When modifying an selinux login record, seobject.py, may try to log a value, self.sename, which has been preset to "None" and this will fail. So, we set it to something useful.
Signed-off-by: Joe Slater <jsla...@windriver.com> --- .../policycoreutils-semanage-edit-user.patch | 21 ++++++++++++++++++++ recipes-security/selinux/policycoreutils_2.2.5.bb | 3 +- 2 files changed, 23 insertions(+), 1 deletions(-) create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch new file mode 100644 index 0000000..f5aaa74 --- /dev/null +++ b/recipes-security/selinux/policycoreutils/policycoreutils-semanage-edit-user.patch @@ -0,0 +1,21 @@ +policycoreutils: semanage + +When modifying selinux login records, self.sename might not be +needed, but it IS passed to a log function, so it must be set +to something or the log attempt will fail. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater <jsla...@windriver.com> + + +--- a/semanage/seobject.py ++++ b/semanage/seobject.py +@@ -576,6 +576,7 @@ class loginRecords(semanageRecords): + + if sename != "": + semanage_seuser_set_sename(self.sh, u, sename) ++ self.sename = sename + else: + self.sename = self.oldsename + diff --git a/recipes-security/selinux/policycoreutils_2.2.5.bb b/recipes-security/selinux/policycoreutils_2.2.5.bb index d851f74..bd3a5dd 100644 --- a/recipes-security/selinux/policycoreutils_2.2.5.bb +++ b/recipes-security/selinux/policycoreutils_2.2.5.bb @@ -1,4 +1,4 @@ -PR = "r0" +PR = "r1" include selinux_20131030.inc include ${BPN}.inc @@ -13,4 +13,5 @@ SRC_URI += "\ file://policycoreutils-fix-sepolicy-install-path.patch \ file://policycoreutils-make-O_CLOEXEC-optional.patch \ file://policycoreutils-loadpolicy-symlink.patch \ + file://policycoreutils-semanage-edit-user.patch \ " -- 1.7.3.4 -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto