diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index a045d38..20fa956 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -335150,15 +335150,16 @@ index 63b11dd..28a9022 100644 .TP .I \-P, \-\-prefix diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py -index ad7dc8c..f2b8721 100644 +index ad7dc8c..05b8128 100644 --- a/policycoreutils/semanage/seobject.py +++ b/policycoreutils/semanage/seobject.py -@@ -24,17 +24,18 @@ +@@ -24,17 +24,19 @@ import pwd, grp, string, selinux, tempfile, os, re, sys, stat from semanage import *; PROGNAME = "policycoreutils" +import sepolicy -+from sepolicy import boolean_desc, boolean_category ++from sepolicy import boolean_desc, boolean_category, gen_bool_dict ++gen_bool_dict() import sepolgen.module as module from IPy import IP @@ -335177,7 +335178,7 @@ index ad7dc8c..f2b8721 100644 import syslog -@@ -123,39 +124,6 @@ class nulllogger: +@@ -123,39 +125,6 @@ class nulllogger: def commit(self,success): pass @@ -335217,7 +335218,7 @@ index ad7dc8c..f2b8721 100644 def validate_level(raw): sensitivity = "s[0-9]*" category = "c[0-9]*" -@@ -384,13 +352,7 @@ class permissiveRecords(semanageRecords): +@@ -384,13 +353,7 @@ class permissiveRecords(semanageRecords): return l def list(self, heading = 1, locallist = 0): @@ -335232,7 +335233,7 @@ index ad7dc8c..f2b8721 100644 if len(all) == 0: return -@@ -493,7 +455,9 @@ class loginRecords(semanageRecords): +@@ -493,7 +456,9 @@ class loginRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if login mapping for %s is defined") % name) if exists: @@ -335243,7 +335244,68 @@ index ad7dc8c..f2b8721 100644 if name[0] == '%': try: grp.getgrnam(name[1:]) -@@ -738,7 +702,8 @@ class seluserRecords(semanageRecords): +@@ -654,6 +619,21 @@ class loginRecords(semanageRecords): + self.mylog.commit(0) + raise error + ++ def get_all_logins(self): ++ ddict = {} ++ self.logins_path = selinux.selinux_policy_root() + "/logins" ++ for path,dirs,files in os.walk(self.logins_path): ++ if path == self.logins_path: ++ for name in files: ++ try: ++ fd = open(path + "/" + name) ++ rec = fd.read().rstrip().split(":") ++ fd.close() ++ ddict[name] = (rec[1], rec[2], rec[0]) ++ except IndexError: ++ pass ++ return ddict ++ + def get_all(self, locallist = 0): + ddict = {} + if locallist: +@@ -665,7 +645,7 @@ class loginRecords(semanageRecords): + + for u in self.ulist: + name = semanage_seuser_get_name(u) +- ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u)) ++ ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u), "*") + return ddict + + def customized(self): +@@ -679,16 +659,26 @@ class loginRecords(semanageRecords): + + def list(self,heading = 1, locallist = 0): + ddict = self.get_all(locallist) ++ ldict = self.get_all_logins() ++ lkeys = ldict.keys() + keys = ddict.keys() +- if len(keys) == 0: ++ if len(keys) == 0 and len(lkeys) == 0: + return + keys.sort() ++ lkeys.sort() + + if is_mls_enabled == 1: + if heading: +- print "\n%-25s %-25s %-25s\n" % (_("Login Name"), _("SELinux User"), _("MLS/MCS Range")) ++ print "\n%-20s %-20s %-20s %s\n" % (_("Login Name"), _("SELinux User"), _("MLS/MCS Range"), _("Service")) + for k in keys: +- print "%-25s %-25s %-25s" % (k, ddict[k][0], translate(ddict[k][1])) ++ u = ddict[k] ++ print "%-20s %-20s %-20s %s" % (k, u[0], translate(u[1]), u[2]) ++ if len(lkeys): ++ print "\nLocal customization in %s" % self.logins_path ++ ++ for k in lkeys: ++ u = ldict[k] ++ print "%-20s %-20s %-20s %s" % (k, u[0], translate(u[1]), u[2]) + else: + if heading: + print "\n%-25s %-25s\n" % (_("Login Name"), _("SELinux User")) +@@ -738,7 +728,8 @@ class seluserRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if SELinux user %s is defined") % name) if exists: @@ -335253,7 +335315,7 @@ index ad7dc8c..f2b8721 100644 (rc, u) = semanage_user_create(self.sh) if rc < 0: -@@ -958,6 +923,8 @@ class seluserRecords(semanageRecords): +@@ -958,6 +949,8 @@ class seluserRecords(semanageRecords): print "%-15s %s" % (k, ddict[k][3]) class portRecords(semanageRecords): @@ -335262,7 +335324,7 @@ index ad7dc8c..f2b8721 100644 def __init__(self, store = ""): semanageRecords.__init__(self, store) -@@ -997,6 +964,9 @@ class portRecords(semanageRecords): +@@ -997,6 +990,9 @@ class portRecords(semanageRecords): if type == "": raise ValueError(_("Type is required")) @@ -335272,7 +335334,7 @@ index ad7dc8c..f2b8721 100644 ( k, proto_d, low, high ) = self.__genkey(port, proto) (rc, exists) = semanage_port_exists(self.sh, k) -@@ -1056,6 +1026,9 @@ class portRecords(semanageRecords): +@@ -1056,6 +1052,9 @@ class portRecords(semanageRecords): else: raise ValueError(_("Requires setype")) @@ -335282,7 +335344,7 @@ index ad7dc8c..f2b8721 100644 ( k, proto_d, low, high ) = self.__genkey(port, proto) (rc, exists) = semanage_port_exists(self.sh, k) -@@ -1213,6 +1186,8 @@ class portRecords(semanageRecords): +@@ -1213,6 +1212,8 @@ class portRecords(semanageRecords): print rec class nodeRecords(semanageRecords): @@ -335291,7 +335353,7 @@ index ad7dc8c..f2b8721 100644 def __init__(self, store = ""): semanageRecords.__init__(self,store) self.protocol = ["ipv4", "ipv6"] -@@ -1252,7 +1227,10 @@ class nodeRecords(semanageRecords): +@@ -1252,7 +1253,10 @@ class nodeRecords(semanageRecords): serange = untranslate(serange) if ctype == "": @@ -335303,7 +335365,7 @@ index ad7dc8c..f2b8721 100644 (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) if rc < 0: -@@ -1262,7 +1240,8 @@ class nodeRecords(semanageRecords): +@@ -1262,7 +1266,8 @@ class nodeRecords(semanageRecords): (rc, exists) = semanage_node_exists(self.sh, k) if exists: @@ -335313,7 +335375,7 @@ index ad7dc8c..f2b8721 100644 (rc, node) = semanage_node_create(self.sh) if rc < 0: -@@ -1318,6 +1297,9 @@ class nodeRecords(semanageRecords): +@@ -1318,6 +1323,9 @@ class nodeRecords(semanageRecords): if serange == "" and setype == "": raise ValueError(_("Requires setype or serange")) @@ -335323,7 +335385,7 @@ index ad7dc8c..f2b8721 100644 (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) if rc < 0: raise ValueError(_("Could not create key for %s") % addr) -@@ -1460,7 +1442,8 @@ class interfaceRecords(semanageRecords): +@@ -1460,7 +1468,8 @@ class interfaceRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if interface %s is defined") % interface) if exists: @@ -335333,7 +335395,7 @@ index ad7dc8c..f2b8721 100644 (rc, iface) = semanage_iface_create(self.sh) if rc < 0: -@@ -1625,6 +1608,9 @@ class interfaceRecords(semanageRecords): +@@ -1625,6 +1634,9 @@ class interfaceRecords(semanageRecords): print "%-30s %s:%s:%s " % (k,ddict[k][0], ddict[k][1],ddict[k][2]) class fcontextRecords(semanageRecords): @@ -335343,7 +335405,7 @@ index ad7dc8c..f2b8721 100644 def __init__(self, store = ""): semanageRecords.__init__(self, store) self.equiv = {} -@@ -1739,6 +1725,9 @@ class fcontextRecords(semanageRecords): +@@ -1739,6 +1751,9 @@ class fcontextRecords(semanageRecords): if type == "": raise ValueError(_("SELinux Type is required")) @@ -335353,7 +335415,7 @@ index ad7dc8c..f2b8721 100644 (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) if rc < 0: raise ValueError(_("Could not create key for %s") % target) -@@ -1753,7 +1742,8 @@ class fcontextRecords(semanageRecords): +@@ -1753,7 +1768,8 @@ class fcontextRecords(semanageRecords): raise ValueError(_("Could not check if file context for %s is defined") % target) if exists: @@ -335363,7 +335425,7 @@ index ad7dc8c..f2b8721 100644 (rc, fcontext) = semanage_fcontext_create(self.sh) if rc < 0: -@@ -1794,6 +1784,9 @@ class fcontextRecords(semanageRecords): +@@ -1794,6 +1810,9 @@ class fcontextRecords(semanageRecords): def __modify(self, target, setype, ftype, serange, seuser): if serange == "" and setype == "" and seuser == "": raise ValueError(_("Requires setype, serange or seuser")) @@ -335373,7 +335435,7 @@ index ad7dc8c..f2b8721 100644 self.validate(target) (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) -@@ -1999,6 +1992,8 @@ class booleanRecords(semanageRecords): +@@ -1999,6 +2018,8 @@ class booleanRecords(semanageRecords): self.modify_local = False def __mod(self, name, value): @@ -335382,7 +335444,7 @@ index ad7dc8c..f2b8721 100644 (rc, k) = semanage_bool_key_create(self.sh, name) if rc < 0: raise ValueError(_("Could not create a key for %s") % name) -@@ -2028,8 +2023,6 @@ class booleanRecords(semanageRecords): +@@ -2028,8 +2049,6 @@ class booleanRecords(semanageRecords): semanage_bool_free(b) def modify(self, name, value = None, use_file = False): @@ -335391,7 +335453,7 @@ index ad7dc8c..f2b8721 100644 self.begin() if use_file: fd = open(name) -@@ -2120,10 +2113,7 @@ class booleanRecords(semanageRecords): +@@ -2120,10 +2139,7 @@ class booleanRecords(semanageRecords): def get_category(self, name): name = selinux.selinux_boolean_sub(name) diff --git a/policycoreutils.spec b/policycoreutils.spec index b1d02cc..0c91219 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.1.13 -Release: 32%{?dist} +Release: 33%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -338,6 +338,9 @@ The policycoreutils-restorecond package contains the restorecond service. %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %changelog +* Tue Nov 13 2012 Dan Walsh - 2.1.12-33 +- Fix semanage login -l to list contents of /etc/selinux/POLICY/logins directory + * Tue Nov 13 2012 Dan Walsh - 2.1.12-32 - Fix booleansPage not showing booleans - Fix audit2allow -b