From fce031b62039be240d35997d0e9e2265ca10cbe6 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Feb 11 2010 21:56:38 +0000 Subject: * Thu Feb 11 2010 Dan Walsh 2.0.78-21 - Fix display of command in sandbox --- diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index a155c34..fb658ed 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1713,8 +1713,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po +relabel: diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.78/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.78/sandbox/sandbox 2010-02-11 13:22:58.000000000 -0500 -@@ -0,0 +1,359 @@ ++++ policycoreutils-2.0.78/sandbox/sandbox 2010-02-11 16:54:12.000000000 -0500 +@@ -0,0 +1,360 @@ +#! /usr/bin/python -E +# Authors: Dan Walsh +# Authors: Josh Cogliati @@ -1882,7 +1882,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + fd.write(""" +#!/bin/sh +#TITLE: %s -+/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap +%s +""" % (command, command)) + fd.close() @@ -1897,7 +1896,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + + def usage(message = ""): + text = _(""" -+sandbox [-h] [-[X|M] [-S] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command ++sandbox [-h] [-[X|M] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command ++sandbox [-h] [-[X|M] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] -S +""") + error_exit("%s\n%s" % (message, text)) + @@ -1957,16 +1957,17 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + newhomedir = a + if o == "-T" or o == "--tmpdir": + existing_temp = True -+ newtempdir = a ++ newtmpdir = a + if o == "-h" or o == "--help": + usage(_("Usage")); + + if o == "-S" or o == "--session": + session = True + homedir=pwd.getpwuid(os.getuid()).pw_dir -+ ++ if setype in (DEFAULT_TYPE, DEFAULT_X_TYPE): ++ setype = selinux.getcon()[1].split(":")[2] + -+ if len(cmds) == 0: ++ if len(cmds) == 0 and not session: + usage(_("Command required")) + + if (existing_home or existing_temp) and not home_and_temp: @@ -1974,7 +1975,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + execcon, filecon = gen_context(setype, level) + rc = -1 + -+ if cmds[0][0] != "/" and cmds[0][:2] != "./" and cmds[0][:3] != "../": ++ if not session and cmds[0][0] != "/" and cmds[0][:2] != "./" and cmds[0][:3] != "../": + for i in os.environ["PATH"].split(':'): + f = "%s/%s" % (i, cmds[0]) + if os.access(f, os.X_OK): @@ -2003,8 +2004,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + rc = os.spawnvp(os.P_WAIT, chcon[0], chcon) + + if existing_temp: -+ if not os.path.isdir(newtempdir): -+ raise IOError("Temp directory "+newtempdir+" not found") ++ if not os.path.isdir(newtmpdir): ++ raise IOError("Temp directory "+newtmpdir+" not found") + if not level and not session: + chcon = ("/usr/bin/chcon -R %s %s" % (filecon, newtmpdir)).split() + rc = os.spawnvp(os.P_WAIT, chcon[0], chcon) @@ -2034,7 +2035,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + + execfile = newhomedir + "/.sandboxrc" + if session: -+ setup_session(execfile, " ".join(paths)) ++ setup_session(execfile) + else: + setup_executable(execfile, " ".join(paths)) +