diff --git a/policycoreutils/restorecond/restorecond.conf b/policycoreutils/restorecond/restorecond.conf index 6dff5a1d..3fc9376a 100644 --- a/policycoreutils/restorecond/restorecond.conf +++ b/policycoreutils/restorecond/restorecond.conf @@ -5,3 +5,7 @@ /var/run/utmp /var/log/wtmp ~/* +/root/.ssh +/root/.ssh/* + + diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles index ccd63655..31f96d1c 100755 --- a/policycoreutils/scripts/fixfiles +++ b/policycoreutils/scripts/fixfiles @@ -122,7 +122,7 @@ if [ ! -z "$PREFC" ]; then fi if [ ! -z "$RPMFILES" ]; then for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do - rpmlist $i | ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -i -f - 2>&1 >> $LOGFILE + rpmlist $i | ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -R -i -f - 2>&1 >> $LOGFILE done exit $? fi diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py index 07c119ce..20bd2059 100644 --- a/policycoreutils/semanage/seobject.py +++ b/policycoreutils/semanage/seobject.py @@ -339,6 +339,7 @@ class permissiveRecords(semanageRecords): def add(self, type): + import glob name = "permissive_%s" % type dirname = "/var/lib/selinux" os.chdir(dirname) @@ -362,16 +363,19 @@ permissive %s; fd.close() rc = semanage_module_install(self.sh, data, len(data)); - if rc < 0: - raise ValueError(_("Could not set permissive domain %s (module installation failed)") % name) - - self.commit() + if rc >= 0: + self.commit() for root, dirs, files in os.walk("tmp", topdown=False): for name in files: os.remove(os.path.join(root, name)) for name in dirs: os.rmdir(os.path.join(root, name)) + os.removedirs("tmp") + for i in glob.glob("permissive_%s.*" % type): + os.remove(i) + if rc < 0: + raise ValueError(_("Could not set permissive domain %s (module installation failed)") % name) def delete(self, name): for n in name.split():