* Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-15

- Add use_resolve to sepolgen
2010-01-28 17:19:01 +00:00 · 2010-01-28 17:19:01 +00:00 · fc6e11b600
commit fc6e11b600
parent dd674534b4
2 changed files with 28 additions and 6 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -6414,8 +6414,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.78/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.78/gui/polgen.py	2010-01-08 10:18:49.000000000 -0500
-@@ -0,0 +1,1197 @@
+++ policycoreutils-2.0.78/gui/polgen.py	2010-01-28 12:17:31.000000000 -0500
+@@ -0,0 +1,1212 @@
 +#!/usr/bin/python
 +#
 +# Copyright (C) 2007, 2008, 2009 Red Hat 
@ -6614,6 +6614,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +                self.symbols["openlog"] = "set_use_kerberos(True)"
 +                self.symbols["openlog"] = "set_use_kerb_rcache(True)"
 +                self.symbols["openlog"] = "set_use_syslog(True)"
+                self.symbols["gethostby"] = "set_use_resolve(True)"
+                self.symbols["getaddrinfo"] = "set_use_resolve(True)"
+                self.symbols["getnameinfo"] = "set_use_resolve(True)"
 +                self.symbols["krb"] = "set_use_kerberos(True)"
 +                self.symbols["gss_accept_sec_context"] = "set_manage_krb5_rcache(True)"
 +                self.symbols["krb5_verify_init_creds"] = "set_manage_krb5_rcache(True)"
@ -6624,7 +6627,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +                self.symbols["dbus_"] = "set_use_dbus(True)"
 +                self.symbols["pam_"] = "set_use_pam(True)"
 +                self.symbols["pam_"] = "set_use_audit(True)"
-+
 +                self.symbols["fork"] = "add_process('fork')"
 +                self.symbols["transition"] = "add_process('transition')"
 +                self.symbols["sigchld"] = "add_process('sigchld')"
@ -6816,6 +6818,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +	def set_out_udp(self, all, ports):
 +		self.out_udp = [ all , False, False, verify_ports(ports) ]
 +
+	def set_use_resolve(self, val):
+		if val != True and val != False:
+			raise  ValueError(_("use_resolve must be a boolean value "))
+            
+		self.use_resolve = val
+		
 +	def set_use_syslog(self, val):
 +		if val != True and val != False:
 +			raise  ValueError(_("use_syslog must be a boolean value "))
@ -6873,6 +6881,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +                else:
 +                    return ""
 +
+	def generate_resolve_rules(self):
+                if self.use_resolve:
+                    return re.sub("TEMPLATETYPE", self.name, executable.te_resolve_rules)
+                else:
+                    return ""
+
 +	def generate_kerberos_rules(self):
 +                if self.use_kerberos:
 +                    return re.sub("TEMPLATETYPE", self.name, executable.te_kerberos_rules)
@ -7283,6 +7297,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +		newte += self.generate_tmp_rules()
 +		newte += self.generate_uid_rules()		
 +		newte += self.generate_syslog_rules()		
+		newte += self.generate_resolve_rules()		
 +                newte += self.generate_pam_rules()		
 +                newte += self.generate_dbus_rules()		
 +                newte += self.generate_audit_rules()		
@ -11889,8 +11904,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.78/gui/templates/executable.py
 --- nsapolicycoreutils/gui/templates/executable.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.78/gui/templates/executable.py	2010-01-21 08:18:05.000000000 -0500
-@@ -0,0 +1,359 @@
+++ policycoreutils-2.0.78/gui/templates/executable.py	2010-01-28 12:17:43.000000000 -0500
+@@ -0,0 +1,363 @@
 +# Copyright (C) 2007-2009 Red Hat 
 +# see file 'COPYING' for use and warranty information
 +#
@ -12031,6 +12046,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
 +logging_send_syslog_msg(TEMPLATETYPE_t)
 +"""
 +
+te_resolve_rules="""
+sysnet_dns_name_resolve(TEMPLATETYPE_t)
+"""
+
 +te_pam_rules="""
 +auth_domtrans_chk_passwd(TEMPLATETYPE_t)
 +"""
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.78
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -297,6 +297,9 @@ fi
 exit 0

 %changelog
+* Thu Jan 28 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-15
+- Add use_resolve to sepolgen
+
 * Wed Jan 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-14
 - Add session capability to sandbox 
 - sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession