From 4084a6ea8943c05bad6cbe687621e439dfbd3e63 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Thu, 28 Mar 2013 13:40:55 -0400 Subject: [PATCH] Add buildrequires for OpenBox to prevent me from accidently building into RHEL7 - Add support for returning alias data to sepolicy.info python bindings --- policycoreutils-rhat.patch | 75 ++++++++++++++++++++++++++++++++++++++ policycoreutils.spec | 7 +++- 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 04837d6..eb961ff 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -2465,6 +2465,81 @@ index 11b534f..ae064c4 100644 -mkdir -p $(BASHCOMPLETIONDIR) - install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR) + install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)/sepolicy +diff --git a/policycoreutils/sepolicy/info.c b/policycoreutils/sepolicy/info.c +index 65458e6..b6244be 100644 +--- a/policycoreutils/sepolicy/info.c ++++ b/policycoreutils/sepolicy/info.c +@@ -78,6 +78,58 @@ static int py_insert_bool(PyObject *dict, const char *name, int value) + } + + /** ++ * Get the alias of a type. ++ * ++ * @param fp Reference to a file to which to get type information ++ * @param type_datum Reference to sepol type_datum ++ * @param policydb Reference to a policy ++ * attributes ++ */ ++static PyObject* get_type_aliases(const qpol_type_t * type_datum, const apol_policy_t * policydb) ++{ ++ qpol_iterator_t *iter = NULL; ++ size_t alias_size; ++ unsigned char isattr, isalias; ++ const char *type_name = NULL; ++ const char *alias_name; ++ int error = 0; ++ qpol_policy_t *q = apol_policy_get_qpol(policydb); ++ PyObject *list = PyList_New(0); ++ if (!list) goto err; ++ ++ if (qpol_type_get_name(q, type_datum, &type_name)) ++ goto cleanup; ++ if (qpol_type_get_isattr(q, type_datum, &isattr)) ++ goto cleanup; ++ if (qpol_type_get_isalias(q, type_datum, &isalias)) ++ goto cleanup; ++ ++ if (qpol_type_get_alias_iter(q, type_datum, &iter)) ++ goto cleanup; ++ if (qpol_iterator_get_size(iter, &alias_size)) ++ goto cleanup; ++ if (alias_size > 0) { ++ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) { ++ if (qpol_iterator_get_item(iter, (void **)&alias_name)) ++ goto err; ++ if (py_append_string(list, alias_name)) ++ goto err; ++ } ++ } ++ goto cleanup; ++ ++err: ++ error = errno; ++ PyErr_SetString(PyExc_RuntimeError,strerror(errno)); ++ py_decref(list); list = NULL; ++ ++cleanup: ++ qpol_iterator_destroy(&iter); ++ errno = error; ++ return list; ++} ++ ++/** + * Gets a textual representation of an attribute, and + * all of that attribute's types. + * +@@ -295,6 +347,11 @@ static PyObject* get_type( const qpol_type_t * type_datum, const apol_policy_t * + Py_DECREF(obj); + if (rt) goto err; + } ++ ++ obj = get_type_aliases(type_datum, policydb); ++ rt = py_insert_obj(dict, "aliases", obj); ++ Py_DECREF(obj); ++ if (rt) goto err; + goto cleanup; + + err: diff --git a/policycoreutils/sepolicy/policy.c b/policycoreutils/sepolicy/policy.c index 4eca22d..eeee0ab 100644 --- a/policycoreutils/sepolicy/policy.c diff --git a/policycoreutils.spec b/policycoreutils.spec index 1b8fdb8..30e4c21 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.1.14 -Release: 28%{?dist} +Release: 30%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -170,6 +170,7 @@ Group: System Environment/Base Requires: policycoreutils-python = %{version}-%{release} Requires: xorg-x11-server-Xephyr /usr/bin/rsync /usr/bin/xmodmap Requires: openbox +BuildRequires: openbox BuildRequires: libcap-ng-devel %description sandbox @@ -309,6 +310,10 @@ The policycoreutils-restorecond package contains the restorecond service. %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %changelog +* Thu Mar 28 2013 Dan Walsh - 2.1.14-29 +- Add buildrequires for OpenBox to prevent me from accidently building into RHEL7 +- Add support for returning alias data to sepolicy.info python bindings + * Wed Mar 27 2013 Dan Walsh - 2.1.14-28 - Fix audit2allow output to better align analysys with the allow rules - Apply Miroslav Grepl patch to clean up sepolicy generate usage