policycoreutils-2.5-19

- seobject: Handle python error returns correctly
- policycoreutils/sepolicy/gui: fix current selinux state radiobutton
- policycoreutils: semodule_package: do not fail with an empty fc file
This commit is contained in:
Petr Lautrbach 2016-12-01 20:57:07 +01:00
parent 707dcc5ef3
commit c54847bdaa
2 changed files with 62 additions and 22 deletions

View File

@ -628596,7 +628596,7 @@ index 0fad36c..75b782f 100644
while the semanage user command deals with the mapping from SELinux while the semanage user command deals with the mapping from SELinux
user identities to authorized role sets. In most cases, only the user identities to authorized role sets. In most cases, only the
diff --git policycoreutils-2.5/semanage/seobject.py policycoreutils-2.5/semanage/seobject.py diff --git policycoreutils-2.5/semanage/seobject.py policycoreutils-2.5/semanage/seobject.py
index 3b0b108..bca247b 100644 index 3b0b108..90481b1 100644
--- policycoreutils-2.5/semanage/seobject.py --- policycoreutils-2.5/semanage/seobject.py
+++ policycoreutils-2.5/semanage/seobject.py +++ policycoreutils-2.5/semanage/seobject.py
@@ -23,14 +23,12 @@ @@ -23,14 +23,12 @@
@ -628870,7 +628870,22 @@ index 3b0b108..bca247b 100644
self.validate(target) self.validate(target)
@@ -1913,7 +1971,7 @@ class fcontextRecords(semanageRecords): @@ -1904,16 +1962,18 @@ class fcontextRecords(semanageRecords):
if not exists:
raise ValueError(_("File context for %s is not defined") % target)
- (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
- if rc < 0:
- (rc, fcontext) = semanage_fcontext_query(self.sh, k)
- if rc < 0:
+ try:
+ (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
+ except OSError:
+ try:
+ (rc, fcontext) = semanage_fcontext_query(self.sh, k)
+ except OSError:
raise ValueError(_("Could not query file context for %s") % target)
if setype != "<<none>>": if setype != "<<none>>":
con = semanage_fcontext_get_con(fcontext) con = semanage_fcontext_get_con(fcontext)
@ -628879,7 +628894,7 @@ index 3b0b108..bca247b 100644
con = self.createcon(target) con = self.createcon(target)
if (is_mls_enabled == 1) and (serange != ""): if (is_mls_enabled == 1) and (serange != ""):
@@ -1939,6 +1997,11 @@ class fcontextRecords(semanageRecords): @@ -1939,6 +1999,11 @@ class fcontextRecords(semanageRecords):
semanage_fcontext_key_free(k) semanage_fcontext_key_free(k)
semanage_fcontext_free(fcontext) semanage_fcontext_free(fcontext)
@ -628891,7 +628906,7 @@ index 3b0b108..bca247b 100644
def modify(self, target, setype, ftype, serange, seuser): def modify(self, target, setype, ftype, serange, seuser):
self.begin() self.begin()
self.__modify(target, setype, ftype, serange, seuser) self.__modify(target, setype, ftype, serange, seuser)
@@ -1964,6 +2027,8 @@ class fcontextRecords(semanageRecords): @@ -1964,6 +2029,8 @@ class fcontextRecords(semanageRecords):
raise ValueError(_("Could not delete the file context %s") % target) raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k) semanage_fcontext_key_free(k)
@ -628900,7 +628915,7 @@ index 3b0b108..bca247b 100644
self.equiv = {} self.equiv = {}
self.equal_ind = True self.equal_ind = True
self.commit() self.commit()
@@ -1972,6 +2037,9 @@ class fcontextRecords(semanageRecords): @@ -1972,6 +2039,9 @@ class fcontextRecords(semanageRecords):
if target in self.equiv.keys(): if target in self.equiv.keys():
self.equiv.pop(target) self.equiv.pop(target)
self.equal_ind = True self.equal_ind = True
@ -628910,7 +628925,7 @@ index 3b0b108..bca247b 100644
return return
(rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
@@ -1996,6 +2064,8 @@ class fcontextRecords(semanageRecords): @@ -1996,6 +2066,8 @@ class fcontextRecords(semanageRecords):
semanage_fcontext_key_free(k) semanage_fcontext_key_free(k)
@ -628919,7 +628934,7 @@ index 3b0b108..bca247b 100644
def delete(self, target, ftype): def delete(self, target, ftype):
self.begin() self.begin()
self.__delete(target, ftype) self.__delete(target, ftype)
@@ -2091,7 +2161,7 @@ class booleanRecords(semanageRecords): @@ -2091,7 +2163,7 @@ class booleanRecords(semanageRecords):
self.current_booleans = [] self.current_booleans = []
ptype = None ptype = None
@ -628930,10 +628945,10 @@ index 3b0b108..bca247b 100644
self.modify_local = False self.modify_local = False
diff --git policycoreutils-2.5/semanage/seobject/__init__.py policycoreutils-2.5/semanage/seobject/__init__.py diff --git policycoreutils-2.5/semanage/seobject/__init__.py policycoreutils-2.5/semanage/seobject/__init__.py
new file mode 100644 new file mode 100644
index 0000000..d364434 index 0000000..6ca9e7b
--- /dev/null --- /dev/null
+++ policycoreutils-2.5/semanage/seobject/__init__.py +++ policycoreutils-2.5/semanage/seobject/__init__.py
@@ -0,0 +1,2405 @@ @@ -0,0 +1,2407 @@
+#! /usr/bin/python3 -Es +#! /usr/bin/python3 -Es
+# Copyright (C) 2005-2013 Red Hat +# Copyright (C) 2005-2013 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -630968,10 +630983,12 @@ index 0000000..d364434
+ if not exists: + if not exists:
+ raise ValueError(_("File context for %s is not defined") % target) + raise ValueError(_("File context for %s is not defined") % target)
+ +
+ try:
+ (rc, fcontext) = semanage_fcontext_query_local(self.sh, k) + (rc, fcontext) = semanage_fcontext_query_local(self.sh, k)
+ if rc < 0: + except OSError:
+ try:
+ (rc, fcontext) = semanage_fcontext_query(self.sh, k) + (rc, fcontext) = semanage_fcontext_query(self.sh, k)
+ if rc < 0: + except OSError:
+ raise ValueError(_("Could not query file context for %s") % target) + raise ValueError(_("Could not query file context for %s") % target)
+ +
+ if setype != "<<none>>": + if setype != "<<none>>":
@ -631460,6 +631477,21 @@ index bcfaa2b..ce048bc 100644
NULL)) != -1) { NULL)) != -1) {
switch (i) { switch (i) {
case 'b': case 'b':
diff --git policycoreutils-2.5/semodule_package/semodule_package.c policycoreutils-2.5/semodule_package/semodule_package.c
index d2a5fd0..e472054 100644
--- policycoreutils-2.5/semodule_package/semodule_package.c
+++ policycoreutils-2.5/semodule_package/semodule_package.c
@@ -72,6 +72,10 @@ static int file_to_data(const char *path, char **data, size_t * len)
path, strerror(errno));
goto err;
}
+ if (!sb.st_size) {
+ *len = 0;
+ return 0;
+ }
*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
if (*data == MAP_FAILED) {
diff --git policycoreutils-2.5/sepolicy/common.h policycoreutils-2.5/sepolicy/common.h diff --git policycoreutils-2.5/sepolicy/common.h policycoreutils-2.5/sepolicy/common.h
index dc3ce6a..3b93845 100644 index dc3ce6a..3b93845 100644
--- policycoreutils-2.5/sepolicy/common.h --- policycoreutils-2.5/sepolicy/common.h
@ -633241,7 +633273,7 @@ index a92783a..8b3b131 100644
out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script")) out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
return out return out
diff --git policycoreutils-2.5/sepolicy/sepolicy/gui.py policycoreutils-2.5/sepolicy/sepolicy/gui.py diff --git policycoreutils-2.5/sepolicy/sepolicy/gui.py policycoreutils-2.5/sepolicy/sepolicy/gui.py
index 313b77f..a26bf51 100644 index 313b77f..70355d2 100644
--- policycoreutils-2.5/sepolicy/sepolicy/gui.py --- policycoreutils-2.5/sepolicy/sepolicy/gui.py
+++ policycoreutils-2.5/sepolicy/sepolicy/gui.py +++ policycoreutils-2.5/sepolicy/sepolicy/gui.py
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
@ -633748,7 +633780,7 @@ index 313b77f..a26bf51 100644
if label.get_text() == ADVANCED_SEARCH_LABEL[1]: if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
label.set_text(ADVANCED_SEARCH_LABEL[0]) label.set_text(ADVANCED_SEARCH_LABEL[0])
self.close_popup() self.close_popup()
@@ -2581,25 +2553,6 @@ class SELinuxGui(): @@ -2581,35 +2553,23 @@ class SELinuxGui():
label.set_text(ADVANCED_SEARCH_LABEL[1]) label.set_text(ADVANCED_SEARCH_LABEL[1])
self.show_popup(self.advanced_search_window) self.show_popup(self.advanced_search_window)
@ -633774,8 +633806,11 @@ index 313b77f..a26bf51 100644
def set_enforce_text(self, value): def set_enforce_text(self, value):
if value: if value:
self.status_bar.push(self.context_id, _("System Status: Enforcing")) self.status_bar.push(self.context_id, _("System Status: Enforcing"))
@@ -2608,8 +2561,14 @@ class SELinuxGui(): + self.current_status_enforcing.set_active(True)
self.current_status_permissive.set_active(True) else:
self.status_bar.push(self.context_id, _("System Status: Permissive"))
- self.current_status_permissive.set_active(True)
+ self.current_status_permissive.set_active(True)
def set_enforce(self, button): def set_enforce(self, button):
- self.dbus.setenforce(button.get_active()) - self.dbus.setenforce(button.get_active())
@ -633791,7 +633826,7 @@ index 313b77f..a26bf51 100644
def on_browse_select(self, *args): def on_browse_select(self, *args):
filename = self.file_dialog.get_filename() filename = self.file_dialog.get_filename()
@@ -2669,16 +2628,22 @@ class SELinuxGui(): @@ -2669,16 +2629,22 @@ class SELinuxGui():
self.system_policy_type_combobox.set_active(self.typeHistory) self.system_policy_type_combobox.set_active(self.typeHistory)
return None return None
@ -633818,7 +633853,7 @@ index 313b77f..a26bf51 100644
def import_config_show(self, *args): def import_config_show(self, *args):
self.file_dialog.set_action(Gtk.FileChooserAction.OPEN) self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
@@ -2735,7 +2700,7 @@ class SELinuxGui(): @@ -2735,7 +2701,7 @@ class SELinuxGui():
return return
try: try:
self.dbus.relabel_on_boot(active) self.dbus.relabel_on_boot(active)
@ -633827,7 +633862,7 @@ index 313b77f..a26bf51 100644
self.error(e) self.error(e)
def closewindow(self, window, *args): def closewindow(self, window, *args):
@@ -2821,10 +2786,13 @@ class SELinuxGui(): @@ -2821,10 +2787,13 @@ class SELinuxGui():
if not self.finish_init: if not self.finish_init:
return return
self.wait_mouse() self.wait_mouse()

View File

@ -9,7 +9,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.5 Version: 2.5
Release: 18%{?dist} Release: 19%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# https://github.com/SELinuxProject/selinux/wiki/Releases # https://github.com/SELinuxProject/selinux/wiki/Releases
@ -27,7 +27,7 @@ Source9: selinux-autorelabel-generator.sh
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
# run: # run:
# $ VERSION=2.5 ./make-fedora-selinux-patch.sh policycoreutils # $ VERSION=2.5 ./make-fedora-selinux-patch.sh policycoreutils
# HEAD https://github.com/fedora-selinux/selinux/commit/be955a4daf0598dbce8881c5dbab23b0cb1a6322 # HEAD https://github.com/fedora-selinux/selinux/commit/223fc83c6e68cead9b3d8d4e5ca7e95a580952e7
Patch: policycoreutils-fedora.patch Patch: policycoreutils-fedora.patch
# $ VERSION=1.2.3 ./make-fedora-selinux-patch.sh sepolgen # $ VERSION=1.2.3 ./make-fedora-selinux-patch.sh sepolgen
Patch1: sepolgen-fedora.patch Patch1: sepolgen-fedora.patch
@ -436,6 +436,11 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service %systemd_postun_with_restart restorecond.service
%changelog %changelog
* Thu Dec 01 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-19
- seobject: Handle python error returns correctly
- policycoreutils/sepolicy/gui: fix current selinux state radiobutton
- policycoreutils: semodule_package: do not fail with an empty fc file
* Tue Nov 22 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-18 * Tue Nov 22 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-18
- Update translations - Update translations
- Fix fcontextPage editing features (#1344842) - Fix fcontextPage editing features (#1344842)