From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <459D7ABC.6060902@redhat.com> Date: Thu, 04 Jan 2007 17:07:56 -0500 From: Daniel J Walsh MIME-Version: 1.0 To: Stephen Smalley CC: SE Linux , Karl MacMillan Subject: Re: Policycoreutils patches References: <459BF062.4050107@redhat.com> <1167928118.18961.81.camel@moss-spartans.epoch.ncsc.mil> <1167929394.18961.86.camel@moss-spartans.epoch.ncsc.mil> In-Reply-To: <1167929394.18961.86.camel@moss-spartans.epoch.ncsc.mil> Content-Type: multipart/mixed; boundary="------------030601030802050507000804" Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov This is a multi-part message in MIME format. --------------030601030802050507000804 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Ok this part of the seobject patch should not be controversial. This patch fixes modification of roles. > --------------030601030802050507000804 Content-Type: text/plain; name="diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="diff" diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.8/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2006-11-16 17:14:26.000000000 -0500 +++ policycoreutils-1.33.8/semanage/seobject.py 2007-01-04 17:06:25.000000000 -0500 @@ -525,8 +525,12 @@ semanage_user_set_prefix(self.sh, u, prefix) if len(roles) != 0: - for r in roles: - semanage_user_add_role(self.sh, u, r) + for r in rlist: + if r not in roles: + semanage_user_del_role(u, r) + for r in roles: + if r not in rlist: + semanage_user_add_role(self.sh, u, r) rc = semanage_begin_transaction(self.sh) if rc < 0: --------------030601030802050507000804-- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.