Patch for semodule command
semodule -B
Will now turn on dontaudit rules
semodule -DB
Will turn off dontaudit rules.
With other patch all other semanage commands will maintain state.
Created by Dan Walsh
Signed-off-by: Christopher Pardy <cpardy@xxxxxxxxxx>
---
semodule/semodule.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff -up policycoreutils-2.0.64/semodule/semodule.c~ policycoreutils-2.0.64/semodule/semodule.c
--- policycoreutils-2.0.64/semodule/semodule.c~ 2009-06-23 15:36:25.000000000 -0400
+++ policycoreutils-2.0.64/semodule/semodule.c 2009-07-01 13:34:42.027229000 -0400
@@ -417,8 +418,10 @@ int main(int argc, char *argv[])
printf("Committing changes:\n");
if (no_reload)
semanage_set_reload(sh, 0);
- if (build)
+ if (build) {
+ semanage_set_disable_dontaudit(sh, 0);
semanage_set_rebuild(sh, 1);
+ }
if (disable_dontaudit)
semanage_set_disable_dontaudit(sh, 1);
result = semanage_commit(sh);
diff -up policycoreutils-2.0.64/semodule/semodule.c~ policycoreutils-2.0.64/semodule/semodule.c
--- policycoreutils-2.0.64/semodule/semodule.c~ 2009-06-23 15:36:25.000000000 -0400
+++ policycoreutils-2.0.64/semodule/semodule.c 2009-07-01 13:34:42.027229000 -0400
@@ -417,8 +418,10 @@ int main(int argc, char *argv[])
printf("Committing changes:\n");
if (no_reload)
semanage_set_reload(sh, 0);
- if (build)
+ if (build) {
+ semanage_set_disable_dontaudit(sh, 0);
semanage_set_rebuild(sh, 1);
+ }
if (disable_dontaudit)
semanage_set_disable_dontaudit(sh, 1);
result = semanage_commit(sh);
