diff --git a/at-3.1.13-selinux.patch b/at-3.1.13-selinux.patch index 0fcaff1..255fe2b 100644 --- a/at-3.1.13-selinux.patch +++ b/at-3.1.13-selinux.patch @@ -1,6 +1,6 @@ diff -up at-3.1.13/atd.c.selinux at-3.1.13/atd.c ---- at-3.1.13/atd.c.selinux 2011-07-29 13:58:54.282221007 +0200 -+++ at-3.1.13/atd.c 2011-07-29 14:02:46.563175313 +0200 +--- at-3.1.13/atd.c.selinux 2012-11-01 15:11:21.368772308 +0100 ++++ at-3.1.13/atd.c 2012-11-01 15:13:16.809162818 +0100 @@ -83,6 +83,14 @@ #include "getloadavg.h" #endif @@ -85,32 +85,32 @@ diff -up at-3.1.13/atd.c.selinux at-3.1.13/atd.c static void run_file(const char *filename, uid_t uid, gid_t gid) { -@@ -445,9 +515,24 @@ run_file(const char *filename, uid_t uid - perr("Cannot reset signal handler to default"); +@@ -446,9 +516,23 @@ run_file(const char *filename, uid_t uid + perr("Cannot reset signal handler to default"); chdir("/"); +- +#ifdef WITH_SELINUX + if (selinux_enabled > 0) { + if (set_selinux_context(pentry->pw_name, filename) < 0) + perr("SELinux Failed to set context\n"); + } +#endif - if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0) perr("Exec failed for /bin/sh"); +//add for fedora +#ifdef WITH_SELINUX -+ if (selinux_enabled>0) -+ if (setexeccon(NULL) < 0) -+ if (security_getenforce()==1) -+ perr("Could not resset exec context for user %s\n", pentry->pw_name); ++ if (selinux_enabled>0) ++ if (setexeccon(NULL) < 0) ++ if (security_getenforce()==1) ++ perr("Could not resset exec context for user %s\n", pentry->pw_name); +#endif +//end +//add for fedora #ifdef WITH_PAM if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L)) { -@@ -751,6 +836,10 @@ main(int argc, char *argv[]) +@@ -751,6 +835,10 @@ main(int argc, char *argv[]) struct passwd *pwe; struct group *ge; @@ -122,8 +122,8 @@ diff -up at-3.1.13/atd.c.selinux at-3.1.13/atd.c * daemon is fine. */ diff -up at-3.1.13/config.h.in.selinux at-3.1.13/config.h.in ---- at-3.1.13/config.h.in.selinux 2011-07-29 13:58:54.283221003 +0200 -+++ at-3.1.13/config.h.in 2011-07-29 13:58:54.289220979 +0200 +--- at-3.1.13/config.h.in.selinux 2012-11-01 15:11:21.368772308 +0100 ++++ at-3.1.13/config.h.in 2012-11-01 15:11:21.371772392 +0100 @@ -71,6 +71,9 @@ /* Define if you are building with_pam */ #undef WITH_PAM @@ -135,8 +135,8 @@ diff -up at-3.1.13/config.h.in.selinux at-3.1.13/config.h.in #undef HAVE_PSTAT_GETDYNAMIC diff -up at-3.1.13/configure.ac.selinux at-3.1.13/configure.ac ---- at-3.1.13/configure.ac.selinux 2011-07-29 13:58:54.284220999 +0200 -+++ at-3.1.13/configure.ac 2011-07-29 13:58:54.290220975 +0200 +--- at-3.1.13/configure.ac.selinux 2012-11-01 15:11:21.369772335 +0100 ++++ at-3.1.13/configure.ac 2012-11-01 15:11:21.372772420 +0100 @@ -266,5 +266,13 @@ AC_ARG_WITH(daemon_groupname, ) AC_SUBST(DAEMON_GROUPNAME) @@ -152,8 +152,8 @@ diff -up at-3.1.13/configure.ac.selinux at-3.1.13/configure.ac AC_CONFIG_FILES(Makefile atrun atd.8 atrun.8 at.1 at.allow.5 batch) AC_OUTPUT diff -up at-3.1.13/Makefile.in.selinux at-3.1.13/Makefile.in ---- at-3.1.13/Makefile.in.selinux 2011-07-29 13:58:54.270221055 +0200 -+++ at-3.1.13/Makefile.in 2011-07-29 13:58:54.290220975 +0200 +--- at-3.1.13/Makefile.in.selinux 2012-11-01 15:11:21.361772115 +0100 ++++ at-3.1.13/Makefile.in 2012-11-01 15:11:21.372772420 +0100 @@ -39,6 +39,8 @@ LIBS = @LIBS@ LIBOBJS = @LIBOBJS@ INSTALL = @INSTALL@ diff --git a/at.spec b/at.spec index d7f3abc..434c712 100644 --- a/at.spec +++ b/at.spec @@ -188,6 +188,7 @@ chown daemon:daemon %{_localstatedir}/spool/at/.SEQ * Thu Nov 1 2012 Marcela Mašláňová - 3.1.13-10 - fix license field - fix systemd macros in scriptlets part of the specfile +- fix selinux patch to apply without fuzz=2 * Fri Jul 27 2012 Fedora Release Engineering - 3.1.13-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild