diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index eff746b..33668ff 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.74/audit2allow/audit2allow ---- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500 -+++ policycoreutils-2.0.74/audit2allow/audit2allow 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/audit2allow/audit2allow 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/audit2allow/audit2allow 2009-11-09 16:05:58.000000000 -0500 @@ -42,6 +42,8 @@ from optparse import OptionParser @@ -39,8 +39,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po # This is the default if no input is specified f = sys.stdin diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.74/load_policy/Makefile ---- nsapolicycoreutils/load_policy/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/load_policy/Makefile 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/load_policy/Makefile 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/load_policy/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -1,6 +1,7 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -60,8 +60,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po clean: -rm -f $(TARGETS) *.o diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.74/Makefile ---- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/Makefile 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/Makefile 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -1,4 +1,4 @@ -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui @@ -69,8 +69,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.74/restorecond/Makefile ---- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/Makefile 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/restorecond/Makefile 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -1,17 +1,28 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -119,14 +119,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po /sbin/restorecon $(SBINDIR)/restorecond diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service --- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,3 @@ +[D-BUS Service] +Name=org.selinux.Restorecond +Exec=/usr/sbin/restorecond -u diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-2.0.74/restorecond/restorecond.8 ---- nsapolicycoreutils/restorecond/restorecond.8 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/restorecond.8 2009-10-20 09:32:14.000000000 -0400 +--- nsapolicycoreutils/restorecond/restorecond.8 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.8 2009-11-09 16:05:58.000000000 -0500 @@ -3,7 +3,7 @@ restorecond \- daemon that watches for file creation and then sets the default SELinux file context @@ -162,8 +162,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po .SH "SEE ALSO" .BR restorecon (8), diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.74/restorecond/restorecond.c ---- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/restorecond.c 2009-10-20 09:29:06.000000000 -0400 +--- nsapolicycoreutils/restorecond/restorecond.c 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.c 2009-11-09 16:05:58.000000000 -0500 @@ -30,9 +30,11 @@ * and makes sure that there security context matches the systems defaults * @@ -668,8 +668,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.74/restorecond/restorecond.conf ---- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/restorecond.conf 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/restorecond/restorecond.conf 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.conf 2009-11-09 16:05:58.000000000 -0500 @@ -4,8 +4,5 @@ /etc/mtab /var/run/utmp @@ -682,7 +682,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po - diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.74/restorecond/restorecond.desktop --- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/restorecond/restorecond.desktop 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.desktop 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,7 @@ +[Desktop Entry] +Name=File Context maintainer @@ -692,8 +692,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +Type=Application +StartupNotify=false diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.74/restorecond/restorecond.h ---- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/restorecond.h 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/restorecond/restorecond.h 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.h 2009-11-09 16:05:58.000000000 -0500 @@ -24,7 +24,21 @@ #ifndef RESTORED_CONFIG_H #define RESTORED_CONFIG_H @@ -719,8 +719,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po #endif diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.74/restorecond/restorecond.init ---- nsapolicycoreutils/restorecond/restorecond.init 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.74/restorecond/restorecond.init 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/restorecond/restorecond.init 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.init 2009-11-09 16:05:58.000000000 -0500 @@ -75,16 +75,15 @@ status restorecond RETVAL=$? @@ -742,13 +742,13 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po - diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.74/restorecond/restorecond_user.conf --- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/restorecond/restorecond_user.conf 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond_user.conf 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,2 @@ +~/* +~/public_html/* diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.74/restorecond/user.c --- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/restorecond/user.c 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/user.c 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,237 @@ +/* + * restorecond @@ -989,7 +989,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.74/restorecond/watch.c --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/restorecond/watch.c 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/watch.c 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,253 @@ +#define _GNU_SOURCE +#include @@ -1246,7 +1246,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/basicwrapper policycoreutils-2.0.74/sandbox/deliverables/basicwrapper --- nsapolicycoreutils/sandbox/deliverables/basicwrapper 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/deliverables/basicwrapper 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/deliverables/basicwrapper 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,4 @@ +import os, sys +SANDBOX_ARGS = ['-f%s' % os.environ['_CONDOR_SCRATCH_DIR']] @@ -1254,7 +1254,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +os.execv('/usr/bin/sandbox',SANDBOX_ARGS) diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/README policycoreutils-2.0.74/sandbox/deliverables/README --- nsapolicycoreutils/sandbox/deliverables/README 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/deliverables/README 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/deliverables/README 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,32 @@ +Files: +run-in-sandbox.py: @@ -1290,7 +1290,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +Chris Pardy diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py policycoreutils-2.0.74/sandbox/deliverables/run-in-sandbox.py --- nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/deliverables/run-in-sandbox.py 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/deliverables/run-in-sandbox.py 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,49 @@ +import os +import os.path @@ -1343,7 +1343,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/sandbox policycoreutils-2.0.74/sandbox/deliverables/sandbox --- nsapolicycoreutils/sandbox/deliverables/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/deliverables/sandbox 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/deliverables/sandbox 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,216 @@ +#!/usr/bin/python -E +import os, sys, getopt, socket, random, fcntl, shutil @@ -1563,7 +1563,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.74/sandbox/Makefile --- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/Makefile 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,31 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -1598,7 +1598,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +relabel: diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.74/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/sandbox 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandbox 2009-11-09 16:10:07.000000000 -0500 @@ -0,0 +1,242 @@ +#!/usr/bin/python -E +import os, sys, getopt, socket, random, fcntl, shutil @@ -1786,10 +1786,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + warnings.simplefilter("ignore") + newhomedir = os.tempnam(".", ".sandbox%s") + os.mkdir(newhomedir) -+ selinux.setfilecon(newhomedir, filecon) + newtmpdir = os.tempnam("/tmp", ".sandbox") + os.mkdir(newtmpdir) -+ selinux.setfilecon(newtmpdir, filecon) ++ chcon = ("/usr/bin/chcon %s %s %s" % (filecon, newhomedir, newtmpdir)).split() ++ rc = os.spawnvp(os.P_WAIT, chcon[0], chcon) + warnings.resetwarnings() + paths = [] + for i in cmds: @@ -1844,7 +1844,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.74/sandbox/sandbox.8 --- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/sandbox.8 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandbox.8 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,26 @@ +.TH SANDBOX "8" "May 2009" "chcat" "User Commands" +.SH NAME @@ -1874,7 +1874,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +.PP diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.74/sandbox/sandboxX.sh --- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,16 @@ +#!/bin/bash +export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`" @@ -1894,7 +1894,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +done diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.74/sandbox/seunshare.c --- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,265 @@ +#include +#include @@ -2162,8 +2162,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + return status; +} diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.74/scripts/chcat ---- nsapolicycoreutils/scripts/chcat 2009-06-23 15:36:07.000000000 -0400 -+++ policycoreutils-2.0.74/scripts/chcat 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/scripts/chcat 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/chcat 2009-11-09 16:05:58.000000000 -0500 @@ -435,6 +435,8 @@ continue except ValueError, e: @@ -2174,8 +2174,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po sys.exit(errors) diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.74/scripts/fixfiles ---- nsapolicycoreutils/scripts/fixfiles 2009-08-05 15:10:56.000000000 -0400 -+++ policycoreutils-2.0.74/scripts/fixfiles 2009-10-22 08:49:41.000000000 -0400 +--- nsapolicycoreutils/scripts/fixfiles 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/fixfiles 2009-11-09 16:05:58.000000000 -0500 @@ -27,7 +27,6 @@ FORCEFLAG="" DIRS="" @@ -2252,8 +2252,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po LOGFILE=$OPTARG ;; diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.74/scripts/fixfiles.8 ---- nsapolicycoreutils/scripts/fixfiles.8 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/scripts/fixfiles.8 2009-10-22 08:55:09.000000000 -0400 +--- nsapolicycoreutils/scripts/fixfiles.8 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/fixfiles.8 2009-11-09 16:05:58.000000000 -0500 @@ -3,11 +3,18 @@ fixfiles \- fix file SELinux security contexts. @@ -2288,8 +2288,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po Force reset of context to match file_context for customizable files diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.74/scripts/Makefile ---- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/scripts/Makefile 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/scripts/Makefile 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -5,7 +5,7 @@ MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale @@ -2300,8 +2300,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po install: all -mkdir -p $(BINDIR) diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.74/semanage/semanage ---- nsapolicycoreutils/semanage/semanage 2009-09-08 09:03:10.000000000 -0400 -+++ policycoreutils-2.0.74/semanage/semanage 2009-10-30 16:31:40.000000000 -0400 +--- nsapolicycoreutils/semanage/semanage 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/semanage/semanage 2009-11-09 16:05:58.000000000 -0500 @@ -39,19 +39,27 @@ __builtin__.__dict__['_'] = unicode @@ -2666,8 +2666,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po trans.finish() else: diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.74/semanage/seobject.py ---- nsapolicycoreutils/semanage/seobject.py 2009-09-08 09:03:10.000000000 -0400 -+++ policycoreutils-2.0.74/semanage/seobject.py 2009-11-02 11:39:02.000000000 -0500 +--- nsapolicycoreutils/semanage/seobject.py 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/semanage/seobject.py 2009-11-09 16:07:13.000000000 -0500 @@ -37,40 +37,6 @@ import syslog @@ -3067,17 +3067,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if is_mls_enabled == 1: if serange == "": serange = "s0" -@@ -843,7 +880,8 @@ - if rc < 0: - raise ValueError(_("Could not check if port %s/%s is defined") % (proto, port)) - if exists: -- raise ValueError(_("Port %s/%s already defined") % (proto, port)) -+ semanage_port_key_free(k) -+ return self.__modify(port, proto, serange, type) - - (rc, p) = semanage_port_create(self.sh) - if rc < 0: -@@ -890,6 +928,7 @@ +@@ -890,6 +927,7 @@ self.commit() def __modify(self, port, proto, serange, setype): @@ -3085,7 +3075,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if serange == "" and setype == "": if is_mls_enabled == 1: raise ValueError(_("Requires setype or serange")) -@@ -1024,6 +1063,18 @@ +@@ -1024,6 +1062,18 @@ ddict[(ctype,proto_str)].append("%d-%d" % (low, high)) return ddict @@ -3104,7 +3094,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def list(self, heading = 1, locallist = 0): if heading: print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number")) -@@ -1040,7 +1091,8 @@ +@@ -1040,7 +1090,8 @@ class nodeRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self,store) @@ -3114,7 +3104,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def __add(self, addr, mask, proto, serange, ctype): if addr == "": raise ValueError(_("Node Address is required")) -@@ -1048,14 +1100,11 @@ +@@ -1048,14 +1099,11 @@ if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3132,7 +3122,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if is_mls_enabled == 1: if serange == "": serange = "s0" -@@ -1073,7 +1122,8 @@ +@@ -1073,7 +1121,8 @@ (rc, exists) = semanage_node_exists(self.sh, k) if exists: @@ -3142,7 +3132,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po (rc, node) = semanage_node_create(self.sh) if rc < 0: -@@ -1120,7 +1170,7 @@ +@@ -1120,7 +1169,7 @@ def add(self, addr, mask, proto, serange, ctype): self.begin() @@ -3151,7 +3141,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po self.commit() def __modify(self, addr, mask, proto, serange, setype): -@@ -1129,13 +1179,10 @@ +@@ -1129,13 +1178,10 @@ if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3169,7 +3159,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if serange == "" and setype == "": raise ValueError(_("Requires setype or serange")) -@@ -1180,11 +1227,9 @@ +@@ -1180,11 +1226,9 @@ if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3184,7 +3174,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po raise ValueError(_("Unknown or missing protocol")) (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) -@@ -1214,6 +1259,16 @@ +@@ -1214,6 +1258,16 @@ self.__delete(addr, mask, proto) self.commit() @@ -3201,7 +3191,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def get_all(self, locallist = 0): ddict = {} if locallist : -@@ -1227,15 +1282,20 @@ +@@ -1227,15 +1281,20 @@ con = semanage_node_get_con(node) addr = semanage_node_get_addr(self.sh, node) mask = semanage_node_get_mask(self.sh, node) @@ -3227,7 +3217,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def list(self, heading = 1, locallist = 0): if heading: print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context") -@@ -1275,7 +1335,8 @@ +@@ -1275,7 +1334,8 @@ if rc < 0: raise ValueError(_("Could not check if interface %s is defined") % interface) if exists: @@ -3237,7 +3227,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po (rc, iface) = semanage_iface_create(self.sh) if rc < 0: -@@ -1389,6 +1450,16 @@ +@@ -1389,6 +1449,16 @@ self.__delete(interface) self.commit() @@ -3254,7 +3244,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def get_all(self, locallist = 0): ddict = {} if locallist: -@@ -1404,6 +1475,15 @@ +@@ -1404,6 +1474,15 @@ return ddict @@ -3270,7 +3260,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def list(self, heading = 1, locallist = 0): if heading: print "%-30s %s\n" % (_("SELinux Interface"), _("Context")) -@@ -1420,6 +1500,48 @@ +@@ -1420,6 +1499,48 @@ class fcontextRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self, store) @@ -3319,7 +3309,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po def createcon(self, target, seuser = "system_u"): (rc, con) = semanage_context_create(self.sh) -@@ -1470,7 +1592,8 @@ +@@ -1470,7 +1591,8 @@ raise ValueError(_("Could not check if file context for %s is defined") % target) if exists: @@ -3329,7 +3319,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po (rc, fcontext) = semanage_fcontext_create(self.sh) if rc < 0: -@@ -1586,9 +1709,16 @@ +@@ -1586,9 +1708,16 @@ raise ValueError(_("Could not delete the file context %s") % target) semanage_fcontext_key_free(k) @@ -3346,7 +3336,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) if rc < 0: raise ValueError(_("Could not create a key for %s") % target) -@@ -1643,12 +1773,22 @@ +@@ -1643,12 +1772,22 @@ return ddict @@ -3371,7 +3361,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po for k in keys: if fcon_dict[k]: if is_mls_enabled: -@@ -1794,6 +1934,16 @@ +@@ -1794,6 +1933,16 @@ else: return _("unknown") @@ -3389,8 +3379,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po on_off = (_("off"), _("on")) if use_file: diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.74/semodule/semodule.8 ---- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.74/semodule/semodule.8 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/semodule/semodule.8 2009-11-09 16:05:58.000000000 -0500 @@ -35,6 +35,12 @@ .B \-b,\-\-base=MODULE_PKG install/replace base module package @@ -3405,8 +3395,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po remove existing module .TP diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.74/semodule/semodule.c ---- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.74/semodule/semodule.c 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/semodule/semodule.c 2009-11-09 16:05:58.000000000 -0500 @@ -22,12 +22,12 @@ #include @@ -3525,8 +3515,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po (m); } diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.74/setfiles/Makefile ---- nsapolicycoreutils/setfiles/Makefile 2009-07-07 15:32:32.000000000 -0400 -+++ policycoreutils-2.0.74/setfiles/Makefile 2009-10-15 10:37:41.000000000 -0400 +--- nsapolicycoreutils/setfiles/Makefile 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/Makefile 2009-11-09 16:05:58.000000000 -0500 @@ -16,7 +16,7 @@ all: setfiles restorecon @@ -3538,7 +3528,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po ln -sf setfiles restorecon diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.74/setfiles/restore.c --- nsapolicycoreutils/setfiles/restore.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/setfiles/restore.c 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/restore.c 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,519 @@ +#include "restore.h" + @@ -4060,8 +4050,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + + diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.74/setfiles/restorecon.8 ---- nsapolicycoreutils/setfiles/restorecon.8 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/setfiles/restorecon.8 2009-10-22 08:41:15.000000000 -0400 +--- nsapolicycoreutils/setfiles/restorecon.8 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/restorecon.8 2009-11-09 16:05:58.000000000 -0500 @@ -4,10 +4,10 @@ .SH "SYNOPSIS" @@ -4087,7 +4077,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po show changes in file labels. diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.74/setfiles/restore.h --- nsapolicycoreutils/setfiles/restore.h 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.74/setfiles/restore.h 2009-10-15 10:37:41.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/restore.h 2009-11-09 16:05:58.000000000 -0500 @@ -0,0 +1,49 @@ +#ifndef RESTORE_H +#define RESTORE_H @@ -4139,8 +4129,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + +#endif diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.74/setfiles/setfiles.8 ---- nsapolicycoreutils/setfiles/setfiles.8 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.74/setfiles/setfiles.8 2009-10-22 08:37:16.000000000 -0400 +--- nsapolicycoreutils/setfiles/setfiles.8 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/setfiles.8 2009-11-09 16:05:58.000000000 -0500 @@ -31,6 +31,9 @@ .TP .B \-n @@ -4152,8 +4142,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po .B \-q suppress non-error output. diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.74/setfiles/setfiles.c ---- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.74/setfiles/setfiles.c 2009-10-22 08:42:29.000000000 -0400 +--- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:51.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/setfiles.c 2009-11-09 16:05:58.000000000 -0500 @@ -1,26 +1,12 @@ -#ifndef _GNU_SOURCE -#define _GNU_SOURCE diff --git a/policycoreutils.spec b/policycoreutils.spec index 7a7b169..ee3ccd0 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.74 -Release: 15%{?dist} +Release: 16%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -296,6 +296,10 @@ fi exit 0 %changelog +* Mon Nov 9 2009 Dan Walsh 2.0.74-16 +- Fix sandbox to use chcon +- Fix semanage to report duplicate ports + * Fri Oct 30 2009 Dan Walsh 2.0.74-15 - Fix typo in seobject.py