From 448a84b06ad5de2e8caf3c3822204c377542c8d4 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Tue, 4 Jan 2011 17:23:27 -0500 Subject: [PATCH] - Polgengui raises the wrong type of exception. #471078 - Change semanage to not allow it to semanage module -D --- policycoreutils-gui.patch | 158 ++++++++++++++++++------------------- policycoreutils-rhat.patch | 138 +++++++++++++++++--------------- policycoreutils.spec | 4 + 3 files changed, 158 insertions(+), 142 deletions(-) diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index 16c7242..497dc74 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.83/gui/booleansPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.85/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/booleansPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/booleansPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,247 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli + self.load(self.filter) + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.83/gui/domainsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.85/gui/domainsPage.py --- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/domainsPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/domainsPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,154 @@ +## domainsPage.py - show selinux domains +## Copyright (C) 2009 Red Hat, Inc. @@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic + + except ValueError, e: + self.error(e.args[0]) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.83/gui/fcontextPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.85/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/fcontextPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,223 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli + self.store.set_value(iter, SPEC_COL, fspec) + self.store.set_value(iter, FTYPE_COL, ftype) + self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.83/gui/html_util.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.85/gui/html_util.py --- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/html_util.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/html_util.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,164 @@ +# Authors: John Dennis +# @@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc + doc += tail + return doc + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.83/gui/lockdown.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.85/gui/lockdown.glade --- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.glade 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/lockdown.glade 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,771 @@ + + @@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.83/gui/lockdown.gladep +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.85/gui/lockdown.gladep --- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/lockdown.gladep 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,7 @@ + + @@ -1588,9 +1588,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.83/gui/lockdown.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.85/gui/lockdown.py --- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/lockdown.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/lockdown.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,382 @@ +#!/usr/bin/python -Es +# @@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco + + app = booleanWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.83/gui/loginsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.85/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/loginsPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/loginsPage.py 2011-01-04 17:02:41.000000000 -0500 @@ -0,0 +1,185 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy + self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 2, seobject.translate(serange)) + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.83/gui/Makefile +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.85/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/Makefile 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/Makefile 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,40 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -2207,9 +2207,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +indent: + +relabel: -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.83/gui/mappingsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.85/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/mappingsPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,56 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2267,9 +2267,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli + for k in keys: + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.83/gui/modulesPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.85/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/modulesPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/modulesPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,190 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -2461,9 +2461,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic + + except ValueError, e: + self.error(e.args[0]) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.83/gui/polgen.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.85/gui/polgen.glade --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.glade 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/polgen.glade 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,3305 @@ + + @@ -5770,9 +5770,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.83/gui/polgen.gladep +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.85/gui/polgen.gladep --- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.gladep 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/polgen.gladep 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,7 @@ + + @@ -5781,9 +5781,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.85/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgengui.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/polgengui.py 2011-01-04 17:02:52.000000000 -0500 @@ -0,0 +1,657 @@ +#!/usr/bin/python -Es +# @@ -6119,7 +6119,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + if self.existing_user_radiobutton.get_active(): + store, iter = self.existing_user_treeview.get_selection().get_selected() + if iter == None: -+ raise(_("You must select a user")) ++ raise ValueError(_("You must select a user")) + return store.get_value(iter, 0) + else: + return self.name_entry.get_text() @@ -6442,9 +6442,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + + app = childWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.85/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/polgen.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,1311 @@ +#!/usr/bin/python -Es +# @@ -7757,9 +7757,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + sys.exit(0) + except ValueError, e: + usage(e) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.83/gui/portsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.85/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/portsPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/portsPage.py 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,259 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8020,9 +8020,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc + + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.83/gui/selinux.tbl +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.85/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/selinux.tbl 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/selinux.tbl 2010-12-21 16:16:39.000000000 -0500 @@ -0,0 +1,234 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /") @@ -8258,9 +8258,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories") +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories") + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.83/gui/semanagePage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.85/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/semanagePage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/semanagePage.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,168 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8430,9 +8430,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli + self.load(self.filter) + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.83/gui/statusPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.85/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/statusPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/statusPage.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,190 @@ +# statusPage.py - show selinux status +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -8624,9 +8624,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy + return self.types[self.selinuxTypeOptionMenu.get_active()] + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.83/gui/system-config-selinux.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.85/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/system-config-selinux.glade 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,3024 @@ + + @@ -11652,9 +11652,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.83/gui/system-config-selinux.gladep +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.85/gui/system-config-selinux.gladep --- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/system-config-selinux.gladep 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,7 @@ + + @@ -11663,9 +11663,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.83/gui/system-config-selinux.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.85/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/system-config-selinux.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,187 @@ +#!/usr/bin/python -Es +# @@ -11854,9 +11854,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + app = childWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.83/gui/templates/boolean.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.85/gui/templates/boolean.py --- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/boolean.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,40 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -11898,9 +11898,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py +') +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.83/gui/templates/etc_rw.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.85/gui/templates/etc_rw.py --- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/etc_rw.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,113 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12015,9 +12015,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.83/gui/templates/executable.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.85/gui/templates/executable.py --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/executable.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/executable.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,393 @@ +# Copyright (C) 2007-2009 Red Hat +# see file 'COPYING' for use and warranty information @@ -12412,9 +12412,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable + +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.83/gui/templates/__init__.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.85/gui/templates/__init__.py --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/__init__.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,18 @@ +# +# Copyright (C) 2007 Red Hat, Inc. @@ -12434,9 +12434,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +# + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.83/gui/templates/network.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.85/gui/templates/network.py --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/network.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/network.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,80 @@ +te_port_types=""" +type TEMPLATETYPE_port_t; @@ -12518,9 +12518,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.83/gui/templates/polgen.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.85/gui/templates/polgen.py --- nsapolicycoreutils/gui/templates/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/polgen.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,1303 @@ +#!/usr/bin/python -Es +# @@ -13825,9 +13825,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py + sys.exit(0) + except ValueError, e: + usage(e) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.83/gui/templates/rw.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.85/gui/templates/rw.py --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/rw.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/rw.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,131 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13960,9 +13960,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli +fc_dir=""" +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.83/gui/templates/script.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.85/gui/templates/script.py --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/script.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/script.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,126 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14090,9 +14090,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py +_EOF +fi +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.83/gui/templates/semodule.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.85/gui/templates/semodule.py --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/semodule.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,41 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14135,9 +14135,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.83/gui/templates/tmp.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.85/gui/templates/tmp.py --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/tmp.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,102 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14241,9 +14241,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol + files_search_tmp($1) + admin_pattern($1, TEMPLATETYPE_tmp_t) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.85/gui/templates/user.py --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/user.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/user.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,205 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14450,9 +14450,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po +te_newrole_rules=""" +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.83/gui/templates/var_cache.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.85/gui/templates/var_cache.py --- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/var_cache.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,133 @@ +# Copyright (C) 2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14587,9 +14587,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache. +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.83/gui/templates/var_lib.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.85/gui/templates/var_lib.py --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/var_lib.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,161 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -14752,9 +14752,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.83/gui/templates/var_log.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.85/gui/templates/var_log.py --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/var_log.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,116 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14872,9 +14872,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.83/gui/templates/var_run.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.85/gui/templates/var_run.py --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/var_run.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,101 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -14977,9 +14977,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.83/gui/templates/var_spool.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.85/gui/templates/var_spool.py --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/templates/var_spool.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,133 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -15114,9 +15114,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.83/gui/usersPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.85/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/usersPage.py 2010-10-29 09:54:44.000000000 -0400 ++++ policycoreutils-2.0.85/gui/usersPage.py 2010-12-21 16:16:40.000000000 -0500 @@ -0,0 +1,150 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006,2007,2008 Red Hat, Inc. diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index a453d90..ecd1798 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -2793,7 +2793,7 @@ index 0000000..e2befdb + packages=["policycoreutils"], +) diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage -index ffaca5b..75b53e8 100644 +index ffaca5b..05d6834 100644 --- a/policycoreutils/semanage/semanage +++ b/policycoreutils/semanage/semanage @@ -1,4 +1,4 @@ @@ -2810,7 +2810,7 @@ index ffaca5b..75b53e8 100644 import sys, getopt, re import seobject import selinux -@@ -32,27 +33,36 @@ gettext.textdomain(PROGNAME) +@@ -32,27 +33,35 @@ gettext.textdomain(PROGNAME) try: gettext.install(PROGNAME, localedir="/usr/share/locale", @@ -2834,25 +2834,30 @@ index ffaca5b..75b53e8 100644 def usage(message = ""): text = _(""" semanage [ -S store ] -i [ input_file | - ] -+semanage [ -S store ] -o [ output_file | - ] - +- -semanage {boolean|login|user|port|interface|node|fcontext} -{l|D} [-n] -+semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n] - semanage login -{a|d|m} [-sr] login_name | %groupname - semanage user -{a|d|m} [-LrRP] selinux_name - semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range - semanage interface -{a|d|m} [-tr] interface_spec -+semanage module -{a|d|m} [--enable|--disable] module - semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr +-semanage login -{a|d|m} [-sr] login_name | %groupname +-semanage user -{a|d|m} [-LrRP] selinux_name +-semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range +-semanage interface -{a|d|m} [-tr] interface_spec +-semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr -semanage fcontext -{a|d|m} [-frst] file_spec -+semanage fcontext -{a|d|m} [-efrst] file_spec ++semanage [ -S store ] -o [ output_file | - ] ++ ++semanage login -{a|d|m|l|D|E} [-nrs] login_name | %groupname ++semanage user -{a|d|m|l|D|E} [-LnrRP] selinux_name ++semanage port -{a|d|m|l|D|E} [-nrt] [ -p proto ] port | port_range ++semanage interface -{a|d|m|l|D|E} [-nrt] interface_spec ++semanage module -{a|d|m} [--enable|--disable] module ++semanage node -{a|d|m|l|D|E} [-nrt] [ -p protocol ] [-M netmask] addr ++semanage fcontext -{a|d|m|l|D|E} [-efnrst] file_spec semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file -semanage permissive -{d|a} type -+semanage permissive -{d|a|l} type ++semanage permissive -{d|a|l} [-n] type semanage dontaudit [ on | off ] Primary Options: -@@ -61,7 +71,9 @@ Primary Options: +@@ -61,7 +70,9 @@ Primary Options: -d, --delete Delete a OBJECT record NAME -m, --modify Modify a OBJECT record NAME -i, --input Input multiple semange commands in a transaction @@ -2862,7 +2867,7 @@ index ffaca5b..75b53e8 100644 -C, --locallist List OBJECTS local customizations -D, --deleteall Remove all OBJECTS local customizations -@@ -84,12 +96,15 @@ Object-specific Options (see above): +@@ -84,12 +95,15 @@ Object-specific Options (see above): -F, --file Treat target as an input file for command, change multiple settings -p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6) -M, --mask Netmask @@ -2878,27 +2883,40 @@ index ffaca5b..75b53e8 100644 """) raise ValueError("%s\n%s" % (text, message)) -@@ -101,7 +116,7 @@ Object-specific Options (see above): +@@ -101,22 +115,25 @@ Object-specific Options (see above): def get_options(): valid_option={} - valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ] -+ valid_everyone=[ '-a', '--add', '-d', '--delete', '-E', '--extract', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ] ++ valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-S', '--store' ] ++ valid_local=[ '-E', '--extract', '-C', '--locallist', '-D', '--deleteall'] valid_option["login"] = [] - valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range'] +- valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range'] ++ valid_option["login"] += valid_everyone + valid_local + [ '-s', '--seuser', '-r', '--range'] valid_option["user"] = [] -@@ -112,8 +127,10 @@ Object-specific Options (see above): - valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range'] +- valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ] ++ valid_option["user"] += valid_everyone + valid_local + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ] + valid_option["port"] = [] +- valid_option["port"] += valid_everyone + [ '-t', '--type', '-r', '--range', '-p', '--proto' ] ++ valid_option["port"] += valid_everyone + valid_local + [ '-t', '--type', '-r', '--range', '-p', '--proto' ] + valid_option["interface"] = [] +- valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range'] ++ valid_option["interface"] += valid_everyone + valid_local + [ '-t', '--type', '-r', '--range'] valid_option["node"] = [] - valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol'] +- valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol'] ++ valid_option["node"] += valid_everyone + valid_local + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol'] + valid_option["module"] = [] + valid_option["module"] += valid_everyone + [ '--enable', '--disable'] valid_option["fcontext"] = [] - valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range'] -+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range'] ++ valid_option["fcontext"] += valid_everyone + valid_local + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range'] valid_option["dontaudit"] = [ '-S', '--store' ] valid_option["boolean"] = [] - valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"] +- valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"] ++ valid_option["boolean"] += valid_everyone + valid_local + [ '--on', "--off", "-1", "-0", "-F", "--file"] + valid_option["permissive"] = [] + valid_option["permissive"] += [ '-a', '--add', '-d', '--delete', '-l', '--list', '-h', '--help', '-n', '--noheading', '-D', '--deleteall' ] + return valid_option @@ -168,6 +185,8 @@ Object-specific Options (see above): return ret @@ -3417,7 +3435,7 @@ index 70d1a20..fb6a79b 100644 +.br Examples by Thomas Bleher . diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py -index b7d257b..40e57e9 100644 +index b7d257b..735c1ba 100644 --- a/policycoreutils/semanage/seobject.py +++ b/policycoreutils/semanage/seobject.py @@ -29,47 +29,12 @@ import sepolgen.module as module @@ -3472,7 +3490,7 @@ index b7d257b..40e57e9 100644 file_types = {} file_types[""] = SEMANAGE_FCONTEXT_ALL; -@@ -194,45 +159,154 @@ def untranslate(trans, prepend = 1): +@@ -194,45 +159,148 @@ def untranslate(trans, prepend = 1): return trans else: return raw @@ -3632,16 +3650,10 @@ index b7d257b..40e57e9 100644 + + self.commit() + -+ def deleteall(self): -+ l = self.get_all() -+ if len(l) > 0: -+ all = " ".join(l[0]) -+ self.delete(all) -+ class dontauditClass(semanageRecords): def __init__(self, store): semanageRecords.__init__(self, store) -@@ -259,14 +333,23 @@ class permissiveRecords(semanageRecords): +@@ -259,14 +327,23 @@ class permissiveRecords(semanageRecords): name = semanage_module_get_name(mod) if name and name.startswith("permissive_"): l.append(name.split("permissive_")[1]) @@ -3669,7 +3681,7 @@ index b7d257b..40e57e9 100644 def add(self, type): import glob -@@ -343,7 +426,9 @@ class loginRecords(semanageRecords): +@@ -343,7 +420,9 @@ class loginRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if login mapping for %s is defined") % name) if exists: @@ -3680,7 +3692,7 @@ index b7d257b..40e57e9 100644 if name[0] == '%': try: grp.getgrnam(name[1:]) -@@ -475,6 +560,16 @@ class loginRecords(semanageRecords): +@@ -475,6 +554,16 @@ class loginRecords(semanageRecords): mylog.log(1, "delete SELinux user mapping", name); @@ -3697,7 +3709,7 @@ index b7d257b..40e57e9 100644 def get_all(self, locallist = 0): ddict = {} if locallist: -@@ -489,6 +584,15 @@ class loginRecords(semanageRecords): +@@ -489,6 +578,15 @@ class loginRecords(semanageRecords): ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u)) return ddict @@ -3713,7 +3725,7 @@ index b7d257b..40e57e9 100644 def list(self,heading = 1, locallist = 0): ddict = self.get_all(locallist) keys = ddict.keys() -@@ -531,7 +635,8 @@ class seluserRecords(semanageRecords): +@@ -531,7 +629,8 @@ class seluserRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if SELinux user %s is defined") % name) if exists: @@ -3723,7 +3735,7 @@ index b7d257b..40e57e9 100644 (rc, u) = semanage_user_create(self.sh) if rc < 0: -@@ -682,6 +787,16 @@ class seluserRecords(semanageRecords): +@@ -682,6 +781,16 @@ class seluserRecords(semanageRecords): mylog.log(1,"delete SELinux user record", name) @@ -3740,7 +3752,7 @@ index b7d257b..40e57e9 100644 def get_all(self, locallist = 0): ddict = {} if locallist: -@@ -702,6 +817,15 @@ class seluserRecords(semanageRecords): +@@ -702,6 +811,15 @@ class seluserRecords(semanageRecords): return ddict @@ -3756,7 +3768,7 @@ index b7d257b..40e57e9 100644 def list(self, heading = 1, locallist = 0): ddict = self.get_all(locallist) keys = ddict.keys() -@@ -740,12 +864,16 @@ class portRecords(semanageRecords): +@@ -740,12 +858,16 @@ class portRecords(semanageRecords): low = int(ports[0]) high = int(ports[1]) @@ -3773,7 +3785,7 @@ index b7d257b..40e57e9 100644 if is_mls_enabled == 1: if serange == "": serange = "s0" -@@ -808,6 +936,7 @@ class portRecords(semanageRecords): +@@ -808,6 +930,7 @@ class portRecords(semanageRecords): self.commit() def __modify(self, port, proto, serange, setype): @@ -3781,7 +3793,7 @@ index b7d257b..40e57e9 100644 if serange == "" and setype == "": if is_mls_enabled == 1: raise ValueError(_("Requires setype or serange")) -@@ -942,6 +1071,18 @@ class portRecords(semanageRecords): +@@ -942,6 +1065,18 @@ class portRecords(semanageRecords): ddict[(ctype,proto_str)].append("%d-%d" % (low, high)) return ddict @@ -3800,7 +3812,7 @@ index b7d257b..40e57e9 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number")) -@@ -958,7 +1099,8 @@ class portRecords(semanageRecords): +@@ -958,7 +1093,8 @@ class portRecords(semanageRecords): class nodeRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self,store) @@ -3810,7 +3822,7 @@ index b7d257b..40e57e9 100644 def __add(self, addr, mask, proto, serange, ctype): if addr == "": raise ValueError(_("Node Address is required")) -@@ -966,14 +1108,11 @@ class nodeRecords(semanageRecords): +@@ -966,14 +1102,11 @@ class nodeRecords(semanageRecords): if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3828,7 +3840,7 @@ index b7d257b..40e57e9 100644 if is_mls_enabled == 1: if serange == "": serange = "s0" -@@ -991,11 +1130,13 @@ class nodeRecords(semanageRecords): +@@ -991,11 +1124,13 @@ class nodeRecords(semanageRecords): (rc, exists) = semanage_node_exists(self.sh, k) if exists: @@ -3843,7 +3855,7 @@ index b7d257b..40e57e9 100644 rc = semanage_node_set_addr(self.sh, node, proto, addr) (rc, con) = semanage_context_create(self.sh) -@@ -1005,8 +1146,7 @@ class nodeRecords(semanageRecords): +@@ -1005,8 +1140,7 @@ class nodeRecords(semanageRecords): rc = semanage_node_set_mask(self.sh, node, proto, mask) if rc < 0: raise ValueError(_("Could not set mask for %s") % addr) @@ -3853,7 +3865,7 @@ index b7d257b..40e57e9 100644 rc = semanage_context_set_user(self.sh, con, "system_u") if rc < 0: raise ValueError(_("Could not set user in addr context for %s") % addr) -@@ -1047,13 +1187,10 @@ class nodeRecords(semanageRecords): +@@ -1047,13 +1181,10 @@ class nodeRecords(semanageRecords): if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3871,7 +3883,7 @@ index b7d257b..40e57e9 100644 if serange == "" and setype == "": raise ValueError(_("Requires setype or serange")) -@@ -1068,12 +1205,11 @@ class nodeRecords(semanageRecords): +@@ -1068,12 +1199,11 @@ class nodeRecords(semanageRecords): if not exists: raise ValueError(_("Addr %s is not defined") % addr) @@ -3885,7 +3897,7 @@ index b7d257b..40e57e9 100644 if serange != "": semanage_context_set_mls(self.sh, con, untranslate(serange)) if setype != "": -@@ -1098,11 +1234,9 @@ class nodeRecords(semanageRecords): +@@ -1098,11 +1228,9 @@ class nodeRecords(semanageRecords): if mask == "": raise ValueError(_("Node Netmask is required")) @@ -3900,7 +3912,7 @@ index b7d257b..40e57e9 100644 raise ValueError(_("Unknown or missing protocol")) (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) -@@ -1132,6 +1266,16 @@ class nodeRecords(semanageRecords): +@@ -1132,6 +1260,16 @@ class nodeRecords(semanageRecords): self.__delete(addr, mask, proto) self.commit() @@ -3917,7 +3929,7 @@ index b7d257b..40e57e9 100644 def get_all(self, locallist = 0): ddict = {} if locallist : -@@ -1145,15 +1289,20 @@ class nodeRecords(semanageRecords): +@@ -1145,15 +1283,20 @@ class nodeRecords(semanageRecords): con = semanage_node_get_con(node) addr = semanage_node_get_addr(self.sh, node) mask = semanage_node_get_mask(self.sh, node) @@ -3943,7 +3955,7 @@ index b7d257b..40e57e9 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context") -@@ -1193,7 +1342,8 @@ class interfaceRecords(semanageRecords): +@@ -1193,7 +1336,8 @@ class interfaceRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if interface %s is defined") % interface) if exists: @@ -3953,7 +3965,7 @@ index b7d257b..40e57e9 100644 (rc, iface) = semanage_iface_create(self.sh) if rc < 0: -@@ -1307,6 +1457,16 @@ class interfaceRecords(semanageRecords): +@@ -1307,6 +1451,16 @@ class interfaceRecords(semanageRecords): self.__delete(interface) self.commit() @@ -3970,7 +3982,7 @@ index b7d257b..40e57e9 100644 def get_all(self, locallist = 0): ddict = {} if locallist: -@@ -1322,6 +1482,15 @@ class interfaceRecords(semanageRecords): +@@ -1322,6 +1476,15 @@ class interfaceRecords(semanageRecords): return ddict @@ -3986,7 +3998,7 @@ index b7d257b..40e57e9 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-30s %s\n" % (_("SELinux Interface"), _("Context")) -@@ -1338,6 +1507,48 @@ class interfaceRecords(semanageRecords): +@@ -1338,6 +1501,48 @@ class interfaceRecords(semanageRecords): class fcontextRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self, store) @@ -4035,7 +4047,7 @@ index b7d257b..40e57e9 100644 def createcon(self, target, seuser = "system_u"): (rc, con) = semanage_context_create(self.sh) -@@ -1364,6 +1575,8 @@ class fcontextRecords(semanageRecords): +@@ -1364,6 +1569,8 @@ class fcontextRecords(semanageRecords): def validate(self, target): if target == "" or target.find("\n") >= 0: raise ValueError(_("Invalid file specification")) @@ -4044,7 +4056,7 @@ index b7d257b..40e57e9 100644 def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"): self.validate(target) -@@ -1388,7 +1601,8 @@ class fcontextRecords(semanageRecords): +@@ -1388,7 +1595,8 @@ class fcontextRecords(semanageRecords): raise ValueError(_("Could not check if file context for %s is defined") % target) if exists: @@ -4054,7 +4066,7 @@ index b7d257b..40e57e9 100644 (rc, fcontext) = semanage_fcontext_create(self.sh) if rc < 0: -@@ -1504,9 +1718,16 @@ class fcontextRecords(semanageRecords): +@@ -1504,9 +1712,16 @@ class fcontextRecords(semanageRecords): raise ValueError(_("Could not delete the file context %s") % target) semanage_fcontext_key_free(k) @@ -4071,7 +4083,7 @@ index b7d257b..40e57e9 100644 (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) if rc < 0: raise ValueError(_("Could not create a key for %s") % target) -@@ -1561,12 +1782,22 @@ class fcontextRecords(semanageRecords): +@@ -1561,12 +1776,22 @@ class fcontextRecords(semanageRecords): return ddict @@ -4096,7 +4108,7 @@ index b7d257b..40e57e9 100644 for k in keys: if fcon_dict[k]: if is_mls_enabled: -@@ -1575,6 +1806,12 @@ class fcontextRecords(semanageRecords): +@@ -1575,6 +1800,12 @@ class fcontextRecords(semanageRecords): print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2]) else: print "%-50s %-18s <>" % (k[0], k[1]) @@ -4109,7 +4121,7 @@ index b7d257b..40e57e9 100644 class booleanRecords(semanageRecords): def __init__(self, store = ""): -@@ -1587,6 +1824,18 @@ class booleanRecords(semanageRecords): +@@ -1587,6 +1818,18 @@ class booleanRecords(semanageRecords): self.dict["1"] = 1 self.dict["0"] = 0 @@ -4128,7 +4140,7 @@ index b7d257b..40e57e9 100644 def __mod(self, name, value): (rc, k) = semanage_bool_key_create(self.sh, name) if rc < 0: -@@ -1606,9 +1855,10 @@ class booleanRecords(semanageRecords): +@@ -1606,9 +1849,10 @@ class booleanRecords(semanageRecords): else: raise ValueError(_("You must specify one of the following values: %s") % ", ".join(self.dict.keys()) ) @@ -4142,7 +4154,7 @@ index b7d257b..40e57e9 100644 rc = semanage_bool_modify_local(self.sh, k, b) if rc < 0: raise ValueError(_("Could not modify boolean %s") % name) -@@ -1691,8 +1941,12 @@ class booleanRecords(semanageRecords): +@@ -1691,8 +1935,12 @@ class booleanRecords(semanageRecords): value = [] name = semanage_bool_get_name(boolean) value.append(semanage_bool_get_value(boolean)) @@ -4157,7 +4169,7 @@ index b7d257b..40e57e9 100644 ddict[name] = value return ddict -@@ -1706,6 +1960,16 @@ class booleanRecords(semanageRecords): +@@ -1706,6 +1954,16 @@ class booleanRecords(semanageRecords): else: return _("unknown") diff --git a/policycoreutils.spec b/policycoreutils.spec index f6bb5de..cc41b91 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -329,6 +329,10 @@ fi exit 0 %changelog +* Tue Jan 4 2011 Dan Walsh 2.0.85-3 +- Polgengui raises the wrong type of exception. #471078 +- Change semanage to not allow it to semanage module -D + * Wed Dec 22 2010 Dan Walsh 2.0.85-2 - Fix restorecond watching utmp file for people logging in our out