rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.342, 1.343 policycoreutils.spec, 1.490, 1.491
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Jan 8 13:58:20 UTC 2008
- Previous message (by thread): rpms/kdenetwork/devel .cvsignore, 1.43, 1.44 kdenetwork.spec, 1.121, 1.122 sources, 1.49, 1.50
- Next message (by thread): rpms/glib2/devel .cvsignore, 1.77, 1.78 glib2.spec, 1.149, 1.150 sources, 1.79, 1.80 desktopfiles.patch, 1.2, NONE glib-2.11.1-libdir.patch, 1.3, NONE glib-2.15.0-gtestutils.patch, 1.1, NONE ppc-cast.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6596
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Tue Jan 8 2008 Dan Walsh <dwalsh at redhat.com> 2.0.34-6
- Fix fixfiles to handle no args
policycoreutils-rhat.patch:
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.342 -r 1.343 policycoreutils-rhat.patch
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.342
retrieving revision 1.343
diff -u -r1.342 -r1.343
--- policycoreutils-rhat.patch 31 Dec 2007 19:24:10 -0000 1.342
+++ policycoreutils-rhat.patch 8 Jan 2008 13:58:11 -0000 1.343
@@ -69,48 +69,74 @@
if __name__ == "__main__":
sys.exit(main())
-Binary files nsapolicycoreutils/audit2why/audit2why and policycoreutils-2.0.34/audit2why/audit2why differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.34/audit2why/audit2why.c
--- nsapolicycoreutils/audit2why/audit2why.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2why/audit2why.c 2007-12-31 11:12:23.000000000 -0500
-@@ -22,27 +22,146 @@
++++ policycoreutils-2.0.34/audit2why/audit2why.c 2008-01-05 08:19:56.000000000 -0500
+@@ -9,71 +9,252 @@
+ #include <sepol/sepol.h>
+ #include <sepol/policydb/services.h>
+ #include <selinux/selinux.h>
++#include "audit2why.h"
+
+ #define AVCPREFIX "avc: denied { "
+ #define SCONTEXT "scontext="
+ #define TCONTEXT "tcontext="
+ #define TCLASS "tclass="
+
+-void usage(char *progname, int rc)
++static void usage(char *progname, int rc)
+ {
+ fprintf(stderr, "usage: %s [-p policy] < /var/log/audit/audit.log\n",
+ progname);
exit(rc);
}
-+struct bool_t {
-+ const sepol_bool_t * boolean;
-+ char *name;
-+ int active;
-+};
-+
-+static struct bool_t **boollist = NULL;
+-int main(int argc, char **argv)
+-{
+- char path[PATH_MAX];
+- char *buffer = NULL, *bufcopy = NULL;
+- unsigned int lineno = 0;
+- size_t len = 0, bufcopy_len = 0;
+- FILE *fp;
+- int opt, rc, set_path = 0;
+- char *p, *scon, *tcon, *tclassstr, *permstr;
+- sepol_security_id_t ssid, tsid;
++static struct boolean_t **boollist = NULL;
+static int boolcnt = 0;
+
-+struct access_t {
++struct avc_t {
+ sepol_handle_t *handle;
-+ sepol_policydb_t *policydb;
++ policydb_t policydb;
+ sepol_security_id_t ssid;
+ sepol_security_id_t tsid;
-+ sepol_security_class_t tclass;
+ sepol_security_class_t tclass;
+- sepol_access_vector_t perm, av;
+ sepol_access_vector_t av;
+};
+
++static struct avc_t *avc = NULL;
++static sidtab_t sidtab;
++
+static int load_booleans (const sepol_bool_t * boolean,
+ void *arg __attribute__ ((__unused__)) ) {
-+ boollist[boolcnt] = (struct bool_t *) malloc(sizeof (struct bool_t));
-+ boollist[boolcnt]->boolean = boolean;
++ boollist[boolcnt] = (struct boolean_t *) malloc(sizeof (struct boolean_t));
+ boollist[boolcnt]->name = strdup(sepol_bool_get_name(boolean));
+ boollist[boolcnt]->active = sepol_bool_get_value(boolean);
+ boolcnt++;
+ return 0;
+}
+
-+static int check_booleans (struct access_t *access) {
-+ struct sepol_av_decision avd;
-+ unsigned int reason;
++static int check_booleans (struct avc_t *avc, struct boolean_t **bools) {
+ struct sepol_av_decision avd;
+ unsigned int reason;
+- int vers = 0;
+- sidtab_t sidtab;
+- policydb_t policydb;
+- struct policy_file pf;
+ int rc;
+ int i;
-+ sepol_bool_key_t *key=NULL;
++ sepol_bool_key_t *key = NULL;
++ sepol_bool_t * boolean = NULL;
+ int fcnt = 0;
+ int *foundlist = calloc(boolcnt, sizeof(int));
+ if (!foundlist) {
@@ -118,11 +144,10 @@
+ "Out of memory.\n");
+ return fcnt;
+ }
-+ for (i=0; i < boolcnt; i++) {
++ for (i = 0; i < boolcnt; i++) {
+ char *name = boollist[i]->name;
+ int active = boollist[i]->active;
-+ sepol_bool_t * boolean = (sepol_bool_t *) boollist[i]->boolean;
-+ rc = sepol_bool_key_create(access->handle,
++ rc = sepol_bool_key_create(avc->handle,
+ name,
+ &key);
+ if (rc < 0) {
@@ -130,23 +155,56 @@
+ "Could not create boolean key.\n");
+ break;
+ }
++ rc = sepol_bool_query(avc->handle,
++ (sepol_policydb_t *) &avc->policydb,
++ key,
++ &boolean);
+
+- while ((opt = getopt(argc, argv, "p:?h")) > 0) {
+- switch (opt) {
+- case 'p':
+- set_path = 1;
+- strncpy(path, optarg, PATH_MAX);
+- fp = fopen(path, "r");
+- if (!fp) {
+- fprintf(stderr, "%s: unable to open %s: %s\n",
+- argv[0], path, strerror(errno));
+- exit(1);
+- }
++ if (rc < 0) {
++ fprintf(stderr,
++ "Could not find boolean %s.\n", name);
+ break;
+- default:
+- usage(argv[0], 0);
+ }
+- }
+
+- if (argc - optind)
+- usage(argv[0], 1);
+ sepol_bool_set_value(boolean, !active);
-+
-+ rc = sepol_bool_set(access->handle,
-+ access->policydb,
+
+- if (!set_path) {
+- if (!is_selinux_enabled()) {
++ rc = sepol_bool_set(avc->handle,
++ (sepol_policydb_t *) &avc->policydb,
+ key,
+ boolean);
+ if (rc < 0) {
-+ fprintf(stderr,
+ fprintf(stderr,
+- "%s: Must specify -p policy on non-SELinux systems\n",
+- argv[0]);
+- exit(1);
+ "Could not set boolean data %s.\n", name);
+ break;
+ }
+
+ /* Reproduce the computation. */
-+ rc = sepol_compute_av_reason(access->ssid, access->tsid, access->tclass, access->av, &avd, &reason);
++ rc = sepol_compute_av_reason(avc->ssid, avc->tsid, avc->tclass, avc->av, &avd, &reason);
+ if (rc < 0) {
+ fprintf(stderr,
+ "Error during access vector computation, skipping...\n");
++ sepol_bool_free(boolean);
+ break;
+ } else {
+ if (!reason) {
@@ -154,8 +212,8 @@
+ fcnt++;
+ }
+ sepol_bool_set_value((sepol_bool_t*)boolean, active);
-+ rc = sepol_bool_set(access->handle,
-+ access->policydb,
++ rc = sepol_bool_set(avc->handle,
++ (sepol_policydb_t *) &avc->policydb,
+ key,
+ (sepol_bool_t*) boolean);
+ if (rc < 0) {
@@ -164,107 +222,292 @@
+ break;
+ }
+ }
++ sepol_bool_free(boolean);
+ sepol_bool_key_free(key);
-+ key=NULL;
++ key = NULL;
++ boolean = NULL;
+ }
+ if (key)
[...4318 lines suppressed...]
++ case SWIG_PY_BINARY:
++ obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
++ break;
++ default:
++ obj = 0;
++ break;
++ }
++ if (obj) {
++ PyDict_SetItemString(d, constants[i].name, obj);
++ Py_DECREF(obj);
++ }
++ }
++ }
++
++ /* -----------------------------------------------------------------------------*/
++ /* Fix SwigMethods to carry the callback ptrs when needed */
++ /* -----------------------------------------------------------------------------*/
++
++ SWIGINTERN void
++ SWIG_Python_FixMethods(PyMethodDef *methods,
++ swig_const_info *const_table,
++ swig_type_info **types,
++ swig_type_info **types_initial) {
++ size_t i;
++ for (i = 0; methods[i].ml_name; ++i) {
++ const char *c = methods[i].ml_doc;
++ if (c && (c = strstr(c, "swig_ptr: "))) {
++ int j;
++ swig_const_info *ci = 0;
++ const char *name = c + 10;
++ for (j = 0; const_table[j].type; ++j) {
++ if (strncmp(const_table[j].name, name,
++ strlen(const_table[j].name)) == 0) {
++ ci = &(const_table[j]);
++ break;
++ }
++ }
++ if (ci) {
++ size_t shift = (ci->ptype) - types;
++ swig_type_info *ty = types_initial[shift];
++ size_t ldoc = (c - methods[i].ml_doc);
++ size_t lptr = strlen(ty->name)+2*sizeof(void*)+2;
++ char *ndoc = (char*)malloc(ldoc + lptr + 10);
++ if (ndoc) {
++ char *buff = ndoc;
++ void *ptr = (ci->type == SWIG_PY_POINTER) ? ci->pvalue : 0;
++ if (ptr) {
++ strncpy(buff, methods[i].ml_doc, ldoc);
++ buff += ldoc;
++ strncpy(buff, "swig_ptr: ", 10);
++ buff += 10;
++ SWIG_PackVoidPtr(buff, ptr, ty->name, lptr);
++ methods[i].ml_doc = ndoc;
++ }
++ }
++ }
++ }
++ }
++ }
++
++#ifdef __cplusplus
++}
++#endif
++
++/* -----------------------------------------------------------------------------*
++ * Partial Init method
++ * -----------------------------------------------------------------------------*/
++
++#ifdef __cplusplus
++extern "C"
++#endif
++SWIGEXPORT void SWIG_init(void) {
++ PyObject *m, *d;
++
++ /* Fix SwigMethods to carry the callback ptrs when needed */
++ SWIG_Python_FixMethods(SwigMethods, swig_const_table, swig_types, swig_type_initial);
++
++ m = Py_InitModule((char *) SWIG_name, SwigMethods);
++ d = PyModule_GetDict(m);
++
++ SWIG_InitializeModule(0);
++ SWIG_InstallConstants(d,swig_const_table);
++
++
++ SWIG_Python_SetConstant(d, "BADSCON",SWIG_From_int((int)(-1)));
++ SWIG_Python_SetConstant(d, "BADTCON",SWIG_From_int((int)(-2)));
++ SWIG_Python_SetConstant(d, "BADTCLASS",SWIG_From_int((int)(-3)));
++ SWIG_Python_SetConstant(d, "BADPERM",SWIG_From_int((int)(-4)));
++ SWIG_Python_SetConstant(d, "BADCOMPUTE",SWIG_From_int((int)(-5)));
++ SWIG_Python_SetConstant(d, "NOPOLICY",SWIG_From_int((int)(-6)));
++ SWIG_Python_SetConstant(d, "ALLOWED",SWIG_From_int((int)(0)));
++ SWIG_Python_SetConstant(d, "TERULE",SWIG_From_int((int)(1)));
++ SWIG_Python_SetConstant(d, "BOOLEAN",SWIG_From_int((int)(2)));
++ SWIG_Python_SetConstant(d, "CONSTRAINT",SWIG_From_int((int)(3)));
++ SWIG_Python_SetConstant(d, "RBAC",SWIG_From_int((int)(4)));
++}
++
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/Makefile policycoreutils-2.0.34/audit2why/Makefile
+--- nsapolicycoreutils/audit2why/Makefile 2007-07-16 14:20:41.000000000 -0400
++++ policycoreutils-2.0.34/audit2why/Makefile 2008-01-05 07:59:15.000000000 -0500
+@@ -5,7 +5,18 @@
+ MANDIR ?= $(PREFIX)/share/man
+ LOCALEDIR ?= /usr/share/locale
+ INCLUDEDIR ?= ${PREFIX}/include
+-
++PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
++PYINC ?= /usr/include/$(PYLIBVER)
++PYLIB ?= /usr/lib/$(PYLIBVER)
++PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
++
++SWIGIF= audit2whyswig.i
++SWIGCOUT= audit2whyswig_wrap.c
++SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
++SWIGSO=_audit2why.so
++SWIGFILES=$(SWIGSO) audit2why.py
++SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
++GENERATED=$(SWIGCOUT)
+
+ CFLAGS ?= -Werror -Wall -W
+ override CFLAGS += -I$(INCLUDEDIR)
+@@ -15,14 +26,36 @@
+
+ all: $(TARGETS)
+
++pywrap: all $(SWIGSO)
++
++#audit2why.o: audit2why.c
++# $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
++
++$(SWIGLOBJ): $(SWIGCOUT)
++ $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
++
++$(SWIGSO): $(SWIGLOBJ) audit2why.o
++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< audit2why.o -L. $(LDLIBS) -Wl,-soname,$@
++
++$(SWIGCOUT): $(SWIGIF)
++ $(SWIG) $^
++
++swigify: $(SWIGIF)
++ $(SWIG) $^
++
+ install: all
+ -mkdir -p $(BINDIR)
+ install -m 755 $(TARGETS) $(BINDIR)
+ -mkdir -p $(MANDIR)/man8
+ install -m 644 audit2why.8 $(MANDIR)/man8/
+
++install-pywrap: pywrap
++ test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages
++ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages
++ install -m 644 audit2why.py $(PYTHONLIBDIR)/site-packages
++
+ clean:
+- -rm -f $(TARGETS) *.o
++ -rm -f $(TARGETS) *.o $(SWIGLOBJ) $(SWIGSO)
+
+ indent:
+ ../../scripts/Lindent $(wildcard *.[ch])
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.34/Makefile
--- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
+++ policycoreutils-2.0.34/Makefile 2007-12-19 06:06:04.000000000 -0500
@@ -447,7 +4664,7 @@
gettext.install('policycoreutils')
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.34/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2007-12-10 21:42:28.000000000 -0500
-+++ policycoreutils-2.0.34/scripts/fixfiles 2007-12-31 10:54:13.000000000 -0500
++++ policycoreutils-2.0.34/scripts/fixfiles 2008-01-08 08:50:11.000000000 -0500
@@ -126,17 +126,15 @@
done
exit $?
@@ -491,7 +4708,7 @@
usage() {
echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
echo or
-@@ -229,22 +241,15 @@
+@@ -229,22 +241,19 @@
shift 1
if [ ! -z "$RPMFILES" ]; then
@@ -501,11 +4718,15 @@
fi
else
- DIRS=$*
-+ while [ -n "$1" ]; do
-+ PATH=$1
-+ process $command
-+ shift
-+ done
++ if [ -z "$1" ]; then
++ process $command
++ else
++ while [ -n "$1" ]; do
++ PATH=$1
++ process $command
++ shift
++ done
++ fi
fi
-
-#
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.490
retrieving revision 1.491
diff -u -r1.490 -r1.491
--- policycoreutils.spec 31 Dec 2007 19:24:10 -0000 1.490
+++ policycoreutils.spec 8 Jan 2008 13:58:12 -0000 1.491
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.34
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -193,6 +193,9 @@
fi
%changelog
+* Tue Jan 8 2008 Dan Walsh <dwalsh at redhat.com> 2.0.34-6
+- Fix fixfiles to handle no args
+
* Mon Dec 31 2007 Dan Walsh <dwalsh at redhat.com> 2.0.34-5
- Fix roles output when creating a module
- Previous message (by thread): rpms/kdenetwork/devel .cvsignore, 1.43, 1.44 kdenetwork.spec, 1.121, 1.122 sources, 1.49, 1.50
- Next message (by thread): rpms/glib2/devel .cvsignore, 1.77, 1.78 glib2.spec, 1.149, 1.150 sources, 1.79, 1.80 desktopfiles.patch, 1.2, NONE glib-2.11.1-libdir.patch, 1.3, NONE glib-2.15.0-gtestutils.patch, 1.1, NONE ppc-cast.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list