diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index d5c3964..16c7242 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.83/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/booleansPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/booleansPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,247 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -251,7 +251,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.83/gui/domainsPage.py --- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/domainsPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/domainsPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,154 @@ +## domainsPage.py - show selinux domains +## Copyright (C) 2009 Red Hat, Inc. @@ -409,7 +409,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic + self.error(e.args[0]) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.83/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-08-23 11:16:44.000000000 -0400 ++++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,223 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -636,7 +636,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli + self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.83/gui/html_util.py --- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/html_util.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/html_util.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,164 @@ +# Authors: John Dennis +# @@ -804,7 +804,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.83/gui/lockdown.glade --- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.glade 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/lockdown.glade 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,771 @@ + + @@ -1579,7 +1579,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.83/gui/lockdown.gladep --- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -1590,7 +1590,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.83/gui/lockdown.py --- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/lockdown.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,382 @@ +#!/usr/bin/python -Es +# @@ -1976,7 +1976,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.83/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/loginsPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/loginsPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,185 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2165,7 +2165,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.83/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/Makefile 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/Makefile 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,40 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -2209,7 +2209,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +relabel: diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.83/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,56 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2269,7 +2269,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.83/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/modulesPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/modulesPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,190 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -2463,7 +2463,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic + self.error(e.args[0]) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.83/gui/polgen.glade --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.glade 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/polgen.glade 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,3305 @@ + + @@ -5772,7 +5772,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.83/gui/polgen.gladep --- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.gladep 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/polgen.gladep 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -5783,7 +5783,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgengui.py 2010-09-10 11:45:24.000000000 -0400 ++++ policycoreutils-2.0.83/gui/polgengui.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,657 @@ +#!/usr/bin/python -Es +# @@ -6444,8 +6444,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.py 2010-09-10 11:45:43.000000000 -0400 -@@ -0,0 +1,1318 @@ ++++ policycoreutils-2.0.83/gui/polgen.py 2010-10-29 09:54:44.000000000 -0400 +@@ -0,0 +1,1311 @@ +#!/usr/bin/python -Es +# +# Copyright (C) 2007-2010 Red Hat @@ -6548,9 +6548,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + types=get_all_types() + types.sort() + for i in types: -+ m = re.findall("(.*)%s" % "_exec$", i) ++ m = re.findall("(.*)%s" % "_exec_t$", i) + if len(m) > 0: -+ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0: ++ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0 and m[0] not in all_domains: + all_domains.append(m[0]) + return all_domains + @@ -6703,6 +6703,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.symbols["fsetid"] = "add_capability('fsetid')" + self.symbols["kill"] = "add_capability('kill')" + self.symbols["setgid"] = "add_capability('setgid')" ++ self.symbols["setresuid"] = "add_capability('setuid')" + self.symbols["setuid"] = "add_capability('setuid')" + self.symbols["setpcap"] = "add_capability('setpcap')" + self.symbols["linux_immutable"] = "add_capability('linux_immutable')" @@ -6714,9 +6715,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.symbols["ipc_owner"] = "add_capability('ipc_owner')" + self.symbols["sys_module"] = "add_capability('sys_module')" + self.symbols["sys_rawio"] = "add_capability('sys_rawio')" ++ self.symbols["chroot"] = "add_capability('sys_chroot')" + self.symbols["sys_chroot"] = "add_capability('sys_chroot')" + self.symbols["sys_ptrace"] = "add_capability('sys_ptrace')" + self.symbols["sys_pacct"] = "add_capability('sys_pacct')" ++ self.symbols["mount"] = "add_capability('sys_admin')" ++ self.symbols["unshare"] = "add_capability('sys_admin')" + self.symbols["sys_admin"] = "add_capability('sys_admin')" + self.symbols["sys_boot"] = "add_capability('sys_boot')" + self.symbols["sys_nice"] = "add_capability('sys_nice')" @@ -6840,13 +6844,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + + def set_program(self, program): + if self.type not in APPLICATIONS: -+ raise ValueError(_("USER Types are not allowed executables")) ++ raise ValueError(_("User Role types can not be assigned executables.")) + + self.program = program + + def set_init_script(self, initscript): + if self.type != DAEMON: -+ raise ValueError(_("Only DAEMON apps can use an init script")) ++ raise ValueError(_("Only Daemon apps can use an init script..")) + + self.initscript = initscript + @@ -7740,17 +7744,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + if len(cmds) == 0: + usage(_("Executable or Name required")) + -+ if not name: -+ name = os.path.basename(cmds[0]).replace("-","_") -+ cmd = cmds[0] -+ mypolicy = policy(name, setype) -+ mypolicy.set_program(cmd) -+ if setype in APPLICATIONS: -+ mypolicy.gen_writeable() -+ mypolicy.gen_symbols() -+ print mypolicy.generate() -+ sys.exit(0) -+ + try: + if not name: + name = os.path.basename(cmds[0]).replace("-","_") @@ -7766,7 +7759,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + usage(e) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.83/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/portsPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/portsPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,259 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8029,7 +8022,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.83/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/selinux.tbl 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/selinux.tbl 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,234 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /") @@ -8267,7 +8260,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.83/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/semanagePage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/semanagePage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,168 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8439,7 +8432,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.83/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/statusPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/statusPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,190 @@ +# statusPage.py - show selinux status +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -8633,7 +8626,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.83/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,3024 @@ + + @@ -11661,7 +11654,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.83/gui/system-config-selinux.gladep --- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -11672,7 +11665,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.83/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,187 @@ +#!/usr/bin/python -Es +# @@ -11863,7 +11856,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.83/gui/templates/boolean.py --- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,40 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -11907,7 +11900,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.83/gui/templates/etc_rw.py --- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,113 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12024,7 +12017,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.83/gui/templates/executable.py --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/executable.py 2010-08-05 10:24:24.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/executable.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,393 @@ +# Copyright (C) 2007-2009 Red Hat +# see file 'COPYING' for use and warranty information @@ -12421,7 +12414,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.83/gui/templates/__init__.py --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,18 @@ +# +# Copyright (C) 2007 Red Hat, Inc. @@ -12443,7 +12436,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.83/gui/templates/network.py --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/network.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/network.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,80 @@ +te_port_types=""" +type TEMPLATETYPE_port_t; @@ -12527,7 +12520,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.83/gui/templates/polgen.py --- nsapolicycoreutils/gui/templates/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-08-05 10:24:53.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,1303 @@ +#!/usr/bin/python -Es +# @@ -12623,9 +12616,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py + types=get_all_types() + types.sort() + for i in types: -+ m = re.findall("(.*)%s" % "_exec$", i) ++ m = re.findall("(.*)%s" % "_exec_t$", i) + if len(m) > 0: -+ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0: ++ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0 and m[0] not in all_domains: + all_domains.append(m[0]) + return all_domains + @@ -13834,7 +13827,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py + usage(e) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.83/gui/templates/rw.py --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/rw.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/rw.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,131 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13969,7 +13962,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.83/gui/templates/script.py --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/script.py 2010-09-09 07:02:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/script.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,126 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14099,7 +14092,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.83/gui/templates/semodule.py --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,41 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14144,7 +14137,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.83/gui/templates/tmp.py --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,102 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14250,7 +14243,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/user.py 2010-08-05 17:40:01.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/user.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,205 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14459,7 +14452,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.83/gui/templates/var_cache.py --- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-08-05 10:24:10.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,133 @@ +# Copyright (C) 2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14596,7 +14589,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache. +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.83/gui/templates/var_lib.py --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,161 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14761,7 +14754,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.83/gui/templates/var_log.py --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,116 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14881,7 +14874,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.83/gui/templates/var_run.py --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,101 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14986,7 +14979,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.83/gui/templates/var_spool.py --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,133 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -15123,7 +15116,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.83/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/usersPage.py 2010-07-30 13:50:41.000000000 -0400 ++++ policycoreutils-2.0.83/gui/usersPage.py 2010-10-29 09:54:44.000000000 -0400 @@ -0,0 +1,150 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006,2007,2008 Red Hat, Inc. diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 895dd24..4c868d6 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.83/audit2allow/audit2allow --- nsapolicycoreutils/audit2allow/audit2allow 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/audit2allow/audit2allow 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/audit2allow/audit2allow 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -121,8 +121,24 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po app = AuditToPolicy() diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.83/audit2allow/audit2allow.1 --- nsapolicycoreutils/audit2allow/audit2allow.1 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/audit2allow/audit2allow.1 2010-09-17 15:14:35.000000000 -0400 -@@ -66,6 +66,9 @@ ++++ policycoreutils-2.0.83/audit2allow/audit2allow.1 2010-10-29 09:54:43.000000000 -0400 +@@ -1,5 +1,6 @@ + .\" Hey, Emacs! This is an -*- nroff -*- source file. + .\" Copyright (c) 2005 Manoj Srivastava ++.\" Copyright (c) 2010 Dan Walsh + .\" + .\" This is free documentation; you can redistribute it and/or + .\" modify it under the terms of the GNU General Public License as +@@ -22,7 +23,7 @@ + .\" USA. + .\" + .\" +-.TH AUDIT2ALLOW "1" "January 2005" "Security Enhanced Linux" NSA ++.TH AUDIT2ALLOW "1" "October 2010" "Security Enhanced Linux" NSA + .SH NAME + .BR audit2allow + \- generate SELinux policy allow/dontaudit rules from logs of denied operations +@@ -66,6 +67,9 @@ .B "\-M " Generate loadable module package, conflicts with -o .TP @@ -132,7 +148,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po .B "\-o " | "\-\-output " append output to .I -@@ -117,14 +120,6 @@ +@@ -117,14 +121,6 @@ .B Please substitute /var/log/messages for /var/log/audit/audit.log in the .B examples. .PP @@ -147,7 +163,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po .B Using audit2allow to generate module policy $ cat /var/log/audit/audit.log | audit2allow -m local > local.te -@@ -132,20 +127,38 @@ +@@ -132,20 +128,38 @@ module local 1.0; require { @@ -192,7 +208,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po .B Building module policy manually # Compile the module -@@ -168,6 +181,14 @@ +@@ -168,6 +182,14 @@ semodule -i local.pp @@ -209,7 +225,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po .SH AUTHOR diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/sepolgen-ifgen policycoreutils-2.0.83/audit2allow/sepolgen-ifgen --- nsapolicycoreutils/audit2allow/sepolgen-ifgen 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/audit2allow/sepolgen-ifgen 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/audit2allow/sepolgen-ifgen 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -303,10 +319,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po if_set.to_file(f) f.close() -Binary files nsapolicycoreutils/load_policy/load_policy and policycoreutils-2.0.83/load_policy/load_policy differ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-2.0.83/load_policy/load_policy.c --- nsapolicycoreutils/load_policy/load_policy.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/load_policy/load_policy.c 2010-08-23 10:48:26.000000000 -0400 ++++ policycoreutils-2.0.83/load_policy/load_policy.c 2010-10-29 09:54:43.000000000 -0400 @@ -1,3 +1,4 @@ +#define _GNU_SOURCE #include @@ -363,7 +378,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po exit(0); diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.83/Makefile --- nsapolicycoreutils/Makefile 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,4 @@ -SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS = setfiles semanage semanage/default_encoding load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool po gui @@ -372,7 +387,25 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.83/newrole/newrole.c --- nsapolicycoreutils/newrole/newrole.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/newrole/newrole.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/newrole/newrole.c 2010-10-29 09:54:43.000000000 -0400 +@@ -537,7 +537,7 @@ + * + * Returns zero on success, non-zero otherwise + */ +-#if defined(AUDIT_LOG_PRIV) && !defined(NAMESPACE_PRIV) ++#if defined(AUDIT_LOG_PRIV) && !defined(NAMESPACE_PRIV) && !defined(USE_FILECAP) + static int drop_capabilities(void) + { + int rc = 0; +@@ -602,7 +602,7 @@ + fprintf(stderr, _("Error freeing caps\n")); + return rc; + } +-#elif defined(NAMESPACE_PRIV) ++#elif defined(NAMESPACE_PRIV) && !defined(USE_FILECAP) + /** + * This function will drop the capabilities so that we are left + * only with access to the audit system and the ability to raise @@ -1334,6 +1334,9 @@ if (send_audit_message(1, old_context, new_context, ttyn)) @@ -385,7 +418,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po goto err_close_pam_session; diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.83/restorecond/Makefile --- nsapolicycoreutils/restorecond/Makefile 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -1,17 +1,28 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -434,14 +467,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po /sbin/restorecon $(SBINDIR)/restorecond diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service --- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,3 @@ +[D-BUS Service] +Name=org.selinux.Restorecond +Exec=/usr/sbin/restorecond -u diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-2.0.83/restorecond/restorecond.8 --- nsapolicycoreutils/restorecond/restorecond.8 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/restorecond.8 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.8 2010-10-29 09:54:43.000000000 -0400 @@ -3,7 +3,7 @@ restorecond \- daemon that watches for file creation and then sets the default SELinux file context @@ -478,7 +511,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po .BR restorecon (8), diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.83/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/restorecond.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.c 2010-10-29 09:54:43.000000000 -0400 @@ -30,9 +30,11 @@ * and makes sure that there security context matches the systems defaults * @@ -983,7 +1016,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.83/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/restorecond.conf 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.conf 2010-10-29 09:54:43.000000000 -0400 @@ -4,8 +4,5 @@ /etc/mtab /var/run/utmp @@ -996,7 +1029,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po - diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.83/restorecond/restorecond.desktop --- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/restorecond/restorecond.desktop 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.desktop 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,7 @@ +[Desktop Entry] +Name=File Context maintainer @@ -1007,7 +1040,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +StartupNotify=false diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.83/restorecond/restorecond.h --- nsapolicycoreutils/restorecond/restorecond.h 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/restorecond.h 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.h 2010-10-29 09:54:43.000000000 -0400 @@ -24,7 +24,22 @@ #ifndef RESTORED_CONFIG_H #define RESTORED_CONFIG_H @@ -1035,7 +1068,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po #endif diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.83/restorecond/restorecond.init --- nsapolicycoreutils/restorecond/restorecond.init 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/restorecond.init 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond.init 2010-10-29 09:54:43.000000000 -0400 @@ -26,7 +26,7 @@ # Source function library. . /etc/rc.d/init.d/functions @@ -1066,13 +1099,13 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po - diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.83/restorecond/restorecond_user.conf --- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/restorecond/restorecond_user.conf 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/restorecond_user.conf 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,2 @@ +~/* +~/public_html/* diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.83/restorecond/user.c --- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/restorecond/user.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/user.c 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,239 @@ +/* + * restorecond @@ -1315,7 +1348,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.83/restorecond/utmpwatcher.c --- nsapolicycoreutils/restorecond/utmpwatcher.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/restorecond/utmpwatcher.c 2010-08-13 10:00:27.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/utmpwatcher.c 2010-10-29 09:54:43.000000000 -0400 @@ -72,8 +72,8 @@ if (utmp_wd == -1) exitApp("Error watching utmp file."); @@ -1328,7 +1361,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po return changed; diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.83/restorecond/watch.c --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/restorecond/watch.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/restorecond/watch.c 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,260 @@ +#define _GNU_SOURCE +#include @@ -1592,7 +1625,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +} diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/basicwrapper policycoreutils-2.0.83/sandbox/deliverables/basicwrapper --- nsapolicycoreutils/sandbox/deliverables/basicwrapper 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/deliverables/basicwrapper 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/deliverables/basicwrapper 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,4 @@ +import os, sys +SANDBOX_ARGS = ['-f%s' % os.environ['_CONDOR_SCRATCH_DIR']] @@ -1600,7 +1633,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +os.execv('/usr/bin/sandbox',SANDBOX_ARGS) diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/README policycoreutils-2.0.83/sandbox/deliverables/README --- nsapolicycoreutils/sandbox/deliverables/README 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/deliverables/README 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/deliverables/README 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,32 @@ +Files: +run-in-sandbox.py: @@ -1636,7 +1669,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +Chris Pardy diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py --- nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,49 @@ +import os +import os.path @@ -1689,7 +1722,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.83/sandbox/Makefile --- nsapolicycoreutils/sandbox/Makefile 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -7,8 +7,8 @@ MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale @@ -1722,7 +1755,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po @python test_sandbox.py -v diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/sandbox 2010-10-18 14:14:54.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox 2010-10-29 09:54:43.000000000 -0400 @@ -1,5 +1,6 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -1943,7 +1976,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po rc = subprocess.Popen(self.__cmds).wait() diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.83/sandbox/sandbox.8 --- nsapolicycoreutils/sandbox/sandbox.8 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/sandbox.8 2010-09-07 11:15:04.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox.8 2010-10-29 09:54:43.000000000 -0400 @@ -1,10 +1,13 @@ -.TH SANDBOX "8" "May 2009" "chcat" "User Commands" +.TH SANDBOX "8" "May 2010" "sandbox" "User Commands" @@ -1995,7 +2028,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +.I Thomas Liu diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.conf policycoreutils-2.0.83/sandbox/sandbox.conf --- nsapolicycoreutils/sandbox/sandbox.conf 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/sandbox.conf 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox.conf 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,7 @@ +# Space separate list of homedirs +HOMEDIRS="/home" @@ -2006,7 +2039,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +CPUUSAGE=80% diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.conf.5 policycoreutils-2.0.83/sandbox/sandbox.conf.5 --- nsapolicycoreutils/sandbox/sandbox.conf.5 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/sandbox.conf.5 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox.conf.5 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,40 @@ +.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration" +.SH NAME @@ -2056,7 +2089,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -HOMEDIRS="/home" diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.init policycoreutils-2.0.83/sandbox/sandbox.init --- nsapolicycoreutils/sandbox/sandbox.init 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/sandbox.init 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox.init 2010-10-29 09:54:43.000000000 -0400 @@ -10,17 +10,12 @@ # # chkconfig: 345 1 99 @@ -2083,7 +2116,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po # Source function library. diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.83/sandbox/sandboxX.sh --- nsapolicycoreutils/sandbox/sandboxX.sh 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/sandboxX.sh 2010-09-13 17:00:38.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandboxX.sh 2010-10-29 09:54:43.000000000 -0400 @@ -1,13 +1,26 @@ #!/bin/bash context=`id -Z | secon -t -l -P` @@ -2114,10 +2147,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po export EXITCODE=$? kill -HUP 0 break -Binary files nsapolicycoreutils/sandbox/seunshare and policycoreutils-2.0.83/sandbox/seunshare differ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.8 policycoreutils-2.0.83/sandbox/seunshare.8 --- nsapolicycoreutils/sandbox/seunshare.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sandbox/seunshare.8 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/seunshare.8 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,37 @@ +.TH SEUNSHARE "8" "May 2010" "seunshare" "User Commands" +.SH NAME @@ -2158,7 +2190,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +.I Thomas Liu diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.83/sandbox/seunshare.c --- nsapolicycoreutils/sandbox/seunshare.c 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/seunshare.c 2010-10-15 17:36:29.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/seunshare.c 2010-10-29 09:54:43.000000000 -0400 @@ -1,13 +1,21 @@ +/* + * Authors: Dan Walsh @@ -2592,10 +2624,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po - return status; } -Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.83/sandbox/seunshare.o differ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.83/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/scripts/chcat 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/scripts/chcat 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -2604,7 +2635,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po # diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.83/scripts/fixfiles --- nsapolicycoreutils/scripts/fixfiles 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/scripts/fixfiles 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/scripts/fixfiles 2010-10-29 09:54:43.000000000 -0400 @@ -21,6 +21,17 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA @@ -2643,7 +2674,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po - \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \ - done 2> /dev/null | \ - ${RESTORECON} $* -0 -f - -+ ${RESTORECON} -f - -R -p -e /home -e /tmp -r /dev; \ ++ ${RESTORECON} -f - -R -p -e /var/lib/BackupPC -e /home -e /tmp -r /dev; \ rm -f ${TEMPFILE} ${PREFCTEMPFILE} fi } @@ -2698,7 +2729,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon.8 policycoreutils-2.0.83/scripts/genhomedircon.8 --- nsapolicycoreutils/scripts/genhomedircon.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/scripts/genhomedircon.8 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/scripts/genhomedircon.8 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,37 @@ +.\" Hey, Emacs! This is an -*- nroff -*- source file. +.\" Copyright (c) 2010 Dan Walsh @@ -2739,7 +2770,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +.I Dan Walsh diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.83/scripts/Makefile --- nsapolicycoreutils/scripts/Makefile 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/scripts/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/scripts/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -14,6 +14,7 @@ install -m 755 genhomedircon $(SBINDIR) -mkdir -p $(MANDIR)/man8 @@ -2750,7 +2781,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po clean: diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/severify.py policycoreutils-2.0.83/scripts/severify.py --- nsapolicycoreutils/scripts/severify.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/scripts/severify.py 2010-10-13 14:14:23.000000000 -0400 ++++ policycoreutils-2.0.83/scripts/severify.py 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,21 @@ +#! /usr/bin/python -Es +import seobject @@ -2775,7 +2806,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po + diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/default_encoding.c policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c --- nsapolicycoreutils/semanage/default_encoding/default_encoding.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,59 @@ +/* + * Authors: @@ -2838,7 +2869,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +} diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/Makefile policycoreutils-2.0.83/semanage/default_encoding/Makefile --- nsapolicycoreutils/semanage/default_encoding/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/semanage/default_encoding/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/default_encoding/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,8 @@ +all: + LDFLAGS="" python setup.py build @@ -2850,7 +2881,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po + rm -rf build *~ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py --- nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006,2007,2008, 2009 Red Hat, Inc. @@ -2871,7 +2902,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +# diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/setup.py policycoreutils-2.0.83/semanage/default_encoding/setup.py --- nsapolicycoreutils/semanage/default_encoding/setup.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/semanage/default_encoding/setup.py 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/default_encoding/setup.py 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,38 @@ +# Authors: +# John Dennis @@ -2913,7 +2944,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +) diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.83/semanage/semanage --- nsapolicycoreutils/semanage/semanage 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/semanage/semanage 2010-08-13 15:13:19.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/semanage 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -3326,7 +3357,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po + errorExit(error.args[1]) diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.83/semanage/semanage.8 --- nsapolicycoreutils/semanage/semanage.8 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/semanage/semanage.8 2010-09-23 16:46:29.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/semanage.8 2010-10-29 09:54:43.000000000 -0400 @@ -1,29 +1,69 @@ -.TH "semanage" "8" "2005111103" "" "" +.TH "semanage" "8" "20100223" "" "" @@ -3535,7 +3566,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po Examples by Thomas Bleher . diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.83/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/semanage/seobject.py 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/semanage/seobject.py 2010-10-29 09:54:43.000000000 -0400 @@ -29,47 +29,12 @@ import gettext gettext.bindtextdomain(PROGNAME, "/usr/share/locale") @@ -4291,7 +4322,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po if use_file: diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sepolgen-ifgen/Makefile policycoreutils-2.0.83/sepolgen-ifgen/Makefile --- nsapolicycoreutils/sepolgen-ifgen/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sepolgen-ifgen/Makefile 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sepolgen-ifgen/Makefile 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,25 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -4320,7 +4351,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +relabel: ; diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c --- nsapolicycoreutils/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c 2010-10-29 09:54:43.000000000 -0400 @@ -0,0 +1,230 @@ +/* Authors: Frank Mayer + * and Karl MacMillan @@ -4554,7 +4585,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po +} diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.83/setfiles/restore.c --- nsapolicycoreutils/setfiles/restore.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/setfiles/restore.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/setfiles/restore.c 2010-10-29 09:54:43.000000000 -0400 @@ -1,4 +1,5 @@ #include "restore.h" +#include @@ -4738,7 +4769,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.83/setfiles/restorecon.8 --- nsapolicycoreutils/setfiles/restorecon.8 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/setfiles/restorecon.8 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/setfiles/restorecon.8 2010-10-29 09:54:43.000000000 -0400 @@ -4,10 +4,10 @@ .SH "SYNOPSIS" @@ -4764,7 +4795,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po show changes in file labels. diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.83/setfiles/restore.h --- nsapolicycoreutils/setfiles/restore.h 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/setfiles/restore.h 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/setfiles/restore.h 2010-10-29 09:54:43.000000000 -0400 @@ -27,6 +27,7 @@ int hard_links; int verbose; @@ -4786,7 +4817,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po #endif diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.83/setfiles/setfiles.8 --- nsapolicycoreutils/setfiles/setfiles.8 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/setfiles/setfiles.8 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/setfiles/setfiles.8 2010-10-29 09:54:43.000000000 -0400 @@ -31,6 +31,9 @@ .TP .B \-n @@ -4799,7 +4830,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po suppress non-error output. diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.83/setfiles/setfiles.c --- nsapolicycoreutils/setfiles/setfiles.c 2010-05-19 14:45:51.000000000 -0400 -+++ policycoreutils-2.0.83/setfiles/setfiles.c 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/setfiles/setfiles.c 2010-10-29 09:54:43.000000000 -0400 @@ -5,7 +5,6 @@ #include #include @@ -4941,7 +4972,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/VERSION policycoreutils-2.0.83/VERSION --- nsapolicycoreutils/VERSION 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/VERSION 2010-07-30 13:50:40.000000000 -0400 ++++ policycoreutils-2.0.83/VERSION 2010-10-29 09:54:43.000000000 -0400 @@ -1 +1 @@ -2.0.83 +2.0.82 diff --git a/policycoreutils.spec b/policycoreutils.spec index 5e55584..2f30053 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.83 -Release: 31%{?dist} +Release: 33.1%{?dist} License: GPLv2 Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -117,7 +117,7 @@ Requires: audit-libs-python >= %{libauditver} Requires: /usr/bin/make Requires(pre): python >= 2.6 Obsoletes: policycoreutils < 2.0.61-2 -Requires: setools-libs-python >= setools-3.3.7-6 +Requires: setools-libs-python >= 3.3.7-6 %description python The policycoreutils-python package contains the management tools use to manage an SELinux environment. @@ -194,6 +194,7 @@ or level of a logged in user. %defattr(-,root,root) %attr(4755,root,root) %{_bindir}/newrole %{_mandir}/man1/newrole.1.gz +%config(noreplace) %{_sysconfdir}/pam.d/newrole %package gui Summary: SELinux configuration GUI @@ -254,7 +255,6 @@ rm -rf %{buildroot} %{_bindir}/semodule_package %{_sysconfdir}/rc.d/init.d/sandbox %config(noreplace) %{_sysconfdir}/sysconfig/sandbox -%config(noreplace) %{_sysconfdir}/pam.d/newrole %config(noreplace) %{_sysconfdir}/pam.d/run_init %config(noreplace) %{_sysconfdir}/sestatus.conf %attr(755,root,root) /etc/rc.d/init.d/restorecond @@ -315,6 +315,13 @@ fi exit 0 %changelog +* Mon Nov 1 2010 Dan Walsh 2.0.83-33.1 +- Fix setools require line + +* Fri Oct 29 2010 Dan Walsh 2.0.83-33 +- Move /etc/pam.d/newrole in to polcicycoreutils-newrole +- Additiona capability checking in sepolgen + * Mon Oct 18 2010 Dan Walsh 2.0.83-31 - Fix sandbox handling of files with spaces in them