rpms/setools
7
0
Fork 0
Code Issues Pull Requests Releases Activity

setools-4.4.2-2

Browse Source 
- Disable sediff --neverallow and --neverallowxperm options
Resolves: rhbz#2184140
This commit is contained in:
Petr Lautrbach 2023-05-10 11:10:06 +02:00
parent 74da72d0f6
commit 3ec1c6fee1
2 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
0001-Disable-remove-neverallow-options-in-sediff.patch Normal file
View File

@ -0,0 +1,48 @@
From 1fd4270f23f1f0fcde4eb6d87b50a59ba4a0d1b4 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <lautrbach@redhat.com>
Date: Tue, 9 May 2023 19:22:01 +0200
Subject: [PATCH] Disable/remove neverallow options in sediff.
Content-type: text/plain
Apply change from commit 06335957b701 ("Disable/remove neverallow
options in frontends.") to sediff
Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
sediff | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/sediff b/sediff
index dfaa319d1d59..97899c13caf4 100755
--- a/sediff
+++ b/sediff
@@ -46,12 +46,12 @@ comp.add_argument("--level", action="store_true", help="Print MLS level definiti
terule = parser.add_argument_group("type enforcement rule differences")
terule.add_argument("-A", action="store_true", help="Print allow and allowxperm rule differences")
terule.add_argument("--allow", action="store_true", help="Print allow rule differences")
-terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences")
+# terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences")
terule.add_argument("--auditallow", action="store_true", help="Print auditallow rule differences")
terule.add_argument("--dontaudit", action="store_true", help="Print dontaudit rule differences")
terule.add_argument("--allowxperm", action="store_true", help="Print allowxperm rule differences")
-terule.add_argument("--neverallowxperm", action="store_true",
- help="Print neverallowxperm rule differences")
+# terule.add_argument("--neverallowxperm", action="store_true",
+# help="Print neverallowxperm rule differences")
terule.add_argument("--auditallowxperm", action="store_true",
help="Print auditallowxperm rule differences")
terule.add_argument("--dontauditxperm", action="store_true",
@@ -98,6 +98,10 @@ other.add_argument("--typebounds", action="store_true", help="Print typebounds d
args = parser.parse_args()
+# neverallow and neverallowxperm options are disabled
+args.neverallow = False
+args.neverallowxperm = False
+
if args.A:
args.allow = True
args.allowxperm = True
--
2.40.0

6
setools.spec
View File

@ -3,7 +3,7 @@
Name: setools Name: setools
Version: 4.4.2 Version: 4.4.2
Release: 1%{?dist} Release: 2%{?dist}
Summary: Policy analysis tools for SELinux Summary: Policy analysis tools for SELinux
License: GPL-2.0-only and LGPL-2.1-only License: GPL-2.0-only and LGPL-2.1-only
@ -11,6 +11,7 @@ URL: https://github.com/SELinuxProject/setools/wiki
Source0: https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz Source0: https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz
Source1: setools.pam Source1: setools.pam
Source2: apol.desktop Source2: apol.desktop
Patch1: 0001-Disable-remove-neverallow-options-in-sediff.patch
Obsoletes: setools < 4.0.0, setools-devel < 4.0.0 Obsoletes: setools < 4.0.0, setools-devel < 4.0.0
BuildRequires: flex, bison BuildRequires: flex, bison
BuildRequires: glibc-devel, gcc, git-core BuildRequires: glibc-devel, gcc, git-core
@ -143,6 +144,9 @@ Python modules designed to facilitate SELinux policy analysis.
%{_mandir}/ru/man1/apol* %{_mandir}/ru/man1/apol*
%changelog %changelog
* Wed May 10 2023 Petr Lautrbach <lautrbach@redhat.com> - 4.4.2-2
- Disable sediff --neverallow and --neverallowxperm options
* Thu Apr 20 2023 Petr Lautrbach <lautrbach@redhat.com> - 4.4.2-1 * Thu Apr 20 2023 Petr Lautrbach <lautrbach@redhat.com> - 4.4.2-1
- SETools 4.4.2 release - SETools 4.4.2 release