rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

policycoreutils-2.7-7.fc28

Browse Source 
- semanage: bring semanageRecords.set_reload back to seobject.py
(#1527745)
This commit is contained in:
Petr Lautrbach 2017-12-20 10:31:18 +01:00
parent c33737fa2a
commit 3cd3d543c6
2 changed files with 35 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
policycoreutils.spec
View File

@ -9,7 +9,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.7
Release: 6%{?dist}
Release: 7%{?dist}
License: GPLv2
Group: System Environment/Base
# https://github.com/SELinuxProject/selinux/wiki/Releases
@ -31,7 +31,7 @@ Source18: selinux-autorelabel.target
Source19: selinux-autorelabel-generator.sh
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
# run:
# HEAD https://github.com/fedora-selinux/selinux/commit/7d95e8cfa8df699ba53651de06dd0b2b9e428903
# HEAD https://github.com/fedora-selinux/selinux/commit/3dd7e297f42b8c05964591b008915e2514c6cb2d
# $ for i in policycoreutils selinux-python selinux-gui selinux-sandbox selinux-dbus semodule-utils restorecond; do
# ./make-fedora-selinux-patch.sh $i
# done
@ -501,6 +501,9 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service
%changelog
* Wed Dec 20 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-7
- semanage: bring semanageRecords.set_reload back to seobject.py (#1527745)
* Wed Dec 13 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-6
- semanage: make seobject.py backward compatible
- Own %%{pythonX_sitelib}/site-packages/sepolicy directories (#1522942)

59
selinux-python-fedora.patch
View File

@ -282,14 +282,15 @@ index 0bdb90f..0cdcfcc 100644
user identities to authorized role sets. In most cases, only the
former mapping needs to be adjusted by the administrator; the latter
diff --git selinux-python-2.7/semanage/seobject.py selinux-python-2.7/semanage/seobject.py
index 70fd192..99e1cd8 100644
index 70fd192..dca9506 100644
--- selinux-python-2.7/semanage/seobject.py
+++ selinux-python-2.7/semanage/seobject.py
@@ -238,21 +238,28 @@ class semanageRecords:
@@ -238,20 +238,31 @@ class semanageRecords:
transaction = False
handle = None
store = None
+ args = None
+ noreload = False
- def __init__(self, store):
+ def __init__(self, args = None):
@ -315,13 +316,13 @@ index 70fd192..99e1cd8 100644
else:
self.mylog = nulllogger()
- def set_reload(self, load):
def set_reload(self, load):
- self.load = load
-
+ self.noreload = not load
def get_handle(self, store):
global is_mls_enabled
@@ -312,7 +319,8 @@ class semanageRecords:
@@ -312,7 +323,8 @@ class semanageRecords:
if semanageRecords.transaction:
return
@ -331,7 +332,7 @@ index 70fd192..99e1cd8 100644
rc = semanage_commit(self.sh)
if rc < 0:
self.mylog.commit(0)
@@ -328,8 +336,8 @@ class semanageRecords:
@@ -328,8 +340,8 @@ class semanageRecords:
class moduleRecords(semanageRecords):
@ -342,7 +343,7 @@ index 70fd192..99e1cd8 100644
def get_all(self):
l = []
@@ -386,6 +394,8 @@ class moduleRecords(semanageRecords):
@@ -386,6 +398,8 @@ class moduleRecords(semanageRecords):
print("%-25s %-9s %-5s %s" % (t[0], t[2], t[3], disabled))
def add(self, file, priority):
@ -351,7 +352,7 @@ index 70fd192..99e1cd8 100644
if not os.path.exists(file):
raise ValueError(_("Module does not exist: %s ") % file)
@@ -398,6 +408,8 @@ class moduleRecords(semanageRecords):
@@ -398,6 +412,8 @@ class moduleRecords(semanageRecords):
self.commit()
def set_enabled(self, module, enable):
@ -360,7 +361,7 @@ index 70fd192..99e1cd8 100644
for m in module.split():
rc, key = semanage_module_key_create(self.sh)
if rc < 0:
@@ -416,11 +428,15 @@ class moduleRecords(semanageRecords):
@@ -416,11 +432,15 @@ class moduleRecords(semanageRecords):
self.commit()
def modify(self, file):
@ -376,7 +377,7 @@ index 70fd192..99e1cd8 100644
rc = semanage_set_default_priority(self.sh, priority)
if rc < 0:
raise ValueError(_("Invalid priority %d (needs to be between 1 and 999)") % priority)
@@ -440,8 +456,8 @@ class moduleRecords(semanageRecords):
@@ -440,8 +460,8 @@ class moduleRecords(semanageRecords):
class dontauditClass(semanageRecords):
@ -387,7 +388,7 @@ index 70fd192..99e1cd8 100644
def toggle(self, dontaudit):
if dontaudit not in ["on", "off"]:
@@ -453,8 +469,8 @@ class dontauditClass(semanageRecords):
@@ -453,8 +473,8 @@ class dontauditClass(semanageRecords):
class permissiveRecords(semanageRecords):
@ -398,7 +399,7 @@ index 70fd192..99e1cd8 100644
def get_all(self):
l = []
@@ -522,8 +538,8 @@ class permissiveRecords(semanageRecords):
@@ -522,8 +542,8 @@ class permissiveRecords(semanageRecords):
class loginRecords(semanageRecords):
@ -409,7 +410,7 @@ index 70fd192..99e1cd8 100644
self.oldsename = None
self.oldserange = None
self.sename = None
@@ -534,7 +550,7 @@ class loginRecords(semanageRecords):
@@ -534,7 +554,7 @@ class loginRecords(semanageRecords):
if sename == "":
sename = "user_u"
@ -418,7 +419,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename)
range, (rc, serole) = userrec.get(sename)
@@ -603,7 +619,7 @@ class loginRecords(semanageRecords):
@@ -603,7 +623,7 @@ class loginRecords(semanageRecords):
if sename == "" and serange == "":
raise ValueError(_("Requires seuser or serange"))
@ -427,7 +428,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename)
if sename != "":
@@ -660,7 +676,7 @@ class loginRecords(semanageRecords):
@@ -660,7 +680,7 @@ class loginRecords(semanageRecords):
def __delete(self, name):
rec, self.oldsename, self.oldserange = selinux.getseuserbyname(name)
@ -436,7 +437,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename)
(rc, k) = semanage_seuser_key_create(self.sh, name)
@@ -779,8 +795,8 @@ class loginRecords(semanageRecords):
@@ -779,8 +799,8 @@ class loginRecords(semanageRecords):
class seluserRecords(semanageRecords):
@ -447,7 +448,7 @@ index 70fd192..99e1cd8 100644
def get(self, name):
(rc, k) = semanage_user_key_create(self.sh, name)
@@ -1042,8 +1058,8 @@ class portRecords(semanageRecords):
@@ -1042,8 +1062,8 @@ class portRecords(semanageRecords):
except RuntimeError:
valid_types = []
@ -458,7 +459,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, port, proto):
if proto == "tcp":
@@ -1317,8 +1333,8 @@ class ibpkeyRecords(semanageRecords):
@@ -1317,8 +1337,8 @@ class ibpkeyRecords(semanageRecords):
except:
valid_types = []
@ -469,7 +470,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, pkey, subnet_prefix):
if subnet_prefix == "":
@@ -1540,9 +1556,8 @@ class ibpkeyRecords(semanageRecords):
@@ -1540,9 +1560,8 @@ class ibpkeyRecords(semanageRecords):
def customized(self):
l = []
ddict = self.get_all(True)
@ -481,7 +482,7 @@ index 70fd192..99e1cd8 100644
if k[0] == k[1]:
l.append("-a -t %s -x %s %s" % (ddict[k][0], k[2], k[0]))
else:
@@ -1554,11 +1569,10 @@ class ibpkeyRecords(semanageRecords):
@@ -1554,11 +1573,10 @@ class ibpkeyRecords(semanageRecords):
keys = ddict.keys()
if len(keys) == 0:
return
@ -494,7 +495,7 @@ index 70fd192..99e1cd8 100644
rec = "%-30s %-18s " % i
rec += "%s" % ddict[i][0]
for p in ddict[i][1:]:
@@ -1572,8 +1586,8 @@ class ibendportRecords(semanageRecords):
@@ -1572,8 +1590,8 @@ class ibendportRecords(semanageRecords):
except:
valid_types = []
@ -505,7 +506,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, ibendport, ibdev_name):
if ibdev_name == "":
@@ -1782,10 +1796,9 @@ class ibendportRecords(semanageRecords):
@@ -1782,10 +1800,9 @@ class ibendportRecords(semanageRecords):
def customized(self):
l = []
ddict = self.get_all(True)
@ -519,7 +520,7 @@ index 70fd192..99e1cd8 100644
return l
def list(self, heading=1, locallist=0):
@@ -1793,11 +1806,10 @@ class ibendportRecords(semanageRecords):
@@ -1793,11 +1810,10 @@ class ibendportRecords(semanageRecords):
keys = ddict.keys()
if len(keys) == 0:
return
@ -532,7 +533,7 @@ index 70fd192..99e1cd8 100644
rec = "%-30s %-18s " % i
rec += "%s" % ddict[i][0]
for p in ddict[i][1:]:
@@ -1810,8 +1822,8 @@ class nodeRecords(semanageRecords):
@@ -1810,8 +1826,8 @@ class nodeRecords(semanageRecords):
except RuntimeError:
valid_types = []
@ -543,7 +544,7 @@ index 70fd192..99e1cd8 100644
self.protocol = ["ipv4", "ipv6"]
def validate(self, addr, mask, protocol):
@@ -2046,8 +2058,8 @@ class nodeRecords(semanageRecords):
@@ -2046,8 +2062,8 @@ class nodeRecords(semanageRecords):
class interfaceRecords(semanageRecords):
@ -554,7 +555,7 @@ index 70fd192..99e1cd8 100644
def __add(self, interface, serange, ctype):
if is_mls_enabled == 1:
@@ -2243,8 +2255,8 @@ class fcontextRecords(semanageRecords):
@@ -2243,8 +2259,8 @@ class fcontextRecords(semanageRecords):
except RuntimeError:
valid_types = []
@ -565,7 +566,7 @@ index 70fd192..99e1cd8 100644
self.equiv = {}
self.equiv_dist = {}
self.equal_ind = False
@@ -2566,10 +2578,15 @@ class fcontextRecords(semanageRecords):
@@ -2566,10 +2582,15 @@ class fcontextRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not list file contexts"))
@ -581,7 +582,7 @@ index 70fd192..99e1cd8 100644
self.flist += fclocal
ddict = {}
@@ -2627,8 +2644,8 @@ class fcontextRecords(semanageRecords):
@@ -2627,8 +2648,8 @@ class fcontextRecords(semanageRecords):
class booleanRecords(semanageRecords):