From 89116ae9a13873a9d0900d0437603187f4c61470 Mon Sep 17 00:00:00 2001
From: Michal Schmidt <michich@fedoraproject.org>
Date: Nov 27 2007 22:36:12 +0000
Subject: - SELinux: Allow iceccd to contact the scheduler via UDP.

- Don't add icecream to PATH in the profile scripts if ccache is installed
    to avoid recursive invocations (bz #377761).

---

diff --git a/icecream.csh.in b/icecream.csh.in
index 3f317a0..444194f 100644
--- a/icecream.csh.in
+++ b/icecream.csh.in
@@ -1,3 +1,7 @@
-if ( "$path" !~ *@LIBDIR@/icecc/bin* ) then
-    set path = ( @LIBDIR@/icecc/bin $path )
+# If icecream and ccache are installed, we must not put both in PATH
+# to prevent recursive invocations.
+# Note: ccache.csh (if present) will be sourced before icecream.csh
+
+if ( "$path" !~ *@LIBDIR@/icecc/bin* && "$path" !~ *@LIBDIR@/ccache* ) then
+	set path = ( @LIBDIR@/icecc/bin "$path" )
 endif
diff --git a/icecream.sh.in b/icecream.sh.in
index 5ccf52a..f42d2a3 100644
--- a/icecream.sh.in
+++ b/icecream.sh.in
@@ -1,3 +1,8 @@
-if ! echo "$PATH" | grep -qw @LIBDIR@/icecc/bin ; then
-    PATH="@LIBDIR@/icecc/bin:$PATH"
+# If icecream and ccache are installed, we must not put both in PATH
+# to prevent recursive invocations.
+# Note: ccache.sh (if present) will be sourced before icecream.sh
+
+if ! echo "$PATH" | /bin/grep -q "@LIBDIR@/icecc/bin\|@LIBDIR@/ccache"
+then
+	PATH="@LIBDIR@/icecc/bin:$PATH"
 fi
diff --git a/icecream.spec b/icecream.spec
index f36a979..0782250 100644
--- a/icecream.spec
+++ b/icecream.spec
@@ -1,6 +1,6 @@
 Name:		icecream
 Version:	0.8.0
-Release:	4.20071101svn%{?dist}
+Release:	5.20071101svn%{?dist}
 Summary:	Distributed compiler
 
 Group:		Development/Tools
@@ -210,6 +210,11 @@ rm -rf %{buildroot}
 %{_libdir}/pkgconfig/icecc.pc
 
 %changelog
+* Tue Nov 27 2007 Michal Schmidt <mschmidt@redhat.com> - 0.8.0-5.20071101svn
+- SELinux: Allow iceccd to contact the scheduler via UDP.
+- Don't add icecream to PATH in the profile scripts if ccache is installed
+  to avoid recursive invocations (bz #377761).
+
 * Tue Nov 20 2007 Michal Schmidt <mschmidt@redhat.com> - 0.8.0-4.20071101svn
 - Add a SELinux policy for iceccd
 - Initscripts as sources instead of patches in the .spec file
diff --git a/icecream.te b/icecream.te
index 51402fe..78c6474 100644
--- a/icecream.te
+++ b/icecream.te
@@ -58,6 +58,7 @@ allow iceccd_t self:tcp_socket create_stream_socket_perms;
 allow iceccd_t self:udp_socket create_socket_perms;
 allow iceccd_t iceccd_port_t:tcp_socket name_bind;
 allow iceccd_t icecc_scheduler_port_t:tcp_socket { send_msg recv_msg name_connect };
+allow iceccd_t icecc_scheduler_port_t:udp_socket { send_msg recv_msg };
 allow iceccd_t self:fifo_file { read write ioctl getattr };
 # why exactly?:
 allow iceccd_t self:capability { chown dac_override fsetid kill };