policycoreutils-2.4-20.fc24
- Fix 'semanage permissive -l' subcommand (#1286325) - Several 'sepolicy gui' fixes (#1281309,#1281309,#1282382)
This commit is contained in:
parent
d0523c635c
commit
a69630b7b6
@ -1358,7 +1358,7 @@ index 37c1472..9854fb2 100644
|
|||||||
<packing>
|
<packing>
|
||||||
<property name="expand">False</property>
|
<property name="expand">False</property>
|
||||||
diff --git a/policycoreutils-2.4/gui/polgengui.py b/policycoreutils-2.4/gui/polgengui.py
|
diff --git a/policycoreutils-2.4/gui/polgengui.py b/policycoreutils-2.4/gui/polgengui.py
|
||||||
index 0f0e564..1b88c47 100644
|
index 0f0e564..ac8f78f 100644
|
||||||
--- a/policycoreutils-2.4/gui/polgengui.py
|
--- a/policycoreutils-2.4/gui/polgengui.py
|
||||||
+++ b/policycoreutils-2.4/gui/polgengui.py
|
+++ b/policycoreutils-2.4/gui/polgengui.py
|
||||||
@@ -30,29 +30,15 @@ import gnome
|
@@ -30,29 +30,15 @@ import gnome
|
||||||
@ -1445,6 +1445,15 @@ index 0f0e564..1b88c47 100644
|
|||||||
self.error(e.message)
|
self.error(e.message)
|
||||||
|
|
||||||
def delete(self, args):
|
def delete(self, args):
|
||||||
|
@@ -668,7 +654,7 @@ class childWindow:
|
||||||
|
entry.set_text("")
|
||||||
|
return False
|
||||||
|
if name in self.all_modules:
|
||||||
|
- if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
|
||||||
|
+ if self.verify(_("Module %s already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
|
||||||
|
entry.set_text("")
|
||||||
|
return False
|
||||||
|
|
||||||
@@ -687,7 +673,7 @@ class childWindow:
|
@@ -687,7 +673,7 @@ class childWindow:
|
||||||
try:
|
try:
|
||||||
generate.verify_ports(self.in_tcp_entry.get_text())
|
generate.verify_ports(self.in_tcp_entry.get_text())
|
||||||
@ -655466,7 +655475,7 @@ index 0000000..e2befdb
|
|||||||
+ packages=["policycoreutils"],
|
+ packages=["policycoreutils"],
|
||||||
+)
|
+)
|
||||||
diff --git a/policycoreutils-2.4/semanage/semanage b/policycoreutils-2.4/semanage/semanage
|
diff --git a/policycoreutils-2.4/semanage/semanage b/policycoreutils-2.4/semanage/semanage
|
||||||
index dd63010..69b9c49 100644
|
index dd63010..852fecf 100644
|
||||||
--- a/policycoreutils-2.4/semanage/semanage
|
--- a/policycoreutils-2.4/semanage/semanage
|
||||||
+++ b/policycoreutils-2.4/semanage/semanage
|
+++ b/policycoreutils-2.4/semanage/semanage
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
@ -655688,16 +655697,37 @@ index dd63010..69b9c49 100644
|
|||||||
|
|
||||||
def setupBooleanParser(subparsers):
|
def setupBooleanParser(subparsers):
|
||||||
generated_usage = generate_custom_usage(usage_boolean, usage_boolean_dict)
|
generated_usage = generate_custom_usage(usage_boolean, usage_boolean_dict)
|
||||||
@@ -652,7 +666,7 @@ def setupPermissiveParser(subparsers):
|
@@ -632,12 +646,17 @@ def handlePermissive(args):
|
||||||
parser_add_noheading(permissiveParser, "permissive")
|
OBJECT = object_dict['permissive']()
|
||||||
parser_add_noreload(permissiveParser, "permissive")
|
OBJECT.set_reload(args.noreload)
|
||||||
|
|
||||||
|
- if args.action is "add":
|
||||||
|
- OBJECT.add(args.type)
|
||||||
|
if args.action is "list":
|
||||||
|
OBJECT.list(args.noheading)
|
||||||
|
- if args.action is "delete":
|
||||||
|
- OBJECT.delete(args.type)
|
||||||
|
+ elif args.type != None:
|
||||||
|
+ if args.action is "add":
|
||||||
|
+ OBJECT.add(args.type)
|
||||||
|
+ if args.action is "delete":
|
||||||
|
+ OBJECT.delete(args.type)
|
||||||
|
+ else:
|
||||||
|
+ args.parser.print_usage(sys.stderr)
|
||||||
|
+ sys.stderr.write(_('semanage permissive: error: the following argument is required: type\n'))
|
||||||
|
+ sys.exit(1)
|
||||||
|
|
||||||
|
def setupPermissiveParser(subparsers):
|
||||||
|
permissiveParser = subparsers.add_parser('permissive', help=_('Manage process type enforcement mode'))
|
||||||
|
@@ -654,6 +673,7 @@ def setupPermissiveParser(subparsers):
|
||||||
parser_add_store(permissiveParser, "permissive")
|
parser_add_store(permissiveParser, "permissive")
|
||||||
- permissiveParser.add_argument('type', nargs='?', default=None, help=_('type'))
|
permissiveParser.add_argument('type', nargs='?', default=None, help=_('type'))
|
||||||
+ permissiveParser.add_argument('type', nargs='+', default=None, help=_('type'))
|
|
||||||
permissiveParser.set_defaults(func=handlePermissive)
|
permissiveParser.set_defaults(func=handlePermissive)
|
||||||
|
+ permissiveParser.set_defaults(parser=permissiveParser)
|
||||||
|
|
||||||
def handleDontaudit(args):
|
def handleDontaudit(args):
|
||||||
@@ -670,11 +684,11 @@ def setupDontauditParser(subparsers):
|
OBJECT = object_dict['dontaudit']()
|
||||||
|
@@ -670,11 +690,11 @@ def setupDontauditParser(subparsers):
|
||||||
def handleExport(args):
|
def handleExport(args):
|
||||||
manageditems=[ "boolean", "login", "interface", "user", "port", "node", "fcontext", "module"]
|
manageditems=[ "boolean", "login", "interface", "user", "port", "node", "fcontext", "module"]
|
||||||
for i in manageditems:
|
for i in manageditems:
|
||||||
@ -655711,7 +655741,7 @@ index dd63010..69b9c49 100644
|
|||||||
|
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
|
|
||||||
@@ -743,10 +757,10 @@ def handleImport(args):
|
@@ -743,10 +763,10 @@ def handleImport(args):
|
||||||
commandParser = createCommandParser()
|
commandParser = createCommandParser()
|
||||||
args = commandParser.parse_args(mkargv(l))
|
args = commandParser.parse_args(mkargv(l))
|
||||||
args.func(args)
|
args.func(args)
|
||||||
@ -655724,7 +655754,7 @@ index dd63010..69b9c49 100644
|
|||||||
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
|
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
@@ -764,11 +778,11 @@ def setupImportParser(subparsers):
|
@@ -764,11 +784,11 @@ def setupImportParser(subparsers):
|
||||||
|
|
||||||
def createCommandParser():
|
def createCommandParser():
|
||||||
commandParser = seParser(prog='semanage',
|
commandParser = seParser(prog='semanage',
|
||||||
@ -655741,7 +655771,7 @@ index dd63010..69b9c49 100644
|
|||||||
#To add a new subcommand define the parser for it in a function above and call it here.
|
#To add a new subcommand define the parser for it in a function above and call it here.
|
||||||
subparsers = commandParser.add_subparsers(dest='subcommand')
|
subparsers = commandParser.add_subparsers(dest='subcommand')
|
||||||
setupImportParser(subparsers)
|
setupImportParser(subparsers)
|
||||||
@@ -788,7 +802,7 @@ def createCommandParser():
|
@@ -788,7 +808,7 @@ def createCommandParser():
|
||||||
|
|
||||||
def make_io_args(args):
|
def make_io_args(args):
|
||||||
# import/export backward compability
|
# import/export backward compability
|
||||||
@ -655750,7 +655780,7 @@ index dd63010..69b9c49 100644
|
|||||||
args_file = []
|
args_file = []
|
||||||
args_ie = []
|
args_ie = []
|
||||||
args_subcommand = []
|
args_subcommand = []
|
||||||
@@ -808,6 +822,8 @@ def make_io_args(args):
|
@@ -808,6 +828,8 @@ def make_io_args(args):
|
||||||
return args_subcommand+args_ie+args_file
|
return args_subcommand+args_ie+args_file
|
||||||
|
|
||||||
def make_args(sys_args):
|
def make_args(sys_args):
|
||||||
@ -655759,7 +655789,7 @@ index dd63010..69b9c49 100644
|
|||||||
args = []
|
args = []
|
||||||
if "-o" in sys_args[1:] or "-i" in sys_args[1:]:
|
if "-o" in sys_args[1:] or "-i" in sys_args[1:]:
|
||||||
args=make_io_args(sys_args[1:])
|
args=make_io_args(sys_args[1:])
|
||||||
@@ -822,21 +838,21 @@ def do_parser():
|
@@ -822,21 +844,21 @@ def do_parser():
|
||||||
args = commandParser.parse_args(make_args(sys.argv))
|
args = commandParser.parse_args(make_args(sys.argv))
|
||||||
args.func(args)
|
args.func(args)
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
@ -658725,7 +658755,7 @@ index 458a4d2..b6088af 100644
|
|||||||
+ except dbus.DBusException as e:
|
+ except dbus.DBusException as e:
|
||||||
+ print(e)
|
+ print(e)
|
||||||
diff --git a/policycoreutils-2.4/sepolicy/selinux_server.py b/policycoreutils-2.4/sepolicy/selinux_server.py
|
diff --git a/policycoreutils-2.4/sepolicy/selinux_server.py b/policycoreutils-2.4/sepolicy/selinux_server.py
|
||||||
index e94c38f..671be1a 100644
|
index e94c38f..6e8d9b2 100644
|
||||||
--- a/policycoreutils-2.4/sepolicy/selinux_server.py
|
--- a/policycoreutils-2.4/sepolicy/selinux_server.py
|
||||||
+++ b/policycoreutils-2.4/sepolicy/selinux_server.py
|
+++ b/policycoreutils-2.4/sepolicy/selinux_server.py
|
||||||
@@ -1,9 +1,9 @@
|
@@ -1,9 +1,9 @@
|
||||||
@ -658740,7 +658770,7 @@ index e94c38f..671be1a 100644
|
|||||||
import slip.dbus.service
|
import slip.dbus.service
|
||||||
from slip.dbus import polkit
|
from slip.dbus import polkit
|
||||||
import os
|
import os
|
||||||
@@ -18,7 +18,7 @@ class selinux_server(slip.dbus.service.Object):
|
@@ -18,45 +18,45 @@ class selinux_server(slip.dbus.service.Object):
|
||||||
#
|
#
|
||||||
# The semanage method runs a transaction on a series of semanage commands,
|
# The semanage method runs a transaction on a series of semanage commands,
|
||||||
# these commnds can take the output of customized
|
# these commnds can take the output of customized
|
||||||
@ -658749,7 +658779,9 @@ index e94c38f..671be1a 100644
|
|||||||
@slip.dbus.polkit.require_auth("org.selinux.semanage")
|
@slip.dbus.polkit.require_auth("org.selinux.semanage")
|
||||||
@dbus.service.method("org.selinux", in_signature='s')
|
@dbus.service.method("org.selinux", in_signature='s')
|
||||||
def semanage(self, buf):
|
def semanage(self, buf):
|
||||||
@@ -27,10 +27,10 @@ class selinux_server(slip.dbus.service.Object):
|
- p = Popen(["/usr/sbin/semanage", "import"],stdout=PIPE, stderr=PIPE, stdin=PIPE)
|
||||||
|
+ p = Popen(["/usr/sbin/semanage", "import"],stdout=PIPE, stderr=PIPE, stdin=PIPE, universal_newlines=True)
|
||||||
|
p.stdin.write(buf)
|
||||||
output = p.communicate()
|
output = p.communicate()
|
||||||
if p.returncode and p.returncode != 0:
|
if p.returncode and p.returncode != 0:
|
||||||
raise dbus.exceptions.DBusException(output[1])
|
raise dbus.exceptions.DBusException(output[1])
|
||||||
@ -658762,16 +658794,29 @@ index e94c38f..671be1a 100644
|
|||||||
# another server to make the two systems have duplicate policy.
|
# another server to make the two systems have duplicate policy.
|
||||||
#
|
#
|
||||||
@slip.dbus.polkit.require_auth("org.selinux.customized")
|
@slip.dbus.polkit.require_auth("org.selinux.customized")
|
||||||
@@ -42,7 +42,7 @@ class selinux_server(slip.dbus.service.Object):
|
@dbus.service.method("org.selinux", in_signature='', out_signature='s')
|
||||||
|
def customized(self):
|
||||||
|
- p = Popen(["/usr/sbin/semanage", "export"],stdout=PIPE, stderr=PIPE)
|
||||||
|
+ p = Popen(["/usr/sbin/semanage", "export"], stdout=PIPE, stderr=PIPE, universal_newlines=True)
|
||||||
|
buf = p.stdout.read()
|
||||||
|
output = p.communicate()
|
||||||
if p.returncode and p.returncode != 0:
|
if p.returncode and p.returncode != 0:
|
||||||
raise OSError("Failed to read SELinux configuration: %s", output)
|
raise OSError("Failed to read SELinux configuration: %s", output)
|
||||||
return buf
|
return buf
|
||||||
-
|
-
|
||||||
+
|
+
|
||||||
#
|
#
|
||||||
# The semodule_list method will return the output of semodule -l, using the customized polkit,
|
- # The semodule_list method will return the output of semodule -l, using the customized polkit,
|
||||||
|
+ # The semodule_list method will return the output of semodule --list=full, using the customized polkit,
|
||||||
# since this is a readonly behaviour
|
# since this is a readonly behaviour
|
||||||
@@ -56,7 +56,7 @@ class selinux_server(slip.dbus.service.Object):
|
#
|
||||||
|
@slip.dbus.polkit.require_auth("org.selinux.semodule_list")
|
||||||
|
@dbus.service.method("org.selinux", in_signature='', out_signature='s')
|
||||||
|
def semodule_list(self):
|
||||||
|
- p = Popen(["/usr/sbin/semodule", "-l"],stdout=PIPE, stderr=PIPE)
|
||||||
|
+ p = Popen(["/usr/sbin/semodule", "--list=full"], stdout=PIPE, stderr=PIPE, universal_newlines=True)
|
||||||
|
buf = p.stdout.read()
|
||||||
|
output = p.communicate()
|
||||||
if p.returncode and p.returncode != 0:
|
if p.returncode and p.returncode != 0:
|
||||||
raise OSError("Failed to list SELinux modules: %s", output)
|
raise OSError("Failed to list SELinux modules: %s", output)
|
||||||
return buf
|
return buf
|
||||||
@ -659221,7 +659266,7 @@ index 74fb347..ec02fb2 100755
|
|||||||
+ print("Out")
|
+ print("Out")
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/__init__.py b/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/__init__.py b/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
||||||
index 679725d..b540180 100644
|
index 679725d..7499c1c 100644
|
||||||
--- a/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
--- a/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
||||||
+++ b/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
+++ b/policycoreutils-2.4/sepolicy/sepolicy/__init__.py
|
||||||
@@ -1,25 +1,30 @@
|
@@ -1,25 +1,30 @@
|
||||||
@ -659354,7 +659399,7 @@ index 679725d..b540180 100644
|
|||||||
|
|
||||||
+def get_all_modules():
|
+def get_all_modules():
|
||||||
+ all_modules = []
|
+ all_modules = []
|
||||||
+ cmd = "semodule -l 2>/dev/null"
|
+ cmd = "semodule --list=full 2>/dev/null"
|
||||||
+ try:
|
+ try:
|
||||||
+ output = subprocess.check_output(cmd,
|
+ output = subprocess.check_output(cmd,
|
||||||
+ stderr=subprocess.STDOUT,
|
+ stderr=subprocess.STDOUT,
|
||||||
@ -659367,7 +659412,7 @@ index 679725d..b540180 100644
|
|||||||
+
|
+
|
||||||
+ for i in l:
|
+ for i in l:
|
||||||
+ if len(i):
|
+ if len(i):
|
||||||
+ all_modules.append(i.split()[0])
|
+ all_modules.append(i.split()[1])
|
||||||
+
|
+
|
||||||
+ return all_modules
|
+ return all_modules
|
||||||
+
|
+
|
||||||
@ -660956,7 +661001,7 @@ index 6b53035..a06c6c4 100644
|
|||||||
out += "%s # %s\n" % (self.write_te(out_dir), _("Type Enforcement file"))
|
out += "%s # %s\n" % (self.write_te(out_dir), _("Type Enforcement file"))
|
||||||
out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
|
out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
|
||||||
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/gui.py b/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/gui.py b/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
||||||
index 5ca87b9..4437d9e 100644
|
index 5ca87b9..23a6c33 100644
|
||||||
--- a/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
--- a/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
||||||
+++ b/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
+++ b/policycoreutils-2.4/sepolicy/sepolicy/gui.py
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
@ -661132,6 +661177,18 @@ index 5ca87b9..4437d9e 100644
|
|||||||
"on_info_button_button_press_event" : self.on_help_button,
|
"on_info_button_button_press_event" : self.on_help_button,
|
||||||
"on_back_button_clicked" : self.on_help_back_clicked,
|
"on_back_button_clicked" : self.on_help_back_clicked,
|
||||||
"on_forward_button_clicked" : self.on_help_forward_clicked,
|
"on_forward_button_clicked" : self.on_help_forward_clicked,
|
||||||
|
@@ -668,9 +663,9 @@ class SELinuxGui():
|
||||||
|
self.module_dict = {}
|
||||||
|
for m in self.dbus.semodule_list().split("\n"):
|
||||||
|
mod = m.split()
|
||||||
|
- if len(mod) < 2:
|
||||||
|
+ if len(mod) < 3:
|
||||||
|
continue
|
||||||
|
- self.module_dict[mod[0]] = { "version": mod[1], "Disabled" : (len(mod) > 2) }
|
||||||
|
+ self.module_dict[mod[1]] = { "priority": mod[0], "Disabled" : (len(mod) > 3) }
|
||||||
|
|
||||||
|
self.enable_unconfined_button.set_active(not self.module_dict["unconfined"]["Disabled"])
|
||||||
|
self.enable_permissive_button.set_active(not self.module_dict["permissivedomains"]["Disabled"])
|
||||||
@@ -703,7 +698,7 @@ class SELinuxGui():
|
@@ -703,7 +698,7 @@ class SELinuxGui():
|
||||||
|
|
||||||
def match_func(self, completion, key_string, iter, func_data):
|
def match_func(self, completion, key_string, iter, func_data):
|
||||||
@ -661294,16 +661351,21 @@ index 5ca87b9..4437d9e 100644
|
|||||||
self.modify_button.set_tooltip_text(_("Modify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.") % {"APP": self.application, "PERM": category})
|
self.modify_button.set_tooltip_text(_("Modify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.") % {"APP": self.application, "PERM": category})
|
||||||
|
|
||||||
if self.transitions_radio_button.get_active():
|
if self.transitions_radio_button.get_active():
|
||||||
@@ -1441,7 +1436,7 @@ class SELinuxGui():
|
@@ -1440,8 +1435,12 @@ class SELinuxGui():
|
||||||
|
def stripsort(self, model, row1, row2, user_data):
|
||||||
sort_column, _ = model.get_sort_column_id()
|
sort_column, _ = model.get_sort_column_id()
|
||||||
val1 = self.unmarkup(model.get_value(row1, sort_column))
|
val1 = self.unmarkup(model.get_value(row1, sort_column))
|
||||||
|
+ if val1 is None:
|
||||||
|
+ val1 = ""
|
||||||
val2 = self.unmarkup(model.get_value(row2, sort_column))
|
val2 = self.unmarkup(model.get_value(row2, sort_column))
|
||||||
- return cmp(val1,val2)
|
- return cmp(val1,val2)
|
||||||
|
+ if val2 is None:
|
||||||
|
+ val2 = ""
|
||||||
+ return (val1 > val2) - (val1 < val2)
|
+ return (val1 > val2) - (val1 < val2)
|
||||||
|
|
||||||
def display_more_detail(self, windows, path):
|
def display_more_detail(self, windows, path):
|
||||||
it = self.boolean_filter.get_iter(path)
|
it = self.boolean_filter.get_iter(path)
|
||||||
@@ -1627,7 +1622,7 @@ class SELinuxGui():
|
@@ -1627,7 +1626,7 @@ class SELinuxGui():
|
||||||
self.files_type_combolist.clear()
|
self.files_type_combolist.clear()
|
||||||
self.files_class_combolist.clear()
|
self.files_class_combolist.clear()
|
||||||
compare = self.strip_domain(self.application)
|
compare = self.strip_domain(self.application)
|
||||||
@ -661312,7 +661374,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
if d[0].startswith(compare) and d[0] != self.application and not d[0].startswith("httpd_sys"):
|
if d[0].startswith(compare) and d[0] != self.application and not d[0].startswith("httpd_sys"):
|
||||||
exclude_list.append(self.strip_domain(d[0]))
|
exclude_list.append(self.strip_domain(d[0]))
|
||||||
|
|
||||||
@@ -1638,7 +1633,7 @@ class SELinuxGui():
|
@@ -1638,7 +1637,7 @@ class SELinuxGui():
|
||||||
self.files_class_combolist.set_value(iter, 0, sepolicy.file_type_str[files])
|
self.files_class_combolist.set_value(iter, 0, sepolicy.file_type_str[files])
|
||||||
|
|
||||||
if ipage == EXE_PAGE and self.entrypoints != None:
|
if ipage == EXE_PAGE and self.entrypoints != None:
|
||||||
@ -661321,7 +661383,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
if exe.startswith(compare):
|
if exe.startswith(compare):
|
||||||
iter = self.files_type_combolist.append()
|
iter = self.files_type_combolist.append()
|
||||||
self.files_type_combolist.set_value(iter, 0, exe)
|
self.files_type_combolist.set_value(iter, 0, exe)
|
||||||
@@ -1648,7 +1643,7 @@ class SELinuxGui():
|
@@ -1648,7 +1647,7 @@ class SELinuxGui():
|
||||||
self.files_class_combobox.set_sensitive(False)
|
self.files_class_combobox.set_sensitive(False)
|
||||||
|
|
||||||
elif ipage == WRITABLE_PAGE and self.writable_files != None:
|
elif ipage == WRITABLE_PAGE and self.writable_files != None:
|
||||||
@ -661330,7 +661392,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
if write.startswith(compare) and not self.exclude_type(write, exclude_list) and write in self.file_types:
|
if write.startswith(compare) and not self.exclude_type(write, exclude_list) and write in self.file_types:
|
||||||
iter = self.files_type_combolist.append()
|
iter = self.files_type_combolist.append()
|
||||||
self.files_type_combolist.set_value(iter, 0, write)
|
self.files_type_combolist.set_value(iter, 0, write)
|
||||||
@@ -1665,7 +1660,7 @@ class SELinuxGui():
|
@@ -1665,7 +1664,7 @@ class SELinuxGui():
|
||||||
self.more_types_files_liststore.set_value(iter, 0, app)
|
self.more_types_files_liststore.set_value(iter, 0, app)
|
||||||
self.files_class_combobox.set_active(0)
|
self.files_class_combobox.set_active(0)
|
||||||
except AttributeError:
|
except AttributeError:
|
||||||
@ -661339,7 +661401,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
pass
|
pass
|
||||||
self.files_type_combobox.set_active(0)
|
self.files_type_combobox.set_active(0)
|
||||||
self.files_mls_entry.set_text("s0")
|
self.files_mls_entry.set_text("s0")
|
||||||
@@ -1706,13 +1701,13 @@ class SELinuxGui():
|
@@ -1706,13 +1705,13 @@ class SELinuxGui():
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if ipage == OUTBOUND_PAGE:
|
if ipage == OUTBOUND_PAGE:
|
||||||
@ -661357,7 +661419,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
for t,ports in netd[k]:
|
for t,ports in netd[k]:
|
||||||
if t not in port_types + ["port_t", "unreserved_port_t"]:
|
if t not in port_types + ["port_t", "unreserved_port_t"]:
|
||||||
if t.endswith("_type"):
|
if t.endswith("_type"):
|
||||||
@@ -1807,7 +1802,7 @@ class SELinuxGui():
|
@@ -1807,7 +1806,7 @@ class SELinuxGui():
|
||||||
self.wait_mouse()
|
self.wait_mouse()
|
||||||
try:
|
try:
|
||||||
self.dbus.semanage(update_buffer)
|
self.dbus.semanage(update_buffer)
|
||||||
@ -661366,7 +661428,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
self.error(e)
|
self.error(e)
|
||||||
self.ready_mouse()
|
self.ready_mouse()
|
||||||
|
|
||||||
@@ -1885,7 +1880,7 @@ class SELinuxGui():
|
@@ -1885,7 +1884,7 @@ class SELinuxGui():
|
||||||
tree.set_value(iter, 2, fclass)
|
tree.set_value(iter, 2, fclass)
|
||||||
|
|
||||||
def restore_to_default(self, *args):
|
def restore_to_default(self, *args):
|
||||||
@ -661375,7 +661437,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
|
|
||||||
def invalid_entry_retry(self, *args):
|
def invalid_entry_retry(self, *args):
|
||||||
self.closewindow(self.error_check_window)
|
self.closewindow(self.error_check_window)
|
||||||
@@ -2138,7 +2133,7 @@ class SELinuxGui():
|
@@ -2138,7 +2137,7 @@ class SELinuxGui():
|
||||||
|
|
||||||
def on_save_delete_file_equiv_clicked(self, *args):
|
def on_save_delete_file_equiv_clicked(self, *args):
|
||||||
for delete in self.files_delete_liststore:
|
for delete in self.files_delete_liststore:
|
||||||
@ -661384,7 +661446,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
|
|
||||||
def on_toggle_update(self, cell, path, model):
|
def on_toggle_update(self, cell, path, model):
|
||||||
model[path][0] = not model[path][0]
|
model[path][0] = not model[path][0]
|
||||||
@@ -2180,7 +2175,6 @@ class SELinuxGui():
|
@@ -2180,7 +2179,6 @@ class SELinuxGui():
|
||||||
self.update = True
|
self.update = True
|
||||||
self.update_treestore.clear()
|
self.update_treestore.clear()
|
||||||
for bools in self.cur_dict["boolean"]:
|
for bools in self.cur_dict["boolean"]:
|
||||||
@ -661392,7 +661454,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
iter = self.update_treestore.append(None)
|
iter = self.update_treestore.append(None)
|
||||||
self.update_treestore.set_value(iter, 0, True)
|
self.update_treestore.set_value(iter, 0, True)
|
||||||
self.update_treestore.set_value(iter, 1, sepolicy.boolean_desc(bools))
|
self.update_treestore.set_value(iter, 1, sepolicy.boolean_desc(bools))
|
||||||
@@ -2411,8 +2405,11 @@ class SELinuxGui():
|
@@ -2411,8 +2409,11 @@ class SELinuxGui():
|
||||||
cur = selinux.getfilecon(path)[1].split(":")[2]
|
cur = selinux.getfilecon(path)[1].split(":")[2]
|
||||||
con = selinux.matchpathcon(path,0)[1].split(":")[2]
|
con = selinux.matchpathcon(path,0)[1].split(":")[2]
|
||||||
if self.verify(_("Run restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?") % {"PATH":path, "CUR_CONTEXT": cur, "DEF_CONTEXT": con}, title="restorecon dialog") == Gtk.ResponseType.YES:
|
if self.verify(_("Run restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?") % {"PATH":path, "CUR_CONTEXT": cur, "DEF_CONTEXT": con}, title="restorecon dialog") == Gtk.ResponseType.YES:
|
||||||
@ -661406,7 +661468,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
|
|
||||||
def new_updates(self, *args):
|
def new_updates(self, *args):
|
||||||
self.update_button.set_sensitive(self.modified())
|
self.update_button.set_sensitive(self.modified())
|
||||||
@@ -2446,8 +2443,8 @@ class SELinuxGui():
|
@@ -2446,8 +2447,8 @@ class SELinuxGui():
|
||||||
self.wait_mouse()
|
self.wait_mouse()
|
||||||
try:
|
try:
|
||||||
self.dbus.semanage(update_buffer)
|
self.dbus.semanage(update_buffer)
|
||||||
@ -661417,7 +661479,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
self.ready_mouse()
|
self.ready_mouse()
|
||||||
self.init_cur()
|
self.init_cur()
|
||||||
|
|
||||||
@@ -2541,34 +2538,7 @@ class SELinuxGui():
|
@@ -2541,34 +2542,7 @@ class SELinuxGui():
|
||||||
self.network_mls_label.set_visible(advanced)
|
self.network_mls_label.set_visible(advanced)
|
||||||
self.network_mls_entry.set_visible(advanced)
|
self.network_mls_entry.set_visible(advanced)
|
||||||
|
|
||||||
@ -661453,7 +661515,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
|
if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
|
||||||
label.set_text(ADVANCED_SEARCH_LABEL[0])
|
label.set_text(ADVANCED_SEARCH_LABEL[0])
|
||||||
self.close_popup()
|
self.close_popup()
|
||||||
@@ -2576,25 +2546,6 @@ class SELinuxGui():
|
@@ -2576,25 +2550,6 @@ class SELinuxGui():
|
||||||
label.set_text(ADVANCED_SEARCH_LABEL[1])
|
label.set_text(ADVANCED_SEARCH_LABEL[1])
|
||||||
self.show_popup(self.advanced_search_window)
|
self.show_popup(self.advanced_search_window)
|
||||||
|
|
||||||
@ -661479,7 +661541,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
def set_enforce_text(self, value):
|
def set_enforce_text(self, value):
|
||||||
if value:
|
if value:
|
||||||
self.status_bar.push(self.context_id, _("System Status: Enforcing"))
|
self.status_bar.push(self.context_id, _("System Status: Enforcing"))
|
||||||
@@ -2603,8 +2554,14 @@ class SELinuxGui():
|
@@ -2603,8 +2558,14 @@ class SELinuxGui():
|
||||||
self.current_status_permissive.set_active(True)
|
self.current_status_permissive.set_active(True)
|
||||||
|
|
||||||
def set_enforce(self, button):
|
def set_enforce(self, button):
|
||||||
@ -661496,7 +661558,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
|
|
||||||
def on_browse_select(self, *args):
|
def on_browse_select(self, *args):
|
||||||
filename = self.file_dialog.get_filename()
|
filename = self.file_dialog.get_filename()
|
||||||
@@ -2664,16 +2621,22 @@ class SELinuxGui():
|
@@ -2664,16 +2625,22 @@ class SELinuxGui():
|
||||||
self.system_policy_type_combobox.set_active(self.typeHistory)
|
self.system_policy_type_combobox.set_active(self.typeHistory)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@ -661523,7 +661585,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
|
|
||||||
def import_config_show(self, *args):
|
def import_config_show(self, *args):
|
||||||
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
|
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
|
||||||
@@ -2730,7 +2693,7 @@ class SELinuxGui():
|
@@ -2730,7 +2697,7 @@ class SELinuxGui():
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
self.dbus.relabel_on_boot(active)
|
self.dbus.relabel_on_boot(active)
|
||||||
@ -661532,7 +661594,7 @@ index 5ca87b9..4437d9e 100644
|
|||||||
self.error(e)
|
self.error(e)
|
||||||
|
|
||||||
def closewindow(self, window, *args):
|
def closewindow(self, window, *args):
|
||||||
@@ -2816,10 +2779,13 @@ class SELinuxGui():
|
@@ -2816,10 +2783,13 @@ class SELinuxGui():
|
||||||
if not self.finish_init:
|
if not self.finish_init:
|
||||||
return
|
return
|
||||||
self.wait_mouse()
|
self.wait_mouse()
|
||||||
@ -663437,7 +663499,7 @@ index c6645ef..8965795 100644
|
|||||||
+ except dbus.DBusException as e:
|
+ except dbus.DBusException as e:
|
||||||
+ print (e)
|
+ print (e)
|
||||||
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade b/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
diff --git a/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade b/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
||||||
index 1275c7f..b848baa 100644
|
index 1275c7f..83822dd 100644
|
||||||
--- a/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
--- a/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
||||||
+++ b/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
+++ b/policycoreutils-2.4/sepolicy/sepolicy/sepolicy.glade
|
||||||
@@ -2,7 +2,7 @@
|
@@ -2,7 +2,7 @@
|
||||||
@ -663510,6 +663572,15 @@ index 1275c7f..b848baa 100644
|
|||||||
<property name="xalign">0.5</property>
|
<property name="xalign">0.5</property>
|
||||||
<property name="draw_indicator">True</property>
|
<property name="draw_indicator">True</property>
|
||||||
<signal name="toggled" handler="on_make_path_recursive_toggled" swapped="no"/>
|
<signal name="toggled" handler="on_make_path_recursive_toggled" swapped="no"/>
|
||||||
|
@@ -1061,7 +1043,7 @@
|
||||||
|
<object class="GtkImage" id="help_image">
|
||||||
|
<property name="visible">True</property>
|
||||||
|
<property name="can_focus">False</property>
|
||||||
|
- <property name="pixbuf">images/booleans.png</property>
|
||||||
|
+ <property name="pixbuf">help/booleans.png</property>
|
||||||
|
</object>
|
||||||
|
<packing>
|
||||||
|
<property name="expand">False</property>
|
||||||
@@ -2948,7 +2930,7 @@ Enabled</property>
|
@@ -2948,7 +2930,7 @@ Enabled</property>
|
||||||
<property name="tooltip_text" translatable="yes">Executables which will transition to a different domain, when the 'selected domain' executes them.</property>
|
<property name="tooltip_text" translatable="yes">Executables which will transition to a different domain, when the 'selected domain' executes them.</property>
|
||||||
<property name="xpad">1</property>
|
<property name="xpad">1</property>
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.4
|
Version: 2.4
|
||||||
Release: 19%{?dist}
|
Release: 20%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||||
@ -18,7 +18,7 @@ Source2: policycoreutils_man_ru2.tar.bz2
|
|||||||
Source3: system-config-selinux.png
|
Source3: system-config-selinux.png
|
||||||
Source4: sepolicy-icons.tgz
|
Source4: sepolicy-icons.tgz
|
||||||
# use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/
|
# use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/
|
||||||
# HEAD https://github.com/fedora-selinux/selinux/commit/d0f3cdcf325dc08aae2a2884c9cdcb35d82baf19
|
# HEAD https://github.com/fedora-selinux/selinux/commit/3f154b2e8e2978ba65afbd224f4bbd64e2374a36
|
||||||
Patch: policycoreutils-rhat.patch
|
Patch: policycoreutils-rhat.patch
|
||||||
Patch1: sepolgen-rhat.patch
|
Patch1: sepolgen-rhat.patch
|
||||||
Patch100: policycoreutils-fix-semanage-python3.patch
|
Patch100: policycoreutils-fix-semanage-python3.patch
|
||||||
@ -404,6 +404,10 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%systemd_postun_with_restart restorecond.service
|
%systemd_postun_with_restart restorecond.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Dec 14 2015 Petr Lautrbach <plautrba@redhat.com> - 2.4-20
|
||||||
|
- Fix 'semanage permissive -l' subcommand (#1286325)
|
||||||
|
- Several 'sepolicy gui' fixes (#1281309,#1281309,#1282382)
|
||||||
|
|
||||||
* Tue Nov 17 2015 Petr Lautrbach <plautrba@redhat.com> 2.4-19
|
* Tue Nov 17 2015 Petr Lautrbach <plautrba@redhat.com> 2.4-19
|
||||||
- Require at least one argument for 'semanage permissive -d' (#1255676)
|
- Require at least one argument for 'semanage permissive -d' (#1255676)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user