Commit de4d249e authored by Jussi Laakkonen's avatar Jussi Laakkonen

[policycoreutils] Change ausearch path to /usr/sbin. Fixes JB45351

The ausearch path is hardcoded in sepolgen audit.py, this patch
(0003-Change-ausearch-path-to-usr-sbin.patch) changes the path to
/usr/sbin instead of /sbin.

Also renamed other patches to have 000* in front and modified the spec
accordingly.
parent 57d24f4b
From 58b6aa1843874ebea83f986197bece38c71bd28e Mon Sep 17 00:00:00 2001
From: Jussi Laakkonen <jussi.laakkonen@jolla.com>
Date: Tue, 2 Apr 2019 11:27:17 +0300
Subject: [PATCH] Change ausearch path to /usr/sbin
---
python/sepolgen/src/sepolgen/audit.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/python/sepolgen/src/sepolgen/audit.py b/python/sepolgen/src/sepolgen/audit.py
index 26ce6c92..1240ab4b 100644
--- a/python/sepolgen/src/sepolgen/audit.py
+++ b/python/sepolgen/src/sepolgen/audit.py
@@ -41,7 +41,7 @@ def get_audit_boot_msgs():
s = time.localtime(time.time() - off)
bootdate = time.strftime("%x", s)
boottime = time.strftime("%X", s)
- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
+ output = subprocess.Popen(["/usr/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
stdout=subprocess.PIPE).communicate()[0]
if util.PY3:
output = util.decode_input(output)
@@ -56,7 +56,7 @@ def get_audit_msgs():
string contain all of the audit messages returned by ausearch.
"""
import subprocess
- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
+ output = subprocess.Popen(["/usr/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
stdout=subprocess.PIPE).communicate()[0]
if util.PY3:
output = util.decode_input(output)
--
2.20.1
......@@ -49,8 +49,9 @@ Source16: selinux-autorelabel.service
Source17: selinux-autorelabel-mark.service
Source18: selinux-autorelabel.target
Source19: selinux-autorelabel-generator.sh
Patch0: disable_awk_sandbox_policycoreutils.patch
Patch1: fix_systemd_path.patch
Patch0: 0001-disable_awk_sandbox_policycoreutils.patch
Patch1: 0002-fix_systemd_path.patch
Patch2: 0003-Change-ausearch-path-to-usr-sbin.patch
Provides: /sbin/fixfiles
Provides: /sbin/restorecon
......@@ -98,6 +99,7 @@ to switch roles.
%setup -q -n %{name}-%{version}/upstream
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
make -C policycoreutils LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" SEMODULE_PATH="%{_sbindir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment