*** empty log message ***

This commit is contained in:
Daniel J Walsh 2005-11-17 04:08:11 +00:00
parent 2e57c61e4f
commit c264106d43
2 changed files with 50 additions and 23 deletions

View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.27.28/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2005-09-12 16:33:30.000000000 -0400
+++ policycoreutils-1.27.28/audit2allow/audit2allow 2005-11-16 21:48:07.000000000 -0500
+++ policycoreutils-1.27.28/audit2allow/audit2allow 2005-11-16 23:07:04.000000000 -0500
@@ -1,7 +1,12 @@
-#!/usr/bin/perl
-
@ -17,7 +17,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
@@ -17,148 +22,227 @@
@@ -17,148 +22,255 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
# 02111-1307 USA
@ -125,6 +125,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ ret=ret+"NAME=%s " % x[2]
+ ret=ret + " : " + i
+ return ret
+
+ def gettarget(self):
+ if self.source == self.target:
+ return "self"
@ -166,12 +167,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ def __init__(self, input, last_reload=0, verbose=0):
+ self.last_reload=last_reload
+ self.allowRules={}
+ line = input.readline()
+ avc=[]
+ found=0
+ self.seclasses={}
+ self.types=[]
+ self.roles=[]
+ self.load(input)
+
+ def load(self, input):
+ avc=[]
+ found=0
+ line = input.readline()
+ while line:
+ rec=line.split()
+ for i in rec:
@ -185,6 +189,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ avc=[]
+ line = input.readline()
+
+
+ def add(self,avc):
+ scon=""
+ tcon=""
@ -201,7 +206,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ self.allowRules={}
+ return
+ for i in range (0, len(avc)):
+ if avc[i]=="{":
+ i=i+1
+ while i<len(avc) and avc[i] != "}":
+ access.append(avc[i])
+ i=i+1
+ continue
+
+ t=avc[i].split('=')
+ if len(t) < 2:
+ continue
+ if t[0]=="scontext":
+ context=t[1].split(":")
+ scon=context[2]
@ -224,11 +238,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ if t[0]=="msg":
+ msg=t[1]
+ continue
+ if avc[i]=="{":
+ i=i+1
+ while i<len(avc) and avc[i] != "}":
+ access.append(avc[i])
+ i=i+1
+
+ if scon=="" or tcon =="" or seclass=="":
+ return
+
@ -332,7 +342,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
- -o append output to <outputfile>\n";
- exit;
-}
-
+ def out(self, module):
+ rec=""
+ if module!="":
@ -342,14 +351,23 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ return rec
+
+def usage():
+ print 'audit2allow [-d] [-v] [-l] [-i <inputfile> ] [-o <outputfile>]\n\
+ print 'audit2allow [-a] [-d] [-l] [-v] [-i <inputfile> ] [-m <modulename> ] [-o <outputfile>]\n\
+ -a read input from audit and message log\n\
+ -d read input from output of /bin/dmesg\n\
+ -v verbose output\n\
+ -i read input from <inputfile> conflicts with -a\n\
+ -l read input only after last \"load_policy\"\n\
+ -i read input from <inputfile>\n\
+ -m module output <modulename> \n\
+ -o append output to <outputfile>\n'
+ -o append output to <outputfile>\n\
+ -v verbose output\n\
+ '
+ sys.exit(1)
+
+def errorExit(error):
+ sys.stderr.write("%s exiting for: " % sys.argv[0])
+ sys.stderr.write("%s\n" % error)
+ sys.stderr.flush()
+ sys.exit(1)
+#
+# This script will generate home dir file context
+# based off the homedir_template file, entries in the password file, and
@ -360,14 +378,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ output=sys.stdout
+ module=""
+ verbose=0
+ gopts, cmds = getopt.getopt(sys.argv[1:], 'vdo:hli:m:', ['help',
+ auditlogs=0
+ gopts, cmds = getopt.getopt(sys.argv[1:], 'avdo:hli:m:', ['help',
+ 'last_reload='])
+ for o,a in gopts:
+ if o == '--last_reload' or o == "-l":
+ last_reload=1
+ if o == "-v":
+ verbose=1
+ if o == "-a":
+ input=open("/var/log/messages", "r")
+ auditlogs=1
+ if o == "-i":
+ if auditlogs:
+ usage()
+ input=open(a, "r")
+ if o == "-m":
+ module=a
@ -380,17 +404,20 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow
+ if len(cmds) != 0:
+ usage()
+ out=allowRecords(input, last_reload, verbose)
+ if auditlogs:
+ input=open("/var/log/audit/audit.log", "r")
+ out.load(input)
+ output.write(out.out(module))
+
+except getopt.error, error:
+ errorExit(string.join("Options Error ", error))
+except ValueError, error:
+ errorExit(string.join("ValueError ", error))
+except IndexError, error:
+ errorExit("IndexError")
+except KeyboardInterrupt, error:
+ sys.exit(0)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.perl policycoreutils-1.27.28/audit2allow/audit2allow.perl
--- nsapolicycoreutils/audit2allow/audit2allow.perl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.27.28/audit2allow/audit2allow.perl 2005-11-16 21:45:38.000000000 -0500
+++ policycoreutils-1.27.28/audit2allow/audit2allow.perl 2005-11-16 22:33:25.000000000 -0500
@@ -0,0 +1,164 @@
+#!/usr/bin/perl
+
@ -558,7 +585,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.27.28/scripts/genhomedircon
--- nsapolicycoreutils/scripts/genhomedircon 2005-11-16 15:27:46.000000000 -0500
+++ policycoreutils-1.27.28/scripts/genhomedircon 2005-11-16 21:45:38.000000000 -0500
+++ policycoreutils-1.27.28/scripts/genhomedircon 2005-11-16 22:33:25.000000000 -0500
@@ -29,7 +29,9 @@
import commands, sys, os, pwd, string, getopt, re
from semanage import *;

View File

@ -3,7 +3,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.27.28
Release: 1
Release: 2
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -89,7 +89,7 @@ rm -rf ${RPM_BUILD_ROOT}
%changelog
* Wed Nov 16 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-1
* Wed Nov 16 2005 Dan Walsh <dwalsh@redhat.com> 1.27.28-2
- Update to match NSA
* Merged genhomedircon rewrite from Dan Walsh.
- Rewrite audit2allow to python