* Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4

- Add --boot flag to audit2allow to get all AVC messages since last boot
2009-08-18 19:25:04 +00:00 · 2009-08-18 19:25:04 +00:00 · e96c403a63
commit e96c403a63
parent 2b1f1bd524
5 changed files with 81 additions and 21 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -205,3 +205,4 @@ policycoreutils-2.0.68.tgz
 policycoreutils-2.0.70.tgz
 policycoreutils_man_ru2.tar.bz2
 policycoreutils-2.0.71.tgz
 sepolgen-1.0.17.tgz
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,3 +1,43 @@
 diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.71/audit2allow/audit2allow
 --- nsapolicycoreutils/audit2allow/audit2allow	2009-01-13 08:45:35.000000000 -0500
 +++ policycoreutils-2.0.71/audit2allow/audit2allow	2009-08-18 15:19:58.000000000 -0400
@@ -42,6 +42,8 @@
         from optparse import OptionParser
         parser = OptionParser(version=self.VERSION)
 +        parser.add_option("-b", "--boot", action="store_true", dest="boot", default=False,
 +                          help="audit messages since last boot conflicts with -i")
         parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
                           help="read input from audit log - conflicts with -i")
         parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
@@ -80,11 +82,11 @@
         options, args = parser.parse_args()
         # Make -d, -a, and -i conflict
 -        if options.audit is True:
 +        if options.audit is True or options.boot:
             if options.input is not None:
 -                sys.stderr.write("error: --all conflicts with --input\n")
 +                sys.stderr.write("error: --all/--boot conflicts with --input\n")
             if options.dmesg is True:
 -                sys.stderr.write("error: --all conflicts with --dmesg\n")
 +                sys.stderr.write("error: --all/--boot conflicts with --dmesg\n")
         if options.input is not None and options.dmesg is True:
             sys.stderr.write("error: --input conflicts with --dmesg\n")
@@ -129,6 +131,12 @@
             except OSError, e:
                 sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
                 sys.exit(1)
 +        elif self.__options.boot:
 +            try:
 +                messages = audit.get_audit_boot_msgs()
 +            except OSError, e:
 +                sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
 +                sys.exit(1)
         else:
             # This is the default if no input is specified
             f = sys.stdin
 diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.71/Makefile
 --- nsapolicycoreutils/Makefile	2008-08-28 09:34:24.000000000 -0400
 +++ policycoreutils-2.0.71/Makefile	2009-08-13 17:57:54.000000000 -0400
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@ -1,19 +1,35 @@
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/access.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.71/sepolgen-1.0.16/src/sepolgen/audit.py
 --- nsasepolgen/src/sepolgen/access.py	2009-01-13 08:45:35.000000000 -0500
 +++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/access.py	2009-04-21 14:54:12.000000000 -0400
@@ -313,7 +313,7 @@
     def __len__(self):
         """Return the unique number of role allow statements."""
 -        return len(self.role_type.keys())
 +        return len(self.role_types.keys())
     def add(self, role, type):
         if self.role_types.has_key(role):
 diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/audit.py
 --- nsasepolgen/src/sepolgen/audit.py	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/audit.py	2009-04-24 13:19:39.000000000 -0400
+++ policycoreutils-2.0.71/sepolgen-1.0.16/src/sepolgen/audit.py	2009-08-18 15:21:13.000000000 -0400
-@@ -47,6 +47,17 @@
+@@ -23,6 +23,27 @@
 # Convenience functions
 +def get_audit_boot_msgs():
 +    """Obtain all of the avc and policy load messages from the audit
 +    log. This function uses ausearch and requires that the current
 +    process have sufficient rights to run ausearch.
 +
 +    Returns:
 +       string contain all of the audit messages returned by ausearch.
 +    """
 +    import subprocess
 +    import time
 +    fd=open("/proc/uptime", "r")
 +    off=float(fd.read().split()[0])
 +    fd.close
 +    s = time.localtime(time.time() - off)
 +    date = time.strftime("%D/%Y", s).split("/")
 +    bootdate="%s/%s/%s" % (date[0], date[1], date[3])
 +    boottime = time.strftime("%X", s)
 +    output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
 +                              stdout=subprocess.PIPE).communicate()[0]
 +    return output
 +
 def get_audit_msgs():
     """Obtain all of the avc and policy load messages from the audit
     log. This function uses ausearch and requires that the current
@@ -47,6 +68,17 @@
                               stdout=subprocess.PIPE).communicate()[0]
     return output
@ -31,15 +47,15 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycor
 # Classes representing audit messages
 class AuditMessage:
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/refparser.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.71/sepolgen-1.0.16/src/sepolgen/refparser.py
 --- nsasepolgen/src/sepolgen/refparser.py	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.62/sepolgen-1.0.16/src/sepolgen/refparser.py	2009-04-21 14:54:12.000000000 -0400
+++ policycoreutils-2.0.71/sepolgen-1.0.16/src/sepolgen/refparser.py	2009-08-13 17:57:55.000000000 -0400
@@ -919,7 +919,7 @@
 def list_headers(root):
     modules = []
     support_macros = None
 -    blacklist = ["init.if", "inetd.if", "uml.if", "thunderbird.if"]
-+    blacklist = ["uml.if", "thunderbird.if", "unconfined.if"]
+    blacklist = ["uml.if", "thunderbird.if, unconfined.if"]
     for dirpath, dirnames, filenames in os.walk(root):
         for name in filenames:
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -2,11 +2,11 @@
 %define	libsepolver	2.0.19-1
 %define	libsemanagever	2.0.28-2
 %define	libselinuxver	2.0.46-5
-%define	sepolgenver	1.0.16
+%define	sepolgenver	1.0.17
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.71
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -265,6 +265,9 @@ else
 fi
 %changelog
 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-4
 - Add --boot flag to audit2allow to get all AVC messages since last boot
 * Tue Aug 18 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-3
 - Fix semanage command
--- a/2
+++ b/2
@ -1,3 +1,3 @@
 e1b5416c3e0d76e5d702b3f54f4def45  sepolgen-1.0.16.tgz
 00fd9d86bd6a8066da710d6fda910b01  policycoreutils-2.0.71.tgz
 59d33101d57378ce69889cc078addf90  policycoreutils_man_ru2.tar.bz2
 480cc64a050735fa1163a87dc89c4f49  sepolgen-1.0.17.tgz