[Selinux-commits] SF.net SVN: selinux: [2458] trunk/policycoreutils

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2458
          http://svn.sourceforge.net/selinux/?rev=2458&view=rev
Author:   ssmalley
Date:     2007-06-05 06:47:52 -0700 (Tue, 05 Jun 2007)

Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: policycoreutils patch
Date: Fri, 01 Jun 2007 10:32:35 -0400

policycoreutils should be checking if the user is the default_type not 
hard coded to user_u.

Also if selinux is not enabled, the verification step should not 
happen.  This is causing problems in chroot environments for the install.

Both these fixes should go into the new genhomedircon that is being 
added to semanage.

Acked-by:  Stephen Smalley <sd...@ty...>

Modified Paths:
--------------
    trunk/policycoreutils/audit2why/Makefile
    trunk/policycoreutils/newrole/Makefile
    trunk/policycoreutils/restorecond/Makefile
    trunk/policycoreutils/run_init/Makefile
    trunk/policycoreutils/scripts/genhomedircon
    trunk/policycoreutils/secon/Makefile
    trunk/policycoreutils/sestatus/Makefile

Modified: trunk/policycoreutils/audit2why/Makefile
===================================================================

--- trunk/policycoreutils/audit2why/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/audit2why/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -9,7 +9,7 @@
 
 CFLAGS ?= -Werror -Wall -W
 override CFLAGS += -I$(INCLUDEDIR)
-LDLIBS = ${LIBDIR}/libsepol.a -lselinux -lsepol -L$(LIBDIR)
+LDLIBS = ${LIBDIR}/libsepol.a -lselinux -L$(LIBDIR)
 
 TARGETS=audit2why
 

Modified: trunk/policycoreutils/newrole/Makefile
===================================================================
--- trunk/policycoreutils/newrole/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/newrole/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -23,7 +23,7 @@
 CFLAGS ?= -Werror -Wall -W
 EXTRA_OBJS =
 override CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
-LDLIBS += -lselinux -lsepol -L$(PREFIX)/lib
+LDLIBS += -lselinux -L$(PREFIX)/lib
 ifeq (${PAMH}, /usr/include/security/pam_appl.h)
 	override CFLAGS += -DUSE_PAM
 	EXTRA_OBJS += hashtab.o

Modified: trunk/policycoreutils/restorecond/Makefile
===================================================================
--- trunk/policycoreutils/restorecond/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/restorecond/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -7,7 +7,7 @@
 
 CFLAGS ?= -g -Werror -Wall -W
 override CFLAGS += -I$(PREFIX)/include -D_FILE_OFFSET_BITS=64
-LDLIBS += -lselinux -lsepol -L$(PREFIX)/lib
+LDLIBS += -lselinux -L$(PREFIX)/lib
 
 all: restorecond
 

Modified: trunk/policycoreutils/run_init/Makefile
===================================================================
--- trunk/policycoreutils/run_init/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/run_init/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -10,7 +10,7 @@
 
 CFLAGS ?= -Werror -Wall -W
 override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
-LDLIBS += -lselinux -lsepol -L$(PREFIX)/lib
+LDLIBS += -lselinux -L$(PREFIX)/lib
 ifeq (${PAMH}, /usr/include/security/pam_appl.h)
 	override CFLAGS += -DUSE_PAM
 	LDLIBS += -lpam -lpam_misc

Modified: trunk/policycoreutils/scripts/genhomedircon
===================================================================
--- trunk/policycoreutils/scripts/genhomedircon	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/scripts/genhomedircon	2007-06-05 13:47:52 UTC (rev 2458)
@@ -193,7 +193,7 @@
 		return prefix
 		
 	def adduser(self, udict, user, seuser, prefix):
-		if seuser == "user_u" or user == "__default__" or user == "system_u":
+		if seuser == self.default_user or user == "__default__" or user == "system_u":
 			return
 		# !!! chooses first prefix in the list to use in the file context !!!
 		try:
@@ -263,7 +263,7 @@
 				i = i.replace("system_u", seuser)
 				# Validate if the generated context exists.  Some user types may not exist
 				scon = i.split()[-1]
-				if selinux.security_check_context(scon) == 0:
+				if selinux.is_selinux_enabled() < 1 or selinux.security_check_context(scon) == 0:
 					ret = ret+i
 		fd.close()
 		return ret

Modified: trunk/policycoreutils/secon/Makefile
===================================================================
--- trunk/policycoreutils/secon/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/secon/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -9,7 +9,7 @@
 VERSION = $(shell cat ../VERSION)
 CFLAGS ?= $(WARNS) -O1
 override CFLAGS += -DVERSION=\"$(VERSION)\" -I$(INCLUDEDIR) 
-LDLIBS = -lsepol -lselinux -L$(LIBDIR)
+LDLIBS = -lselinux -L$(LIBDIR)
 
 all: secon
 

Modified: trunk/policycoreutils/sestatus/Makefile
===================================================================
--- trunk/policycoreutils/sestatus/Makefile	2007-06-01 11:57:09 UTC (rev 2457)
+++ trunk/policycoreutils/sestatus/Makefile	2007-06-05 13:47:52 UTC (rev 2458)
@@ -7,7 +7,7 @@
 
 CFLAGS = -Werror -Wall -W
 override CFLAGS += -I$(PREFIX)/include -D_FILE_OFFSET_BITS=64
-LDLIBS = -lselinux -lsepol -L$(LIBDIR)
+LDLIBS = -lselinux -L$(LIBDIR)
 
 all: sestatus
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


