back out the recent labeling change, per dwalsh

- back out this labeling change (dwalsh): - when building the new label for a file we're about to create, also mix in the current range, in addition to the current user
author: Nalin Dahyabhai <nalin@redhat.com> 2012-06-05 16:24:15 -0400
committer: Nalin Dahyabhai <nalin@redhat.com> 2012-06-05 16:24:15 -0400
commit: 16a5c7affc451cfc44f7381022e40ed799eb0187 (patch)
tree: 8183b82c17d21105ae8cb5414109f82b3f71d6ad
parent: 6e8c2c396cd34bf04e4cf63548040cac7f8c5e1f (diff)
download: krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.tar.gz
krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.tar.xz
krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.zip
2 files changed, 12 insertions, 13 deletions
diff --git a/krb5-1.10.2-selinux-label.patch b/krb5-1.10.2-selinux-label.patch
index fd26b3e..448aaec 100644
--- a/krb5-1.10.2-selinux-label.patch
+++ b/krb5-1.10.2-selinux-label.patch
@@ -465,7 +465,7 @@ which we used earlier, is some improvement.
  
 --- krb5/src/util/support/selinux.c
 +++ krb5/src/util/support/selinux.c
-@@ -0,0 +1,379 @@
+@@ -0,0 +1,373 @@
 +/*
 + * Copyright 2007,2008,2009,2011,2012 Red Hat, Inc.  All Rights Reserved.
 + *
@@ -540,7 +540,7 @@ which we used earlier, is some improvement.
 +{
 +	security_context_t previous, configuredsc, currentsc, derivedsc;
 +	context_t current, derived;
-+	const char *fullpath, *currentuser, *currentrange;
++	const char *fullpath, *currentuser;
 +#ifdef HAVE_SELINUX_LABEL_H
 +	struct selabel_handle *ctx;
 +#endif
@@ -624,16 +624,10 @@ which we used earlier, is some improvement.
 +						if (currentuser != NULL) {
 +							if (context_user_set(derived,
 +									     currentuser) == 0) {
-+								currentrange = context_range_get(current);
-+								if (currentrange != NULL) {
-+									if (context_range_set(derived,
-+											      currentrange) == 0) {
-+										derivedsc = context_str(derived);
-+										if (derivedsc != NULL) {
-+											freecon(configuredsc);
-+											configuredsc = strdup(derivedsc);
-+										}
-+									}
++								derivedsc = context_str(derived);
++								if (derivedsc != NULL) {
++									freecon(configuredsc);
++									configuredsc = strdup(derivedsc);
 +								}
 +							}
 +						}
diff --git a/krb5.spec b/krb5.spec
index 8b22c8e..3da0936 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -20,7 +20,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.10.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.10/krb5-1.10.2-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -753,6 +753,11 @@ exit 0
 %{_sbindir}/uuserver
 
 %changelog
+* Tue Jun  5 2012 Nalin Dahyabhai <nalin@redhat.com> 1.10.2-2
+- back out this labeling change (dwalsh):
+  - when building the new label for a file we're about to create, also mix
+    in the current range, in addition to the current user
+
 * Fri Jun  1 2012 Nalin Dahyabhai <nalin@redhat.com> 1.10.2-1
 - update to 1.10.2
   - when building the new label for a file we're about to create, also mix
author	Nalin Dahyabhai <nalin@redhat.com>	2012-06-05 16:24:15 -0400
committer	Nalin Dahyabhai <nalin@redhat.com>	2012-06-05 16:24:15 -0400
commit	16a5c7affc451cfc44f7381022e40ed799eb0187 (patch)
tree	8183b82c17d21105ae8cb5414109f82b3f71d6ad
parent	6e8c2c396cd34bf04e4cf63548040cac7f8c5e1f (diff)
download	krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.tar.gz krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.tar.xz krb5-16a5c7affc451cfc44f7381022e40ed799eb0187.zip