From 16464c8a3774c6d4899cfe14953824672e990330 Mon Sep 17 00:00:00 2001 From: Jan F Date: Sep 13 2010 11:42:47 +0000 Subject: - Tweaking selabel patch to work properly without selinux rules loaded. (#632914) --- diff --git a/openssh-5.3p1-selabel.patch b/openssh-5.3p1-selabel.patch index 6e5d6bd..29e2984 100644 --- a/openssh-5.3p1-selabel.patch +++ b/openssh-5.3p1-selabel.patch @@ -33,7 +33,7 @@ diff -up openssh-5.3p1/ssh.c.selabel openssh-5.3p1/ssh.c #include "openbsd-compat/openssl-compat.h" #include "openbsd-compat/sys-queue.h" -@@ -792,10 +793,15 @@ main(int ac, char **av) +@@ -792,10 +793,17 @@ main(int ac, char **av) */ r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); @@ -41,8 +41,10 @@ diff -up openssh-5.3p1/ssh.c.selabel openssh-5.3p1/ssh.c + if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { + char *scon; + -+ matchpathcon(buf, 0700, &scon); -+ setfscreatecon(scon); ++ if (matchpathcon(buf, 0700, &scon) != -1) { ++ setfscreatecon(scon); ++ matchpathcon_fini(); ++ } if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); - diff --git a/openssh.spec b/openssh.spec index 8a5273e..5efdd75 100644 --- a/openssh.spec +++ b/openssh.spec @@ -70,7 +70,7 @@ %endif # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 -%define openssh_rel 19 +%define openssh_rel 20 %define openssh_ver 5.5p1 %define pam_ssh_agent_rel 26 %define pam_ssh_agent_ver 0.9.2 @@ -588,6 +588,9 @@ fi %endif %changelog +* Mon Sep 13 2010 Jan F. Chadima - 5.5p1-20 + 0.9.2-26 +- Tweaking selabel patch to work properly without selinux rules loaded. (#632914) + * Fri Sep 3 2010 Jan F. Chadima - 5.5p1-19 + 0.9.2-26 - Added -z relro -z now to LDFLAGS