rpms/policycoreutils/devel policycoreutils-1.30.12-audit-mass-relabel.patch, NONE, 1.1 policycoreutils-rhat.patch, 1.201, 1.202 policycoreutils.spec, 1.282, 1.283
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Jun 13 20:25:15 UTC 2006
Author: jantill
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3599
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Added Files:
policycoreutils-1.30.12-audit-mass-relabel.patch
Log Message:
* Tue Jun 13 2006 James Antill <jantill at redhat.com> 1.30.12-5
- Update audit mass relabel to only compile in when audit is installed.
policycoreutils-1.30.12-audit-mass-relabel.patch:
Makefile | 7 +++++++
setfiles.c | 43 +++++++++++++++++++++++++++++++++++++++++--
2 files changed, 48 insertions(+), 2 deletions(-)
--- NEW FILE policycoreutils-1.30.12-audit-mass-relabel.patch ---
diff -ru policycoreutils-1.30.12-orig/setfiles/Makefile policycoreutils-1.30.12/setfiles/Makefile
--- policycoreutils-1.30.12-orig/setfiles/Makefile 2006-06-05 13:20:53.000000000 -0400
+++ policycoreutils-1.30.12/setfiles/Makefile 2006-06-13 16:21:44.000000000 -0400
@@ -4,10 +4,17 @@
MANDIR = $(PREFIX)/share/man
LIBDIR ?= $(PREFIX)/lib
+AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
+
CFLAGS = -Werror -Wall -W
override CFLAGS += -D_FILE_OFFSET_BITS=64 -I$(PREFIX)/include
LDLIBS = -lselinux -lsepol -L$(LIBDIR)
+ifeq (${AUDITH}, /usr/include/libaudit.h)
+ override CFLAGS += -DUSE_AUDIT
+ LDLIBS += -laudit
+endif
+
all: setfiles
setfiles: setfiles.o
diff -ru policycoreutils-1.30.12-orig/setfiles/setfiles.c policycoreutils-1.30.12/setfiles/setfiles.c
--- policycoreutils-1.30.12-orig/setfiles/setfiles.c 2006-06-05 13:20:53.000000000 -0400
+++ policycoreutils-1.30.12/setfiles/setfiles.c 2006-06-13 16:21:44.000000000 -0400
@@ -75,6 +75,13 @@
#include <selinux/selinux.h>
#include <syslog.h>
#include <libgen.h>
+#ifdef USE_AUDIT
+#include <libaudit.h>
+
+#ifndef AUDIT_FS_RELABEL
+#define AUDIT_FS_RELABEL 2309
+#endif
+#endif
static int add_assoc = 1;
static FILE *outfile=NULL;
@@ -395,7 +402,7 @@
/* trim trailing /, if present */
len = strlen(rootpath);
- while ('/' == rootpath[len - 1])
+ while (len && ('/' == rootpath[len - 1]))
rootpath[--len] = 0;
rootpathlen = len;
}
@@ -443,11 +450,38 @@
return 0;
}
+static void maybe_audit_mass_relabel(int done_root, int errs)
+{
+#ifdef USE_AUDIT
+ int audit_fd = -1;
+ int rc = 0;
+
+ if (!done_root) /* only audit a forced full relabel */
+ return;
+
+ audit_fd = audit_open();
+
+ if (audit_fd < 0) {
+ fprintf(stderr, "Error connecting to audit system.\n");
+ exit(-1);
+ }
+
+ rc = audit_log_user_message(audit_fd, AUDIT_FS_RELABEL,
+ "op=mass relabel", NULL, NULL, NULL, !errs);
+ if (rc <= 0) {
+ fprintf(stderr, "Error sending audit message: %s.\n", strerror(errno));
+ /* exit(-1); -- don't exit atm. as fix for eff_cap isn't in most kernels */
+ }
+ audit_close(audit_fd);
+#endif
+}
+
int main(int argc, char **argv)
{
struct stat sb;
int opt, rc, i;
-
+ int done_root = 0; /* have we processed the / directory as an arg */
+
memset(excludeArray,0, sizeof(excludeArray));
/* Validate all file contexts during matchpathcon_init. */
@@ -618,6 +652,8 @@
}
else for (; optind < argc; optind++)
{
+ done_root |= !strcmp(argv[optind], "/");
+
if (NULL != rootpath) {
qprintf("%s: labeling files, pretending %s is /\n",
argv[0], rootpath);
@@ -648,6 +684,7 @@
fprintf(stderr,
"%s: error while labeling files under %s\n",
argv[0], argv[optind]);
+ maybe_audit_mass_relabel(done_root, 1);
exit(1);
}
}
@@ -664,6 +701,8 @@
matchpathcon_filespec_destroy();
}
+ maybe_audit_mass_relabel(done_root, 0);
+
if (warn_no_match)
matchpathcon_checkmatches(argv[0]);
policycoreutils-rhat.patch:
audit2allow/Makefile | 1
po/af.po | 2
po/am.po | 2
po/ar.po | 2
po/be.po | 2
po/bg.po | 2
po/bn.po | 2
po/bn_IN.po | 2
po/ca.po | 2
po/cs.po | 2
po/cy.po | 2
po/de.po | 2
po/el.po | 2
po/en_GB.po | 2
po/es.po | 2
po/eu_ES.po | 2
po/fa.po | 2
po/fi.po | 2
po/gu.po | 2
po/he.po | 2
po/hi.po | 2
po/hr.po | 2
po/hu.po | 2
po/hy.po | 2
po/is.po | 2
po/it.po | 2
po/ja.po | 2
po/ka.po | 2
po/kn.po | 2
po/ko.po | 2
po/ku.po | 2
po/lo.po | 2
po/lt.po | 2
po/lv.po | 2
po/mk.po | 2
po/ml.po | 267 ++++++++++++----------
po/mr.po | 2
po/ms.po | 237 +++++++++++++-------
po/my.po | 2
po/nb.po | 2
po/nn.po | 2
po/no.po | 2
po/nso.po | 2
po/or.po | 2
po/pa.po | 2
po/pl.po | 2
po/policycoreutils.pot | 26 +-
po/pt.po | 2
po/pt_BR.po | 94 +++-----
po/ro.po | 2
po/ru.po | 2
po/si.po | 2
po/sk.po | 2
po/sl.po | 2
po/sq.po | 2
po/sr.po | 2
po/sr at Latn.po | 2
po/ta.po | 2
po/te.po | 2
po/th.po | 2
po/tr.po | 2
po/uk.po | 2
po/ur.po | 2
po/vi.po | 2
po/zh_CN.po | 573 +++++++++++++++++++++++++++----------------------
po/zh_TW.po | 2
po/zu.po | 2
scripts/fixfiles | 3
scripts/genhomedircon | 10
semanage/seobject.py | 4
70 files changed, 746 insertions(+), 591 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -r1.201 -r1.202
--- policycoreutils-rhat.patch 12 Jun 2006 16:43:09 -0000 1.201
+++ policycoreutils-rhat.patch 13 Jun 2006 20:25:13 -0000 1.202
@@ -3515,101 +3515,3 @@
os.rename(newfilename, self.filename)
class semanageRecords:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-1.30.12/setfiles/Makefile
---- nsapolicycoreutils/setfiles/Makefile 2006-05-30 09:07:14.000000000 -0400
-+++ policycoreutils-1.30.12/setfiles/Makefile 2006-06-07 10:50:41.000000000 -0400
-@@ -7,6 +7,7 @@
- CFLAGS = -Werror -Wall -W
- override CFLAGS += -D_FILE_OFFSET_BITS=64 -I$(PREFIX)/include
- LDLIBS = -lselinux -lsepol -L$(LIBDIR)
-+LDLIBS += -laudit
-
- all: setfiles
-
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.30.12/setfiles/setfiles.c
---- nsapolicycoreutils/setfiles/setfiles.c 2006-05-15 09:43:12.000000000 -0400
-+++ policycoreutils-1.30.12/setfiles/setfiles.c 2006-06-07 10:50:41.000000000 -0400
-@@ -75,6 +75,11 @@
- #include <selinux/selinux.h>
- #include <syslog.h>
- #include <libgen.h>
-+#include <libaudit.h>
-+
-+#ifndef AUDIT_FS_RELABEL
-+#define AUDIT_FS_RELABEL 2309
-+#endif
-
- static int add_assoc = 1;
- static FILE *outfile=NULL;
-@@ -395,7 +400,7 @@
-
- /* trim trailing /, if present */
- len = strlen(rootpath);
-- while ('/' == rootpath[len - 1])
-+ while (len && ('/' == rootpath[len - 1]))
- rootpath[--len] = 0;
- rootpathlen = len;
- }
-@@ -443,11 +448,35 @@
- return 0;
- }
-
-+static void maybe_audit_mass_relabel(int done_root, int errs)
-+{
-+ int audit_fd = -1;
-+ int rc = 0;
-+
-+ if (!done_root) /* only audit a forced full relabel */
-+ return;
-+
-+ audit_fd = audit_open();
-+
-+ if (audit_fd < 0) {
-+ fprintf(stderr, "Error connecting to audit system.\n");
-+ return;
-+ }
-+
-+ rc = audit_log_user_message(audit_fd, AUDIT_FS_RELABEL,
-+ "op=mass relabel", NULL, NULL, NULL, !errs);
-+ if (rc <= 0) {
-+ fprintf(stderr, "Error sending audit message: %s.\n", strerror(errno));
-+ }
-+ audit_close(audit_fd);
-+}
-+
- int main(int argc, char **argv)
- {
- struct stat sb;
- int opt, rc, i;
--
-+ int done_root = 0; /* have we processed the / directory as an arg */
-+
- memset(excludeArray,0, sizeof(excludeArray));
-
- /* Validate all file contexts during matchpathcon_init. */
-@@ -618,6 +647,8 @@
- }
- else for (; optind < argc; optind++)
- {
-+ done_root |= !strcmp(argv[optind], "/");
-+
- if (NULL != rootpath) {
- qprintf("%s: labeling files, pretending %s is /\n",
- argv[0], rootpath);
-@@ -648,6 +679,7 @@
- fprintf(stderr,
- "%s: error while labeling files under %s\n",
- argv[0], argv[optind]);
-+ maybe_audit_mass_relabel(done_root, 1);
- exit(1);
- }
- }
-@@ -664,6 +696,8 @@
- matchpathcon_filespec_destroy();
- }
-
-+ maybe_audit_mass_relabel(done_root, 0);
-+
- if (warn_no_match)
- matchpathcon_checkmatches(argv[0]);
-
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.282
retrieving revision 1.283
diff -u -r1.282 -r1.283
--- policycoreutils.spec 12 Jun 2006 16:52:57 -0000 1.282
+++ policycoreutils.spec 13 Jun 2006 20:25:13 -0000 1.283
@@ -10,6 +10,7 @@
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
Patch: policycoreutils-rhat.patch
+Patch2: policycoreutils-1.30.12-audit-mass-relabel.patch
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel gettext
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
@@ -37,6 +38,7 @@
%prep
%setup -q
%patch -p1 -b .rhat
+%patch2 -p1 -b .audit
%build
make LOG_AUDIT_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all
@@ -110,6 +112,9 @@
[ -x /sbin/service ] && /sbin/service restorecond condrestart
%changelog
+* Tue Jun 13 2006 James Antill <jantill at redhat.com> 1.30.12-5
+- Update audit mass relabel to only compile in when audit is installed.
+
* Mon Jun 12 2006 Dan Walsh <dwalsh at redhat.com> 1.30.12-4
- Update to required versions
- Update translation
More information about the fedora-cvs-commits
mailing list