Fix semanage argparse bugs
This commit is contained in:
Dan Walsh
parent
d21896c450
commit
f8c8b42b7a
@ -318093,7 +318093,7 @@ index 0000000..e2befdb
|
||||
+ packages=["policycoreutils"],
|
||||
+)
|
||||
diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage
|
||||
index 6e33c85..aa8d46b 100644
|
||||
index 6e33c85..da33e6d 100644
|
||||
--- a/policycoreutils/semanage/semanage
|
||||
+++ b/policycoreutils/semanage/semanage
|
||||
@@ -1,5 +1,7 @@
|
||||
@ -318105,7 +318105,7 @@ index 6e33c85..aa8d46b 100644
|
||||
# see file 'COPYING' for use and warranty information
|
||||
#
|
||||
# semanage is a tool for managing SELinux configuration files
|
||||
@@ -19,564 +21,797 @@
|
||||
@@ -19,564 +21,798 @@
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
||||
# 02111-1307 USA
|
||||
#
|
||||
@ -318291,7 +318291,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+
|
||||
+def handleLogin(args):
|
||||
+ # {action:[conflict_opts,require_opts]}
|
||||
+ login_args = {'list':[('login','range','seuser'),('')],'add':[('locallist'),('seuser','login')],'modify':[('locallist'),('seuser','login')], 'delete':[('locallist'),('login')],'extract':[('locallist','login','range','seuser'),('')],'deleteall':[('locallist','login','range','seuser'),('')]}
|
||||
+ login_args = {'list':[('login','seuser'),('')],'add':[('locallist'),('seuser','login')],'modify':[('locallist'),('seuser','login')], 'delete':[('locallist'),('login')],'extract':[('locallist','login','range','seuser'),('')],'deleteall':[('locallist','login','range','seuser'),('')]}
|
||||
+
|
||||
+ handle_opts(args,login_args,args.action)
|
||||
+
|
||||
@ -318330,9 +318330,9 @@ index 6e33c85..aa8d46b 100644
|
||||
+def parser_add_type(parser, name):
|
||||
+ parser.add_argument('-t', '--type', help=_('SELinux Type for the object'))
|
||||
+def parser_add_level(parser, name):
|
||||
+ parser.add_argument('-L', '--level', default="", help=_('Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)'))
|
||||
+ parser.add_argument('-L', '--level', default='s0', help=_('Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)'))
|
||||
+def parser_add_range(parser, name):
|
||||
+ parser.add_argument('-r', '--range', default="",
|
||||
+ parser.add_argument('-r', '--range', default="s0",
|
||||
+ help=_('''
|
||||
+MLS/MCS Security Range (MLS/MCS Systems only)
|
||||
+SELinux Range for SELinux login mapping
|
||||
@ -318386,9 +318386,9 @@ index 6e33c85..aa8d46b 100644
|
||||
+ loginParser.set_defaults(func=handleLogin)
|
||||
+
|
||||
+def handleFcontext(args):
|
||||
+ fcontext_args = {'list':[('equal','ftype','range','seuser','type'),('')],'add':[('locallist'),('type','file_spec')],'modify':[('locallist'),('type','file_spec')], 'delete':[('locallist'),('type','file_spec')],'extract':[('locallist','equal','ftype','range','seuser','type'),('')],'deleteall':[('locallist','equal','ftype','range','seuser','type'),('')]}
|
||||
+ fcontext_args = {'list':[('equal','ftype','seuser','type'),('')],'add':[('locallist'),('type','file_spec')],'modify':[('locallist'),('type','file_spec')], 'delete':[('locallist'),('type','file_spec')],'extract':[('locallist','equal','ftype','seuser','type'),('')],'deleteall':[('locallist','equal','ftype','seuser','type'),('')]}
|
||||
+ # we can not use mutually for equal because we can define some actions together with equal
|
||||
+ fcontext_equal_args = {'equal':[('list','locallist','type','ftype','range','seuser','deleteall','extract'),('add','modify','delete','file_spec')]}
|
||||
+ fcontext_equal_args = {'equal':[('list','locallist','type','ftype','seuser','deleteall','extract'),('add','modify','delete','file_spec')]}
|
||||
+
|
||||
+ if args.action is None:
|
||||
+ print("usage: "+"%s" % generate_custom_usage(usage_fcontext, usage_fcontext_dict))
|
||||
@ -318405,7 +318405,8 @@ index 6e33c85..aa8d46b 100644
|
||||
+ if args.equal:
|
||||
+ OBJECT.add_equal(args.file_spec, args.equal)
|
||||
+ else:
|
||||
+ OBJECT.add(args.file_spec, args.type, args.ftype, args.seuser, args.range)
|
||||
+ print "Dan", args.file_spec, args.type, args.ftype, args.range, args.seuser
|
||||
+ OBJECT.add(args.file_spec, args.type, args.ftype, args.range, args.seuser)
|
||||
+ if args.action is "modify":
|
||||
+ if args.equal:
|
||||
+ OBJECT.add_equal(args.file_spec, args.equal)
|
||||
@ -318447,7 +318448,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+ parser_add_list(fcontext_action, "fcontext")
|
||||
+ parser_add_extract(fcontext_action, "fcontext")
|
||||
+ parser_add_deleteall(fcontext_action, "fcontext")
|
||||
+
|
||||
+
|
||||
+ fcontextParser.add_argument('-e', '--equal', help=_('''Substitute target path with sourcepath when generating default
|
||||
+ label. This is used with fcontext. Requires source and target
|
||||
+ path arguments. The context labeling for the target subtree is
|
||||
@ -318460,7 +318461,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+ fcontextParser.set_defaults(func=handleFcontext)
|
||||
+
|
||||
+def handleUser(args):
|
||||
+ user_args = {'list':[('selinux_name','range','seuser','level','roles'),('')],'add':[('locallist'),('roles','selinux_name')],'modify':[('locallist'),('roles','selinux_name')], 'delete':[('locallist'),('selinux_name')],'extract':[('locallist','selinux_name','range','seuser','level','role'),('')],'deleteall':[('locallist','selinux_name','range','seuser','level','roles'),('')]}
|
||||
+ user_args = {'list':[('selinux_name','seuser','roles'),('')],'add':[('locallist'),('roles','selinux_name')],'modify':[('locallist'),('roles','selinux_name')], 'delete':[('locallist'),('selinux_name')],'extract':[('locallist','selinux_name','seuser','role'),('')],'deleteall':[('locallist','selinux_name','seuser','roles'),('')]}
|
||||
+
|
||||
+ handle_opts(args,user_args,args.action)
|
||||
+
|
||||
@ -318509,7 +318510,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+ userParser.set_defaults(func=handleUser)
|
||||
+
|
||||
+def handlePort(args):
|
||||
+ port_args = {'list':[('port','range','type','proto'),('')],'add':[('locallist'),('type','port','proto')],'modify':[('localist'),('type','port','proto')], 'delete':[('locallist'),('port','proto')],'extract':[('locallist','port','range','type','proto'),('')],'deleteall':[('locallist','port','range','type','proto'),('')]}
|
||||
+ port_args = {'list':[('port','type','proto'),('')],'add':[('locallist'),('type','port','proto')],'modify':[('localist'),('type','port','proto')], 'delete':[('locallist'),('port','proto')],'extract':[('locallist','port','type','proto'),('')],'deleteall':[('locallist','port','type','proto'),('')]}
|
||||
+
|
||||
+ handle_opts(args,port_args,args.action)
|
||||
+
|
||||
@ -318552,7 +318553,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+ portParser.set_defaults(func=handlePort)
|
||||
+
|
||||
+def handleInterface(args):
|
||||
+ interface_args = {'list':[('interface','range'),('')],'add':[('locallist'),('type','interface')],'modify':[('locallist'),('type','interface')], 'delete':[('locallist'),('type','interface')],'extract':[('locallist','interface','range','type'),('')],'deleteall':[('locallist','interface','range','type'),('')]}
|
||||
+ interface_args = {'list':[('interface'),('')],'add':[('locallist'),('type','interface')],'modify':[('locallist'),('type','interface')], 'delete':[('locallist'),('type','interface')],'extract':[('locallist','interface','type'),('')],'deleteall':[('locallist','interface','type'),('')]}
|
||||
+
|
||||
+ handle_opts(args,interface_args,args.action)
|
||||
+
|
||||
@ -318623,7 +318624,7 @@ index 6e33c85..aa8d46b 100644
|
||||
+ moduleParser.set_defaults(func=handleModule)
|
||||
+
|
||||
+def handleNode(args):
|
||||
+ node_args = {'list':[('node','range','type','proto','mask'),('')],'add':[('locallist'),('type','node','proto','mask')],'modify':[('locallist'),('type','node','mask','proto')], 'delete':[('locallist'),('type','node','mask')],'extract':[('locallist','node','range','type','proto','mask'),('')],'deleteall':[('locallist','node','range','type','proto','mask'),('')]}
|
||||
+ node_args = {'list':[('node','type','proto','mask'),('')],'add':[('locallist'),('type','node','proto','mask')],'modify':[('locallist'),('type','node','mask','proto')], 'delete':[('locallist'),('type','node','mask')],'extract':[('locallist','node','type','proto','mask'),('')],'deleteall':[('locallist','node','type','proto','mask'),('')]}
|
||||
+ handle_opts(args,node_args,args.action)
|
||||
+
|
||||
+ OBJECT = object_dict['node']()
|
||||
@ -320574,7 +320575,7 @@ index 28a9022..90b142e 100644
|
||||
+usage: semanage [-h]
|
||||
+
|
||||
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
|
||||
index 85bc37f..9159df5 100644
|
||||
index 85bc37f..2f6a440 100644
|
||||
--- a/policycoreutils/semanage/seobject.py
|
||||
+++ b/policycoreutils/semanage/seobject.py
|
||||
@@ -32,11 +32,10 @@ from IPy import IP
|
||||
@ -320660,7 +320661,24 @@ index 85bc37f..9159df5 100644
|
||||
except RuntimeError:
|
||||
valid_types = []
|
||||
|
||||
@@ -1777,7 +1784,8 @@ class fcontextRecords(semanageRecords):
|
||||
@@ -1751,9 +1758,15 @@ class fcontextRecords(semanageRecords):
|
||||
raise ValueError(_("File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead") % (target, i, fdict[i], t))
|
||||
|
||||
|
||||
- def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
|
||||
+ def __add(self, target, type, ftype = "", serange = "s0", seuser = "system_u"):
|
||||
self.validate(target)
|
||||
|
||||
+ if not seuser:
|
||||
+ seuser = "system_u"
|
||||
+
|
||||
+ if not serange:
|
||||
+ seuser = "s0"
|
||||
+
|
||||
if is_mls_enabled == 1:
|
||||
serange = untranslate(serange)
|
||||
|
||||
@@ -1777,7 +1790,8 @@ class fcontextRecords(semanageRecords):
|
||||
raise ValueError(_("Could not check if file context for %s is defined") % target)
|
||||
|
||||
if exists:
|
||||
@ -320670,7 +320688,7 @@ index 85bc37f..9159df5 100644
|
||||
|
||||
(rc, fcontext) = semanage_fcontext_create(self.sh)
|
||||
if rc < 0:
|
||||
@@ -1970,7 +1978,7 @@ class fcontextRecords(semanageRecords):
|
||||
@@ -1970,7 +1984,7 @@ class fcontextRecords(semanageRecords):
|
||||
|
||||
if len(self.equiv):
|
||||
for target in self.equiv.keys():
|
||||
@ -320679,7 +320697,7 @@ index 85bc37f..9159df5 100644
|
||||
return l
|
||||
|
||||
def list(self, heading = 1, locallist = 0 ):
|
||||
@@ -2156,7 +2164,7 @@ class booleanRecords(semanageRecords):
|
||||
@@ -2156,7 +2170,7 @@ class booleanRecords(semanageRecords):
|
||||
keys.sort()
|
||||
for k in keys:
|
||||
if ddict[k]:
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.1.14
|
||||
Release: 68%{?dist}
|
||||
Release: 69%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
# Based on git repository with tag 20101221
|
||||
@ -330,6 +330,9 @@ The policycoreutils-restorecond package contains the restorecond service.
|
||||
%systemd_postun_with_restart restorecond.service
|
||||
|
||||
%changelog
|
||||
* Wed Jul 24 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-69
|
||||
- Fix semanage argparse bugs
|
||||
|
||||
* Tue Jul 23 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-68
|
||||
- Fix bugs introduced by previous patch. semanage port
|
||||
- Update Translations
|
||||
|
||||
Loading…
Reference in New Issue
Block a user