rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri May 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-2

Browse Source 
- Change polgen.py to be able to generate policy
This commit is contained in:
Daniel J Walsh 2009-05-22 21:10:16 +00:00
parent 7d0ef81ff4
commit e785375a96
2 changed files with 285 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

369
policycoreutils-gui.patch
View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.62/gui/booleansPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.63/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/booleansPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/booleansPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,247 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.load(self.filter)
+ return True
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.62/gui/domainsPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.63/gui/domainsPage.py
--- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/domainsPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/domainsPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc.
@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
+
+ except ValueError, e:
+ self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.62/gui/fcontextPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.63/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/fcontextPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/fcontextPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.62/gui/html_util.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.63/gui/html_util.py
--- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/html_util.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/html_util.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis@redhat.com>
+#
@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
+ doc += tail
+ return doc
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.62/gui/lockdown.glade
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.63/gui/lockdown.glade
--- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/lockdown.glade 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/lockdown.glade 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+</widget>
+
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.62/gui/lockdown.gladep
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.63/gui/lockdown.gladep
--- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/lockdown.gladep 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/lockdown.gladep 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1588,9 +1588,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
+ <name></name>
+ <program_name></program_name>
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.62/gui/lockdown.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.63/gui/lockdown.py
--- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/lockdown.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/lockdown.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,382 @@
+#!/usr/bin/python
+#
@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+
+ app = booleanWindow()
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.62/gui/loginsPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.63/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/loginsPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/loginsPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.62/gui/Makefile
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.63/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/Makefile 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/Makefile 2009-05-22 17:07:21.000000000 -0400
@@ -0,0 +1,38 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@ -2179,7 +2179,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+loginsPage.py \
+mappingsPage.py \
+modulesPage.py \
+polgen.py \
+polgen.glade \
+portsPage.py \
+lockdown.glade \
@ -2190,12 +2189,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+usersPage.py \
+selinux.tbl
+
+all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py
+all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py polgen.py
+
+install: all
+ -mkdir -p $(SHAREDIR)/templates
+ install -m 755 system-config-selinux.py $(SHAREDIR)
+ install -m 755 polgengui.py $(SHAREDIR)
+ install -m 755 polgen.py $(SHAREDIR)
+ install -m 755 lockdown.py $(SHAREDIR)
+ install -m 644 $(TARGETS) $(SHAREDIR)
+ install -m 644 templates/*.py $(SHAREDIR)/templates/
@ -2205,9 +2205,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+indent:
+
+relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.62/gui/mappingsPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.63/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/mappingsPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/mappingsPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@ -2265,9 +2265,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.62/gui/modulesPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.63/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/modulesPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/modulesPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2459,9 +2459,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+ except ValueError, e:
+ self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.62/gui/polgen.glade
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.63/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/polgen.glade 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/polgen.glade 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,3305 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -5768,9 +5768,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+</widget>
+
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.62/gui/polgen.gladep
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.63/gui/polgen.gladep
--- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/polgen.gladep 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/polgen.gladep 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5779,9 +5779,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
+ <name></name>
+ <program_name></program_name>
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.62/gui/polgengui.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.63/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/polgengui.py 2009-05-12 13:20:15.000000000 -0400
+++ policycoreutils-2.0.63/gui/polgengui.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,627 @@
+#!/usr/bin/python -E
+#
@ -6410,10 +6410,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+
+ app = childWindow()
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.62/gui/polgen.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.63/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/polgen.py 2009-05-04 13:40:26.000000000 -0400
@@ -0,0 +1,954 @@
+++ policycoreutils-2.0.63/gui/polgen.py 2009-05-22 17:02:43.000000000 -0400
@@ -0,0 +1,1152 @@
+#!/usr/bin/python
+#
+# Copyright (C) 2007, 2008, 2009 Red Hat
@ -6558,6 +6558,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+EUSER = 9
+RUSER = 10
+
+poltype={}
+poltype[DAEMON] = _("Standard Init Daemon")
+poltype[DBUS] = _("DBUS System Daemon")
+poltype[INETD] = _("Internet Services Daemon")
+poltype[CGI] = _("Web Application/Script (CGI)")
+poltype[USER] = _("User Application")
+poltype[TUSER] = _("Minimal Terminal User Role")
+poltype[XUSER] = _("Minimal X Windows User Role")
+poltype[LUSER] = _("User Role")
+poltype[AUSER] = _("Admin User Role")
+poltype[RUSER] = _("Root Admin User Role")
+
+
+APPLICATIONS = [ DAEMON, DBUS, INETD, USER, CGI ]
+USERS = [ XUSER, TUSER, LUSER, AUSER, EUSER, RUSER]
+
@ -6590,10 +6603,82 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ raise ValueError(_("Ports must be numbers or ranges of numbers from 1 to %d " % max_port ))
+
+class policy:
+
+
+ def __init__(self, name, type):
+ ports = seobject.portRecords()
+ self.ports = ports.get_all()
+
+ self.symbols = {}
+ self.symbols["__syslog_chk"] = "set_use_syslog(True)"
+ self.symbols["getpwnam"] = "set_use_uid(True)"
+ self.symbols["getpwuid"] = "set_use_uid(True)"
+ self.symbols["dbus_"] = "set_use_dbus(True)"
+ self.symbols["pam_"] = "set_use_pam(True)"
+ self.symbols["pam_"] = "set_use_audit(True)"
+
+ self.symbols["fork"] = "add_process('fork')"
+ self.symbols["transition"] = "add_process('transition')"
+ self.symbols["sigchld"] = "add_process('sigchld')"
+ self.symbols["sigkill"] = "add_process('sigkill')"
+ self.symbols["sigstop"] = "add_process('sigstop')"
+ self.symbols["signull"] = "add_process('signull')"
+ self.symbols["signal"] = "add_process('signal')"
+ self.symbols["ptrace"] = "add_process('ptrace')"
+ self.symbols["getsched"] = "add_process('getsched')"
+ self.symbols["setsched"] = "add_process('setsched')"
+ self.symbols["getsession"] = "add_process('getsession')"
+ self.symbols["getpgid"] = "add_process('getpgid')"
+ self.symbols["setpgid"] = "add_process('setpgid')"
+ self.symbols["getcap"] = "add_process('getcap')"
+ self.symbols["setcap"] = "add_process('setcap')"
+ self.symbols["share"] = "add_process('share')"
+ self.symbols["getattr"] = "add_process('getattr')"
+ self.symbols["setexec"] = "add_process('setexec')"
+ self.symbols["setfscreate"] = "add_process('setfscreate')"
+ self.symbols["noatsecure"] = "add_process('noatsecure')"
+ self.symbols["siginh"] = "add_process('siginh')"
+ self.symbols["setrlimit"] = "add_process('setrlimit')"
+ self.symbols["rlimitinh"] = "add_process('rlimitinh')"
+ self.symbols["dyntransition"] = "add_process('dyntransition')"
+ self.symbols["setcurrent"] = "add_process('setcurrent')"
+ self.symbols["execmem"] = "add_process('execmem')"
+ self.symbols["execstack"] = "add_process('execstack')"
+ self.symbols["execheap"] = "add_process('execheap')"
+ self.symbols["setkeycreate"] = "add_process('setkeycreate')"
+ self.symbols["setsockcreate"] = "add_process('setsockcreate')"
+
+ self.symbols["chown"] = "add_capability('chown')"
+ self.symbols["dac_override"] = "add_capability('dac_override')"
+ self.symbols["dac_read_search"] = "add_capability('dac_read_search')"
+ self.symbols["fowner"] = "add_capability('fowner')"
+ self.symbols["fsetid"] = "add_capability('fsetid')"
+ self.symbols["kill"] = "add_capability('kill')"
+ self.symbols["setgid"] = "add_capability('setgid')"
+ self.symbols["setuid"] = "add_capability('setuid')"
+ self.symbols["setpcap"] = "add_capability('setpcap')"
+ self.symbols["linux_immutable"] = "add_capability('linux_immutable')"
+ self.symbols["net_bind_service"] = "add_capability('net_bind_service')"
+ self.symbols["net_broadcast"] = "add_capability('net_broadcast')"
+ self.symbols["net_admin"] = "add_capability('net_admin')"
+ self.symbols["net_raw"] = "add_capability('net_raw')"
+ self.symbols["ipc_lock"] = "add_capability('ipc_lock')"
+ self.symbols["ipc_owner"] = "add_capability('ipc_owner')"
+ self.symbols["sys_module"] = "add_capability('sys_module')"
+ self.symbols["sys_rawio"] = "add_capability('sys_rawio')"
+ self.symbols["sys_chroot"] = "add_capability('sys_chroot')"
+ self.symbols["sys_ptrace"] = "add_capability('sys_ptrace')"
+ self.symbols["sys_pacct"] = "add_capability('sys_pacct')"
+ self.symbols["sys_admin"] = "add_capability('sys_admin')"
+ self.symbols["sys_boot"] = "add_capability('sys_boot')"
+ self.symbols["sys_nice"] = "add_capability('sys_nice')"
+ self.symbols["sys_resource"] = "add_capability('sys_resource')"
+ self.symbols["sys_time"] = "add_capability('sys_time')"
+ self.symbols["sys_tty_config"] = "add_capability('sys_tty_config')"
+ self.symbols["mknod"] = "add_capability('mknod')"
+ self.symbols["lease"] = "add_capability('lease')"
+ self.symbols["audit_write"] = "add_capability('audit_write')"
+ self.symbols["audit_control"] = "add_capability('audit_control')"
+ self.symbols["setfcap"] = "add_capability('setfcap')"
+
+ self.DEFAULT_DIRS = {}
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
@ -6624,6 +6709,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.name = name
+ self.file_name = name
+
+ self.capabilities = []
+ self.processes = []
+ self.type = type
+ self.initscript = ""
+ self.program = ""
@ -6846,6 +6933,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.DEFAULT_DIRS["rw"][1].append(file)
+ return self.DEFAULT_DIRS["rw"]
+
+ def add_capability(self, capability):
+ self.capabilities.append(capability)
+
+ def add_process(self, process):
+ self.processes.append(process)
+
+ def add_boolean(self, name, description):
+ self.booleans[name] = description
+
@ -6855,6 +6948,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ def add_dir(self, file):
+ self.dirs[file] = self.__find_path(file)
+
+ def generate_capabilities(self):
+ newte = ""
+ if len(self.capabilities) > 0:
+ newte = "allow %s self:capability { %s };\n" % (self.name, " ".join(self.capabilities))
+ return newte
+
+ def generate_process(self):
+ newte = ""
+ if len(self.processes) > 0:
+ newte = "allow %s self:process { %s };\n" % (self.name, " ".join(self.processes))
+ return newte
+
+
+ def generate_network_rules(self):
+ newte = ""
+ if self.use_network():
@ -7112,6 +7218,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ if self.type != CGI or d != "rw":
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
+
+ newte +="""
+########################################
+#
+# %s local policy
+#
+
+""" % self.name
+ newte += self.generate_capabilities()
+ newte += self.generate_process()
+ newte += self.generate_network_types()
+ newte += self.generate_tmp_types()
+ newte += self.generate_booleans()
@ -7273,8 +7388,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.stderr.flush()
+ sys.exit(1)
+
+
+if __name__ == '__main__':
+def test():
+ mypolicy = policy("mycgi", CGI)
+ mypolicy.set_program("/var/www/cgi-bin/cgi")
+ mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000")
@ -7365,12 +7479,96 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_admin_domains(["postgresql", "mysql"])
+ print mypolicy.generate("/var/tmp")
+
+ sys.exit(0)
+
+import os, sys, getopt, socket, random, fcntl
+
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.62/gui/portsPage.py
+def gen_writeable(cmd):
+ fd = os.popen("rpm -qlf %s" % cmd)
+ rec = fd.read().split()
+ fd.close()
+ return rec
+
+def gen_symbols(cmd):
+ fd = os.popen("nm /usr/lib/debug%s.debug | grep U" % cmd)
+ rec = fd.read().split()
+ fd.close()
+ return rec
+
+def usage(msg):
+ print _("""
+%s
+
+polgen [ -m ] [ -t type ] command
+valid Types:
+""") % msg
+ keys=poltype.keys()
+ for i in keys:
+ print "\t%s\t%s" % (i, poltype[i])
+ sys.exit(-1)
+
+if __name__ == '__main__':
+ setype = DAEMON
+ gopts, cmds = getopt.getopt(sys.argv[1:], "t:m",
+ ["type=",
+ "mount"])
+ for o, a in gopts:
+ if o == "-t" or o == "--type":
+ try:
+ if int(a) not in poltype:
+ usage ("invalid type %s" % a )
+ except:
+ usage ("invalid type %s" % a )
+
+ setype = int(a)
+
+ if o == "-m" or o == "--mount":
+ mount_ind = True
+
+
+ if len(cmds) == 0:
+ usage(_("Executable required"))
+
+ name = os.path.basename(cmds[0])
+ cmd = cmds[0]
+ mypolicy = policy(name, setype)
+ mypolicy.set_program(cmd)
+ for f in gen_writeable(cmd):
+ for b in mypolicy.DEFAULT_DIRS:
+ if b == "/etc":
+ continue
+ if f.startswith(b):
+ if os.path.isfile(f):
+ mypolicy.add_file(f)
+ else:
+ mypolicy.add_dir(f)
+
+ if os.path.isfile("/var/run/%s.pid" % name):
+ mypolicy.add_file("/var/run/%s.pid" % name)
+
+ if os.path.isfile("/etc/rc.d/init.d/%s" % name):
+ mypolicy.set_init_script("/etc/rc\.d/init\.d/%s" % name)
+
+ symbols = gen_symbols(cmd)
+ if len(symbols) == 0:
+ print """
+%s attempts to scan the debuginfo file for symbols to generate
+additional policy rules, which is missing for %s
+
+debuginfo-install RPMPACKAGE
+
+Will install %s with symbols. Then rerun this tool tool generate additional
+rules.
+""" % (sys.argv[0], cmd, cmd)
+ for s in symbols:
+ for b in mypolicy.symbols:
+ if s.startswith(b):
+ exec "mypolicy.%s" % mypolicy.symbols[b]
+
+ print mypolicy.generate()
+ sys.exit(0)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.63/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/portsPage.py 2009-05-12 13:20:08.000000000 -0400
+++ policycoreutils-2.0.63/gui/portsPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@ -7631,9 +7829,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+
+ return True
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.62/gui/selinux.tbl
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.63/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/selinux.tbl 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/selinux.tbl 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -7869,9 +8067,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.62/gui/semanagePage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.63/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/semanagePage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/semanagePage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@ -8041,9 +8239,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.load(self.filter)
+ return True
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.62/gui/statusPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.63/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/statusPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/statusPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,190 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8235,9 +8433,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.62/gui/system-config-selinux.glade
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.63/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/system-config-selinux.glade 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/system-config-selinux.glade 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,3403 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -11642,9 +11840,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</widget>
+
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.62/gui/system-config-selinux.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.63/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/system-config-selinux.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/system-config-selinux.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,189 @@
+#!/usr/bin/python
+#
@ -11835,9 +12033,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+
+ app = childWindow()
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.62/gui/templates/boolean.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.63/gui/templates/boolean.py
--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/boolean.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/boolean.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -11879,9 +12077,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
+')
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.62/gui/templates/etc_rw.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.63/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/etc_rw.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/etc_rw.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -12012,10 +12210,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.62/gui/templates/executable.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.63/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/executable.py 2009-05-12 13:20:40.000000000 -0400
@@ -0,0 +1,368 @@
+++ policycoreutils-2.0.63/gui/templates/executable.py 2009-05-22 16:56:01.000000000 -0400
@@ -0,0 +1,363 @@
+# Copyright (C) 2007-2009 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@ -12118,11 +12316,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+"""
+
+te_daemon_rules="""
+########################################
+#
+# TEMPLATETYPE local policy
+#
+
+# Init script handling
+domain_use_interactive_fds(TEMPLATETYPE_t)
+
@ -12384,9 +12577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.62/gui/templates/__init__.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.63/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/__init__.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/__init__.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@ -12406,9 +12599,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.62/gui/templates/network.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.63/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/network.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/network.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@ -12490,9 +12683,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.62/gui/templates/rw.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.63/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/rw.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/rw.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,128 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -12622,9 +12815,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.62/gui/templates/script.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.63/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/script.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/script.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,99 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -12725,9 +12918,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+# Adding roles to SELinux user USER
+/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.62/gui/templates/semodule.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.63/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/semodule.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/semodule.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -12770,9 +12963,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.62/gui/templates/tmp.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.63/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/tmp.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/tmp.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,97 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -12871,9 +13064,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+ TEMPLATETYPE_manage_tmp($1)
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.62/gui/templates/user.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.63/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/user.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/user.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,182 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -13057,9 +13250,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.62/gui/templates/var_lib.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.63/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/var_lib.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/var_lib.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,158 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -13219,9 +13412,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.62/gui/templates/var_log.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.63/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/var_log.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/var_log.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,110 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -13333,9 +13526,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.62/gui/templates/var_run.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.63/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/var_run.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/var_run.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,118 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -13455,9 +13648,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.62/gui/templates/var_spool.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.63/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/templates/var_spool.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/templates/var_spool.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@ -13588,9 +13781,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.62/gui/translationsPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.63/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/translationsPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/translationsPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,118 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
@ -13710,9 +13903,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.62/gui/usersPage.py
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.63/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.62/gui/usersPage.py 2009-05-04 13:40:26.000000000 -0400
+++ policycoreutils-2.0.63/gui/usersPage.py 2009-05-22 13:40:04.000000000 -0400
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.

5
policycoreutils.spec
View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.63
Release: 1%{?dist}
Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -226,6 +226,9 @@ else
fi
%changelog
* Fri May 22 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-2
- Change polgen.py to be able to generate policy
* Wed May 20 2009 Dan Walsh <dwalsh@redhat.com> 2.0.63-1
- Update to upstream
* Fix transaction checking from Dan Walsh.