2009-08-19 13:08:28 +00:00
|
|
|
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.71/sepolgen-1.0.17/src/sepolgen/audit.py
|
2009-08-18 19:25:04 +00:00
|
|
|
--- nsasepolgen/src/sepolgen/audit.py 2008-08-28 09:34:24.000000000 -0400
|
2009-08-19 13:08:28 +00:00
|
|
|
+++ policycoreutils-2.0.71/sepolgen-1.0.17/src/sepolgen/audit.py 2009-08-18 15:21:13.000000000 -0400
|
2009-08-18 19:25:04 +00:00
|
|
|
@@ -23,6 +23,27 @@
|
2009-04-09 02:05:21 +00:00
|
|
|
|
2009-08-18 19:25:04 +00:00
|
|
|
# Convenience functions
|
2009-04-09 02:05:21 +00:00
|
|
|
|
2009-08-18 19:25:04 +00:00
|
|
|
+def get_audit_boot_msgs():
|
|
|
|
+ """Obtain all of the avc and policy load messages from the audit
|
|
|
|
+ log. This function uses ausearch and requires that the current
|
|
|
|
+ process have sufficient rights to run ausearch.
|
|
|
|
+
|
|
|
|
+ Returns:
|
|
|
|
+ string contain all of the audit messages returned by ausearch.
|
|
|
|
+ """
|
|
|
|
+ import subprocess
|
|
|
|
+ import time
|
|
|
|
+ fd=open("/proc/uptime", "r")
|
|
|
|
+ off=float(fd.read().split()[0])
|
|
|
|
+ fd.close
|
|
|
|
+ s = time.localtime(time.time() - off)
|
|
|
|
+ date = time.strftime("%D/%Y", s).split("/")
|
|
|
|
+ bootdate="%s/%s/%s" % (date[0], date[1], date[3])
|
|
|
|
+ boottime = time.strftime("%X", s)
|
|
|
|
+ output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
|
|
|
|
+ stdout=subprocess.PIPE).communicate()[0]
|
|
|
|
+ return output
|
|
|
|
+
|
|
|
|
def get_audit_msgs():
|
|
|
|
"""Obtain all of the avc and policy load messages from the audit
|
|
|
|
log. This function uses ausearch and requires that the current
|
|
|
|
@@ -47,6 +68,17 @@
|
2009-05-05 18:51:52 +00:00
|
|
|
stdout=subprocess.PIPE).communicate()[0]
|
|
|
|
return output
|
|
|
|
|
|
|
|
+def get_log_msgs():
|
|
|
|
+ """Obtain all of the avc and policy load messages from /var/log/messages.
|
|
|
|
+
|
|
|
|
+ Returns:
|
|
|
|
+ string contain all of the audit messages returned by /var/log/messages.
|
|
|
|
+ """
|
|
|
|
+ import subprocess
|
|
|
|
+ output = subprocess.Popen(["/bin/grep", "avc", "/var/log/messages"],
|
|
|
|
+ stdout=subprocess.PIPE).communicate()[0]
|
|
|
|
+ return output
|
|
|
|
+
|
|
|
|
# Classes representing audit messages
|
|
|
|
|
|
|
|
class AuditMessage:
|
2009-08-19 13:08:28 +00:00
|
|
|
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.71/sepolgen-1.0.17/src/sepolgen/refparser.py
|
2008-09-11 13:55:11 +00:00
|
|
|
--- nsasepolgen/src/sepolgen/refparser.py 2008-08-28 09:34:24.000000000 -0400
|
2009-08-19 13:08:28 +00:00
|
|
|
+++ policycoreutils-2.0.71/sepolgen-1.0.17/src/sepolgen/refparser.py 2009-08-13 17:57:55.000000000 -0400
|
2008-01-23 20:23:24 +00:00
|
|
|
@@ -919,7 +919,7 @@
|
2007-12-19 10:40:23 +00:00
|
|
|
def list_headers(root):
|
|
|
|
modules = []
|
|
|
|
support_macros = None
|
|
|
|
- blacklist = ["init.if", "inetd.if", "uml.if", "thunderbird.if"]
|
2009-08-18 19:25:04 +00:00
|
|
|
+ blacklist = ["uml.if", "thunderbird.if, unconfined.if"]
|
2007-12-19 10:40:23 +00:00
|
|
|
|
|
|
|
for dirpath, dirnames, filenames in os.walk(root):
|
|
|
|
for name in filenames:
|