[Selinux-commits] SF.net SVN: selinux: [2364] branches/policyrep

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2364
          http://svn.sourceforge.net/selinux/?rev=2364&view=rev
Author:   ssmalley
Date:     2007-04-24 07:02:33 -0700 (Tue, 24 Apr 2007)

Log Message:
-----------
Ported r2357 thru r2363 (libselinux: avc_internal.c fix, policycoreutils: several patches) from trunk.

Modified Paths:
--------------
    branches/policyrep/libselinux/ChangeLog
    branches/policyrep/libselinux/VERSION
    branches/policyrep/libselinux/src/avc_internal.c
    branches/policyrep/policycoreutils/ChangeLog
    branches/policyrep/policycoreutils/VERSION
    branches/policyrep/policycoreutils/restorecon/restorecon.c
    branches/policyrep/policycoreutils/restorecond/restorecond.init
    branches/policyrep/policycoreutils/scripts/chcat
    branches/policyrep/policycoreutils/scripts/fixfiles
    branches/policyrep/policycoreutils/scripts/genhomedircon

Modified: branches/policyrep/libselinux/ChangeLog
===================================================================

--- branches/policyrep/libselinux/ChangeLog	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/libselinux/ChangeLog	2007-04-24 14:02:33 UTC (rev 2364)
@@ -1,3 +1,6 @@
+2.0.14 2007-04-24
+	* Merged build fix for avc_internal.c from Joshua Brindle.
+
 2.0.13 2007-04-12
 	* Merged rpm_execcon python binding fix, matchpathcon man page fix, and getsebool -a handling for EACCES from Dan Walsh.
 

Modified: branches/policyrep/libselinux/VERSION
===================================================================
--- branches/policyrep/libselinux/VERSION	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/libselinux/VERSION	2007-04-24 14:02:33 UTC (rev 2364)
@@ -1 +1 @@
-2.0.13
+2.0.14

Modified: branches/policyrep/libselinux/src/avc_internal.c
===================================================================
--- branches/policyrep/libselinux/src/avc_internal.c	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/libselinux/src/avc_internal.c	2007-04-24 14:02:33 UTC (rev 2364)
@@ -17,6 +17,7 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <linux/types.h>
 #include <linux/netlink.h>
 #include "selinux_netlink.h"
 #include "avc_internal.h"

Modified: branches/policyrep/policycoreutils/ChangeLog
===================================================================
--- branches/policyrep/policycoreutils/ChangeLog	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/ChangeLog	2007-04-24 14:02:33 UTC (rev 2364)
@@ -1,3 +1,6 @@
+2.0.10 2007-04-24
+	* Merged chcat, fixfiles, genhomedircon, restorecond, and restorecon patches from Dan Walsh.
+
 2.0.9 2007-04-12
 	* Merged seobject setransRecords patch to return the first alias from Xavier Toth.
 

Modified: branches/policyrep/policycoreutils/VERSION
===================================================================
--- branches/policyrep/policycoreutils/VERSION	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/VERSION	2007-04-24 14:02:33 UTC (rev 2364)
@@ -1 +1 @@
-2.0.9
+2.0.10

Modified: branches/policyrep/policycoreutils/restorecon/restorecon.c
===================================================================
--- branches/policyrep/policycoreutils/restorecon/restorecon.c	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/restorecon/restorecon.c	2007-04-24 14:02:33 UTC (rev 2364)
@@ -336,8 +336,8 @@
 				if (!file_exist && errno == ENOENT)
 					return;
 				fprintf(stderr,
-					"%s:  error while labeling files under %s\n",
-					progname, buf);
+					"%s: error while traversing %s: %s\n",
+					progname, buf, strerror(errno));
 				errors++;
 			}
 		}

Modified: branches/policyrep/policycoreutils/restorecond/restorecond.init
===================================================================
--- branches/policyrep/policycoreutils/restorecond/restorecond.init	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/restorecond/restorecond.init	2007-04-24 14:02:33 UTC (rev 2364)
@@ -73,6 +73,7 @@
         ;;
   status)
 	status restorecond
+	RETVAL=$?
 	;;
   restart|reload)
 	restart

Modified: branches/policyrep/policycoreutils/scripts/chcat
===================================================================
--- branches/policyrep/policycoreutils/scripts/chcat	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/scripts/chcat	2007-04-24 14:02:33 UTC (rev 2364)
@@ -74,10 +74,12 @@
             if i not in cats:
                 cats.append(i)
 
-        new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ","))
-        if new_serange[-1:] == ":":
-            new_serange = new_serange[:-1]
             
+        if len(cats) > 0:
+            new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats))
+        else
+            new_serange = "%s-%s" % (serange[0], top[0])
+            
         if add_ind:
             cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u)
         else:
@@ -151,10 +153,11 @@
             if i in cats:
                 cats.remove(i)
 
-        new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ","))
-        if new_serange[-1:] == ":":
-            new_serange = new_serange[:-1]
-        
+        if len(cats) > 0:
+            new_serange = "%s-%s:%s" % (serange[0], top[0], ",".join(cats))
+        else
+            new_serange = "%s-%s" % (serange[0], top[0])
+            
         if add_ind:
             cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u)
         else:

Modified: branches/policyrep/policycoreutils/scripts/fixfiles
===================================================================
--- branches/policyrep/policycoreutils/scripts/fixfiles	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/scripts/fixfiles	2007-04-24 14:02:33 UTC (rev 2364)
@@ -138,7 +138,7 @@
     exit $?
 fi
 LogReadOnly
-${SETFILES} ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
 exit $?
 }
 

Modified: branches/policyrep/policycoreutils/scripts/genhomedircon
===================================================================
--- branches/policyrep/policycoreutils/scripts/genhomedircon	2007-04-24 13:58:04 UTC (rev 2363)
+++ branches/policyrep/policycoreutils/scripts/genhomedircon	2007-04-24 14:02:33 UTC (rev 2364)
@@ -26,6 +26,7 @@
 
 import sys, os, pwd, string, getopt, re
 from semanage import *;
+import selinux
 import gettext
 gettext.install('policycoreutils')
 
@@ -249,7 +250,10 @@
 				i = i.replace("HOME_DIR", home)
 				i = i.replace("ROLE", prefix)
 				i = i.replace("system_u", seuser)
-				ret = ret+i
+				# Validate if the generated context exists.  Some user types may not exist
+				scon = i.split()[-1]
+				if selinux.security_check_context(scon) == 0:
+					ret = ret+i
 		fd.close()
 		return ret
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


