Add --path as a parameter to sepolicy generate

- Print warning message if program does not exists when generating policy, and do not attempt to run nm command
- Fix sepolicy generate -T to not take an argument, and supress the help message
- Since this is really just a testing tool

policycoreutils-rhat.patch

@@ -333780,10 +333780,10 @@ index 0000000..c1d9411
 +}
 diff --git a/policycoreutils/sepolicy/sepolicy-bash-completion.sh b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
 new file mode 100644
-index 0000000..d7cd4dc
+index 0000000..d4ea0e7
 --- /dev/null
 +++ b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
-@@ -0,0 +1,147 @@
+@@ -0,0 +1,151 @@
 +# This file is part of systemd.
 +#
 +# Copyright 2011 Dan Walsh
@@ -333853,7 +333853,7 @@ index 0000000..d7cd4dc
 +	       [network]='-h --help -d --domain -l --list -p --port -t --type '
 +	       [communicate]='-h --help -s --source -t --target -c --class -S --sourceaccess -T --targetaccess'
 +	       [transition]='-h --help -s --source -t --target'
-+	       [generate]='-h --help -t --type -n --name -T --test'
++	       [generate]='-h --help  -p --path -t --type -n --name -T --test'
 +        )
 +
 +        for ((i=0; $i <= $COMP_CWORD; i++)); do
@@ -333916,6 +333916,10 @@ index 0000000..d7cd4dc
 +	elif [ "$verb" = "generate" ]; then
 +	    if [ "$prev" = "--name" -o "$prev" = "-n" ]; then
 +		return 0
++	    elif test "$prev" = "-p" || test "$prev" = "--path" ; then
++		COMPREPLY=( $( compgen -d -- "$cur") )
++		compopt -o filenames
++		return 0
 +	    elif [ "$prev" = "--type" -o "$prev" = "-t" ]; then
 +		COMPREPLY=( $(compgen -W '0 1 2 3 4 5 6 7 8 9 10' -- "$cur") )
 +		return 0
@@ -334013,10 +334017,10 @@ index 0000000..764fd35
 +
 diff --git a/policycoreutils/sepolicy/sepolicy-generate.8 b/policycoreutils/sepolicy/sepolicy-generate.8
 new file mode 100644
-index 0000000..a592d85
+index 0000000..19aa99d
 --- /dev/null
 +++ b/policycoreutils/sepolicy/sepolicy-generate.8
-@@ -0,0 +1,106 @@
+@@ -0,0 +1,109 @@
 +.TH "sepolicy-generate" "8" "20121005" "" ""
 +.SH "NAME"
 +sepolicy-generate \- Generate an initial SELinux policy module template.
@@ -334024,7 +334028,7 @@ index 0000000..a592d85
 +.SH "SYNOPSIS"
 +
 +.br
-+.B sepolicy generate [-h] [-t TYPE] [-n NAME] [-T TEST] [ command | confineduser ]
++.B sepolicy generate [\-h] [\-t TYPE] [\-n NAME] [\-p PATH ] [\-T TEST] [ command | confineduser ]
 +
 +.SH "DESCRIPTION"
 +Use sepolicy generate to generate an SELinux policy Module.  sepolicy generate will generate 4 files.
@@ -334098,6 +334102,9 @@ index 0000000..a592d85
 +.TP
 +.I                \-n, \-\-name
 +Specify alternate name of policy. The policy will default to the executable or name specified.
++.TP
++.I                \-p, \-\-path
++Specify the directory to store the created policy files. (Default to current working directory )
 +
 +.SH "EXAMPLE"
 +.B > sepolicy generate /usr/sbin/rwhod
@@ -334125,7 +334132,7 @@ index 0000000..a592d85
 +sepolicy(8), selinux(8)
 diff --git a/policycoreutils/sepolicy/sepolicy-manpage.8 b/policycoreutils/sepolicy/sepolicy-manpage.8
 new file mode 100644
-index 0000000..75a2013
+index 0000000..b6abdf5
 --- /dev/null
 +++ b/policycoreutils/sepolicy/sepolicy-manpage.8
 @@ -0,0 +1,34 @@
@@ -334152,11 +334159,11 @@ index 0000000..75a2013
 +.I                \-h, \-\-help       
 +Display help message
 +.TP
-+.I                \-w, \-\-web
-+Generate an additional HTML man pages for the specified domain(s).
-+.TP
 +.I                \-p, \-\-path
 +Specify the directory to store the created man pages. (Default to /tmp)
++.TP
++.I                \-w, \-\-web
++Generate an additional HTML man pages for the specified domain(s).
 +
 +.SH "AUTHOR"
 +This man page was written by Daniel Walsh <dwalsh@redhat.com>
@@ -334316,10 +334323,10 @@ index 0000000..a40f37d
 +selinux(8), sepolicy-generate(8), sepolicy-communicate(8), sepolicy-generate(8),  sepolicy-network(8), sepolicy-transition(8)
 diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
 new file mode 100755
-index 0000000..dd4adef
+index 0000000..7bc7f18
 --- /dev/null
 +++ b/policycoreutils/sepolicy/sepolicy.py
-@@ -0,0 +1,331 @@
+@@ -0,0 +1,334 @@
 +#! /usr/bin/python -Es
 +# Copyright (C) 2012 Red Hat
 +# AUTHOR: Dan Walsh <dwalsh@redhat.com>
@@ -334536,6 +334543,7 @@ index 0000000..dd4adef
 +        writable = get_types(args.source, args.tclass, args.sourceaccess.split(","))
 +        readable = get_types(args.target, args.tclass, args.targetaccess.split(","))
 +        out = list(set(writable) & set(readable))
++
 +        for t in out:
 +            print t
 +
@@ -334611,7 +334619,7 @@ index 0000000..dd4adef
 +    if args.type in APPLICATIONS:
 +        mypolicy.gen_writeable()
 +        mypolicy.gen_symbols()
-+    print mypolicy.generate()
++    print mypolicy.generate(args.path)
 +
 +def gen_generate_args(parser):
 +    from sepolicy.generate import DAEMON, get_poltype_desc
@@ -334625,8 +334633,10 @@ index 0000000..dd4adef
 +                     help=_("name of policy to generate"))
 +    pol.add_argument("command",
 +                     help=_("executable to confine"))
-+    pol.add_argument("-T", "--test", dest="test",
++    pol.add_argument("-T", "--test", dest="test", default=False, action="store_true",
-+                     default=None, help=_("run policy generation test suite"))
++                     help=argparse.SUPPRESS)
++    pol.add_argument("-p", "--path", dest="path", default=os.getcwd(),
++                     help=_("path in which the generated policy files will be stored"))
 +    pol.set_defaults(func=generate)
 +
 +if __name__ == '__main__':
@@ -334899,10 +334909,10 @@ index 0000000..a179d95
 +
 diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
 new file mode 100644
-index 0000000..d43d470
+index 0000000..209568c
 --- /dev/null
 +++ b/policycoreutils/sepolicy/sepolicy/generate.py
-@@ -0,0 +1,1295 @@
+@@ -0,0 +1,1302 @@
 +#!/usr/bin/python -Es
 +#
 +# Copyright (C) 2007-2012 Red Hat
@@ -336182,7 +336192,14 @@ index 0000000..d43d470
 +        def gen_symbols(self):
 +            if self.type not in APPLICATIONS:
 +                return
++            if not os.path.exists(self.program):
++                sys.stderr.write("""
++***************************************
++Warning %s does not exist
++***************************************
 +
++""" % self.program)
++                return
 +            fd = os.popen("nm -D %s | grep U" % self.program)
 +            for s in fd.read().split():
 +                for b in self.symbols:
@@ -336190,8 +336207,8 @@ index 0000000..d43d470
 +                        exec "self.%s" %  self.symbols[b]
 +            fd.close()
 +
-+	def generate(self, out_dir = "."):
++	def generate(self, out_dir = os.getcwd() ):
-+            out = "Created the following files:/\n"
++            out = "Created the following files:\n"
 +            out += "%s # %s\n" % (self.write_te(out_dir), _("Type Enforcement file"))
 +            out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
 +            out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))

policycoreutils.spec

@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.13
-Release: 40%{?dist}
+Release: 41%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -338,6 +338,12 @@ The policycoreutils-restorecond package contains the restorecond service.
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Fri Nov 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-41
+- Add --path as a parameter to sepolicy generate
+- Print warning message if program does not exists when generating policy, and do not attempt to run nm command
+- Fix sepolicy generate -T to not take an argument, and supress the help message
+- Since this is really just a testing tool
+
 * Fri Nov 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-40
 - Fix sepolicy communicate to handle invalid input