rpms / fapolicyd

Clone
Source Code
GIT

Blame SOURCES/fapolicyd-java2.patch

c8 c8-beta c8s c9 c9-beta
  1.   4255d0dafa5626f0ed7120289f3f36fcf2d03ea1
  2.   SOURCES
  3.   fapolicyd-java2.patch
Blob History Raw
4255d0 
From 32a47ce0557c9b38ee59acec97d8f5bd01b4751d Mon Sep 17 00:00:00 2001
4255d0 
From: Steve Grubb <sgrubb@redhat.com>
4255d0 
Date: Tue, 10 Nov 2020 11:47:37 -0500
4255d0 
Subject: [PATCH] Pickup more languages in /usr/share
4255d0
4255d0 
It turns out that there is a lot of languages placing code for execution
4255d0 
in /usr/share. This patch widens the filter so that more file extensions
4255d0 
are included in the trust database. Without this, access to pki-ca.jar,
4255d0 
for example, is denied access.
4255d0 
---
4255d0 
 src/library/rpm-backend.c | 31 +++++++++++++++++++++++++++++++
4255d0 
 1 file changed, 31 insertions(+)
4255d0
4255d0 
diff --git a/src/library/rpm-backend.c b/src/library/rpm-backend.c
4255d0 
index 25f867a..6ce8a2d 100644
4255d0 
--- a/src/library/rpm-backend.c
4255d0 
+++ b/src/library/rpm-backend.c
4255d0 
@@ -183,6 +183,7 @@ static int drop_path(const char *file_name)
4255d0 
 			// Drop anything in /usr/share that's
4255d0 
 			// not python, javascript, or has a libexec dir
4255d0 
 			if (file_name[6] == 'h' ) {
4255d0 
+				// These are roughly ordered by quantity
4255d0 
 				if (fnmatch("*.py?",
4255d0 
 						 file_name, 0) == 0)
4255d0 
 					return 0;
4255d0 
@@ -192,9 +193,39 @@ static int drop_path(const char *file_name)
4255d0 
 				else if (fnmatch("*/libexec/*",
4255d0 
 						file_name, 0) == 0)
4255d0 
 					return 0;
4255d0 
+				else if (fnmatch("*.rb",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.pl",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.stp",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
 				else if (fnmatch("*.js",
4255d0 
 						 file_name, 0) == 0)
4255d0 
 					return 0;
4255d0 
+				else if (fnmatch("*.jar",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.m4",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.php",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.el",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.pm",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.lua",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
+				else if (fnmatch("*.java",
4255d0 
+						 file_name, 0) == 0)
4255d0 
+					return 0;
4255d0 
 				return 1;
4255d0 
 			// Akmod need scripts in /usr/src/kernel
4255d0 
 			} else if (file_name[6] == 'r' ) {

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation