rpms/policycoreutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Add Miroslav patch to

Browse Source 
-    Fix previously_modified_initialize() to show modified changes properly for all selections
This commit is contained in:
Dan Walsh 2014-01-16 12:12:35 -05:00
parent b371ba3420
commit 16f2333d36
2 changed files with 136 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

181
policycoreutils-rhat.patch
View File

@ -661123,7 +661123,7 @@ index dc3ce6a..3b93845 100644
- -
- -
diff --git a/policycoreutils/sepolicy/info.c b/policycoreutils/sepolicy/info.c diff --git a/policycoreutils/sepolicy/info.c b/policycoreutils/sepolicy/info.c
index cd1026a..ac44dfe 100644 index cd1026a..52fd680 100644
--- a/policycoreutils/sepolicy/info.c --- a/policycoreutils/sepolicy/info.c
+++ b/policycoreutils/sepolicy/info.c +++ b/policycoreutils/sepolicy/info.c
@@ -1,12 +1,14 @@ @@ -1,12 +1,14 @@
@ -661160,7 +661160,7 @@ index cd1026a..ac44dfe 100644
if (!obj) return -1; if (!obj) return -1;
rt = PyDict_SetItemString(dict, name, obj); rt = PyDict_SetItemString(dict, name, obj);
Py_DECREF(obj); Py_DECREF(obj);
@@ -78,9 +80,287 @@ static int py_insert_bool(PyObject *dict, const char *name, int value) @@ -78,9 +80,285 @@ static int py_insert_bool(PyObject *dict, const char *name, int value)
} }
/** /**
@ -661180,7 +661180,6 @@ index cd1026a..ac44dfe 100644
+{ +{
+ PyObject *dict = NULL; + PyObject *dict = NULL;
+ int error = 0; + int error = 0;
+ int rt = 0;
+ size_t i; + size_t i;
+ char *tmp = NULL; + char *tmp = NULL;
+ const char *lvl_name = NULL; + const char *lvl_name = NULL;
@ -661212,7 +661211,6 @@ index cd1026a..ac44dfe 100644
+ if (py_insert_string(dict, lvl_name, tmp)) + if (py_insert_string(dict, lvl_name, tmp))
+ goto err; + goto err;
+ free(tmp); tmp = NULL; + free(tmp); tmp = NULL;
+ if (rt) goto err;
+ } + }
+ +
+ if (name && !apol_vector_get_size(v)) { + if (name && !apol_vector_get_size(v)) {
@ -661449,7 +661447,7 @@ index cd1026a..ac44dfe 100644
* @param type_datum Reference to sepol type_datum * @param type_datum Reference to sepol type_datum
* @param policydb Reference to a policy * @param policydb Reference to a policy
* attributes * attributes
@@ -130,7 +410,7 @@ cleanup: @@ -130,7 +408,7 @@ cleanup:
} }
/** /**
@ -661458,7 +661456,7 @@ index cd1026a..ac44dfe 100644
* all of that attribute's types. * all of that attribute's types.
* *
* @param type_datum Reference to sepol type_datum * @param type_datum Reference to sepol type_datum
@@ -146,7 +426,7 @@ static PyObject* get_attr(const qpol_type_t * type_datum, const apol_policy_t * @@ -146,7 +424,7 @@ static PyObject* get_attr(const qpol_type_t * type_datum, const apol_policy_t *
unsigned char isattr; unsigned char isattr;
int error = 0; int error = 0;
int rt = 0; int rt = 0;
@ -661467,7 +661465,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (qpol_type_get_name(q, type_datum, &attr_name)) if (qpol_type_get_name(q, type_datum, &attr_name))
@@ -164,7 +444,7 @@ static PyObject* get_attr(const qpol_type_t * type_datum, const apol_policy_t * @@ -164,7 +442,7 @@ static PyObject* get_attr(const qpol_type_t * type_datum, const apol_policy_t *
goto err; goto err;
list = PyList_New(0); list = PyList_New(0);
if (!list) goto err; if (!list) goto err;
@ -661476,7 +661474,7 @@ index cd1026a..ac44dfe 100644
for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) { for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
if (qpol_iterator_get_item(iter, (void **)&attr_datum)) if (qpol_iterator_get_item(iter, (void **)&attr_datum))
goto err; goto err;
@@ -315,7 +595,7 @@ cleanup: @@ -315,7 +593,7 @@ cleanup:
return list; return list;
} }
@ -661485,7 +661483,7 @@ index cd1026a..ac44dfe 100644
PyObject *obj; PyObject *obj;
qpol_policy_t *q = apol_policy_get_qpol(policydb); qpol_policy_t *q = apol_policy_get_qpol(policydb);
@@ -323,7 +603,7 @@ static PyObject* get_type( const qpol_type_t * type_datum, const apol_policy_t * @@ -323,7 +601,7 @@ static PyObject* get_type( const qpol_type_t * type_datum, const apol_policy_t *
int error = 0; int error = 0;
int rt; int rt;
unsigned char isalias, ispermissive, isattr; unsigned char isalias, ispermissive, isattr;
@ -661494,7 +661492,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (qpol_type_get_name(q, type_datum, &type_name)) if (qpol_type_get_name(q, type_datum, &type_name))
@@ -360,7 +640,7 @@ err: @@ -360,7 +638,7 @@ err:
py_decref(dict); dict = NULL; py_decref(dict); dict = NULL;
cleanup: cleanup:
@ -661503,7 +661501,7 @@ index cd1026a..ac44dfe 100644
return dict; return dict;
} }
@@ -370,11 +650,8 @@ cleanup: @@ -370,11 +648,8 @@ cleanup:
* get statistics about a particular boolean; otherwise * get statistics about a particular boolean; otherwise
* the function gets statistics about all of the policy's booleans. * the function gets statistics about all of the policy's booleans.
* *
@ -661515,7 +661513,7 @@ index cd1026a..ac44dfe 100644
* @param policydb Reference to a policy * @param policydb Reference to a policy
* *
* @return new reference, or NULL (setting an exception) * @return new reference, or NULL (setting an exception)
@@ -399,7 +676,7 @@ static PyObject* get_booleans(const char *name, const apol_policy_t * policydb) @@ -399,7 +674,7 @@ static PyObject* get_booleans(const char *name, const apol_policy_t * policydb)
if (qpol_bool_get_state(q, bool_datum, &state)) if (qpol_bool_get_state(q, bool_datum, &state))
goto err; goto err;
@ -661524,7 +661522,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (py_insert_string(dict, "name", name)) if (py_insert_string(dict, "name", name))
goto err; goto err;
@@ -421,7 +698,7 @@ static PyObject* get_booleans(const char *name, const apol_policy_t * policydb) @@ -421,7 +696,7 @@ static PyObject* get_booleans(const char *name, const apol_policy_t * policydb)
if (qpol_bool_get_state(q, bool_datum, &state)) if (qpol_bool_get_state(q, bool_datum, &state))
goto err; goto err;
@ -661533,7 +661531,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (py_insert_string(dict, "name", bool_name)) if (py_insert_string(dict, "name", bool_name))
goto err; goto err;
@@ -443,7 +720,7 @@ err: @@ -443,7 +718,7 @@ err:
cleanup: cleanup:
qpol_iterator_destroy(&iter); qpol_iterator_destroy(&iter);
@ -661542,7 +661540,7 @@ index cd1026a..ac44dfe 100644
return list; return list;
} }
@@ -475,7 +752,7 @@ static PyObject* get_user(const qpol_user_t * user_datum, const apol_policy_t * @@ -475,7 +750,7 @@ static PyObject* get_user(const qpol_user_t * user_datum, const apol_policy_t *
if (qpol_user_get_name(q, user_datum, &user_name)) if (qpol_user_get_name(q, user_datum, &user_name))
goto err; goto err;
@ -661551,7 +661549,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (py_insert_string(dict, "name", user_name)) if (py_insert_string(dict, "name", user_name))
@@ -500,7 +777,7 @@ static PyObject* get_user(const qpol_user_t * user_datum, const apol_policy_t * @@ -500,7 +775,7 @@ static PyObject* get_user(const qpol_user_t * user_datum, const apol_policy_t *
goto err; goto err;
free(tmp); tmp=NULL; free(tmp); tmp=NULL;
} }
@ -661560,7 +661558,7 @@ index cd1026a..ac44dfe 100644
if (qpol_user_get_role_iter(q, user_datum, &iter)) if (qpol_user_get_role_iter(q, user_datum, &iter))
goto err; goto err;
for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) { for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
@@ -536,11 +813,8 @@ cleanup: @@ -536,11 +811,8 @@ cleanup:
* Prints a textual representation of an object class and possibly * Prints a textual representation of an object class and possibly
* all of that object class' permissions. * all of that object class' permissions.
* *
@ -661572,7 +661570,7 @@ index cd1026a..ac44dfe 100644
*/ */
static PyObject* get_class(const qpol_class_t * class_datum, const apol_policy_t * policydb) static PyObject* get_class(const qpol_class_t * class_datum, const apol_policy_t * policydb)
{ {
@@ -728,7 +1002,7 @@ cleanup: @@ -728,7 +1000,7 @@ cleanup:
} }
/** /**
@ -661581,7 +661579,7 @@ index cd1026a..ac44dfe 100644
* all of that role's types. * all of that role's types.
* *
* @param type_datum Reference to sepol type_datum * @param type_datum Reference to sepol type_datum
@@ -774,7 +1048,7 @@ static PyObject* get_role(const qpol_role_t * role_datum, const apol_policy_t * @@ -774,7 +1046,7 @@ static PyObject* get_role(const qpol_role_t * role_datum, const apol_policy_t *
if (rt) goto err; if (rt) goto err;
} }
qpol_iterator_destroy(&iter); qpol_iterator_destroy(&iter);
@ -661590,7 +661588,7 @@ index cd1026a..ac44dfe 100644
if (qpol_role_get_type_iter(q, role_datum, &iter)) if (qpol_role_get_type_iter(q, role_datum, &iter))
goto err; goto err;
if (qpol_iterator_get_size(iter, &n_types)) if (qpol_iterator_get_size(iter, &n_types))
@@ -857,7 +1131,7 @@ static PyObject* get_ports(const char *num, const apol_policy_t * policydb) @@ -857,7 +1129,7 @@ static PyObject* get_ports(const char *num, const apol_policy_t * policydb)
} }
if ((ocon_proto != IPPROTO_TCP) && if ((ocon_proto != IPPROTO_TCP) &&
@ -661599,7 +661597,7 @@ index cd1026a..ac44dfe 100644
goto err; goto err;
if (qpol_portcon_get_context(q, portcon, &ctxt)) { if (qpol_portcon_get_context(q, portcon, &ctxt)) {
@@ -873,13 +1147,13 @@ static PyObject* get_ports(const char *num, const apol_policy_t * policydb) @@ -873,13 +1145,13 @@ static PyObject* get_ports(const char *num, const apol_policy_t * policydb)
if ((c = apol_context_create_from_qpol_context(policydb, ctxt)) == NULL) { if ((c = apol_context_create_from_qpol_context(policydb, ctxt)) == NULL) {
goto err; goto err;
} }
@ -661616,7 +661614,7 @@ index cd1026a..ac44dfe 100644
if (!dict) goto err; if (!dict) goto err;
if (py_insert_string(dict, "type", type)) if (py_insert_string(dict, "type", type))
goto err; goto err;
@@ -952,7 +1226,7 @@ static PyObject* get_roles(const char *name, const apol_policy_t * policydb) @@ -952,7 +1224,7 @@ static PyObject* get_roles(const char *name, const apol_policy_t * policydb)
} }
obj = get_role(role_datum, policydb); obj = get_role(role_datum, policydb);
rt = py_append_obj(list, obj); rt = py_append_obj(list, obj);
@ -661625,7 +661623,7 @@ index cd1026a..ac44dfe 100644
if (rt) goto err; if (rt) goto err;
} else { } else {
if (qpol_policy_get_role_iter(q, &iter)) if (qpol_policy_get_role_iter(q, &iter))
@@ -963,7 +1237,7 @@ static PyObject* get_roles(const char *name, const apol_policy_t * policydb) @@ -963,7 +1235,7 @@ static PyObject* get_roles(const char *name, const apol_policy_t * policydb)
goto err; goto err;
obj = get_role(role_datum, policydb); obj = get_role(role_datum, policydb);
rt = py_append_obj(list, obj); rt = py_append_obj(list, obj);
@ -661634,7 +661632,7 @@ index cd1026a..ac44dfe 100644
if (rt) goto err; if (rt) goto err;
} }
qpol_iterator_destroy(&iter); qpol_iterator_destroy(&iter);
@@ -1011,7 +1285,7 @@ static PyObject* get_types(const char *name, const apol_policy_t * policydb) @@ -1011,7 +1283,7 @@ static PyObject* get_types(const char *name, const apol_policy_t * policydb)
} }
obj = get_type(type_datum, policydb); obj = get_type(type_datum, policydb);
rt = py_append_obj(list, obj); rt = py_append_obj(list, obj);
@ -661643,7 +661641,7 @@ index cd1026a..ac44dfe 100644
if (rt) goto err; if (rt) goto err;
} else { } else {
if (qpol_policy_get_type_iter(q, &iter)) if (qpol_policy_get_type_iter(q, &iter))
@@ -1022,7 +1296,7 @@ static PyObject* get_types(const char *name, const apol_policy_t * policydb) @@ -1022,7 +1294,7 @@ static PyObject* get_types(const char *name, const apol_policy_t * policydb)
goto err; goto err;
obj = get_type(type_datum, policydb); obj = get_type(type_datum, policydb);
rt = py_append_obj(list, obj); rt = py_append_obj(list, obj);
@ -661652,7 +661650,7 @@ index cd1026a..ac44dfe 100644
if (rt) goto err; if (rt) goto err;
} }
} }
@@ -1066,6 +1340,12 @@ PyObject* info( int type, const char *name) @@ -1066,6 +1338,12 @@ PyObject* info( int type, const char *name)
case PORT: case PORT:
output = get_ports(name, policy); output = get_ports(name, policy);
break; break;
@ -661665,7 +661663,7 @@ index cd1026a..ac44dfe 100644
default: default:
errno = EINVAL; errno = EINVAL;
PyErr_SetString(PyExc_RuntimeError,strerror(errno)); PyErr_SetString(PyExc_RuntimeError,strerror(errno));
@@ -1078,14 +1358,14 @@ PyObject* info( int type, const char *name) @@ -1078,14 +1356,14 @@ PyObject* info( int type, const char *name)
PyObject *wrap_info(PyObject *UNUSED(self), PyObject *args){ PyObject *wrap_info(PyObject *UNUSED(self), PyObject *args){
int type; int type;
const char *name; const char *name;
@ -661682,7 +661680,7 @@ index cd1026a..ac44dfe 100644
return info(type, name); return info(type, name);
} }
@@ -1098,4 +1378,6 @@ void init_info (PyObject *m) { @@ -1098,4 +1376,6 @@ void init_info (PyObject *m) {
PyModule_AddIntConstant(m, "USER", USER); PyModule_AddIntConstant(m, "USER", USER);
PyModule_AddIntConstant(m, "CLASS", CLASS); PyModule_AddIntConstant(m, "CLASS", CLASS);
PyModule_AddIntConstant(m, "BOOLEAN", BOOLEAN); PyModule_AddIntConstant(m, "BOOLEAN", BOOLEAN);
@ -663963,7 +663961,7 @@ index 6b53035..32ea970 100644
out += "%s # %s\n" % (self.write_te(out_dir), _("Type Enforcement file")) out += "%s # %s\n" % (self.write_te(out_dir), _("Type Enforcement file"))
out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file")) out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
diff --git a/policycoreutils/sepolicy/sepolicy/gui.py b/policycoreutils/sepolicy/sepolicy/gui.py diff --git a/policycoreutils/sepolicy/sepolicy/gui.py b/policycoreutils/sepolicy/sepolicy/gui.py
index 94ddb72..e17262e 100644 index 94ddb72..e663e20 100644
--- a/policycoreutils/sepolicy/sepolicy/gui.py --- a/policycoreutils/sepolicy/sepolicy/gui.py
+++ b/policycoreutils/sepolicy/sepolicy/gui.py +++ b/policycoreutils/sepolicy/sepolicy/gui.py
@@ -47,12 +47,15 @@ gettext.bindtextdomain(PROGNAME, "/usr/share/locale") @@ -47,12 +47,15 @@ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
@ -664238,7 +664236,24 @@ index 94ddb72..e17262e 100644
if app == items[0]: if app == items[0]:
return True return True
return False return False
@@ -1114,7 +1110,7 @@ class SELinuxGui(): @@ -1102,19 +1098,20 @@ class SELinuxGui():
if rec[0] == "module":
self.cust_dict["module"][rec[-1]] = { "enabled": rec[2] != "-d" }
- if "module" not in self.cust_dict:
+ for i in keys:
+ if i not in self.cust_dict:
+ self.cust_dict.update({i:{}})
+
+ if not self.cust_dict["module"]:
return
for semodule, button in [ ("unconfined", self.disable_unconfined_button), ("permissivedomains", self.disable_permissive_button) ]:
if semodule in self.cust_dict["module"]:
button.set_active(self.cust_dict["module"][semodule]["enabled"])
- for i in keys:
- if i not in self.cust_dict:
- self.cust_dict.update({i:{}})
def executable_files_initialize(self, application): def executable_files_initialize(self, application):
self.entrypoints = sepolicy.get_entrypoints(application) self.entrypoints = sepolicy.get_entrypoints(application)
@ -664247,7 +664262,7 @@ index 94ddb72..e17262e 100644
if len(self.entrypoints[exe]) == 0: if len(self.entrypoints[exe]) == 0:
continue continue
file_class = self.entrypoints[exe][1] file_class = self.entrypoints[exe][1]
@@ -1151,7 +1147,7 @@ class SELinuxGui(): @@ -1151,7 +1148,7 @@ class SELinuxGui():
def writable_files_initialize(self, application): def writable_files_initialize(self, application):
# Traversing the dictionary data struct # Traversing the dictionary data struct
self.writable_files = sepolicy.get_writable_files(application) self.writable_files = sepolicy.get_writable_files(application)
@ -664256,7 +664271,7 @@ index 94ddb72..e17262e 100644
if len(self.writable_files[write]) < 2: if len(self.writable_files[write]) < 2:
self.files_initial_data_insert(self.writable_files_liststore, None, write, _("all files")) self.files_initial_data_insert(self.writable_files_liststore, None, write, _("all files"))
continue continue
@@ -1194,7 +1190,7 @@ class SELinuxGui(): @@ -1194,7 +1191,7 @@ class SELinuxGui():
def application_files_initialize(self, application): def application_files_initialize(self, application):
self.file_types = sepolicy.get_file_types(application) self.file_types = sepolicy.get_file_types(application)
@ -664265,7 +664280,7 @@ index 94ddb72..e17262e 100644
if len(self.file_types[app]) == 0: if len(self.file_types[app]) == 0:
continue continue
file_class = self.file_types[app][1] file_class = self.file_types[app][1]
@@ -1367,8 +1363,8 @@ class SELinuxGui(): @@ -1367,8 +1364,8 @@ class SELinuxGui():
self.treeview = self.network_in_treeview self.treeview = self.network_in_treeview
category = _("listen for inbound connections") category = _("listen for inbound connections")
@ -664276,7 +664291,7 @@ index 94ddb72..e17262e 100644
self.modify_button.set_tooltip_text(_("Modify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.") % {"APP": self.application, "PERM": category}) self.modify_button.set_tooltip_text(_("Modify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.") % {"APP": self.application, "PERM": category})
if self.transitions_radio_button.get_active(): if self.transitions_radio_button.get_active():
@@ -1439,7 +1435,7 @@ class SELinuxGui(): @@ -1439,7 +1436,7 @@ class SELinuxGui():
sort_column, _ = model.get_sort_column_id() sort_column, _ = model.get_sort_column_id()
val1 = self.unmarkup(model.get_value(row1, sort_column)) val1 = self.unmarkup(model.get_value(row1, sort_column))
val2 = self.unmarkup(model.get_value(row2, sort_column)) val2 = self.unmarkup(model.get_value(row2, sort_column))
@ -664285,7 +664300,7 @@ index 94ddb72..e17262e 100644
def display_more_detail(self, windows, path): def display_more_detail(self, windows, path):
it = self.boolean_filter.get_iter(path) it = self.boolean_filter.get_iter(path)
@@ -1625,7 +1621,7 @@ class SELinuxGui(): @@ -1625,7 +1622,7 @@ class SELinuxGui():
self.files_type_combolist.clear() self.files_type_combolist.clear()
self.files_class_combolist.clear() self.files_class_combolist.clear()
compare = self.strip_domain(self.application) compare = self.strip_domain(self.application)
@ -664294,7 +664309,7 @@ index 94ddb72..e17262e 100644
if d[0].startswith(compare) and d[0] != self.application and not d[0].startswith("httpd_sys"): if d[0].startswith(compare) and d[0] != self.application and not d[0].startswith("httpd_sys"):
exclude_list.append(self.strip_domain(d[0])) exclude_list.append(self.strip_domain(d[0]))
@@ -1636,7 +1632,7 @@ class SELinuxGui(): @@ -1636,7 +1633,7 @@ class SELinuxGui():
self.files_class_combolist.set_value(iter, 0, sepolicy.file_type_str[files]) self.files_class_combolist.set_value(iter, 0, sepolicy.file_type_str[files])
if ipage == EXE_PAGE and self.entrypoints != None: if ipage == EXE_PAGE and self.entrypoints != None:
@ -664303,7 +664318,7 @@ index 94ddb72..e17262e 100644
if exe.startswith(compare): if exe.startswith(compare):
iter = self.files_type_combolist.append() iter = self.files_type_combolist.append()
self.files_type_combolist.set_value(iter, 0, exe) self.files_type_combolist.set_value(iter, 0, exe)
@@ -1646,7 +1642,7 @@ class SELinuxGui(): @@ -1646,7 +1643,7 @@ class SELinuxGui():
self.files_class_combobox.set_sensitive(False) self.files_class_combobox.set_sensitive(False)
elif ipage == WRITABLE_PAGE and self.writable_files != None: elif ipage == WRITABLE_PAGE and self.writable_files != None:
@ -664312,7 +664327,7 @@ index 94ddb72..e17262e 100644
if write.startswith(compare) and not self.exclude_type(write, exclude_list) and write in self.file_types: if write.startswith(compare) and not self.exclude_type(write, exclude_list) and write in self.file_types:
iter = self.files_type_combolist.append() iter = self.files_type_combolist.append()
self.files_type_combolist.set_value(iter, 0, write) self.files_type_combolist.set_value(iter, 0, write)
@@ -1663,7 +1659,7 @@ class SELinuxGui(): @@ -1663,7 +1660,7 @@ class SELinuxGui():
self.more_types_files_liststore.set_value(iter, 0, app) self.more_types_files_liststore.set_value(iter, 0, app)
self.files_class_combobox.set_active(0) self.files_class_combobox.set_active(0)
except AttributeError: except AttributeError:
@ -664321,7 +664336,7 @@ index 94ddb72..e17262e 100644
pass pass
self.files_type_combobox.set_active(0) self.files_type_combobox.set_active(0)
self.files_mls_entry.set_text("s0") self.files_mls_entry.set_text("s0")
@@ -1704,13 +1700,13 @@ class SELinuxGui(): @@ -1704,13 +1701,13 @@ class SELinuxGui():
try: try:
if ipage == OUTBOUND_PAGE: if ipage == OUTBOUND_PAGE:
@ -664339,7 +664354,7 @@ index 94ddb72..e17262e 100644
for t,ports in netd[k]: for t,ports in netd[k]:
if t not in port_types + ["port_t", "unreserved_port_t"]: if t not in port_types + ["port_t", "unreserved_port_t"]:
if t.endswith("_type"): if t.endswith("_type"):
@@ -1805,7 +1801,7 @@ class SELinuxGui(): @@ -1805,7 +1802,7 @@ class SELinuxGui():
self.wait_mouse() self.wait_mouse()
try: try:
self.dbus.semanage(update_buffer) self.dbus.semanage(update_buffer)
@ -664348,7 +664363,7 @@ index 94ddb72..e17262e 100644
self.error(e) self.error(e)
self.ready_mouse() self.ready_mouse()
@@ -1883,7 +1879,7 @@ class SELinuxGui(): @@ -1883,7 +1880,7 @@ class SELinuxGui():
tree.set_value(iter, 2, fclass) tree.set_value(iter, 2, fclass)
def restore_to_default(self, *args): def restore_to_default(self, *args):
@ -664357,7 +664372,7 @@ index 94ddb72..e17262e 100644
def invalid_entry_retry(self, *args): def invalid_entry_retry(self, *args):
self.closewindow(self.error_check_window) self.closewindow(self.error_check_window)
@@ -2136,7 +2132,7 @@ class SELinuxGui(): @@ -2136,7 +2133,7 @@ class SELinuxGui():
def on_save_delete_file_equiv_clicked(self, *args): def on_save_delete_file_equiv_clicked(self, *args):
for delete in self.files_delete_liststore: for delete in self.files_delete_liststore:
@ -664366,7 +664381,7 @@ index 94ddb72..e17262e 100644
def on_toggle_update(self, cell, path, model): def on_toggle_update(self, cell, path, model):
model[path][0] = not model[path][0] model[path][0] = not model[path][0]
@@ -2178,7 +2174,6 @@ class SELinuxGui(): @@ -2178,7 +2175,6 @@ class SELinuxGui():
self.update = True self.update = True
self.update_treestore.clear() self.update_treestore.clear()
for bools in self.cur_dict["boolean"]: for bools in self.cur_dict["boolean"]:
@ -664374,18 +664389,30 @@ index 94ddb72..e17262e 100644
iter = self.update_treestore.append(None) iter = self.update_treestore.append(None)
self.update_treestore.set_value(iter, 0, True) self.update_treestore.set_value(iter, 0, True)
self.update_treestore.set_value(iter, 1, sepolicy.boolean_desc(bools)) self.update_treestore.set_value(iter, 1, sepolicy.boolean_desc(bools))
@@ -2444,8 +2439,8 @@ class SELinuxGui(): @@ -2409,8 +2405,11 @@ class SELinuxGui():
cur = selinux.getfilecon(path)[1].split(":")[2]
con = selinux.matchpathcon(path,0)[1].split(":")[2]
if self.verify(_("Run restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?") % {"PATH":path, "CUR_CONTEXT": cur, "DEF_CONTEXT": con}, title="restorecon dialog") == Gtk.ResponseType.YES:
+ try:
self.dbus.restorecon(path)
self.application_selected()
+ except dbus.exceptions.DBusException as e:
+ self.error(e)
def new_updates(self, *args):
self.update_button.set_sensitive(self.modified())
@@ -2444,8 +2443,8 @@ class SELinuxGui():
self.wait_mouse() self.wait_mouse()
try: try:
self.dbus.semanage(update_buffer) self.dbus.semanage(update_buffer)
- except dbus.exceptions.DBusException, e: - except dbus.exceptions.DBusException, e:
- print e - print e
+ except dbus.exceptions.DBusException as e: + except dbus.exceptions.DBusException as e:
+ print(e) + self.error(e)
self.ready_mouse() self.ready_mouse()
self.init_cur() self.init_cur()
@@ -2539,34 +2534,7 @@ class SELinuxGui(): @@ -2539,34 +2538,7 @@ class SELinuxGui():
self.network_mls_label.set_visible(advanced) self.network_mls_label.set_visible(advanced)
self.network_mls_entry.set_visible(advanced) self.network_mls_entry.set_visible(advanced)
@ -664421,7 +664448,7 @@ index 94ddb72..e17262e 100644
if label.get_text() == ADVANCED_SEARCH_LABEL[1]: if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
label.set_text(ADVANCED_SEARCH_LABEL[0]) label.set_text(ADVANCED_SEARCH_LABEL[0])
self.close_popup() self.close_popup()
@@ -2574,25 +2542,6 @@ class SELinuxGui(): @@ -2574,25 +2546,6 @@ class SELinuxGui():
label.set_text(ADVANCED_SEARCH_LABEL[1]) label.set_text(ADVANCED_SEARCH_LABEL[1])
self.show_popup(self.advanced_search_window) self.show_popup(self.advanced_search_window)
@ -664447,17 +664474,51 @@ index 94ddb72..e17262e 100644
def set_enforce_text(self, value): def set_enforce_text(self, value):
if value: if value:
self.status_bar.push(self.context_id, _("System Status: Enforcing")) self.status_bar.push(self.context_id, _("System Status: Enforcing"))
@@ -2601,6 +2550,9 @@ class SELinuxGui(): @@ -2601,8 +2554,14 @@ class SELinuxGui():
self.current_status_permissive.set_active(True) self.current_status_permissive.set_active(True)
def set_enforce(self, button): def set_enforce(self, button):
- self.dbus.setenforce(button.get_active())
- self.set_enforce_text(button.get_active())
+ if not self.finish_init: + if not self.finish_init:
+ return + return
+ +
self.dbus.setenforce(button.get_active()) + try:
self.set_enforce_text(button.get_active()) + self.dbus.setenforce(button.get_active())
+ self.set_enforce_text(button.get_active())
+ except dbus.exceptions.DBusException as e:
+ self.error(e)
@@ -2728,7 +2680,7 @@ class SELinuxGui(): def on_browse_select(self, *args):
filename = self.file_dialog.get_filename()
@@ -2662,16 +2621,22 @@ class SELinuxGui():
self.system_policy_type_combobox.set_active(self.typeHistory)
return None
- self.dbus.change_default_policy(self.combo_get_active_text(self.system_policy_type_combobox))
- self.dbus.relabel_on_boot(True)
- self.typeHistory = self.system_policy_type_combobox.get_active()
+ try:
+ self.dbus.change_default_policy(self.combo_get_active_text(self.system_policy_type_combobox))
+ self.dbus.relabel_on_boot(True)
+ self.typeHistory = self.system_policy_type_combobox.get_active()
+ except dbus.exceptions.DBusException as e:
+ self.error(e)
def change_default_mode(self, button):
if not self.finish_init:
return
self.enabled_changed(button)
if button.get_active():
- self.dbus.change_default_mode(button.get_label().lower())
+ try:
+ self.dbus.change_default_mode(button.get_label().lower())
+ except dbus.exceptions.DBusException as e:
+ self.error(e)
def import_config_show(self, *args):
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
@@ -2728,7 +2693,7 @@ class SELinuxGui():
return return
try: try:
self.dbus.relabel_on_boot(active) self.dbus.relabel_on_boot(active)
@ -664466,6 +664527,24 @@ index 94ddb72..e17262e 100644
self.error(e) self.error(e)
def closewindow(self, window, *args): def closewindow(self, window, *args):
@@ -2814,10 +2779,13 @@ class SELinuxGui():
if not self.finish_init:
return
self.wait_mouse()
- if self.enable_permissive_button.get_active():
- self.dbus.semanage("module -e permissivedomains")
- else:
- self.dbus.semanage("module -d permissivedomains")
+ try:
+ if self.enable_permissive_button.get_active():
+ self.dbus.semanage("module -e permissivedomains")
+ else:
+ self.dbus.semanage("module -d permissivedomains")
+ except dbus.exceptions.DBusException as e:
+ self.error(e)
self.ready_mouse()
def confirmation_close(self, button, *args):
diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
index bbabb3b..63cff9b 100644 index bbabb3b..63cff9b 100644
--- a/policycoreutils/sepolicy/sepolicy/interface.py --- a/policycoreutils/sepolicy/sepolicy/interface.py

8
policycoreutils.spec
View File

@ -7,7 +7,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.2.5 Version: 2.2.5
Release: 2%{?dist} Release: 3%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# Based on git repository with tag 20101221 # Based on git repository with tag 20101221
@ -383,8 +383,12 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service %systemd_postun_with_restart restorecond.service
%changelog %changelog
* Thu Jan 16 2014 Dan Walsh <dwalsh@redhat.com> - 2.2.5-3
- Add Miroslav patch to
- Fix previously_modified_initialize() to show modified changes properly for all selections
* Wed Jan 8 2014 Dan Walsh <dwalsh@redhat.com> - 2.2.5-2 * Wed Jan 8 2014 Dan Walsh <dwalsh@redhat.com> - 2.2.5-2
- Don't require /usr/share/selinux/devel/Makefile to build permissive domains - Do not require /usr/share/selinux/devel/Makefile to build permissive domains
* Mon Jan 6 2014 Dan Walsh <dwalsh@redhat.com> - 2.2.5-1 * Mon Jan 6 2014 Dan Walsh <dwalsh@redhat.com> - 2.2.5-1
- Update to upstream - Update to upstream