Additional changes for bash completsion and generate man page to match the w

-  Add newtype as a new qualifier to sepolicy generate.  This new mechanism wil
-  a policy write to generate types after the initial policy has been written a
-  will autogenerate all of the interfaces.
-  I also added a -w options to allow policy writers from the command line to s
-  the writable directories of files.
-
-  Modify network.py to include interface definitions for newly created port type
-  Standardize of te_types just like all of the other templates.
This commit is contained in:
Dan Walsh 2013-01-21 13:37:48 -06:00
parent d6717e2cff
commit eef44bd006
3 changed files with 679 additions and 75 deletions

File diff suppressed because it is too large Load Diff

View File

@ -1,5 +1,5 @@
diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
index 73c60f6..d636091 100644 index 73c60f6..9ca35a7 100644
--- a/sepolgen/src/sepolgen/audit.py --- a/sepolgen/src/sepolgen/audit.py
+++ b/sepolgen/src/sepolgen/audit.py +++ b/sepolgen/src/sepolgen/audit.py
@@ -38,8 +38,7 @@ def get_audit_boot_msgs(): @@ -38,8 +38,7 @@ def get_audit_boot_msgs():
@ -12,6 +12,15 @@ index 73c60f6..d636091 100644
boottime = time.strftime("%X", s) boottime = time.strftime("%X", s)
output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime], output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
stdout=subprocess.PIPE).communicate()[0] stdout=subprocess.PIPE).communicate()[0]
@@ -260,7 +259,7 @@ class AVCMessage(AuditMessage):
raise ValueError("Error during access vector computation")
if self.type == audit2why.CONSTRAINT:
- self.data = []
+ self.data = [ self.data ]
if self.scontext.user != self.tcontext.user:
self.data.append("user")
if self.scontext.role != self.tcontext.role and self.tcontext.role != "object_r":
diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
index a4adbd8..7b76261 100644 index a4adbd8..7b76261 100644
--- a/sepolgen/src/sepolgen/refparser.py --- a/sepolgen/src/sepolgen/refparser.py

View File

@ -7,7 +7,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.1.13 Version: 2.1.13
Release: 55%{?dist} Release: 56%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Base Group: System Environment/Base
# Based on git repository with tag 20101221 # Based on git repository with tag 20101221
@ -338,6 +338,22 @@ The policycoreutils-restorecond package contains the restorecond service.
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog %changelog
* Mon Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-56
- Additional changes for bash completsion and generate man page to match the w
- Add newtype as a new qualifier to sepolicy generate. This new mechanism wil
- a policy write to generate types after the initial policy has been written a
- will autogenerate all of the interfaces.
- I also added a -w options to allow policy writers from the command line to s
- the writable directories of files.
-
- Modify network.py to include interface definitions for newly created port type
- Standardize of te_types just like all of the other templates.
- Change permissive domains creation to raise exception if sepolgen is not ins
- get_te_results no longer needs or uses the opts parameter.
- The compliler was complaining so I just removed the option.
- Start returning analysis data for audit2allow
* Tue Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-55 * Tue Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-55
- Update Translations - Update Translations
- Fix handling of semanage generate --cgi -n MODULE PATHTO/CGI - Fix handling of semanage generate --cgi -n MODULE PATHTO/CGI