +- new_serange = new_serange[:-1] ++ ++ if len(cats) > 0: ++ new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats)) ++ else ++ new_serange = "%s-%s" % (serange[0], top[0]) + + if add_ind: + cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u) +@@ -151,10 +153,11 @@ + if i in cats: + cats.remove(i) + +- new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ",")) +- if new_serange[-1:] == ":": +- new_serange = new_serange[:-1] +- ++ if len(cats) > 0: ++ new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats)) ++ else ++ new_serange = "%s-%s" % (serange[0], top[0]) ++ + if add_ind: + cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u) + else: +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.3/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2007-02-22 08:53:22.000000000 -0500 -+++ policycoreutils-2.0.2/semanage/seobject.py 2007-02-20 17:00:14.000000000 -0500 ++++ policycoreutils-2.0.3/semanage/seobject.py 2007-02-22 12:32:39.000000000 -0500 @@ -209,6 +209,7 @@ os.write(fd, self.out()) os.close(fd) diff --git a/policycoreutils.spec b/policycoreutils.spec index abd2564..d864f5d 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -2,11 +2,11 @@ %define libsepolver 2.0.1-1 %define libsemanagever 1.10.0-1 %define libselinuxver 2.0.0-1 -%define sepolgenver 1.0.1 +%define sepolgenver 1.0.2 Summary: SELinux policy core utilities. Name: policycoreutils -Version: 2.0.3 -Release: 2%{?dist} +Version: 2.0.6 +Release: 1%{?dist} License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -183,6 +183,19 @@ exit 0 %changelog +* Fri Feb 23 2007 Dan Walsh 2.0.6-1 +- Update to upstream + - policycoreutils + * Merged newrole O_NONBLOCK fix from Linda Knippers. + * Merged sepolgen and audit2allow patches to leave generated files + in the current directory from Karl MacMillan. + * Merged restorecond memory leak fix from Steve Grubb. + -sepolgen + * Merged patch to leave generated files (e.g. local.te) in current directory from Karl MacMillan. + * Merged patch to make run-tests.py use unittest.main from Karl MacMillan. + * Merged patch to update PLY from Karl MacMillan. + * Merged patch to update the sepolgen parser to handle the latest reference policy from Karl MacMillan. + * Thu Feb 22 2007 Dan Walsh 2.0.3-2 - Do not fail on sepolgen-ifgen diff --git a/sources b/sources index b38e7e3..f158654 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -4af3294812518e0e1400cd13fd57e0e1 policycoreutils-2.0.3.tgz -dd378ab2d09a91263f4a27e46d515000 sepolgen-1.0.1.tgz +978739a21202be549954555a3c0ecb45 policycoreutils-2.0.6.tgz +e7637ad90fb6cd2c5d9bd20238353c01 sepolgen-1.0.2.tgz