2021-01-21 10:38:03 +00:00
|
|
|
From e47d19f4985098ca316eea4a383510d419ec6055 Mon Sep 17 00:00:00 2001
|
2018-08-09 14:34:27 +00:00
|
|
|
From: Vit Mojzis <vmojzis@redhat.com>
|
|
|
|
Date: Fri, 26 Apr 2019 15:27:25 +0200
|
2021-01-21 10:38:03 +00:00
|
|
|
Subject: [PATCH 1/2] Do not export/use setools.InfoFlowAnalysis and
|
2017-02-23 10:03:03 +00:00
|
|
|
setools.DomainTransitionAnalysis
|
|
|
|
|
|
|
|
dta and infoflow modules require networkx which brings lot of dependencies.
|
|
|
|
These dependencies are not necessary for setools module itself as it's
|
|
|
|
used in policycoreutils.
|
|
|
|
|
|
|
|
Therefore it's better to use setools.infoflow.InfoFlowAnalysis and
|
|
|
|
setools.dta.DomainTransitionAnalysis and let the package containing
|
|
|
|
sedta and seinfoflow to require python3-networkx
|
|
|
|
---
|
2020-12-10 16:12:14 +00:00
|
|
|
sedta | 5 +++--
|
2018-08-09 14:34:27 +00:00
|
|
|
seinfoflow | 4 ++--
|
|
|
|
setools/__init__.py | 4 ----
|
2017-02-23 10:03:03 +00:00
|
|
|
setoolsgui/apol/dta.py | 2 +-
|
|
|
|
setoolsgui/apol/infoflow.py | 2 +-
|
2018-08-09 14:34:27 +00:00
|
|
|
tests/dta.py | 2 +-
|
|
|
|
tests/infoflow.py | 2 +-
|
2020-12-10 16:12:14 +00:00
|
|
|
7 files changed, 9 insertions(+), 12 deletions(-)
|
2017-02-23 10:03:03 +00:00
|
|
|
|
|
|
|
diff --git a/sedta b/sedta
|
2020-12-10 16:12:14 +00:00
|
|
|
index 57070098fe10..51890ea8ea73 100755
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/sedta
|
|
|
|
+++ b/sedta
|
2020-12-10 16:12:14 +00:00
|
|
|
@@ -23,9 +23,10 @@ import logging
|
2018-08-09 14:34:27 +00:00
|
|
|
import signal
|
2017-02-23 10:03:03 +00:00
|
|
|
|
2020-12-10 16:12:14 +00:00
|
|
|
import setools
|
2017-02-23 10:03:03 +00:00
|
|
|
+import setools.dta
|
|
|
|
|
|
|
|
|
2020-12-10 16:12:14 +00:00
|
|
|
-def print_transition(trans: setools.DomainTransition) -> None:
|
|
|
|
+def print_transition(trans: setools.dta.DomainTransition) -> None:
|
|
|
|
if trans.transition:
|
|
|
|
print("Domain transition rule(s):")
|
|
|
|
for t in trans.transition:
|
|
|
|
@@ -114,7 +115,7 @@ else:
|
2017-02-23 10:03:03 +00:00
|
|
|
|
|
|
|
try:
|
|
|
|
p = setools.SELinuxPolicy(args.policy)
|
|
|
|
- g = setools.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
|
|
|
+ g = setools.dta.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
|
|
|
|
|
|
|
if args.shortest_path or args.all_paths:
|
|
|
|
if args.shortest_path:
|
|
|
|
diff --git a/seinfoflow b/seinfoflow
|
2020-12-10 16:12:14 +00:00
|
|
|
index 0ddcfdc7c1fb..8321718b2640 100755
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/seinfoflow
|
|
|
|
+++ b/seinfoflow
|
2018-08-09 14:34:27 +00:00
|
|
|
@@ -17,7 +17,7 @@
|
|
|
|
# along with SETools. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
#
|
2017-02-23 10:03:03 +00:00
|
|
|
|
2018-08-09 14:34:27 +00:00
|
|
|
-import setools
|
2017-02-23 10:03:03 +00:00
|
|
|
+import setools.infoflow
|
|
|
|
import argparse
|
|
|
|
import sys
|
|
|
|
import logging
|
2020-11-03 15:07:11 +00:00
|
|
|
@@ -102,7 +102,7 @@ elif args.booleans is not None:
|
2017-02-23 10:03:03 +00:00
|
|
|
try:
|
|
|
|
p = setools.SELinuxPolicy(args.policy)
|
|
|
|
m = setools.PermissionMap(args.map)
|
2020-04-02 14:13:04 +00:00
|
|
|
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
|
|
|
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
|
|
|
booleans=booleans)
|
2017-02-23 10:03:03 +00:00
|
|
|
|
|
|
|
if args.shortest_path or args.all_paths:
|
|
|
|
diff --git a/setools/__init__.py b/setools/__init__.py
|
2020-11-03 15:07:11 +00:00
|
|
|
index d72d343e7e79..642485b9018d 100644
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/setools/__init__.py
|
|
|
|
+++ b/setools/__init__.py
|
2020-11-03 15:07:11 +00:00
|
|
|
@@ -91,12 +91,8 @@ from .pcideviceconquery import PcideviceconQuery
|
2017-02-23 10:03:03 +00:00
|
|
|
from .devicetreeconquery import DevicetreeconQuery
|
|
|
|
|
|
|
|
# Information Flow Analysis
|
|
|
|
-from .infoflow import InfoFlowAnalysis
|
2020-11-03 15:07:11 +00:00
|
|
|
from .permmap import PermissionMap, RuleWeight, Mapping
|
2017-02-23 10:03:03 +00:00
|
|
|
|
2018-08-09 14:34:27 +00:00
|
|
|
-# Domain Transition Analysis
|
2020-11-03 15:07:11 +00:00
|
|
|
-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
|
2018-08-09 14:34:27 +00:00
|
|
|
-
|
2017-02-23 10:03:03 +00:00
|
|
|
# Policy difference
|
|
|
|
from .diff import PolicyDifference
|
2018-08-09 14:34:27 +00:00
|
|
|
|
2017-02-23 10:03:03 +00:00
|
|
|
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
2021-01-21 10:38:03 +00:00
|
|
|
index 62dbf04d9a5e..0ea000e790f0 100644
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/setoolsgui/apol/dta.py
|
|
|
|
+++ b/setoolsgui/apol/dta.py
|
2021-01-21 10:38:03 +00:00
|
|
|
@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
2017-02-23 10:03:03 +00:00
|
|
|
from PyQt5.QtGui import QPalette, QTextCursor
|
|
|
|
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
2018-08-09 14:34:27 +00:00
|
|
|
QTreeWidgetItem
|
2017-02-23 10:03:03 +00:00
|
|
|
-from setools import DomainTransitionAnalysis
|
|
|
|
+from setools.dta import DomainTransitionAnalysis
|
|
|
|
|
|
|
|
from ..logtosignal import LogHandlerToSignal
|
2021-01-21 10:38:03 +00:00
|
|
|
from .analysistab import AnalysisSection, AnalysisTab
|
2017-02-23 10:03:03 +00:00
|
|
|
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
2021-01-21 10:38:03 +00:00
|
|
|
index 28009aa2329c..92d350bf727c 100644
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/setoolsgui/apol/infoflow.py
|
|
|
|
+++ b/setoolsgui/apol/infoflow.py
|
2018-08-09 14:34:27 +00:00
|
|
|
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
2017-02-23 10:03:03 +00:00
|
|
|
from PyQt5.QtGui import QPalette, QTextCursor
|
|
|
|
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
2018-08-09 14:34:27 +00:00
|
|
|
QTreeWidgetItem
|
2017-02-23 10:03:03 +00:00
|
|
|
-from setools import InfoFlowAnalysis
|
|
|
|
+from setools.infoflow import InfoFlowAnalysis
|
|
|
|
from setools.exception import UnmappedClass, UnmappedPermission
|
|
|
|
|
|
|
|
from ..logtosignal import LogHandlerToSignal
|
|
|
|
diff --git a/tests/dta.py b/tests/dta.py
|
2020-04-02 14:13:04 +00:00
|
|
|
index a0cc9381469c..177e6fb0b961 100644
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/tests/dta.py
|
|
|
|
+++ b/tests/dta.py
|
2018-08-09 14:34:27 +00:00
|
|
|
@@ -18,7 +18,7 @@
|
|
|
|
import os
|
2017-02-23 10:03:03 +00:00
|
|
|
import unittest
|
|
|
|
|
2018-08-09 14:34:27 +00:00
|
|
|
-from setools import DomainTransitionAnalysis
|
2017-02-23 10:03:03 +00:00
|
|
|
+from setools.dta import DomainTransitionAnalysis
|
|
|
|
from setools import TERuletype as TERT
|
2018-08-09 14:34:27 +00:00
|
|
|
from setools.exception import InvalidType
|
|
|
|
from setools.policyrep import Type
|
2017-02-23 10:03:03 +00:00
|
|
|
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
2020-04-02 14:13:04 +00:00
|
|
|
index aa0e44a7e4f8..fca2848aeca5 100644
|
2017-02-23 10:03:03 +00:00
|
|
|
--- a/tests/infoflow.py
|
|
|
|
+++ b/tests/infoflow.py
|
2018-08-09 14:34:27 +00:00
|
|
|
@@ -18,7 +18,7 @@
|
|
|
|
import os
|
2017-02-23 10:03:03 +00:00
|
|
|
import unittest
|
|
|
|
|
2018-08-09 14:34:27 +00:00
|
|
|
-from setools import InfoFlowAnalysis
|
2017-02-23 10:03:03 +00:00
|
|
|
+from setools.infoflow import InfoFlowAnalysis
|
|
|
|
from setools import TERuletype as TERT
|
2018-08-09 14:34:27 +00:00
|
|
|
from setools.exception import InvalidType
|
2017-02-23 10:03:03 +00:00
|
|
|
from setools.permmap import PermissionMap
|
|
|
|
--
|
2021-01-21 10:38:03 +00:00
|
|
|
2.30.0
|
2017-02-23 10:03:03 +00:00
|
|
|
|