Update to upstream
- policycoreutils * restorecond: wrong options should exit with non-zero error code * restorecond: Add -h option to get usage command * resorecond: user: fix fd leak * mcstrans: add -f to run in foreground * semanage: fix man page range and level defaults * semanage: bash completion for modules should include -a,-m, -d * semanage: manpage update for -e * semanage: dontaudit off should work * semanage: locallist option does not take an argument * sepolgen: Make use of setools optional within sepolgen - sepolgen * Make use of setools optional within sepolgen * We need to support files that have a + in them
This commit is contained in:
Dan Walsh
parent
b97e271674
commit
f35df462e0
File diff suppressed because it is too large
Load Diff
@ -30,56 +30,3 @@ index 1a9a3e5..d56dd92 100644
|
|||||||
|
|
||||||
def __iter__(self):
|
def __iter__(self):
|
||||||
return iter(self.children)
|
return iter(self.children)
|
||||||
diff --git a/sepolgen/src/sepolgen/policygen.py b/sepolgen/src/sepolgen/policygen.py
|
|
||||||
index 4882999..9dc2d32 100644
|
|
||||||
--- a/sepolgen/src/sepolgen/policygen.py
|
|
||||||
+++ b/sepolgen/src/sepolgen/policygen.py
|
|
||||||
@@ -30,7 +30,11 @@ import access
|
|
||||||
import interfaces
|
|
||||||
import matching
|
|
||||||
import selinux.audit2why as audit2why
|
|
||||||
-from setools import *
|
|
||||||
+try:
|
|
||||||
+ from setools import *
|
|
||||||
+ alldomains = seinfo(ATTRIBUTE, name="domain")[0]["types"]
|
|
||||||
+except:
|
|
||||||
+ pass
|
|
||||||
|
|
||||||
# Constants for the level of explanation from the generation
|
|
||||||
# routines
|
|
||||||
@@ -79,7 +83,6 @@ class PolicyGenerator:
|
|
||||||
|
|
||||||
self.dontaudit = False
|
|
||||||
|
|
||||||
- self.domains = None
|
|
||||||
def set_gen_refpol(self, if_set=None, perm_maps=None):
|
|
||||||
"""Set whether reference policy interfaces are generated.
|
|
||||||
|
|
||||||
@@ -175,13 +178,11 @@ class PolicyGenerator:
|
|
||||||
if av.type == audit2why.TERULE:
|
|
||||||
if "write" in av.perms:
|
|
||||||
if "dir" in av.obj_class or "open" in av.perms:
|
|
||||||
- if not self.domains:
|
|
||||||
- self.domains = seinfo(ATTRIBUTE, name="domain")[0]["types"]
|
|
||||||
types=[]
|
|
||||||
|
|
||||||
try:
|
|
||||||
for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
|
|
||||||
- if i not in self.domains:
|
|
||||||
+ if i not in alldomains:
|
|
||||||
types.append(i)
|
|
||||||
if len(types) == 1:
|
|
||||||
rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
|
|
||||||
diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
|
|
||||||
index 9a79340..a4adbd8 100644
|
|
||||||
--- a/sepolgen/src/sepolgen/refparser.py
|
|
||||||
+++ b/sepolgen/src/sepolgen/refparser.py
|
|
||||||
@@ -245,7 +245,7 @@ def t_refpolicywarn(t):
|
|
||||||
t.lexer.lineno += 1
|
|
||||||
|
|
||||||
def t_IDENTIFIER(t):
|
|
||||||
- r'[a-zA-Z_\$\"][a-zA-Z0-9_\-\.\$\*\"~]*'
|
|
||||||
+ r'[a-zA-Z_\$\"][a-zA-Z0-9_\-\+\.\$\*\"~]*'
|
|
||||||
# Handle any keywords
|
|
||||||
t.type = reserved.get(t.value,'IDENTIFIER')
|
|
||||||
return t
|
|
||||||
|
|||||||
@ -2,12 +2,12 @@
|
|||||||
%define libsepolver 2.1.5-3
|
%define libsepolver 2.1.5-3
|
||||||
%define libsemanagever 2.1.7-1
|
%define libsemanagever 2.1.7-1
|
||||||
%define libselinuxver 2.1.10-1
|
%define libselinuxver 2.1.10-1
|
||||||
%define sepolgenver 1.1.6
|
%define sepolgenver 1.1.7
|
||||||
|
|
||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.1.11
|
Version: 2.1.12
|
||||||
Release: 18%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -340,6 +340,23 @@ fi
|
|||||||
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jul 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
|
||||||
|
- Update to upstream
|
||||||
|
- policycoreutils
|
||||||
|
* restorecond: wrong options should exit with non-zero error code
|
||||||
|
* restorecond: Add -h option to get usage command
|
||||||
|
* resorecond: user: fix fd leak
|
||||||
|
* mcstrans: add -f to run in foreground
|
||||||
|
* semanage: fix man page range and level defaults
|
||||||
|
* semanage: bash completion for modules should include -a,-m, -d
|
||||||
|
* semanage: manpage update for -e
|
||||||
|
* semanage: dontaudit off should work
|
||||||
|
* semanage: locallist option does not take an argument
|
||||||
|
* sepolgen: Make use of setools optional within sepolgen
|
||||||
|
- sepolgen
|
||||||
|
* Make use of setools optional within sepolgen
|
||||||
|
* We need to support files that have a + in them
|
||||||
|
|
||||||
* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-18
|
* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-18
|
||||||
- Make restorecon exit with an error on a bad path
|
- Make restorecon exit with an error on a bad path
|
||||||
|
|
||||||
|
|||||||
4
sources
4
sources
@ -1,3 +1,3 @@
|
|||||||
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
||||||
23853afb62a03b054957d9ecda80b6e9 sepolgen-1.1.6.tgz
|
3c815de58ad31221802931cb9aa1ab28 policycoreutils-2.1.12.tgz
|
||||||
29fa045182e986ac8820a08354a79a34 policycoreutils-2.1.11.tgz
|
ee3b0481920390f1fee7e2ec2c424b02 sepolgen-1.1.7.tgz
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user