rpms/policycoreutils/devel .cvsignore, 1.97, 1.98 policycoreutils-rhat.patch, 1.157, 1.158 policycoreutils.spec, 1.227, 1.228 sources, 1.101, 1.102
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sat Jan 28 02:47:38 UTC 2006
- Previous message (by thread): rpms/libsemanage/devel .cvsignore, 1.47, 1.48 libsemanage.spec, 1.67, 1.68 sources, 1.49, 1.50
- Next message (by thread): rpms/frysk/FC-4 libglade-java-20060125-fix-64bit-miscompilation.patch, NONE, 1.1 frysk.spec, 1.2, 1.3 update.sh, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv31720
Modified Files:
.cvsignore policycoreutils-rhat.patch policycoreutils.spec
sources
Log Message:
* Fri Jan 27 2006 Dan Walsh <dwalsh at redhat.com> 1.29.15-1
- Update from upstream
* Merged newrole audit patch from Steve Grubb.
* Merged seuser -> seuser local rename patch from Ivan Gyurdiev.
* Merged semanage and semodule access check patches from Joshua Brindle.
* Wed Jan 25 2006 Dan Walsh <dwalsh at redhat.com> 1.29.12-1
- Add a default of /export/home
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/.cvsignore,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- .cvsignore 25 Jan 2006 16:07:46 -0000 1.97
+++ .cvsignore 28 Jan 2006 02:47:35 -0000 1.98
@@ -84,3 +84,5 @@
policycoreutils-1.29.9.tgz
policycoreutils-1.29.10.tgz
policycoreutils-1.29.11.tgz
+policycoreutils-1.29.12.tgz
+policycoreutils-1.29.15.tgz
policycoreutils-rhat.patch:
genhomedircon | 6 ++++++
1 files changed, 6 insertions(+)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.157
retrieving revision 1.158
diff -u -r1.157 -r1.158
--- policycoreutils-rhat.patch 26 Jan 2006 17:22:04 -0000 1.157
+++ policycoreutils-rhat.patch 28 Jan 2006 02:47:35 -0000 1.158
@@ -1,366 +1,16 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.29.11/restorecon/restorecon.c
---- nsapolicycoreutils/restorecon/restorecon.c 2006-01-13 09:47:40.000000000 -0500
-+++ policycoreutils-1.29.11/restorecon/restorecon.c 2006-01-25 14:03:12.000000000 -0500
-@@ -140,6 +140,7 @@
- fprintf(stderr,"Warning! %s refers to a symbolic link, not following last component.\n", filename);
- char *p = NULL, *file_sep;
- char *tmp_path = strdupa(filename);
-+ size_t len=0;
- if (!tmp_path) {
- fprintf(stderr,"strdupa on %s failed: %s\n", filename,strerror(errno));
- return 1;
-@@ -150,8 +151,11 @@
- *file_sep = 0;
- file_sep++;
- p = realpath(tmp_path, path);
-+ }
-+ else {
-+ file_sep = tmp_path;
-+ p = realpath("./", path);
- }
-- size_t len;
- if(p)
- len = strlen(p);
- if (!p || len + strlen(file_sep) + 2 > PATH_MAX) {
-@@ -162,7 +166,7 @@
- *p = '/';
- p++;
- strcpy(p, file_sep);
-- filename = p;
-+ filename = path;
- } else {
- char *p;
- p = realpath(filename, path);
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.29.11/scripts/chcat
---- nsapolicycoreutils/scripts/chcat 2006-01-19 16:00:44.000000000 -0500
-+++ policycoreutils-1.29.11/scripts/chcat 2006-01-25 11:13:33.000000000 -0500
-@@ -356,7 +356,7 @@
-
- if list_ind==0 and len(cmds) < 1:
- usage()
-- except:
-+ except ValueError, e:
- usage()
-
- if delete_ind:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.29.11/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2006-01-20 10:37:37.000000000 -0500
-+++ policycoreutils-1.29.11/semanage/semanage 2006-01-26 12:17:30.000000000 -0500
-@@ -30,28 +30,27 @@
-
- def usage(message = ""):
- print '\
--semanage {login|user|port|interface|fcontext} -l\n\
-+semanage {login|user|port|interface|fcontext|translation} -l [-n] \n\
- semanage login -{a|d|m} [-sr] login_name\n\
- semanage user -{a|d|m} [-LrR] selinux_name\n\
--semanage port -{a|d|m} -p protocol [-t] port_number\n\
-+semanage port -{a|d|m} [-tr] [ -p protocol ] port | port_range\n\
- semanage interface -{a|d|m} [-tr] interface_spec\n\
--semanage translation -{a|d|m} [-T] level\n\
- semanage fcontext -{a|d|m} [-frst] file_spec\n\
-+semanage translation -{a|d|m} [-T] level\n\
- -a, --add Add a OBJECT record NAME\n\
- -d, --delete Delete a OBJECT record NAME\n\
- -f, --ftype File Type of OBJECT \n\
- -h, --help display this message\n\
- -l, --list List the OBJECTS\n\
- -L, --level Default SELinux Level\n\
-- -n, --noheading Do not print heading when listing OBJECTS\n\
- -m, --modify Modify a OBJECT record NAME\n\
-- -P, --proto Port protocol\n\
-+ -n, --noheading Do not print heading when listing OBJECTS\n\
-+ -p, --proto Port protocol\n\
- -r, --range MLS/MCS Security Range\n\
- -R, --roles SELinux Roles (Separate by spaces)\n\
- -s, --seuser SELinux user name\n\
- -t, --type SELinux Type for the object\n\
- -T, --trans SELinux Level Translation\n\
-- -v, --verbose verbose output\n\
- '
- print message
- sys.exit(1)
-@@ -62,35 +61,27 @@
- sys.stderr.flush()
- sys.exit(1)
-
-- def unwanted_ftype():
-- if ftype != "":
-- sys.stderr.write("ftype not used\n");
-- def unwanted_selevel():
-- if selevel != "":
-- sys.stderr.write("level not used\n");
-- def unwanted_proto():
-- if proto != "":
-- sys.stderr.write("proto not used\n");
-- def unwanted_roles():
-- if roles != "":
-- sys.stderr.write("role not used\n");
-- def unwanted_serange():
-- if serange != "":
-- sys.stderr.write("range not used\n");
-- def unwanted_seuser():
-- if seuser != "":
-- sys.stderr.write("seuser not used\n");
-- def unwanted_setype():
-- if setype != "":
-- sys.stderr.write("type not used\n");
-- def unwanted_setrans():
-- if setrans != "":
-- sys.stderr.write("trans not used\n");
-+ def get_options():
-+ valid_option={}
-+ valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading' ]
-+ valid_option["login"] = []
-+ valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
-+ valid_option["user"] = []
-+ valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles' ]
-+ valid_option["port"] = []
-+ valid_option["port"] += valid_everyone + [ '-t', '--type', '-r', '--range', '-p', '--protocol' ]
-+ valid_option["interface"] = []
-+ valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
-+ valid_option["fcontext"] = []
-+ valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
-+ valid_option["translation"] = []
-+ valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
-+ return valid_option
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.29.11/scripts/genhomedircon
+--- nsapolicycoreutils/scripts/genhomedircon 2006-01-20 10:37:37.000000000 -0500
++++ policycoreutils-1.29.11/scripts/genhomedircon 2006-01-27 01:22:00.000000000 -0500
+@@ -87,6 +87,12 @@
+
+ if ret == []:
+ ret.append("/home")
+
- #
- #
- #
- try:
-- objectlist = ("login", "user", "port", "interface", "fcontext", "translation")
- input = sys.stdin
- output = sys.stdout
- serange = ""
-@@ -112,12 +103,14 @@
- usage("Requires 2 or more arguments")
-
- object = sys.argv[1]
-- if object not in objectlist:
-+ option_dict=get_options()
-+ if object not in option_dict.keys():
- usage("%s not defined" % object)
-
- args = sys.argv[2:]
++ # Add /export/home if it exists
++ # Some customers use this for automounted homedirs
++ if os.path.exists("/export/home"):
++ ret.append("/export/home")
+
- gopts, cmds = getopt.getopt(args,
-- 'adf:lhmnp:P:s:R:L:r:t:vT:',
-+ 'adf:lhmnp:s:R:L:r:t:T:',
- ['add',
- 'delete',
- 'ftype=',
-@@ -125,16 +118,18 @@
- 'list',
- 'modify',
- 'noheading',
-- 'port=',
- 'proto=',
- 'seuser=',
- 'range=',
- 'level=',
- 'roles=',
- 'type=',
-- 'trans=',
-- 'verbose'
-+ 'trans='
- ])
-+ for o, a in gopts:
-+ if o not in option_dict[object]:
-+ sys.stderr.write("%s not valid for %s objects\n" % ( o, object) );
-+
- for o,a in gopts:
- if o == "-a" or o == "--add":
- if modify or delete:
-@@ -167,7 +162,7 @@
- if o == "-L" or o == '--level':
- selevel = a
-
-- if o == "-P" or o == '--proto':
-+ if o == "-p" or o == '--proto':
- proto = a
-
- if o == "-R" or o == '--roles':
-@@ -182,94 +177,25 @@
- if o == "-T" or o == "--trans":
- setrans = a
-
-- if o == "-v" or o == "--verbose":
-- verbose = 1
--
--# Note in this section I intentionally leave the unwanted_*() functions for
--# variabled which are wanted commented out and don't delete those lines. This
--# will make it easier to modify the code when the list of wanted variables
--# changes.
- if object == "login":
-- if not delete:
-- unwanted_ftype()
-- unwanted_selevel()
-- unwanted_proto()
-- unwanted_roles()
--# unwanted_serange()
--# unwanted_seuser()
-- unwanted_setype()
-- unwanted_setrans()
- OBJECT = seobject.loginRecords()
-
- if object == "user":
-- if not delete:
-- unwanted_ftype()
--# unwanted_selevel()
-- unwanted_proto()
--# unwanted_roles()
--# unwanted_serange()
-- unwanted_seuser()
-- unwanted_setype()
-- unwanted_setrans()
- OBJECT = seobject.seluserRecords()
-
- if object == "port":
-- if not delete:
-- unwanted_ftype()
-- unwanted_selevel()
--# unwanted_proto()
-- unwanted_roles()
-- unwanted_serange()
-- unwanted_seuser()
--# unwanted_setype()
-- unwanted_setrans()
- OBJECT = seobject.portRecords()
-
- if object == "interface":
-- if not delete:
-- unwanted_ftype()
-- unwanted_selevel()
-- unwanted_proto()
-- unwanted_roles()
--# unwanted_serange()
-- unwanted_seuser()
--# unwanted_setype()
-- unwanted_setrans()
- OBJECT = seobject.interfaceRecords()
-
- if object == "fcontext":
-- if not delete:
--# unwanted_ftype()
-- unwanted_selevel()
-- unwanted_proto()
-- unwanted_roles()
--# unwanted_serange()
--# unwanted_seuser()
--# unwanted_setype()
-- unwanted_setrans()
- OBJECT = seobject.fcontextRecords()
-
- if object == "translation":
-- if not delete:
-- unwanted_ftype()
-- unwanted_selevel()
-- unwanted_proto()
-- unwanted_roles()
-- unwanted_serange()
-- unwanted_seuser()
-- unwanted_setype()
--# unwanted_setrans()
- OBJECT = seobject.setransRecords()
-
- if list:
-- unwanted_ftype()
-- unwanted_selevel()
-- unwanted_proto()
-- unwanted_roles()
-- unwanted_serange()
-- unwanted_seuser()
-- unwanted_setype()
-- unwanted_setrans()
- OBJECT.list(heading)
- sys.exit(0);
-
-@@ -324,16 +250,6 @@
- sys.exit(0);
-
- if delete:
-- if object != "fcontext":
-- unwanted_ftype()
-- unwanted_selevel()
-- if object == "port":
-- unwanted_proto()
-- unwanted_roles()
-- unwanted_serange()
-- unwanted_seuser()
-- unwanted_setype()
-- unwanted_setrans()
- if object == "port":
- OBJECT.delete(target, proto)
-
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-1.29.11/semanage/semanage.8
---- nsapolicycoreutils/semanage/semanage.8 2006-01-20 10:37:37.000000000 -0500
-+++ policycoreutils-1.29.11/semanage/semanage.8 2006-01-26 12:13:43.000000000 -0500
-@@ -3,19 +3,19 @@
- semanage \- SELinux Policy Management tool
-
- .SH "SYNOPSIS"
--.B semanage {login|user|port|interface|fcontext} \-l [\-n]
-+.B semanage {login|user|port|interface|fcontext|translation} \-l [\-n]
- .br
- .B semanage login \-{a|d|m} [\-sr] login_name
- .br
- .B semanage user \-{a|d|m} [\-LrR] selinux_name
- .br
--.B semanage port \-{a|d|m} \-p protocol [\-t] port_number
-+.B semanage port \-{a|d|m} [\-tr] [\-p protocol] port | port_range
- .br
- .B semanage interface \-{a|d|m} [\-tr] interface_spec
- .br
--.B semanage translation \-{a|d|m} [\-T] level
--.br
- .B semanage fcontext \-{a|d|m} [\-frst] file_spec
-+.br
-+.B semanage translation \-{a|d|m} [\-T] level
- .P
+ return ret
- This tool is used to configure SELinux policy
-@@ -35,34 +35,34 @@
- .I \-d, \-\-delete
- Delete a OBJECT record NAME
- .TP
--.I \-h, \-\-help
--display this message
--.TP
- .I \-f, \-\-ftype
- File Type. This is used with fcontext.
- Requires a file type as shown in the mode field by ls, e.g. use -d to match only directories or -- to match only regular files.
- .TP
-+.I \-h, \-\-help
-+display this message
-+.TP
- .I \-l, \-\-list
- List the OBJECTS
- .TP
--.I \-n, \-\-noheading
--Do not print heading when listing OBJECTS
--.TP
- .I \-L, \-\-level
- Default SELinux Level for SELinux use. (s0)
- .TP
- .I \-m, \-\-modify
- Modify a OBJECT record NAME
- .TP
-+.I \-n, \-\-noheading
-+Do not print heading when listing OBJECTS.
-+.TP
- .I \-p, \-\-proto
- Protocol for the specified port (tcp|udp).
- .TP
--.I \-R, \-\-role
--SELinux Roles (Separate by spaces)
--.TP
- .I \-r, \-\-range
- MLS/MCS Security Range
- .TP
-+.I \-R, \-\-role
-+SELinux Roles. You must inclose multiple roles within quotes, separate by spaces. Or specify \-R multiple times.
-+.TP
- .I \-s, \-\-seuser
- SELinux user name
- .TP
+ def getSELinuxType(directory):
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.227
retrieving revision 1.228
diff -u -r1.227 -r1.228
--- policycoreutils.spec 26 Jan 2006 17:22:04 -0000 1.227
+++ policycoreutils.spec 28 Jan 2006 02:47:35 -0000 1.228
@@ -1,10 +1,10 @@
%define libsepolver 1.11.9-1
-%define libsemanagever 1.5.15-1
+%define libsemanagever 1.5.18-1
%define libselinuxver 1.29.6-1
Summary: SELinux policy core utilities.
Name: policycoreutils
-Version: 1.29.11
-Release: 3
+Version: 1.29.15
+Release: 1
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -97,6 +97,14 @@
%{_libdir}/python2.4/site-packages/seobject.py*
%changelog
+* Fri Jan 27 2006 Dan Walsh <dwalsh at redhat.com> 1.29.15-1
+- Update from upstream
+ * Merged newrole audit patch from Steve Grubb.
+ * Merged seuser -> seuser local rename patch from Ivan Gyurdiev.
+ * Merged semanage and semodule access check patches from Joshua Brindle.
+* Wed Jan 25 2006 Dan Walsh <dwalsh at redhat.com> 1.29.12-1
+- Add a default of /export/home
+
* Wed Jan 25 2006 Dan Walsh <dwalsh at redhat.com> 1.29.11-3
- Cleanup of the patch
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/sources,v
retrieving revision 1.101
retrieving revision 1.102
diff -u -r1.101 -r1.102
--- sources 25 Jan 2006 16:07:46 -0000 1.101
+++ sources 28 Jan 2006 02:47:35 -0000 1.102
@@ -1 +1 @@
-51372837f3abaffa294b289c3acc89c4 policycoreutils-1.29.11.tgz
+4630f6f9b6ce13585a58e6d1dc10fff7 policycoreutils-1.29.15.tgz
- Previous message (by thread): rpms/libsemanage/devel .cvsignore, 1.47, 1.48 libsemanage.spec, 1.67, 1.68 sources, 1.49, 1.50
- Next message (by thread): rpms/frysk/FC-4 libglade-java-20060125-fix-64bit-miscompilation.patch, NONE, 1.1 frysk.spec, 1.2, 1.3 update.sh, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list