[Selinux-commits] SF.net SVN: selinux: [2917] trunk/policycoreutils/scripts

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2917
          http://selinux.svn.sourceforge.net/selinux/?rev=2917&view=rev
Author:   madmethod
Date:     2008-06-30 17:24:02 -0700 (Mon, 30 Jun 2008)

Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: fixfiles patch
Date: Mon, 30 Jun 2008 12:05:30 -0400

This patch adds a function onboot

which creates the /.autorelabel file

It also removes tmp files that map directly to a user.  This fixes the
problem where a user login gets created with the wrong context in /tmp
and then can not login, even after a relabel.

Acked-By: Joshua Brindle <me...@ma...>

Modified Paths:
--------------
    trunk/policycoreutils/scripts/fixfiles
    trunk/policycoreutils/scripts/fixfiles.8

Modified: trunk/policycoreutils/scripts/fixfiles
===================================================================

--- trunk/policycoreutils/scripts/fixfiles	2008-06-30 13:14:43 UTC (rev 2916)
+++ trunk/policycoreutils/scripts/fixfiles	2008-07-01 00:24:02 UTC (rev 2917)
@@ -138,6 +138,9 @@
 fi
 LogReadOnly
 ${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
+find /tmp -context "*:file_t*" -exec chcon -t tmp_t {} \;
+find /var/tmp -context "*:file_t*" -exec chcon -t tmp_t {} \;
 exit $?
 }
 
@@ -180,6 +183,10 @@
     check) restore -n -v;;
     verify) restore -n -o -;;
     relabel) relabel;;
+    onboot)
+	touch /.autorelabel
+	echo "System will relabel on next boot"
+	;;
     *)
     usage
     exit 1
@@ -189,6 +196,7 @@
       	echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
 	echo or
       	echo $"Usage: $0 -R rpmpackage[,rpmpackage...] -C PREVIOUS_FILECONTEXT [-l logfile ] [-o outputfile ] { check | restore }"
+      	echo $"Usage: $0 onboot"
 }
 
 if [ $# = 0 ]; then

Modified: trunk/policycoreutils/scripts/fixfiles.8
===================================================================
--- trunk/policycoreutils/scripts/fixfiles.8	2008-06-30 13:14:43 UTC (rev 2916)
+++ trunk/policycoreutils/scripts/fixfiles.8	2008-07-01 00:24:02 UTC (rev 2917)
@@ -7,6 +7,8 @@
 
 .B fixfiles [-F] [-l logfile ] [-o outputfile ] { check | restore|[-f] relabel | verify } [[dir/file] ... ] 
 
+.B fixfiles onboot
+
 .SH "DESCRIPTION"
 This manual page describes the
 .BR fixfiles
@@ -20,6 +22,9 @@
 as you expect.  By default it will relabel all mounted ext2, ext3, xfs and 
 jfs file systems as long as they do not have a security context mount 
 option.  You can use the -R flag to use rpmpackages as an alternative.
+.P
+.B fixfiles onboot 
+will setup the machine to relabel on the next reboot.
 
 .SH "OPTIONS"
 .TP 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


