*** empty log message ***
This commit is contained in:
Daniel J Walsh
parent
2e57c61e4f
commit
c264106d43
@ -1,6 +1,6 @@
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.27.28/audit2allow/audit2allow
|
||||
--- nsapolicycoreutils/audit2allow/audit2allow 2005-09-12 16:33:30.000000000 -0400
|
||||
+++ policycoreutils-1.27.28/audit2allow/audit2allow 2005-11-16 21:48:07.000000000 -0500
|
||||
+++ policycoreutils-1.27.28/audit2allow/audit2allow 2005-11-16 23:07:04.000000000 -0500
|
||||
@@ -1,7 +1,12 @@
|
||||
-#!/usr/bin/perl
|
||||
-
|
||||
@ -17,7 +17,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
@@ -17,148 +22,227 @@
|
||||
@@ -17,148 +22,255 @@
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
||||
# 02111-1307 USA
|
||||
@ -125,6 +125,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ ret=ret+"NAME=%s " % x[2]
|
||||
+ ret=ret + " : " + i
|
||||
+ return ret
|
||||
+
|
||||
+ def gettarget(self):
|
||||
+ if self.source == self.target:
|
||||
+ return "self"
|
||||
@ -166,12 +167,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ def __init__(self, input, last_reload=0, verbose=0):
|
||||
+ self.last_reload=last_reload
|
||||
+ self.allowRules={}
|
||||
+ line = input.readline()
|
||||
+ avc=[]
|
||||
+ found=0
|
||||
+ self.seclasses={}
|
||||
+ self.types=[]
|
||||
+ self.roles=[]
|
||||
+ self.load(input)
|
||||
+
|
||||
+ def load(self, input):
|
||||
+ avc=[]
|
||||
+ found=0
|
||||
+ line = input.readline()
|
||||
+ while line:
|
||||
+ rec=line.split()
|
||||
+ for i in rec:
|
||||
@ -185,6 +189,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ avc=[]
|
||||
+ line = input.readline()
|
||||
+
|
||||
+
|
||||
+ def add(self,avc):
|
||||
+ scon=""
|
||||
+ tcon=""
|
||||
@ -201,7 +206,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ self.allowRules={}
|
||||
+ return
|
||||
+ for i in range (0, len(avc)):
|
||||
+ if avc[i]=="{":
|
||||
+ i=i+1
|
||||
+ while i<len(avc) and avc[i] != "}":
|
||||
+ access.append(avc[i])
|
||||
+ i=i+1
|
||||
+ continue
|
||||
+
|
||||
+ t=avc[i].split('=')
|
||||
+ if len(t) < 2:
|
||||
+ continue
|
||||
+ if t[0]=="scontext":
|
||||
+ context=t[1].split(":")
|
||||
+ scon=context[2]
|
||||
@ -224,11 +238,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ if t[0]=="msg":
|
||||
+ msg=t[1]
|
||||
+ continue
|
||||
+ if avc[i]=="{":
|
||||
+ i=i+1
|
||||
+ while i<len(avc) and avc[i] != "}":
|
||||
+ access.append(avc[i])
|
||||
+ i=i+1
|
||||
+
|
||||
+ if scon=="" or tcon =="" or seclass=="":
|
||||
+ return
|
||||
+
|
||||
@ -332,7 +342,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
- -o append output to <outputfile>\n";
|
||||
- exit;
|
||||
-}
|
||||
-
|
||||
+ def out(self, module):
|
||||
+ rec=""
|
||||
+ if module!="":
|
||||
@ -342,14 +351,23 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ return rec
|
||||
+
|
||||
+def usage():
|
||||
+ print 'audit2allow [-d] [-v] [-l] [-i <inputfile> ] [-o <outputfile>]\n\
|
||||
+ print 'audit2allow [-a] [-d] [-l] [-v] [-i <inputfile> ] [-m <modulename> ] [-o <outputfile>]\n\
|
||||
+ -a read input from audit and message log\n\
|
||||
+ -d read input from output of /bin/dmesg\n\
|
||||
+ -v verbose output\n\
|
||||
+ -i read input from <inputfile> conflicts with -a\n\
|
||||
+ -l read input only after last \"load_policy\"\n\
|
||||
+ -i read input from <inputfile>\n\
|
||||
+ -m module output <modulename>\n\
|
||||
+ -o append output to <outputfile>\n'
|
||||
+ -m module output <modulename> \n\
|
||||
+ -o append output to <outputfile>\n\
|
||||
+ -v verbose output\n\
|
||||
+ '
|
||||
+ sys.exit(1)
|
||||
+
|
||||
+def errorExit(error):
|
||||
+ sys.stderr.write("%s exiting for: " % sys.argv[0])
|
||||
+ sys.stderr.write("%s\n" % error)
|
||||
+ sys.stderr.flush()
|
||||
+ sys.exit(1)
|
||||
|
||||
+#
|
||||
+# This script will generate home dir file context
|
||||
+# based off the homedir_template file, entries in the password file, and
|
||||
@ -360,14 +378,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ output=sys.stdout
|
||||
+ module=""
|
||||
+ verbose=0
|
||||
+ gopts, cmds = getopt.getopt(sys.argv[1:], 'vdo:hli:m:', ['help',
|
||||
+ auditlogs=0
|
||||
+ gopts, cmds = getopt.getopt(sys.argv[1:], 'avdo:hli:m:', ['help',
|
||||
+ 'last_reload='])
|
||||
+ for o,a in gopts:
|
||||
+ if o == '--last_reload' or o == "-l":
|
||||
+ last_reload=1
|
||||
+ if o == "-v":
|
||||
+ verbose=1
|
||||
+ if o == "-a":
|
||||
+ input=open("/var/log/messages", "r")
|
||||
+ auditlogs=1
|
||||
+ if o == "-i":
|
||||
+ if auditlogs:
|
||||
+ usage()
|
||||
+ input=open(a, "r")
|
||||
+ if o == "-m":
|
||||
+ module=a
|
||||
@ -380,17 +404,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
|
||||
+ if len(cmds) != 0:
|
||||
+ usage()
|
||||
+ out=allowRecords(input, last_reload, verbose)
|
||||
+ if auditlogs:
|
||||
+ input=open("/var/log/audit/audit.log", "r")
|
||||
+ out.load(input)
|
||||
+ output.write(out.out(module))
|
||||
+
|
||||
+except getopt.error, error:
|
||||
+ errorExit(string.join("Options Error ", error))
|
||||
+except ValueError, error:
|
||||
+ errorExit(string.join("ValueError ", error))
|
||||
+except IndexError, error:
|
||||
+ errorExit("IndexError")
|
||||
+except KeyboardInterrupt, error:
|
||||
+ sys.exit(0)
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.perl policycoreutils-1.27.28/audit2allow/audit2allow.perl
|
||||
--- nsapolicycoreutils/audit2allow/audit2allow.perl 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-1.27.28/audit2allow/audit2allow.perl 2005-11-16 21:45:38.000000000 -0500
|
||||
+++ policycoreutils-1.27.28/audit2allow/audit2allow.perl 2005-11-16 22:33:25.000000000 -0500
|
||||
@@ -0,0 +1,164 @@
|
||||
+#!/usr/bin/perl
|
||||
+
|
||||
@ -558,7 +585,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.27.28/scripts/genhomedircon
|
||||
--- nsapolicycoreutils/scripts/genhomedircon 2005-11-16 15:27:46.000000000 -0500
|
||||
+++ policycoreutils-1.27.28/scripts/genhomedircon 2005-11-16 21:45:38.000000000 -0500
|
||||
+++ policycoreutils-1.27.28/scripts/genhomedircon 2005-11-16 22:33:25.000000000 -0500
|
||||
@@ -29,7 +29,9 @@
|
||||
import commands, sys, os, pwd, string, getopt, re
|
||||
from semanage import *;
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Summary: SELinux policy core utilities.
|
||||
Name: policycoreutils
|
||||
Version: 1.27.28
|
||||
Release: 1
|
||||
Release: 2
|
||||
License: GPL
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -89,7 +89,7 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
|
||||
%changelog
|
||||
|
||||
* Wed Nov 16 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-1
|
||||
* Wed Nov 16 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-2
|
||||
- Update to match NSA
|
||||
* Merged genhomedircon rewrite from Dan Walsh.
|
||||
- Rewrite audit2allow to python
|
||||
|
||||
Loading…
Reference in New Issue
Block a user