From 7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e Mon Sep 17 00:00:00 2001
From: Jeremy Katz <katzj@redhat.com>
Date: Wed, 23 Mar 2005 16:32:22 +0000
Subject: 2005-03-23  Jeremy Katz  <katzj@redhat.com>

	* anaconda.spec: Bump version.

	* loader2/selinux.c: Load SELinux booleans file if it exists (#151896)
---
 ChangeLog         |  6 ++++++
 anaconda.spec     |  5 ++++-
 loader2/selinux.c | 24 +++++++++++++++++++++---
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 002f11302..778acc070 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2005-03-23  Jeremy Katz  <katzj@redhat.com>
+
+	* anaconda.spec: Bump version.
+
+	* loader2/selinux.c: Load SELinux booleans file if it exists (#151896)
+
 2005-03-14  Jeremy Katz  <katzj@redhat.com>
 
 	* anaconda.spec: Bump version.
diff --git a/anaconda.spec b/anaconda.spec
index c7a951837..be83318d1 100644
--- a/anaconda.spec
+++ b/anaconda.spec
@@ -1,6 +1,6 @@
 ExcludeArch: ppc64
 Name: anaconda
-Version: 10.1.1.16
+Version: 10.1.1.17
 Release: 1
 License: GPL
 Summary: Graphical system installer
@@ -74,6 +74,9 @@ rm -rf $RPM_BUILD_ROOT
 /sbin/chkconfig --del reconfig >/dev/null 2>&1 || :
 
 %changelog
+* Wed Mar 23 2005 Jeremy Katz <katzj@redhat.com> - 10.1.1.17-1
+- Load SElinux booleans file if it exists (#151896)
+
 * Mon Mar 14 2005 Chris Lumens <clumens@redhat.com> - 10.1.1.16-1
 - Fix typo in Xvnc parameters (#150498).
 
diff --git a/loader2/selinux.c b/loader2/selinux.c
index 41ecb84c8..b32c7d01c 100644
--- a/loader2/selinux.c
+++ b/loader2/selinux.c
@@ -51,12 +51,17 @@ static char * getpolicyver() {
 }
 
 int loadpolicy() {
-    char * ver, * fn;
+    char * ver, * fn, * bfn;
     char *paths[] = { "/tmp/updates", 
                       "/mnt/source/RHupdates",
                       "/mnt/runtime/etc/selinux/targeted/policy",
                       "/mnt/runtime/etc/security/selinux",
                       NULL };
+    char *bpaths[] = { "/tmp/updates", 
+                      "/mnt/source/RHupdates",
+                      "/mnt/runtime/etc/selinux/targeted",
+                      "/mnt/runtime/etc/security/selinux",
+                      NULL };
     int i, pid, status;
 
     ver = getpolicyver();
@@ -73,6 +78,15 @@ int loadpolicy() {
         }
     }
 
+    bfn = malloc(128);
+    bfn = memset(bfn, 0, 128);
+    for (i = 0; paths[i]; i++) {
+        snprintf(bfn, 128, "%s/booleans", (char *) bpaths[i]);
+        if (!access(bfn, R_OK)) {
+            break;
+        }
+    }
+
     if (access(fn, R_OK)) {
         logMessage("Unable to load suitable SELinux policy");
         return -1;
@@ -81,8 +95,12 @@ int loadpolicy() {
     logMessage("Loading SELinux policy from %s", fn);
     if (!(pid = fork())) {
         setenv("LD_LIBRARY_PATH", LIBPATH, 1);
-        execl("/usr/sbin/load_policy", 
-              "/usr/sbin/load_policy", "-q", fn, NULL);
+        if (access(bfn, R_OK)) 
+            execl("/usr/sbin/load_policy", 
+                  "/usr/sbin/load_policy", "-q", fn, NULL);
+        else
+            execl("/usr/sbin/load_policy", 
+                  "/usr/sbin/load_policy", "-q", "-b", fn, bfn, NULL);
         logMessage("exec of load_policy failed: %s", strerror(errno));
         exit(1);
     }
-- 
cgit