rpms/policycoreutils/devel policycoreutils-rhat.patch,1.370,1.371
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Jul 1 13:45:08 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27541
Modified Files:
policycoreutils-rhat.patch
Log Message:
Updated seobject.py
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.370
retrieving revision 1.371
diff -u -r1.370 -r1.371
--- policycoreutils-rhat.patch 30 Jun 2008 20:51:23 -0000 1.370
+++ policycoreutils-rhat.patch 1 Jul 2008 13:44:20 -0000 1.371
@@ -1,15 +1,15 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.49/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.50/Makefile
--- nsapolicycoreutils/Makefile 2008-06-12 23:25:24.000000000 -0400
-+++ policycoreutils-2.0.49/Makefile 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/Makefile 2008-07-01 09:43:28.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.49/restorecond/restorecond.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.50/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/restorecond/restorecond.c 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/restorecond/restorecond.c 2008-07-01 09:43:28.000000000 -0400
@@ -210,9 +210,10 @@
}
@@ -36,9 +36,9 @@
}
free(scontext);
close(fd);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.49/restorecond/restorecond.init
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.50/restorecond/restorecond.init
--- nsapolicycoreutils/restorecond/restorecond.init 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/restorecond/restorecond.init 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/restorecond/restorecond.init 2008-07-01 09:43:28.000000000 -0400
@@ -2,7 +2,7 @@
#
# restorecond: Daemon used to maintain path file context
@@ -48,9 +48,9 @@
# description: restorecond uses inotify to look for creation of new files \
# listed in the /etc/selinux/restorecond.conf file, and restores the \
# correct security context.
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.49/scripts/fixfiles
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.50/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/scripts/fixfiles 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/scripts/fixfiles 2008-07-01 09:43:28.000000000 -0400
@@ -138,6 +138,9 @@
fi
LogReadOnly
@@ -80,9 +80,9 @@
}
if [ $# = 0 ]; then
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.49/scripts/fixfiles.8
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.50/scripts/fixfiles.8
--- nsapolicycoreutils/scripts/fixfiles.8 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/scripts/fixfiles.8 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/scripts/fixfiles.8 2008-07-01 09:43:28.000000000 -0400
@@ -7,6 +7,8 @@
.B fixfiles [-F] [-l logfile ] [-o outputfile ] { check | restore|[-f] relabel | verify } [[dir/file] ... ]
@@ -102,9 +102,9 @@
.SH "OPTIONS"
.TP
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.49/semanage/semanage
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.50/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/semanage/semanage 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/semanage/semanage 2008-07-01 09:43:28.000000000 -0400
@@ -43,49 +43,52 @@
if __name__ == '__main__':
@@ -230,9 +230,9 @@
sys.exit(0);
if modify:
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.49/semanage/semanage.8
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.50/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/semanage/semanage.8 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/semanage/semanage.8 2008-07-01 09:43:28.000000000 -0400
@@ -17,6 +17,8 @@
.br
.B semanage fcontext \-{a|d|m} [\-frst] file_spec
@@ -255,9 +255,9 @@
Russell Coker <rcoker at redhat.com>.
Examples by Thomas Bleher <ThomasBleher at gmx.de>.
-
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.49/semanage/seobject.py
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.50/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.49/semanage/seobject.py 2008-06-27 07:21:06.000000000 -0400
++++ policycoreutils-2.0.50/semanage/seobject.py 2008-07-01 09:43:52.000000000 -0400
@@ -1,5 +1,5 @@
#! /usr/bin/python -E
-# Copyright (C) 2005, 2006, 2007 Red Hat
@@ -275,7 +275,7 @@
import gettext
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
-@@ -246,7 +248,67 @@
+@@ -246,7 +248,98 @@
os.close(fd)
os.rename(newfilename, self.filename)
os.system("/sbin/service mcstrans reload > /dev/null")
@@ -284,6 +284,28 @@
+class permissiveRecords:
+ def __init__(self, store):
+ self.store = store
++ self.sh = semanage_handle_create()
++ if not self.sh:
++ raise ValueError(_("Could not create semanage handle"))
++
++ if store != "":
++ semanage_select_store(self.sh, store, SEMANAGE_CON_DIRECT);
++
++ self.semanaged = semanage_is_managed(self.sh)
++
++ if not self.semanaged:
++ semanage_handle_destroy(self.sh)
++ raise ValueError(_("SELinux policy is not managed or store cannot be accessed."))
++
++ rc = semanage_access_check(self.sh)
++ if rc < SEMANAGE_CAN_READ:
++ semanage_handle_destroy(self.sh)
++ raise ValueError(_("Cannot read policy store."))
++
++ rc = semanage_connect(self.sh)
++ if rc < 0:
++ semanage_handle_destroy(self.sh)
++ raise ValueError(_("Could not establish semanage connection"))
+
+ def get_all(self):
+ rc, out = commands.getstatusoutput("semodule -l | grep ^permissive");
@@ -319,8 +341,15 @@
+ fd.close()
+ mc = module.ModuleCompiler()
+ mc.create_module_package(filename, 1)
-+ rc, out = commands.getstatusoutput("semodule -i permissive_%s.pp" % type);
-+ for root, dirs, files in os.walk("top", topdown=False):
++ fd = open("permissive_%s.pp" % type)
++ data = fd.read()
++ fd.close()
++
++ rc = semanage_module_install(self.sh, data, len(data));
++ rc = semanage_commit(self.sh)
++ if rc < 0:
++ raise ValueError(_("Could not set permissive domain %s") % name)
++ for root, dirs, files in os.walk("tmp", topdown=False):
+ for name in files:
+ os.remove(os.path.join(root, name))
+ for name in dirs:
@@ -331,9 +360,11 @@
+
+
+ def delete(self, name):
-+ rc, out = commands.getstatusoutput("semodule -r permissive_%s" % name );
-+ if rc != 0:
-+ raise ValueError(out)
++ for i in name.split
++ rc = semanage_module_remove(self.sh, "permissive_%s" % name)
++ rc = semanage_commit(self.sh)
++ if rc < 0:
++ raise ValueError(_("Could not remove permissive domain %s") % name)
+
+ def deleteall(self):
+ l = self.get_all()
@@ -344,7 +375,7 @@
class semanageRecords:
def __init__(self, store):
self.sh = semanage_handle_create()
-@@ -464,7 +526,7 @@
+@@ -464,7 +557,7 @@
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
More information about the fedora-extras-commits
mailing list