* Tue Mar 21 2006 Dan Walsh <dwalsh@redhat.com> 1.30.1-4

- Clean up reference policy generation in audit2allow
This commit is contained in:
Daniel J Walsh 2006-03-29 15:14:48 +00:00
parent 19ac317520
commit a63185882d
2 changed files with 81 additions and 14 deletions

View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.30.1/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2006-03-10 09:48:04.000000000 -0500
+++ policycoreutils-1.30.1/audit2allow/audit2allow 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/audit2allow/audit2allow 2006-03-29 10:08:58.000000000 -0500
@@ -27,15 +27,14 @@
import commands, sys, os, pwd, string, getopt, re, selinux
@ -39,9 +39,73 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
for s in Scon:
for t in Tcon:
for c in Class:
@@ -217,12 +215,15 @@
class seruleRecords:
def __init__(self, input, last_reload=0, verbose=0, te_ind=0):
self.last_reload=last_reload
- self.seRules={}
+ self.initialize()
+ self.load(input, te_ind)
+ self.gen_ref_policy = False
+
+ def initialize(self):
+ self.seRules={}
self.seclasses={}
self.types=[]
self.roles=[]
- self.load(input, te_ind)
- self.gen_ref_policy = False
def gen_reference_policy(self):
self.gen_ref_policy = True
@@ -330,7 +331,7 @@
return
if "load_policy" in avc and self.last_reload:
- self.seRules={}
+ self.initialize()
if "granted" in avc:
return
@@ -395,6 +396,9 @@
self.types.append(type)
def gen_module(self, module):
+ if self.gen_ref_policy:
+ return "policy_module(%s, 1.0);" % module
+ else:
return "module %s 1.0;" % module
def gen_requires(self):
@@ -403,11 +407,11 @@
keys=self.seclasses.keys()
keys.sort()
rec="\n\nrequire {\n"
- if len(self.roles) > 0:
- for i in self.roles:
- rec += "\trole %s; \n" % i
- rec += "\n"
-
+# if len(self.roles) > 0:
+# for i in self.roles:
+# rec += "\trole %s; \n" % i
+# rec += "\n"
+#
for i in keys:
access=self.seclasses[i]
if len(access) > 1:
@@ -423,7 +427,7 @@
for i in self.types:
rec += "\ttype %s; \n" % i
- rec += " };\n\n\n"
+ rec += "};\n\n"
return rec
def out(self, require=0, module=""):
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.30.1/Makefile
--- nsapolicycoreutils/Makefile 2005-11-29 10:55:01.000000000 -0500
+++ policycoreutils-1.30.1/Makefile 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/Makefile 2006-03-28 23:03:06.000000000 -0500
@@ -1,4 +1,4 @@
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
@ -50,7 +114,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils
@for subdir in $(SUBDIRS); do \
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-1.30.1/restorecond/Makefile
--- nsapolicycoreutils/restorecond/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/Makefile 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/Makefile 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,29 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@ -83,7 +147,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile pol
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-1.30.1/restorecond/restorecond.8
--- nsapolicycoreutils/restorecond/restorecond.8 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.8 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.8 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,31 @@
+.TH "restorecond" "8" "2002031409" "" ""
+.SH "NAME"
@ -118,7 +182,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+.BR restorecon (8),
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30.1/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.c 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.c 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,451 @@
+/*
+ * restorecond
@ -573,7 +637,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+}
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.30.1/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.conf 2006-03-21 11:14:22.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.conf 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,4 @@
+/etc/resolv.conf
+/etc/mtab
@ -581,7 +645,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+~/public_html
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-1.30.1/restorecond/restorecond.h
--- nsapolicycoreutils/restorecond/restorecond.h 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.h 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.h 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,31 @@
+/* restorecond.h --
+ * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -616,7 +680,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-1.30.1/restorecond/restorecond.init
--- nsapolicycoreutils/restorecond/restorecond.init 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.init 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/restorecond.init 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,61 @@
+#!/bin/sh
+#
@ -681,7 +745,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+exit 0
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.c policycoreutils-1.30.1/restorecond/stringslist.c
--- nsapolicycoreutils/restorecond/stringslist.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/stringslist.c 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/stringslist.c 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2006 Red Hat
@ -803,7 +867,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
+#endif
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.h policycoreutils-1.30.1/restorecond/stringslist.h
--- nsapolicycoreutils/restorecond/stringslist.h 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/stringslist.h 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/stringslist.h 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,37 @@
+/* stringslist.h --
+ * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -844,7 +908,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
+#endif
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-1.30.1/restorecond/utmpwatcher.c
--- nsapolicycoreutils/restorecond/utmpwatcher.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/utmpwatcher.c 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/utmpwatcher.c 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,105 @@
+/*
+ * utmpwatcher.c
@ -953,7 +1017,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.h policycoreutils-1.30.1/restorecond/utmpwatcher.h
--- nsapolicycoreutils/restorecond/utmpwatcher.h 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/utmpwatcher.h 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/restorecond/utmpwatcher.h 2006-03-28 23:03:06.000000000 -0500
@@ -0,0 +1,29 @@
+/* utmpwatcher.h --
+ * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -986,7 +1050,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
+#endif
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30.1/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2006-01-04 13:07:46.000000000 -0500
+++ policycoreutils-1.30.1/scripts/fixfiles 2006-03-21 11:13:31.000000000 -0500
+++ policycoreutils-1.30.1/scripts/fixfiles 2006-03-28 23:03:06.000000000 -0500
@@ -124,7 +124,15 @@
exit $?
fi

View File

@ -5,7 +5,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.30.1
Release: 3
Release: 4
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -107,6 +107,9 @@ rm -rf ${RPM_BUILD_ROOT}
service restorecond condrestart
%changelog
* Tue Mar 21 2006 Dan Walsh <dwalsh@redhat.com> 1.30.1-4
- Clean up reference policy generation in audit2allow
* Tue Mar 21 2006 Dan Walsh <dwalsh@redhat.com> 1.30.1-3
- Add IN_MOVED_TO to catch renames