* Tue Jun 15 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-1

- Update to upstream
	* Add sandbox support from Dan Walsh with modifications from Steve Lawrence.
This commit is contained in:
Daniel J Walsh 2010-06-21 14:11:31 +00:00
parent ecdab5563c
commit b467ef31d0
2 changed files with 21 additions and 21 deletions

View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py
--- nsasepolgen/src/sepolgen/access.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/access.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py 2010-06-16 08:22:43.000000000 -0400
@@ -32,6 +32,7 @@ @@ -32,6 +32,7 @@
""" """
@ -45,9 +45,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policyco
access.perms.update(perms) access.perms.update(perms)
if audit_msg: if audit_msg:
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py
--- nsasepolgen/src/sepolgen/audit.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/audit.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py 2010-06-16 08:22:43.000000000 -0400
@@ -68,6 +68,17 @@ @@ -68,6 +68,17 @@
stdout=subprocess.PIPE).communicate()[0] stdout=subprocess.PIPE).communicate()[0]
return output return output
@ -131,9 +131,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycor
return av_set return av_set
class AVCTypeFilter: class AVCTypeFilter:
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py
--- nsasepolgen/src/sepolgen/defaults.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/defaults.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-06-16 08:22:43.000000000 -0400
@@ -30,6 +30,9 @@ @@ -30,6 +30,9 @@
def interface_info(): def interface_info():
return data_dir() + "/interface_info" return data_dir() + "/interface_info"
@ -144,9 +144,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policy
def refpolicy_devel(): def refpolicy_devel():
return "/usr/share/selinux/devel" return "/usr/share/selinux/devel"
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py
--- nsasepolgen/src/sepolgen/interfaces.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/interfaces.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-05-03 09:33:11.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-06-16 08:22:43.000000000 -0400
@@ -29,6 +29,8 @@ @@ -29,6 +29,8 @@
from sepolgeni18n import _ from sepolgeni18n import _
@ -262,9 +262,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py poli
self.expand_ifcalls(headers) self.expand_ifcalls(headers)
self.index() self.index()
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py
--- nsasepolgen/src/sepolgen/matching.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/matching.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py 2010-06-16 08:22:43.000000000 -0400
@@ -50,7 +50,7 @@ @@ -50,7 +50,7 @@
return 1 return 1
@ -293,9 +293,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policy
def __iter__(self): def __iter__(self):
return iter(self.children) return iter(self.children)
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py
--- nsasepolgen/src/sepolgen/policygen.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/policygen.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-02 11:45:17.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-21 10:10:01.000000000 -0400
@@ -29,6 +29,8 @@ @@ -29,6 +29,8 @@
import access import access
import interfaces import interfaces
@ -347,18 +347,18 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py polic
+ for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})): + for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
+ if i not in self.domains: + if i not in self.domains:
+ types.append(i) + types.append(i)
+ if len(types) == 1: + if len(types) == 1:
+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types)) + rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
+ elif len(types) >= 1: + elif len(types) >= 1:
+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types)) + rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
+ except: + except:
+ pass + pass
self.module.children.append(rule) self.module.children.append(rule)
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/sepolgen/refparser.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-05-21 10:26:43.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-06-16 08:22:43.000000000 -0400
@@ -1044,7 +1044,7 @@ @@ -1044,7 +1044,7 @@
# of misc_macros. We are just going to pretend that this is an interface # of misc_macros. We are just going to pretend that this is an interface
# to make the expansion work correctly. # to make the expansion work correctly.
@ -368,9 +368,9 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py polic
"getattr","lock","execute","ioctl"]) "getattr","lock","execute","ioctl"])
can_exec.children.append(refpolicy.AVRule(av)) can_exec.children.append(refpolicy.AVRule(av))
diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map
--- nsasepolgen/src/share/perm_map 2010-05-19 14:45:51.000000000 -0400 --- nsasepolgen/src/share/perm_map 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map 2010-06-16 08:22:43.000000000 -0400
@@ -124,7 +124,7 @@ @@ -124,7 +124,7 @@
quotamod w 1 quotamod w 1
quotaget r 1 quotaget r 1

View File

@ -1,3 +1,3 @@
e4deacb4df1e2ec081a91fd59da1dcc5 policycoreutils-2.0.82.tgz
49faa2e5f343317bcfcf34d7286f6037 sepolgen-1.0.23.tgz 49faa2e5f343317bcfcf34d7286f6037 sepolgen-1.0.23.tgz
85a84b4521dfdde649d0143e15f724f9 policycoreutils-2.0.83.tgz
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2 59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2