Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package policycoreutils for openSUSE:Factory
checked in at 2024-01-08 23:43:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/policycoreutils (Old)
and /work/SRC/openSUSE:Factory/.policycoreutils.new.21961 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "policycoreutils"
Mon Jan 8 23:43:50 2024 rev:74 rq:1137451 version:3.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/policycoreutils/policycoreutils.changes
2023-12-05 17:02:55.220493227 +0100
+++
/work/SRC/openSUSE:Factory/.policycoreutils.new.21961/policycoreutils.changes
2024-01-08 23:43:58.819515701 +0100
@@ -1,0 +2,24 @@
+Tue Dec 19 12:31:33 UTC 2023 - Cathy Hu <cathy...@suse.com>
+
+- Update to version 3.6
+ https://github.com/SELinuxProject/selinux/releases/tag/3.6
+ * Add notself support for neverallow rules
+ * Improve man pages
+ * man pages: Remove the Russian translations
+ * Add notself and other support to CIL
+ * Add support for deny rules
+ * Translations updated from
+ https://translate.fedoraproject.org/projects/selinux/
+ * Bug fixes
+- Remove keys from keyring since they expired:
+ - E853C1848B0185CF42864DF363A8AD4B982C4373
+ Petr Lautrbach <plaut...@redhat.com>
+ - 63191CE94183098689CAB8DB7EF137EC935B0EAF
+ Jason Zaman <jasonza...@gmail.com>
+- Add key to keyring:
+ - B8682847764DF60DF52D992CBC3905F235179CF1
+ Petr Lautrbach <lautrb...@redhat.com>
+- Remove reproducible-build.patch since it is upstream now
+- Fix issues in get_os_version.patch
+
+-------------------------------------------------------------------
Old:
----
policycoreutils-3.5.tar.gz
policycoreutils-3.5.tar.gz.asc
reproducible-build.patch
selinux-dbus-3.5.tar.gz
selinux-dbus-3.5.tar.gz.asc
selinux-gui-3.5.tar.gz
selinux-gui-3.5.tar.gz.asc
selinux-python-3.5.tar.gz
selinux-python-3.5.tar.gz.asc
semodule-utils-3.5.tar.gz
semodule-utils-3.5.tar.gz.asc
New:
----
policycoreutils-3.6.tar.gz
policycoreutils-3.6.tar.gz.asc
selinux-dbus-3.6.tar.gz
selinux-dbus-3.6.tar.gz.asc
selinux-gui-3.6.tar.gz
selinux-gui-3.6.tar.gz.asc
selinux-python-3.6.tar.gz
selinux-python-3.6.tar.gz.asc
semodule-utils-3.6.tar.gz
semodule-utils-3.6.tar.gz.asc
BETA DEBUG BEGIN:
Old: Petr Lautrbach <lautrb...@redhat.com>
- Remove reproducible-build.patch since it is upstream now
- Fix issues in get_os_version.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ policycoreutils.spec ++++++
--- /var/tmp/diff_new_pack.bzwUco/_old 2024-01-08 23:44:01.203602300 +0100
+++ /var/tmp/diff_new_pack.bzwUco/_new 2024-01-08 23:44:01.207602445 +0100
@@ -17,12 +17,12 @@
%define libaudit_ver 2.2
-%define libsepol_ver 3.5
-%define libsemanage_ver 3.5
-%define libselinux_ver 3.5
+%define libsepol_ver 3.6
+%define libsemanage_ver 3.6
+%define libselinux_ver 3.6
%define setools_ver 4.1.1
Name: policycoreutils
-Version: 3.5
+Version: 3.6
Release: 0
Summary: SELinux policy core utilities
License: GPL-2.0-or-later
@@ -44,7 +44,6 @@
Patch0: make_targets.patch
Patch2: get_os_version.patch
Patch3: run_init.pamd.patch
-Patch4: reproducible-build.patch
BuildRequires: audit-devel >= %{libaudit_ver}
BuildRequires: bison
BuildRequires: dbus-1-glib-devel
@@ -180,7 +179,6 @@
%patch -P0 -p1
%patch -P2 -p1
%patch -P3 -p1
-%patch -P4 -p1
mv ${setools_python_pwd}/audit2allow ${setools_python_pwd}/chcat
${setools_python_pwd}/semanage ${setools_python_pwd}/sepolgen
${setools_python_pwd}/sepolicy .
mv ${semodule_utils_pwd}/semodule_expand ${semodule_utils_pwd}/semodule_link
${semodule_utils_pwd}/semodule_package .
@@ -342,27 +340,9 @@
%{_mandir}/man8/sestatus.8%{?ext_man}
%{_mandir}/man8/setfiles.8%{?ext_man}
%{_mandir}/man8/setsebool.8%{?ext_man}
-%{_mandir}/ru/man8/fixfiles.8%{?ext_man}
-%{_mandir}/ru/man8/genhomedircon.8%{?ext_man}
-%{_mandir}/ru/man8/load_policy.8%{?ext_man}
-%{_mandir}/ru/man8/open_init_pty.8%{?ext_man}
-%{_mandir}/ru/man8/restorecon.8%{?ext_man}
-%{_mandir}/ru/man8/restorecon_xattr.8%{?ext_man}
-%{_mandir}/ru/man8/run_init.8%{?ext_man}
-%{_mandir}/ru/man8/semodule.8%{?ext_man}
-%{_mandir}/ru/man8/semodule_expand.8%{?ext_man}
-%{_mandir}/ru/man8/semodule_link.8%{?ext_man}
-%{_mandir}/ru/man8/semodule_package.8%{?ext_man}
-%{_mandir}/ru/man8/semodule_unpackage.8%{?ext_man}
-%{_mandir}/ru/man8/sestatus.8%{?ext_man}
-%{_mandir}/ru/man8/setfiles.8%{?ext_man}
-%{_mandir}/ru/man8/setsebool.8%{?ext_man}
%{_mandir}/man5/selinux_config.5%{?ext_man}
%{_mandir}/man5/sestatus.conf.5%{?ext_man}
-%{_mandir}/ru/man5/selinux_config.5%{?ext_man}
-%{_mandir}/ru/man5/sestatus.conf.5%{?ext_man}
%{_mandir}/man1/secon.1%{?ext_man}
-%{_mandir}/ru/man1/secon.1%{?ext_man}
%{_datadir}/bash-completion/completions/setsebool
%files -n python3-%{name}
@@ -381,13 +361,9 @@
/sbin/semanage
%endif
%{_mandir}/man1/audit2allow.1%{?ext_man}
-%{_mandir}/ru/man1/audit2allow.1%{?ext_man}
%{_mandir}/man1/audit2why.1%{?ext_man}
-%{_mandir}/ru/man1/audit2why.1%{?ext_man}
%{_mandir}/man8/chcat.8%{?ext_man}
-%{_mandir}/ru/man8/chcat.8%{?ext_man}
%{_mandir}/man8/semanage*.8%{?ext_man}
-%{_mandir}/ru/man8/semanage*.8%{?ext_man}
%{_datadir}/bash-completion/completions/semanage
%files devel
@@ -405,16 +381,6 @@
%{_mandir}/man8/sepolicy-transition.8%{?ext_man}
%{_mandir}/man8/sepolicy.8%{?ext_man}
%{_mandir}/man8/sepolgen.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-booleans.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-communicate.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-generate.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-gui.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-interface.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-manpage.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-network.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy-transition.8%{?ext_man}
-%{_mandir}/ru/man8/sepolicy.8%{?ext_man}
-%{_mandir}/ru/man8/sepolgen.8%{?ext_man}
%dir %{_localstatedir}/lib/sepolgen
%{_localstatedir}/lib/sepolgen/perm_map
%{_datadir}/bash-completion/completions/sepolicy
@@ -422,7 +388,6 @@
%files newrole
%verify(not mode) %attr(4755,root,root) %{_bindir}/newrole
%{_mandir}/man1/newrole.1%{?ext_man}
-%{_mandir}/ru/man1/newrole.1%{?ext_man}
%if 0%{?suse_version} > 1500
%{_pam_vendordir}/newrole
%else
@@ -449,9 +414,7 @@
%{_datadir}/system-config-selinux/system-config-selinux.py
%{_datadir}/system-config-selinux/*.ui
%{_mandir}/man8/selinux-polgengui.8%{?ext_man}
-%{_mandir}/ru/man8/selinux-polgengui.8%{?ext_man}
%{_mandir}/man8/system-config-selinux.8%{?ext_man}
-%{_mandir}/ru/man8/system-config-selinux.8%{?ext_man}
%if 0%{?suse_version} > 1500
%{_pam_vendordir}/system-config-selinux
%{_pam_vendordir}/selinux-polgengui
++++++ get_os_version.patch ++++++
--- /var/tmp/diff_new_pack.bzwUco/_old 2024-01-08 23:44:01.231603317 +0100
+++ /var/tmp/diff_new_pack.bzwUco/_new 2024-01-08 23:44:01.235603462 +0100
@@ -1,11 +1,11 @@
-Index: policycoreutils-3.5/selinux-python-3.5/sepolicy/sepolicy/__init__.py
+Index: policycoreutils-3.6/selinux-python-3.6/sepolicy/sepolicy/__init__.py
===================================================================
---- policycoreutils-3.5.orig/selinux-python-3.5/sepolicy/sepolicy/__init__.py
-+++ policycoreutils-3.5/selinux-python-3.5/sepolicy/sepolicy/__init__.py
+--- policycoreutils-3.6.orig/selinux-python-3.6/sepolicy/sepolicy/__init__.py
++++ policycoreutils-3.6/selinux-python-3.6/sepolicy/sepolicy/__init__.py
@@ -1245,7 +1245,8 @@ def get_os_version():
import distro
system_release = distro.name(pretty=True)
- except IOError:
+ except (ModuleNotFoundError, OSError, IOError, UnicodeError,
subprocess.CalledProcessError):
- system_release = "Misc"
+ # make SUSE the default return value on SUSE systems
+ system_release = "SUSE"
++++++ policycoreutils-3.5.tar.gz -> policycoreutils-3.6.tar.gz ++++++
++++ 2885 lines of diff (skipped)
++++++ policycoreutils.keyring ++++++
--- /var/tmp/diff_new_pack.bzwUco/_old 2024-01-08 23:44:01.415610000 +0100
+++ /var/tmp/diff_new_pack.bzwUco/_new 2024-01-08 23:44:01.415610000 +0100
@@ -1,222 +1,111 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-mQINBFMyh7gBEADHbVdNWxivgqISiinIAE7gOl9vFemvnqfzn7hdfw2y02hUzojd
-0HzEJsyqxGBYHpdNYoiLbCYNubMDA/Xd0Att2D7fIAuNFo3gnKEm27xLSzjC02bk
-h2Pxp9d92dxPXsk+zDvY74Vwem74Yon824ESurH4gTK/HsiX2Y+7+5z3Ep07xC7p
-IA0RzD3zlKhfT9dpS0QR2LP1utFcT40eEjSZY8QK3iKapNtyvIrpKpkWx0tZTWwX
-+F8IoL9MzJBi5L/pS8fyUOkyBVIwdRXLNuX+sle+llH7i+6DWsWHEphiZ3ObiXDm
-iXKBu/I0useEE4K7TmOLqqeEZl+CTU6YWJLPpD38pq+p64TlAcT7rZSmRUr7zY0a
-X1gsXqm7e95Txm6UYy3Xth1jmZ0PuHjCBIvy8foxZVKGsR34ntAYcZzZhDca+J2S
-WyL/YcQbSFhad1N1ZpCXj4eYGQIg57b1OLrabopdSQ73s8uGdS12aNQKcehkAvKs
-Pab45Qxk7PWGNXuvHGYFCvedl8Gh/MUy3UqlXE58GBob9ldB+7eaO5VgR0GydSFO
-cbRDDpXBdWbsq4u0BDT3uB4FZTqYC3i83NFdCSppxG6aXDl4Hux+Fq7FcjFV7scw
-e/ndpnLMzj0oSyOmq6GZfvbZKRbyPztYxrEIoDw1mgvJQhm2AnfnhoOWVwARAQAB
-tCJKYXNvbiBaYW1hbiA8amFzb256YW1hbkBnbWFpbC5jb20+iQJXBBMBCABBAhsD
-Ah4BAheABQsJCAcDBRUKCQgLBRYCAwEAAhkBFiEEYxkc6UGDCYaJyrjbfvE37JNb
-Dq8FAl1mIt8FCQw1xCcACgkQfvE37JNbDq8mKA/7BnUyy3K0nEboJfXKP7mbI7vH
-hnDYP9ojwi6Lv7BJLOGNVmHDrZa9HA8uzH7AZIIf1XLOWd+bABqHETETElckXK+x
-gtE9GUQO0DQRVH2gCyJUaLtYgK/VD2GRXLlFRUA81XLmU0pNZVIRL6u5P1RbHjdd
-G01NgzH2sDKtmAtIashj25YD5m2RukTDfGYDMujjxR2bBRp8QnNiDHp93pYmF6oR
-iElJKrUOhBS7Mw2Cuy7GhcvPmFsUY7o/Kq+4bu9DzZOMrPTmVQMF//PV5JChWCou
-Aqv1Qybrt5I4/OzOVX+9bID7xowueMbTlak/1yqmgGNmFA5jN5XDuwZxoOX7F/m2
-ITJPRADEvZZLNF0kdj4zcLvk+/C8ofwcPcltO9SmDYwi3aKuMifVHqQnaG+Tu4qI
-okSA+Vngamvy0BFBLjjZ1DZhRBS4GELzprzQ4brBqmdFnwtGnc3GOHK5Q8teZeRW
-SbCh1u7CNBNXIdnTX5VlGonxjAO27ISDP7oaQyiJetnMy2W2qEG1DIDnLJtlPwDR
-+UFO5kBHdJSnuTnCl20XUADeH0tx4jHAAYcIyx0tvJCuOWylMG8yVadxS73IA6a9
-GA+fOku9XBh4eP5vIoMRfuVwDDu2y2n5J68OCfshs3JllGImrWUzR8hpZmjXmpAZ
-VjN4Ft83ZEvUEntlI62JAlcEEwEIAEECGwMCHgECF4AFCwkIBwMFFQoJCAsFFgID
-AQACGQEWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCYydnpQUJEdYTbQAKCRB+8Tfs
-k1sOr1sxEACyJPhmZopfHojuWHjSEQPDSboP2O4lhraffOqtdvsVgzpRn0NLIzBC
-vH7O7jPUJNNGCAUPL9fbL+9oMZJW8vZsOzNSXEx4ukGobRu3n8tKou+bRCse8/r6
-6JBDnaHc7JGZ73uLa/1Uy6zUYDSpEGgk2VNO2NzGhjyUw4Yl/3dP2LULkrBNrGjZ
-XUDC0ys0Of8DU1S/VqC07CwWN8KB0Tl03f1eq9meygymtHstQUtOtP9oQhPHSzz4
-pZMVHLsPoeAb1lss9JPjmMI4S7gIWVuvWZPD/R4QuED77qqkdXpBfW7zF/D5UTXp
-p0NVrL62aessciPy7kvA7F4wS3KCDoJI4FVJSxMjHIjwOg/Nhm1TmSmvc98y9Kmu
-IE3l4v+/XDkp/eREjchm/6m426pLAJLXJSWXJbPZpgYLqMamoVdBjVMrOeDqQoOk
-ap95TzCtlrWRdZV+NbidmBEGW9I4AvYgzHsb9yrW3rriTO2aH5N2x+QGGHmWe6RE
-ZO/0dfKbeLgxjBqEZApN+JCt96m+1jkkwVi/ielfVgGftwpCP0tu/F0r5zVcmmz2
-PB2dR1fU5qXvcN6Pye5dxIU6L20stTv4mC2epKUszUKU3I7DuEIyv0N0q3ThT/2d
-rzK15U+kB94tePV71tPtAdtrTjFCFHR1vzM1G23l+z07llJ+22GzCrQ1SmFzb24g
-WmFtYW4gKEdlbnRvbyBEZXZlbG9wZXIpIDxwZXJmaW5pb25AZ2VudG9vLm9yZz6J
-AlQEEwEIAD4CGwMFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQRjGRzpQYMJhonK
-uNt+8Tfsk1sOrwUCXWYi5wUJDDXEJwAKCRB+8Tfsk1sOrx20D/9xQQHHysi9fI7X
-hNxS7mjcJzYNGEXEvBUg86fDpx9liFGsgqvbB6CyWW9Xi8n4omggG+XDzdUC6ce3
-Ts3b6EXvYszqo9aRfTnmBjk+QVIY8GnJtmSh68T2sj7ynto6q7RCezg7eO4Mxq9r
-6dKceOZkIk7vCeOuQYLnt4HAjtncffYQUhRv4i86K8EUDqJJ5eSYSDW5veJoDa9d
-0o4YN+jGsSNIla3TirxUNSa2xwpGRGtzUBddOhXNxJ3jDwLqPi2U6TwNsIt/J/wz
-dwN4RPPIPogJhaRI3U7FgWik2+y3LYv3FDahMKn/UKMlM7abE5jsrvm8uvww1idW
-tg/MKu5rO3Rh605jvitpMwWGcDqZBqlwz5wvQMrKUg4etr+NKPtZALL/G6MxZkoO
-Dwt9x9O6SdIU9dUvqz3lNjAFrJGRWEWzvdxnlOmTh0DFItkjTjS4TGUWbOrBoxGg
-CEslKGF79BEa7msGeO1opFiXTwedvaAtz7QsfWCwYi+uwHz1yhrjLkau56zSbD0F
-uTm2MYkdaVKAYbo092z8vZFYKxeCRviqfqk+uyrp3IDyqns7guJmTO8qkXGak7eC
-Ah4iHXs3bWmJSz1rCcXJItHryC/QTo6ct0uzZ+lFhyVrDYPFLhYeWhZ9bYyhX9vg
-r4bOi+VUYCLX2DDMFWTW4ed4HnTh5YkCVAQTAQgAPgIbAwULCQgHAwUVCgkICwUW
-AwIBAAIeAQIXgBYhBGMZHOlBgwmGicq4237xN+yTWw6vBQJjJ2euBQkR1hNtAAoJ
-EH7xN+yTWw6vQgsP/jLAAtMMxlgw8xKWDRFXRSp3MrxrZKDi1n3+mtMbJCzNHxTj
-k0xqjcc4rZlfwe7AUsecG12DSvTbgkpY5NHSUtmpPzCO2uvmA7yMfJlqW9SYKvv/
-vb5o5TrEZO0CHRUIfBpKueEoyLlvA0bvz0Eb5KXhBV8od0xXUjQhRl8W71/1RCoL
-TPiTaD33LVIFWZVZ3fP4K6BaHZLNkM6n3JagZfA8ZldEFNb5c74W0WC46eISFpk2
-Ys3owN4jtn/Z82KfqBEQP1na0mfDTbfwKQfre206f4vkh2TnnGFbATYGBngf78ZR
-Z6MWAmQ7O5TREaiyPU8h7tKFWyklNUg+UidoCxkNO26Fhhkl45W+R5f3zUlNIEB2
-aiXxyD/PKRyMJJESJZtc0Vqr/Tyr1yaf7cGiJL3elWArqtcJfHmeLUkGT4E6f8Ms
-4fX2exmAVh32Gi2h90b7ZNLUIvHFASvR8A1qz5Ixcdidmlls2BCL6CrJWG9Vw52B
-ZXCNVhZszS/k1flJiyAnX8RAfLFeydb8+QKeAPt9GMubNzmEiSqPU2JDk+Ci/Fnw
-OX4rd8DPUWjvyD2E916ARgKFaSOD2aWG+XA4IX5uLyUu6w5qGMWIA1baKQ1YVL0Z
-BqYyhg2dF4qSsuzg6VGgd0dcwsPm5mHVo/32oGhTE2lHqceYEpkXfQqr6vYMtCFK
-YXNvbiBaYW1hbiA8amFzb25AcGVyZmluaW9uLmNvbT6JAlQEEwEIAD4CGwMCHgEC
-F4AFCwkIBwMFFQoJCAsFFgIDAQAWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCXWYi
-5gUJDDXEJwAKCRB+8Tfsk1sOr80nEADAAYKkf79G/wo/6oVBoVuUXlKKgxpD01qk
-/2SR6BLRttb/M5hWhiUsNIRs0fCwSj1HASIHKHuGoT6DZA/E4b2PxYDVf1W4z5m8
-DEKghMvCd2Ud04K79N0hoVuAW1j5C8ChLF0HOoYbycVDKN+TkcFF+ePQ6ym+P40m
-bOhJdzjZHsnkoZ63PHbSmXi/sOKdNVm2dd2eHMITPWxLMjA1Ur+uMvEEGV3ivFdJ
-SozGyzcsH9/QI4xygKOKNPYS++fwQvF1vRKouSChkQ/LlnbwQe6PsWgFWOVgTC0K
-ixhGl73HOK+7aHdewLdBOfTnwUMiaaeb3xGVz85pIwve4iF31M4Xan7rhAX5H6GX
-PWqgaNHIXnZbV2rZcB269QWdsz/y7SDx9PhvP7f4j/yqCljFF86jzkJivVz/a8g7
-zRwjKIGwzADmM2xgL2Pfng8FtTnPvnjEa0Zmz8WOY0UoWDGMcwBt4mBFEk+tj8cb
-uLTc2HSnNbdCWR8dUvvY1U6aZRrlJ0W3C268GqKlcZopAnUh22d0O+TYsxa+Mwtp
-/FV4+1jR4glYeBNoQ/2lyDW8hR32rpKI1VUntjY0h2gkMeuAiWxSnmpLNuX+PpvR
-kWT03HgJWLm/QOpXFZcroHQCNH5UAp4894DsnvQqCFo5aDs3x+0V6SqJewa5wSEp
-ni/ZIenyHYkCVAQTAQgAPgIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMBABYhBGMZ
-HOlBgwmGicq4237xN+yTWw6vBQJjJ2euBQkR1hNtAAoJEH7xN+yTWw6vbbIP/Ani
-y2tN/ORuUBj2Yf+cstUWq6uNWFEBBHKFEXzn5K8g4aaoka/ZKHoKzo6eNQ7ADHSA
-/Bvq6OF53wbZiHg0qE6nqW+bZbrzx4DG/wJDaNcHhqt19SJrM0Pb29xGuNfKdgh3
-YqfGq35AJhGoJ1FVW2Qpe/uwVXMDvO901PtyceolEsIkH/e3V73Ot8um9rudSM6f
-uutG+UyY8vhrGYyyCLU1Rtehc1B6tvxzxeB0n5ByJa8T98DGs/2sTW0yPpP745lk
-CEKb++zmZiiLptAXGXD1T3+KopU0oJoBZjm7pk0yKcwBLc/kV6VyWrJ5cXUSyS7u
-L389oY51yza9NB8qVzeBZc63NxvEZ/SHD8ECLJKKdkKbv6/N4xsNwLnAv/yyd2kg
-PgN1RX01hFjPXnCheyccjmDi3w1s0Lp60vZ8gS2whf/JWALpQKQicRQoHLlkzIq1
-2OTjvlY43ZdYB4LxymMJNG7nKIXDka2pm0x7gppKw5w3VyCO8V4FNGoGDp9YDGVh
-fHiK8qkdEMvfaEW2mJu+r6Uyprlwh8wwPQL/ty31SO7l8IBolVpsBIEcL+dtQQe5
-JNCNBdaoZO5qoY+MuGiqvW+YQ5OcXBNBOcyISKIjYtrLdcejE+6hz4pCYAReQ6Ut
-QBOWCoZEJW7msgBrajr/h0aC1G+kfb87pTFVUIG6uQINBFzabgEBEADm+3+ZRXtW
-1Y7KB0QO3iG6tXG0acc95bh2rO6djhP8xV4vV6a6hI691SQorLxKCjpZSzshczJl
-mMZ3SRuMh7VSefc7w59ElBLoWDhuEKs5c3gtxAmzxICWNo/IJnnb5h1s3hG8kmPz
-KdaskdbAttQq4YGk2GAYS9LvmKLPwAu/iSaGfAr7RJPSQxvW2i2y1OdhF4ibuVJT
-1TGa8z1IsU8rf5Ybx1AdkjPnazoE16+jrs763tnSzT3kpJeymMppkHMJIkO7u7D4
-bDR+qi10EsfF0inzmhimH5k/ng87+qi6UwryvUorJPSbjRLq/n07y2LDwkdOrW3X
-sLyU7RAfgZ4FUfvpUqkLZqB+GmgVccsy2bC/T7JMSPZsIlk/KysIl3kK2wg7oNRK
-JqtMTPhpzEiIGaEjJNa1S7c8jswSL97y/S/ok8iYaluHTSTHMJrdzriSP0irWzC8
-MJJNcUZgsP2NGWfjc9l0VlMqOdyW1mtfPXY+uONeAlM8x5KwMJ/r4nsixodozkI7
-BOx16F59fjMfc9ywZH3o/rNOoG/+P9rSABO6p/zg0e8uNyAE2KobjAfvWxYLoaT6
-ngYbXGgC4E6DKjnxI3n0EEMjdfALzcmK+SNiYtxtUQ4g3rFcOxt8U43ObZO85yuT
-I8TCQT+03/vLzzMOTTAfwn3Slu8ORsVqtQARAQABiQI8BBgBCAAmAhsgFiEEYxkc
-6UGDCYaJyrjbfvE37JNbDq8FAl1mIxUFCQKN3hQACgkQfvE37JNbDq/P6BAAlt4e
-EQcxin9m5eayHEvnSgjYk99FT1asgfqDz8d6qVBTKsFxNXvm19Ps294bD2oO02hz
-ScyVlY28dKH38MkGOmslxkMB7yO/6vAh/d1IixZNz+dQeWtb7XmNySj4/AVH8ODR
-K2gs0rVrcAH5gsjWlgBFzywmdODFE5iQVH8OJ6msT00gvkkvKaKU2K0q7A3DOGTy
-9Lzk8A3co39JzzR8E44kgJzLC1JASuoL1LaIe5Fg8VMkDpr5Uchzi2NnaXtuaNNe
-rappRf9Jrga54vQDdAmW02NCcea4Oj4OzKpC0bOU6N50HsmeQjKEk0sgJrIKdg65
-k8rlrF2uQl0wBsy9EyWgJgL0rPYOceD6d6yEfy9i3G8fPvzCIoBUntZHGGpHDx8Z
-pYjP2qhg6Vj/ultHfQBk+A7D4V+NU2qy4+RSTMyIJjUAAgX4WWlxipuy1mRnfJGf
-/ZuLBAOVST2Igtk4E6cKNagCv3vJEfJiaak8TQhi/Z9hFsHpN+RhEldqaPOd4yym
-2iKnoYX98wJsryrsZc2tHIwGQXi+lkNecLJYokWXbKnLdlfwkWrziTFAAekIBdQ2
-HrhXFq9EdfIWgv4PHA+goPXDjIzyhFD25D5NX3YxUGfMWzWyxfg36hJAjbyv/wcd
-PDJVaYGxSK2Dap4KZOGA+L0lE0mLZN+T28FSbHOJAjwEGAEIACYCGyAWIQRjGRzp
-QYMJhonKuNt+8Tfsk1sOrwUCYydoIQUJCC4toAAKCRB+8Tfsk1sOr2kGD/9z6TRB
-2z0JIqmWifyggk+psCZZ2jchlo1Xo8saLr9AdzcXWgjoGE//wD0rlY5gz4qAbJEC
-jzS5PfybtjDd5SyUV1MV9/KE29Cbb5uBHa61tnwqp55dlrGbog4YOD1AaB7aMXqJ
-nSz9DRgnIpxMSwi1C5m0Ed0r9jCV1wMkhZw1dM5tQGx15K49AkOCnXCcTk/3xcnW
-cCxVmNaBSZz5WRvJzTrGRjmROrcYDRGG2wsRy9076rr1WfvVVytUqZvb4qJooFam
-BSr9O7QpZzRzAwyVJMW/XV05pWyxQGjjpXZB0nr1SdUy9EQlnDVb2tyE8znPyX6E
-UH+THqmz8Iy/cE3Dss2MY9xb6p26qbYsjO/8gRJIl7o48+5Pu5/XAiBv//lFOh3T
-M4gnT9dKAlOQOq6J652NUP4g42rqTStwzVFNKnc9dKeUQ4uCRk9JkSq88UDWk2+L
-uP4m0xhvNDjWQPxRlyKZ1cdx/lfil21yBVk8DyG3Z/K3i0dx0JlL/iOj7Ug2kMs/
-+xCIL7aJUwwvFIyESUY0XvlOS+jnI8ErttxTI3Tbvn4fjC6X0x6BIrTwUaQm4VUq
-fZpfGkK64afJ/I9JJrHbsOuiRExAogD4LGfevgMRllT2puO/LXvhYDR3huHkaf0N
-klKrYrZGlGlV+1nMkm1e2MrmGJn+gNQAO72frbkCDQRUIZ3LARAAzO7mE3v0LCV6
-HtO9C55PpaOxqMJVnzCbgl9n4P+4Ka5XfP1MojMn1PJnWoCEIZ61dS+hyrpkKrXx
-mKL+oEOZ83d7tG9w2txE25HnV+uA8i0cYcWeOxba9pWcgBEnIc60phbm7uba1Rr0
-kwcWnNGrA2K7acXD8tmF874N4CMAx3nWZ0lIK5bDDuX7FlZA+FrWnLFLoFAIHyoL
-gE5N1bYSQFIhQBq5wdfeJqIZAg1e4UY5RVyw+G1yyaYPOoPwm7G4Z/OK3wtnipq6
-H4J4qwAK3R9FaMaxI7696KE5pJTG/o3qPC847WgJnMDmUjbM3hBBCz0k+ZK35b54
-8FR4IU4JPmUQu7j4/hZZz16XouEeP85+wyieAjqO+kZaeKvObD2OgspYxpqbwxPZ
-LVz2eZi02tqYjWXN4lZhTdUWAmlzkNmSVvohE5vSgSCZtRIhnBqn8wH8b03bXqav
-dXXkAoSe3i+q7qiXQIoHeOsxp8YIOsdQig53wULArVUFFayeMotdr6aAYJpZI9q7
-qFy865Xb9mrqzvuJpBDzb7SqR2ejqX2eF2ZmwvGdm4Y5R/C2fU8V2NDj/f+aAvQr
-GWipLB0wemBqdw4xP60md5s4IaD+IULJdJI2bzN6T+VEQZ68f7cBQgpNjcmF928b
-uqjfNbu74LRCUWeuP+lRIWzokxbeEwEAEQEAAYkEWwQYAQgAJgIbAhYhBGMZHOlB
-gwmGicq4237xN+yTWw6vBQJdZiMJBQkLRq4+AinBXSAEGQECAAYFAlQhncsACgkQ
-K77Zyxpo71WkTw//YVI2lWyoc3F6PMUlhGOluw46EhSP/Ci8JPP2rue9sbF3ZOrg
-Kz3Vpc+aOFmE7/2r5HJIIMUqyabHHnifILqdlrE3hcC/GLkJU0ph1Kr5Z+5W57HZ
-zMXiX2KsVhmysDHEF1B4TjvMk0oMQouQyeicYHF4nc0ElYHsc5KyLPgsBF9guiE4
-CoB3nTR6Ty0AekMuimwPphDFm/7OAPZLOppBgu0v33o4Tjv5admkVV2aePskUJ8l
-sOLvD52GV//4c9/6vvxNA+mXVu2V94SRLJCvnRdEvDpy0kYDrYKjt4dUgwO+yJ1N
-SjbIx1RCN32G56lKgirSyk8XnJfv3Erop2eOmQ++aA3deolRBV34mUgQaKwyafTU
-HPk54mXQ6RY7loggn3emKxTuwkmEzDtixkKi/OC6oVc2cj+e6z1I1G2u8xMi2IOQ
-6hys98R9/wikn/3nqJk8fdshp7PneCJdIS9pldtWHJViVtVbZaDCSb/rgrgbn71x
-SC5OiYgZwOi9e4QdKDSfdCdnYUWN+y9XBDfwbdpsQSsXsA8PHfpZQncZsDYUWvTG
-qYc3VhCk5shx6lbCRdBQILsIctBZFyUKdi9KC1f+kUneq36usvS8yGiwEYYhQk5F
-p0+MAE+6Abk1/9ZXrikFkc6r0Dl1kow4mDa+mCpWLdiU0cbrqgTWhK6kVXMJEH7x
-N+yTWw6v/PIP/2ssVfbsGW/UPwOOpXo/0jNZH9gMLgCFgb592WWrj439c7aAbxtg
-eVuH6t3koesKf+3c5iDXE4Cp07yUKo/WOGSNs53DZoiwvyl2Hv/NkTA9cUIlERZZ
-rfRrgip+9AbZ/6SI8Fg60wXLl2ZmPqM3iYPvmNtTo1+GVvZRfsvRPTAtS045CGuW
-oF9c0oBJsMA6fnOu+3PS2NExwTvE+wWj3/fH7/ESWQuQmdTMXUsf+fpPbhmx4GoH
-pY0I+L2epZvHUAZMr2N5YONAnX82+P5hfo885/Clmq4q8uLpmJLmdHXCyzP2K/3e
-Ivvyj3Qd3/PTAz0OKaLmePATKXcShx9lukBMy3zNZUM3GauRhPfc9FjL1Xsb87xo
-mdOS5JM6CWjtqQcyUkSFh8MuuZm1CcxfYfkD+87UmQme0LqQbuYgqfarZTwJJjB8
-yp2xxgMQddopNI+PbblLpeyTD2dK6PwdxuiKEpGixWK6hfk0sXZa7+FevJ3SCu/R
-aAeOm6oKVBsyWax3WZxVOHOHzgotKW5CCRpsretu8O+IQ45Dt/F9OPUxHcXN9ii9
-jhNWs7x+NMCTlGPh/+eVyCKJoKlCUWXBPBzEMEvWzoxe/tqgDPKqlMFDq9IVdYrl
-Sv7uugSRMBQSPxqSCbEL0nMmoKiYevC95tIxXtdq92Z8K9RezMV5D+M1iQRbBBgB
-CAAmAhsCFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAmMnaCEFCRDm/dYCKcFdIAQZ
-AQIABgUCVCGdywAKCRArvtnLGmjvVaRPD/9hUjaVbKhzcXo8xSWEY6W7DjoSFI/8
-KLwk8/au572xsXdk6uArPdWlz5o4WYTv/avkckggxSrJpsceeJ8gup2WsTeFwL8Y
-uQlTSmHUqvln7lbnsdnMxeJfYqxWGbKwMcQXUHhOO8yTSgxCi5DJ6JxgcXidzQSV
-gexzkrIs+CwEX2C6ITgKgHedNHpPLQB6Qy6KbA+mEMWb/s4A9ks6mkGC7S/fejhO
-O/lp2aRVXZp4+yRQnyWw4u8PnYZX//hz3/q+/E0D6ZdW7ZX3hJEskK+dF0S8OnLS
-RgOtgqO3h1SDA77InU1KNsjHVEI3fYbnqUqCKtLKTxecl+/cSuinZ46ZD75oDd16
-iVEFXfiZSBBorDJp9NQc+TniZdDpFjuWiCCfd6YrFO7CSYTMO2LGQqL84LqhVzZy
-P57rPUjUba7zEyLYg5DqHKz3xH3/CKSf/eeomTx92yGns+d4Il0hL2mV21YclWJW
-1VtloMJJv+uCuBufvXFILk6JiBnA6L17hB0oNJ90J2dhRY37L1cEN/Bt2mxBKxew
-Dw8d+llCdxmwNhRa9MaphzdWEKTmyHHqVsJF0FAguwhy0FkXJQp2L0oLV/6RSd6r
-fq6y9LzIaLARhiFCTkWnT4wAT7oBuTX/1leuKQWRzqvQOXWSjDiYNr6YKlYt2JTR
-xuuqBNaErqRVcwkQfvE37JNbDq+N8A/9GMwRJX9BxgwIqYwoIb70Uega/4dPmKN2
-WBC8Cl49rbUIvL1Kfh8INsKpliP17Ygi7yvYHAs4Ltu2fRJ4b6XMrYqajZwpxEyW
-f0ZlUF1uY9C+7hcKS1dEic9AChXg3YvtBlrfdFrjtl5Xv/JNR5IlnN/b8/mfdhik
-65R23OkScsLzMERtuXV65nkLevroyxur5tZGGTF2lgTHOwOcBHgGlvbo0IzjF91N
-+auTS5CkJCfT6P/P+9f4DISZJ3wUcXhwLCOb7qI8q+ZcRaMNm2Az8bBQiy8tUj2B
-IqE85wUESDpIXnlk3PE+hwXY6GkAgHcsNjxaUgvRPf3kKscG3dzDqz6a39dj2Y+N
-T9ZZjxFzUUw5P1YHZYLQ+pXsc1uNbbuLUCNh7Of5kLhpPwIhh4SV7MpNmwUmrFBZ
-HgvDP/u0FTrMboKU1vQA29FQLweaaRl0s11yG2uQdSmyLYwxAmdaEoReMqqDiVLt
-Ruh373ST6g/JDOEP34FmMDsS+lzEC/Wy+fOkcxV7rOaZiwLmoxuccXIJL2kkVtD6
-0KNLO2AoAaZ+eyKnf/SQmKV2zrhssPvB5TYX3z7PLh9+sZK8LmGDM8I6zkyrjO68
-6ZJqUNU+o7RP56e3hMrBRitMqEVEXsgOLkcrUENoQF76Oklt5ukCTd88ARc5HIWS
-MV9EoZOWc2e5Ag0EUzKHuAEQAM+ma9a4DNn8DUrmjjPY5mEZFBjOpJtQyAy5fz4h
-Sf+eIxp+OqV+Z0BPqImew6+IRSH8Z/HhMJUFRRqNJc3DZ+ST9URiRXQHy2pk5miq
-15dXFmsjrU76LrinxRFx/gQv6T8svO7TYgpItDZMzefY/D5XHGWdC0WVrMoS0kHA
-UIecZHovWb2np/pz0y0oOniBdYRS6EmvJT2agV/A9jjCcbrSlbpoZTtQz80V/5iK
-aNC8ImGLvPwl96bWgTK65Z5O62RyFZNLw4wdHlYNgxLfrxFN5ORUJFf9UWIEpQQN
-JD/LYCga73tSOClKKySwGZl+YtAUa8wKqS9Q1nYUfvSKWESmnmuj2IwTIIZFkcO7
-LdF1Qe8f26GROnirMGscsBqHNJMN5bkdUaRdxoPeTftoXx4sUNToaD3qs0PtwB5Z
-K/724Y7WpJIj6i37pPlMfQejCEiHrlhfxCrcrq1sgzE68ijoILY+2LkzLWg1e6/I
-C2zpTD6RhowYgYeeuhkdUigwFDRpRs6dXSjoVl1amjMBbfTI2svBEh+oRCa3kMdk
-Okel4F81srEKjNEQTF4fKfMhFepq9zGvJTSTOObZjk362s5a5vTzNZM1euOie9ps
-V6+qq+ENXL6/sSUHb21zqHHWDJlv0fn9bT3L55UZDMge8MxLUjhovRuhK4YbzVEq
-GbZVABEBAAGJAjwEGAEIACYCGwwWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCXWYi
-+AUJDDXEQAAKCRB+8Tfsk1sOr3wpEACMZA6SPq1Q67LTzfrqHqX52jpWAgVa8yEy
-Bvh2AHho9Z7mRzHoNgM7VaHifRVqvc9sVbqOBiBcnxYIGTBFUg8o4I6I6tHfIxJj
-mlChTZzzAABKxiRFR5kEgG6eu5ZMLXB2ZJFoFykPRS8es9e1NOuh+LL3/0UzYgMa
-oBbuVHS4H8VC2576KiOvq1mIIFVnZW5tnZqFMC0SbEKyOhjAUoy+p1sLvLQEAZPV
-c6NZ49JeTOYtEfz4W3LJ1Mp5VsQVQhjcZzGMnTW46czQtqp0som8sdHsYiTOR42J
-Q8vNsq+CyPYjdvMCpksUzrwhzfkGkGeWnZQ6roRsBZvE0UbJtRQ7FXJq4z03BlLC
-nyADsnokh2TtrTFPwk7xGETcNPYHlXjryMDUl0vKG5QtW9z9Y1D+uwilQGAZwRce
-2zLo5RsjSWPIxjRBAaw6sX2BACBIcijXdLVnPOgdbas/wK0b3F3z6H/3EHBVR6X6
-SfzUvm+Cq0byR81fPODe9PSZqxWVVQEf9iPxpmdMHQpgaGbR/PiKcMjHstByH2uX
-TrWcOowAAeZpAgRLPz+1T68M06V3DwShX49Uf4qqU+2LzZPBoZeMQ1YWSPCKUO49
-UbSaFC7wMJh9M/zOZEtjdAA8RKN5j4JtQmhbnT+CYo1dx1+0cSLjlLHqsMxdfe5K
-gNeop9T9uYkCPAQYAQgAJgIbDBYhBGMZHOlBgwmGicq4237xN+yTWw6vBQJjJ2gh
-BQkR1hPpAAoJEH7xN+yTWw6v8DAQAKuC5Gemhfow4V0A0ciGg8elQb1QpZitBrC3
-W9btHM+Ct54FnYUFc48V4jg7uxVC3Sqf3D1SDnmPRopwf6+09g2q0EjsgyzpQW59
-p2x9bkl8JE9HAvH98Y2bgUf1Cny8woHc4AqzJdQncGPZMUaGLkitSa5WAXlinXfU
-c100igqc5oHG06wFTZIR1T0s0K6zwL7wq2KCj4GJ5wieroA+Rw7IUvHDFAsT8T34
-eDzoelrRn9NEHDk3HFIf4zYdw5VHY+lE2Qxo9LPbnferkN2RW0ln76bHhsfiQfW/
-vZEi/Ul1DHNISPIbFWUbFUe/YT2a65mQP+NXVUKmqROGjH7LbBZQvvzEhiYHb84g
-K6Vv0ZU8sXRib8Xq1ELcHdCcBROnj4J0UvVYyJrWKHkufaaLHi608/TPJhveZZqo
-C/KbT/SIefbDiFyj5+O1ssQqyhZBMYVAUty3BQ343vpTDMMRkLklbchBc8XLwpxd
-VLb5KtwmlqFYFvCR9MdEdEYw2J9kbdqdf3/y2lM6HLbRMpcWoobNm+lieUQUvwDn
-oRr0Q2J1puU0LaSfjhATi6DtW9XCH+F1Gu31heZDF6n2AGxajyWIk93ath+5ddrs
-0zLOEBSOOA8OKq+UEESkX3P34D6PaQ0hOw2bYd5H6bWyl+8bC3TJikVCTa4cCMtN
-/rZkG+pY
-=DkTz
+mQINBGNZjyYBEACk7biPgvCVldNWq1CwVoJa/Fvc4T49tqxcc/sY4uVlGo6oSi4f
+QcXE9XKPPBuRLmvpmMWvODQLzPxJMWUfJq6LyYFmX2U9VRTcyITdmJs8itkEaDwq
+8BtXkeQfUDAVSFy6V6/uvVmNWD7pGXqJE1GxuV44Ihlh6v2YyqSzDG/rZur771hk
+e8VZmlKMVMs1RSeOBA3nUmvZQ58+uqkhJNYqOeQhxGIxDOHo7QhzTG+SlX+uQq6m
+zACKygVJJl33toaUwVAX5R02a0u67A5wC0whAoLSHInc3P7ayivWV/iESAz+gMIk
+uvJWns/Ak14J7MTGgjD6rle7PNMsPDCCwQScqA8F0x4OChCixbZGZn6Mr0u8+01V
+CEe2IjJwVUfFI/G4n1FZ1RAdqjkHfZJeD20LGHSbjJLcnqLLFx3LDpI5dAxo5K2k
+Fvz0VowrB58aHoofW8/g8yZygGQ4Zpw4JnpUmaPnMTiD5yvnFzEihM5L9DuaWqSK
+3sb9qzoaXABYRYI7OmX4B5nmMzFteHHq0tMtaKWf0HkAsCP0BLJcS9Oc1/0I0+gC
+4oKLRD8a4+kaEpNr6BXvWnj7Y1h0Zr/CZS6+gi34CxWMl2Q34OSqtS37mzzBu+UZ
+xffPR0aV2RXcEpc0c5HW550Thq1NF9EmFOoyeG4J2ox9JRANZXLh/i7mNwARAQAB
+tCVQZXRyIExhdXRyYmFjaCA8bGF1dHJiYWNoQHJlZGhhdC5jb20+iQJXBBMBCABB
+FiEEuGgoR3ZN9g31LZksvDkF8jUXnPEFAmNZjyYCGwMFCQPCZwAFCwkIBwICIgIG
+FQoJCAsCBBYCAwECHgcCF4AACgkQvDkF8jUXnPGeAA//ScQ3kJMqI6FRULXo0aF7
+CpafPXVWdvj+mfQMlZzuGwXXTmM42T0DXnXRBSjstWkmOXP/UqkN7bNeXH/S3D3G
+CJ2l0qx8Qp6fP0FloJIbemyxNtzl7yvAE7kWvuBuLvUdm23cntv49gAzj+ElDqCx
+tT6A6qaqM6r7DLUvw+G+r6gkeu1hNQbtRpEK9Dt8tHriQyI410qFRMbi3QxU+iTJ
+79HXwrXiYpX7V7T+ugiU9lgIiC/hWJCo6SY4knt9E6zhegUWN6zErl2HY8FBM2P9
+eHOTqToEOAhKeM1fXZvxe3m49fGq/spmRM1RUUl1V9WFEaMiLg/Z2rmbD8LX9Ytf
+YlQCbEwyX2nkIP1QIcr/DEfcmCA2MXCQCgsqI/2XS3BTLPyjuqAYnXxrk+T/Cydc
+g4W3ZBYI/wT56GH02TQzB/wJsn0cW6EMG46VSDY/mZ2/gwi54G/Pqb2R3ZC9I7wQ
+6/FFxuu8myI/QVmEiTlvTxBoyOdNlliBQxCkDczs1rxd/o8Wfjo1vwRHW84jZrCP
+3xr7xPJWuzsrmPU8kFHTgepGoY+4b/h3jGwlV103RpRUK4JidwHsmYDVk6pgeUH6
+9hf0iVcbFfKiViFTR+DwjbAOxTdsFgsYYn+7hBj2l+pV/uzeA0akL2dkgfJc9pAf
+6ItRUnGC+RlntZ0Pf2NbwIS5Ag0EY1mPxgEQAOBjoc5rCJOHFBUj7S68ABT3KKx7
+DVJJU7qYCxC1kzuzsGksDdEY+PdQaiNkh56MD6R+rsD49UsGHP+RIFO3D3+zejiu
+Wo3PPtItqLHpcpYKkc4Gzziff8sXq70owxWT29OyMrPyIMX2YFHZuYJ8u8STQcOI
+zICm/lJs6xkwHyTk9bIrwdg/Iwjm6YRo6xoLe0B6KE7efMDER/ehmXncnWkjD55x
+2tAttZsfRqoqeB8J10PxDSgyv8jCXLdbj37l6omh6VH3926392DRrc2fXAgZhHML
+rYIKwXkhnAp3I+HueKURQWkDlWXP4d8gVyHYt9EXdD8ZkPx8rMrGGMMh2DJpZJOw
+xuK3IrFfYb+lyOyHIyxlPsjcfHtLBB8WujnyzYMWwUsRmAGEm/6db8dyR551q95e
+Zd0cqO2xrz6u8YAO2LjCiE6X43m1ulhbf/NHcBiqWHjuEbSKRQnxO6ye7zrmPdnm
+YT4qpLrzKlFUExGt0mXaUY8MKdcaGXbvbRU80wL+MHYyCb8vWa9AzWM990LcqCiQ
+MAfk0zMq9q/oDvVotJQmWLdR2QYeRfl3m6uzeTdaYK3td5NvfQwG83MFxJhNvDZQ
+YhETwbQIVzfC2JZaJAo94VdiGfT4I4Khb8RekgJVoC4w8yByyV0zXdsobIajc2eC
+w0R2ik0V+vQopblfABEBAAGJBHIEGAEIACYWIQS4aChHdk32DfUtmSy8OQXyNRec
+8QUCY1mPxgIbAgUJA8JnAAJACRC8OQXyNRec8cF0IAQZAQgAHRYhBBviwP8IlJYj
+EC/SVkaViBwlRQjRBQJjWY/GAAoJEEaViBwlRQjRmQcP/1OVG8BpkRN/6m/j8hx5
+4vcofCPmWsL+CiNfE3QCOEBeWMtJEK7QTIgLFnLfXnyHiTS/CN2/zr33IcQ33s90
+XzibzWarE7P6O4oFEcUr8TAACA51KXMadRiA2SaYJE4Va2N6d41ZoV0Ser0wi3HU
+5qxw97LGdYyOrsstgxIRI/i2BRXkp2VpUBdHqr/zfe7bv82h2QNw0fZQr4jJP4q3
++4I6gggvi23Gj8+9lOmHNXyfqzSwkkTf8GtHGC8JORVTrOizImzJq7z+9rJBgY+4
+G4RBWzhOv69njaLNuQeASVxm/2hiMmzFqpmqozN9Y+17ubo+X+m+2aWE+aln56Pv
+LxJHKwFX7doc1doTUnewg6ZjGKCGWBlqlKMeX8D038pd2gsCMhm0EA5DZkXJHP9z
+b5VSomDCLB3GhoVpifZ5Qz4dJNtl90ZcFL/LJktiwz4vgzZqLNC8MhFfPLy8bS+k
+dAS8+VcvQaDSDKTR+jHQ6wA/kJ9eYcL8C9g4czzLzVfZCoN/fcC7VEiCiDhwuqrb
+ClcQBFZsCPQEAwh4mgIMK70zPaO4rW6LbCvwBnTjY8JSBkroJ1QjXwCy8ClSE+w2
+6cXtk5zmYUy5oQaONYm+tMberKsJjvfJIGIZdaj3ZkHsVe7YzOC6M8ESKAHKp4Xo
+hXbHQQEfD9WtzFerpKWCaKTobRIP/jyXmYYLEzRav3WtoH3NCXANu0Pc8JuMDoO2
+QytHICr7zWDvk3q6LO0Y8JXD2fUegY5KM3WECF5KBBCVxdsMunN908WjAMQdyUUV
+9Q4MIg64X4WCbGUDPkTGv0mQl2jMEWpFniIX+18TmwcHSvN5RxjcnpWNOyNQuMTg
+ZKDm2uw5zwYdScWf3DDCR/2dH8yvVFhxfQaRNzKJSyTD4ChHPqy858BYgMljjnTC
+APQwdkrTwh9RSxhMZ5yhdy9Z/+EhO2/8B/kylADC4YQOW1UN670QC7rlJmUySQy5
+APWHco5CNQnqdjhrgzYJDnWCCz9z6+x6bGy5iUa9K6Gt9e3ocYPd2Gw4R7IS8hyO
+Ok/Uq7maqs+GpcWWLWzB+iGFgYZU758zsbeXvAWQAiLQHWzOfQrXepGoEjCOdYv6
+is/UovO9zMIfrIPQVlj3QIN0y0zRUHoCpPgEWHrn7KCMDhiIDt8VgGbznXTJtRw1
+/NTeBQgnmkXwx0aLM7ni0I9IrpT6JVFjip8IV24iI5nsVRSfvxUjFBQxgyujPLuS
+f/Q9BlrsopFtcnyyDSyCtBqnCmBSN0zC5hk8Ya/UnDn/5ZQZYxsbGaWkdwQ6aw9m
+khMfnnsz+QfKT1R3SIrByIEjaYYvGJp8K4utRjhOSfM6ptmCN2WVxQbhwMERC4E7
+8ZKPUtR+uQINBGNZj3EBEACsSSOVQfiGhJACRUkJZaT6cX51oA/kizOsYRAftPI5
+XBdtFmd1I8VJSopTaQSAdsyb7AVihl73mH22MOHawsKzffylW7kKGHPd02x5MXv+
+ttyTDasJT4ltqUSLByTu0ouqhu9uHvuOettCeStk1z6cx4ccutjJzmAdbpxKfhSV
+TjYwqZOVJ44bgvL3BeGBooKF4hc1fdT8PrzZN9+Xsailybuk9kX3Z3BjicikLFTY
+BOKaRLK6VuHOTYKNnUlhQnUsdy0web0XQsQa1zUbENKHNVk/x05akOz0EHBkMtfE
+LMLiu9n7PkEkIMVu41MplDkkShbawzzI/UstkZfPjiGxpvVo+u8He9x1LkRM/pup
+PnbrtmKi12FSJ9T+lNXnN7jvA25pl6dC0Z32iXKHZ0Co6TYNCtwFAUDSBGnnlvhT
+raEtNhfFP7uMRtJUDF5cM9Go++qH/iRWfzqWViNXp0CgBI3XBbPjbdAfe7hkr5Lq
+DwdnQetjb40FiCq2Fvof9foWIXlVwday2ST3ruDhe3Q+A3+uUK2leHhYr2xJxf8I
+V05RGweVvvxk3Yt7FphpUGpC6q98doA8logSVeoyF5nxpis7oN/jLMn7p5Ozezg+
+ozoQyKvnBoWifHkaHnRfjEv2nshWqA0+FCxTxnlTmEZhuZQfvroa0Q2/gIjW6kUD
+VwARAQABiQI8BBgBCAAmFiEEuGgoR3ZN9g31LZksvDkF8jUXnPEFAmNZj3ECGyAF
+CQPCZwAACgkQvDkF8jUXnPHhww/7BuMq7bEKvrejKf6Wjs2owMsFiXjMe6dhNmEb
+96ANqRVankiSPn+TeL6FVJh9TJSGpD9v8fT3quikHsYDoTNLjgZL6Esx1A4k6YRu
+O8A//10kNfYVCdhnNoDZ/94iSBrDbzeg4ueZjPTHtgBb+jGWc+f7tKDsMYaqqfec
+qh8NRSujB9fS1AbCQaYkmpCA4f9l9Ti3nVQIrMXqFZFtt6sEjx7Onbi9ieADaQZ5
+/V8JQL4QgWGhhx0ccK0LVOIqY5Rp4H1kyJVeQ/rR+YIso5vBwpPJikAU+ozTnGCw
+w8Vpc359DthUAakJ22GTnc3kaj5Cp6HAugmTvsIdnEhYkh/jendSK4fUWy5cXs50
+THMiFRKJS6boygIjwGlXCf25Ip9cos50YNHogkjyOp0L0tiherFm0OGlyoPvSEVY
+nAnNmD5TZK/FnKE6rC0pe0NMO157fIbM9pxIAkPuYVRFz8NGLrZQEyIVyo7Vhb/k
+uALjKO3OjsxNA+RoZtAt24ciUIprykdY+posV0xrDCo2tM0dZcIPhfGKMljB0C57
+c1Qb+616Q2bzaaqdttbD8BdREjN59CxvKqI1gzO250n2EBLzIJ2R9v1IpUi9Zg9D
+vu0eW05kXsr83M4Z4lomvyW+pkJ9elaY525OlZoPaQi9TYrHuAHiNd0xrZqL0378
+d2veUui5Ag0EY1mPJgEQAMRQDbNHBQ376nDF8miBZOAV1txpmbHc5D/X63PNapP0
+P1/I7SfcJU9D3wX8c4vmxkjEYtH23s4lmT1VLsU7PisS3MacRemm9pL2bD53hs9X
+QEuU9OtJsZn1ZJ+Ynh6i5sfW1bG3OiV/TWgYXW66GwE1hn9PuP8arodUmhEft+64
+G2u8Xtxr5yqlQJEUThV6280OJrxVbduaMi5C6UNeeGE5wuhfrQ0TNYZiwQ4KYbU3
+QhlWhHVjJlJ5hCLiktwFDyR24P+wlTIziWA407mo2enQT+mz3bO7Paf4mBionGsJ
+MoADqBThf4B69BxjJ7Yg7oQVIZ7560YIRRmNo4tk5Mhep11OtQgZjZJR6MhWDaUO
+17w1qScrOPRj6G1IXP1R5NarydJpLyAVb/5WFZ5jxUGMGtq3mYn4nKbbHUg2WzvC
+JvPctDE6EV2vaiRy5N1fQjsHgSa29F2feh14p4ngFCmHjpdbcdjfv6rWL8tgkSpQ
+lDdeHRRd1q03TKAg/byPauAHKzvV+iWlmw1f6KBWjeTn0fofmk9eeQ+P1j0a3/XT
+xMOjB34SzqPRWzmLPLF6YmujBK2gymM+JLirJFFzao1i4lgmxqkDhQoNYHXmVYEd
+7w+/qUYbfKwO9eJOWzuUWajxvJ1Vgv6z4CPy9if0gwfhrx0OOcIpBE/xZU+SwQQp
+ABEBAAGJAjwEGAEIACYWIQS4aChHdk32DfUtmSy8OQXyNRec8QUCY1mPJgIbDAUJ
+A8JnAAAKCRC8OQXyNRec8a+qD/4whGQ9J+td1iLFMpNRAqvuGtTnM6shZJNnC5CB
+56Cu7ElIpr74sk0R98Ia1pJlBcLALbYSrqwluZaLiRVDPdub6tGSRVssqQdZcKTh
+z33waTru9IfLhCrRSNd0ZMHJaOG1ErU0noWw2d4ifVJK+vvuvMeEyNm4H5pZOYzY
+eikqVUYzS143cSzMEwtvPSdP5JkTQi4WNF09khH1D+QpJoXEgVEQla7Sr955Zdt3
+q5OlpYxxw+X62vslZ2OMiKZ14kWVSRbVQ+WdnjtRYS4vivB6ko9QL770jZ131hKh
+C/BcWpEYSjfPpVua2oKbccKHXheIFEJ06kGkMeeoQPxmzPRBYIw/E+d5sZp7YXDy
+BGOAxBeiOaOnZ8vLBzy72HFng3oB3hkVGTTHq+PsHdSSaRME3QrNpDsaGeSjw62F
+G3I4zK985GtrXAHEzN/Ffd17srl4mcRQ+8QM/a+XbF/8ugjE/RHhhFf8sWVAPutY
+zVE8lF+uqcduPuq/rTcUBuzSVjnSRfXWqCokjh+ypUpHNUO8fZDzkTLuE5rwMG1x
+pPueDBTzvoGDQRqc2eoXpJnDBmdlz83zHsoR2gIHcdqyc/hCV+fTvR8E0v9ZG3Jr
+6RFgWdD008PsGxUevIDgMAYFwasZSTofEnzg49/WeIFU1rGB5HZVlmOJKZnKRuBi
+TakEPw==
+=odM9
-----END PGP PUBLIC KEY BLOCK-----
++++++ selinux-dbus-3.5.tar.gz -> selinux-dbus-3.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-dbus-3.5/VERSION new/selinux-dbus-3.6/VERSION
--- old/selinux-dbus-3.5/VERSION 2023-02-23 14:16:11.000000000 +0100
+++ new/selinux-dbus-3.6/VERSION 2023-12-13 15:46:22.000000000 +0100
@@ -1 +1 @@
-3.5
+3.6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-dbus-3.5/selinux_server.py
new/selinux-dbus-3.6/selinux_server.py
--- old/selinux-dbus-3.5/selinux_server.py 2023-02-23 14:16:11.000000000
+0100
+++ new/selinux-dbus-3.6/selinux_server.py 2023-12-13 15:46:22.000000000
+0100
@@ -1,4 +1,4 @@
-#!/usr/bin/python3
+#!/usr/bin/python3 -EsI
import dbus
import dbus.service
++++++ selinux-gui-3.5.tar.gz -> selinux-gui-3.6.tar.gz ++++++
++++ 2411 lines of diff (skipped)
++++++ selinux-python-3.5.tar.gz -> selinux-python-3.6.tar.gz ++++++
++++ 191454 lines of diff (skipped)
++++++ semodule-utils-3.5.tar.gz -> semodule-utils-3.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/VERSION
new/semodule-utils-3.6/VERSION
--- old/semodule-utils-3.5/VERSION 2023-02-23 14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/VERSION 2023-12-13 15:46:22.000000000 +0100
@@ -1 +1 @@
-3.5
+3.6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_expand/Makefile
new/semodule-utils-3.6/semodule_expand/Makefile
--- old/semodule-utils-3.5/semodule_expand/Makefile 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_expand/Makefile 2023-12-13
15:46:22.000000000 +0100
@@ -1,5 +1,5 @@
# Installation directories.
-LINGUAS ?= ru
+LINGUAS ?=
PREFIX ?= /usr
BINDIR ?= $(PREFIX)/bin
MANDIR ?= $(PREFIX)/share/man
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_expand/ru/semodule_expand.8
new/semodule-utils-3.6/semodule_expand/ru/semodule_expand.8
--- old/semodule-utils-3.5/semodule_expand/ru/semodule_expand.8 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_expand/ru/semodule_expand.8 1970-01-01
01:00:00.000000000 +0100
@@ -1,31 +0,0 @@
-.TH SEMODULE_EXPAND "8" "ноÑбÑÑ 2005" "Security Enhanced Linux" NSA
-.SH ÐÐЯ
-semodule_expand \- ÑаÑÑиÑиÑÑ Ð¿Ð°ÐºÐµÑ Ð¼Ð¾Ð´ÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики
SELinux
-
-.SH ÐÐÐÐÐ
-.B semodule_expand [-V ] [ -a ] [ -c [version]] basemodpkg outputfile
-.br
-.SH ÐÐÐСÐÐÐÐ
-.PP
-semodule_expand - ÑÑилиÑа ÑазÑабоÑки Ð´Ð»Ñ ÑÑÑного
ÑаÑÑиÑÐµÐ½Ð¸Ñ Ð¿Ð°ÐºÐµÑа базового модÑлÑ
полиÑики в двоиÑнÑй Ñайл полиÑики ÑдÑа.
-ÐÑо ÑÑедÑÑво не ÑвлÑеÑÑÑ Ð½ÐµÐ¾Ð±Ñ
одимÑм длÑ
ноÑмалÑной ÑабоÑÑ SELinux. ÐбÑÑно Ñакое
ÑаÑÑиÑение вÑполнÑеÑÑÑ libsemanage внÑÑÑенним
обÑазом в оÑÐ²ÐµÑ Ð½Ð° ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ semodule. ÐакеÑÑ
базовÑÑ
модÑлей полиÑики можно ÑоздаваÑÑ
непоÑÑедÑÑвенно Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ semodule_package или
semodule_link (пÑи ÑвÑзÑвании набоÑа пакеÑов в
один пакеÑ).
-
-.SH "ÐÐÐ ÐÐÐТРЫ"
-.TP
-.B \-V
-ÐоказаÑÑ Ð²ÐµÑÑиÑ
-.TP
-.B \-c [version]
-ÐеÑÑÐ¸Ñ Ð¿Ð¾Ð»Ð¸Ñики, коÑоÑÑÑ ÑледÑÐµÑ ÑоздаÑÑ
-.TP
-.B \-a
-Ðе пÑовеÑÑÑÑ ÑÑвеÑждениÑ. ÐÑи
иÑполÑзовании ÑÑого паÑамеÑÑа полиÑика не
бÑÐ´ÐµÑ Ð¿ÑовеÑÑÑÑ Ð·Ð°Ð¿ÑеÑаÑÑие пÑавила
(neverallow).
-
-.SH СÐÐТРÐТРТÐÐÐÐ
-.B checkmodule(8), semodule_package(8), semodule(8), semodule_link(8)
-(8),
-.SH ÐÐТÐРЫ
-.nf
-ÐÑа ÑÑÑаниÑа ÑÑководÑÑва бÑла напиÑана Dan
Walsh <dwa...@redhat.com>.
-ÐÑогÑамма бÑла напиÑана Karl MacMillan
<kmacmil...@tresys.com>, Joshua Brindle <jbrin...@tresys.com>.
-ÐеÑевод на ÑÑÑÑкий ÑзÑк вÑполнила
ÐеÑаÑименко ÐлеÑÑ <gamma...@basealt.ru>.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_expand/semodule_expand.8
new/semodule-utils-3.6/semodule_expand/semodule_expand.8
--- old/semodule-utils-3.5/semodule_expand/semodule_expand.8 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_expand/semodule_expand.8 2023-12-13
15:46:22.000000000 +0100
@@ -1,9 +1,9 @@
-.TH SEMODULE_EXPAND "8" "Nov 2005" "Security Enhanced Linux" NSA
+.TH SEMODULE_EXPAND "8" "Nov 2005" "Security Enhanced Linux"
.SH NAME
semodule_expand \- Expand a SELinux policy module package.
.SH SYNOPSIS
-.B semodule_expand [-V ] [ -a ] [ -c [version]] basemodpkg outputfile
+.B semodule_expand [-ahV] [ -c [version]] basemodpkg outputfile
.br
.SH DESCRIPTION
.PP
@@ -17,6 +17,9 @@
.SH "OPTIONS"
.TP
+.B \-h
+show help
+.TP
.B \-V
show version
.TP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_expand/semodule_expand.c
new/semodule-utils-3.6/semodule_expand/semodule_expand.c
--- old/semodule-utils-3.5/semodule_expand/semodule_expand.c 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_expand/semodule_expand.c 2023-12-13
15:46:22.000000000 +0100
@@ -21,32 +21,25 @@
#include <unistd.h>
#include <string.h>
-extern char *optarg;
-extern int optind;
-
-int policyvers = 0;
-
#define EXPANDPOLICY_VERSION "1.0"
-static __attribute__((__noreturn__)) void usage(const char *program_name)
+static void usage(const char *program_name)
{
- printf("usage: %s [-V -a -c [version]] basemodpkg outputfile\n",
+ printf("usage: %s [-h -V -a -c [version] -v] basemodpkg outputfile\n",
program_name);
- exit(1);
}
int main(int argc, char **argv)
{
- char *basename, *outname;
- int ch, ret, show_version = 0, verbose = 0;
- struct sepol_policy_file *pf;
- sepol_module_package_t *base;
- sepol_policydb_t *out, *p;
- FILE *fp, *outfile;
- int check_assertions = 1;
- sepol_handle_t *handle;
+ const char *basename, *outname;
+ int ch, ret, show_version = 0, verbose = 0, policyvers = 0,
check_assertions = 1;
+ struct sepol_policy_file *pf = NULL;
+ sepol_module_package_t *base = NULL;
+ sepol_policydb_t *out = NULL, *p;
+ FILE *fp = NULL, *outfile = NULL;
+ sepol_handle_t *handle = NULL;
- while ((ch = getopt(argc, argv, "c:Vva")) != EOF) {
+ while ((ch = getopt(argc, argv, "c:Vvah")) != EOF) {
switch (ch) {
case 'V':
show_version = 1;
@@ -54,14 +47,20 @@
case 'v':
verbose = 1;
break;
+ case 'h':
+ usage(argv[0]);
+ return EXIT_SUCCESS;
case 'c':{
- long int n = strtol(optarg, NULL, 10);
+ long int n;
+
+ errno = 0;
+ n = strtol(optarg, NULL, 10);
if (errno) {
fprintf(stderr,
"%s: Invalid policyvers
specified: %s\n",
argv[0], optarg);
usage(argv[0]);
- exit(1);
+ return EXIT_FAILURE;
}
if (n < sepol_policy_kern_vers_min()
|| n > sepol_policy_kern_vers_max()) {
@@ -71,7 +70,7 @@
sepol_policy_kern_vers_min(),
sepol_policy_kern_vers_max());
usage(argv[0]);
- exit(1);
+ return EXIT_FAILURE;
}
policyvers = n;
break;
@@ -82,6 +81,7 @@
}
default:
usage(argv[0]);
+ return EXIT_FAILURE;
}
}
@@ -92,84 +92,90 @@
if (show_version) {
printf("%s\n", EXPANDPOLICY_VERSION);
- exit(0);
+ return EXIT_SUCCESS;
}
/* check args */
- if (argc < 3 || !(optind != (argc - 1))) {
+ if (argc < 3 || argc - optind != 2) {
fprintf(stderr,
"%s: You must provide the base module package and
output filename\n",
argv[0]);
usage(argv[0]);
+ return EXIT_FAILURE;
}
basename = argv[optind++];
outname = argv[optind];
handle = sepol_handle_create();
- if (!handle)
- exit(1);
+ if (!handle) {
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
+ }
if (sepol_policy_file_create(&pf)) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ goto failure;
}
/* read the base module */
if (sepol_module_package_create(&base)) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ goto failure;
}
- fp = fopen(basename, "r");
+
+ fp = fopen(basename, "re");
if (!fp) {
fprintf(stderr, "%s: Can't open '%s': %s\n",
argv[0], basename, strerror(errno));
- exit(1);
+ goto failure;
}
+
sepol_policy_file_set_fp(pf, fp);
ret = sepol_module_package_read(base, pf, 0);
if (ret) {
fprintf(stderr, "%s: Error in reading package from %s\n",
argv[0], basename);
- exit(1);
+ goto failure;
}
+
fclose(fp);
+ fp = NULL;
/* linking the base takes care of enabling optional avrules */
p = sepol_module_package_get_policy(base);
if (sepol_link_modules(handle, p, NULL, 0, 0)) {
fprintf(stderr, "%s: Error while enabling avrules\n", argv[0]);
- exit(1);
+ goto failure;
}
/* create the output policy */
if (sepol_policydb_create(&out)) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ goto failure;
}
sepol_set_expand_consume_base(handle, 1);
if (sepol_expand_module(handle, p, out, verbose, check_assertions)) {
fprintf(stderr, "%s: Error while expanding policy\n", argv[0]);
- exit(1);
+ goto failure;
}
if (policyvers) {
if (sepol_policydb_set_vers(out, policyvers)) {
fprintf(stderr, "%s: Invalid version %d\n", argv[0],
policyvers);
- exit(1);
+ goto failure;
}
}
- sepol_module_package_free(base);
-
- outfile = fopen(outname, "w");
+ outfile = fopen(outname, "we");
if (!outfile) {
- perror(outname);
- exit(1);
+ fprintf(stderr, "%s: Can't open '%s': %s\n",
+ argv[0], outname, strerror(errno));
+ goto failure;
}
sepol_policy_file_set_fp(pf, outfile);
@@ -178,12 +184,32 @@
fprintf(stderr,
"%s: Error while writing expanded policy to %s\n",
argv[0], outname);
- exit(1);
+ goto failure;
}
- fclose(outfile);
- sepol_handle_destroy(handle);
+
+ ret = fclose(outfile);
+ outfile = NULL;
+ if (ret) {
+ fprintf(stderr, "%s: Error closing policy file %s: %s\n",
+ argv[0], outname, strerror(errno));
+ goto failure;
+ }
+
+ ret = EXIT_SUCCESS;
+ goto cleanup;
+
+failure:
+ ret = EXIT_FAILURE;
+
+cleanup:
+ if (outfile)
+ fclose(outfile);
sepol_policydb_free(out);
+ if (fp)
+ fclose(fp);
+ sepol_module_package_free(base);
sepol_policy_file_free(pf);
+ sepol_handle_destroy(handle);
- return 0;
+ return ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_link/Makefile
new/semodule-utils-3.6/semodule_link/Makefile
--- old/semodule-utils-3.5/semodule_link/Makefile 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_link/Makefile 2023-12-13
15:46:22.000000000 +0100
@@ -1,5 +1,5 @@
# Installation directories.
-LINGUAS ?= ru
+LINGUAS ?=
PREFIX ?= /usr
BINDIR ?= $(PREFIX)/bin
MANDIR ?= $(PREFIX)/share/man
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_link/ru/semodule_link.8
new/semodule-utils-3.6/semodule_link/ru/semodule_link.8
--- old/semodule-utils-3.5/semodule_link/ru/semodule_link.8 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_link/ru/semodule_link.8 1970-01-01
01:00:00.000000000 +0100
@@ -1,32 +0,0 @@
-.TH SEMODULE_LINK "8" "ÐоÑбÑÑ 2005" "Security Enhanced Linux" NSA
-.SH ÐÐЯ
-semodule_link \- ÑвÑзаÑÑ Ð²Ð¼ÐµÑÑе пакеÑÑ Ð¼Ð¾Ð´Ñлей
полиÑики SELinux
-
-.SH ÐÐÐÐÐ
-.B semodule_link [-Vv] [-o outfile] basemodpkg modpkg1 [modpkg2]...
-.br
-.SH ÐÐÐСÐÐÐÐ
-.PP
-semodule_link - ÑÑилиÑа ÑазÑабоÑки Ð´Ð»Ñ ÑÑÑного
ÑвÑзÑÐ²Ð°Ð½Ð¸Ñ Ð½Ð°Ð±Ð¾Ñа пакеÑов модÑлей
полиÑики SELinux в один Ð¿Ð°ÐºÐµÑ Ð¼Ð¾Ð´Ñлей
полиÑики.
-ÐÑо ÑÑедÑÑво не ÑвлÑеÑÑÑ Ð½ÐµÐ¾Ð±Ñ
одимÑм длÑ
ноÑмалÑной ÑабоÑÑ SELinux. ÐбÑÑно Ñакое
ÑвÑзÑвание вÑполнÑеÑÑÑ libsemanage внÑÑÑенним
обÑазом в оÑÐ²ÐµÑ Ð½Ð° ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ semodule. ÐакеÑÑ
модÑлей ÑоздаÑÑÑÑ Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ semodule_package.
-
-.SH "ÐÐÐ ÐÐÐТРЫ"
-.TP
-.B \-V
-ÐоказаÑÑ Ð²ÐµÑÑиÑ
-.TP
-.B \-v
-ÐодÑобнÑй Ñежим
-.TP
-.B \-o <output file>
-СвÑзаннÑй Ð¿Ð°ÐºÐµÑ Ð¼Ð¾Ð´Ñлей полиÑики,
ÑозданнÑй Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ ÑÑого ÑÑедÑÑва
-
-
-.SH СÐÐТРÐТРТÐÐÐÐ
-.B checkmodule(8), semodule_package(8), semodule(8), semodule_expand(8)
-(8),
-.SH ÐÐТÐРЫ
-.nf
-ÐÑа ÑÑÑаниÑа ÑÑководÑÑва бÑла напиÑана Dan
Walsh <dwa...@redhat.com>.
-ÐÑогÑамма бÑла напиÑана Karl MacMillan
<kmacmil...@tresys.com>.
-ÐеÑевод на ÑÑÑÑкий ÑзÑк вÑполнила
ÐеÑаÑименко ÐлеÑÑ <gamma...@basealt.ru>.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_link/semodule_link.8
new/semodule-utils-3.6/semodule_link/semodule_link.8
--- old/semodule-utils-3.5/semodule_link/semodule_link.8 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_link/semodule_link.8 2023-12-13
15:46:22.000000000 +0100
@@ -1,9 +1,9 @@
-.TH SEMODULE_LINK "8" "Nov 2005" "Security Enhanced Linux" NSA
+.TH SEMODULE_LINK "8" "Nov 2005" "Security Enhanced Linux"
.SH NAME
semodule_link \- Link SELinux policy module packages together
.SH SYNOPSIS
-.B semodule_link [-Vv] [-o outfile] basemodpkg modpkg1 [modpkg2]...
+.B semodule_link [-hVv] [-o outfile] basemodpkg modpkg1 [modpkg2]...
.br
.SH DESCRIPTION
.PP
@@ -16,6 +16,9 @@
.SH "OPTIONS"
.TP
+.B \-h
+show help
+.TP
.B \-V
show version
.TP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_link/semodule_link.c
new/semodule-utils-3.6/semodule_link/semodule_link.c
--- old/semodule-utils-3.5/semodule_link/semodule_link.c 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_link/semodule_link.c 2023-12-13
15:46:22.000000000 +0100
@@ -21,18 +21,13 @@
#define LINKPOLICY_VERSION "1.0"
-char *progname;
-extern char *optarg;
-extern int optind;
-
-static __attribute__((__noreturn__)) void usage(const char *program_name)
+static void usage(const char *program_name)
{
- printf("usage: %s [-Vv] [-o outfile] basemodpkg modpkg1 [modpkg2]...\n",
+ printf("usage: %s [-hVv] [-o outfile] basemodpkg modpkg1
[modpkg2]...\n",
program_name);
- exit(1);
}
-static sepol_module_package_t *load_module(char *filename)
+static sepol_module_package_t *load_module(const char *filename, const char
*progname)
{
int ret;
FILE *fp = NULL;
@@ -47,9 +42,9 @@
fprintf(stderr, "%s: Out of memory\n", progname);
goto bad;
}
- fp = fopen(filename, "r");
+ fp = fopen(filename, "re");
if (!fp) {
- fprintf(stderr, "%s: Could not open package %s: %s", progname,
+ fprintf(stderr, "%s: Could not open package %s: %s\n",
progname,
filename, strerror(errno));
goto bad;
}
@@ -76,16 +71,16 @@
int main(int argc, char **argv)
{
- int ch, i, show_version = 0, verbose = 0, num_mods;
- char *basename, *outname = NULL;
- sepol_module_package_t *base, **mods;
- FILE *outfile;
- struct sepol_policy_file *pf;
-
- progname = argv[0];
+ int ch, i, ret, show_version = 0, verbose = 0, num_mods = 0;
+ const char *basename, *outname = NULL;
+ sepol_module_package_t *base = NULL, **mods = NULL;
+ struct sepol_policy_file *pf = NULL;
- while ((ch = getopt(argc, argv, "o:Vv")) != EOF) {
+ while ((ch = getopt(argc, argv, "ho:Vv")) != EOF) {
switch (ch) {
+ case 'h':
+ usage(argv[0]);
+ return EXIT_SUCCESS;
case 'V':
show_version = 1;
break;
@@ -97,80 +92,98 @@
break;
default:
usage(argv[0]);
+ return EXIT_FAILURE;
}
}
if (show_version) {
printf("%s\n", LINKPOLICY_VERSION);
- exit(0);
+ return EXIT_SUCCESS;
}
/* check args */
- if (argc < 3 || !(optind != (argc - 1))) {
+ if (argc < 3 || optind + 2 > argc) {
fprintf(stderr,
"%s: You must provide the base module package and at
least one other module package\n",
argv[0]);
usage(argv[0]);
+ return EXIT_FAILURE;
}
basename = argv[optind++];
- base = load_module(basename);
+ base = load_module(basename, argv[0]);
if (!base) {
fprintf(stderr,
"%s: Could not load base module from file %s\n",
argv[0], basename);
- exit(1);
+ goto failure;
}
num_mods = argc - optind;
- mods =
- (sepol_module_package_t **) malloc(sizeof(sepol_module_package_t *)
- * num_mods);
+ mods = calloc(num_mods, sizeof(sepol_module_package_t *));
if (!mods) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ goto failure;
}
- memset(mods, 0, sizeof(sepol_module_package_t *) * num_mods);
for (i = 0; optind < argc; optind++, i++) {
- mods[i] = load_module(argv[optind]);
+ mods[i] = load_module(argv[optind], argv[0]);
if (!mods[i]) {
fprintf(stderr,
"%s: Could not load module from file %s\n",
argv[0], argv[optind]);
- exit(1);
+ goto failure;
}
}
if (sepol_link_packages(NULL, base, mods, num_mods, verbose)) {
fprintf(stderr, "%s: Error while linking packages\n", argv[0]);
- exit(1);
+ goto failure;
}
if (outname) {
- outfile = fopen(outname, "w");
+ FILE *outfile = fopen(outname, "we");
if (!outfile) {
- perror(outname);
- exit(1);
+ fprintf(stderr, "%s: Could not open output file %s:
%s\n",
+ argv[0], outname, strerror(errno));
+ goto failure;
}
if (sepol_policy_file_create(&pf)) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ fclose(outfile);
+ goto failure;
}
sepol_policy_file_set_fp(pf, outfile);
if (sepol_module_package_write(base, pf)) {
fprintf(stderr, "%s: Error writing linked package.\n",
argv[0]);
- exit(1);
+ sepol_policy_file_free(pf);
+ fclose(outfile);
+ goto failure;
}
sepol_policy_file_free(pf);
- fclose(outfile);
+
+ if (fclose(outfile)) {
+ fprintf(stderr, "%s: Error closing linked package:
%s\n",
+ argv[0], strerror(errno));
+ goto failure;
+ }
}
+ ret = EXIT_SUCCESS;
+ goto cleanup;
+
+failure:
+ ret = EXIT_FAILURE;
+
+cleanup:
+ if (mods) {
+ for (i = 0; i < num_mods; i++)
+ sepol_module_package_free(mods[i]);
+ free(mods);
+ }
sepol_module_package_free(base);
- for (i = 0; i < num_mods; i++)
- sepol_module_package_free(mods[i]);
- free(mods);
- exit(0);
+
+ return ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-3.5/semodule_package/Makefile
new/semodule-utils-3.6/semodule_package/Makefile
--- old/semodule-utils-3.5/semodule_package/Makefile 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/Makefile 2023-12-13
15:46:22.000000000 +0100
@@ -1,5 +1,5 @@
# Installation directories.
-LINGUAS ?= ru
+LINGUAS ?=
PREFIX ?= /usr
BINDIR ?= $(PREFIX)/bin
MANDIR ?= $(PREFIX)/share/man
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/ru/semodule_package.8
new/semodule-utils-3.6/semodule_package/ru/semodule_package.8
--- old/semodule-utils-3.5/semodule_package/ru/semodule_package.8
2023-02-23 14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/ru/semodule_package.8
1970-01-01 01:00:00.000000000 +0100
@@ -1,48 +0,0 @@
-.TH SEMODULE_PACKAGE "8" "ÐоÑбÑÑ 2005" "Security Enhanced Linux" NSA
-.SH ÐÐЯ
-semodule_package \- ÑоздаÑÑ Ð¿Ð°ÐºÐµÑ Ð¼Ð¾Ð´ÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики
SELinux
-
-.SH ÐÐÐÐÐ
-.B semodule_package \-o <output file> \-m <module> [\-f <file contexts>]
-.br
-.SH ÐÐÐСÐÐÐÐ
-.PP
-semodule_package - ÑÑилиÑа, коÑоÑÐ°Ñ Ð¸ÑполÑзÑеÑÑÑ
Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¿Ð°ÐºÐµÑа модÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики SELinux из
двоиÑного модÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики и
(необÑзаÑелÑно) дÑÑгиÑ
даннÑÑ
, ÑакиÑ
как
конÑекÑÑÑ Ñайлов. Ðоманда semodule_package
ÑпаковÑÐ²Ð°ÐµÑ Ð´Ð²Ð¾Ð¸ÑнÑе модÑли полиÑики,
ÑозданнÑе Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ checkmodule. ÐÐ°ÐºÐµÑ Ð¿Ð¾Ð»Ð¸Ñики,
ÑозданнÑй Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ semodule_package, заÑем можно
ÑÑÑановиÑÑ ÑеÑез semodule.
-
-.SH ÐÐ ÐÐÐÐ
-.nf
-# СобÑаÑÑ Ð¿Ð°ÐºÐµÑ Ð¿Ð¾Ð»Ð¸Ñики Ð´Ð»Ñ Ð±Ð°Ð·Ð¾Ð²Ð¾Ð³Ð¾
модÑлÑ.
-$ semodule_package \-o base.pp \-m base.mod \-f file_contexts
-# СобÑаÑÑ Ð¿Ð°ÐºÐµÑ Ð¿Ð¾Ð»Ð¸Ñики Ð´Ð»Ñ Ð¼Ð¾Ð´ÑÐ»Ñ httpd.
-$ semodule_package \-o httpd.pp \-m httpd.mod \-f httpd.fc
-# СобÑаÑÑ Ð¿Ð°ÐºÐµÑ Ð¿Ð¾Ð»Ð¸Ñики Ð´Ð»Ñ Ð»Ð¾ÐºÐ°Ð»ÑнÑÑ
пÑавил пÑинÑдиÑелÑного пÑиÑÐ²Ð¾ÐµÐ½Ð¸Ñ Ñипов,
не вклÑÑÐ°Ñ ÐºÐ¾Ð½ÑекÑÑÑ Ñайлов.
-$ semodule_package \-o local.pp \-m local.mod
-.fi
-
-.SH "ÐÐÐ ÐÐÐТРЫ"
-.TP
-.B \-o \-\-outfile <output file>
-Файл пакеÑа модÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики, ÑозданнÑй
ÑÑим ÑÑедÑÑвом.
-.TP
-.B \-s \-\-seuser <seuser file>
-Файл seuser, коÑоÑÑй ÑледÑÐµÑ Ð²ÐºÐ»ÑÑиÑÑ Ð² пакеÑ.
-.TP
-.B \-u \-\-user_extra <user extra file>
-Файл user_extra, коÑоÑÑй ÑледÑÐµÑ Ð²ÐºÐ»ÑÑиÑÑ Ð²
пакеÑ.
-.TP
-.B \-m \-\-module <Module file>
-Файл модÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики, коÑоÑÑй ÑледÑеÑ
вклÑÑиÑÑ Ð² пакеÑ.
-.TP
-.B \-f \-\-fc <File context file>
-Файл конÑекÑÑов Ñайлов Ð´Ð»Ñ Ð¼Ð¾Ð´ÑлÑ
(необÑзаÑелÑно).
-.TP
-.B \-n \-\-nc <netfilter context file>
-Файл конÑекÑÑа netfilter, коÑоÑÑй ÑледÑеÑ
вклÑÑиÑÑ Ð² пакеÑ.
-
-.SH СÐÐТРÐТРТÐÐÐÐ
-.B checkmodule(8), semodule(8), semodule_unpackage(8)
-.SH ÐÐТÐРЫ
-.nf
-ÐÑа ÑÑÑаниÑа ÑÑководÑÑва бÑла напиÑана Dan
Walsh <dwa...@redhat.com>.
-ÐÑогÑамма бÑла напиÑана Karl MacMillan
<kmacmil...@tresys.com>.
-ÐеÑевод на ÑÑÑÑкий ÑзÑк вÑполнила
ÐеÑаÑименко ÐлеÑÑ <gamma...@basealt.ru>.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/ru/semodule_unpackage.8
new/semodule-utils-3.6/semodule_package/ru/semodule_unpackage.8
--- old/semodule-utils-3.5/semodule_package/ru/semodule_unpackage.8
2023-02-23 14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/ru/semodule_unpackage.8
1970-01-01 01:00:00.000000000 +0100
@@ -1,24 +0,0 @@
-.TH SEMODULE_PACKAGE "8" "ÐоÑбÑÑ 2005" "Security Enhanced Linux" NSA
-.SH ÐÐЯ
-semodule_unpackage \- извлеÑÑ Ð¼Ð¾Ð´ÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики и Ñайл
конÑекÑÑов Ñайлов из пакеÑа модÑлÑ
полиÑики SELinux
-
-.SH ÐÐÐÐÐ
-.B semodule_unpackage ppfile modfile [fcfile]
-.br
-.SH ÐÐÐСÐÐÐÐ
-.PP
-semodule_unpackage - ÑÑилиÑа, коÑоÑÐ°Ñ Ð¸ÑполÑзÑеÑÑÑ
Ð´Ð»Ñ Ð¸Ð·Ð²Ð»ÐµÑÐµÐ½Ð¸Ñ Ñайла модÑÐ»Ñ Ð¿Ð¾Ð»Ð¸Ñики SELinux и
Ñайла конÑекÑÑов Ñайлов из пакеÑа полиÑики
SELinux.
-
-.SH ÐÐ ÐÐÐÐ
-.nf
-# ÐзвлеÑÑ Ñайл модÑÐ»Ñ httpd из пакеÑа
полиÑики httpd.
-$ semodule_unpackage httpd.pp httpd.mod httpd.fc
-.fi
-
-.SH СÐÐТРÐТРТÐÐÐÐ
-.B semodule_package(8)
-.SH ÐÐТÐРЫ
-.nf
-ÐÑа ÑÑÑаниÑа ÑÑководÑÑва бÑла напиÑана Dan
Walsh <dwa...@redhat.com>.
-ÐÑогÑамма бÑла напиÑана Stephen Smalley
<s...@tycho.nsa.gov>.
-ÐеÑевод на ÑÑÑÑкий ÑзÑк вÑполнила
ÐеÑаÑименко ÐлеÑÑ <gamma...@basealt.ru>.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/semodule_package.8
new/semodule-utils-3.6/semodule_package/semodule_package.8
--- old/semodule-utils-3.5/semodule_package/semodule_package.8 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/semodule_package.8 2023-12-13
15:46:22.000000000 +0100
@@ -1,4 +1,4 @@
-.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux" NSA
+.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux"
.SH NAME
semodule_package \- Create a SELinux policy module package.
@@ -42,6 +42,9 @@
.TP
.B \-n \-\-nc <netfilter context file>
netfilter context file to be included in the package.
+.TP
+.B \-h \-\-help
+Show help message.
.SH SEE ALSO
.B checkmodule(8), semodule(8), semodule_unpackage(8)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/semodule_package.c
new/semodule-utils-3.6/semodule_package/semodule_package.c
--- old/semodule-utils-3.5/semodule_package/semodule_package.c 2023-02-23
14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/semodule_package.c 2023-12-13
15:46:22.000000000 +0100
@@ -19,10 +19,7 @@
#include <fcntl.h>
#include <errno.h>
-char *progname = NULL;
-extern char *optarg;
-
-static __attribute__((__noreturn__)) void usage(const char *prog)
+static void usage(const char *prog)
{
printf("usage: %s -o <output file> -m <module> [-f <file contexts>]\n",
prog);
@@ -34,34 +31,14 @@
printf
(" -u --user_extra user_extra file (only valid in base)\n");
printf(" -n --nc Netfilter contexts file\n");
- exit(1);
+ printf(" -h --help Show this help message\n");
}
-static int file_to_policy_file(const char *filename, struct sepol_policy_file
**pf,
- const char *mode)
-{
- FILE *f;
-
- if (sepol_policy_file_create(pf)) {
- fprintf(stderr, "%s: Out of memory\n", progname);
- return -1;
- }
-
- f = fopen(filename, mode);
- if (!f) {
- fprintf(stderr, "%s: Could not open file %s: %s\n", progname,
- strerror(errno), filename);
- return -1;
- }
- sepol_policy_file_set_fp(*pf, f);
- return 0;
-}
-
-static int file_to_data(const char *path, char **data, size_t * len)
+static int file_to_data(const char *path, char **data, size_t * len, const
char *progname)
{
int fd;
struct stat sb;
- fd = open(path, O_RDONLY);
+ fd = open(path, O_RDONLY | O_CLOEXEC);
if (fd < 0) {
fprintf(stderr, "%s: Failed to open %s: %s\n", progname, path,
strerror(errno));
@@ -94,17 +71,18 @@
int main(int argc, char **argv)
{
- struct sepol_module_package *pkg;
- struct sepol_policy_file *mod, *out;
+ struct sepol_module_package *pkg = NULL;
+ struct sepol_policy_file *mod = NULL, *out = NULL;
+ FILE *fp = NULL;
char *module = NULL, *file_contexts = NULL, *seusers =
NULL, *user_extra = NULL;
char *fcdata = NULL, *outfile = NULL, *seusersdata =
NULL, *user_extradata = NULL;
char *netfilter_contexts = NULL, *ncdata = NULL;
size_t fclen = 0, seuserslen = 0, user_extralen = 0, nclen = 0;
- int i;
+ int i, ret;
- static struct option opts[] = {
+ const struct option opts[] = {
{"module", required_argument, NULL, 'm'},
{"fc", required_argument, NULL, 'f'},
{"seuser", required_argument, NULL, 's'},
@@ -119,146 +97,213 @@
switch (i) {
case 'h':
usage(argv[0]);
- exit(0);
+ return EXIT_SUCCESS;
case 'm':
if (module) {
fprintf(stderr,
"May not specify more than one
module\n");
- exit(1);
+ return EXIT_FAILURE;
}
module = strdup(optarg);
- if (!module)
- exit(1);
+ if (!module) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
case 'f':
if (file_contexts) {
fprintf(stderr,
"May not specify more than one file
context file\n");
- exit(1);
+ return EXIT_FAILURE;
}
file_contexts = strdup(optarg);
- if (!file_contexts)
- exit(1);
+ if (!file_contexts) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
case 'o':
if (outfile) {
fprintf(stderr,
"May not specify more than one output
file\n");
- exit(1);
+ return EXIT_FAILURE;
}
outfile = strdup(optarg);
- if (!outfile)
- exit(1);
+ if (!outfile) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
case 's':
if (seusers) {
fprintf(stderr,
"May not specify more than one seuser
file\n");
- exit(1);
+ return EXIT_FAILURE;
}
seusers = strdup(optarg);
- if (!seusers)
- exit(1);
+ if (!seusers) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
case 'u':
if (user_extra) {
fprintf(stderr,
"May not specify more than one
user_extra file\n");
- exit(1);
+ return EXIT_FAILURE;
}
user_extra = strdup(optarg);
- if (!user_extra)
- exit(1);
+ if (!user_extra) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
case 'n':
if (netfilter_contexts) {
fprintf(stderr,
"May not specify more than one
netfilter contexts file\n");
- exit(1);
+ return EXIT_FAILURE;
}
netfilter_contexts = strdup(optarg);
- if (!netfilter_contexts)
- exit(1);
+ if (!netfilter_contexts) {
+ fprintf(stderr, "%s: Out of memory\n",
argv[0]);
+ return EXIT_FAILURE;
+ }
break;
+ default:
+ usage(argv[0]);
+ return EXIT_FAILURE;
}
}
- progname = argv[0];
+ if (optind < argc) {
+ fprintf(stderr, "%s: Superfluous command line arguments: ",
argv[0]);
+ while (optind < argc)
+ fprintf(stderr, "%s ", argv[optind++]);
+ fprintf(stderr, "\n");
+ usage(argv[0]);
+ return EXIT_FAILURE;
+ }
if (!module || !outfile) {
usage(argv[0]);
- exit(0);
+ return EXIT_FAILURE;
}
- if (file_contexts) {
- if (file_to_data(file_contexts, &fcdata, &fclen))
- exit(1);
- }
+ if (file_contexts && file_to_data(file_contexts, &fcdata, &fclen,
argv[0]))
+ goto failure;
- if (seusers) {
- if (file_to_data(seusers, &seusersdata, &seuserslen))
- exit(1);
- }
+ if (seusers && file_to_data(seusers, &seusersdata, &seuserslen,
argv[0]))
+ goto failure;
- if (user_extra) {
- if (file_to_data(user_extra, &user_extradata, &user_extralen))
- exit(1);
- }
+ if (user_extra && file_to_data(user_extra, &user_extradata,
&user_extralen, argv[0]))
+ goto failure;
+
+ if (netfilter_contexts && file_to_data(netfilter_contexts, &ncdata,
&nclen, argv[0]))
+ goto failure;
- if (netfilter_contexts) {
- if (file_to_data(netfilter_contexts, &ncdata, &nclen))
- exit(1);
+ if (sepol_policy_file_create(&mod)) {
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
}
- if (file_to_policy_file(module, &mod, "r"))
- exit(1);
+ fp = fopen(module, "re");
+ if (!fp) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", argv[0],
+ module, strerror(errno));
+ goto failure;
+ }
+ sepol_policy_file_set_fp(mod, fp);
if (sepol_module_package_create(&pkg)) {
fprintf(stderr, "%s: Out of memory\n", argv[0]);
- exit(1);
+ goto failure;
}
if (sepol_policydb_read(sepol_module_package_get_policy(pkg), mod)) {
fprintf(stderr,
"%s: Error while reading policy module from %s\n",
argv[0], module);
- exit(1);
+ goto failure;
}
- if (fclen)
- sepol_module_package_set_file_contexts(pkg, fcdata, fclen);
+ fclose(fp);
+ fp = NULL;
- if (seuserslen)
- sepol_module_package_set_seusers(pkg, seusersdata, seuserslen);
+ if (fclen && sepol_module_package_set_file_contexts(pkg, fcdata,
fclen)) {
+ fprintf(stderr, "%s: Error while setting file contexts\n",
argv[0]);
+ goto failure;
+ }
- if (user_extra)
- sepol_module_package_set_user_extra(pkg, user_extradata,
- user_extralen);
+ if (seuserslen && sepol_module_package_set_seusers(pkg, seusersdata,
seuserslen)) {
+ fprintf(stderr, "%s: Error while setting seusers\n", argv[0]);
+ goto failure;
+ }
- if (nclen)
- sepol_module_package_set_netfilter_contexts(pkg, ncdata, nclen);
+ if (user_extra && sepol_module_package_set_user_extra(pkg,
user_extradata, user_extralen)) {
+ fprintf(stderr, "%s: Error while setting extra users\n",
argv[0]);
+ goto failure;
+ }
+
+ if (nclen && sepol_module_package_set_netfilter_contexts(pkg, ncdata,
nclen)) {
+ fprintf(stderr, "%s: Error while setting netfilter
contexts\n", argv[0]);
+ goto failure;
+ }
- if (file_to_policy_file(outfile, &out, "w"))
- exit(1);
+ if (sepol_policy_file_create(&out)) {
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
+ }
+
+ fp = fopen(outfile, "we");
+ if (!fp) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", argv[0],
+ outfile, strerror(errno));
+ goto failure;
+ }
+ sepol_policy_file_set_fp(out, fp);
if (sepol_module_package_write(pkg, out)) {
fprintf(stderr,
"%s: Error while writing module package to %s\n",
argv[0], argv[1]);
- exit(1);
+ goto failure;
}
- if (fclen)
- munmap(fcdata, fclen);
+ ret = fclose(fp);
+ fp = NULL;
+ if (ret) {
+ fprintf(stderr, "%s: Could not close file %s: %s\n", argv[0],
+ outfile, strerror(errno));
+ goto failure;
+ }
+
+ ret = EXIT_SUCCESS;
+ goto cleanup;
+
+failure:
+ ret = EXIT_FAILURE;
+
+cleanup:
+ if (fp)
+ fclose(fp);
+ sepol_policy_file_free(out);
if (nclen)
munmap(ncdata, nclen);
- sepol_policy_file_free(mod);
- sepol_policy_file_free(out);
+ if (user_extradata)
+ munmap(user_extradata, user_extralen);
+ if (seuserslen)
+ munmap(seusersdata, seuserslen);
+ if (fclen)
+ munmap(fcdata, fclen);
sepol_module_package_free(pkg);
- free(file_contexts);
+ sepol_policy_file_free(mod);
+ free(netfilter_contexts);
+ free(user_extra);
+ free(seusers);
free(outfile);
+ free(file_contexts);
free(module);
- free(seusers);
- free(user_extra);
- exit(0);
+
+ return ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/semodule_unpackage.8
new/semodule-utils-3.6/semodule_package/semodule_unpackage.8
--- old/semodule-utils-3.5/semodule_package/semodule_unpackage.8
2023-02-23 14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/semodule_unpackage.8
2023-12-13 15:46:22.000000000 +0100
@@ -1,4 +1,4 @@
-.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux" NSA
+.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux"
.SH NAME
semodule_unpackage \- Extract policy module and file context file from an
SELinux policy module package.
@@ -21,4 +21,4 @@
.SH AUTHORS
.nf
This manual page was written by Dan Walsh <dwa...@redhat.com>.
-The program was written by Stephen Smalley <s...@tycho.nsa.gov>
+The program was written by Stephen Smalley <stephen.smalley.w...@gmail.com>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-3.5/semodule_package/semodule_unpackage.c
new/semodule-utils-3.6/semodule_package/semodule_unpackage.c
--- old/semodule-utils-3.5/semodule_package/semodule_unpackage.c
2023-02-23 14:16:11.000000000 +0100
+++ new/semodule-utils-3.6/semodule_package/semodule_unpackage.c
2023-12-13 15:46:22.000000000 +0100
@@ -11,46 +11,23 @@
#include <fcntl.h>
#include <errno.h>
-char *progname = NULL;
-extern char *optarg;
-
-static __attribute__((__noreturn__)) void usage(void)
+static void usage(const char *progname)
{
printf("usage: %s ppfile modfile [fcfile]\n", progname);
- exit(1);
-}
-
-static int file_to_policy_file(const char *filename, struct sepol_policy_file
**pf, const char *mode)
-{
- FILE *f;
-
- if (sepol_policy_file_create(pf)) {
- fprintf(stderr, "%s: Out of memory\n", progname);
- return -1;
- }
-
- f = fopen(filename, mode);
- if (!f) {
- fprintf(stderr, "%s: Could not open file %s: %s\n", progname,
strerror(errno), filename);
- return -1;
- }
- sepol_policy_file_set_fp(*pf, f);
- return 0;
}
int main(int argc, char **argv)
{
- struct sepol_module_package *pkg;
- struct sepol_policy_file *in, *out;
- FILE *fp;
+ struct sepol_module_package *pkg = NULL;
+ struct sepol_policy_file *in = NULL, *out = NULL;
+ FILE *fp = NULL;
size_t len;
- char *ppfile, *modfile, *fcfile = NULL, *fcdata;
-
- progname = argv[0];
+ const char *ppfile, *modfile, *fcfile = NULL, *fcdata;
+ int ret;
if (argc < 3) {
- usage();
- exit(1);
+ usage(argv[0]);
+ return EXIT_FAILURE;
}
ppfile = argv[1];
@@ -58,46 +35,94 @@
if (argc >= 4)
fcfile = argv[3];
- if (file_to_policy_file(ppfile, &in, "r"))
- exit(1);
-
if (sepol_module_package_create(&pkg)) {
- fprintf(stderr, "%s: Out of memory\n", progname);
- exit(1);
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
}
- if (sepol_module_package_read(pkg, in, 0) == -1) {
- fprintf(stderr, "%s: Error while reading policy module from
%s\n",
- progname, ppfile);
- exit(1);
+ if (sepol_policy_file_create(&in)) {
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
+ }
+
+ fp = fopen(ppfile, "r");
+ if (!fp) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", argv[0],
ppfile, strerror(errno));
+ goto failure;
}
+ sepol_policy_file_set_fp(in, fp);
- if (file_to_policy_file(modfile, &out, "w"))
- exit(1);
-
- if (sepol_policydb_write(sepol_module_package_get_policy(pkg), out)) {
- fprintf(stderr, "%s: Error while writing module to %s\n",
progname, modfile);
- exit(1);
- }
+ if (sepol_module_package_read(pkg, in, 0) == -1) {
+ fprintf(stderr, "%s: Error while reading policy module from
%s\n",
+ argv[0], ppfile);
+ goto failure;
+ }
sepol_policy_file_free(in);
+ in = NULL;
+ fclose(fp);
+ fp = NULL;
+
+ if (sepol_policy_file_create(&out)) {
+ fprintf(stderr, "%s: Out of memory\n", argv[0]);
+ goto failure;
+ }
+
+ fp = fopen(modfile, "w");
+ if (!fp) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", argv[0],
modfile, strerror(errno));
+ goto failure;
+ }
+ sepol_policy_file_set_fp(out, fp);
+
+ if (sepol_policydb_write(sepol_module_package_get_policy(pkg), out)) {
+ fprintf(stderr, "%s: Error while writing module to %s\n",
argv[0], modfile);
+ goto failure;
+ }
+
+ ret = fclose(fp);
+ fp = NULL;
+ if (ret) {
+ fprintf(stderr, "%s: Error while closing file %s: %s\n",
argv[0], modfile, strerror(errno));
+ goto failure;
+ }
+
sepol_policy_file_free(out);
+ out = NULL;
len = sepol_module_package_get_file_contexts_len(pkg);
if (fcfile && len) {
fp = fopen(fcfile, "w");
if (!fp) {
- fprintf(stderr, "%s: Could not open file %s: %s\n",
progname, strerror(errno), fcfile);
- exit(1);
+ fprintf(stderr, "%s: Could not open file %s: %s\n",
argv[0], fcfile, strerror(errno));
+ goto failure;
}
fcdata = sepol_module_package_get_file_contexts(pkg);
if (fwrite(fcdata, 1, len, fp) != len) {
- fprintf(stderr, "%s: Could not write file %s: %s\n",
progname, strerror(errno), fcfile);
- exit(1);
+ fprintf(stderr, "%s: Could not write file %s: %s\n",
argv[0], fcfile, strerror(errno));
+ goto failure;
+ }
+
+ ret = fclose(fp);
+ fp = NULL;
+ if (ret) {
+ fprintf(stderr, "%s: Could not close file %s: %s\n",
argv[0], fcfile, strerror(errno));
+ goto failure;
}
- fclose(fp);
}
+ ret = EXIT_SUCCESS;
+ goto cleanup;
+
+failure:
+ ret = EXIT_FAILURE;
+
+cleanup:
+ if (fp)
+ fclose(fp);
+ sepol_policy_file_free(out);
sepol_module_package_free(pkg);
- exit(0);
+ sepol_policy_file_free(in);
+
+ return ret;
}
