Fix semanage argparse bugs
This commit is contained in:
Dan Walsh
parent
d21896c450
commit
f8c8b42b7a
@ -318093,7 +318093,7 @@ index 0000000..e2befdb
|
|||||||
+ packages=["policycoreutils"],
|
+ packages=["policycoreutils"],
|
||||||
+)
|
+)
|
||||||
diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage
|
diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage
|
||||||
index 6e33c85..aa8d46b 100644
|
index 6e33c85..da33e6d 100644
|
||||||
--- a/policycoreutils/semanage/semanage
|
--- a/policycoreutils/semanage/semanage
|
||||||
+++ b/policycoreutils/semanage/semanage
|
+++ b/policycoreutils/semanage/semanage
|
||||||
@@ -1,5 +1,7 @@
|
@@ -1,5 +1,7 @@
|
||||||
@ -318105,7 +318105,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
# see file 'COPYING' for use and warranty information
|
# see file 'COPYING' for use and warranty information
|
||||||
#
|
#
|
||||||
# semanage is a tool for managing SELinux configuration files
|
# semanage is a tool for managing SELinux configuration files
|
||||||
@@ -19,564 +21,797 @@
|
@@ -19,564 +21,798 @@
|
||||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
||||||
# 02111-1307 USA
|
# 02111-1307 USA
|
||||||
#
|
#
|
||||||
@ -318291,7 +318291,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+
|
+
|
||||||
+def handleLogin(args):
|
+def handleLogin(args):
|
||||||
+ # {action:[conflict_opts,require_opts]}
|
+ # {action:[conflict_opts,require_opts]}
|
||||||
+ login_args = {'list':[('login','range','seuser'),('')],'add':[('locallist'),('seuser','login')],'modify':[('locallist'),('seuser','login')], 'delete':[('locallist'),('login')],'extract':[('locallist','login','range','seuser'),('')],'deleteall':[('locallist','login','range','seuser'),('')]}
|
+ login_args = {'list':[('login','seuser'),('')],'add':[('locallist'),('seuser','login')],'modify':[('locallist'),('seuser','login')], 'delete':[('locallist'),('login')],'extract':[('locallist','login','range','seuser'),('')],'deleteall':[('locallist','login','range','seuser'),('')]}
|
||||||
+
|
+
|
||||||
+ handle_opts(args,login_args,args.action)
|
+ handle_opts(args,login_args,args.action)
|
||||||
+
|
+
|
||||||
@ -318330,9 +318330,9 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+def parser_add_type(parser, name):
|
+def parser_add_type(parser, name):
|
||||||
+ parser.add_argument('-t', '--type', help=_('SELinux Type for the object'))
|
+ parser.add_argument('-t', '--type', help=_('SELinux Type for the object'))
|
||||||
+def parser_add_level(parser, name):
|
+def parser_add_level(parser, name):
|
||||||
+ parser.add_argument('-L', '--level', default="", help=_('Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)'))
|
+ parser.add_argument('-L', '--level', default='s0', help=_('Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)'))
|
||||||
+def parser_add_range(parser, name):
|
+def parser_add_range(parser, name):
|
||||||
+ parser.add_argument('-r', '--range', default="",
|
+ parser.add_argument('-r', '--range', default="s0",
|
||||||
+ help=_('''
|
+ help=_('''
|
||||||
+MLS/MCS Security Range (MLS/MCS Systems only)
|
+MLS/MCS Security Range (MLS/MCS Systems only)
|
||||||
+SELinux Range for SELinux login mapping
|
+SELinux Range for SELinux login mapping
|
||||||
@ -318386,9 +318386,9 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ loginParser.set_defaults(func=handleLogin)
|
+ loginParser.set_defaults(func=handleLogin)
|
||||||
+
|
+
|
||||||
+def handleFcontext(args):
|
+def handleFcontext(args):
|
||||||
+ fcontext_args = {'list':[('equal','ftype','range','seuser','type'),('')],'add':[('locallist'),('type','file_spec')],'modify':[('locallist'),('type','file_spec')], 'delete':[('locallist'),('type','file_spec')],'extract':[('locallist','equal','ftype','range','seuser','type'),('')],'deleteall':[('locallist','equal','ftype','range','seuser','type'),('')]}
|
+ fcontext_args = {'list':[('equal','ftype','seuser','type'),('')],'add':[('locallist'),('type','file_spec')],'modify':[('locallist'),('type','file_spec')], 'delete':[('locallist'),('type','file_spec')],'extract':[('locallist','equal','ftype','seuser','type'),('')],'deleteall':[('locallist','equal','ftype','seuser','type'),('')]}
|
||||||
+ # we can not use mutually for equal because we can define some actions together with equal
|
+ # we can not use mutually for equal because we can define some actions together with equal
|
||||||
+ fcontext_equal_args = {'equal':[('list','locallist','type','ftype','range','seuser','deleteall','extract'),('add','modify','delete','file_spec')]}
|
+ fcontext_equal_args = {'equal':[('list','locallist','type','ftype','seuser','deleteall','extract'),('add','modify','delete','file_spec')]}
|
||||||
+
|
+
|
||||||
+ if args.action is None:
|
+ if args.action is None:
|
||||||
+ print("usage: "+"%s" % generate_custom_usage(usage_fcontext, usage_fcontext_dict))
|
+ print("usage: "+"%s" % generate_custom_usage(usage_fcontext, usage_fcontext_dict))
|
||||||
@ -318405,7 +318405,8 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ if args.equal:
|
+ if args.equal:
|
||||||
+ OBJECT.add_equal(args.file_spec, args.equal)
|
+ OBJECT.add_equal(args.file_spec, args.equal)
|
||||||
+ else:
|
+ else:
|
||||||
+ OBJECT.add(args.file_spec, args.type, args.ftype, args.seuser, args.range)
|
+ print "Dan", args.file_spec, args.type, args.ftype, args.range, args.seuser
|
||||||
|
+ OBJECT.add(args.file_spec, args.type, args.ftype, args.range, args.seuser)
|
||||||
+ if args.action is "modify":
|
+ if args.action is "modify":
|
||||||
+ if args.equal:
|
+ if args.equal:
|
||||||
+ OBJECT.add_equal(args.file_spec, args.equal)
|
+ OBJECT.add_equal(args.file_spec, args.equal)
|
||||||
@ -318460,7 +318461,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ fcontextParser.set_defaults(func=handleFcontext)
|
+ fcontextParser.set_defaults(func=handleFcontext)
|
||||||
+
|
+
|
||||||
+def handleUser(args):
|
+def handleUser(args):
|
||||||
+ user_args = {'list':[('selinux_name','range','seuser','level','roles'),('')],'add':[('locallist'),('roles','selinux_name')],'modify':[('locallist'),('roles','selinux_name')], 'delete':[('locallist'),('selinux_name')],'extract':[('locallist','selinux_name','range','seuser','level','role'),('')],'deleteall':[('locallist','selinux_name','range','seuser','level','roles'),('')]}
|
+ user_args = {'list':[('selinux_name','seuser','roles'),('')],'add':[('locallist'),('roles','selinux_name')],'modify':[('locallist'),('roles','selinux_name')], 'delete':[('locallist'),('selinux_name')],'extract':[('locallist','selinux_name','seuser','role'),('')],'deleteall':[('locallist','selinux_name','seuser','roles'),('')]}
|
||||||
+
|
+
|
||||||
+ handle_opts(args,user_args,args.action)
|
+ handle_opts(args,user_args,args.action)
|
||||||
+
|
+
|
||||||
@ -318509,7 +318510,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ userParser.set_defaults(func=handleUser)
|
+ userParser.set_defaults(func=handleUser)
|
||||||
+
|
+
|
||||||
+def handlePort(args):
|
+def handlePort(args):
|
||||||
+ port_args = {'list':[('port','range','type','proto'),('')],'add':[('locallist'),('type','port','proto')],'modify':[('localist'),('type','port','proto')], 'delete':[('locallist'),('port','proto')],'extract':[('locallist','port','range','type','proto'),('')],'deleteall':[('locallist','port','range','type','proto'),('')]}
|
+ port_args = {'list':[('port','type','proto'),('')],'add':[('locallist'),('type','port','proto')],'modify':[('localist'),('type','port','proto')], 'delete':[('locallist'),('port','proto')],'extract':[('locallist','port','type','proto'),('')],'deleteall':[('locallist','port','type','proto'),('')]}
|
||||||
+
|
+
|
||||||
+ handle_opts(args,port_args,args.action)
|
+ handle_opts(args,port_args,args.action)
|
||||||
+
|
+
|
||||||
@ -318552,7 +318553,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ portParser.set_defaults(func=handlePort)
|
+ portParser.set_defaults(func=handlePort)
|
||||||
+
|
+
|
||||||
+def handleInterface(args):
|
+def handleInterface(args):
|
||||||
+ interface_args = {'list':[('interface','range'),('')],'add':[('locallist'),('type','interface')],'modify':[('locallist'),('type','interface')], 'delete':[('locallist'),('type','interface')],'extract':[('locallist','interface','range','type'),('')],'deleteall':[('locallist','interface','range','type'),('')]}
|
+ interface_args = {'list':[('interface'),('')],'add':[('locallist'),('type','interface')],'modify':[('locallist'),('type','interface')], 'delete':[('locallist'),('type','interface')],'extract':[('locallist','interface','type'),('')],'deleteall':[('locallist','interface','type'),('')]}
|
||||||
+
|
+
|
||||||
+ handle_opts(args,interface_args,args.action)
|
+ handle_opts(args,interface_args,args.action)
|
||||||
+
|
+
|
||||||
@ -318623,7 +318624,7 @@ index 6e33c85..aa8d46b 100644
|
|||||||
+ moduleParser.set_defaults(func=handleModule)
|
+ moduleParser.set_defaults(func=handleModule)
|
||||||
+
|
+
|
||||||
+def handleNode(args):
|
+def handleNode(args):
|
||||||
+ node_args = {'list':[('node','range','type','proto','mask'),('')],'add':[('locallist'),('type','node','proto','mask')],'modify':[('locallist'),('type','node','mask','proto')], 'delete':[('locallist'),('type','node','mask')],'extract':[('locallist','node','range','type','proto','mask'),('')],'deleteall':[('locallist','node','range','type','proto','mask'),('')]}
|
+ node_args = {'list':[('node','type','proto','mask'),('')],'add':[('locallist'),('type','node','proto','mask')],'modify':[('locallist'),('type','node','mask','proto')], 'delete':[('locallist'),('type','node','mask')],'extract':[('locallist','node','type','proto','mask'),('')],'deleteall':[('locallist','node','type','proto','mask'),('')]}
|
||||||
+ handle_opts(args,node_args,args.action)
|
+ handle_opts(args,node_args,args.action)
|
||||||
+
|
+
|
||||||
+ OBJECT = object_dict['node']()
|
+ OBJECT = object_dict['node']()
|
||||||
@ -320574,7 +320575,7 @@ index 28a9022..90b142e 100644
|
|||||||
+usage: semanage [-h]
|
+usage: semanage [-h]
|
||||||
+
|
+
|
||||||
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
|
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
|
||||||
index 85bc37f..9159df5 100644
|
index 85bc37f..2f6a440 100644
|
||||||
--- a/policycoreutils/semanage/seobject.py
|
--- a/policycoreutils/semanage/seobject.py
|
||||||
+++ b/policycoreutils/semanage/seobject.py
|
+++ b/policycoreutils/semanage/seobject.py
|
||||||
@@ -32,11 +32,10 @@ from IPy import IP
|
@@ -32,11 +32,10 @@ from IPy import IP
|
||||||
@ -320660,7 +320661,24 @@ index 85bc37f..9159df5 100644
|
|||||||
except RuntimeError:
|
except RuntimeError:
|
||||||
valid_types = []
|
valid_types = []
|
||||||
|
|
||||||
@@ -1777,7 +1784,8 @@ class fcontextRecords(semanageRecords):
|
@@ -1751,9 +1758,15 @@ class fcontextRecords(semanageRecords):
|
||||||
|
raise ValueError(_("File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead") % (target, i, fdict[i], t))
|
||||||
|
|
||||||
|
|
||||||
|
- def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
|
||||||
|
+ def __add(self, target, type, ftype = "", serange = "s0", seuser = "system_u"):
|
||||||
|
self.validate(target)
|
||||||
|
|
||||||
|
+ if not seuser:
|
||||||
|
+ seuser = "system_u"
|
||||||
|
+
|
||||||
|
+ if not serange:
|
||||||
|
+ seuser = "s0"
|
||||||
|
+
|
||||||
|
if is_mls_enabled == 1:
|
||||||
|
serange = untranslate(serange)
|
||||||
|
|
||||||
|
@@ -1777,7 +1790,8 @@ class fcontextRecords(semanageRecords):
|
||||||
raise ValueError(_("Could not check if file context for %s is defined") % target)
|
raise ValueError(_("Could not check if file context for %s is defined") % target)
|
||||||
|
|
||||||
if exists:
|
if exists:
|
||||||
@ -320670,7 +320688,7 @@ index 85bc37f..9159df5 100644
|
|||||||
|
|
||||||
(rc, fcontext) = semanage_fcontext_create(self.sh)
|
(rc, fcontext) = semanage_fcontext_create(self.sh)
|
||||||
if rc < 0:
|
if rc < 0:
|
||||||
@@ -1970,7 +1978,7 @@ class fcontextRecords(semanageRecords):
|
@@ -1970,7 +1984,7 @@ class fcontextRecords(semanageRecords):
|
||||||
|
|
||||||
if len(self.equiv):
|
if len(self.equiv):
|
||||||
for target in self.equiv.keys():
|
for target in self.equiv.keys():
|
||||||
@ -320679,7 +320697,7 @@ index 85bc37f..9159df5 100644
|
|||||||
return l
|
return l
|
||||||
|
|
||||||
def list(self, heading = 1, locallist = 0 ):
|
def list(self, heading = 1, locallist = 0 ):
|
||||||
@@ -2156,7 +2164,7 @@ class booleanRecords(semanageRecords):
|
@@ -2156,7 +2170,7 @@ class booleanRecords(semanageRecords):
|
||||||
keys.sort()
|
keys.sort()
|
||||||
for k in keys:
|
for k in keys:
|
||||||
if ddict[k]:
|
if ddict[k]:
|
||||||
|
|||||||
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.1.14
|
Version: 2.1.14
|
||||||
Release: 68%{?dist}
|
Release: 69%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -330,6 +330,9 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%systemd_postun_with_restart restorecond.service
|
%systemd_postun_with_restart restorecond.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jul 24 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-69
|
||||||
|
- Fix semanage argparse bugs
|
||||||
|
|
||||||
* Tue Jul 23 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-68
|
* Tue Jul 23 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-68
|
||||||
- Fix bugs introduced by previous patch. semanage port
|
- Fix bugs introduced by previous patch. semanage port
|
||||||
- Update Translations
|
- Update Translations
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user