diff options
| author |   Michael Mair-Keimberger (asterix) <m.mairkeimberger@gmail.com> | 2017-02-04 18:42:35 +0100 |
|---|---|---|
| committer |   David Seifert <soap@gentoo.org> | 2017-02-04 22:19:06 +0100 |
| commit | 735602cb6c792d5fc155a69d2a48a1ddde05ad7e (patch) | |
| tree | 021624b53b0a0f378b4e38974c908789c791c714 /sys-apps/policycoreutils/files | |
| parent | sec-policy/selinux-base-policy: remove unused files (diff) | |
| download | gentoo-735602cb6c792d5fc155a69d2a48a1ddde05ad7e.tar.gz gentoo-735602cb6c792d5fc155a69d2a48a1ddde05ad7e.tar.bz2 gentoo-735602cb6c792d5fc155a69d2a48a1ddde05ad7e.zip | |
sys-apps/policycoreutils: remove unused patches
Closes: https://github.com/gentoo/gentoo/pull/3781
Diffstat (limited to 'sys-apps/policycoreutils/files')
4 files changed, 0 insertions, 171 deletions
diff --git a/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch b/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch deleted file mode 100644 index 6ed451649e3e..000000000000 --- a/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 7a09af2123bc0d86787ef82fc2ff43810f1712c0 Mon Sep 17 00:00:00 2001 -From: Steve Lawrence <slawrence@tresys.com> -Date: Wed, 19 Nov 2014 11:21:42 -0500 -Subject: [PATCH 1/2] policycoreutils: pp: add roletype statements for both - declared and required type/typeattributes - -Currently, roletype statements are only added for types when they are -declared (not required). This means that in policy like: - - require { - type foo_t; - } - type bar_t; - role staff_r types foo_t, bar_t; - -only bar_t is associated with staff_r. This patch moves the code that -generates roletype statements for types to outside the SCOPE_DECL check -so that roletype statements are generated for all types, regardless of -the required/declared scope. It further moves the code outside of the -type/typeattribute flavor check so that roletype statements are also -generated for typeattributes. - -Reported-by: Sven Vermeulen <sven.vermeulen@siphos.be> -Signed-off-by: Steve Lawrence <slawrence@tresys.com> -Reviewed-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> -Tested-by: Jason Zaman <jason@perfinion.com> ---- - policycoreutils/hll/pp/pp.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/policycoreutils/hll/pp/pp.c b/policycoreutils/hll/pp/pp.c -index b1ef27f..4b9f310 100644 ---- a/policycoreutils/hll/pp/pp.c -+++ b/policycoreutils/hll/pp/pp.c -@@ -2083,6 +2083,11 @@ static int type_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN - cil_println(indent, "(typeattributeset " GEN_REQUIRE_ATTR " %s)", key); - } - -+ rc = roletype_role_in_ancestor_to_cil(pdb, decl_stack, key, indent); -+ if (rc != 0) { -+ goto exit; -+ } -+ - switch(type->flavor) { - case TYPE_TYPE: - if (scope == SCOPE_DECL) { -@@ -2090,11 +2095,6 @@ static int type_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN - // object_r is implicit in checkmodule, but not with CIL, - // create it as part of base - cil_println(indent, "(roletype " DEFAULT_OBJECT " %s)", key); -- -- rc = roletype_role_in_ancestor_to_cil(pdb, decl_stack, key, indent); -- if (rc != 0) { -- goto exit; -- } - } - - if (type->flags & TYPE_FLAGS_PERMISSIVE) { --- -2.0.4 - diff --git a/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch b/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch deleted file mode 100644 index f53b456720ef..000000000000 --- a/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNr policycoreutils-2.2.1.orig/run_init/run_init.c policycoreutils-2.2.1/run_init/run_init.c ---- policycoreutils-2.2.1.orig/run_init/run_init.c 2013-11-04 21:40:27.490018417 +0100 -+++ policycoreutils-2.2.1/run_init/run_init.c 2013-11-04 21:40:57.088018480 +0100 -@@ -406,7 +406,7 @@ - new_context); - exit(-1); - } -- if (! access("/usr/sbin/open_init_pty", X_OK)) { -+ if (access("/usr/sbin/open_init_pty", X_OK) != 0) { - if (execvp(argv[1], argv + 1)) { - perror("execvp"); - exit(-1); diff --git a/sys-apps/policycoreutils/files/0130-Only-invoke-RPM-on-RPM-enabled-Linux-distributions-bug-534682.patch b/sys-apps/policycoreutils/files/0130-Only-invoke-RPM-on-RPM-enabled-Linux-distributions-bug-534682.patch deleted file mode 100644 index 25fc900e3a5a..000000000000 --- a/sys-apps/policycoreutils/files/0130-Only-invoke-RPM-on-RPM-enabled-Linux-distributions-bug-534682.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 73b7ff410c1b2958c5c1f8e26cae5347d56416d4 Mon Sep 17 00:00:00 2001 -From: Sven Vermeulen <sven.vermeulen@siphos.be> -Date: Tue, 9 Jun 2015 13:26:24 +0200 -Subject: [PATCH 1/1] Only invoke RPM on RPM-enabled Linux distributions - -When calling "sepolgen generate" to automatically generate a SELinux -policy template, the command fails when it cannot invoke RPM related -commands on Linux distributions that do not support RPM by default: - -Failed to retrieve rpm info for selinux-policy -Traceback (most recent call last): - File "/usr/lib/python-exec/python2.7/sepolicy", line 643, in <module> - args.func(args) - File "/usr/lib/python-exec/python2.7/sepolicy", line 517, in generate - print mypolicy.generate(args.path) - File "/usr/lib64/python2.7/site-packages/sepolicy/generate.py", line 1370, in generate - out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file")) - File "/usr/lib64/python2.7/site-packages/sepolicy/generate.py", line 1219, in write_spec - fd.write(self.generate_spec()) - File "/usr/lib64/python2.7/site-packages/sepolicy/generate.py", line 1181, in generate_spec - selinux_policyver = get_rpm_nvr_list("selinux-policy")[1] -TypeError: 'NoneType' object has no attribute '__getitem__' - -As the RPM related steps are only needed on RPM-enabled distributions, -we should ignore these steps on other Linux distribution platforms. - -In this patch, we use the Python platform module to get the Linux -distribution, and only start the RPM-related activities on Linux -distributions that use RPM as their native package manager. - -Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> ---- - policycoreutils/sepolicy/sepolicy/generate.py | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py -index 6b53035..4858582 100644 ---- a/policycoreutils/sepolicy/sepolicy/generate.py -+++ b/policycoreutils/sepolicy/sepolicy/generate.py -@@ -26,6 +26,7 @@ import re - import sepolicy - from sepolicy import get_all_types, get_all_attributes, get_all_roles - import time -+import platform - - from templates import executable - from templates import boolean -@@ -1171,7 +1172,8 @@ allow %s_t %s_t:%s_socket name_%s; - newsh += re.sub("TEMPLATETYPE", self.name, t1) - - newsh += self.generate_user_sh() -- newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm) -+ if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat","centos","SuSE","fedora","mandrake","mandriva")): -+ newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm) - - return newsh - -@@ -1367,6 +1369,7 @@ Warning %s does not exist - out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file")) - out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file")) - if self.type != NEWTYPE: -- out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file")) -+ if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat","centos","SuSE","fedora","mandrake","mandriva")): -+ out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file")) - out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script")) - return out --- -2.4.6 - diff --git a/sys-apps/policycoreutils/files/0140-Set-self.sename-to-sename-after-calling-semanage-bug-557370.patch b/sys-apps/policycoreutils/files/0140-Set-self.sename-to-sename-after-calling-semanage-bug-557370.patch deleted file mode 100644 index 1a11d394da1a..000000000000 --- a/sys-apps/policycoreutils/files/0140-Set-self.sename-to-sename-after-calling-semanage-bug-557370.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 4fbc6623eba0d32f1cc8609d605a6b5a2e051e15 Mon Sep 17 00:00:00 2001 -From: Laurent Bigonville <bigon@bigon.be> -Date: Tue, 14 Jul 2015 19:07:56 +0200 -Subject: [PATCH 1/1] Set self.sename to sename after calling - semanage_seuser_set_sename() - -This fixes audit information that are being logged and a crash when the -python-audit binding is not installed. - -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734806 ---- - policycoreutils/semanage/seobject.py | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py -index 568ebfd..2edb050 100644 ---- a/policycoreutils/semanage/seobject.py -+++ b/policycoreutils/semanage/seobject.py -@@ -575,6 +575,7 @@ class loginRecords(semanageRecords): - - if sename != "": - semanage_seuser_set_sename(self.sh, u, sename) -+ self.sename = sename - else: - self.sename = self.oldsename - --- -2.4.6 - |