* Thu Sep 6 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-10
- Change Requires /bin/rpm to rpm
This commit is contained in:
parent
35a05d0eef
commit
a91903f082
@ -914,8 +914,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.25/gui/polgen.glade
|
||||
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.25/gui/polgen.glade 2007-09-05 22:33:12.000000000 -0400
|
||||
@@ -0,0 +1,2312 @@
|
||||
+++ policycoreutils-2.0.25/gui/polgen.glade 2007-09-10 11:56:01.000000000 -0400
|
||||
@@ -0,0 +1,2364 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
||||
+
|
||||
@ -1028,7 +1028,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
|
||||
+ <child>
|
||||
+ <widget class="GtkNotebook" id="notebook1">
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="show_tabs">False</property>
|
||||
+ <property name="can_focus">True</property>
|
||||
+ <property name="show_tabs">True</property>
|
||||
+ <property name="show_border">True</property>
|
||||
+ <property name="tab_pos">GTK_POS_TOP</property>
|
||||
+ <property name="scrollable">False</property>
|
||||
@ -1772,6 +1773,57 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
|
||||
+ </child>
|
||||
+
|
||||
+ <child>
|
||||
+ <widget class="GnomeDruidPageStandard" id="roles_page">
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="title" translatable="yes">Select the roles(s) that this user will be able to become</property>
|
||||
+
|
||||
+ <child internal-child="vbox">
|
||||
+ <widget class="GtkVBox" id="vbox13">
|
||||
+ <property name="border_width">16</property>
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="homogeneous">False</property>
|
||||
+ <property name="spacing">6</property>
|
||||
+
|
||||
+ <child>
|
||||
+ <widget class="GtkScrolledWindow" id="scrolledwindow4">
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="can_focus">True</property>
|
||||
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
||||
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
||||
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
||||
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
||||
+
|
||||
+ <child>
|
||||
+ <widget class="GtkTreeView" id="role_treeview">
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="tooltip" translatable="yes">Select the domains that you would like this user administer.</property>
|
||||
+ <property name="can_focus">True</property>
|
||||
+ <property name="headers_visible">False</property>
|
||||
+ <property name="rules_hint">False</property>
|
||||
+ <property name="reorderable">False</property>
|
||||
+ <property name="enable_search">True</property>
|
||||
+ <property name="fixed_height_mode">False</property>
|
||||
+ <property name="hover_selection">False</property>
|
||||
+ <property name="hover_expand">False</property>
|
||||
+ </widget>
|
||||
+ </child>
|
||||
+ </widget>
|
||||
+ <packing>
|
||||
+ <property name="padding">0</property>
|
||||
+ <property name="expand">True</property>
|
||||
+ <property name="fill">True</property>
|
||||
+ </packing>
|
||||
+ </child>
|
||||
+ </widget>
|
||||
+ </child>
|
||||
+ </widget>
|
||||
+ <packing>
|
||||
+ <property name="tab_expand">False</property>
|
||||
+ <property name="tab_fill">True</property>
|
||||
+ </packing>
|
||||
+ </child>
|
||||
+
|
||||
+ <child>
|
||||
+ <widget class="GtkLabel" id="label30">
|
||||
+ <property name="visible">True</property>
|
||||
+ <property name="label" translatable="yes">label30</property>
|
||||
@ -3230,8 +3282,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
|
||||
+</glade-interface>
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.25/gui/polgengui.py
|
||||
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.25/gui/polgengui.py 2007-09-05 22:33:06.000000000 -0400
|
||||
@@ -0,0 +1,432 @@
|
||||
+++ policycoreutils-2.0.25/gui/polgengui.py 2007-09-10 11:58:05.000000000 -0400
|
||||
@@ -0,0 +1,452 @@
|
||||
+#!/usr/bin/python
|
||||
+#
|
||||
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
|
||||
@ -3265,6 +3317,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+import sys
|
||||
+import polgen
|
||||
+import re
|
||||
+import commands
|
||||
+
|
||||
+
|
||||
+##
|
||||
+## I18N
|
||||
@ -3311,12 +3365,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ APP_PAGE = 2
|
||||
+ TRANSITION_PAGE = 3
|
||||
+ ADMIN_PAGE = 4
|
||||
+ IN_NET_PAGE = 5
|
||||
+ OUT_NET_PAGE = 6
|
||||
+ COMMON_APPS_PAGE = 7
|
||||
+ FILES_PAGE = 8
|
||||
+ GEN_POLICY_PAGE = 9
|
||||
+ FINISH_PAGE = 10
|
||||
+ ROLE_PAGE = 5
|
||||
+ IN_NET_PAGE = 6
|
||||
+ OUT_NET_PAGE = 7
|
||||
+ COMMON_APPS_PAGE = 8
|
||||
+ FILES_PAGE = 9
|
||||
+ GEN_POLICY_PAGE = 10
|
||||
+ FINISH_PAGE = 11
|
||||
+
|
||||
+ def __init__(self):
|
||||
+ self.xml = xml
|
||||
@ -3335,7 +3390,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ self.notebook = xml.get_widget ("notebook1")
|
||||
+ self.pages={}
|
||||
+ for i in polgen.USERS:
|
||||
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_POLICY_PAGE, self.FINISH_PAGE]
|
||||
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_POLICY_PAGE, self.FINISH_PAGE]
|
||||
+ self.pages[polgen.RUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_POLICY_PAGE, self.FINISH_PAGE]
|
||||
+ for i in polgen.APPLICATIONS:
|
||||
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE,self.GEN_POLICY_PAGE, self.FINISH_PAGE ]
|
||||
@ -3373,6 +3428,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ for b in self.network_buttons.keys():
|
||||
+ b.connect("clicked",self.network_all_clicked)
|
||||
+
|
||||
+ self.role_treeview = self.xml.get_widget("role_treeview")
|
||||
+ self.role_store = gtk.ListStore(gobject.TYPE_STRING)
|
||||
+ self.role_treeview.set_model(self.role_store)
|
||||
+ self.role_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
|
||||
+ self.role_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
||||
+ col = gtk.TreeViewColumn(_("Role"), gtk.CellRendererText(), text = 0)
|
||||
+ self.role_treeview.append_column(col)
|
||||
+
|
||||
+ roles = commands.getoutput("/usr/bin/seinfo -r").split()[2:]
|
||||
+ for i in roles:
|
||||
+ iter = self.role_store.append()
|
||||
+ self.role_store.set_value(iter, 0, i[:-2])
|
||||
+
|
||||
+ self.types = commands.getoutput("/usr/bin/seinfo -t").split()[2:]
|
||||
+ self.transition_treeview = self.xml.get_widget("transition_treeview")
|
||||
+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
|
||||
+ self.transition_treeview.set_model(self.transition_store)
|
||||
@ -3381,7 +3450,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
|
||||
+ self.transition_treeview.append_column(col)
|
||||
+
|
||||
+
|
||||
+ self.admin_treeview = self.xml.get_widget("admin_treeview")
|
||||
+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
|
||||
+ self.admin_treeview.set_model(self.admin_store)
|
||||
@ -3391,11 +3459,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ self.admin_treeview.append_column(col)
|
||||
+
|
||||
+ for i in polgen.methods:
|
||||
+ print i
|
||||
+ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
|
||||
+ if len(m) > 0:
|
||||
+ iter = self.transition_store.append()
|
||||
+ self.transition_store.set_value(iter, 0, m[0])
|
||||
+ if "%s_exec_t" % m[0] in self.types and "user_%s_t" % m[0] in self.types:
|
||||
+ iter = self.transition_store.append()
|
||||
+ self.transition_store.set_value(iter, 0, m[0])
|
||||
+ continue
|
||||
+
|
||||
+ m = re.findall("(.*)%s" % polgen.ADMIN_TRANSITION_INTERFACE, i)
|
||||
@ -3490,7 +3558,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ return polgen.TUSER
|
||||
+ if self.root_user_radiobutton.get_active():
|
||||
+ return polgen.RUSER
|
||||
+
|
||||
+
|
||||
+ def generate_policy(self, *args):
|
||||
+ try:
|
||||
+ my_policy=polgen.policy(self.get_name(), self.get_type())
|
||||
@ -3504,7 +3572,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
|
||||
+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
|
||||
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
|
||||
+ my_policy.set_init_script(self.exec_entry.get_text())
|
||||
+ my_policy.set_init_script(self.script_entry.get_text())
|
||||
+ else:
|
||||
+ if self.get_type() == polgen.RUSER:
|
||||
+ selected = []
|
||||
@ -3515,6 +3583,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ self.transition_treeview.get_selection().selected_foreach(foreach, selected)
|
||||
+ my_policy.set_transition_domains(selected)
|
||||
+
|
||||
+ selected = []
|
||||
+ self.role_treeview.get_selection().selected_foreach(foreach, selected)
|
||||
+ my_policy.set_admin_roles(selected)
|
||||
+
|
||||
+ iter= self.store.get_iter_first()
|
||||
+ while(iter):
|
||||
+ if self.store.get_value(iter, 1) == FILE:
|
||||
@ -3666,8 +3738,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
||||
+ app.stand_alone()
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.25/gui/polgen.py
|
||||
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.25/gui/polgen.py 2007-09-05 22:26:53.000000000 -0400
|
||||
@@ -0,0 +1,715 @@
|
||||
+++ policycoreutils-2.0.25/gui/polgen.py 2007-09-10 11:55:14.000000000 -0400
|
||||
@@ -0,0 +1,718 @@
|
||||
+# Copyright (C) 2007 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
+#
|
||||
@ -3729,8 +3801,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
||||
+ # List of per_role_template interfaces
|
||||
+ ifs = interfaces.InterfaceSet()
|
||||
+ ifs.from_file(fd)
|
||||
+ fd.close()
|
||||
+ methods = ifs.interfaces.keys()
|
||||
+ fd.close()
|
||||
+except:
|
||||
+ sys.stderr.write("could not open interface info [%s]\n" % fn)
|
||||
+ sys.exit(1)
|
||||
@ -4136,9 +4208,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
||||
+
|
||||
+ def generate_if(self):
|
||||
+ newif = ""
|
||||
+ if self.program:
|
||||
+ if self.program != "":
|
||||
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_program_rules)
|
||||
+ if self.initscript:
|
||||
+ if self.initscript != "":
|
||||
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_rules)
|
||||
+
|
||||
+ for d in self.DEFAULT_DIRS:
|
||||
@ -4241,7 +4313,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
||||
+ def generate_sh(self):
|
||||
+ newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
|
||||
+ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
|
||||
+ newsh += re.sub("FILENAME", self.program, script.restorecon)
|
||||
+ if self.program != "":
|
||||
+ newsh += re.sub("FILENAME", self.program, script.restorecon)
|
||||
+ if self.initscript != "":
|
||||
+ newsh += re.sub("FILENAME", self.initscript, script.restorecon)
|
||||
+
|
||||
+ for i in self.files.keys():
|
||||
+ newsh += re.sub("FILENAME", i, script.restorecon)
|
||||
@ -9474,7 +9549,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.25/gui/templates/user.py
|
||||
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.25/gui/templates/user.py 2007-09-05 22:25:03.000000000 -0400
|
||||
+++ policycoreutils-2.0.25/gui/templates/user.py 2007-09-10 11:43:28.000000000 -0400
|
||||
@@ -0,0 +1,139 @@
|
||||
+# Copyright (C) 2007 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
@ -9571,8 +9646,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
|
||||
+files_dontaudit_search_all_dirs(TEMPLATETYPE_t)
|
||||
+
|
||||
+selinux_get_enforce_mode(TEMPLATETYPE_t)
|
||||
+seutil_domtrans_restorecon(TEMPLATETYPE_t)
|
||||
+seutil_search_default_contexts(mydbadm_t)
|
||||
+seutil_domtrans_setfiles(TEMPLATETYPE_t)
|
||||
+seutil_search_default_contexts(TEMPLATETYPE_t)
|
||||
+
|
||||
+logging_send_syslog_msg(TEMPLATETYPE_t)
|
||||
+
|
||||
|
@ -6,7 +6,7 @@
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.25
|
||||
Release: 9%{?dist}
|
||||
Release: 10%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -23,7 +23,7 @@ Patch1: policycoreutils-po.patch
|
||||
Patch3: policycoreutils-gui.patch
|
||||
|
||||
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
|
||||
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff /bin/rpm /bin/sed
|
||||
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
|
||||
Requires: libselinux >= %{libselinuxver} libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} coreutils audit-libs-python >= %{libauditver} checkpolicy libselinux-python
|
||||
Requires(post): /sbin/service /sbin/chkconfig
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
@ -200,7 +200,10 @@ if [ "$1" -ge "1" ]; then
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Wed Sep 4 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-9
|
||||
* Thu Sep 6 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-10
|
||||
- Change Requires /bin/rpm to rpm
|
||||
|
||||
* Wed Sep 5 2007 Dan Walsh <dwalsh@redhat.com> 2.0.25-9
|
||||
- Bump libsemanage version for disable dontaudit
|
||||
- New gui features for creating admin users
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user