[policycoreutils] Change ausearch path to /usr/sbin. Fixes JB45351

The ausearch path is hardcoded in sepolgen audit.py, this patch (0003-Change-ausearch-path-to-usr-sbin.patch) changes the path to /usr/sbin instead of /sbin. Also renamed other patches to have 000* in front and modified the spec accordingly.
sailfishos · Apr 2, 2019 · de4d249 · de4d249
1 parent 57d24f4
commit de4d249
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 2 deletions.
diff --git a/...disable_awk_sandbox_policycoreutils.patch → ...disable_awk_sandbox_policycoreutils.patch b/...disable_awk_sandbox_policycoreutils.patch → ...disable_awk_sandbox_policycoreutils.patch
diff --git a/rpm/fix_systemd_path.patch → rpm/0002-fix_systemd_path.patch b/rpm/fix_systemd_path.patch → rpm/0002-fix_systemd_path.patch
diff --git a/rpm/0003-Change-ausearch-path-to-usr-sbin.patch b/rpm/0003-Change-ausearch-path-to-usr-sbin.patch
@@ -0,0 +1,34 @@
+From 58b6aa1843874ebea83f986197bece38c71bd28e Mon Sep 17 00:00:00 2001
+From: Jussi Laakkonen <jussi.laakkonen@jolla.com>
+Date: Tue, 2 Apr 2019 11:27:17 +0300
+Subject: [PATCH] Change ausearch path to /usr/sbin
+
+---
+ python/sepolgen/src/sepolgen/audit.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/python/sepolgen/src/sepolgen/audit.py b/python/sepolgen/src/sepolgen/audit.py
+index 26ce6c92..1240ab4b 100644
+--- a/python/sepolgen/src/sepolgen/audit.py
++++ b/python/sepolgen/src/sepolgen/audit.py
+@@ -41,7 +41,7 @@ def get_audit_boot_msgs():
+     s = time.localtime(time.time() - off)
+     bootdate = time.strftime("%x", s)
+     boottime = time.strftime("%X", s)
+-    output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
++    output = subprocess.Popen(["/usr/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
+                               stdout=subprocess.PIPE).communicate()[0]
+     if util.PY3:
+         output = util.decode_input(output)
+@@ -56,7 +56,7 @@ def get_audit_msgs():
+        string contain all of the audit messages returned by ausearch.
+     """
+     import subprocess
+-    output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
++    output = subprocess.Popen(["/usr/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
+                               stdout=subprocess.PIPE).communicate()[0]
+     if util.PY3:
+         output = util.decode_input(output)
+-- 
+2.20.1
+
diff --git a/rpm/policycoreutils.spec b/rpm/policycoreutils.spec
@@ -49,8 +49,9 @@ Source16: selinux-autorelabel.service
 Source17: selinux-autorelabel-mark.service
 Source18: selinux-autorelabel.target
 Source19: selinux-autorelabel-generator.sh
-Patch0: disable_awk_sandbox_policycoreutils.patch
-Patch1: fix_systemd_path.patch
+Patch0:   0001-disable_awk_sandbox_policycoreutils.patch
+Patch1:   0002-fix_systemd_path.patch
+Patch2:   0003-Change-ausearch-path-to-usr-sbin.patch
 Provides: /sbin/fixfiles
 Provides: /sbin/restorecon
 
@@ -98,6 +99,7 @@ to switch roles.
 %setup -q -n %{name}-%{version}/upstream
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 make -C policycoreutils LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" SEMODULE_PATH="%{_sbindir}" LIBSEPOLA="%{_libdir}/libsepol.a" all