From 60ad59cab91272bda1b2d4095981e04478d69d4a Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Dec 31 2007 16:26:02 +0000
Subject: * Mon Dec 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-4

- Handle files with spaces in fixfiles

---

diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 9470d88..dec2a99 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -72,8 +72,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 Binary files nsapolicycoreutils/audit2why/audit2why and policycoreutils-2.0.34/audit2why/audit2why differ
 diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.34/audit2why/audit2why.c
 --- nsapolicycoreutils/audit2why/audit2why.c	2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2why/audit2why.c	2007-12-20 11:04:10.000000000 -0500
-@@ -22,27 +22,151 @@
++++ policycoreutils-2.0.34/audit2why/audit2why.c	2007-12-31 11:12:23.000000000 -0500
+@@ -22,27 +22,146 @@
  	exit(rc);
  }
  
@@ -116,7 +116,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +	if (!foundlist) {
 +		fprintf(stderr,
 +			"Out of memory.\n");
-+		return -1;
++		return fcnt;
 +	}
 +	for (i=0; i < boolcnt; i++) {
 +		char *name = boollist[i]->name;
@@ -128,7 +128,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +		if (rc < 0) {
 +			fprintf(stderr,
 +				"Could not create boolean key.\n");
-+			rc = -1;
 +			break;
 +		}
 +		sepol_bool_set_value(boolean, !active);
@@ -140,7 +139,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +		if (rc < 0) {
 +			fprintf(stderr,
 +				"Could not set boolean data %s.\n", name);
-+			rc = -1;
 +			break;
 +		}
 +
@@ -149,13 +147,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +		if (rc < 0) {
 +			fprintf(stderr,
 +				"Error during access vector computation, skipping...\n");
-+			rc = -1;
 +			break;
 +		} else {
 +			if (!reason) {
 +				foundlist[fcnt] = i;
 +				fcnt++;
-+				rc = 0;
 +			}
 +			sepol_bool_set_value((sepol_bool_t*)boolean, active);
 +			rc = sepol_bool_set(access->handle,
@@ -165,7 +161,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +			if (rc < 0) {
 +				fprintf(stderr,
 +					"Could not set boolean data %s.\n", name);
-+				rc = -1;
 +				break;
 +			}
 +		}
@@ -187,7 +182,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +	}
 +
 +	free(foundlist);
-+	return rc;
++	return fcnt;
 +}
 +
 +
@@ -229,7 +224,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		case 'p':
  			set_path = 1;
  			strncpy(path, optarg, PATH_MAX);
-@@ -110,7 +234,6 @@
+@@ -110,7 +229,6 @@
  	}
  	fclose(fp);
  	sepol_set_policydb(&policydb);
@@ -237,7 +232,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  	if (!set_path) {
  		/* If they didn't specify a full path of a binary policy file,
  		   then also try loading any boolean settings and user
-@@ -125,6 +248,30 @@
+@@ -125,6 +243,30 @@
  		(void)sepol_genusers_policydb(&policydb, selinux_users_path());
  	}
  
@@ -268,7 +263,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  	/* Initialize the sidtab for subsequent use by sepol_context_to_sid
  	   and sepol_compute_av_reason. */
  	rc = sepol_sidtab_init(&sidtab);
-@@ -135,8 +282,10 @@
+@@ -135,8 +277,10 @@
  	sepol_set_sidtab(&sidtab);
  
  	/* Process the audit messages. */
@@ -280,7 +275,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  
  		if (buffer[len2 - 1] == '\n')
  			buffer[len2 - 1] = 0;
-@@ -179,6 +328,7 @@
+@@ -179,6 +323,7 @@
  		}
  		*p++ = 0;
  
@@ -288,7 +283,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		/* Get scontext and convert to SID. */
  		while (*p && strncmp(p, SCONTEXT, sizeof(SCONTEXT) - 1))
  			p++;
-@@ -188,11 +338,14 @@
+@@ -188,11 +333,14 @@
  			continue;
  		}
  		p += sizeof(SCONTEXT) - 1;
@@ -306,7 +301,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid);
  		if (rc < 0) {
  			fprintf(stderr,
-@@ -201,6 +354,10 @@
+@@ -201,6 +349,10 @@
  			continue;
  		}
  
@@ -317,7 +312,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		/* Get tcontext and convert to SID. */
  		while (*p && strncmp(p, TCONTEXT, sizeof(TCONTEXT) - 1))
  			p++;
-@@ -210,11 +367,15 @@
+@@ -210,11 +362,15 @@
  			continue;
  		}
  		p += sizeof(TCONTEXT) - 1;
@@ -336,7 +331,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
  		if (rc < 0) {
  			fprintf(stderr,
-@@ -222,6 +383,9 @@
+@@ -222,6 +378,9 @@
  				TCONTEXT, tcon, lineno);
  			continue;
  		}
@@ -346,7 +341,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  
  		/* Get tclass= and convert to value. */
  		while (*p && strncmp(p, TCLASS, sizeof(TCLASS) - 1))
-@@ -232,12 +396,17 @@
+@@ -232,12 +391,17 @@
  			continue;
  		}
  		p += sizeof(TCLASS) - 1;
@@ -367,7 +362,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		if (!tclass) {
  			fprintf(stderr,
  				"Invalid %s%s on line %u, skipping...\n",
-@@ -286,11 +455,16 @@
+@@ -286,11 +450,16 @@
  		}
  
  		if (reason & SEPOL_COMPUTEAV_TE) {
@@ -381,7 +376,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
 +			access.tclass = tclass;
 +			access.av = av;
 +			
-+			if (check_booleans(&access) < 0) {
++			if (check_booleans(&access) == 0) {
 +				printf("\t\tMissing or disabled TE allow rule.\n");
 +				printf
 +					("\t\tYou can see the necessary allow rules by running audit2allow with this audit message as input.\n");
@@ -389,7 +384,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  		}
  
  		if (reason & SEPOL_COMPUTEAV_CONS) {
-@@ -309,5 +483,8 @@
+@@ -309,5 +478,8 @@
  	}
  	free(buffer);
  	free(bufcopy);
@@ -450,6 +445,82 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
  
  try:
      gettext.install('policycoreutils')
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.34/scripts/fixfiles
+--- nsapolicycoreutils/scripts/fixfiles	2007-12-10 21:42:28.000000000 -0500
++++ policycoreutils-2.0.34/scripts/fixfiles	2007-12-31 10:54:13.000000000 -0500
+@@ -126,17 +126,15 @@
+     done
+     exit $?
+ fi
+-if [ ! -z "$DIRS" ]; then
++if [ ! -z "$PATH" ]; then
+     if [ -x /usr/bin/find ]; then
+-	for d in ${DIRS} ; do find $d \
++	/usr/bin/find "$PATH" \
+ 	    ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune  -o -print | \
+ 	    ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE
+-	done
+     else
+-	${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $DIRS 2>&1 >> $LOGFILE
++	${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $PATH 2>&1 >> $LOGFILE
+     fi
+-
+-    exit $?
++    return
+ fi
+ LogReadOnly
+ ${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+@@ -173,6 +171,20 @@
+     fi
+ }
+ 
++process() {
++#
++# Make sure they specified one of the three valid commands
++#
++case "$1" in
++    restore) restore -p ;;
++    check) restore -n -v;;
++    verify) restore -n -o -;;
++    relabel) relabel;;
++    *)
++    usage
++    exit 1
++esac
++}
+ usage() {
+       	echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
+ 	echo or
+@@ -229,22 +241,15 @@
+ 
+ shift 1
+ if [ ! -z "$RPMFILES" ]; then
++    process $command
+     if [ $# -gt 0 ]; then
+ 	    usage
+     fi
+ else
+-    DIRS=$*
++    while [ -n "$1" ]; do 
++	PATH=$1
++	process $command 
++	shift
++    done
+ fi
+-
+-#
+-# Make sure they specified one of the three valid commands
+-#
+-case "$command" in
+-    restore) restore -p ;;
+-    check) restore -n -v ;;
+-    verify) restore -n -o -;;
+-    relabel) relabel;;
+-    *)
+-    usage
+-    exit 1
+-esac
++exit $?
 diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.34/semanage/semanage
 --- nsapolicycoreutils/semanage/semanage	2007-10-05 13:09:53.000000000 -0400
 +++ policycoreutils-2.0.34/semanage/semanage	2007-12-19 06:05:50.000000000 -0500
diff --git a/policycoreutils.spec b/policycoreutils.spec
index e168af1..d695409 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.34
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -193,6 +193,9 @@ if [ "$1" -ge "1" ]; then
 fi
 
 %changelog
+* Mon Dec 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-4
+- Handle files with spaces in fixfiles
+
 * Fri Dec 21 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-3
 - Catch SELINUX_ERR with audit2allow and generate policy