policycoreutils-2.5-19
- seobject: Handle python error returns correctly - policycoreutils/sepolicy/gui: fix current selinux state radiobutton - policycoreutils: semodule_package: do not fail with an empty fc file
This commit is contained in:
parent
707dcc5ef3
commit
c54847bdaa
@ -628596,7 +628596,7 @@ index 0fad36c..75b782f 100644
|
|||||||
while the semanage user command deals with the mapping from SELinux
|
while the semanage user command deals with the mapping from SELinux
|
||||||
user identities to authorized role sets. In most cases, only the
|
user identities to authorized role sets. In most cases, only the
|
||||||
diff --git policycoreutils-2.5/semanage/seobject.py policycoreutils-2.5/semanage/seobject.py
|
diff --git policycoreutils-2.5/semanage/seobject.py policycoreutils-2.5/semanage/seobject.py
|
||||||
index 3b0b108..bca247b 100644
|
index 3b0b108..90481b1 100644
|
||||||
--- policycoreutils-2.5/semanage/seobject.py
|
--- policycoreutils-2.5/semanage/seobject.py
|
||||||
+++ policycoreutils-2.5/semanage/seobject.py
|
+++ policycoreutils-2.5/semanage/seobject.py
|
||||||
@@ -23,14 +23,12 @@
|
@@ -23,14 +23,12 @@
|
||||||
@ -628870,7 +628870,22 @@ index 3b0b108..bca247b 100644
|
|||||||
|
|
||||||
self.validate(target)
|
self.validate(target)
|
||||||
|
|
||||||
@@ -1913,7 +1971,7 @@ class fcontextRecords(semanageRecords):
|
@@ -1904,16 +1962,18 @@ class fcontextRecords(semanageRecords):
|
||||||
|
if not exists:
|
||||||
|
raise ValueError(_("File context for %s is not defined") % target)
|
||||||
|
|
||||||
|
- (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
|
||||||
|
- if rc < 0:
|
||||||
|
- (rc, fcontext) = semanage_fcontext_query(self.sh, k)
|
||||||
|
- if rc < 0:
|
||||||
|
+ try:
|
||||||
|
+ (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
|
||||||
|
+ except OSError:
|
||||||
|
+ try:
|
||||||
|
+ (rc, fcontext) = semanage_fcontext_query(self.sh, k)
|
||||||
|
+ except OSError:
|
||||||
|
raise ValueError(_("Could not query file context for %s") % target)
|
||||||
|
|
||||||
if setype != "<<none>>":
|
if setype != "<<none>>":
|
||||||
con = semanage_fcontext_get_con(fcontext)
|
con = semanage_fcontext_get_con(fcontext)
|
||||||
|
|
||||||
@ -628879,7 +628894,7 @@ index 3b0b108..bca247b 100644
|
|||||||
con = self.createcon(target)
|
con = self.createcon(target)
|
||||||
|
|
||||||
if (is_mls_enabled == 1) and (serange != ""):
|
if (is_mls_enabled == 1) and (serange != ""):
|
||||||
@@ -1939,6 +1997,11 @@ class fcontextRecords(semanageRecords):
|
@@ -1939,6 +1999,11 @@ class fcontextRecords(semanageRecords):
|
||||||
semanage_fcontext_key_free(k)
|
semanage_fcontext_key_free(k)
|
||||||
semanage_fcontext_free(fcontext)
|
semanage_fcontext_free(fcontext)
|
||||||
|
|
||||||
@ -628891,7 +628906,7 @@ index 3b0b108..bca247b 100644
|
|||||||
def modify(self, target, setype, ftype, serange, seuser):
|
def modify(self, target, setype, ftype, serange, seuser):
|
||||||
self.begin()
|
self.begin()
|
||||||
self.__modify(target, setype, ftype, serange, seuser)
|
self.__modify(target, setype, ftype, serange, seuser)
|
||||||
@@ -1964,6 +2027,8 @@ class fcontextRecords(semanageRecords):
|
@@ -1964,6 +2029,8 @@ class fcontextRecords(semanageRecords):
|
||||||
raise ValueError(_("Could not delete the file context %s") % target)
|
raise ValueError(_("Could not delete the file context %s") % target)
|
||||||
semanage_fcontext_key_free(k)
|
semanage_fcontext_key_free(k)
|
||||||
|
|
||||||
@ -628900,7 +628915,7 @@ index 3b0b108..bca247b 100644
|
|||||||
self.equiv = {}
|
self.equiv = {}
|
||||||
self.equal_ind = True
|
self.equal_ind = True
|
||||||
self.commit()
|
self.commit()
|
||||||
@@ -1972,6 +2037,9 @@ class fcontextRecords(semanageRecords):
|
@@ -1972,6 +2039,9 @@ class fcontextRecords(semanageRecords):
|
||||||
if target in self.equiv.keys():
|
if target in self.equiv.keys():
|
||||||
self.equiv.pop(target)
|
self.equiv.pop(target)
|
||||||
self.equal_ind = True
|
self.equal_ind = True
|
||||||
@ -628910,7 +628925,7 @@ index 3b0b108..bca247b 100644
|
|||||||
return
|
return
|
||||||
|
|
||||||
(rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
|
(rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
|
||||||
@@ -1996,6 +2064,8 @@ class fcontextRecords(semanageRecords):
|
@@ -1996,6 +2066,8 @@ class fcontextRecords(semanageRecords):
|
||||||
|
|
||||||
semanage_fcontext_key_free(k)
|
semanage_fcontext_key_free(k)
|
||||||
|
|
||||||
@ -628919,7 +628934,7 @@ index 3b0b108..bca247b 100644
|
|||||||
def delete(self, target, ftype):
|
def delete(self, target, ftype):
|
||||||
self.begin()
|
self.begin()
|
||||||
self.__delete(target, ftype)
|
self.__delete(target, ftype)
|
||||||
@@ -2091,7 +2161,7 @@ class booleanRecords(semanageRecords):
|
@@ -2091,7 +2163,7 @@ class booleanRecords(semanageRecords):
|
||||||
self.current_booleans = []
|
self.current_booleans = []
|
||||||
ptype = None
|
ptype = None
|
||||||
|
|
||||||
@ -628930,10 +628945,10 @@ index 3b0b108..bca247b 100644
|
|||||||
self.modify_local = False
|
self.modify_local = False
|
||||||
diff --git policycoreutils-2.5/semanage/seobject/__init__.py policycoreutils-2.5/semanage/seobject/__init__.py
|
diff --git policycoreutils-2.5/semanage/seobject/__init__.py policycoreutils-2.5/semanage/seobject/__init__.py
|
||||||
new file mode 100644
|
new file mode 100644
|
||||||
index 0000000..d364434
|
index 0000000..6ca9e7b
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ policycoreutils-2.5/semanage/seobject/__init__.py
|
+++ policycoreutils-2.5/semanage/seobject/__init__.py
|
||||||
@@ -0,0 +1,2405 @@
|
@@ -0,0 +1,2407 @@
|
||||||
+#! /usr/bin/python3 -Es
|
+#! /usr/bin/python3 -Es
|
||||||
+# Copyright (C) 2005-2013 Red Hat
|
+# Copyright (C) 2005-2013 Red Hat
|
||||||
+# see file 'COPYING' for use and warranty information
|
+# see file 'COPYING' for use and warranty information
|
||||||
@ -630968,10 +630983,12 @@ index 0000000..d364434
|
|||||||
+ if not exists:
|
+ if not exists:
|
||||||
+ raise ValueError(_("File context for %s is not defined") % target)
|
+ raise ValueError(_("File context for %s is not defined") % target)
|
||||||
+
|
+
|
||||||
|
+ try:
|
||||||
+ (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
|
+ (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
|
||||||
+ if rc < 0:
|
+ except OSError:
|
||||||
|
+ try:
|
||||||
+ (rc, fcontext) = semanage_fcontext_query(self.sh, k)
|
+ (rc, fcontext) = semanage_fcontext_query(self.sh, k)
|
||||||
+ if rc < 0:
|
+ except OSError:
|
||||||
+ raise ValueError(_("Could not query file context for %s") % target)
|
+ raise ValueError(_("Could not query file context for %s") % target)
|
||||||
+
|
+
|
||||||
+ if setype != "<<none>>":
|
+ if setype != "<<none>>":
|
||||||
@ -631460,6 +631477,21 @@ index bcfaa2b..ce048bc 100644
|
|||||||
NULL)) != -1) {
|
NULL)) != -1) {
|
||||||
switch (i) {
|
switch (i) {
|
||||||
case 'b':
|
case 'b':
|
||||||
|
diff --git policycoreutils-2.5/semodule_package/semodule_package.c policycoreutils-2.5/semodule_package/semodule_package.c
|
||||||
|
index d2a5fd0..e472054 100644
|
||||||
|
--- policycoreutils-2.5/semodule_package/semodule_package.c
|
||||||
|
+++ policycoreutils-2.5/semodule_package/semodule_package.c
|
||||||
|
@@ -72,6 +72,10 @@ static int file_to_data(const char *path, char **data, size_t * len)
|
||||||
|
path, strerror(errno));
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
+ if (!sb.st_size) {
|
||||||
|
+ *len = 0;
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
|
||||||
|
if (*data == MAP_FAILED) {
|
||||||
diff --git policycoreutils-2.5/sepolicy/common.h policycoreutils-2.5/sepolicy/common.h
|
diff --git policycoreutils-2.5/sepolicy/common.h policycoreutils-2.5/sepolicy/common.h
|
||||||
index dc3ce6a..3b93845 100644
|
index dc3ce6a..3b93845 100644
|
||||||
--- policycoreutils-2.5/sepolicy/common.h
|
--- policycoreutils-2.5/sepolicy/common.h
|
||||||
@ -633241,7 +633273,7 @@ index a92783a..8b3b131 100644
|
|||||||
out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
|
out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
|
||||||
return out
|
return out
|
||||||
diff --git policycoreutils-2.5/sepolicy/sepolicy/gui.py policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
diff --git policycoreutils-2.5/sepolicy/sepolicy/gui.py policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
||||||
index 313b77f..a26bf51 100644
|
index 313b77f..70355d2 100644
|
||||||
--- policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
--- policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
||||||
+++ policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
+++ policycoreutils-2.5/sepolicy/sepolicy/gui.py
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
@ -633748,7 +633780,7 @@ index 313b77f..a26bf51 100644
|
|||||||
if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
|
if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
|
||||||
label.set_text(ADVANCED_SEARCH_LABEL[0])
|
label.set_text(ADVANCED_SEARCH_LABEL[0])
|
||||||
self.close_popup()
|
self.close_popup()
|
||||||
@@ -2581,25 +2553,6 @@ class SELinuxGui():
|
@@ -2581,35 +2553,23 @@ class SELinuxGui():
|
||||||
label.set_text(ADVANCED_SEARCH_LABEL[1])
|
label.set_text(ADVANCED_SEARCH_LABEL[1])
|
||||||
self.show_popup(self.advanced_search_window)
|
self.show_popup(self.advanced_search_window)
|
||||||
|
|
||||||
@ -633774,8 +633806,11 @@ index 313b77f..a26bf51 100644
|
|||||||
def set_enforce_text(self, value):
|
def set_enforce_text(self, value):
|
||||||
if value:
|
if value:
|
||||||
self.status_bar.push(self.context_id, _("System Status: Enforcing"))
|
self.status_bar.push(self.context_id, _("System Status: Enforcing"))
|
||||||
@@ -2608,8 +2561,14 @@ class SELinuxGui():
|
+ self.current_status_enforcing.set_active(True)
|
||||||
self.current_status_permissive.set_active(True)
|
else:
|
||||||
|
self.status_bar.push(self.context_id, _("System Status: Permissive"))
|
||||||
|
- self.current_status_permissive.set_active(True)
|
||||||
|
+ self.current_status_permissive.set_active(True)
|
||||||
|
|
||||||
def set_enforce(self, button):
|
def set_enforce(self, button):
|
||||||
- self.dbus.setenforce(button.get_active())
|
- self.dbus.setenforce(button.get_active())
|
||||||
@ -633791,7 +633826,7 @@ index 313b77f..a26bf51 100644
|
|||||||
|
|
||||||
def on_browse_select(self, *args):
|
def on_browse_select(self, *args):
|
||||||
filename = self.file_dialog.get_filename()
|
filename = self.file_dialog.get_filename()
|
||||||
@@ -2669,16 +2628,22 @@ class SELinuxGui():
|
@@ -2669,16 +2629,22 @@ class SELinuxGui():
|
||||||
self.system_policy_type_combobox.set_active(self.typeHistory)
|
self.system_policy_type_combobox.set_active(self.typeHistory)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@ -633818,7 +633853,7 @@ index 313b77f..a26bf51 100644
|
|||||||
|
|
||||||
def import_config_show(self, *args):
|
def import_config_show(self, *args):
|
||||||
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
|
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
|
||||||
@@ -2735,7 +2700,7 @@ class SELinuxGui():
|
@@ -2735,7 +2701,7 @@ class SELinuxGui():
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
self.dbus.relabel_on_boot(active)
|
self.dbus.relabel_on_boot(active)
|
||||||
@ -633827,7 +633862,7 @@ index 313b77f..a26bf51 100644
|
|||||||
self.error(e)
|
self.error(e)
|
||||||
|
|
||||||
def closewindow(self, window, *args):
|
def closewindow(self, window, *args):
|
||||||
@@ -2821,10 +2786,13 @@ class SELinuxGui():
|
@@ -2821,10 +2787,13 @@ class SELinuxGui():
|
||||||
if not self.finish_init:
|
if not self.finish_init:
|
||||||
return
|
return
|
||||||
self.wait_mouse()
|
self.wait_mouse()
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.5
|
Version: 2.5
|
||||||
Release: 18%{?dist}
|
Release: 19%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||||
@ -27,7 +27,7 @@ Source9: selinux-autorelabel-generator.sh
|
|||||||
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
|
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
|
||||||
# run:
|
# run:
|
||||||
# $ VERSION=2.5 ./make-fedora-selinux-patch.sh policycoreutils
|
# $ VERSION=2.5 ./make-fedora-selinux-patch.sh policycoreutils
|
||||||
# HEAD https://github.com/fedora-selinux/selinux/commit/be955a4daf0598dbce8881c5dbab23b0cb1a6322
|
# HEAD https://github.com/fedora-selinux/selinux/commit/223fc83c6e68cead9b3d8d4e5ca7e95a580952e7
|
||||||
Patch: policycoreutils-fedora.patch
|
Patch: policycoreutils-fedora.patch
|
||||||
# $ VERSION=1.2.3 ./make-fedora-selinux-patch.sh sepolgen
|
# $ VERSION=1.2.3 ./make-fedora-selinux-patch.sh sepolgen
|
||||||
Patch1: sepolgen-fedora.patch
|
Patch1: sepolgen-fedora.patch
|
||||||
@ -436,6 +436,11 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%systemd_postun_with_restart restorecond.service
|
%systemd_postun_with_restart restorecond.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Dec 01 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-19
|
||||||
|
- seobject: Handle python error returns correctly
|
||||||
|
- policycoreutils/sepolicy/gui: fix current selinux state radiobutton
|
||||||
|
- policycoreutils: semodule_package: do not fail with an empty fc file
|
||||||
|
|
||||||
* Tue Nov 22 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-18
|
* Tue Nov 22 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-18
|
||||||
- Update translations
|
- Update translations
|
||||||
- Fix fcontextPage editing features (#1344842)
|
- Fix fcontextPage editing features (#1344842)
|
||||||
|
Loading…
Reference in New Issue
Block a user