rpms/policycoreutils
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Improve compatibility with python 3

Browse Source
This commit is contained in:
Petr Lautrbach 2015-07-23 14:24:40 +02:00
parent 8da01b879c
commit 056cb287fa
3 changed files with 728 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

758
policycoreutils-rhat.patch
View File

@ -9,18 +9,287 @@ index 962ac12..6a9c40c 100644
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
diff --git a/policycoreutils-2.4/audit2allow/audit2allow b/policycoreutils-2.4/audit2allow/audit2allow
index c9713a2..5c5bd6e 100644
index c9713a2..167e135 100644
--- a/policycoreutils-2.4/audit2allow/audit2allow
+++ b/policycoreutils-2.4/audit2allow/audit2allow
@@ -271,7 +271,7 @@ class AuditToPolicy:
if rc == audit2why.CONSTRAINT:
print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
print "#Constraint rule:"
- print "\n\t" + data[0]
+ print "\n#\t" + data[0]
for reason in data[1:]:
print "#\tPossible cause is the source %s and target %s are different.\n" % reason
@@ -135,13 +135,13 @@ class AuditToPolicy:
elif self.__options.audit:
try:
messages = audit.get_audit_msgs()
- except OSError, e:
+ except OSError as e:
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
sys.exit(1)
elif self.__options.boot:
try:
messages = audit.get_audit_boot_msgs()
- except OSError, e:
+ except OSError as e:
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
sys.exit(1)
else:
@@ -152,7 +152,7 @@ class AuditToPolicy:
if filename is not None:
try:
f = open(filename)
- except IOError, e:
+ except IOError as e:
sys.stderr.write('could not open file %s - "%s"\n' % (filename, str(e)))
sys.exit(1)
@@ -214,7 +214,7 @@ class AuditToPolicy:
try:
fd = open(filename, "w")
- except IOError, e:
+ except IOError as e:
sys.stderr.write("could not write output file: %s\n" % str(e))
sys.exit(1)
@@ -225,8 +225,8 @@ class AuditToPolicy:
try:
mc.create_module_package(filename, self.__options.refpolicy)
- except RuntimeError, e:
- print e
+ except RuntimeError as e:
+ print(e)
sys.exit(1)
sys.stdout.write(_("******************** IMPORTANT ***********************\n"))
@@ -240,44 +240,44 @@ class AuditToPolicy:
rc = i.type
data = i.data
if rc >= 0:
- print "%s\n\tWas caused by:" % i.message
+ print("%s\n\tWas caused by:" % i.message)
if rc == audit2why.ALLOW:
- print "\t\tUnknown - would be allowed by active policy\n",
- print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
- print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
+ print("\t\tUnknown - would be allowed by active policy")
+ print("\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n")
+ print("\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n")
continue
if rc == audit2why.DONTAUDIT:
- print "\t\tUnknown - should be dontaudit'd by active policy\n",
- print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
- print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
+ print("\t\tUnknown - should be dontaudit'd by active policy")
+ print("\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n")
+ print("\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n")
continue
if rc == audit2why.BOOLEAN:
if len(data) > 1:
- print "\tOne of the following booleans was set incorrectly."
+ print("\tOne of the following booleans was set incorrectly.")
for b in data:
- print "\tDescription:\n\t%s\n" % seobject.boolean_desc(b[0])
- print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])
+ print("\tDescription:\n\t%s\n" % seobject.boolean_desc(b[0]))
+ print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1]))
else:
- print "\tThe boolean %s was set incorrectly. " % (data[0][0])
- print "\tDescription:\n\t%s\n" % seobject.boolean_desc(data[0][0])
- print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1])
+ print("\tThe boolean %s was set incorrectly. " % (data[0][0]))
+ print("\tDescription:\n\t%s\n" % seobject.boolean_desc(data[0][0]))
+ print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1]))
continue
if rc == audit2why.TERULE:
- print "\t\tMissing type enforcement (TE) allow rule.\n"
- print "\t\tYou can use audit2allow to generate a loadable module to allow this access.\n"
+ print("\t\tMissing type enforcement (TE) allow rule.\n")
+ print("\t\tYou can use audit2allow to generate a loadable module to allow this access.\n")
continue
if rc == audit2why.CONSTRAINT:
- print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
- print "#Constraint rule:"
- print "\n\t" + data[0]
+ print() #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
+ print("#Constraint rule:")
+ print("\n#\t" + data[0])
for reason in data[1:]:
- print "#\tPossible cause is the source %s and target %s are different.\n" % reason
+ print("#\tPossible cause is the source %s and target %s are different.\n" % reason)
if rc == audit2why.RBAC:
- print "\t\tMissing role allow rule.\n"
- print "\t\tAdd an allow rule for the role pair.\n"
+ print("\t\tMissing role allow rule.\n")
+ print("\t\tAdd an allow rule for the role pair.\n")
continue
audit2why.finish()
@@ -288,8 +288,8 @@ class AuditToPolicy:
if self.__options.audit2why:
try:
return self.__output_audit2why()
- except RuntimeError, e:
- print e
+ except RuntimeError as e:
+ print(e)
sys.exit(1)
g = policygen.PolicyGenerator()
@@ -348,11 +348,11 @@ class AuditToPolicy:
self.__output()
except KeyboardInterrupt:
sys.exit(0)
- except ValueError, e:
- print e
+ except ValueError as e:
+ print(e)
sys.exit(1)
- except IOError, e:
- print e
+ except IOError as e:
+ print(e)
sys.exit(1)
if __name__ == "__main__":
diff --git a/policycoreutils-2.4/audit2allow/audit2why b/policycoreutils-2.4/audit2allow/audit2why
index 323eddd..09422a2 100644
--- a/policycoreutils-2.4/audit2allow/audit2why
+++ b/policycoreutils-2.4/audit2allow/audit2why
@@ -135,13 +135,13 @@ class AuditToPolicy:
elif self.__options.audit:
try:
messages = audit.get_audit_msgs()
- except OSError, e:
+ except OSError as e:
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
sys.exit(1)
elif self.__options.boot:
try:
messages = audit.get_audit_boot_msgs()
- except OSError, e:
+ except OSError as e:
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
sys.exit(1)
else:
@@ -152,7 +152,7 @@ class AuditToPolicy:
if filename is not None:
try:
f = open(filename)
- except IOError, e:
+ except IOError as e:
sys.stderr.write('could not open file %s - "%s"\n' % (filename, str(e)))
sys.exit(1)
@@ -214,7 +214,7 @@ class AuditToPolicy:
try:
fd = open(filename, "w")
- except IOError, e:
+ except IOError as e:
sys.stderr.write("could not write output file: %s\n" % str(e))
sys.exit(1)
@@ -225,8 +225,8 @@ class AuditToPolicy:
try:
mc.create_module_package(filename, self.__options.refpolicy)
- except RuntimeError, e:
- print e
+ except RuntimeError as e:
+ print(e)
sys.exit(1)
sys.stdout.write(_("******************** IMPORTANT ***********************\n"))
@@ -240,43 +240,43 @@ class AuditToPolicy:
rc = i.type
data = i.data
if rc >= 0:
- print "%s\n\tWas caused by:" % i.message
+ print("%s\n\tWas caused by:" % i.message)
if rc == audit2why.ALLOW:
- print "\t\tUnknown - would be allowed by active policy\n",
- print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
- print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
+ print("\t\tUnknown - would be allowed by active policy")
+ print("\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n")
+ print("\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n")
continue
if rc == audit2why.DONTAUDIT:
- print "\t\tUnknown - should be dontaudit'd by active policy\n",
- print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
- print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
+ print("\t\tUnknown - should be dontaudit'd by active policy")
+ print("\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n")
+ print("\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n")
continue
if rc == audit2why.BOOLEAN:
if len(data) > 1:
- print "\tOne of the following booleans was set incorrectly."
+ print("\tOne of the following booleans was set incorrectly.")
for b in data:
- print "\tDescription:\n\t%s\n" % seobject.boolean_desc(b[0])
- print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])
+ print("\tDescription:\n\t%s\n" % seobject.boolean_desc(b[0]))
+ print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1]))
else:
- print "\tThe boolean %s was set incorrectly. " % (data[0][0])
- print "\tDescription:\n\t%s\n" % seobject.boolean_desc(data[0][0])
- print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1])
+ print("\tThe boolean %s was set incorrectly. " % (data[0][0]))
+ print("\tDescription:\n\t%s\n" % seobject.boolean_desc(data[0][0]))
+ print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1]))
continue
if rc == audit2why.TERULE:
- print "\t\tMissing type enforcement (TE) allow rule.\n"
- print "\t\tYou can use audit2allow to generate a loadable module to allow this access.\n"
+ print("\t\tMissing type enforcement (TE) allow rule.\n")
+ print("\t\tYou can use audit2allow to generate a loadable module to allow this access.\n")
continue
if rc == audit2why.CONSTRAINT:
- print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
- print "#Constraint rule: \n\t" + data[0]
+ print() #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
+ print("#Constraint rule: \n\t" + data[0])
for reason in data[1:]:
- print "#\tPossible cause is the source %s and target %s are different.\n\b" % reason
+ print("#\tPossible cause is the source %s and target %s are different.\n\b" % reason)
if rc == audit2why.RBAC:
- print "\t\tMissing role allow rule.\n"
- print "\t\tAdd an allow rule for the role pair.\n"
+ print("\t\tMissing role allow rule.\n")
+ print("\t\tAdd an allow rule for the role pair.\n")
continue
audit2why.finish()
@@ -287,8 +287,8 @@ class AuditToPolicy:
if self.__options.audit2why:
try:
return self.__output_audit2why()
- except RuntimeError, e:
- print e
+ except RuntimeError as e:
+ print(e)
sys.exit(1)
g = policygen.PolicyGenerator()
@@ -347,11 +347,11 @@ class AuditToPolicy:
self.__output()
except KeyboardInterrupt:
sys.exit(0)
- except ValueError, e:
- print e
+ except ValueError as e:
+ print(e)
sys.exit(1)
- except IOError, e:
- print e
+ except IOError as e:
+ print(e)
sys.exit(1)
if __name__ == "__main__":
diff --git a/policycoreutils-2.4/audit2allow/sepolgen-ifgen b/policycoreutils-2.4/audit2allow/sepolgen-ifgen
index 83c7ecf..7f8caaf 100644
--- a/policycoreutils-2.4/audit2allow/sepolgen-ifgen
@ -65,6 +334,33 @@ index 83c7ecf..7f8caaf 100644
return 1
if_set = interfaces.InterfaceSet(output=log)
diff --git a/policycoreutils-2.4/audit2allow/test_audit2allow.py b/policycoreutils-2.4/audit2allow/test_audit2allow.py
index 794673e..d6bd60b 100644
--- a/policycoreutils-2.4/audit2allow/test_audit2allow.py
+++ b/policycoreutils-2.4/audit2allow/test_audit2allow.py
@@ -4,18 +4,18 @@ from subprocess import Popen, PIPE
class Audit2allowTests(unittest.TestCase):
def assertDenied(self, err):
- self.assert_('Permission denied' in err,
+ self.assertTrue('Permission denied' in err,
'"Permission denied" not found in %r' % err)
def assertNotFound(self, err):
- self.assert_('not found' in err,
+ self.assertTrue('not found' in err,
'"not found" not found in %r' % err)
def assertFailure(self, status):
- self.assert_(status != 0,
+ self.assertTrue(status != 0,
'"Succeeded when it should have failed')
def assertSuccess(self, cmd, status, err):
- self.assert_(status == 0,
+ self.assertTrue(status == 0,
'"%s should have succeeded for this test %r' % (cmd, err))
def test_sepolgen_ifgen(self):
diff --git a/policycoreutils-2.4/gui/Makefile b/policycoreutils-2.4/gui/Makefile
index 9d9f820..0c2b390 100644
--- a/policycoreutils-2.4/gui/Makefile
@ -654485,6 +654781,367 @@ index b306041..16eb50b 100644
+#: ../sepolicy/sepolicy/gui.py:2777
msgid "Loss of data Dialog"
msgstr ""
diff --git a/policycoreutils-2.4/sandbox/sandbox b/policycoreutils-2.4/sandbox/sandbox
index 3678c5d..fb64464 100644
--- a/policycoreutils-2.4/sandbox/sandbox
+++ b/policycoreutils-2.4/sandbox/sandbox
@@ -25,7 +25,6 @@ import selinux
import signal
from tempfile import mkdtemp
import pwd
-import commands
import sepolicy
PROGNAME = "policycoreutils"
@@ -36,13 +35,16 @@ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
try:
- gettext.install(PROGNAME,
- localedir = "/usr/share/locale",
- unicode=False,
- codeset = 'utf-8')
+ gettext.install(PROGNAME,
+ localedir = "/usr/share/locale",
+ codeset = 'utf-8')
except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
+ try:
+ import builtins
+ builtins.__dict__['_'] = str
+ except ImportError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
DEFAULT_WINDOWSIZE = "1000x700"
DEFAULT_TYPE = "sandbox_t"
@@ -86,7 +88,7 @@ def copyfile(file, srcdir, dest):
else:
shutil.copy2(file, dest)
- except shutil.Error, elist:
+ except shutil.Error as elist:
for e in elist.message:
sys.stderr.write(e[2])
@@ -107,7 +109,11 @@ def savefile(new, orig, X_ind):
if rc == gtk.RESPONSE_YES:
copy = True
else:
- ans = raw_input(_("Do you want to save changes to '%s' (y/N): ") % orig)
+ try:
+ input = raw_input
+ except NameError:
+ pass
+ ans = input(_("Do you want to save changes to '%s' (y/N): ") % orig)
if(re.match(_("[yY]"),ans)):
copy = True
if(copy):
@@ -228,9 +234,9 @@ class Sandbox:
for i in fd.readlines():
try:
self.__include(option, opt, i[:-1], parser)
- except IOError, e:
+ except IOError as e:
sys.stderr.write(str(e))
- except TypeError, e:
+ except TypeError as e:
sys.stderr.write(str(e))
fd.close()
@@ -263,7 +269,7 @@ dbus-launch --exit-with-session %s
kill -TERM $WM_PID 2> /dev/null
""" % (command, wm, command))
fd.close()
- os.chmod(execfile, 0700)
+ os.chmod(execfile, 0o700)
def usage(self, message = ""):
error_exit("%s\n%s" % (self.__parser.usage, message))
@@ -492,13 +498,13 @@ if __name__ == '__main__':
try:
sandbox = Sandbox()
rc = sandbox.main()
- except OSError, error:
+ except OSError as error:
error_exit(error)
- except ValueError, error:
+ except ValueError as error:
error_exit(error.args[0])
- except KeyError, error:
+ except KeyError as error:
error_exit(_("Invalid value %s") % error.args[0])
- except IOError, error:
+ except IOError as error:
error_exit(error)
except KeyboardInterrupt:
rc = 0
diff --git a/policycoreutils-2.4/sandbox/start b/policycoreutils-2.4/sandbox/start
index 52950d7..d895ba2 100644
--- a/policycoreutils-2.4/sandbox/start
+++ b/policycoreutils-2.4/sandbox/start
@@ -1,9 +1,9 @@
#! /usr/bin/python -Es
-import gtk, commands, sys
+import gtk, subprocess, sys
rc = [-1,'']
try:
- rc=commands.getstatusoutput(sys.argv[1])
+ rc=subprocess.getstatusoutput(sys.argv[1])
except:
pass
if rc[0] == 0:
- print rc[1]
+ print(rc[1])
diff --git a/policycoreutils-2.4/sandbox/test_sandbox.py b/policycoreutils-2.4/sandbox/test_sandbox.py
index b3b7f64..d765cb4 100644
--- a/policycoreutils-2.4/sandbox/test_sandbox.py
+++ b/policycoreutils-2.4/sandbox/test_sandbox.py
@@ -4,18 +4,18 @@ from subprocess import Popen, PIPE
class SandboxTests(unittest.TestCase):
def assertDenied(self, err):
- self.assert_('Permission denied' in err,
+ self.assertTrue(b'Permission denied' in err,
'"Permission denied" not found in %r' % err)
def assertNotFound(self, err):
- self.assert_('not found' in err,
+ self.assertTrue(b'not found' in err,
'"not found" not found in %r' % err)
def assertFailure(self, status):
- self.assert_(status != 0,
+ self.assertTrue(status != 0,
'"Succeeded when it should have failed')
def assertSuccess(self, status, err):
- self.assert_(status == 0,
+ self.assertTrue(status == 0,
'"Sandbox should have succeeded for this test %r' % err)
def test_simple_success(self):
@@ -23,7 +23,7 @@ class SandboxTests(unittest.TestCase):
p1 = Popen(['cat', '/etc/passwd'], stdout = PIPE)
p2 = Popen(['sandbox', 'grep', 'root'], stdin = p1.stdout, stdout=PIPE)
out, err = p2.communicate()
- self.assert_('root' in out)
+ self.assertTrue(b'root' in out)
def test_cant_kill(self):
"Verify that we cannot send kill signal in the sandbox"
@@ -95,4 +95,4 @@ if __name__ == "__main__":
if selinux.security_getenforce() == 1:
unittest.main()
else:
- print "SELinux must be in enforcing mode for this test"
+ print("SELinux must be in enforcing mode for this test")
diff --git a/policycoreutils-2.4/scripts/chcat b/policycoreutils-2.4/scripts/chcat
index 9efcb22..21212be 100755
--- a/policycoreutils-2.4/scripts/chcat
+++ b/policycoreutils-2.4/scripts/chcat
@@ -22,15 +22,19 @@
# 02111-1307 USA
#
#
-import commands, sys, os, pwd, string, getopt, selinux
+import subprocess, sys, os, pwd, string, getopt, selinux
import seobject
import gettext
try:
gettext.install('policycoreutils')
except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
+ try:
+ import builtins
+ builtins.__dict__['_'] = str
+ except ImportError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
def errorExit(error):
sys.stderr.write("%s: " % sys.argv[0])
@@ -80,9 +84,9 @@ def chcat_user_add(newcat, users):
cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u)
else:
cmd = "semanage login -m -r %s -s %s %s" % (new_serange, user[0], u)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -107,7 +111,7 @@ def chcat_add(orig, newcat, objects,login_ind):
if len(clist) > 1:
if cat in clist[1:]:
- print _("%s is already in %s") % (f, orig)
+ print(_("%s is already in %s") % (f, orig))
continue
clist.append(cat)
cats = clist[1:]
@@ -118,9 +122,9 @@ def chcat_add(orig, newcat, objects,login_ind):
else:
cat_string = cat
cmd = 'chcon -l %s:%s %s' % (sensitivity, cat_string, f)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -158,9 +162,9 @@ def chcat_user_remove(newcat, users):
cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u)
else:
cmd = "semanage login -m -r %s -s %s %s" % (new_serange, user[0], u)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -185,7 +189,7 @@ def chcat_remove(orig, newcat, objects, login_ind):
if len(clist) > 1:
if cat not in clist[1:]:
- print _("%s is not in %s") % (f, orig)
+ print(_("%s is not in %s") % (f, orig))
continue
clist.remove(cat)
if len(clist) > 1:
@@ -195,16 +199,16 @@ def chcat_remove(orig, newcat, objects, login_ind):
else:
cat = ""
else:
- print _("%s is not in %s") % (f, orig)
+ print(_("%s is not in %s") % (f, orig))
continue
if len(cat) == 0:
cmd = 'chcon -l %s %s' % (sensitivity, f)
else:
cmd = 'chcon -l %s:%s %s' % (sensitivity,cat, f)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -229,9 +233,9 @@ def chcat_user_replace(newcat, users):
cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u)
else:
cmd = "semanage login -m -r %s -s %s %s" % (new_serange, user[0], u)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -251,9 +255,9 @@ def chcat_replace(newcat, objects, login_ind):
for f in objects:
cmd = "%s %s" % (cmd, f)
- rc = commands.getstatusoutput(cmd)
+ rc = subprocess.getstatusoutput(cmd)
if rc[0] != 0:
- print rc[1]
+ print(rc[1])
errors += 1
return errors
@@ -322,18 +326,18 @@ def translate(cats):
return newcat
def usage():
- print _("Usage %s CATEGORY File ...") % sys.argv[0]
- print _("Usage %s -l CATEGORY user ...") % sys.argv[0]
- print _("Usage %s [[+|-]CATEGORY],...]q File ...") % sys.argv[0]
- print _("Usage %s -l [[+|-]CATEGORY],...]q user ...") % sys.argv[0]
- print _("Usage %s -d File ...") % sys.argv[0]
- print _("Usage %s -l -d user ...") % sys.argv[0]
- print _("Usage %s -L") % sys.argv[0]
- print _("Usage %s -L -l user") % sys.argv[0]
- print _("Use -- to end option list. For example")
- print _("chcat -- -CompanyConfidential /docs/businessplan.odt")
- print _("chcat -l +CompanyConfidential juser")
- sys.exit(1)
+ print(_("Usage %s CATEGORY File ...") % sys.argv[0])
+ print(_("Usage %s -l CATEGORY user ...") % sys.argv[0])
+ print(_("Usage %s [[+|-]CATEGORY],...]q File ...") % sys.argv[0])
+ print(_("Usage %s -l [[+|-]CATEGORY],...]q user ...") % sys.argv[0])
+ print(_("Usage %s -d File ...") % sys.argv[0])
+ print(_("Usage %s -l -d user ...") % sys.argv[0])
+ print(_("Usage %s -L") % sys.argv[0])
+ print(_("Usage %s -L -l user") % sys.argv[0])
+ print(_("Use -- to end option list. For example"))
+ print(_("chcat -- -CompanyConfidential /docs/businessplan.odt"))
+ print(_("chcat -l +CompanyConfidential juser"))
+ sys.exit(1)
def listcats():
fd = open(selinux.selinux_translations_path())
@@ -342,7 +346,7 @@ def listcats():
continue
if l.find("=") != -1:
rec = l.split("=")
- print "%-30s %s" % tuple(rec)
+ print("%-30s %s" % tuple(rec))
fd.close()
return 0
@@ -356,12 +360,12 @@ def listusercats(users):
cats = seobject.translate(selinux.getseuserbyname(u)[2])
cats = cats.split("-")
if len(cats) > 1 and cats[1] != "s0":
- print "%s: %s" % (u, cats[1])
+ print("%s: %s" % (u, cats[1]))
else:
- print "%s: %s" % (u, cats[0])
+ print("%s: %s" % (u, cats[0]))
def error(msg):
- print "%s: %s" % (sys.argv[0], msg)
+ print("%s: %s" % (sys.argv[0], msg))
sys.exit(1)
if __name__ == '__main__':
@@ -395,10 +399,10 @@ if __name__ == '__main__':
if list_ind == 0 and len(cmds) < 1:
usage()
- except getopt.error, error:
+ except getopt.error as error:
errorExit(_("Options Error %s ") % error.msg)
- except ValueError, e:
+ except ValueError as e:
usage()
if delete_ind:
@@ -433,9 +437,9 @@ if __name__ == '__main__':
if len(c) > 0 and c[0] == "-":
errors += chcat_remove(c[1:],translate(l), objects, login_ind)
continue
- except ValueError, e:
+ except ValueError as e:
error(e)
- except OSError, e:
+ except OSError as e:
error(e)
sys.exit(errors)
diff --git a/policycoreutils-2.4/scripts/fixfiles b/policycoreutils-2.4/scripts/fixfiles
index 5c29eb9..db53c0b 100755
--- a/policycoreutils-2.4/scripts/fixfiles
@ -654686,10 +655343,10 @@ index 0000000..e2befdb
+ packages=["policycoreutils"],
+)
diff --git a/policycoreutils-2.4/semanage/semanage b/policycoreutils-2.4/semanage/semanage
index dd63010..7f32b40 100644
index dd63010..fa02242 100644
--- a/policycoreutils-2.4/semanage/semanage
+++ b/policycoreutils-2.4/semanage/semanage
@@ -18,24 +18,34 @@
@@ -18,24 +18,38 @@
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
@ -654716,22 +655373,26 @@ index dd63010..7f32b40 100644
- localedir="/usr/share/locale",
- unicode=True,
- codeset = 'utf-8')
+ kwargs = {}
+ if sys.version_info < (3,):
+ kwargs['unicode'] = True
+ gettext.install(PROGNAME,
+ unicode=True,
+ codeset = 'utf-8')
+except TypeError:
+ # Failover to python3 install
+ gettext.install(PROGNAME,
+ codeset = 'utf-8')
+ localedir="/usr/share/locale",
+ codeset = 'utf-8',
+ **kwargs)
except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
+ import builtins
+ builtins.__dict__['_'] = str
+ try:
+ import builtins
+ builtins.__dict__['_'] = str
+ except ImportError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
# define custom usages for selected main actions
usage_login = "semanage login [-h] [-n] [-N] [-s STORE] ["
@@ -61,16 +71,16 @@ usage_boolean_dict = {' --modify':('(','--on','|','--off',')','boolean'), ' --li
@@ -61,16 +75,16 @@ usage_boolean_dict = {' --modify':('(','--on','|','--off',')','boolean'), ' --li
import sepolicy
class CheckRole(argparse.Action):
@ -654758,7 +655419,7 @@ index dd63010..7f32b40 100644
store = ''
class SetStore(argparse.Action):
@@ -103,7 +113,7 @@ class SetImportFile(argparse.Action):
@@ -103,7 +117,7 @@ class SetImportFile(argparse.Action):
if values and values is not "-":
try:
sys.stdin = open(values, 'r')
@ -654767,7 +655428,7 @@ index dd63010..7f32b40 100644
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
setattr(namespace, self.dest, values)
@@ -155,7 +165,7 @@ object_dict = {'login':login_ini, 'user':user_ini, 'port':port_ini, 'module':mod
@@ -155,7 +169,7 @@ object_dict = {'login':login_ini, 'user':user_ini, 'port':port_ini, 'module':mod
def generate_custom_usage(usage_text,usage_dict):
# generate custom usage from given text and dictonary
sorted_keys = []
@ -654776,7 +655437,7 @@ index dd63010..7f32b40 100644
sorted_keys.append(i)
sorted_keys.sort()
for k in sorted_keys:
@@ -170,18 +180,18 @@ def handle_opts(args,dict,target_key):
@@ -170,18 +184,18 @@ def handle_opts(args,dict,target_key):
# {action:[conflict_opts,require_opts]}
# first we need to catch conflicts
@ -654799,7 +655460,7 @@ index dd63010..7f32b40 100644
sys.exit(2)
except KeyError:
continue
@@ -207,7 +217,7 @@ def handleLogin(args):
@@ -207,7 +221,7 @@ def handleLogin(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654808,7 +655469,7 @@ index dd63010..7f32b40 100644
def parser_add_store(parser, name):
parser.add_argument('-S', '--store', action=SetStore, help=_("Select an alternate SELinux Policy Store to manage"))
@@ -292,7 +302,7 @@ def handleFcontext(args):
@@ -292,7 +306,7 @@ def handleFcontext(args):
fcontext_equal_args = {'equal':[('list','locallist','type','ftype','seuser','deleteall','extract'),()]}
if args.action is None:
@ -654817,7 +655478,7 @@ index dd63010..7f32b40 100644
sys.exit(2)
elif args.action and args.equal:
handle_opts(args, fcontext_equal_args, "equal")
@@ -323,7 +333,7 @@ def handleFcontext(args):
@@ -323,7 +337,7 @@ def handleFcontext(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654826,7 +655487,7 @@ index dd63010..7f32b40 100644
def setupFcontextParser(subparsers):
ftype_help = '''
@@ -381,7 +391,7 @@ def handleUser(args):
@@ -381,7 +395,7 @@ def handleUser(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654835,7 +655496,7 @@ index dd63010..7f32b40 100644
def setupUserParser(subparsers):
generated_usage = generate_custom_usage(usage_user, usage_user_dict)
@@ -430,7 +440,7 @@ def handlePort(args):
@@ -430,7 +444,7 @@ def handlePort(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654844,7 +655505,7 @@ index dd63010..7f32b40 100644
def setupPortParser(subparsers):
generated_usage = generate_custom_usage(usage_port, usage_port_dict)
@@ -473,7 +483,7 @@ def handleInterface(args):
@@ -473,7 +487,7 @@ def handleInterface(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654853,7 +655514,7 @@ index dd63010..7f32b40 100644
def setupInterfaceParser(subparsers):
generated_usage = generate_custom_usage(usage_interface, usage_interface_dict)
@@ -512,7 +522,7 @@ def handleModule(args):
@@ -512,7 +526,7 @@ def handleModule(args):
OBJECT.list(args.noheading, args.locallist)
if args.action is "extract":
for i in OBJECT.customized():
@ -654862,7 +655523,7 @@ index dd63010..7f32b40 100644
def setupModuleParser(subparsers):
moduleParser = subparsers.add_parser('module', help=_('Manage SELinux policy modules'))
@@ -552,7 +562,7 @@ def handleNode(args):
@@ -552,7 +566,7 @@ def handleNode(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654871,7 +655532,7 @@ index dd63010..7f32b40 100644
def setupNodeParser(subparsers):
generated_usage = generate_custom_usage(usage_node, usage_node_dict)
@@ -580,14 +590,14 @@ def setupNodeParser(subparsers):
@@ -580,14 +594,14 @@ def setupNodeParser(subparsers):
def handleBoolean(args):
boolean_args = {'list':[('state','boolean'),('')],'modify':[('localist'),('')], 'extract':[('locallist','state','boolean'),('')],'deleteall':[('locallist'),('')],'state':[('locallist','list','extract','deleteall'),('modify')]}
if args.action is None:
@ -654889,7 +655550,7 @@ index dd63010..7f32b40 100644
sys.exit(1)
else:
handle_opts(args,boolean_args,args.action)
@@ -604,7 +614,7 @@ def handleBoolean(args):
@@ -604,7 +618,7 @@ def handleBoolean(args):
OBJECT.deleteall()
if args.action is "extract":
for i in OBJECT.customized():
@ -654898,21 +655559,21 @@ index dd63010..7f32b40 100644
def setupBooleanParser(subparsers):
generated_usage = generate_custom_usage(usage_boolean, usage_boolean_dict)
@@ -670,11 +680,11 @@ def setupDontauditParser(subparsers):
@@ -670,11 +684,11 @@ def setupDontauditParser(subparsers):
def handleExport(args):
manageditems=[ "boolean", "login", "interface", "user", "port", "node", "fcontext", "module"]
for i in manageditems:
- print "%s -D" % i
+ print("%s -D" % i)
+ print("%s -D" % i)
for i in manageditems:
OBJECT = object_dict[i]()
for c in OBJECT.customized():
- print "%s %s" % (i, str(c))
+ print("%s %s" % (i, str(c)))
+ print("%s %s" % (i, str(c)))
sys.exit(0)
@@ -743,10 +753,10 @@ def handleImport(args):
@@ -743,10 +757,10 @@ def handleImport(args):
commandParser = createCommandParser()
args = commandParser.parse_args(mkargv(l))
args.func(args)
@ -654925,7 +655586,7 @@ index dd63010..7f32b40 100644
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
except KeyboardInterrupt:
@@ -764,11 +774,11 @@ def setupImportParser(subparsers):
@@ -764,11 +778,11 @@ def setupImportParser(subparsers):
def createCommandParser():
commandParser = seParser(prog='semanage',
@ -654942,7 +655603,7 @@ index dd63010..7f32b40 100644
#To add a new subcommand define the parser for it in a function above and call it here.
subparsers = commandParser.add_subparsers(dest='subcommand')
setupImportParser(subparsers)
@@ -788,7 +798,7 @@ def createCommandParser():
@@ -788,7 +802,7 @@ def createCommandParser():
def make_io_args(args):
# import/export backward compability
@ -654951,7 +655612,7 @@ index dd63010..7f32b40 100644
args_file = []
args_ie = []
args_subcommand = []
@@ -808,6 +818,8 @@ def make_io_args(args):
@@ -808,6 +822,8 @@ def make_io_args(args):
return args_subcommand+args_ie+args_file
def make_args(sys_args):
@ -654960,7 +655621,7 @@ index dd63010..7f32b40 100644
args = []
if "-o" in sys_args[1:] or "-i" in sys_args[1:]:
args=make_io_args(sys_args[1:])
@@ -822,21 +834,21 @@ def do_parser():
@@ -822,21 +838,21 @@ def do_parser():
args = commandParser.parse_args(make_args(sys.argv))
args.func(args)
sys.exit(0)
@ -657309,7 +657970,7 @@ index 0000000..7735c59
+ packages=["seobject"],
+)
diff --git a/policycoreutils-2.4/semanage/test-semanage.py b/policycoreutils-2.4/semanage/test-semanage.py
index d39013e..e847ca7 100644
index d39013e..e7bd92c 100644
--- a/policycoreutils-2.4/semanage/test-semanage.py
+++ b/policycoreutils-2.4/semanage/test-semanage.py
@@ -9,18 +9,18 @@ object_list = [ 'login', 'user', 'port', 'module', 'interface', 'node', 'fcontex
@ -657335,6 +657996,19 @@ index d39013e..e847ca7 100644
def test_extract(self):
for object in object_list:
@@ -273,10 +273,10 @@ if __name__ == "__main__":
args = parser.parse_args()
args.func(args)
sys.exit(0)
- except ValueError,e:
+ except ValueError as e:
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
- except IOError,e:
+ except IOError as e:
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
except KeyboardInterrupt:
diff --git a/policycoreutils-2.4/sepolicy/common.h b/policycoreutils-2.4/sepolicy/common.h
index dc3ce6a..3b93845 100644
--- a/policycoreutils-2.4/sepolicy/common.h

2
policycoreutils.spec
View File

@ -18,7 +18,7 @@ Source2: policycoreutils_man_ru2.tar.bz2
Source3: system-config-selinux.png
Source4: sepolicy-icons.tgz
# use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/
# HEAD https://github.com/fedora-selinux/selinux/commit/8d62f8e52428267d48bc9058fcdb203e155c9621
# HEAD https://github.com/fedora-selinux/selinux/commit/5f7664af80fa232f5c470a9c9bca13d40c950c32
Patch: policycoreutils-rhat.patch
Patch1: sepolgen-rhat.patch
Obsoletes: policycoreutils < 2.0.61-2

11
sepolgen-rhat.patch
View File

@ -1,3 +1,14 @@
diff --git a/sepolgen-1.2.2/ChangeLog b/sepolgen-1.2.2/ChangeLog
index a304ab7..bec96bb 100644
--- a/sepolgen-1.2.2/ChangeLog
+++ b/sepolgen-1.2.2/ChangeLog
@@ -1,3 +1,6 @@
+ * Add support for python3, from Robert Kuska.
+ * Add device tree ocontext nodes to Xen policy, from Daniel De Graaf.
+
1.2.2 2015-02-02
* Fix bugs found by hardened gcc flags, from Nicolas Iooss.
* Remove unnecessary grammar in interface call param list to fix poor
diff --git a/sepolgen-1.2.2/src/sepolgen/access.py b/sepolgen-1.2.2/src/sepolgen/access.py
index cf13210..60ff4e9 100644
--- a/sepolgen-1.2.2/src/sepolgen/access.py