Additional changes for bash completsion and generate man page to match the w
- Add newtype as a new qualifier to sepolicy generate. This new mechanism wil - a policy write to generate types after the initial policy has been written a - will autogenerate all of the interfaces. - I also added a -w options to allow policy writers from the command line to s - the writable directories of files. - - Modify network.py to include interface definitions for newly created port type - Standardize of te_types just like all of the other templates.
This commit is contained in:
parent
d6717e2cff
commit
eef44bd006
File diff suppressed because it is too large
Load Diff
@ -1,5 +1,5 @@
|
|||||||
diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
|
diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
|
||||||
index 73c60f6..d636091 100644
|
index 73c60f6..9ca35a7 100644
|
||||||
--- a/sepolgen/src/sepolgen/audit.py
|
--- a/sepolgen/src/sepolgen/audit.py
|
||||||
+++ b/sepolgen/src/sepolgen/audit.py
|
+++ b/sepolgen/src/sepolgen/audit.py
|
||||||
@@ -38,8 +38,7 @@ def get_audit_boot_msgs():
|
@@ -38,8 +38,7 @@ def get_audit_boot_msgs():
|
||||||
@ -12,6 +12,15 @@ index 73c60f6..d636091 100644
|
|||||||
boottime = time.strftime("%X", s)
|
boottime = time.strftime("%X", s)
|
||||||
output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
|
output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
|
||||||
stdout=subprocess.PIPE).communicate()[0]
|
stdout=subprocess.PIPE).communicate()[0]
|
||||||
|
@@ -260,7 +259,7 @@ class AVCMessage(AuditMessage):
|
||||||
|
raise ValueError("Error during access vector computation")
|
||||||
|
|
||||||
|
if self.type == audit2why.CONSTRAINT:
|
||||||
|
- self.data = []
|
||||||
|
+ self.data = [ self.data ]
|
||||||
|
if self.scontext.user != self.tcontext.user:
|
||||||
|
self.data.append("user")
|
||||||
|
if self.scontext.role != self.tcontext.role and self.tcontext.role != "object_r":
|
||||||
diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
|
diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
|
||||||
index a4adbd8..7b76261 100644
|
index a4adbd8..7b76261 100644
|
||||||
--- a/sepolgen/src/sepolgen/refparser.py
|
--- a/sepolgen/src/sepolgen/refparser.py
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.1.13
|
Version: 2.1.13
|
||||||
Release: 55%{?dist}
|
Release: 56%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -338,6 +338,22 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-56
|
||||||
|
- Additional changes for bash completsion and generate man page to match the w
|
||||||
|
- Add newtype as a new qualifier to sepolicy generate. This new mechanism wil
|
||||||
|
- a policy write to generate types after the initial policy has been written a
|
||||||
|
- will autogenerate all of the interfaces.
|
||||||
|
- I also added a -w options to allow policy writers from the command line to s
|
||||||
|
- the writable directories of files.
|
||||||
|
-
|
||||||
|
- Modify network.py to include interface definitions for newly created port type
|
||||||
|
- Standardize of te_types just like all of the other templates.
|
||||||
|
|
||||||
|
- Change permissive domains creation to raise exception if sepolgen is not ins
|
||||||
|
- get_te_results no longer needs or uses the opts parameter.
|
||||||
|
- The compliler was complaining so I just removed the option.
|
||||||
|
- Start returning analysis data for audit2allow
|
||||||
|
|
||||||
* Tue Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-55
|
* Tue Jan 15 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-55
|
||||||
- Update Translations
|
- Update Translations
|
||||||
- Fix handling of semanage generate --cgi -n MODULE PATHTO/CGI
|
- Fix handling of semanage generate --cgi -n MODULE PATHTO/CGI
|
||||||
|
Loading…
Reference in New Issue
Block a user