rpms/policycoreutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

policycoreutils-2.7-7.fc28

Browse Source 
- semanage: bring semanageRecords.set_reload back to seobject.py
(#1527745)
This commit is contained in:
Petr Lautrbach 2017-12-20 10:31:18 +01:00
parent c33737fa2a
commit 3cd3d543c6
2 changed files with 35 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
policycoreutils.spec
View File

@ -9,7 +9,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.7 Version: 2.7
Release: 6%{?dist} Release: 7%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# https://github.com/SELinuxProject/selinux/wiki/Releases # https://github.com/SELinuxProject/selinux/wiki/Releases
@ -31,7 +31,7 @@ Source18: selinux-autorelabel.target
Source19: selinux-autorelabel-generator.sh Source19: selinux-autorelabel-generator.sh
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
# run: # run:
# HEAD https://github.com/fedora-selinux/selinux/commit/7d95e8cfa8df699ba53651de06dd0b2b9e428903 # HEAD https://github.com/fedora-selinux/selinux/commit/3dd7e297f42b8c05964591b008915e2514c6cb2d
# $ for i in policycoreutils selinux-python selinux-gui selinux-sandbox selinux-dbus semodule-utils restorecond; do # $ for i in policycoreutils selinux-python selinux-gui selinux-sandbox selinux-dbus semodule-utils restorecond; do
# ./make-fedora-selinux-patch.sh $i # ./make-fedora-selinux-patch.sh $i
# done # done
@ -501,6 +501,9 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service %systemd_postun_with_restart restorecond.service
%changelog %changelog
* Wed Dec 20 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-7
- semanage: bring semanageRecords.set_reload back to seobject.py (#1527745)
* Wed Dec 13 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-6 * Wed Dec 13 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-6
- semanage: make seobject.py backward compatible - semanage: make seobject.py backward compatible
- Own %%{pythonX_sitelib}/site-packages/sepolicy directories (#1522942) - Own %%{pythonX_sitelib}/site-packages/sepolicy directories (#1522942)

59
selinux-python-fedora.patch
View File

@ -282,14 +282,15 @@ index 0bdb90f..0cdcfcc 100644
user identities to authorized role sets. In most cases, only the user identities to authorized role sets. In most cases, only the
former mapping needs to be adjusted by the administrator; the latter former mapping needs to be adjusted by the administrator; the latter
diff --git selinux-python-2.7/semanage/seobject.py selinux-python-2.7/semanage/seobject.py diff --git selinux-python-2.7/semanage/seobject.py selinux-python-2.7/semanage/seobject.py
index 70fd192..99e1cd8 100644 index 70fd192..dca9506 100644
--- selinux-python-2.7/semanage/seobject.py --- selinux-python-2.7/semanage/seobject.py
+++ selinux-python-2.7/semanage/seobject.py +++ selinux-python-2.7/semanage/seobject.py
@@ -238,21 +238,28 @@ class semanageRecords: @@ -238,20 +238,31 @@ class semanageRecords:
transaction = False transaction = False
handle = None handle = None
store = None store = None
+ args = None + args = None
+ noreload = False
- def __init__(self, store): - def __init__(self, store):
+ def __init__(self, args = None): + def __init__(self, args = None):
@ -315,13 +316,13 @@ index 70fd192..99e1cd8 100644
else: else:
self.mylog = nulllogger() self.mylog = nulllogger()
- def set_reload(self, load): def set_reload(self, load):
- self.load = load - self.load = load
- + self.noreload = not load
def get_handle(self, store): def get_handle(self, store):
global is_mls_enabled global is_mls_enabled
@@ -312,7 +323,8 @@ class semanageRecords:
@@ -312,7 +319,8 @@ class semanageRecords:
if semanageRecords.transaction: if semanageRecords.transaction:
return return
@ -331,7 +332,7 @@ index 70fd192..99e1cd8 100644
rc = semanage_commit(self.sh) rc = semanage_commit(self.sh)
if rc < 0: if rc < 0:
self.mylog.commit(0) self.mylog.commit(0)
@@ -328,8 +336,8 @@ class semanageRecords: @@ -328,8 +340,8 @@ class semanageRecords:
class moduleRecords(semanageRecords): class moduleRecords(semanageRecords):
@ -342,7 +343,7 @@ index 70fd192..99e1cd8 100644
def get_all(self): def get_all(self):
l = [] l = []
@@ -386,6 +394,8 @@ class moduleRecords(semanageRecords): @@ -386,6 +398,8 @@ class moduleRecords(semanageRecords):
print("%-25s %-9s %-5s %s" % (t[0], t[2], t[3], disabled)) print("%-25s %-9s %-5s %s" % (t[0], t[2], t[3], disabled))
def add(self, file, priority): def add(self, file, priority):
@ -351,7 +352,7 @@ index 70fd192..99e1cd8 100644
if not os.path.exists(file): if not os.path.exists(file):
raise ValueError(_("Module does not exist: %s ") % file) raise ValueError(_("Module does not exist: %s ") % file)
@@ -398,6 +408,8 @@ class moduleRecords(semanageRecords): @@ -398,6 +412,8 @@ class moduleRecords(semanageRecords):
self.commit() self.commit()
def set_enabled(self, module, enable): def set_enabled(self, module, enable):
@ -360,7 +361,7 @@ index 70fd192..99e1cd8 100644
for m in module.split(): for m in module.split():
rc, key = semanage_module_key_create(self.sh) rc, key = semanage_module_key_create(self.sh)
if rc < 0: if rc < 0:
@@ -416,11 +428,15 @@ class moduleRecords(semanageRecords): @@ -416,11 +432,15 @@ class moduleRecords(semanageRecords):
self.commit() self.commit()
def modify(self, file): def modify(self, file):
@ -376,7 +377,7 @@ index 70fd192..99e1cd8 100644
rc = semanage_set_default_priority(self.sh, priority) rc = semanage_set_default_priority(self.sh, priority)
if rc < 0: if rc < 0:
raise ValueError(_("Invalid priority %d (needs to be between 1 and 999)") % priority) raise ValueError(_("Invalid priority %d (needs to be between 1 and 999)") % priority)
@@ -440,8 +456,8 @@ class moduleRecords(semanageRecords): @@ -440,8 +460,8 @@ class moduleRecords(semanageRecords):
class dontauditClass(semanageRecords): class dontauditClass(semanageRecords):
@ -387,7 +388,7 @@ index 70fd192..99e1cd8 100644
def toggle(self, dontaudit): def toggle(self, dontaudit):
if dontaudit not in ["on", "off"]: if dontaudit not in ["on", "off"]:
@@ -453,8 +469,8 @@ class dontauditClass(semanageRecords): @@ -453,8 +473,8 @@ class dontauditClass(semanageRecords):
class permissiveRecords(semanageRecords): class permissiveRecords(semanageRecords):
@ -398,7 +399,7 @@ index 70fd192..99e1cd8 100644
def get_all(self): def get_all(self):
l = [] l = []
@@ -522,8 +538,8 @@ class permissiveRecords(semanageRecords): @@ -522,8 +542,8 @@ class permissiveRecords(semanageRecords):
class loginRecords(semanageRecords): class loginRecords(semanageRecords):
@ -409,7 +410,7 @@ index 70fd192..99e1cd8 100644
self.oldsename = None self.oldsename = None
self.oldserange = None self.oldserange = None
self.sename = None self.sename = None
@@ -534,7 +550,7 @@ class loginRecords(semanageRecords): @@ -534,7 +554,7 @@ class loginRecords(semanageRecords):
if sename == "": if sename == "":
sename = "user_u" sename = "user_u"
@ -418,7 +419,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename) range, (rc, oldserole) = userrec.get(self.oldsename)
range, (rc, serole) = userrec.get(sename) range, (rc, serole) = userrec.get(sename)
@@ -603,7 +619,7 @@ class loginRecords(semanageRecords): @@ -603,7 +623,7 @@ class loginRecords(semanageRecords):
if sename == "" and serange == "": if sename == "" and serange == "":
raise ValueError(_("Requires seuser or serange")) raise ValueError(_("Requires seuser or serange"))
@ -427,7 +428,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename) range, (rc, oldserole) = userrec.get(self.oldsename)
if sename != "": if sename != "":
@@ -660,7 +676,7 @@ class loginRecords(semanageRecords): @@ -660,7 +680,7 @@ class loginRecords(semanageRecords):
def __delete(self, name): def __delete(self, name):
rec, self.oldsename, self.oldserange = selinux.getseuserbyname(name) rec, self.oldsename, self.oldserange = selinux.getseuserbyname(name)
@ -436,7 +437,7 @@ index 70fd192..99e1cd8 100644
range, (rc, oldserole) = userrec.get(self.oldsename) range, (rc, oldserole) = userrec.get(self.oldsename)
(rc, k) = semanage_seuser_key_create(self.sh, name) (rc, k) = semanage_seuser_key_create(self.sh, name)
@@ -779,8 +795,8 @@ class loginRecords(semanageRecords): @@ -779,8 +799,8 @@ class loginRecords(semanageRecords):
class seluserRecords(semanageRecords): class seluserRecords(semanageRecords):
@ -447,7 +448,7 @@ index 70fd192..99e1cd8 100644
def get(self, name): def get(self, name):
(rc, k) = semanage_user_key_create(self.sh, name) (rc, k) = semanage_user_key_create(self.sh, name)
@@ -1042,8 +1058,8 @@ class portRecords(semanageRecords): @@ -1042,8 +1062,8 @@ class portRecords(semanageRecords):
except RuntimeError: except RuntimeError:
valid_types = [] valid_types = []
@ -458,7 +459,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, port, proto): def __genkey(self, port, proto):
if proto == "tcp": if proto == "tcp":
@@ -1317,8 +1333,8 @@ class ibpkeyRecords(semanageRecords): @@ -1317,8 +1337,8 @@ class ibpkeyRecords(semanageRecords):
except: except:
valid_types = [] valid_types = []
@ -469,7 +470,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, pkey, subnet_prefix): def __genkey(self, pkey, subnet_prefix):
if subnet_prefix == "": if subnet_prefix == "":
@@ -1540,9 +1556,8 @@ class ibpkeyRecords(semanageRecords): @@ -1540,9 +1560,8 @@ class ibpkeyRecords(semanageRecords):
def customized(self): def customized(self):
l = [] l = []
ddict = self.get_all(True) ddict = self.get_all(True)
@ -481,7 +482,7 @@ index 70fd192..99e1cd8 100644
if k[0] == k[1]: if k[0] == k[1]:
l.append("-a -t %s -x %s %s" % (ddict[k][0], k[2], k[0])) l.append("-a -t %s -x %s %s" % (ddict[k][0], k[2], k[0]))
else: else:
@@ -1554,11 +1569,10 @@ class ibpkeyRecords(semanageRecords): @@ -1554,11 +1573,10 @@ class ibpkeyRecords(semanageRecords):
keys = ddict.keys() keys = ddict.keys()
if len(keys) == 0: if len(keys) == 0:
return return
@ -494,7 +495,7 @@ index 70fd192..99e1cd8 100644
rec = "%-30s %-18s " % i rec = "%-30s %-18s " % i
rec += "%s" % ddict[i][0] rec += "%s" % ddict[i][0]
for p in ddict[i][1:]: for p in ddict[i][1:]:
@@ -1572,8 +1586,8 @@ class ibendportRecords(semanageRecords): @@ -1572,8 +1590,8 @@ class ibendportRecords(semanageRecords):
except: except:
valid_types = [] valid_types = []
@ -505,7 +506,7 @@ index 70fd192..99e1cd8 100644
def __genkey(self, ibendport, ibdev_name): def __genkey(self, ibendport, ibdev_name):
if ibdev_name == "": if ibdev_name == "":
@@ -1782,10 +1796,9 @@ class ibendportRecords(semanageRecords): @@ -1782,10 +1800,9 @@ class ibendportRecords(semanageRecords):
def customized(self): def customized(self):
l = [] l = []
ddict = self.get_all(True) ddict = self.get_all(True)
@ -519,7 +520,7 @@ index 70fd192..99e1cd8 100644
return l return l
def list(self, heading=1, locallist=0): def list(self, heading=1, locallist=0):
@@ -1793,11 +1806,10 @@ class ibendportRecords(semanageRecords): @@ -1793,11 +1810,10 @@ class ibendportRecords(semanageRecords):
keys = ddict.keys() keys = ddict.keys()
if len(keys) == 0: if len(keys) == 0:
return return
@ -532,7 +533,7 @@ index 70fd192..99e1cd8 100644
rec = "%-30s %-18s " % i rec = "%-30s %-18s " % i
rec += "%s" % ddict[i][0] rec += "%s" % ddict[i][0]
for p in ddict[i][1:]: for p in ddict[i][1:]:
@@ -1810,8 +1822,8 @@ class nodeRecords(semanageRecords): @@ -1810,8 +1826,8 @@ class nodeRecords(semanageRecords):
except RuntimeError: except RuntimeError:
valid_types = [] valid_types = []
@ -543,7 +544,7 @@ index 70fd192..99e1cd8 100644
self.protocol = ["ipv4", "ipv6"] self.protocol = ["ipv4", "ipv6"]
def validate(self, addr, mask, protocol): def validate(self, addr, mask, protocol):
@@ -2046,8 +2058,8 @@ class nodeRecords(semanageRecords): @@ -2046,8 +2062,8 @@ class nodeRecords(semanageRecords):
class interfaceRecords(semanageRecords): class interfaceRecords(semanageRecords):
@ -554,7 +555,7 @@ index 70fd192..99e1cd8 100644
def __add(self, interface, serange, ctype): def __add(self, interface, serange, ctype):
if is_mls_enabled == 1: if is_mls_enabled == 1:
@@ -2243,8 +2255,8 @@ class fcontextRecords(semanageRecords): @@ -2243,8 +2259,8 @@ class fcontextRecords(semanageRecords):
except RuntimeError: except RuntimeError:
valid_types = [] valid_types = []
@ -565,7 +566,7 @@ index 70fd192..99e1cd8 100644
self.equiv = {} self.equiv = {}
self.equiv_dist = {} self.equiv_dist = {}
self.equal_ind = False self.equal_ind = False
@@ -2566,10 +2578,15 @@ class fcontextRecords(semanageRecords): @@ -2566,10 +2582,15 @@ class fcontextRecords(semanageRecords):
if rc < 0: if rc < 0:
raise ValueError(_("Could not list file contexts")) raise ValueError(_("Could not list file contexts"))
@ -581,7 +582,7 @@ index 70fd192..99e1cd8 100644
self.flist += fclocal self.flist += fclocal
ddict = {} ddict = {}
@@ -2627,8 +2644,8 @@ class fcontextRecords(semanageRecords): @@ -2627,8 +2648,8 @@ class fcontextRecords(semanageRecords):
class booleanRecords(semanageRecords): class booleanRecords(semanageRecords):