--- setroubleshoot-2.1.10.orig/debian/dirs +++ setroubleshoot-2.1.10/debian/dirs @@ -0,0 +1,3 @@ +usr/bin +usr/sbin +usr/share/setroubleshoot/plugins --- setroubleshoot-2.1.10.orig/debian/rules +++ setroubleshoot-2.1.10/debian/rules @@ -0,0 +1,122 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +include /usr/share/quilt/quilt.make + + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE)) +CROSS= --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) +else +CROSS= --build $(DEB_BUILD_GNU_TYPE) +endif + + + +config.status: patch configure + dh_testdir + # Add here commands to configure the package. +ifneq "$(wildcard /usr/share/misc/config.sub)" "" + cp -f /usr/share/misc/config.sub config.sub +endif +ifneq "$(wildcard /usr/share/misc/config.guess)" "" + cp -f /usr/share/misc/config.guess config.guess +endif + ./configure $(CROSS) --prefix=/usr \ + --mandir=\$${prefix}/share/man \ + --infodir=\$${prefix}/share/info \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --libexecdir=\$${prefix}/lib \ + CFLAGS="$(CFLAGS)" LDFLAGS="-Wl,-z,defs" + + +build: build-stamp + +build-stamp: config.status + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + #docbook-to-man debian/setroubleshoot.sgml > setroubleshoot.1 + + touch $@ + +clean: clean-patched unpatch + +clean-patched: + dh_testdir + dh_testroot + rm -f build-stamp + + # Add here commands to clean up after the build process. + [ ! -f Makefile ] || $(MAKE) distclean + rm -f config.sub config.guess + rm -f setroubleshoot.desktop src/setroubleshoot.cfg + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_prep + dh_installdirs + + # Add here commands to install the package into debian/setroubleshoot. + $(MAKE) DESTDIR=$(CURDIR)/debian/setroubleshoot install + + # remove extra license file + find $(CURDIR)/debian/setroubleshoot -name "COPYING*" -delete + + rm -rf $(CURDIR)/debian/setroubleshoot/var/run/setroubleshoot + + cp -f setroubleshoot.logrotate debian/ + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs ChangeLog + dh_installdocs + dh_installexamples +# dh_install +# dh_installmenu +# dh_installdebconf + dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime + dh_pysupport + dh_installinit +# dh_installcron +# dh_installinfo + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms +# dh_perl +# dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- setroubleshoot-2.1.10.orig/debian/watch +++ setroubleshoot-2.1.10/debian/watch @@ -0,0 +1,11 @@ +# Example watch control file for uscan +# Rename this file to "watch" and then you can run the "uscan" command +# to check for upstream updates and more. +# See uscan(1) for format + +# Compulsory line, this is a version 3 file +version=3 + +# Recursive directory scanning, starting from +# http://cvs.fedoraproject.org/repo/pkgs/setroubleshoot/ +http://cvs.fedoraproject.org/repo/pkgs/setroubleshoot/setroubleshoot-([\d\.]+).tar.gz\//([a-zA-Z0-9]+)/ setroubleshoot-([\d\.]+).tar.gz --- setroubleshoot-2.1.10.orig/debian/postinst +++ setroubleshoot-2.1.10/debian/postinst @@ -0,0 +1,52 @@ +#!/bin/sh +# postinst script for setroubleshoot +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + # workaround plugins import problem + [ -f /usr/share/setroubleshoot/plugins/__init__.py ] || \ + touch /usr/share/setroubleshoot/plugins/__init__.py + + # no more init script + [ ! -f "/etc/init.d/setroubleshoot" ] || \ + (update-rc.d -f setroubleshoot remove; rm -f /etc/init.d/setroubleshoot) + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +echo "Reloading DBus" +invoke-rc.d dbus reload || true + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- setroubleshoot-2.1.10.orig/debian/docs +++ setroubleshoot-2.1.10/debian/docs @@ -0,0 +1,3 @@ +NEWS +README +TODO --- setroubleshoot-2.1.10.orig/debian/compat +++ setroubleshoot-2.1.10/debian/compat @@ -0,0 +1 @@ +7 --- setroubleshoot-2.1.10.orig/debian/postrm +++ setroubleshoot-2.1.10/debian/postrm @@ -0,0 +1,45 @@ +#!/bin/sh +# postrm script for setroubleshoot +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + purge) + rm -rf /var/lib/setroubleshoot + rm -rf /var/log/setroubleshoot + rm -rf /var/run/setroubleshoot + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- setroubleshoot-2.1.10.orig/debian/copyright +++ setroubleshoot-2.1.10/debian/copyright @@ -0,0 +1,21 @@ +This package was debianized by Pierre Chifflier on +Wed, 15 Oct 2008 21:15:36 +0200. + +It was downloaded from https://fedorahosted.org/setroubleshoot + +Upstream Authors: + + John Dennis + Dan Walsh + +Copyright 2006,2007,2008 Red Hat, Inc. + +License: + + This software is distributed under the GNU General Public License + version 2 or later, which can be found at + /usr/share/common-licenses/GPL. + +The Debian packaging is (C) 2008, Pierre Chifflier and +is licensed under the GPL, see `/usr/share/common-licenses/GPL'. + --- setroubleshoot-2.1.10.orig/debian/changelog +++ setroubleshoot-2.1.10/debian/changelog @@ -0,0 +1,52 @@ +setroubleshoot (2.1.10-1) unstable; urgency=low + + * New Upstream Version: + Fix alarm exiting after 10 seconds + + -- Pierre Chifflier Sun, 10 May 2009 22:12:35 +0200 + +setroubleshoot (2.1.9-2) unstable; urgency=low + + * Add build-depend on libselinux1-dev (Closes: #525054) + + -- Pierre Chifflier Wed, 22 Apr 2009 09:25:54 +0200 + +setroubleshoot (2.1.9-1) unstable; urgency=low + + * New Upstream Version + * Force removal of init script and rc symlinks (Closes: #524544) + + -- Pierre Chifflier Mon, 20 Apr 2009 10:09:25 +0200 + +setroubleshoot (2.1.6-2) unstable; urgency=low + + * Change binary-indep to binary-arch for arch:any transition + + -- Pierre Chifflier Wed, 15 Apr 2009 16:04:09 +0200 + +setroubleshoot (2.1.6-1) unstable; urgency=low + + * New Upstream Version + * Make package arch:any, some parts are now coded in C + * Fix dependencies (Closes: #515571) + * Add consolekit to dependencies + * setroubleshootd is now started dynamically (and is no more a daemon) + It automatically dies when there are no client or alerts + Init script has been removed (Closes: #515131) + * Bump standards version to 3.8.1, no changes + * + + -- Pierre Chifflier Wed, 15 Apr 2009 15:22:28 +0200 + +setroubleshoot (2.0.12-2) unstable; urgency=low + + * Exit gracefully if SElinux is disabled (Closes: #508089) + + -- Pierre Chifflier Mon, 08 Dec 2008 15:40:08 +0100 + +setroubleshoot (2.0.12-1) unstable; urgency=low + + * Initial release (Closes: #471701) + + -- Pierre Chifflier Tue, 04 Nov 2008 15:03:49 +0100 + --- setroubleshoot-2.1.10.orig/debian/pyversions +++ setroubleshoot-2.1.10/debian/pyversions @@ -0,0 +1 @@ +2.4- --- setroubleshoot-2.1.10.orig/debian/setroubleshoot.logrotate +++ setroubleshoot-2.1.10/debian/setroubleshoot.logrotate @@ -0,0 +1,8 @@ +/var/log/setroubleshoot/*.log { + weekly + rotate 2 + missingok + sharedscripts +# postrotate +# endscript +} --- setroubleshoot-2.1.10.orig/debian/control +++ setroubleshoot-2.1.10/debian/control @@ -0,0 +1,51 @@ +Source: setroubleshoot +Section: admin +Priority: extra +Maintainer: Pierre Chifflier +Build-Depends: debhelper (>= 7), + quilt, + autotools-dev, + python, + python-support (>= 0.6), + xdg-utils, + gettext, + intltool, + libxml-parser-perl, + libnotify-dev, + libgtk2.0-dev, + libaudit-dev, + libselinux1-dev +Standards-Version: 3.8.1 +Homepage: https://fedorahosted.org/setroubleshoot + +Package: setroubleshoot +Architecture: any +Depends: ${python:Depends}, + ${shlibs:Depends}, + dbus, + consolekit, + python-audit, + python-notify, + python-rpm, + python-gtkhtml2, + python-dbus, + python-libxml2, + python-gnome2, + rpm +Recommends: auditd, + policycoreutils, + selinux-policy-default, + setroubleshoot-plugins +Description: Tool to help troubleshoot SELinux problems + Tools to help diagnose SELinux problems. When AVC messages + are generated an alert can be generated that will give information + about the problem and help track its resolution. Alerts can be configured + to user preference. The same tools can be run on existing log files. + . + This package provides the SELinux troubleshoot server, and a graphical + application to analyze AVC messages, and get some hints on possible + solutions. + + + + --- setroubleshoot-2.1.10.orig/debian/README.Debian +++ setroubleshoot-2.1.10/debian/README.Debian @@ -0,0 +1,27 @@ +setroubleshoot for Debian +========================= + +Requirements +------------ + +To work correctly on a single host, the following packages are required:: + + - selinux-basic, selinux-policy-default (with SELinux enabled, in Permissive or Enforcing mode) + - auditd, sending events to /var/run/audispd_events (default auditd config) + - setroubleshoot-plugins + +If you don't have setroubleshoot-plugins installed, you will never get +any alert ! + +These packages are marked as Recommends (and not Depends), because they are +optional in case you are connecting to a remote server. + +Debian specific changes +----------------------- + +setroubleshoot checks the alert context to avoid infinite loops. +However, the check is done by comparing setroubleshootd context to the alert +context, which won't work until a SELinux policy is written for +setroubleshootd (it actually runs as unconfined_t). + + -- Pierre Chifflier Fri, 17 Oct 2008 23:28:28 +0200 --- setroubleshoot-2.1.10.orig/debian/patches/series +++ setroubleshoot-2.1.10/debian/patches/series @@ -0,0 +1 @@ +10_remove_context_check.patch --- setroubleshoot-2.1.10.orig/debian/patches/10_remove_context_check.patch +++ setroubleshoot-2.1.10/debian/patches/10_remove_context_check.patch @@ -0,0 +1,13 @@ +Index: setroubleshoot/src/avc_audit.py +=================================================================== +--- setroubleshoot.orig/src/avc_audit.py 2009-03-16 12:17:44.000000000 +0100 ++++ setroubleshoot/src/avc_audit.py 2009-03-16 12:17:48.000000000 +0100 +@@ -51,7 +51,7 @@ + if avc.scontext.type == None or avc.tcontext.type == None: + return False + +- if my_context.type == avc.scontext.type: ++ if my_context.type == avc.scontext.type and my_context.type == "unconfined_t": + log_program.error( "setroubleshoot generated AVC, exiting to avoid recursion, context=%s, AVC scontext=%s", my_context, avc.scontext) + log_program.error( "audit event\n%s", avc.audit_event.format()) + import sys