policycoreutils-2.5-19

- seobject: Handle python error returns correctly - policycoreutils/sepolicy/gui: fix current selinux state radiobutton - policycoreutils: semodule_package: do not fail with an empty fc file
2016-12-01 20:57:07 +01:00 · 2016-12-01 20:57:07 +01:00 · c54847bdaa
commit c54847bdaa
parent 707dcc5ef3
2 changed files with 62 additions and 22 deletions
--- a/policycoreutils-fedora.patch
+++ b/policycoreutils-fedora.patch
@ -628596,7 +628596,7 @@ index 0fad36c..75b782f 100644
 while the semanage user command deals with the mapping from SELinux
 user identities to authorized role sets.  In most cases, only the
 diff --git policycoreutils-2.5/semanage/seobject.py policycoreutils-2.5/semanage/seobject.py
-index 3b0b108..bca247b 100644
+index 3b0b108..90481b1 100644
 --- policycoreutils-2.5/semanage/seobject.py
 +++ policycoreutils-2.5/semanage/seobject.py
@@ -23,14 +23,12 @@
@ -628870,7 +628870,22 @@ index 3b0b108..bca247b 100644
 
         self.validate(target)
 
-@@ -1913,7 +1971,7 @@ class fcontextRecords(semanageRecords):
+@@ -1904,16 +1962,18 @@ class fcontextRecords(semanageRecords):
+             if not exists:
+                 raise ValueError(_("File context for %s is not defined") % target)
+ 
+-        (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
+-        if rc < 0:
+-            (rc, fcontext) = semanage_fcontext_query(self.sh, k)
+-            if rc < 0:
+        try:
+            (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
+        except OSError:
+            try:
+                (rc, fcontext) = semanage_fcontext_query(self.sh, k)
+            except OSError:
+                 raise ValueError(_("Could not query file context for %s") % target)
+ 
         if setype != "<<none>>":
             con = semanage_fcontext_get_con(fcontext)
 
@ -628879,7 +628894,7 @@ index 3b0b108..bca247b 100644
                 con = self.createcon(target)
 
             if (is_mls_enabled == 1) and (serange != ""):
-@@ -1939,6 +1997,11 @@ class fcontextRecords(semanageRecords):
+@@ -1939,6 +1999,11 @@ class fcontextRecords(semanageRecords):
         semanage_fcontext_key_free(k)
         semanage_fcontext_free(fcontext)
 
@ -628891,7 +628906,7 @@ index 3b0b108..bca247b 100644
     def modify(self, target, setype, ftype, serange, seuser):
         self.begin()
         self.__modify(target, setype, ftype, serange, seuser)
-@@ -1964,6 +2027,8 @@ class fcontextRecords(semanageRecords):
+@@ -1964,6 +2029,8 @@ class fcontextRecords(semanageRecords):
                 raise ValueError(_("Could not delete the file context %s") % target)
             semanage_fcontext_key_free(k)
 
@ -628900,7 +628915,7 @@ index 3b0b108..bca247b 100644
         self.equiv = {}
         self.equal_ind = True
         self.commit()
-@@ -1972,6 +2037,9 @@ class fcontextRecords(semanageRecords):
+@@ -1972,6 +2039,9 @@ class fcontextRecords(semanageRecords):
         if target in self.equiv.keys():
             self.equiv.pop(target)
             self.equal_ind = True
@ -628910,7 +628925,7 @@ index 3b0b108..bca247b 100644
             return
 
         (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
-@@ -1996,6 +2064,8 @@ class fcontextRecords(semanageRecords):
+@@ -1996,6 +2066,8 @@ class fcontextRecords(semanageRecords):
 
         semanage_fcontext_key_free(k)
 
@ -628919,7 +628934,7 @@ index 3b0b108..bca247b 100644
     def delete(self, target, ftype):
         self.begin()
         self.__delete(target, ftype)
-@@ -2091,7 +2161,7 @@ class booleanRecords(semanageRecords):
+@@ -2091,7 +2163,7 @@ class booleanRecords(semanageRecords):
             self.current_booleans = []
             ptype = None
 
@ -628930,10 +628945,10 @@ index 3b0b108..bca247b 100644
             self.modify_local = False
 diff --git policycoreutils-2.5/semanage/seobject/__init__.py policycoreutils-2.5/semanage/seobject/__init__.py
 new file mode 100644
-index 0000000..d364434
+index 0000000..6ca9e7b
 --- /dev/null
 +++ policycoreutils-2.5/semanage/seobject/__init__.py
-@@ -0,0 +1,2405 @@
+@@ -0,0 +1,2407 @@
 +#! /usr/bin/python3 -Es
 +# Copyright (C) 2005-2013 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -630968,10 +630983,12 @@ index 0000000..d364434
 +                       if not exists:
 +                              raise ValueError(_("File context for %s is not defined") % target)
 +
-+                (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
-+                if rc < 0:
-+                       (rc, fcontext) = semanage_fcontext_query(self.sh, k)
-+                       if rc < 0:
+                try:
+                       (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
+                except OSError:
+                       try:
+                              (rc, fcontext) = semanage_fcontext_query(self.sh, k)
+                       except OSError:
 +                              raise ValueError(_("Could not query file context for %s") % target)
 +
 +                if setype != "<<none>>":
@ -631460,6 +631477,21 @@ index bcfaa2b..ce048bc 100644
 			    NULL)) != -1) {
 		switch (i) {
 		case 'b':
+diff --git policycoreutils-2.5/semodule_package/semodule_package.c policycoreutils-2.5/semodule_package/semodule_package.c
+index d2a5fd0..e472054 100644
+--- policycoreutils-2.5/semodule_package/semodule_package.c
+++ policycoreutils-2.5/semodule_package/semodule_package.c
+@@ -72,6 +72,10 @@ static int file_to_data(const char *path, char **data, size_t * len)
+ 			path, strerror(errno));
+ 		goto err;
+ 	}
+	if (!sb.st_size) {
+		*len = 0;
+		return 0;
+	}
+ 
+ 	*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
+ 	if (*data == MAP_FAILED) {
 diff --git policycoreutils-2.5/sepolicy/common.h policycoreutils-2.5/sepolicy/common.h
 index dc3ce6a..3b93845 100644
 --- policycoreutils-2.5/sepolicy/common.h
@ -633241,7 +633273,7 @@ index a92783a..8b3b131 100644
             out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
         return out
 diff --git policycoreutils-2.5/sepolicy/sepolicy/gui.py policycoreutils-2.5/sepolicy/sepolicy/gui.py
-index 313b77f..a26bf51 100644
+index 313b77f..70355d2 100644
 --- policycoreutils-2.5/sepolicy/sepolicy/gui.py
 +++ policycoreutils-2.5/sepolicy/sepolicy/gui.py
@@ -1,4 +1,4 @@
@ -633748,7 +633780,7 @@ index 313b77f..a26bf51 100644
         if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
             label.set_text(ADVANCED_SEARCH_LABEL[0])
             self.close_popup()
-@@ -2581,25 +2553,6 @@ class SELinuxGui():
+@@ -2581,35 +2553,23 @@ class SELinuxGui():
             label.set_text(ADVANCED_SEARCH_LABEL[1])
             self.show_popup(self.advanced_search_window)
 
@ -633774,8 +633806,11 @@ index 313b77f..a26bf51 100644
     def set_enforce_text(self, value):
         if value:
             self.status_bar.push(self.context_id, _("System Status: Enforcing"))
-@@ -2608,8 +2561,14 @@ class SELinuxGui():
-         self.current_status_permissive.set_active(True)
+            self.current_status_enforcing.set_active(True)
+         else:
+             self.status_bar.push(self.context_id, _("System Status: Permissive"))
+-        self.current_status_permissive.set_active(True)
+            self.current_status_permissive.set_active(True)
 
     def set_enforce(self, button):
 -        self.dbus.setenforce(button.get_active())
@ -633791,7 +633826,7 @@ index 313b77f..a26bf51 100644
 
     def on_browse_select(self, *args):
         filename = self.file_dialog.get_filename()
-@@ -2669,16 +2628,22 @@ class SELinuxGui():
+@@ -2669,16 +2629,22 @@ class SELinuxGui():
             self.system_policy_type_combobox.set_active(self.typeHistory)
             return None
 
@ -633818,7 +633853,7 @@ index 313b77f..a26bf51 100644
 
     def import_config_show(self, *args):
         self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
-@@ -2735,7 +2700,7 @@ class SELinuxGui():
+@@ -2735,7 +2701,7 @@ class SELinuxGui():
             return
         try:
             self.dbus.relabel_on_boot(active)
@ -633827,7 +633862,7 @@ index 313b77f..a26bf51 100644
             self.error(e)
 
     def closewindow(self, window, *args):
-@@ -2821,10 +2786,13 @@ class SELinuxGui():
+@@ -2821,10 +2787,13 @@ class SELinuxGui():
         if not self.finish_init:
             return
         self.wait_mouse()
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -9,7 +9,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.5
-Release: 18%{?dist}
+Release: 19%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # https://github.com/SELinuxProject/selinux/wiki/Releases
@ -27,7 +27,7 @@ Source9: selinux-autorelabel-generator.sh
 # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
 # run:
 # $ VERSION=2.5 ./make-fedora-selinux-patch.sh policycoreutils
-# HEAD https://github.com/fedora-selinux/selinux/commit/be955a4daf0598dbce8881c5dbab23b0cb1a6322
+# HEAD https://github.com/fedora-selinux/selinux/commit/223fc83c6e68cead9b3d8d4e5ca7e95a580952e7
 Patch:	 policycoreutils-fedora.patch
 # $ VERSION=1.2.3 ./make-fedora-selinux-patch.sh sepolgen
 Patch1:  sepolgen-fedora.patch
@ -436,6 +436,11 @@ The policycoreutils-restorecond package contains the restorecond service.
 %systemd_postun_with_restart restorecond.service

 %changelog
+* Thu Dec 01 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-19
+- seobject: Handle python error returns correctly
+- policycoreutils/sepolicy/gui: fix current selinux state radiobutton
+- policycoreutils: semodule_package: do not fail with an empty fc file
+
 * Tue Nov 22 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-18
 - Update translations
 - Fix fcontextPage editing features (#1344842)