* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-19

- GUI Enhancements - Fix cgi generation - Use more patterns
2007-11-19 21:27:12 +00:00 · 2007-11-19 21:27:12 +00:00 · 616f54d725
commit 616f54d725
parent ffb96ec3c8
2 changed files with 35 additions and 37 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -4551,7 +4551,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.31/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/polgen.py	2007-11-02 15:54:42.000000000 -0400
+++ policycoreutils-2.0.31/gui/polgen.py	2007-11-19 16:21:17.000000000 -0500
@@ -0,0 +1,831 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -5230,7 +5230,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +            return newsh
 +        
 +	def generate_sh(self):
-+		newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
+		newsh = re.sub("TEMPLATETYPE", self.file_name, script.compile)
 +                if self.program != "":
 +                    newsh += re.sub("FILENAME", self.program, script.restorecon)
 +                if self.initscript != "":
@ -10646,7 +10646,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.31/gui/templates/tmp.py
 --- nsapolicycoreutils/gui/templates/tmp.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/tmp.py	2007-11-16 17:20:41.000000000 -0500
+++ policycoreutils-2.0.31/gui/templates/tmp.py	2007-11-19 16:21:42.000000000 -0500
@@ -0,0 +1,97 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -10699,7 +10699,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
 +		type TEMPLATETYPE_tmp_t;
 +	')
 +
-+	dontaudit $1 TEMPLATETYPE_tmp_t:file r_file_perms;
+	dontaudit $1 TEMPLATETYPE_tmp_t:file read_file_perms;
 +')
 +
 +########################################
@ -10717,7 +10717,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
 +		type TEMPLATETYPE_tmp_t;
 +	')
 +
-+	allow $1 TEMPLATETYPE_tmp_t:file r_file_perms;
+	allow $1 TEMPLATETYPE_tmp_t:file read_file_perms;
 +')
 +
 +########################################
@ -10888,8 +10888,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.31/gui/templates/var_lib.py
 --- nsapolicycoreutils/gui/templates/var_lib.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/var_lib.py	2007-11-16 17:20:42.000000000 -0500
-@@ -0,0 +1,162 @@
+++ policycoreutils-2.0.31/gui/templates/var_lib.py	2007-11-19 16:22:13.000000000 -0500
+@@ -0,0 +1,158 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
 +#
@ -10919,13 +10919,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +files_type(TEMPLATETYPE_var_lib_t)
 +"""
 +te_rules="""
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file manage_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir manage_dir_perms;
-+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir })
+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t,  TEMPLATETYPE_var_lib_t)
+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t,  TEMPLATETYPE_var_lib_t)
+files_var_lib_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, { file dir } )
 +"""
 +
 +te_stream_rules="""\
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_sock_file_perms;
 +files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, sock_file)
 +"""
 +
@ -10966,9 +10966,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +		type TEMPLATETYPE_var_lib_t;
 +	')
 +
-+	allow $1 TEMPLATETYPE_var_lib_t:file r_file_perms;
-+	allow $1 TEMPLATETYPE_var_lib_t:dir list_dir_perms;
 +	files_search_var_lib($1)
+        read_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
 +')
 +
 +########################################
@ -10987,9 +10986,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +		type TEMPLATETYPE_var_lib_t;
 +	')
 +
-+	allow $1 TEMPLATETYPE_var_lib_t:file manage_file_perms;
-+	allow $1 TEMPLATETYPE_var_lib_t:dir rw_dir_perms;
 +	files_search_var_lib($1)
+        manage_files_pattern($1, TEMPLATETYPE_var_lib_t,  TEMPLATETYPE_var_lib_t)
 +')
 +
 +########################################
@ -11030,9 +11028,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +		type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
 +	')
 +
-+	files_search_pids($1)
-+	allow $1 TEMPLATETYPE_var_lib_t:sock_file write;
-+	allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
+        stream_connect_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
 +')
 +"""
 +
@ -11054,7 +11050,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.31/gui/templates/var_log.py
 --- nsapolicycoreutils/gui/templates/var_log.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/var_log.py	2007-11-16 17:20:42.000000000 -0500
+++ policycoreutils-2.0.31/gui/templates/var_log.py	2007-11-19 16:22:39.000000000 -0500
@@ -0,0 +1,110 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -11086,9 +11082,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
 +"""
 +
 +te_rules="""
-+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:file manage_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:dir { rw_dir_perms setattr };
-+logging_log_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_log_t,{ file dir })
+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t,  TEMPLATETYPE_log_t)
+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t,  TEMPLATETYPE_log_t)
+logging_log_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_log_t, { file dir } )
 +"""
 +
 +########################### Interface File #############################
@ -11168,8 +11164,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.31/gui/templates/var_run.py
 --- nsapolicycoreutils/gui/templates/var_run.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/var_run.py	2007-11-16 17:20:43.000000000 -0500
-@@ -0,0 +1,119 @@
+++ policycoreutils-2.0.31/gui/templates/var_run.py	2007-11-19 16:22:06.000000000 -0500
+@@ -0,0 +1,118 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
 +#
@ -11199,13 +11195,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +"""
 +
 +te_rules="""
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:file manage_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir manage_dir_perms;
+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t,  TEMPLATETYPE_var_run_t)
+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t,  TEMPLATETYPE_var_run_t)
 +files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, { file dir })
 +"""
 +
 +te_stream_rules="""
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_sock_file_perms;
 +files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, sock_file)
 +"""
 +
@ -11226,7 +11222,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +	')
 +
 +	files_search_pids($1)
-+	allow $1 TEMPLATETYPE_var_run_t:file r_file_perms;
+	allow $1 TEMPLATETYPE_var_run_t:file read_file_perms;
 +')
 +
 +########################################
@ -11268,8 +11264,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +	')
 +
 +	files_search_pids($1)
-+	allow $1 TEMPLATETYPE_var_run_t:sock_file write;
-+	allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
+        stream_connect_pattern($1, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t)
 +')
 +"""
 +
@ -11291,8 +11286,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.31/gui/templates/var_spool.py
 --- nsapolicycoreutils/gui/templates/var_spool.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/var_spool.py	2007-11-16 17:20:43.000000000 -0500
-@@ -0,0 +1,131 @@
+++ policycoreutils-2.0.31/gui/templates/var_spool.py	2007-11-19 16:22:27.000000000 -0500
+@@ -0,0 +1,129 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
 +#
@ -11364,9 +11359,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
 +		type TEMPLATETYPE_spool_t;
 +	')
 +
-+	allow $1 TEMPLATETYPE_spool_t:file r_file_perms;
-+	allow $1 TEMPLATETYPE_spool_t:dir list_dir_perms;
 +	files_search_spool($1)
+        read_files_pattern($1, TEMPLATETYPE_spool_t TEMPLATETYPE_spool_t)
 +')
 +
 +########################################
@ -11385,9 +11379,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
 +		type TEMPLATETYPE_spool_t;
 +	')
 +
-+	allow $1 TEMPLATETYPE_spool_t:file manage_file_perms;
-+	allow $1 TEMPLATETYPE_spool_t:dir rw_dir_perms;
 +	files_search_spool($1)
+        manage_files_pattern($1,TEMPLATETYPE_spool_t,TEMPLATETYPE_spool_t)
 +')
 +
 +########################################
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.31
-Release: 18%{?dist}
+Release: 19%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -207,6 +207,11 @@ if [ "$1" -ge "1" ]; then
 fi

 %changelog
+* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-19
+- GUI Enhancements
+  - Fix cgi generation
+  - Use more patterns
+
 * Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-18
 - Remove codec hacking, which seems to be fixed in python