rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Tue Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-4

Browse Source 
- Fix sepolgen to be able to parse Fedora 9 policy
      Handle ifelse statements
      Handle refpolicywarn inside of define
      Add init.if and inetd.if into parse
      Add parse_file to syntax error message
This commit is contained in:
Daniel J Walsh 2007-12-19 10:40:23 +00:00
parent 206b23918e
commit e61ad2382c
2 changed files with 112 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
policycoreutils-sepolgen.patch
View File

@ -0,0 +1,102 @@
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.32/sepolgen-1.0.10/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2007-09-13 08:21:11.000000000 -0400
+++ policycoreutils-2.0.32/sepolgen-1.0.10/src/sepolgen/refparser.py 2007-12-19 05:21:44.000000000 -0500
@@ -118,6 +118,7 @@
'TEMPLATE',
'GEN_CONTEXT',
# m4
+ 'IFELSE',
'IFDEF',
'IFNDEF',
'DEFINE'
@@ -174,6 +175,7 @@
'template' : 'TEMPLATE',
'gen_context' : 'GEN_CONTEXT',
# M4
+ 'ifelse' : 'IFELSE',
'ifndef' : 'IFNDEF',
'ifdef' : 'IFDEF',
'define' : 'DEFINE'
@@ -220,6 +222,12 @@
# Ignore all comments
t.lexer.lineno += 1
+def t_refpolicywarn1(t):
+ r'define.*refpolicywarn\(.*\n'
+ # Ignore refpolicywarn statements - they sometimes
+ # contain text that we can't parse.
+ t.skip(1)
+
def t_refpolicywarn(t):
r'refpolicywarn\(.*\n'
# Ignore refpolicywarn statements - they sometimes
@@ -258,6 +266,7 @@
m = None
# error is either None (indicating no error) or a string error message.
error = None
+parse_file = ""
# spt is the support macros (e.g., obj/perm sets) - it is an instance of
# refpolicy.SupportMacros and should always be present during parsing
# though it may not contain any macros.
@@ -382,6 +391,19 @@
collect(p[12], x, val=False)
p[0] = [x]
+def p_ifelse(p):
+ '''ifelse : IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
+ | IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
+ '''
+# x = refpolicy.IfDef(p[4])
+# v = True
+# collect(p[8], x, val=v)
+# if len(p) > 12:
+# collect(p[12], x, val=False)
+# p[0] = [x]
+ pass
+
+
def p_ifdef(p):
'''ifdef : IFDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
| IFNDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
@@ -446,6 +468,7 @@
| optional_policy
| tunable_policy
| ifdef
+ | ifelse
| conditional
'''
p[0] = p[1]
@@ -844,7 +867,8 @@
def p_error(tok):
global error
- error = "Syntax error on line %d %s [type=%s]" % (tok.lineno, tok.value, tok.type)
+ global parse_file
+ error = "%s: Syntax error on line %d %s [type=%s]" % (parse_file, tok.lineno, tok.value, tok.type)
print error
def prep_spt(spt):
@@ -892,7 +916,7 @@
def list_headers(root):
modules = []
support_macros = None
- blacklist = ["init.if", "inetd.if", "uml.if", "thunderbird.if"]
+ blacklist = ["uml.if", "thunderbird.if"]
for dirpath, dirnames, filenames in os.walk(root):
for name in filenames:
@@ -941,12 +965,14 @@
output.write(msg)
def parse_file(f, module, spt=None):
+ global parse_file
if debug:
o("parsing file %s\n" % f)
try:
fd = open(f)
txt = fd.read()
fd.close()
+ parse_file = f
parse(txt, module, spt, debug)
except IOError, e:
return

11
policycoreutils.spec
View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.33 Version: 2.0.33
Release: 3%{?dist} Release: 4%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -23,6 +23,7 @@ Patch: policycoreutils-rhat.patch
Patch1: policycoreutils-po.patch Patch1: policycoreutils-po.patch
#Patch2: policycoreutils-sepolgen.patch #Patch2: policycoreutils-sepolgen.patch
Patch3: policycoreutils-gui.patch Patch3: policycoreutils-gui.patch
Patch4: policycoreutils-sepolgen.patch
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
@ -53,6 +54,7 @@ context.
%patch1 -p1 -b .rhatpo %patch1 -p1 -b .rhatpo
#%patch2 -p1 -b .sepolgen #%patch2 -p1 -b .sepolgen
%patch3 -p1 -b .gui %patch3 -p1 -b .gui
%patch4 -p1 -b .sepolgen
%build %build
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
@ -191,6 +193,13 @@ if [ "$1" -ge "1" ]; then
fi fi
%changelog %changelog
* Tue Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-4
- Fix sepolgen to be able to parse Fedora 9 policy
Handle ifelse statements
Handle refpolicywarn inside of define
Add init.if and inetd.if into parse
Add parse_file to syntax error message
* Fri Dec 14 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-3 * Fri Dec 14 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-3
- Add scroll bar to fcontext gui page - Add scroll bar to fcontext gui page