rpms/policycoreutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-3

Browse Source 
- Lots of updates to gui
This commit is contained in:
Daniel J Walsh 2007-10-16 23:47:15 +00:00
parent 8700841752
commit 2f136a328b
2 changed files with 340 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

410
policycoreutils-gui.patch
View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.29/gui/booleansPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.31/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/booleansPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/booleansPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,254 @@ @@ -0,0 +1,254 @@
+# +#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -256,9 +256,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.load(self.filter) + self.load(self.filter)
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.29/gui/fcontextPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.31/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/fcontextPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/fcontextPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,209 @@ @@ -0,0 +1,209 @@
+## fcontextPage.py - show selinux mappings +## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -469,9 +469,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, SPEC_COL, fspec) + self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype) + self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls)) + self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.29/gui/loginsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.31/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/loginsPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/loginsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,179 @@ @@ -0,0 +1,179 @@
+## loginsPage.py - show selinux mappings +## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -652,9 +652,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange)) + self.store.set_value(iter, 2, seobject.translate(serange))
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.29/gui/Makefile diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.31/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/Makefile 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/Makefile 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,34 @@ @@ -0,0 +1,34 @@
+# Installation directories. +# Installation directories.
+PREFIX ?= ${DESTDIR}/usr +PREFIX ?= ${DESTDIR}/usr
@ -690,9 +690,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+indent: +indent:
+ +
+relabel: +relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.29/gui/mappingsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.31/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/mappingsPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/mappingsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,56 @@ @@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings +## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -750,9 +750,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+ for k in keys: + for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.29/gui/modulesPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.31/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/modulesPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/modulesPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,181 @@ @@ -0,0 +1,181 @@
+## modulesPage.py - show selinux mappings +## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -935,9 +935,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+ +
+ +
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.29/gui/polgen.glade diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.31/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/polgen.glade 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/polgen.glade 2007-10-16 19:23:01.000000000 -0400
@@ -0,0 +1,2583 @@ @@ -0,0 +1,2583 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1146,7 +1146,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+ <child> + <child>
+ <widget class="GtkRadioButton" id="init_radiobutton"> + <widget class="GtkRadioButton" id="init_radiobutton">
+ <property name="visible">True</property> + <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/init.d</property> + <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/rc.d/init.d</property>
+ <property name="can_focus">True</property> + <property name="can_focus">True</property>
+ <property name="label" translatable="yes">Standard Init Daemon</property> + <property name="label" translatable="yes">Standard Init Daemon</property>
+ <property name="use_underline">True</property> + <property name="use_underline">True</property>
@ -2856,7 +2856,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+ </child> + </child>
+ +
+ <child> + <child>
+ <widget class="GtkCheckButton" id="sendmail_checkbutton"> + <widget class="GtkCheckButton" id="mail_checkbutton">
+ <property name="visible">True</property> + <property name="visible">True</property>
+ <property name="can_focus">True</property> + <property name="can_focus">True</property>
+ <property name="label" translatable="yes">Sends email</property> + <property name="label" translatable="yes">Sends email</property>
@ -3366,7 +3366,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+ <property name="title" translatable="yes">Generated Policy Files</property> + <property name="title" translatable="yes">Generated Policy Files</property>
+ <property name="text" translatable="yes">This tool will generate the following: + <property name="text" translatable="yes">This tool will generate the following:
+Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh) +Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh)
+Execute shell script to compile/install and relabel files/directories. +Execute shell script as root to compile/install and relabel files/directories.
+Use semanage or useradd to map Linux login users to user roles. +Use semanage or useradd to map Linux login users to user roles.
+Put the machine in permissive mode (setenforce 0). +Put the machine in permissive mode (setenforce 0).
+Login as the user and test this user role. +Login as the user and test this user role.
@ -3522,10 +3522,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.29/gui/polgengui.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.31/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/polgengui.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/polgengui.py 2007-10-16 19:43:06.000000000 -0400
@@ -0,0 +1,496 @@ @@ -0,0 +1,551 @@
+#!/usr/bin/python +#!/usr/bin/python
+# +#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux +# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
@ -3585,6 +3585,32 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+sys.path.append('/usr/share/system-config-selinux') +sys.path.append('/usr/share/system-config-selinux')
+sys.path.append('.') +sys.path.append('.')
+ +
+def get_all_types():
+ try:
+ all_types = []
+ rc, output=commands.getstatusoutput("seinfo --type")
+ if rc == 0:
+ l = output.split()
+ for i in l:
+ all_types.append(i.split("_t")[0])
+ except:
+ pass
+
+ return all_types
+
+def get_all_modules():
+ try:
+ all_modules = []
+ rc, output=commands.getstatusoutput("semodule -l")
+ if rc == 0:
+ l = output.split("\n")
+ for i in l:
+ all_modules.append(i.split()[0])
+ except:
+ pass
+
+ return all_modules
+
+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html +# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
+def foreach(model, path, iter, selected): +def foreach(model, path, iter, selected):
+ selected.append(model.get_value(iter, 0)) + selected.append(model.get_value(iter, 0))
@ -3618,6 +3644,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ +
+ def __init__(self): + def __init__(self):
+ self.xml = xml + self.xml = xml
+ self.all_types=get_all_types()
+ self.all_modules=get_all_modules()
+ self.name=""
+ xml.signal_connect("on_delete_clicked", self.delete) + xml.signal_connect("on_delete_clicked", self.delete)
+ xml.signal_connect("on_exec_select_clicked", self.exec_select) + xml.signal_connect("on_exec_select_clicked", self.exec_select)
+ xml.signal_connect("on_init_script_select_clicked", self.init_script_select) + xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
@ -3837,6 +3866,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1) + my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1) + my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1) + my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
+
+ my_policy.set_use_dbus(self.dbus_checkbutton.get_active() == 1)
+ my_policy.set_use_audit(self.audit_checkbutton.get_active() == 1)
+ my_policy.set_use_terminal(self.terminal_checkbutton.get_active() == 1)
+ my_policy.set_use_mail(self.mail_checkbutton.get_active() == 1)
+ if self.get_type() is polgen.DAEMON: + if self.get_type() is polgen.DAEMON:
+ my_policy.set_init_script(self.init_script_entry.get_text()) + my_policy.set_init_script(self.init_script_entry.get_text())
+ if self.get_type() == polgen.USER: + if self.get_type() == polgen.USER:
@ -3889,7 +3923,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ def exec_select(self, args): + def exec_select(self, args):
+ self.file_dialog.set_select_multiple(0) + self.file_dialog.set_select_multiple(0)
+ self.file_dialog.set_title(_("Select executable file to be confined.")) + self.file_dialog.set_title(_("Select executable file to be confined."))
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE) + self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
+ self.file_dialog.set_current_folder("/usr/sbin") + self.file_dialog.set_current_folder("/usr/sbin")
+ rc = self.file_dialog.run() + rc = self.file_dialog.run()
+ self.file_dialog.hide() + self.file_dialog.hide()
@ -3900,8 +3934,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ def init_script_select(self, args): + def init_script_select(self, args):
+ self.file_dialog.set_select_multiple(0) + self.file_dialog.set_select_multiple(0)
+ self.file_dialog.set_title(_("Select init script file to be confined.")) + self.file_dialog.set_title(_("Select init script file to be confined."))
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE) + self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
+ self.file_dialog.set_current_folder("/etc/init.d") + self.file_dialog.set_current_folder("/etc/rc.d/init.d")
+ rc = self.file_dialog.run() + rc = self.file_dialog.run()
+ self.file_dialog.hide() + self.file_dialog.hide()
+ if rc == gtk.RESPONSE_CANCEL: + if rc == gtk.RESPONSE_CANCEL:
@ -3910,14 +3944,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ +
+ def add(self, args): + def add(self, args):
+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes")) + self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
+ self.file_dialog.set_select_multiple(1) + self.file_dialog.set_current_folder("/")
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN) + self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
+ self.file_dialog.set_select_multiple(1)
+ self.__add(FILE) + self.__add(FILE)
+ +
+ def add_dir(self, args): + def add_dir(self, args):
+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into")) + self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
+ self.file_dialog.set_select_multiple(0) + self.file_dialog.set_current_folder("/")
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER) + self.file_dialog.set_select_multiple(1)
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
+ self.__add(DIR) + self.__add(DIR)
+ +
+ def on_about_clicked(self, args): + def on_about_clicked(self, args):
@ -3934,6 +3970,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ self.druid = self.xml.get_widget("druid") + self.druid = self.xml.get_widget("druid")
+ self.type = 0 + self.type = 0
+ self.name_entry = self.xml.get_widget("name_entry") + self.name_entry = self.xml.get_widget("name_entry")
+ self.name_entry.connect("focus_out_event",self.on_name_entry_changed)
+ self.exec_entry = self.xml.get_widget("exec_entry") + self.exec_entry = self.xml.get_widget("exec_entry")
+ self.exec_button = self.xml.get_widget("exec_button") + self.exec_button = self.xml.get_widget("exec_button")
+ self.init_script_entry = self.xml.get_widget("init_script_entry") + self.init_script_entry = self.xml.get_widget("init_script_entry")
@ -3953,6 +3990,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton") + self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton") + self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton") + self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
+ self.dbus_checkbutton = self.xml.get_widget("dbus_checkbutton")
+ self.audit_checkbutton = self.xml.get_widget("audit_checkbutton")
+ self.terminal_checkbutton = self.xml.get_widget("terminal_checkbutton")
+ self.mail_checkbutton = self.xml.get_widget("mail_checkbutton")
+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton") + self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
+ self.view = self.xml.get_widget("write_treeview") + self.view = self.xml.get_widget("write_treeview")
+ self.file_dialog = self.xml.get_widget("filechooserdialog") + self.file_dialog = self.xml.get_widget("filechooserdialog")
@ -3974,6 +4015,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ return + return
+ self.output_entry.set_text(self.file_dialog.get_filename()) + self.output_entry.set_text(self.file_dialog.get_filename())
+ +
+ def on_name_entry_changed(self, entry, third):
+ name = entry.get_text()
+ if self.name != name:
+ if name in self.all_types:
+ if self.verify(_("Type %s_t already defined in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
+ entry.set_text("")
+ return False
+ if name in self.all_modules:
+ if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
+ entry.set_text("")
+ return False
+ self.name = name
+ return False
+
+ def on_in_net_page_next(self, *args): + def on_in_net_page_next(self, *args):
+ try: + try:
+ polgen.verify_ports(self.in_tcp_entry.get_text()) + polgen.verify_ports(self.in_tcp_entry.get_text())
@ -4022,10 +4077,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ +
+ app = childWindow() + app = childWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.29/gui/polgen.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.31/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/polgen.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/polgen.py 2007-10-16 19:23:12.000000000 -0400
@@ -0,0 +1,808 @@ @@ -0,0 +1,818 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
+# +#
@ -4050,6 +4105,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+import os, sys, stat +import os, sys, stat
+import re +import re
+from templates import executable +from templates import executable
+from templates import etc_rw
+from templates import var_spool +from templates import var_spool
+from templates import var_lib +from templates import var_lib
+from templates import var_log +from templates import var_log
@ -4157,6 +4213,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.DEFAULT_DIRS = {} + self.DEFAULT_DIRS = {}
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw]; + self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
+ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp]; + self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
+ self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool]; + self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib]; + self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log]; + self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
@ -4477,6 +4534,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ newte += re.sub("APPLICATION", app, tmp) + newte += re.sub("APPLICATION", app, tmp)
+ return newte + return newte
+ +
+ def generate_dbus_if(self):
+ newif =""
+ if self.use_dbus:
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_dbus_rules)
+ return newif
+
+ def generate_admin_if(self): + def generate_admin_if(self):
+ newif = "" + newif = ""
+ if self.initscript != "": + if self.initscript != "":
@ -4587,6 +4650,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules) + newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
+ break + break
+ newif += self.generate_user_if() + newif += self.generate_user_if()
+ newif += self.generate_dbus_if()
+ newif += self.generate_admin_if() + newif += self.generate_admin_if()
+ newif += self.generate_terminal_if() + newif += self.generate_terminal_if()
+ +
@ -4683,7 +4747,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ +
+ def generate_sh(self): + def generate_sh(self):
+ newsh = re.sub("TEMPLATETYPE", self.name, script.compile) + newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
+ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
+ if self.program != "": + if self.program != "":
+ newsh += re.sub("FILENAME", self.program, script.restorecon) + newsh += re.sub("FILENAME", self.program, script.restorecon)
+ if self.initscript != "": + if self.initscript != "":
@ -4721,6 +4784,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ fd = open(shfile, "w") + fd = open(shfile, "w")
+ fd.write(self.generate_sh()) + fd.write(self.generate_sh())
+ fd.close() + fd.close()
+ os.chmod(shfile, 0750)
+ return shfile + return shfile
+ +
+ def write_if(self, out_dir): + def write_if(self, out_dir):
@ -4782,6 +4846,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy = policy("myrwho", DAEMON) + mypolicy = policy("myrwho", DAEMON)
+ mypolicy.set_program("/usr/sbin/myrwhod") + mypolicy.set_program("/usr/sbin/myrwhod")
+ mypolicy.set_init_script("/etc/init.d/myrwhod") + mypolicy.set_init_script("/etc/init.d/myrwhod")
+ mypolicy.add_dir("/etc/nasd")
+ mypolicy.set_in_tcp(1, 0, 0, "513") + mypolicy.set_in_tcp(1, 0, 0, "513")
+ mypolicy.set_use_uid(True) + mypolicy.set_use_uid(True)
+ mypolicy.set_use_tmp(True) + mypolicy.set_use_tmp(True)
@ -4834,9 +4899,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.exit(0) + sys.exit(0)
+ +
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.29/gui/portsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.31/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/portsPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/portsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,251 @@ @@ -0,0 +1,251 @@
+## portsPage.py - show selinux mappings +## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -5089,9 +5154,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ +
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.29/gui/selinux.tbl diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.31/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/selinux.tbl 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/selinux.tbl 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,295 @@ @@ -0,0 +1,295 @@
+! allow_console_login _("Login") _("Allow direct login to the console device. Required for System 390") +! allow_console_login _("Login") _("Allow direct login to the console device. Required for System 390")
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
@ -5388,9 +5453,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories") +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories") +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.29/gui/semanagePage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.31/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/semanagePage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/semanagePage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,147 @@ @@ -0,0 +1,147 @@
+## semanagePage.py - show selinux mappings +## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -5539,9 +5604,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.load(self.filter) + self.load(self.filter)
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.29/gui/statusPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.31/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/statusPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/statusPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,219 @@ @@ -0,0 +1,219 @@
+## statusPage.py - show selinux status +## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -5762,9 +5827,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ return self.types[self.selinuxTypeOptionMenu.get_active()] + return self.types[self.selinuxTypeOptionMenu.get_active()]
+ +
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.29/gui/system-config-selinux.glade diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.31/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/system-config-selinux.glade 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/system-config-selinux.glade 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,3339 @@ @@ -0,0 +1,3339 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -9105,9 +9170,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.29/gui/system-config-selinux.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.31/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/system-config-selinux.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/system-config-selinux.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,175 @@ @@ -0,0 +1,175 @@
+#!/usr/bin/python +#!/usr/bin/python
+# +#
@ -9284,10 +9349,143 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ +
+ app = childWindow() + app = childWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.29/gui/templates/executable.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.31/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.31/gui/templates/etc_rw.py 2007-10-16 19:23:37.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+########################### etc_rw Template File #############################
+
+########################### Type Enforcement File #############################
+te_types="""
+type TEMPLATETYPE_etc_rw_t;
+files_type(TEMPLATETYPE_etc_rw_t)
+"""
+te_rules="""
+allow TEMPLATETYPE_t TEMPLATETYPE_etc_rw_t:file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_etc_rw_t:dir manage_dir_perms;
+files_etc_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_etc_rw_t, { file dir })
+"""
+
+########################### Interface File #############################
+if_rules="""
+########################################
+## <summary>
+## Search TEMPLATETYPE conf directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_search_conf',`
+ gen_require(`
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ allow $1 TEMPLATETYPE_etc_rw_t:dir search_dir_perms;
+ files_search_etc($1)
+')
+
+########################################
+## <summary>
+## Read TEMPLATETYPE conf files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_read_conf_files',`
+ gen_require(`
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ allow $1 TEMPLATETYPE_etc_rw_t:file r_file_perms;
+ allow $1 TEMPLATETYPE_etc_rw_t:dir list_dir_perms;
+ files_search_etc($1)
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete
+## TEMPLATETYPE conf files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_manage_conf_files',`
+ gen_require(`
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ manage_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
+ files_search_etc($1)
+')
+
+########################################
+## <summary>
+## Manage TEMPLATETYPE etc_rw files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_manage_conf',`
+ gen_require(`
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ manage_dir_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
+ manage_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
+ manage_lnk_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
+')
+
+"""
+
+if_admin_rules="""
+ TEMPLATETYPE_manage_conf($2)
+"""
+
+########################### File Context ##################################
+fc_file="""\
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
+
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.31/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/executable.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/executable.py 2007-10-16 19:24:01.000000000 -0400
@@ -0,0 +1,342 @@ @@ -0,0 +1,365 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
+# +#
@ -9575,6 +9773,29 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+') +')
+""" +"""
+ +
+if_dbus_rules="""
+########################################
+## <summary>
+## Send and receive messages from
+## TEMPLATETYPE over dbus.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_dbus_chat',`
+ gen_require(`
+ type TEMPLATETYPE_t;
+ class dbus send_msg;
+ ')
+
+ allow $1 TEMPLATETYPE_t:dbus send_msg;
+ allow TEMPLATETYPE_t $1:dbus send_msg;
+')
+"""
+
+if_begin_admin=""" +if_begin_admin="""
+######################################## +########################################
+## <summary> +## <summary>
@ -9630,9 +9851,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0) +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.29/gui/templates/__init__.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.31/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/__init__.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/__init__.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,18 @@ @@ -0,0 +1,18 @@
+# +#
+# Copyright (C) 2007 Red Hat, Inc. +# Copyright (C) 2007 Red Hat, Inc.
@ -9652,9 +9873,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+# +#
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.29/gui/templates/network.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.31/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/network.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/network.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,80 @@ @@ -0,0 +1,80 @@
+te_port_types=""" +te_port_types="""
+type TEMPLATETYPE_port_t; +type TEMPLATETYPE_port_t;
@ -9736,9 +9957,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.29/gui/templates/rw.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.31/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/rw.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/rw.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,128 @@ @@ -0,0 +1,128 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -9868,10 +10089,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+fc_dir=""" +fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.29/gui/templates/script.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.31/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/script.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/script.py 2007-10-16 19:24:22.000000000 -0400
@@ -0,0 +1,50 @@ @@ -0,0 +1,91 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
+# +#
@ -9895,15 +10116,56 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+# +#
+ +
+########################### tmp Template File ############################# +########################### tmp Template File #############################
+compile=""" +compile="""\
+#!/bin/sh +#!/bin/sh
+
+DIRNAME=`dirname $0`
+cd $DIRNAME
+USAGE="$0 [ --update ]"
+if [ `id -u` != 0 ]; then
+echo 'You must be root to run this script'
+exit 1
+fi
+
+if [ ! -f /usr/share/selinux/devel/Makefile ]; then +if [ ! -f /usr/share/selinux/devel/Makefile ]; then
+echo 'selinux-policy-devel not installed, package required for building policy' +echo 'selinux-policy-devel not installed, package required for building policy'
+echo '# yum install selinux-policy-devel' +echo '# yum install selinux-policy-devel'
+exit 1 +exit 1
+fi +fi
+
+if [ $# -eq 1 ]; then
+ if [ "$1" = "--update" ] ; then
+ time=`ls -l --time-style="+%x %X" TEMPLATETYPE.te | awk '{ printf "%s %s", $6, $7 }'`
+ rules=`ausearch --start $time -m avc --raw | grep TEMPLATETYPE`
+ if [ x"$rules" != "x" ] ; then
+ echo "Found avc's to update policy with"
+ echo -e "$rules" | audit2allow -R
+ echo "Do you want these changes added to policy [y/n]?"
+ read ANS
+ if [ "$ANS" = "y" -o "$ANS" = "Y" ] ; then
+ echo "Updating policy"
+ echo -e "$rules" | audit2allow -R >> TEMPLATETYPE.te
+ # Fall though and rebuild policy
+ else
+ exit 0
+ fi
+ else
+ echo "No new avcs found"
+ exit 0
+ fi
+ else
+ echo -e $USAGE
+ exit 1
+ fi
+elif [ $# -ge 2 ] ; then
+ echo -e $USAGE
+ exit 1
+fi
+
+echo "Building and Loading Policy"
+set -x
+make -f /usr/share/selinux/devel/Makefile +make -f /usr/share/selinux/devel/Makefile
+/usr/sbin/semodule -i PACKAGEFILENAME.pp +/usr/sbin/semodule -i TEMPLATETYPE.pp
+ +
+""" +"""
+ +
@ -9922,9 +10184,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+users="""\ +users="""\
+/usr/sbin/semanage user -a -P TEMPLATETYPE -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u +/usr/sbin/semanage user -a -P TEMPLATETYPE -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.29/gui/templates/semodule.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.31/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/semodule.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/semodule.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -9967,9 +10229,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.29/gui/templates/tmp.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.31/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/tmp.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/tmp.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,97 @@ @@ -0,0 +1,97 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10068,9 +10330,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+ TEMPLATETYPE_manage_tmp($2) + TEMPLATETYPE_manage_tmp($2)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.29/gui/templates/user.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.31/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/user.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/user.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,137 @@ @@ -0,0 +1,137 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10209,9 +10471,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+te_newrole_rules=""" +te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t }) +seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.29/gui/templates/var_lib.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.31/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/var_lib.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/var_lib.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,162 @@ @@ -0,0 +1,162 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10375,9 +10637,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.29/gui/templates/var_log.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.31/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/var_log.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/var_log.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,112 @@ @@ -0,0 +1,112 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10491,9 +10753,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.29/gui/templates/var_run.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.31/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/var_run.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/var_run.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,119 @@ @@ -0,0 +1,119 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10614,9 +10876,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.29/gui/templates/var_spool.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.31/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/templates/var_spool.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/templates/var_spool.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,131 @@ @@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -10749,9 +11011,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.29/gui/translationsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.31/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/translationsPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/translationsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,118 @@ @@ -0,0 +1,118 @@
+## translationsPage.py - show selinux translations +## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -10871,9 +11133,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py
+ store, iter = self.view.get_selection().get_selected() + store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level) + self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation) + self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.29/gui/usersPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.31/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.29/gui/usersPage.py 2007-10-15 14:07:20.000000000 -0400 +++ policycoreutils-2.0.31/gui/usersPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,172 @@ @@ -0,0 +1,172 @@
+## usersPage.py - show selinux mappings +## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.

5
policycoreutils.spec
View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.31 Version: 2.0.31
Release: 2%{?dist} Release: 3%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -205,6 +205,9 @@ if [ "$1" -ge "1" ]; then
fi fi
%changelog %changelog
* Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-3
- Lots of updates to gui
* Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-1 * Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-1
- Remove no.po - Remove no.po
- Update to upstream - Update to upstream