policycoreutils-3.6-2.1

- semanage: Allow modifying records on "add" Resolves: RHEL-5170
2024-02-19 20:51:10 +01:00 · 2024-02-19 20:51:10 +01:00 · f0c9b84b41
commit f0c9b84b41
parent cb35df9d2f
2 changed files with 16 additions and 15 deletions
--- a/0018-python-semanage-Allow-modifying-records-on-add.patch
+++ b/0018-python-semanage-Allow-modifying-records-on-add.patch
@ -1,6 +1,6 @@
-From 1afa3a9462e78d17a0a1fe2594fa6f1e8d57d47f Mon Sep 17 00:00:00 2001
+From 78e4c9f2c2e97d23a67254647339d3c75bb7986d Mon Sep 17 00:00:00 2001
 From: Vit Mojzis <vmojzis@redhat.com>
-Date: Wed, 24 Jan 2024 13:45:38 +0100
+Date: Wed, 14 Feb 2024 13:08:40 +0100
 Subject: [PATCH] python/semanage: Allow modifying records on "add"
 Content-type: text/plain
@ -21,11 +21,10 @@ Fixes:
  login, ibpkey, ibendport, node, interface and fcontext.
 Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
 Acked-by: James Carter <jwcart2@gmail.com>
 ---
 python/semanage/semanage    |   2 +-
- python/semanage/seobject.py | 206 +++++++++++++++++++++++++-----------
+ python/semanage/seobject.py | 208 +++++++++++++++++++++++++-----------
- 2 files changed, 145 insertions(+), 63 deletions(-)
+ 2 files changed, 147 insertions(+), 63 deletions(-)
 diff --git a/python/semanage/semanage b/python/semanage/semanage
 index 4fdb490f7df4..b269b9fca65b 100644
@ -41,7 +40,7 @@ index 4fdb490f7df4..b269b9fca65b 100644
             OBJECT.modify(args.file_spec, args.type, args.ftype, args.range, args.seuser)
     if args.action == "delete":
 diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
-index cc944ae202c9..dfb15b1d77e4 100644
+index cc944ae202c9..12133b53fe91 100644
 --- a/python/semanage/seobject.py
 +++ b/python/semanage/seobject.py
@@ -557,11 +557,6 @@ class loginRecords(semanageRecords):
@ -257,7 +256,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
         (rc, node) = semanage_node_create(self.sh)
         if rc < 0:
             raise ValueError(_("Could not create addr for %s") % addr)
-@@ -1955,9 +1996,25 @@ class nodeRecords(semanageRecords):
+@@ -1955,9 +1996,27 @@ class nodeRecords(semanageRecords):
     def add(self, addr, mask, proto, serange, ctype):
         self.begin()
@ -270,6 +269,8 @@ index cc944ae202c9..dfb15b1d77e4 100644
         self.commit()
 +    def __exists(self, addr, mask, proto):
 +        addr, mask, proto, audit_proto = self.validate(addr, mask, proto)
 +
 +        (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
 +        if rc < 0:
 +            raise ValueError(_("Could not create key for %s") % addr)
@ -284,7 +285,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
     def __modify(self, addr, mask, proto, serange, setype):
         addr, mask, proto, audit_proto = self.validate(addr, mask, proto)
-@@ -2111,12 +2168,6 @@ class interfaceRecords(semanageRecords):
+@@ -2111,12 +2170,6 @@ class interfaceRecords(semanageRecords):
         if rc < 0:
             raise ValueError(_("Could not create key for %s") % interface)
@ -297,7 +298,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
         (rc, iface) = semanage_iface_create(self.sh)
         if rc < 0:
             raise ValueError(_("Could not create interface for %s") % interface)
-@@ -2163,9 +2214,25 @@ class interfaceRecords(semanageRecords):
+@@ -2163,9 +2216,25 @@ class interfaceRecords(semanageRecords):
     def add(self, interface, serange, ctype):
         self.begin()
@ -324,7 +325,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
     def __modify(self, interface, serange, setype):
         if serange == "" and setype == "":
             raise ValueError(_("Requires setype or serange"))
-@@ -2353,7 +2420,13 @@ class fcontextRecords(semanageRecords):
+@@ -2353,7 +2422,13 @@ class fcontextRecords(semanageRecords):
             raise ValueError(_("Substitute %s is not valid. Substitute is not allowed to end with '/'") % substitute)
         if target in self.equiv.keys():
@ -339,7 +340,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
         self.validate(target)
         for fdict in (self.equiv, self.equiv_dist):
-@@ -2429,18 +2502,6 @@ class fcontextRecords(semanageRecords):
+@@ -2429,18 +2504,6 @@ class fcontextRecords(semanageRecords):
         if rc < 0:
             raise ValueError(_("Could not create key for %s") % target)
@ -358,7 +359,7 @@ index cc944ae202c9..dfb15b1d77e4 100644
         (rc, fcontext) = semanage_fcontext_create(self.sh)
         if rc < 0:
             raise ValueError(_("Could not create file context for %s") % target)
-@@ -2479,9 +2540,30 @@ class fcontextRecords(semanageRecords):
+@@ -2479,9 +2542,30 @@ class fcontextRecords(semanageRecords):
     def add(self, target, type, ftype="", serange="", seuser="system_u"):
         self.begin()
@ -391,5 +392,5 @@ index cc944ae202c9..dfb15b1d77e4 100644
         if serange == "" and setype == "" and seuser == "":
             raise ValueError(_("Requires setype, serange or seuser"))
 -- 
-2.43.0
+2.43.2
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -11,7 +11,7 @@
 Summary: SELinux policy core utilities
 Name:    policycoreutils
 Version: 3.6
-Release: 2%{?dist}
+Release: 2.1%{?dist}
 License: GPL-2.0-or-later
 # https://github.com/SELinuxProject/selinux/wiki/Releases
 Source0: https://github.com/SELinuxProject/selinux/releases/download/3.6/selinux-3.6.tar.gz
@ -464,7 +464,7 @@ The policycoreutils-restorecond package contains the restorecond service.
 %systemd_postun_with_restart restorecond.service
 %changelog
-* Tue Feb 13 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.6-2
+* Mon Feb 19 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.6-2.1
 - semanage: Allow modifying records on "add"
 - semanage: Do not sort local fcontext definitions