[yocto] [meta-selinux PATCH 1/1] policycoreutils: semanage
Joe Slater
jslater at windriver.com
Thu Mar 13 14:08:19 PDT 2014
When modifying an selinux login record, seobject.py,
may try to log a value, self.sename, which has been preset to "None"
and this will fail. So, we set it to something useful.
Signed-off-by: Joe Slater <jslater at windriver.com>
---
.../policycoreutils-semanage-edit-user.patch | 21 ++++++++++++++++++++
recipes-security/selinux/policycoreutils_2.2.5.bb | 3 +-
2 files changed, 23 insertions(+), 1 deletions(-)
create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch
diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch
new file mode 100644
index 0000000..f5aaa74
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch
@@ -0,0 +1,21 @@
+policycoreutils: semanage
+
+When modifying selinux login records, self.sename might not be
+needed, but it IS passed to a log function, so it must be set
+to something or the log attempt will fail.
+
+Upstream-Status: Pending
+
+Signed-off-by: Joe Slater <jslater at windriver.com>
+
+
+--- a/semanage/seobject.py
++++ b/semanage/seobject.py
+@@ -576,6 +576,7 @@ class loginRecords(semanageRecords):
+
+ if sename != "":
+ semanage_seuser_set_sename(self.sh, u, sename)
++ self.sename = sename
+ else:
+ self.sename = self.oldsename
+
diff --git a/recipes-security/selinux/policycoreutils_2.2.5.bb b/recipes-security/selinux/policycoreutils_2.2.5.bb
index d851f74..bd3a5dd 100644
--- a/recipes-security/selinux/policycoreutils_2.2.5.bb
+++ b/recipes-security/selinux/policycoreutils_2.2.5.bb
@@ -1,4 +1,4 @@
-PR = "r0"
+PR = "r1"
include selinux_20131030.inc
include ${BPN}.inc
@@ -13,4 +13,5 @@ SRC_URI += "\
file://policycoreutils-fix-sepolicy-install-path.patch \
file://policycoreutils-make-O_CLOEXEC-optional.patch \
file://policycoreutils-loadpolicy-symlink.patch \
+ file://policycoreutils-semanage-edit-user.patch \
"
--
1.7.3.4
More information about the yocto
mailing list