rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.453, 1.454 policycoreutils.spec, 1.657, 1.658
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Nov 11 21:56:25 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26785
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Wed Nov 11 2009 Dan Walsh <dwalsh at redhat.com> 2.0.75-2
- Fix sandbox to setsid so it can run under mozilla without crashing the session
policycoreutils-rhat.patch:
Makefile | 2
audit2allow/audit2allow | 14
load_policy/Makefile | 5
restorecond/Makefile | 24 +
restorecond/org.selinux.Restorecond.service | 3
restorecond/restorecond.8 | 15
restorecond/restorecond.c | 427 ++++---------------------
restorecond/restorecond.conf | 5
restorecond/restorecond.desktop | 7
restorecond/restorecond.h | 18 -
restorecond/restorecond.init | 5
restorecond/restorecond_user.conf | 2
restorecond/user.c | 237 ++++++++++++++
restorecond/watch.c | 253 +++++++++++++++
sandbox/Makefile | 31 +
sandbox/deliverables/README | 32 +
sandbox/deliverables/basicwrapper | 4
sandbox/deliverables/run-in-sandbox.py | 49 ++
sandbox/deliverables/sandbox | 216 ++++++++++++
sandbox/sandbox | 242 ++++++++++++++
sandbox/sandbox.8 | 26 +
sandbox/sandboxX.sh | 16
sandbox/seunshare |binary
sandbox/seunshare.c | 265 +++++++++++++++
sandbox/seunshare.o |binary
scripts/Makefile | 2
scripts/chcat | 2
scripts/fixfiles | 28 -
scripts/fixfiles.8 | 17 -
semanage/semanage | 136 +++++---
semanage/seobject.py | 467 ++++++++++++++++++----------
semodule/semodule.8 | 6
semodule/semodule.c | 53 ++-
setfiles/restore.c | 6
setfiles/restorecon.8 | 7
setfiles/setfiles.8 | 3
setfiles/setfiles.c | 6
37 files changed, 2031 insertions(+), 600 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.453
retrieving revision 1.454
diff -u -p -r1.453 -r1.454
--- policycoreutils-rhat.patch 9 Nov 2009 21:12:58 -0000 1.453
+++ policycoreutils-rhat.patch 11 Nov 2009 21:56:23 -0000 1.454
@@ -1875,27 +1875,28 @@ diff --exclude-from=exclude --exclude=se
+.PP
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.75/sandbox/sandboxX.sh
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.75/sandbox/sandboxX.sh 2009-11-03 09:44:56.000000000 -0500
++++ policycoreutils-2.0.75/sandbox/sandboxX.sh 2009-11-11 16:02:16.000000000 -0500
@@ -0,0 +1,16 @@
+#!/bin/bash
+export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`"
+export SCREEN=`/usr/bin/xdpyinfo -display $DISPLAY | /bin/awk '/dimensions/ { print $2 }'`
+
+(/usr/bin/Xephyr -title "$TITLE" -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do
-+export DISPLAY=:$D
-+/usr/bin/matchbox-window-manager -use_titlebar no &
-+WM_PID=$!
-+~/.sandboxrc &
-+CLIENT_PID=$!
-+wait $CLIENT_PID
-+export EXITCODE=$?
-+kill -TERM $WM_PID
-+kill -HUP 0
-+break
++ export DISPLAY=:$D
++ /usr/bin/matchbox-window-manager -use_titlebar no &
++ WM_PID=$!
++ ~/.sandboxrc &
++ CLIENT_PID=$!
++ wait $CLIENT_PID
++ export EXITCODE=$?
++ kill -TERM $WM_PID
++ kill -HUP 0
++ break
+done
+Binary files nsapolicycoreutils/sandbox/seunshare and policycoreutils-2.0.75/sandbox/seunshare differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.75/sandbox/seunshare.c
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.75/sandbox/seunshare.c 2009-11-03 09:44:56.000000000 -0500
++++ policycoreutils-2.0.75/sandbox/seunshare.c 2009-11-11 16:00:27.000000000 -0500
@@ -0,0 +1,265 @@
+#include <signal.h>
+#include <sys/types.h>
@@ -2151,7 +2152,7 @@ diff --exclude-from=exclude --exclude=se
+ perror("Failed to change dir to homedir");
+ exit(-1);
+ }
-+
++ setsid();
+ execv(argv[optind], argv + optind);
+ free(display);
+ perror("execv");
@@ -2162,6 +2163,7 @@ diff --exclude-from=exclude --exclude=se
+
+ return status;
+}
+Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.75/sandbox/seunshare.o differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.75/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2009-06-23 15:36:07.000000000 -0400
+++ policycoreutils-2.0.75/scripts/chcat 2009-11-03 09:44:56.000000000 -0500
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.657
retrieving revision 1.658
diff -u -p -r1.657 -r1.658
--- policycoreutils.spec 9 Nov 2009 21:12:59 -0000 1.657
+++ policycoreutils.spec 11 Nov 2009 21:56:25 -0000 1.658
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.75
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -296,6 +296,9 @@ fi
exit 0
%changelog
+* Wed Nov 11 2009 Dan Walsh <dwalsh at redhat.com> 2.0.75-2
+- Fix sandbox to setsid so it can run under mozilla without crashing the session
+
* Tue Nov 2 2009 Dan Walsh <dwalsh at redhat.com> 2.0.75-1
- Update to upstream
* Factor out restoring logic from setfiles.c into restore.c
More information about the fedora-extras-commits
mailing list