From 921b30fbce718c477858e83c4637435d554d7f28 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@fedoraproject.org>
Date: Jan 22 2009 15:48:17 +0000
Subject: - Open log files for append to make selinux lock down easier


---

diff --git a/gdm-2.25.2-append-logs.patch b/gdm-2.25.2-append-logs.patch
new file mode 100644
index 0000000..808ca17
--- /dev/null
+++ b/gdm-2.25.2-append-logs.patch
@@ -0,0 +1,36 @@
+diff -up gdm-2.25.2/daemon/gdm-server.c.append-logs gdm-2.25.2/daemon/gdm-server.c
+--- gdm-2.25.2/daemon/gdm-server.c.append-logs	2009-01-22 10:42:10.043245824 -0500
++++ gdm-2.25.2/daemon/gdm-server.c	2009-01-22 10:42:30.770530113 -0500
+@@ -421,7 +421,7 @@ server_child_setup (GdmServer *server)
+         g_debug ("GdmServer: Opening logfile for server %s", log_path);
+ 
+         VE_IGNORE_EINTR (g_unlink (log_path));
+-        VE_IGNORE_EINTR (logfd = open (log_path, O_CREAT|O_TRUNC|O_WRONLY|O_EXCL, 0644));
++        VE_IGNORE_EINTR (logfd = open (log_path, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0644));
+ 
+         g_free (log_path);
+ 
+diff -up gdm-2.25.2/daemon/gdm-slave-proxy.c.append-logs gdm-2.25.2/daemon/gdm-slave-proxy.c
+--- gdm-2.25.2/daemon/gdm-slave-proxy.c.append-logs	2009-01-22 10:44:33.915495761 -0500
++++ gdm-2.25.2/daemon/gdm-slave-proxy.c	2009-01-22 10:44:41.753495939 -0500
+@@ -139,7 +139,7 @@ spawn_child_setup (SpawnChildData *data)
+                 rotate_logs (data->log_file, MAX_LOGS);
+ 
+                 VE_IGNORE_EINTR (g_unlink (data->log_file));
+-                VE_IGNORE_EINTR (logfd = open (data->log_file, O_CREAT|O_TRUNC|O_WRONLY|O_EXCL, 0644));
++                VE_IGNORE_EINTR (logfd = open (data->log_file, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0644));
+ 
+                 if (logfd != -1) {
+                         VE_IGNORE_EINTR (dup2 (logfd, 1));
+diff -up gdm-2.25.2/daemon/gdm-welcome-session.c.append-logs gdm-2.25.2/daemon/gdm-welcome-session.c
+--- gdm-2.25.2/daemon/gdm-welcome-session.c.append-logs	2009-01-22 10:44:05.300495464 -0500
++++ gdm-2.25.2/daemon/gdm-welcome-session.c	2009-01-22 10:44:14.903494653 -0500
+@@ -482,7 +482,7 @@ spawn_child_setup (SpawnChildData *data)
+                 rotate_logs (data->log_file, MAX_LOGS);
+ 
+                 VE_IGNORE_EINTR (g_unlink (data->log_file));
+-                VE_IGNORE_EINTR (logfd = open (data->log_file, O_CREAT|O_TRUNC|O_WRONLY|O_EXCL, 0644));
++                VE_IGNORE_EINTR (logfd = open (data->log_file, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0644));
+ 
+                 if (logfd != -1) {
+                         VE_IGNORE_EINTR (dup2 (logfd, 1));
diff --git a/gdm.spec b/gdm.spec
index e347284..a2b7b61 100644
--- a/gdm.spec
+++ b/gdm.spec
@@ -16,7 +16,7 @@
 Summary: The GNOME Display Manager
 Name: gdm
 Version: 2.25.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 1
 License: GPLv2+
 Group: User Interface/X
@@ -81,6 +81,7 @@ BuildRequires: libxklavier-devel
 Requires: audit-libs >= %{libauditver}
 Patch2: gdm-2.24.0-force-active-vt.patch
 Patch3: gdm-2.23.92-save-root-window.patch
+Patch4: gdm-2.25.2-append-logs.patch
 
 # uses /etc/sysconfig/keyboard and is thus not directly upstreamable
 # should probably be changed to get the system layout from the X server
@@ -108,6 +109,7 @@ multiple simulanteous logged in users.
 %setup -q
 %patch2 -p1 -b .force-active-vt
 %patch3 -p1 -b .save-root-window
+%patch4 -p1 -b .append-logs
 %patch13 -p1 -b .system-keyboard
 
 %patch99 -p1 -b .fedora-logo
@@ -324,6 +326,9 @@ fi
 %{_datadir}/gnome-2.0/ui/GNOME_FastUserSwitchApplet.xml
 
 %changelog
+* Thu Jan 22 2009 Ray Strode <rstrode@redhat.com> - 1:2.25.2-3
+- Open log files for append to make selinux lock down easier
+
 * Wed Dec 17 2008 Matthias Clasen  <mclasen@redhat.com> - 1:2.25.2-2
 - Update to 2.25.2
 - Drop the xkb groups workaround to see if the issue disappeared