* [meta-selinux PATCH 0/1] policycoreutils (semanage) @ 2014-03-13 21:08 Joe Slater 2014-03-13 21:08 ` [meta-selinux PATCH 1/1] policycoreutils: semanage Joe Slater 2014-04-03 18:54 ` [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe MacDonald 0 siblings, 2 replies; 3+ messages in thread From: Joe Slater @ 2014-03-13 21:08 UTC (permalink / raw) To: yocto, rongqing.li; +Cc: joe.slater Fix a failure to modify records if we want to change the seuser for a login user. Just a log issue. I incremented PR. I think we should either do that are get rid of it. Joe Slater (1): policycoreutils: semanage .../policycoreutils-semanage-edit-user.patch | 21 ++++++++++++++++++++ recipes-security/selinux/policycoreutils_2.2.5.bb | 3 +- 2 files changed, 23 insertions(+), 1 deletions(-) create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch -- 1.7.3.4 ^ permalink raw reply [flat|nested] 3+ messages in thread
* [meta-selinux PATCH 1/1] policycoreutils: semanage 2014-03-13 21:08 [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe Slater @ 2014-03-13 21:08 ` Joe Slater 2014-04-03 18:54 ` [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe MacDonald 1 sibling, 0 replies; 3+ messages in thread From: Joe Slater @ 2014-03-13 21:08 UTC (permalink / raw) To: yocto, rongqing.li; +Cc: joe.slater When modifying an selinux login record, seobject.py, may try to log a value, self.sename, which has been preset to "None" and this will fail. So, we set it to something useful. Signed-off-by: Joe Slater <jslater@windriver.com> --- .../policycoreutils-semanage-edit-user.patch | 21 ++++++++++++++++++++ recipes-security/selinux/policycoreutils_2.2.5.bb | 3 +- 2 files changed, 23 insertions(+), 1 deletions(-) create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch new file mode 100644 index 0000000..f5aaa74 --- /dev/null +++ b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch @@ -0,0 +1,21 @@ +policycoreutils: semanage + +When modifying selinux login records, self.sename might not be +needed, but it IS passed to a log function, so it must be set +to something or the log attempt will fail. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater <jslater@windriver.com> + + +--- a/semanage/seobject.py ++++ b/semanage/seobject.py +@@ -576,6 +576,7 @@ class loginRecords(semanageRecords): + + if sename != "": + semanage_seuser_set_sename(self.sh, u, sename) ++ self.sename = sename + else: + self.sename = self.oldsename + diff --git a/recipes-security/selinux/policycoreutils_2.2.5.bb b/recipes-security/selinux/policycoreutils_2.2.5.bb index d851f74..bd3a5dd 100644 --- a/recipes-security/selinux/policycoreutils_2.2.5.bb +++ b/recipes-security/selinux/policycoreutils_2.2.5.bb @@ -1,4 +1,4 @@ -PR = "r0" +PR = "r1" include selinux_20131030.inc include ${BPN}.inc @@ -13,4 +13,5 @@ SRC_URI += "\ file://policycoreutils-fix-sepolicy-install-path.patch \ file://policycoreutils-make-O_CLOEXEC-optional.patch \ file://policycoreutils-loadpolicy-symlink.patch \ + file://policycoreutils-semanage-edit-user.patch \ " -- 1.7.3.4 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [meta-selinux PATCH 0/1] policycoreutils (semanage) 2014-03-13 21:08 [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe Slater 2014-03-13 21:08 ` [meta-selinux PATCH 1/1] policycoreutils: semanage Joe Slater @ 2014-04-03 18:54 ` Joe MacDonald 1 sibling, 0 replies; 3+ messages in thread From: Joe MacDonald @ 2014-04-03 18:54 UTC (permalink / raw) To: Joe Slater; +Cc: yocto, joe.slater [-- Attachment #1: Type: text/plain, Size: 734 bytes --] Merged, thanks. -J. [[yocto] [meta-selinux PATCH 0/1] policycoreutils (semanage)] On 14.03.13 (Thu 14:08) Joe Slater wrote: > Fix a failure to modify records if we want to change the seuser > for a login user. Just a log issue. > > I incremented PR. I think we should either do that are get rid of it. > > Joe Slater (1): > policycoreutils: semanage > > .../policycoreutils-semanage-edit-user.patch | 21 ++++++++++++++++++++ > recipes-security/selinux/policycoreutils_2.2.5.bb | 3 +- > 2 files changed, 23 insertions(+), 1 deletions(-) > create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch > > -- > 1.7.3.4 > -- -Joe MacDonald. :wq [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 205 bytes --] ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-04-03 18:54 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-03-13 21:08 [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe Slater 2014-03-13 21:08 ` [meta-selinux PATCH 1/1] policycoreutils: semanage Joe Slater 2014-04-03 18:54 ` [meta-selinux PATCH 0/1] policycoreutils (semanage) Joe MacDonald
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.