diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index 85acaed..28b1689 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.82/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/booleansPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/booleansPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,247 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -251,7 +251,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.82/gui/domainsPage.py --- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/domainsPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/domainsPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,154 @@ +## domainsPage.py - show selinux domains +## Copyright (C) 2009 Red Hat, Inc. @@ -409,7 +409,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic + self.error(e.args[0]) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.82/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/fcontextPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/fcontextPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,223 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -636,7 +636,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli + self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.82/gui/html_util.py --- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/html_util.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/html_util.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,164 @@ +# Authors: John Dennis +# @@ -804,7 +804,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.82/gui/lockdown.glade --- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/lockdown.glade 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/lockdown.glade 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,771 @@ + + @@ -1579,7 +1579,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.82/gui/lockdown.gladep --- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/lockdown.gladep 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/lockdown.gladep 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -1590,7 +1590,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.82/gui/lockdown.py --- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/lockdown.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/lockdown.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,382 @@ +#!/usr/bin/python +# @@ -1976,7 +1976,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.82/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/loginsPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/loginsPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,185 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2165,7 +2165,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.82/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/Makefile 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/Makefile 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,40 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -2209,7 +2209,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +relabel: diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.82/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/mappingsPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/mappingsPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,56 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2269,7 +2269,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.82/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/modulesPage.py 2010-04-21 09:09:20.000000000 -0400 ++++ policycoreutils-2.0.82/gui/modulesPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,190 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -2463,7 +2463,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic + self.error(e.args[0]) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.82/gui/polgen.glade --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/polgen.glade 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/polgen.glade 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,3305 @@ + + @@ -5772,7 +5772,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.82/gui/polgen.gladep --- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/polgen.gladep 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/polgen.gladep 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -5783,7 +5783,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.82/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/polgengui.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/polgengui.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,627 @@ +#!/usr/bin/python -E +# @@ -6414,11 +6414,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.82/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/polgen.py 2010-03-30 11:52:00.000000000 -0400 -@@ -0,0 +1,1261 @@ ++++ policycoreutils-2.0.82/gui/polgen.py 2010-06-07 16:38:00.000000000 -0400 +@@ -0,0 +1,1273 @@ +#!/usr/bin/python +# -+# Copyright (C) 2007, 2008, 2009 Red Hat ++# Copyright (C) 2007-2010 Red Hat +# see file 'COPYING' for use and warranty information +# +# policygentool is a tool for the initial generation of SELinux policy @@ -6446,6 +6446,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore +from templates import executable +from templates import boolean +from templates import etc_rw ++from templates import var_cache +from templates import var_spool +from templates import var_lib +from templates import var_log @@ -6695,12 +6696,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw]; + self.DEFAULT_DIRS["/tmp"] = ["tmp", [], tmp]; + self.DEFAULT_DIRS["rw"] = ["rw", [], rw]; ++ self.DEFAULT_DIRS["/var/cache"] = ["var_cache", [], var_cache]; + self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib]; + self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log]; + self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run]; + self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool]; + -+ self.DEFAULT_KEYS=["/etc", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool"] ++ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool"] + + self.DEFAULT_TYPES = (\ +( self.generate_daemon_types, self.generate_daemon_rules), \ @@ -7618,36 +7620,46 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + +if __name__ == '__main__': + setype = DAEMON -+ gopts, cmds = getopt.getopt(sys.argv[1:], "ht:m", -+ ["type=", -+ "mount", -+ "test", -+ "help"]) -+ for o, a in gopts: -+ if o == "-t" or o == "--type": -+ try: -+ if int(a) not in poltype: ++ name = None ++ try: ++ gopts, cmds = getopt.getopt(sys.argv[1:], "ht:mn:", ++ ["type=", ++ "mount", ++ "test", ++ "name", ++ "help"]) ++ for o, a in gopts: ++ if o == "-t" or o == "--type": ++ try: ++ if int(a) not in poltype: ++ usage ("invalid type %s" % a ) ++ except: + usage ("invalid type %s" % a ) -+ except: -+ usage ("invalid type %s" % a ) + -+ setype = int(a) ++ setype = int(a) + -+ if o == "-m" or o == "--mount": -+ mount_ind = True ++ if o == "-m" or o == "--mount": ++ mount_ind = True + -+ if o == "-h" or o == "--help": -+ usage("") ++ if o == "-n" or o == "--name": ++ name = a ++ ++ if o == "-h" or o == "--help": ++ usage("") + -+ if o == "--test": -+ test() -+ sys.exit(0) ++ if o == "--test": ++ test() ++ sys.exit(0) + ++ except getopt.error, error: ++ usage(_("Options Error %s ") % error.msg) ++ + if len(cmds) == 0: + usage(_("Executable required")) + + try: -+ name = os.path.basename(cmds[0]).replace("-","_") ++ if not name: ++ name = os.path.basename(cmds[0]).replace("-","_") + cmd = cmds[0] + mypolicy = policy(name, setype) + mypolicy.set_program(cmd) @@ -7679,7 +7691,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + usage(e) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.82/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/portsPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/portsPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,259 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -7942,7 +7954,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.82/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/selinux.tbl 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/selinux.tbl 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,234 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /") @@ -8180,7 +8192,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.82/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/semanagePage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/semanagePage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,168 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8352,7 +8364,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.82/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/statusPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/statusPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,190 @@ +# statusPage.py - show selinux status +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -8546,7 +8558,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.82/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/system-config-selinux.glade 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/system-config-selinux.glade 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,3024 @@ + + @@ -11574,7 +11586,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.82/gui/system-config-selinux.gladep --- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/system-config-selinux.gladep 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/system-config-selinux.gladep 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -11585,7 +11597,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.82/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/system-config-selinux.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/system-config-selinux.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,187 @@ +#!/usr/bin/python +# @@ -11776,7 +11788,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.82/gui/templates/boolean.py --- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/boolean.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/boolean.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,40 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -11820,7 +11832,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.82/gui/templates/etc_rw.py --- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/etc_rw.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/etc_rw.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,113 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -11937,8 +11949,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.82/gui/templates/executable.py --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/executable.py 2010-03-30 11:52:34.000000000 -0400 -@@ -0,0 +1,365 @@ ++++ policycoreutils-2.0.82/gui/templates/executable.py 2010-06-07 16:40:33.000000000 -0400 +@@ -0,0 +1,361 @@ +# Copyright (C) 2007-2009 Red Hat +# see file 'COPYING' for use and warranty information +# @@ -12054,10 +12066,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +te_userapp_rules=""" +allow TEMPLATETYPE_t self:fifo_file manage_fifo_file_perms; +allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms; -+ -+files_read_etc_files(TEMPLATETYPE_t) -+ -+miscfiles_read_localization(TEMPLATETYPE_t) +""" + +te_cgi_rules=""" @@ -12140,7 +12148,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +## +## +## -+## Domain allowed to transition. ++## Domain allowed access. +## +## +# @@ -12255,7 +12263,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +if_begin_admin=""" +######################################## +## -+## All of the rules required to administrate ++## All of the rules required to administrate +## an TEMPLATETYPE environment +## +## @@ -12306,7 +12314,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.82/gui/templates/__init__.py --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/__init__.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/__init__.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,18 @@ +# +# Copyright (C) 2007 Red Hat, Inc. @@ -12328,7 +12336,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.82/gui/templates/network.py --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/network.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/network.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,80 @@ +te_port_types=""" +type TEMPLATETYPE_port_t; @@ -12412,7 +12420,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.82/gui/templates/rw.py --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/rw.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/rw.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,131 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12547,7 +12555,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.82/gui/templates/script.py --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/script.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/script.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,126 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12677,7 +12685,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.82/gui/templates/semodule.py --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/semodule.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/semodule.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,41 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12722,7 +12730,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.82/gui/templates/tmp.py --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/tmp.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/tmp.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,102 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12828,7 +12836,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.82/gui/templates/user.py --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/user.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/user.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,179 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13009,10 +13017,147 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po +te_newrole_rules=""" +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t }) +""" +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.82/gui/templates/var_cache.py +--- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.82/gui/templates/var_cache.py 2010-06-07 16:46:31.000000000 -0400 +@@ -0,0 +1,133 @@ ++# Copyright (C) 2010 Red Hat ++# see file 'COPYING' for use and warranty information ++# ++# policygentool is a tool for the initial generation of SELinux policy ++# ++# This program is free software; you can redistribute it and/or ++# modify it under the terms of the GNU General Public License as ++# published by the Free Software Foundation; either version 2 of ++# the License, or (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++# 02111-1307 USA ++# ++# ++########################### cache Template File ############################# ++ ++########################### Type Enforcement File ############################# ++te_types=""" ++type TEMPLATETYPE_cache_t; ++files_type(TEMPLATETYPE_cache_t) ++""" ++te_rules=""" ++manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t) ++manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t) ++manage_lnk_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t) ++files_var_filetans(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, { dir file }) ++""" ++ ++########################### Interface File ############################# ++if_rules=""" ++######################################## ++## ++## Search TEMPLATETYPE cache directories. ++## ++## ++## ++## Domain allowed access. ++## ++## ++# ++interface(`TEMPLATETYPE_search_cache',` ++ gen_require(` ++ type TEMPLATETYPE_cache_t; ++ ') ++ ++ allow $1 TEMPLATETYPE_cache_t:dir search_dir_perms; ++ files_search_var($1) ++') ++ ++######################################## ++## ++## Read TEMPLATETYPE cache files. ++## ++## ++## ++## Domain allowed access. ++## ++## ++# ++interface(`TEMPLATETYPE_read_cache_files',` ++ gen_require(` ++ type TEMPLATETYPE_cache_t; ++ ') ++ ++ files_search_var($1) ++ read_files_pattern($1, TEMPLATETYPE_cache_t TEMPLATETYPE_cache_t) ++') ++ ++######################################## ++## ++## Create, read, write, and delete ++## TEMPLATETYPE cache files. ++## ++## ++## ++## Domain allowed access. ++## ++## ++# ++interface(`TEMPLATETYPE_manage_cache_files',` ++ gen_require(` ++ type TEMPLATETYPE_cache_t; ++ ') ++ ++ files_search_var($1) ++ manage_files_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t) ++') ++ ++######################################## ++## ++## Create, read, write, and delete ++## TEMPLATETYPE cache dirs. ++## ++## ++## ++## Domain allowed access. ++## ++## ++# ++interface(`TEMPLATETYPE_manage_cache_dirs',` ++ gen_require(` ++ type TEMPLATETYPE_cache_t; ++ ') ++ ++ files_search_var($1) ++ manage_dirs_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t) ++') ++ ++""" ++ ++if_admin_types=""" ++ type TEMPLATETYPE_cache_t;""" ++ ++if_admin_rules=""" ++ files_search_var($1) ++ admin_pattern($1, TEMPLATETYPE_cache_t) ++""" ++ ++########################### File Context ################################## ++fc_file="""\ ++FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0) ++""" ++ ++fc_dir="""\ ++FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0) ++""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.82/gui/templates/var_lib.py --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/var_lib.py 2010-04-06 09:49:03.000000000 -0400 -@@ -0,0 +1,162 @@ ++++ policycoreutils-2.0.82/gui/templates/var_lib.py 2010-05-26 09:29:58.000000000 -0400 +@@ -0,0 +1,161 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information +# @@ -13174,11 +13319,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0) +""" -+ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.82/gui/templates/var_log.py --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/var_log.py 2010-04-06 09:49:07.000000000 -0400 -@@ -0,0 +1,115 @@ ++++ policycoreutils-2.0.82/gui/templates/var_log.py 2010-05-26 09:32:01.000000000 -0400 +@@ -0,0 +1,116 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information +# @@ -13294,9 +13438,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0) +""" ++ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.82/gui/templates/var_run.py --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/var_run.py 2010-04-06 09:48:40.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/var_run.py 2010-05-26 09:28:54.000000000 -0400 @@ -0,0 +1,101 @@ +# Copyright (C) 2007,2010 Red Hat +# see file 'COPYING' for use and warranty information @@ -13401,7 +13546,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.82/gui/templates/var_spool.py --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/templates/var_spool.py 2010-03-30 11:52:34.000000000 -0400 ++++ policycoreutils-2.0.82/gui/templates/var_spool.py 2010-06-07 16:46:58.000000000 -0400 @@ -0,0 +1,133 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13435,7 +13580,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) +manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) +manage_lnk_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) -+files_spool_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, { dir file sock_file }) ++files_spool_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, { dir file }) +""" + +########################### Interface File ############################# @@ -13475,7 +13620,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. + ') + + files_search_spool($1) -+ read_files_pattern($1, TEMPLATETYPE_spool_t TEMPLATETYPE_spool_t) ++ read_files_pattern($1, TEMPLATETYPE_spool_t TEMPLATETYPE_spool_t) +') + +######################################## @@ -13495,7 +13640,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. + ') + + files_search_spool($1) -+ manage_files_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) ++ manage_files_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) +') + +######################################## @@ -13515,7 +13660,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. + ') + + files_search_spool($1) -+ manage_dirs_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) ++ manage_dirs_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t) +') + +""" @@ -13538,7 +13683,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.82/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.82/gui/usersPage.py 2010-03-24 16:12:21.000000000 -0400 ++++ policycoreutils-2.0.82/gui/usersPage.py 2010-04-28 17:12:20.000000000 -0400 @@ -0,0 +1,150 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006,2007,2008 Red Hat, Inc. diff --git a/policycoreutils.spec b/policycoreutils.spec index 7054e5a..54a7b54 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.82 -Release: 28%{?dist} +Release: 29%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -313,6 +313,9 @@ fi exit 0 %changelog +* Mon Jun 7 2010 Dan Walsh 2.0.82-29 +- Allow creation of /var/cache/DOMAIN from sepolgen + * Thu Jun 3 2010 Dan Walsh 2.0.82-28 - Fix sandbox init script - Add dbus-launch to sandbox -X @@ -349,7 +352,6 @@ Resolves: #595276 - Add man page for seunshare and genhomedircon Resolves: #594303 - Fix node management via semanage -Resolves: #591135 * Wed May 19 2010 Dan Walsh 2.0.82-20 - Fixes from upstream for sandbox command