From e0a30a3da469bf69218967b75bd98b04a4c1ec94 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jan 24 2005 20:46:24 +0000
Subject: - rpmexeccon should not fail in permissive mode.


---

diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index db38870..f1d4d54 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -10,3 +10,18 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/utils/avcstat.c libselinux-1.
  }
  
  static void set_window_rows(void)
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/rpm.c libselinux-1.21.1/src/rpm.c
+--- nsalibselinux/src/rpm.c	2004-11-09 09:13:54.000000000 -0500
++++ libselinux-1.21.1/src/rpm.c	2005-01-24 15:24:33.000000000 -0500
+@@ -41,8 +41,10 @@
+ 	rc = setexeccon(newcon);
+ 	if (rc < 0) 
+ 		goto out;
+-	rc = execve(filename, argv, envp);
+ out:
++	if ( ( rc == 0 ) || 
++	     (security_getenforce() == 0 ))
++	  rc = execve(filename, argv, envp);
+ 	context_free(con);
+ 	freecon(newcon);
+ 	freecon(fcon);
diff --git a/libselinux.spec b/libselinux.spec
index 3aa0419..f7a6764 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -1,7 +1,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.21.1
-Release: 2
+Release: 3
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -86,9 +86,11 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*
 
 %changelog
+* Mon Jan 24 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3
+- rpmexeccon should not fail in permissive mode.
+
 * Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-2
 - fix printf in avcstat
-
 * Thu Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-1
 - Update from NSA