* Fri Apr 11 2013 Miroslav Grepl <mgrepl@redhat.com> - 3.3.8-1
- Update to upstream
This commit is contained in:
parent
abcfd7caf6
commit
665320d083
@ -0,0 +1,28 @@
|
||||
From 852dfaa124379e84f6363c30c0ef56f00fa4b235 Mon Sep 17 00:00:00 2001
|
||||
From: Dan Walsh <dwalsh@redhat.com>
|
||||
Date: Tue, 20 Sep 2011 15:40:28 -0400
|
||||
Subject: [PATCH 01/11] Since-we-do-not-ship-neverallow-rules-all-always-fail
|
||||
|
||||
---
|
||||
libqpol/src/avrule_query.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libqpol/src/avrule_query.c b/libqpol/src/avrule_query.c
|
||||
index 749565b..76dcaa3 100644
|
||||
--- a/libqpol/src/avrule_query.c
|
||||
+++ b/libqpol/src/avrule_query.c
|
||||
@@ -57,8 +57,9 @@ int qpol_policy_get_avrule_iter(const qpol_policy_t * policy, uint32_t rule_type
|
||||
|
||||
if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
|
||||
ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
|
||||
- errno = ENOTSUP;
|
||||
- return STATUS_ERR;
|
||||
+/* errno = ENOTSUP;
|
||||
+ return STATUS_ERR; */
|
||||
+ return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
db = &policy->p->p;
|
||||
--
|
||||
1.8.5.3
|
||||
|
34
0002-Fix-sepol-calls-to-work-with-latest-libsepol.patch
Normal file
34
0002-Fix-sepol-calls-to-work-with-latest-libsepol.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 0332c009bd0581ab9a75a4ea80af92bb2d6b8b1f Mon Sep 17 00:00:00 2001
|
||||
From: Dan Walsh <dwalsh@redhat.com>
|
||||
Date: Tue, 20 Sep 2011 15:46:38 -0400
|
||||
Subject: [PATCH 02/11] Fix sepol calls to work with latest libsepol
|
||||
|
||||
---
|
||||
configure.ac | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 577ce48..2a5b55b 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -521,7 +521,7 @@ else
|
||||
[AC_LANG_SOURCE([
|
||||
#include <sepol/policydb/expand.h>
|
||||
int main () {
|
||||
- return role_set_expand(NULL, NULL, NULL, NULL);
|
||||
+ return role_set_expand(NULL, NULL, NULL, NULL, NULL);
|
||||
}])],
|
||||
sepol_new_user_role_mapping="yes",
|
||||
sepol_new_user_role_mapping="no")
|
||||
@@ -578,7 +578,7 @@ if test ${sepol_check_boolmap} = "yes"; then
|
||||
[AC_LANG_SOURCE([
|
||||
#include <sepol/policydb/expand.h>
|
||||
int main () {
|
||||
- return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0);
|
||||
+ return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 0);
|
||||
}])],
|
||||
AC_MSG_RESULT([yes]),
|
||||
AC_MSG_ERROR([this version of libsepol is incompatible with SETools]))
|
||||
--
|
||||
1.8.5.3
|
||||
|
596
0003-mgrepl-patch-to-Fix-swig-coding-style-for-structures.patch
Normal file
596
0003-mgrepl-patch-to-Fix-swig-coding-style-for-structures.patch
Normal file
@ -0,0 +1,596 @@
|
||||
From 295cc6c22440038c1b633602c0f1b38ded57e1a0 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 10:47:32 +0200
|
||||
Subject: [PATCH 03/11] mgrepl patch to Fix swig coding style for structures
|
||||
related to SWIG changes
|
||||
|
||||
---
|
||||
libqpol/swig/qpol.i | 132 ++++++++++++++++++++++++++--------------------------
|
||||
1 file changed, 66 insertions(+), 66 deletions(-)
|
||||
|
||||
diff --git a/libqpol/swig/qpol.i b/libqpol/swig/qpol.i
|
||||
index 45a2403..0f937d1 100644
|
||||
--- a/libqpol/swig/qpol.i
|
||||
+++ b/libqpol/swig/qpol.i
|
||||
@@ -228,7 +228,7 @@ SWIGEXPORT int Tqpol_Init(Tcl_Interp *interp) {
|
||||
#define QPOL_MODULE_OTHER 2
|
||||
typedef struct qpol_module {} qpol_module_t;
|
||||
%extend qpol_module_t {
|
||||
- qpol_module_t(const char *path) {
|
||||
+ qpol_module(const char *path) {
|
||||
qpol_module_t *m;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_module_create_from_file(path, &m)) {
|
||||
@@ -239,7 +239,7 @@ typedef struct qpol_module {} qpol_module_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_module_t() {
|
||||
+ ~qpol_module() {
|
||||
qpol_module_destroy(&self);
|
||||
};
|
||||
const char *get_path() {
|
||||
@@ -330,7 +330,7 @@ typedef enum qpol_capability
|
||||
} qpol_capability_e;
|
||||
|
||||
%extend qpol_policy_t {
|
||||
- qpol_policy_t(const char *path, const int options) {
|
||||
+ qpol_policy(const char *path, const int options) {
|
||||
qpol_policy_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_open_from_file(path, &p, qpol_swig_message_callback, qpol_swig_message_callback_arg, options) < 0) {
|
||||
@@ -341,7 +341,7 @@ typedef enum qpol_capability
|
||||
fail:
|
||||
return NULL;
|
||||
}
|
||||
- ~qpol_policy_t() {
|
||||
+ ~qpol_policy() {
|
||||
qpol_policy_destroy(&self);
|
||||
};
|
||||
void reevaluate_conds() {
|
||||
@@ -687,14 +687,14 @@ typedef enum qpol_capability
|
||||
typedef struct qpol_iterator {} qpol_iterator_t;
|
||||
%extend qpol_iterator_t {
|
||||
/* user never directly creates, but SWIG expects a constructor */
|
||||
- qpol_iterator_t() {
|
||||
+ qpol_iterator() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_TypeError, "User may not create iterators difectly");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_iterator_t() {
|
||||
+ ~qpol_iterator() {
|
||||
qpol_iterator_destroy(&self);
|
||||
};
|
||||
void *get_item() {
|
||||
@@ -736,7 +736,7 @@ typedef struct qpol_iterator {} qpol_iterator_t;
|
||||
/* qpol type */
|
||||
typedef struct qpol_type {} qpol_type_t;
|
||||
%extend qpol_type_t {
|
||||
- qpol_type_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_type(qpol_policy_t *p, const char *name) {
|
||||
BEGIN_EXCEPTION
|
||||
const qpol_type_t *t;
|
||||
if (qpol_policy_get_type_by_name(p, name, &t)) {
|
||||
@@ -747,7 +747,7 @@ typedef struct qpol_type {} qpol_type_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_type_t() {
|
||||
+ ~qpol_type() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -851,7 +851,7 @@ typedef struct qpol_type {} qpol_type_t;
|
||||
/* qpol role */
|
||||
typedef struct qpol_role {} qpol_role_t;
|
||||
%extend qpol_role_t {
|
||||
- qpol_role_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_role(qpol_policy_t *p, const char *name) {
|
||||
const qpol_role_t *r;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_role_by_name(p, name, &r)) {
|
||||
@@ -862,7 +862,7 @@ typedef struct qpol_role {} qpol_role_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_role_t() {
|
||||
+ ~qpol_role() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -919,7 +919,7 @@ typedef struct qpol_role {} qpol_role_t;
|
||||
/* qpol level */
|
||||
typedef struct qpol_level {} qpol_level_t;
|
||||
%extend qpol_level_t {
|
||||
- qpol_level_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_level(qpol_policy_t *p, const char *name) {
|
||||
const qpol_level_t *l;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_level_by_name(p, name, &l)) {
|
||||
@@ -930,7 +930,7 @@ typedef struct qpol_level {} qpol_level_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_level_t() {
|
||||
+ ~qpol_level() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -997,7 +997,7 @@ typedef struct qpol_level {} qpol_level_t;
|
||||
/* qpol cat */
|
||||
typedef struct qpol_cat {} qpol_cat_t;
|
||||
%extend qpol_cat_t {
|
||||
- qpol_cat_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_cat(qpol_policy_t *p, const char *name) {
|
||||
const qpol_cat_t *c;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_cat_by_name(p, name, &c)) {
|
||||
@@ -1008,7 +1008,7 @@ typedef struct qpol_cat {} qpol_cat_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_cat_t() {
|
||||
+ ~qpol_cat() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1064,14 +1064,14 @@ typedef struct qpol_cat {} qpol_cat_t;
|
||||
/* qpol mls range */
|
||||
typedef struct qpol_mls_range {} qpol_mls_range_t;
|
||||
%extend qpol_mls_range_t {
|
||||
- qpol_mls_range_t() {
|
||||
+ qpol_mls_range() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_range_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
}
|
||||
- ~qpol_mls_range_t() {
|
||||
+ ~qpol_mls_range() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1105,14 +1105,14 @@ typedef struct qpol_mls_range {} qpol_mls_range_t;
|
||||
/* qpol mls level */
|
||||
typedef struct qpol_mls_level {} qpol_mls_level_t;
|
||||
%extend qpol_mls_level_t {
|
||||
- qpol_mls_level_t() {
|
||||
+ qpol_mls_level() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_level_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
}
|
||||
- ~qpol_mls_level_t() {
|
||||
+ ~qpol_mls_level() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1147,7 +1147,7 @@ typedef struct qpol_mls_level {} qpol_mls_level_t;
|
||||
/* qpol user */
|
||||
typedef struct qpol_user {} qpol_user_t;
|
||||
%extend qpol_user_t {
|
||||
- qpol_user_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_user(qpol_policy_t *p, const char *name) {
|
||||
const qpol_user_t *u;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_user_by_name(p, name, &u)) {
|
||||
@@ -1158,7 +1158,7 @@ typedef struct qpol_user {} qpol_user_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_user_t() {
|
||||
+ ~qpol_user() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1223,7 +1223,7 @@ typedef struct qpol_user {} qpol_user_t;
|
||||
/* qpol bool */
|
||||
typedef struct qpol_bool {} qpol_bool_t;
|
||||
%extend qpol_bool_t {
|
||||
- qpol_bool_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_bool(qpol_policy_t *p, const char *name) {
|
||||
qpol_bool_t *b;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_bool_by_name(p, name, &b)) {
|
||||
@@ -1233,7 +1233,7 @@ typedef struct qpol_bool {} qpol_bool_t;
|
||||
fail:
|
||||
return b;
|
||||
};
|
||||
- ~qpol_bool_t() {
|
||||
+ ~qpol_bool() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1295,14 +1295,14 @@ typedef struct qpol_bool {} qpol_bool_t;
|
||||
/* qpol context */
|
||||
typedef struct qpol_context {} qpol_context_t;
|
||||
%extend qpol_context_t {
|
||||
- qpol_context_t() {
|
||||
+ qpol_context() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_context_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_context_t() {
|
||||
+ ~qpol_context() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1356,7 +1356,7 @@ typedef struct qpol_context {} qpol_context_t;
|
||||
/* qpol class */
|
||||
typedef struct qpol_class {} qpol_class_t;
|
||||
%extend qpol_class_t {
|
||||
- qpol_class_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_class(qpol_policy_t *p, const char *name) {
|
||||
const qpol_class_t *c;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_class_by_name(p, name, &c)) {
|
||||
@@ -1366,7 +1366,7 @@ typedef struct qpol_class {} qpol_class_t;
|
||||
fail:
|
||||
return (qpol_class_t*)c;
|
||||
};
|
||||
- ~qpol_class_t() {
|
||||
+ ~qpol_class() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1443,7 +1443,7 @@ typedef struct qpol_class {} qpol_class_t;
|
||||
/* qpol common */
|
||||
typedef struct qpol_common {} qpol_common_t;
|
||||
%extend qpol_common_t {
|
||||
- qpol_common_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_common(qpol_policy_t *p, const char *name) {
|
||||
const qpol_common_t *c;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_common_by_name(p, name, &c)) {
|
||||
@@ -1453,7 +1453,7 @@ typedef struct qpol_common {} qpol_common_t;
|
||||
fail:
|
||||
return (qpol_common_t*)c;
|
||||
};
|
||||
- ~qpol_common_t() {
|
||||
+ ~qpol_common() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1515,7 +1515,7 @@ typedef struct qpol_common {} qpol_common_t;
|
||||
#define QPOL_FS_USE_PSID 6U
|
||||
#endif
|
||||
typedef struct qpol_fs_use {} qpol_fs_use_t;
|
||||
-%extend qpol_fs_use_t {
|
||||
+%extend qpol_fs_use {
|
||||
qpol_fs_use_t(qpol_policy_t *p, const char *name) {
|
||||
const qpol_fs_use_t *f;
|
||||
BEGIN_EXCEPTION
|
||||
@@ -1526,7 +1526,7 @@ typedef struct qpol_fs_use {} qpol_fs_use_t;
|
||||
fail:
|
||||
return (qpol_fs_use_t*)f;
|
||||
};
|
||||
- ~qpol_fs_use_t() {
|
||||
+ ~qpol_fs_use() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1594,7 +1594,7 @@ typedef struct qpol_fs_use {} qpol_fs_use_t;
|
||||
#endif
|
||||
typedef struct qpol_genfscon {} qpol_genfscon_t;
|
||||
%extend qpol_genfscon_t {
|
||||
- qpol_genfscon_t(qpol_policy_t *p, const char *name, const char *path) {
|
||||
+ qpol_genfscon(qpol_policy_t *p, const char *name, const char *path) {
|
||||
qpol_genfscon_t *g;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_genfscon_by_name(p, name, path, &g)) {
|
||||
@@ -1604,7 +1604,7 @@ typedef struct qpol_genfscon {} qpol_genfscon_t;
|
||||
fail:
|
||||
return g;
|
||||
};
|
||||
- ~qpol_genfscon_t() {
|
||||
+ ~qpol_genfscon() {
|
||||
free(self);
|
||||
};
|
||||
const char *get_name(qpol_policy_t *p) {
|
||||
@@ -1656,7 +1656,7 @@ typedef struct qpol_genfscon {} qpol_genfscon_t;
|
||||
|
||||
/* qpol isid */
|
||||
typedef struct qpol_isid {} qpol_isid_t;
|
||||
-%extend qpol_isid_t {
|
||||
+%extend qpol_isid {
|
||||
qpol_isid_t(qpol_policy_t *p, const char *name) {
|
||||
const qpol_isid_t *i;
|
||||
BEGIN_EXCEPTION
|
||||
@@ -1667,7 +1667,7 @@ typedef struct qpol_isid {} qpol_isid_t;
|
||||
fail:
|
||||
return (qpol_isid_t*)i;
|
||||
};
|
||||
- ~qpol_isid_t() {
|
||||
+ ~qpol_isid() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1701,7 +1701,7 @@ typedef struct qpol_isid {} qpol_isid_t;
|
||||
/* qpol netifcon */
|
||||
typedef struct qpol_netifcon {} qpol_netifcon_t;
|
||||
%extend qpol_netifcon_t {
|
||||
- qpol_netifcon_t(qpol_policy_t *p, const char *name) {
|
||||
+ qpol_netifcon(qpol_policy_t *p, const char *name) {
|
||||
const qpol_netifcon_t *n;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_netifcon_by_name(p, name, &n)) {
|
||||
@@ -1711,7 +1711,7 @@ typedef struct qpol_netifcon {} qpol_netifcon_t;
|
||||
fail:
|
||||
return (qpol_netifcon_t*)n;
|
||||
};
|
||||
- ~qpol_netifcon_t() {
|
||||
+ ~qpol_netifcon() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1757,7 +1757,7 @@ typedef struct qpol_netifcon {} qpol_netifcon_t;
|
||||
#define QPOL_IPV6 1
|
||||
typedef struct qpol_nodecon {} qpol_nodecon_t;
|
||||
%extend qpol_nodecon_t {
|
||||
- qpol_nodecon_t(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
|
||||
+ qpol_nodecon(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
|
||||
uint32_t a[4], m[4];
|
||||
qpol_nodecon_t *n;
|
||||
BEGIN_EXCEPTION
|
||||
@@ -1772,7 +1772,7 @@ typedef struct qpol_nodecon {} qpol_nodecon_t;
|
||||
fail:
|
||||
return n;
|
||||
}
|
||||
- ~qpol_nodecon_t() {
|
||||
+ ~qpol_nodecon() {
|
||||
free(self);
|
||||
};
|
||||
uint32_t *get_addr(qpol_policy_t *p) {
|
||||
@@ -1830,7 +1830,7 @@ typedef struct qpol_nodecon {} qpol_nodecon_t;
|
||||
#define IPPROTO_UDP 17
|
||||
typedef struct qpol_portcon {} qpol_portcon_t;
|
||||
%extend qpol_portcon_t {
|
||||
- qpol_portcon_t(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
|
||||
+ qpol_portcon(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
|
||||
const qpol_portcon_t *qp;
|
||||
BEGIN_EXCEPTION
|
||||
if (qpol_policy_get_portcon_by_port(p, low, high, protocol, &qp)) {
|
||||
@@ -1840,7 +1840,7 @@ typedef struct qpol_portcon {} qpol_portcon_t;
|
||||
fail:
|
||||
return (qpol_portcon_t*)qp;
|
||||
};
|
||||
- ~qpol_portcon_t() {
|
||||
+ ~qpol_portcon() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -1893,7 +1893,7 @@ typedef struct qpol_portcon {} qpol_portcon_t;
|
||||
|
||||
/* qpol constraint */
|
||||
typedef struct qpol_constraint {} qpol_constraint_t;
|
||||
-%extend qpol_constraint_t {
|
||||
+%extend qpol_constraint {
|
||||
qpol_constraint_t() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_t objects");
|
||||
@@ -1901,7 +1901,7 @@ typedef struct qpol_constraint {} qpol_constraint_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_constraint_t() {
|
||||
+ ~qpol_constraint() {
|
||||
free(self);
|
||||
};
|
||||
const qpol_class_t *get_class(qpol_policy_t *p) {
|
||||
@@ -1945,7 +1945,7 @@ typedef struct qpol_constraint {} qpol_constraint_t;
|
||||
|
||||
/* qpol validatetrans */
|
||||
typedef struct qpol_validatetrans {} qpol_validatetrans_t;
|
||||
-%extend qpol_validatetrans_t {
|
||||
+%extend qpol_validatetrans {
|
||||
qpol_validatetrans_t() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_validatetrans_t objects");
|
||||
@@ -1953,7 +1953,7 @@ typedef struct qpol_validatetrans {} qpol_validatetrans_t;
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_validatetrans_t() {
|
||||
+ ~qpol_validatetrans() {
|
||||
free(self);
|
||||
};
|
||||
const qpol_class_t *get_class(qpol_policy_t *p) {
|
||||
@@ -2011,14 +2011,14 @@ typedef struct qpol_validatetrans {} qpol_validatetrans_t;
|
||||
#define QPOL_CEXPR_OP_INCOMP 5
|
||||
typedef struct qpol_constraint_expr_node {} qpol_constraint_expr_node_t;
|
||||
%extend qpol_constraint_expr_node_t {
|
||||
- qpol_constraint_expr_node_t() {
|
||||
+ qpol_constraint_expr_node() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_expr_node_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_constraint_expr_node_t() {
|
||||
+ ~qpol_constraint_expr_node() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2073,14 +2073,14 @@ typedef struct qpol_constraint_expr_node {} qpol_constraint_expr_node_t;
|
||||
/* qpol role allow */
|
||||
typedef struct qpol_role_allow {} qpol_role_allow_t;
|
||||
%extend qpol_role_allow_t {
|
||||
- qpol_role_allow_t() {
|
||||
+ qpol_role_allow() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_allow_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_role_allow_t() {
|
||||
+ ~qpol_role_allow() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2114,14 +2114,14 @@ typedef struct qpol_role_allow {} qpol_role_allow_t;
|
||||
/* qpol role trans */
|
||||
typedef struct qpol_role_trans {} qpol_role_trans_t;
|
||||
%extend qpol_role_trans_t {
|
||||
- qpol_role_trans_t() {
|
||||
+ qpol_role_trans() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_trans_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_role_trans_t() {
|
||||
+ ~qpol_role_trans() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2165,14 +2165,14 @@ typedef struct qpol_role_trans {} qpol_role_trans_t;
|
||||
/* qpol range trans */
|
||||
typedef struct qpol_range_trans {} qpol_range_trans_t;
|
||||
%extend qpol_range_trans_t {
|
||||
- qpol_range_trans_t() {
|
||||
+ qpol_range_trans() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_range_trans_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_range_trans_t() {
|
||||
+ ~qpol_range_trans() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2228,14 +2228,14 @@ typedef struct qpol_range_trans {} qpol_range_trans_t;
|
||||
#define QPOL_RULE_DONTAUDIT 4
|
||||
typedef struct qpol_avrule {} qpol_avrule_t;
|
||||
%extend qpol_avrule_t {
|
||||
- qpol_avrule_t() {
|
||||
+ qpol_avrule() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_avrule_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_avrule_t() {
|
||||
+ ~qpol_avrule() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2348,14 +2348,14 @@ typedef struct qpol_avrule {} qpol_avrule_t;
|
||||
#define QPOL_RULE_TYPE_MEMBER 32
|
||||
typedef struct qpol_terule {} qpol_terule_t;
|
||||
%extend qpol_terule_t {
|
||||
- qpol_terule_t() {
|
||||
+ qpol_terule() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_terule_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_terule_t() {
|
||||
+ ~qpol_terule() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2464,14 +2464,14 @@ typedef struct qpol_terule {} qpol_terule_t;
|
||||
/* qpol conditional */
|
||||
typedef struct qpol_cond {} qpol_cond_t;
|
||||
%extend qpol_cond_t {
|
||||
- qpol_cond_t() {
|
||||
+ qpol_cond() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_cond_t() {
|
||||
+ ~qpol_cond() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2557,14 +2557,14 @@ typedef struct qpol_cond {} qpol_cond_t;
|
||||
#define QPOL_COND_EXPR_NEQ 7 /* bool != bool */
|
||||
typedef struct qpol_cond_expr_node {} qpol_cond_expr_node_t;
|
||||
%extend qpol_cond_expr_node_t {
|
||||
- qpol_cond_expr_node_t() {
|
||||
+ qpol_cond_expr_node() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_expr_node_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_cond_expr_node_t() {
|
||||
+ ~qpol_cond_expr_node() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2602,14 +2602,14 @@ typedef struct qpol_cond_expr_node {} qpol_cond_expr_node_t;
|
||||
/* qpol type set */
|
||||
typedef struct qpol_type_set {} qpol_type_set_t;
|
||||
%extend qpol_type_set_t {
|
||||
- qpol_type_set_t() {
|
||||
+ qpol_type_set() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_type_set_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_type_set_t() {
|
||||
+ ~qpol_type_set() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2665,14 +2665,14 @@ typedef struct qpol_type_set {} qpol_type_set_t;
|
||||
/* qpol syn av rule */
|
||||
typedef struct qpol_syn_avrule {} qpol_syn_avrule_t;
|
||||
%extend qpol_syn_avrule_t {
|
||||
- qpol_syn_avrule_t() {
|
||||
+ qpol_syn_avrule() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_avrule_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_syn_avrule_t() {
|
||||
+ ~qpol_syn_avrule() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2778,14 +2778,14 @@ typedef struct qpol_syn_avrule {} qpol_syn_avrule_t;
|
||||
/* qpol syn te rule */
|
||||
typedef struct qpol_syn_terule {} qpol_syn_terule_t;
|
||||
%extend qpol_syn_terule_t {
|
||||
- qpol_syn_terule_t() {
|
||||
+ qpol_syn_terule() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_terule_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~qpol_syn_terule_t() {
|
||||
+ ~qpol_syn_terule() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
--
|
||||
1.8.5.3
|
||||
|
97
0004-Apply-selinux_current_policy_path-patch.patch
Normal file
97
0004-Apply-selinux_current_policy_path-patch.patch
Normal file
@ -0,0 +1,97 @@
|
||||
From 85a12d481d664120865b46cd1c4c325307179471 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 10:53:54 +0200
|
||||
Subject: [PATCH 04/11] Apply selinux_current_policy_path patch
|
||||
|
||||
---
|
||||
libqpol/src/util.c | 73 ++++--------------------------------------------------
|
||||
1 file changed, 5 insertions(+), 68 deletions(-)
|
||||
|
||||
diff --git a/libqpol/src/util.c b/libqpol/src/util.c
|
||||
index 7c49876..8f74b2b 100644
|
||||
--- a/libqpol/src/util.c
|
||||
+++ b/libqpol/src/util.c
|
||||
@@ -84,75 +84,12 @@ static int get_binpol_version(const char *policy_fname)
|
||||
|
||||
static int search_policy_binary_file(char **path)
|
||||
{
|
||||
- const char *binary_path;
|
||||
- if ((binary_path = selinux_binary_policy_path()) == NULL) {
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- int expected_version = -1, latest_version = -1;
|
||||
-#ifdef LIBSELINUX
|
||||
- /* if the system has SELinux enabled, prefer the policy whose
|
||||
- name matches the current policy version */
|
||||
- if ((expected_version = security_policyvers()) < 0) {
|
||||
- return -1;
|
||||
- }
|
||||
-#endif
|
||||
-
|
||||
- glob_t glob_buf;
|
||||
- struct stat fs;
|
||||
- int rt, error = 0, retval = -1;
|
||||
- size_t i;
|
||||
- char *pattern = NULL;
|
||||
- if (asprintf(&pattern, "%s.*", binary_path) < 0) {
|
||||
- return -1;
|
||||
- }
|
||||
- glob_buf.gl_offs = 1;
|
||||
- glob_buf.gl_pathc = 0;
|
||||
- rt = glob(pattern, GLOB_DOOFFS, NULL, &glob_buf);
|
||||
- if (rt != 0 && rt != GLOB_NOMATCH) {
|
||||
- errno = EIO;
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- for (i = 0; i < glob_buf.gl_pathc; i++) {
|
||||
- char *p = glob_buf.gl_pathv[i + glob_buf.gl_offs];
|
||||
- if (stat(p, &fs) != 0) {
|
||||
- error = errno;
|
||||
- goto cleanup;
|
||||
- }
|
||||
- if (S_ISDIR(fs.st_mode))
|
||||
- continue;
|
||||
-
|
||||
- if ((rt = get_binpol_version(p)) < 0) {
|
||||
- error = errno;
|
||||
- goto cleanup;
|
||||
- }
|
||||
-
|
||||
- if (rt > latest_version || rt == expected_version) {
|
||||
- free(*path);
|
||||
- if ((*path = strdup(p)) == NULL) {
|
||||
- error = errno;
|
||||
- goto cleanup;
|
||||
- }
|
||||
- if (rt == expected_version) {
|
||||
- break;
|
||||
- }
|
||||
- latest_version = rt;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- if (*path == NULL) {
|
||||
- retval = 1;
|
||||
- } else {
|
||||
- retval = 0;
|
||||
- }
|
||||
- cleanup:
|
||||
- free(pattern);
|
||||
- globfree(&glob_buf);
|
||||
- if (retval == -1) {
|
||||
- errno = error;
|
||||
+ const char *binary_path = selinux_current_policy_path();
|
||||
+ if (binary_path) {
|
||||
+ *path = strdup(binary_path);
|
||||
+ if (*path) return 0;
|
||||
}
|
||||
- return retval;
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
int qpol_default_policy_find(char **path)
|
||||
--
|
||||
1.8.5.3
|
||||
|
24
0005-Apply-seaudit-patch-for-progress.c.patch
Normal file
24
0005-Apply-seaudit-patch-for-progress.c.patch
Normal file
@ -0,0 +1,24 @@
|
||||
From ba8e76cd514e8ce92a48931963e97fe79589a71a Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 11:12:37 +0200
|
||||
Subject: [PATCH 05/11] Apply seaudit patch for progress.c
|
||||
|
||||
---
|
||||
libqpol/swig/java/Makefile.am | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/libqpol/swig/java/Makefile.am b/libqpol/swig/java/Makefile.am
|
||||
index a25eacb..533b55a 100644
|
||||
--- a/libqpol/swig/java/Makefile.am
|
||||
+++ b/libqpol/swig/java/Makefile.am
|
||||
@@ -48,7 +48,6 @@ BUILT_SOURCES = qpol_wrap.c \
|
||||
qpol_type_t.java \
|
||||
qpol_user_t.java \
|
||||
qpol_validatetrans_t.java \
|
||||
- SWIGTYPE_p_int.java \
|
||||
SWIGTYPE_p_unsigned_int.java \
|
||||
SWIGTYPE_p_void.java
|
||||
|
||||
--
|
||||
1.8.5.3
|
||||
|
39
0006-Add-support-for-boolean-subs.patch
Normal file
39
0006-Add-support-for-boolean-subs.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From 61d3d40e791a4ac392930f11785e4057f67a5b09 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 11:14:50 +0200
|
||||
Subject: [PATCH 06/11] Add support for boolean subs
|
||||
|
||||
---
|
||||
secmds/seinfo.c | 2 +-
|
||||
secmds/sesearch.c | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
|
||||
index a970890..54b2a6a 100644
|
||||
--- a/secmds/seinfo.c
|
||||
+++ b/secmds/seinfo.c
|
||||
@@ -1720,7 +1720,7 @@ int main(int argc, char **argv)
|
||||
case 'b': /* conditional booleans */
|
||||
bools = 1;
|
||||
if (optarg != 0)
|
||||
- bool_name = optarg;
|
||||
+ bool_name = selinux_boolean_sub(optarg);
|
||||
break;
|
||||
case OPT_INITIALSID:
|
||||
isids = 1;
|
||||
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
|
||||
index 387d526..e1436a7 100644
|
||||
--- a/secmds/sesearch.c
|
||||
+++ b/secmds/sesearch.c
|
||||
@@ -1067,7 +1067,7 @@ int main(int argc, char **argv)
|
||||
printf("Missing boolean for -b (--bool)\n");
|
||||
exit(1);
|
||||
}
|
||||
- cmd_opts.bool_name = strdup(optarg);
|
||||
+ cmd_opts.bool_name = strdup(selinux_boolean_sub(optarg));
|
||||
if (!cmd_opts.bool_name) {
|
||||
fprintf(stderr, "%s\n", strerror(errno));
|
||||
exit(1);
|
||||
--
|
||||
1.8.5.3
|
||||
|
276
0007-Setools-noship.patch
Normal file
276
0007-Setools-noship.patch
Normal file
@ -0,0 +1,276 @@
|
||||
From a39d0831d654292fb2a1f7b9ee18ecc9239f610f Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 18:38:34 +0200
|
||||
Subject: [PATCH 07/11] Setools noship
|
||||
|
||||
---
|
||||
Makefile.am | 26 +++-----------------------
|
||||
configure.ac | 2 +-
|
||||
man/Makefile.am | 15 +++------------
|
||||
seaudit/Makefile.am | 31 +++----------------------------
|
||||
secmds/Makefile.am | 14 +-------------
|
||||
sediff/Makefile.am | 32 ++------------------------------
|
||||
6 files changed, 13 insertions(+), 107 deletions(-)
|
||||
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index 176c8ea..4cac386 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -10,7 +10,7 @@ if BUILD_GUI
|
||||
endif
|
||||
# sediffx is also built conditionally, from sediffx/Makefile.am
|
||||
|
||||
-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
|
||||
+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
|
||||
|
||||
#old indent opts
|
||||
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
|
||||
@@ -49,12 +49,6 @@ seaudit: libqpol libapol libseaudit
|
||||
sediff: libqpol libapol libpoldiff
|
||||
$(MAKE) -C $(top_srcdir)/sediff sediff
|
||||
|
||||
-sediffx: libqpol libapol libpoldiff
|
||||
- $(MAKE) -C $(top_srcdir)/sediff sediffx
|
||||
-
|
||||
-sechecker: libqpol libapol libsefs
|
||||
- $(MAKE) -C $(top_srcdir)/sechecker
|
||||
-
|
||||
help:
|
||||
@echo "Make targets for SETools:"
|
||||
@echo " all: build everything, but do not install"
|
||||
@@ -65,8 +59,6 @@ help:
|
||||
@echo " secmds: build command line tools"
|
||||
@echo " seaudit: build audit log analysis tools"
|
||||
@echo " sediff: build semantic policy diff command line tool"
|
||||
- @echo " sediffx: build semantic policy diff graphical tool"
|
||||
- @echo " sechecker: build policy checking tool"
|
||||
@echo ""
|
||||
@echo " install-logwatch: install LogWatch config files for seaudit-report"
|
||||
@echo " (requires LogWatch and root privileges)"
|
||||
@@ -78,9 +70,9 @@ install-logwatch:
|
||||
$(MAKE) -C $(top_srcdir)/seaudit install-logwatch
|
||||
|
||||
.PHONY: libqpol libapol libpoldiff libsefs libseaudit \
|
||||
- apol secmds seaudit sediff sediffx sechecker \
|
||||
+ apol secmds seaudit sediff \
|
||||
install-logwatch help \
|
||||
- seinfo sesearch indexcon findcon replcon searchcon \
|
||||
+ seinfo sesearch \
|
||||
packages
|
||||
|
||||
seinfo: libqpol libapol
|
||||
@@ -89,18 +81,6 @@ seinfo: libqpol libapol
|
||||
sesearch: libqpol libapol
|
||||
$(MAKE) -C $(top_srcdir)/secmds sesearch
|
||||
|
||||
-indexcon: libqpol libapol libsefs
|
||||
- $(MAKE) -C $(top_srcdir)/secmds indexcon
|
||||
-
|
||||
-findcon: libqpol libapol libsefs
|
||||
- $(MAKE) -C $(top_srcdir)/secmds findcon
|
||||
-
|
||||
-replcon: libqpol libapol libsefs
|
||||
- $(MAKE) -C $(top_srcdir)/secmds replcon
|
||||
-
|
||||
-searchcon: libqpol libapol libsefs
|
||||
- $(MAKE) -C $(top_srcdir)/secmds searchcon
|
||||
-
|
||||
packages:
|
||||
$(MAKE) -C $(top_srcdir)/packages
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 2a5b55b..5b1da5e 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -63,7 +63,7 @@ if test ${ac_cv_prog_cc_c99} = "no"; then
|
||||
fi
|
||||
AC_PROG_CXX
|
||||
AC_LANG([C])
|
||||
-AC_PROG_LIBTOOL
|
||||
+AC_PROG_RANLIB
|
||||
AC_PROG_LN_S
|
||||
AC_PROG_LEX
|
||||
AC_PROG_YACC
|
||||
diff --git a/man/Makefile.am b/man/Makefile.am
|
||||
index 0fafccb..f88e00a 100644
|
||||
--- a/man/Makefile.am
|
||||
+++ b/man/Makefile.am
|
||||
@@ -1,19 +1,10 @@
|
||||
if BUILD_GUI
|
||||
MAYBEMANS = apol.1 \
|
||||
- seaudit.8 seaudit-report.8 \
|
||||
- sediffx.1
|
||||
+ seaudit.8
|
||||
endif
|
||||
|
||||
EXTRA_DIST=$(man_MANS) apol.1 \
|
||||
- seaudit.8 seaudit-report.8.in \
|
||||
- sediffx.1
|
||||
+ seaudit.8
|
||||
|
||||
-man_MANS = findcon.1 indexcon.1 replcon.1 \
|
||||
- sechecker.1 \
|
||||
- sediff.1 \
|
||||
+man_MANS = sediff.1 \
|
||||
seinfo.1 sesearch.1 $(MAYBEMANS)
|
||||
-
|
||||
-seaudit-report.8: seaudit-report.8.in Makefile
|
||||
- sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
|
||||
-
|
||||
-CLEANFILES = seaudit-report.8
|
||||
diff --git a/seaudit/Makefile.am b/seaudit/Makefile.am
|
||||
index 1987c99..3fa4413 100644
|
||||
--- a/seaudit/Makefile.am
|
||||
+++ b/seaudit/Makefile.am
|
||||
@@ -1,5 +1,4 @@
|
||||
setoolsdir = @setoolsdir@
|
||||
-bin_PROGRAMS = seaudit-report
|
||||
sbin_PROGRAMS = seaudit
|
||||
|
||||
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
|
||||
@@ -20,13 +19,10 @@ LDADD = @SELINUX_LIB_FLAG@ @SEAUDIT_LIB_FLAG@ @APOL_LIB_FLAG@ @QPOL_LIB_FLAG@
|
||||
dist_setools_DATA = \
|
||||
seaudit.glade \
|
||||
seaudit_help.txt \
|
||||
- seaudit-report.conf \
|
||||
- seaudit-report.css \
|
||||
seaudit.png seaudit-small.png
|
||||
|
||||
nodist_setools_DATA = \
|
||||
- dot_seaudit \
|
||||
- seaudit-report-service
|
||||
+ dot_seaudit
|
||||
|
||||
seaudit_SOURCES = \
|
||||
filter_view.c filter_view.h \
|
||||
@@ -50,31 +46,12 @@ seaudit_DEPENDENCIES = $(top_builddir)/libseaudit/src/libseaudit.so \
|
||||
dot_seaudit: dot_seaudit.in Makefile
|
||||
sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
|
||||
|
||||
-seaudit_report_SOURCES = seaudit-report.c
|
||||
-seaudit_report_DEPENDENCIES = $(top_builddir)/libseaudit/src/libseaudit.so \
|
||||
- $(top_builddir)/libapol/src/libapol.so \
|
||||
- $(top_builddir)/libqpol/src/libqpol.so
|
||||
-
|
||||
logwatch = $(DESTDIR)/etc/logwatch
|
||||
LOGWATCH_GROUP = $(logwatch)/conf/logfiles
|
||||
LOGWATCH_SERVICE = $(logwatch)/conf/services
|
||||
LOGWATCH_FILTER = $(logwatch)/scripts/services
|
||||
|
||||
-dist_noinst_DATA = dot_seaudit.in \
|
||||
- seaudit-report-group.conf \
|
||||
- seaudit-report-service.conf \
|
||||
- seaudit-report-service.in
|
||||
-
|
||||
-seaudit-report-service: seaudit-report-service.in Makefile
|
||||
- sed -e 's|\@bindir\@|$(bindir)|g' $< > $@
|
||||
-
|
||||
-install-logwatch: $(dist_noinst_DATA) seaudit-report-service
|
||||
- mkdir -p -- $(LOGWATCH_GROUP)
|
||||
- install -m 644 seaudit-report-group.conf $(LOGWATCH_GROUP)
|
||||
- mkdir -p -- $(LOGWATCH_SERVICE)
|
||||
- install -m 644 seaudit-report-service.conf $(LOGWATCH_SERVICE)
|
||||
- mkdir -p -- $(LOGWATCH_FILTER)
|
||||
- install -m 755 seaudit-report-service $(LOGWATCH_FILTER)
|
||||
+dist_noinst_DATA = dot_seaudit.in
|
||||
|
||||
$(top_builddir)/libapol/src/libapol.so:
|
||||
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
|
||||
@@ -85,6 +62,4 @@ $(top_builddir)/libqpol/src/libqpol.so:
|
||||
$(top_builddir)/libsefs/src/libsefs.so:
|
||||
$(MAKE) -C $(top_builddir)/libsefs/src $(notdir $@)
|
||||
|
||||
-.PHONY: install-logwatch
|
||||
-
|
||||
-CLEANFILES = dot_seaudit seaudit-report-service
|
||||
+CLEANFILES = dot_seaudit
|
||||
diff --git a/secmds/Makefile.am b/secmds/Makefile.am
|
||||
index ddc88b1..7fa4364 100644
|
||||
--- a/secmds/Makefile.am
|
||||
+++ b/secmds/Makefile.am
|
||||
@@ -1,6 +1,6 @@
|
||||
# various setools command line tools
|
||||
|
||||
-bin_PROGRAMS = seinfo sesearch findcon replcon indexcon
|
||||
+bin_PROGRAMS = seinfo sesearch
|
||||
|
||||
# These are for indexcon so that it is usable on machines without setools
|
||||
STATICLIBS = ../libsefs/src/libsefs.a ../libapol/src/libapol.a ../libqpol/src/libqpol.a -lsqlite3
|
||||
@@ -18,18 +18,6 @@ seinfo_SOURCES = seinfo.c
|
||||
|
||||
sesearch_SOURCES = sesearch.c
|
||||
|
||||
-indexcon_SOURCES = indexcon.cc
|
||||
-indexcon_LDADD = @SELINUX_LIB_FLAG@ $(STATICLIBS)
|
||||
-indexcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
|
||||
-
|
||||
-findcon_SOURCES = findcon.cc
|
||||
-findcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
|
||||
-findcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
|
||||
-
|
||||
-replcon_SOURCES = replcon.cc
|
||||
-replcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
|
||||
-replcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
|
||||
-
|
||||
$(top_builddir)/libapol/src/libapol.so:
|
||||
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
|
||||
|
||||
diff --git a/sediff/Makefile.am b/sediff/Makefile.am
|
||||
index 3f53cd3..2d9ce84 100644
|
||||
--- a/sediff/Makefile.am
|
||||
+++ b/sediff/Makefile.am
|
||||
@@ -1,13 +1,6 @@
|
||||
setoolsdir = @setoolsdir@
|
||||
|
||||
-dist_setools_DATA = sediff_help.txt sediffx.glade \
|
||||
- sediffx.png sediffx-small.png
|
||||
-
|
||||
-if BUILD_GUI
|
||||
- MAYBE_SEDIFFX = sediffx
|
||||
-endif
|
||||
-
|
||||
-bin_PROGRAMS = sediff $(MAYBE_SEDIFFX)
|
||||
+bin_PROGRAMS = sediff
|
||||
|
||||
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
|
||||
@QPOL_CFLAGS@ @APOL_CFLAGS@ @POLDIFF_CFLAGS@
|
||||
@@ -15,14 +8,7 @@ AM_LDFLAGS = @DEBUGLDFLAGS@ @WARNLDFLAGS@ @PROFILELDFLAGS@
|
||||
|
||||
LDADD = @SELINUX_LIB_FLAG@ @POLDIFF_LIB_FLAG@ @APOL_LIB_FLAG@ @QPOL_LIB_FLAG@
|
||||
|
||||
-sediff_CFLAGS = $(AM_CFLAGS)
|
||||
-sediffx_CFLAGS = $(AM_CFLAGS) \
|
||||
- @GTK_CFLAGS@ @PIXBUF_CFLAGS@ @GLADE_CFLAGS@ @GTHREAD_CFLAGS@
|
||||
-
|
||||
-# need the -rdynamic flag below - glade uses dlopen() upon sediffx callbacks
|
||||
-sediffx_LDFLAGS = $(AM_LDFLAGS) \
|
||||
- @GTK_LIBS@ @PIXBUF_LIBS@ @GLADE_LIBS@ @GTHREAD_LIBS@ @XML_LIBS@ \
|
||||
- -rdynamic
|
||||
+sediff_CFLAGS = $(AM_CFLAGS)
|
||||
|
||||
DEPENDENCIES = $(top_builddir)/libpoldiff/src/libpoldiff.so \
|
||||
$(top_builddir)/libapol/src/libapol.so \
|
||||
@@ -30,20 +16,6 @@ DEPENDENCIES = $(top_builddir)/libpoldiff/src/libpoldiff.so \
|
||||
|
||||
sediff_SOURCES = sediff.c
|
||||
|
||||
-sediffx_SOURCES = \
|
||||
- find_dialog.c find_dialog.h \
|
||||
- open_policies_dialog.c open_policies_dialog.h \
|
||||
- policy_view.c policy_view.h \
|
||||
- progress.c progress.h \
|
||||
- remap_types_dialog.c remap_types_dialog.h \
|
||||
- result_item.c result_item.h \
|
||||
- result_item_render.c result_item_render.h \
|
||||
- results.c results.h \
|
||||
- select_diff_dialog.c select_diff_dialog.h \
|
||||
- toplevel.c toplevel.h \
|
||||
- utilgui.c utilgui.h \
|
||||
- sediffx.c sediffx.h
|
||||
-
|
||||
$(top_builddir)/libpoldiff/src/libpoldiff.so:
|
||||
$(MAKE) -C $(top_builddir)/libpoldiff/src $(notdir $@)
|
||||
|
||||
--
|
||||
1.8.5.3
|
||||
|
92
0008-Add-alias-support-to-seinfo-t.patch
Normal file
92
0008-Add-alias-support-to-seinfo-t.patch
Normal file
@ -0,0 +1,92 @@
|
||||
From 1136e61a9839ad3b60eb2da4d624413c02545c7d Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 18:42:27 +0200
|
||||
Subject: [PATCH 08/11] Add alias support to seinfo -t
|
||||
|
||||
---
|
||||
secmds/seinfo.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 48 insertions(+)
|
||||
|
||||
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
|
||||
index 54b2a6a..1878c49 100644
|
||||
--- a/secmds/seinfo.c
|
||||
+++ b/secmds/seinfo.c
|
||||
@@ -46,6 +46,7 @@
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
#include <getopt.h>
|
||||
+#include <selinux/selinux.h>
|
||||
|
||||
#define COPYRIGHT_INFO "Copyright (C) 2003-2007 Tresys Technology, LLC"
|
||||
|
||||
@@ -54,6 +55,7 @@
|
||||
|
||||
static char *policy_file = NULL;
|
||||
|
||||
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb);
|
||||
static int print_type_attrs(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
|
||||
static int print_attr_types(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
|
||||
static int print_user_roles(FILE * fp, const qpol_user_t * user_datum, const apol_policy_t * policydb, const int expand);
|
||||
@@ -514,6 +516,7 @@ static int print_types(FILE * fp, const char *name, int expand, const apol_polic
|
||||
goto cleanup;
|
||||
if (print_type_attrs(fp, type_datum, policydb, expand))
|
||||
goto cleanup;
|
||||
+ print_type_aliases(fp, type_datum, policydb);
|
||||
} else {
|
||||
if (qpol_policy_get_type_iter(q, &iter))
|
||||
goto cleanup;
|
||||
@@ -1912,6 +1915,51 @@ int main(int argc, char **argv)
|
||||
}
|
||||
|
||||
/**
|
||||
+ * Prints the alias of a type.
|
||||
+ *
|
||||
+ * @param fp Reference to a file to which to print type information
|
||||
+ * @param type_datum Reference to sepol type_datum
|
||||
+ * @param policydb Reference to a policy
|
||||
+ * attributes
|
||||
+ */
|
||||
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb)
|
||||
+{
|
||||
+ qpol_iterator_t *iter = NULL;
|
||||
+ size_t alias_size;
|
||||
+ unsigned char isattr, isalias;
|
||||
+ const char *type_name = NULL;
|
||||
+ const char *alias_name;
|
||||
+ qpol_policy_t *q = apol_policy_get_qpol(policydb);
|
||||
+
|
||||
+ if (qpol_type_get_name(q, type_datum, &type_name))
|
||||
+ goto cleanup;
|
||||
+ if (qpol_type_get_isattr(q, type_datum, &isattr))
|
||||
+ goto cleanup;
|
||||
+ if (qpol_type_get_isalias(q, type_datum, &isalias))
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ if (isalias) {
|
||||
+ fprintf(fp, " TypeName %s\n", type_name);
|
||||
+ }
|
||||
+ if (qpol_type_get_alias_iter(q, type_datum, &iter))
|
||||
+ goto cleanup;
|
||||
+ if (qpol_iterator_get_size(iter, &alias_size))
|
||||
+ goto cleanup;
|
||||
+ if (alias_size > 0) {
|
||||
+ fprintf(fp, " Aliases\n");
|
||||
+ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
|
||||
+ if (qpol_iterator_get_item(iter, (void **)&alias_name))
|
||||
+ goto cleanup;
|
||||
+ fprintf(fp, " %s\n", alias_name);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ cleanup:
|
||||
+ qpol_iterator_destroy(&iter);
|
||||
+ return;
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
* Prints a textual representation of a type, and possibly
|
||||
* all of that type's attributes.
|
||||
*
|
||||
--
|
||||
1.8.5.3
|
||||
|
258
0009-Fix-help-message-on-sesearch-D.patch
Normal file
258
0009-Fix-help-message-on-sesearch-D.patch
Normal file
@ -0,0 +1,258 @@
|
||||
From bbe9f57845101d07eef31a772946437b3245c7d5 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 18:46:24 +0200
|
||||
Subject: [PATCH 09/11] Fix help message on sesearch -D
|
||||
|
||||
---
|
||||
man/sesearch.1 | 2 +-
|
||||
secmds/sesearch.c | 77 +++++++++++++++++--------------------------------------
|
||||
2 files changed, 25 insertions(+), 54 deletions(-)
|
||||
|
||||
diff --git a/man/sesearch.1 b/man/sesearch.1
|
||||
index 573aedd..dc119eb 100644
|
||||
--- a/man/sesearch.1
|
||||
+++ b/man/sesearch.1
|
||||
@@ -43,7 +43,7 @@ Search for allow rules.
|
||||
Search for neverallow rules.
|
||||
.IP "--auditallow"
|
||||
Search for auditallow rules.
|
||||
-.IP "--dontaudit"
|
||||
+.IP "-D, --dontaudit"
|
||||
Search for dontaudit rules.
|
||||
.IP "-T, --type"
|
||||
Search for type_transition, type_member, and type_change rules.
|
||||
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
|
||||
index e1436a7..f53d670 100644
|
||||
--- a/secmds/sesearch.c
|
||||
+++ b/secmds/sesearch.c
|
||||
@@ -24,6 +24,7 @@
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
+#include <selinux/selinux.h>
|
||||
|
||||
/* libapol */
|
||||
#include <apol/policy.h>
|
||||
@@ -61,9 +62,8 @@ enum opt_values
|
||||
static struct option const longopts[] = {
|
||||
{"allow", no_argument, NULL, 'A'},
|
||||
{"neverallow", no_argument, NULL, RULE_NEVERALLOW},
|
||||
- {"audit", no_argument, NULL, RULE_AUDIT},
|
||||
{"auditallow", no_argument, NULL, RULE_AUDITALLOW},
|
||||
- {"dontaudit", no_argument, NULL, RULE_DONTAUDIT},
|
||||
+ {"dontaudit", no_argument, NULL, 'D'},
|
||||
{"type", no_argument, NULL, 'T'},
|
||||
{"role_allow", no_argument, NULL, RULE_ROLE_ALLOW},
|
||||
{"role_trans", no_argument, NULL, RULE_ROLE_TRANS},
|
||||
@@ -72,7 +72,6 @@ static struct option const longopts[] = {
|
||||
|
||||
{"source", required_argument, NULL, 's'},
|
||||
{"target", required_argument, NULL, 't'},
|
||||
- {"default", required_argument, NULL, 'D'},
|
||||
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
|
||||
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
|
||||
{"class", required_argument, NULL, 'c'},
|
||||
@@ -129,7 +128,7 @@ void usage(const char *program_name, int brief)
|
||||
printf(" -A, --allow allow rules\n");
|
||||
printf(" --neverallow neverallow rules\n");
|
||||
printf(" --auditallow auditallow rules\n");
|
||||
- printf(" --dontaudit dontaudit rules\n");
|
||||
+ printf(" -D, --dontaudit dontaudit rules\n");
|
||||
printf(" -T, --type type_trans, type_member, and type_change\n");
|
||||
printf(" --role_allow role allow rules\n");
|
||||
printf(" --role_trans role_transition rules\n");
|
||||
@@ -138,7 +137,6 @@ void usage(const char *program_name, int brief)
|
||||
printf("EXPRESSIONS:\n");
|
||||
printf(" -s NAME, --source=NAME rules with type/attribute NAME as source\n");
|
||||
printf(" -t NAME, --target=NAME rules with type/attribute NAME as target\n");
|
||||
- printf(" -D NAME, --default=NAME rules with type NAME as default\n");
|
||||
printf(" --role_source=NAME rules with role NAME as source\n");
|
||||
printf(" --role_target=NAME rules with role NAME as target\n");
|
||||
printf(" -c NAME, --class=NAME rules with class NAME as the object class\n");
|
||||
@@ -296,10 +294,8 @@ static void print_syn_av_results(const apol_policy_t * policy, const options_t *
|
||||
tmp = apol_cond_expr_render(policy, cond);
|
||||
enable_char = (enabled ? 'E' : 'D');
|
||||
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
|
||||
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
|
||||
- expr = NULL;
|
||||
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
|
||||
goto cleanup;
|
||||
- }
|
||||
free(tmp);
|
||||
tmp = NULL;
|
||||
if (!expr)
|
||||
@@ -362,10 +358,8 @@ static void print_av_results(const apol_policy_t * policy, const options_t * opt
|
||||
qpol_iterator_destroy(&iter);
|
||||
enable_char = (enabled ? 'E' : 'D');
|
||||
branch_char = (list ? 'T' : 'F');
|
||||
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
|
||||
- expr = NULL;
|
||||
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
|
||||
goto cleanup;
|
||||
- }
|
||||
free(tmp);
|
||||
tmp = NULL;
|
||||
if (!expr)
|
||||
@@ -421,8 +415,6 @@ static int perform_te_query(const apol_policy_t * policy, const options_t * opt,
|
||||
apol_terule_query_set_target(policy, teq, opt->tgt_name, opt->indirect);
|
||||
if (opt->bool_name)
|
||||
apol_terule_query_set_bool(policy, teq, opt->bool_name);
|
||||
- if (opt->default_name)
|
||||
- apol_terule_query_set_default(policy, teq, opt->default_name);
|
||||
if (opt->class_name) {
|
||||
if (opt->class_vector == NULL) {
|
||||
if (apol_terule_query_append_class(policy, teq, opt->class_name)) {
|
||||
@@ -499,14 +491,12 @@ static void print_syn_te_results(const apol_policy_t * policy, const options_t *
|
||||
tmp = apol_cond_expr_render(policy, cond);
|
||||
enable_char = (enabled ? 'E' : 'D');
|
||||
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
|
||||
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
|
||||
- expr = NULL;
|
||||
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
|
||||
goto cleanup;
|
||||
- }
|
||||
free(tmp);
|
||||
tmp = NULL;
|
||||
if (!expr)
|
||||
- goto cleanup;
|
||||
+ break;
|
||||
}
|
||||
}
|
||||
if (!(rule_str = apol_syn_terule_render(policy, rule)))
|
||||
@@ -567,10 +557,8 @@ static void print_te_results(const apol_policy_t * policy, const options_t * opt
|
||||
qpol_iterator_destroy(&iter);
|
||||
enable_char = (enabled ? 'E' : 'D');
|
||||
branch_char = (list ? 'T' : 'F');
|
||||
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
|
||||
- expr = NULL;
|
||||
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
|
||||
goto cleanup;
|
||||
- }
|
||||
free(tmp);
|
||||
tmp = NULL;
|
||||
if (!expr)
|
||||
@@ -629,7 +617,6 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
-
|
||||
if (opt->default_name) {
|
||||
if (apol_filename_trans_query_set_default(policy, ftq, opt->default_name)) {
|
||||
error = errno;
|
||||
@@ -677,13 +664,12 @@ static void print_ft_results(const apol_policy_t * policy, const options_t * opt
|
||||
{
|
||||
size_t i, num_filename_trans = 0;
|
||||
const qpol_filename_trans_t *filename_trans = NULL;
|
||||
- char *filename_trans_str = NULL;
|
||||
- qpol_iterator_t *iter = NULL;
|
||||
+ char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
|
||||
|
||||
if (!(num_filename_trans = apol_vector_get_size(v)))
|
||||
goto cleanup;
|
||||
|
||||
- fprintf(stdout, "Found %zd named file transition rules:\n", num_filename_trans);
|
||||
+ fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
|
||||
|
||||
for (i = 0; i < num_filename_trans; i++) {
|
||||
if (!(filename_trans = apol_vector_get_element(v, i)))
|
||||
@@ -691,13 +677,17 @@ static void print_ft_results(const apol_policy_t * policy, const options_t * opt
|
||||
|
||||
if (!(filename_trans_str = apol_filename_trans_render(policy, filename_trans)))
|
||||
goto cleanup;
|
||||
- fprintf(stdout, "%s\n", filename_trans_str);
|
||||
+ fprintf(stdout, "%s %s\n", filename_trans_str, expr ? expr : "");
|
||||
free(filename_trans_str);
|
||||
filename_trans_str = NULL;
|
||||
+ free(expr);
|
||||
+ expr = NULL;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
+ free(tmp);
|
||||
free(filename_trans_str);
|
||||
+ free(expr);
|
||||
}
|
||||
|
||||
static int perform_ra_query(const apol_policy_t * policy, const options_t * opt, apol_vector_t ** v)
|
||||
@@ -814,13 +804,6 @@ static int perform_rt_query(const apol_policy_t * policy, const options_t * opt,
|
||||
}
|
||||
}
|
||||
|
||||
- if (opt->default_name) {
|
||||
- if (apol_role_trans_query_set_default(policy, rtq, opt->default_name)) {
|
||||
- error = errno;
|
||||
- goto err;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
if (apol_role_trans_get_by_query(policy, rtq, v)) {
|
||||
error = errno;
|
||||
goto err;
|
||||
@@ -973,7 +956,7 @@ int main(int argc, char **argv)
|
||||
|
||||
memset(&cmd_opts, 0, sizeof(cmd_opts));
|
||||
cmd_opts.indirect = true;
|
||||
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
|
||||
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dDRnSChV", longopts, NULL)) != -1) {
|
||||
switch (optc) {
|
||||
case 0:
|
||||
break;
|
||||
@@ -1001,18 +984,6 @@ int main(int argc, char **argv)
|
||||
exit(1);
|
||||
}
|
||||
break;
|
||||
- case 'D': /* default */
|
||||
- if (optarg == 0) {
|
||||
- usage(argv[0], 1);
|
||||
- printf("Missing default type for -D (--default)\n");
|
||||
- exit(1);
|
||||
- }
|
||||
- cmd_opts.default_name = strdup(optarg);
|
||||
- if (!cmd_opts.default_name) {
|
||||
-
|
||||
- exit(1);
|
||||
- }
|
||||
- break;
|
||||
case EXPR_ROLE_SOURCE:
|
||||
if (optarg == 0) {
|
||||
usage(argv[0], 1);
|
||||
@@ -1093,7 +1064,7 @@ int main(int argc, char **argv)
|
||||
case RULE_AUDITALLOW:
|
||||
cmd_opts.auditallow = true;
|
||||
break;
|
||||
- case RULE_DONTAUDIT:
|
||||
+ case 'D':
|
||||
cmd_opts.dontaudit = true;
|
||||
break;
|
||||
case 'T': /* type */
|
||||
@@ -1273,12 +1244,13 @@ int main(int argc, char **argv)
|
||||
fprintf(stdout, "\n");
|
||||
}
|
||||
|
||||
- apol_vector_destroy(&v);
|
||||
- if (perform_ft_query(policy, &cmd_opts, &v)) {
|
||||
- rt = 1;
|
||||
- goto cleanup;
|
||||
- }
|
||||
- if (v) {
|
||||
+ if (cmd_opts.all || cmd_opts.type) {
|
||||
+ apol_vector_destroy(&v);
|
||||
+ if (perform_ft_query(policy, &cmd_opts, &v)) {
|
||||
+ rt = 1;
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
+
|
||||
print_ft_results(policy, &cmd_opts, v);
|
||||
fprintf(stdout, "\n");
|
||||
}
|
||||
@@ -1317,7 +1289,6 @@ int main(int argc, char **argv)
|
||||
apol_policy_path_destroy(&pol_path);
|
||||
free(cmd_opts.src_name);
|
||||
free(cmd_opts.tgt_name);
|
||||
- free(cmd_opts.default_name);
|
||||
free(cmd_opts.class_name);
|
||||
free(cmd_opts.permlist);
|
||||
free(cmd_opts.bool_name);
|
||||
--
|
||||
1.8.5.3
|
||||
|
964
0010-Apply-swig-patch-to-make-apol-work-again.patch
Normal file
964
0010-Apply-swig-patch-to-make-apol-work-again.patch
Normal file
@ -0,0 +1,964 @@
|
||||
From 5d1423e1473bbbcbdd7bba8a57ed7542d1abb285 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 11:13:30 +0200
|
||||
Subject: [PATCH 10/11] Apply swig patch to make apol work again
|
||||
|
||||
---
|
||||
libapol/swig/apol.i | 218 ++++++++++++++++++++++++++--------------------------
|
||||
1 file changed, 109 insertions(+), 109 deletions(-)
|
||||
|
||||
diff --git a/libapol/swig/apol.i b/libapol/swig/apol.i
|
||||
index ae1262d..2e9fc55 100644
|
||||
--- a/libapol/swig/apol.i
|
||||
+++ b/libapol/swig/apol.i
|
||||
@@ -256,7 +256,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
|
||||
}
|
||||
%}
|
||||
%extend apol_ip_t {
|
||||
- apol_ip_t(const char *str) {
|
||||
+ apol_ip(const char *str) {
|
||||
apol_ip_t *ip = NULL;
|
||||
BEGIN_EXCEPTION
|
||||
ip = calloc(1, sizeof(*ip));
|
||||
@@ -274,7 +274,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
|
||||
fail:
|
||||
return ip;
|
||||
};
|
||||
- ~apol_ip_t() {
|
||||
+ ~apol_ip() {
|
||||
free(self);
|
||||
};
|
||||
int get_protocol() {
|
||||
@@ -303,16 +303,16 @@ char *apol_file_find_path(const char *file_name);
|
||||
%}
|
||||
typedef struct apol_vector {} apol_vector_t;
|
||||
%extend apol_vector_t {
|
||||
- apol_vector_t() {
|
||||
+ apol_vector() {
|
||||
return apol_vector_create(NULL);
|
||||
};
|
||||
- apol_vector_t(qpol_iterator_t *iter) {
|
||||
+ apol_vector(qpol_iterator_t *iter) {
|
||||
return apol_vector_create_from_iter(iter, NULL);
|
||||
};
|
||||
- apol_vector_t(apol_vector_t *v) {
|
||||
+ apol_vector(apol_vector_t *v) {
|
||||
return apol_vector_create_from_vector(v, NULL, NULL, NULL);
|
||||
};
|
||||
- apol_vector_t(apol_vector_t *a, apol_vector_t *b) {
|
||||
+ apol_vector(apol_vector_t *a, apol_vector_t *b) {
|
||||
return apol_vector_create_from_intersection(a, b, NULL, NULL);
|
||||
};
|
||||
size_t get_size() {
|
||||
@@ -324,7 +324,7 @@ typedef struct apol_vector {} apol_vector_t;
|
||||
void *get_element(size_t i) {
|
||||
return apol_vector_get_element(self, i);
|
||||
};
|
||||
- ~apol_vector_t() {
|
||||
+ ~apol_vector() {
|
||||
apol_vector_destroy(&self);
|
||||
};
|
||||
void append(void *x) {
|
||||
@@ -379,13 +379,13 @@ typedef struct apol_vector {} apol_vector_t;
|
||||
%}
|
||||
typedef struct apol_string_vector {} apol_string_vector_t;
|
||||
%extend apol_string_vector_t {
|
||||
- apol_string_vector_t() {
|
||||
+ apol_string_vector() {
|
||||
return (apol_string_vector_t*)apol_vector_create(free);
|
||||
};
|
||||
- apol_string_vector_t(apol_string_vector_t *v) {
|
||||
+ apol_string_vector(apol_string_vector_t *v) {
|
||||
return (apol_string_vector_t*)apol_vector_create_from_vector((apol_vector_t*)v, apol_str_strdup, NULL, free);
|
||||
};
|
||||
- apol_string_vector_t(apol_string_vector_t *a, apol_string_vector_t *b) {
|
||||
+ apol_string_vector(apol_string_vector_t *a, apol_string_vector_t *b) {
|
||||
return (apol_string_vector_t*)apol_vector_create_from_intersection((apol_vector_t*)a, (apol_vector_t*)b, apol_str_strcmp, NULL);
|
||||
};
|
||||
size_t get_size() {
|
||||
@@ -397,7 +397,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
|
||||
char *get_element(size_t i) {
|
||||
return (char*)apol_vector_get_element((apol_vector_t*)self, i);
|
||||
};
|
||||
- ~apol_string_vector_t() {
|
||||
+ ~apol_string_vector() {
|
||||
apol_vector_destroy((apol_vector_t**)&self);
|
||||
};
|
||||
size_t get_index(char *str) {
|
||||
@@ -462,7 +462,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
|
||||
} apol_policy_path_type_e;
|
||||
typedef struct apol_policy_path {} apol_policy_path_t;
|
||||
%extend apol_policy_path_t {
|
||||
- apol_policy_path_t(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
|
||||
+ apol_policy_path(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
|
||||
apol_policy_path_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
if ((p = apol_policy_path_create(type, primary, (apol_vector_t*)modules)) == NULL) {
|
||||
@@ -472,7 +472,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
|
||||
fail:
|
||||
return p;
|
||||
};
|
||||
- apol_policy_path_t(char *path) {
|
||||
+ apol_policy_path(char *path) {
|
||||
apol_policy_path_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
if ((p = apol_policy_path_create_from_file(path)) == NULL) {
|
||||
@@ -482,7 +482,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
|
||||
fail:
|
||||
return p;
|
||||
};
|
||||
- apol_policy_path_t(char *str, int unused) {
|
||||
+ apol_policy_path(char *str, int unused) {
|
||||
apol_policy_path_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
if ((p = apol_policy_path_create_from_string(str)) == NULL) {
|
||||
@@ -492,7 +492,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
|
||||
fail:
|
||||
return p;
|
||||
};
|
||||
- apol_policy_path_t(apol_policy_path_t *in) {
|
||||
+ apol_policy_path(apol_policy_path_t *in) {
|
||||
apol_policy_path_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
if ((p = apol_policy_path_create_from_policy_path(in)) == NULL) {
|
||||
@@ -502,7 +502,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
|
||||
fail:
|
||||
return p;
|
||||
};
|
||||
- ~apol_policy_path_t() {
|
||||
+ ~apol_policy_path() {
|
||||
apol_policy_path_destroy(&self);
|
||||
};
|
||||
apol_policy_path_type_e get_type() {
|
||||
@@ -549,7 +549,7 @@ typedef struct apol_policy {} apol_policy_t;
|
||||
#define APOL_PERMMAP_BOTH (APOL_PERMMAP_READ | APOL_PERMMAP_WRITE)
|
||||
#define APOL_PERMMAP_NONE 0x10
|
||||
%extend apol_policy_t {
|
||||
- apol_policy_t(apol_policy_path_t *path, int options = 0) {
|
||||
+ apol_policy(apol_policy_path_t *path, int options = 0) {
|
||||
apol_policy_t *p;
|
||||
BEGIN_EXCEPTION
|
||||
p = apol_policy_create_from_policy_path(path, options, apol_swig_message_callback, apol_swig_message_callback_arg);
|
||||
@@ -564,7 +564,7 @@ typedef struct apol_policy {} apol_policy_t;
|
||||
fail:
|
||||
return p;
|
||||
};
|
||||
- ~apol_policy_t() {
|
||||
+ ~apol_policy() {
|
||||
apol_policy_destroy(&self);
|
||||
};
|
||||
int get_policy_type() {
|
||||
@@ -652,7 +652,7 @@ typedef struct apol_policy {} apol_policy_t;
|
||||
/* apol type query */
|
||||
typedef struct apol_type_query {} apol_type_query_t;
|
||||
%extend apol_type_query_t {
|
||||
- apol_type_query_t() {
|
||||
+ apol_type_query() {
|
||||
apol_type_query_t *tq;
|
||||
BEGIN_EXCEPTION
|
||||
tq = apol_type_query_create();
|
||||
@@ -663,7 +663,7 @@ typedef struct apol_type_query {} apol_type_query_t;
|
||||
fail:
|
||||
return tq;
|
||||
};
|
||||
- ~apol_type_query_t() {
|
||||
+ ~apol_type_query() {
|
||||
apol_type_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t *);
|
||||
@@ -694,7 +694,7 @@ typedef struct apol_type_query {} apol_type_query_t;
|
||||
/* apol attribute query */
|
||||
typedef struct apol_attr_query {} apol_attr_query_t;
|
||||
%extend apol_attr_query_t {
|
||||
- apol_attr_query_t() {
|
||||
+ apol_attr_query() {
|
||||
apol_attr_query_t *aq;
|
||||
BEGIN_EXCEPTION
|
||||
aq = apol_attr_query_create();
|
||||
@@ -705,7 +705,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
|
||||
fail:
|
||||
return aq;
|
||||
};
|
||||
- ~apol_attr_query_t() {
|
||||
+ ~apol_attr_query() {
|
||||
apol_attr_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t *);
|
||||
@@ -736,7 +736,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
|
||||
/* apol role query */
|
||||
typedef struct apol_role_query {} apol_role_query_t;
|
||||
%extend apol_role_query_t {
|
||||
- apol_role_query_t() {
|
||||
+ apol_role_query() {
|
||||
apol_role_query_t *rq;
|
||||
BEGIN_EXCEPTION
|
||||
rq = apol_role_query_create();
|
||||
@@ -747,7 +747,7 @@ typedef struct apol_role_query {} apol_role_query_t;
|
||||
fail:
|
||||
return rq;
|
||||
};
|
||||
- ~apol_role_query_t() {
|
||||
+ ~apol_role_query() {
|
||||
apol_role_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t *);
|
||||
@@ -788,7 +788,7 @@ int apol_role_has_type(apol_policy_t * p, qpol_role_t * r, qpol_type_t * t);
|
||||
/* apol class query */
|
||||
typedef struct apol_class_query {} apol_class_query_t;
|
||||
%extend apol_class_query_t {
|
||||
- apol_class_query_t() {
|
||||
+ apol_class_query() {
|
||||
apol_class_query_t *cq;
|
||||
BEGIN_EXCEPTION
|
||||
cq = apol_class_query_create();
|
||||
@@ -799,7 +799,7 @@ typedef struct apol_class_query {} apol_class_query_t;
|
||||
fail:
|
||||
return cq;
|
||||
};
|
||||
- ~apol_class_query_t() {
|
||||
+ ~apol_class_query() {
|
||||
apol_class_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -839,7 +839,7 @@ typedef struct apol_class_query {} apol_class_query_t;
|
||||
/* apol common query */
|
||||
typedef struct apol_common_query {} apol_common_query_t;
|
||||
%extend apol_common_query_t {
|
||||
- apol_common_query_t() {
|
||||
+ apol_common_query() {
|
||||
apol_common_query_t *cq;
|
||||
BEGIN_EXCEPTION
|
||||
cq = apol_common_query_create();
|
||||
@@ -850,7 +850,7 @@ typedef struct apol_common_query {} apol_common_query_t;
|
||||
fail:
|
||||
return cq;
|
||||
};
|
||||
- ~apol_common_query_t() {
|
||||
+ ~apol_common_query() {
|
||||
apol_common_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -881,7 +881,7 @@ typedef struct apol_common_query {} apol_common_query_t;
|
||||
/* apol perm query */
|
||||
typedef struct apol_perm_query {} apol_perm_query_t;
|
||||
%extend apol_perm_query_t {
|
||||
- apol_perm_query_t() {
|
||||
+ apol_perm_query() {
|
||||
apol_perm_query_t *pq;
|
||||
BEGIN_EXCEPTION
|
||||
pq = apol_perm_query_create();
|
||||
@@ -892,7 +892,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
|
||||
fail:
|
||||
return pq;
|
||||
};
|
||||
- ~apol_perm_query_t() {
|
||||
+ ~apol_perm_query() {
|
||||
apol_perm_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -923,7 +923,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
|
||||
/* apol bool query */
|
||||
typedef struct apol_bool_query {} apol_bool_query_t;
|
||||
%extend apol_bool_query_t {
|
||||
- apol_bool_query_t() {
|
||||
+ apol_bool_query() {
|
||||
apol_bool_query_t *bq;
|
||||
BEGIN_EXCEPTION
|
||||
bq = apol_bool_query_create();
|
||||
@@ -934,7 +934,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
|
||||
fail:
|
||||
return bq;
|
||||
};
|
||||
- ~apol_bool_query_t() {
|
||||
+ ~apol_bool_query() {
|
||||
apol_bool_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -965,7 +965,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
|
||||
/* apol mls level */
|
||||
typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
%extend apol_mls_level_t {
|
||||
- apol_mls_level_t() {
|
||||
+ apol_mls_level() {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create();
|
||||
@@ -976,7 +976,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- apol_mls_level_t(apol_mls_level_t *in) {
|
||||
+ apol_mls_level(apol_mls_level_t *in) {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create_from_mls_level(in);
|
||||
@@ -987,7 +987,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- apol_mls_level_t(apol_policy_t *p, const char *str) {
|
||||
+ apol_mls_level(apol_policy_t *p, const char *str) {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create_from_string(p, str);
|
||||
@@ -998,7 +998,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- apol_mls_level_t(const char *str) {
|
||||
+ apol_mls_level(const char *str) {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create_from_literal(str);
|
||||
@@ -1009,7 +1009,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- apol_mls_level_t(apol_policy_t *p, qpol_mls_level_t *qml) {
|
||||
+ apol_mls_level(apol_policy_t *p, qpol_mls_level_t *qml) {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create_from_qpol_mls_level(p, qml);
|
||||
@@ -1020,7 +1020,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- apol_mls_level_t(apol_policy_t *p, qpol_level_t *ql) {
|
||||
+ apol_mls_level(apol_policy_t *p, qpol_level_t *ql) {
|
||||
apol_mls_level_t *aml;
|
||||
BEGIN_EXCEPTION
|
||||
aml = apol_mls_level_create_from_qpol_level_datum(p, ql);
|
||||
@@ -1031,7 +1031,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
|
||||
fail:
|
||||
return aml;
|
||||
};
|
||||
- ~apol_mls_level_t() {
|
||||
+ ~apol_mls_level() {
|
||||
apol_mls_level_destroy(&self);
|
||||
};
|
||||
void set_sens(apol_policy_t *p, char *sens) {
|
||||
@@ -1128,7 +1128,7 @@ int apol_mls_cats_compare(apol_policy_t * p, const char *cat1, const char *cat2)
|
||||
#endif
|
||||
typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
%extend apol_mls_range_t {
|
||||
- apol_mls_range_t() {
|
||||
+ apol_mls_range() {
|
||||
apol_mls_range_t *amr;
|
||||
BEGIN_EXCEPTION
|
||||
amr = apol_mls_range_create();
|
||||
@@ -1139,7 +1139,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
fail:
|
||||
return amr;
|
||||
};
|
||||
- apol_mls_range_t(apol_mls_range_t *in) {
|
||||
+ apol_mls_range(apol_mls_range_t *in) {
|
||||
apol_mls_range_t *amr;
|
||||
BEGIN_EXCEPTION
|
||||
amr = apol_mls_range_create_from_mls_range(in);
|
||||
@@ -1150,7 +1150,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
fail:
|
||||
return amr;
|
||||
};
|
||||
- apol_mls_range_t(apol_policy_t *p, const char *s) {
|
||||
+ apol_mls_range(apol_policy_t *p, const char *s) {
|
||||
apol_mls_range_t *amr;
|
||||
BEGIN_EXCEPTION
|
||||
amr = apol_mls_range_create_from_string(p, s);
|
||||
@@ -1161,7 +1161,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
fail:
|
||||
return amr;
|
||||
};
|
||||
- apol_mls_range_t(const char *s) {
|
||||
+ apol_mls_range(const char *s) {
|
||||
apol_mls_range_t *amr;
|
||||
BEGIN_EXCEPTION
|
||||
amr = apol_mls_range_create_from_literal(s);
|
||||
@@ -1172,7 +1172,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
fail:
|
||||
return amr;
|
||||
};
|
||||
- apol_mls_range_t(apol_policy_t *p, qpol_mls_range_t *in) {
|
||||
+ apol_mls_range(apol_policy_t *p, qpol_mls_range_t *in) {
|
||||
apol_mls_range_t *amr;
|
||||
BEGIN_EXCEPTION
|
||||
amr = apol_mls_range_create_from_qpol_mls_range(p, in);
|
||||
@@ -1183,7 +1183,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
|
||||
fail:
|
||||
return amr;
|
||||
};
|
||||
- ~apol_mls_range_t() {
|
||||
+ ~apol_mls_range() {
|
||||
apol_mls_range_destroy(&self);
|
||||
};
|
||||
void set_low(apol_policy_t *p, apol_mls_level_t *lvl) {
|
||||
@@ -1278,7 +1278,7 @@ int apol_mls_range_contain_subrange(apol_policy_t * p, const apol_mls_range_t *
|
||||
/* apol level query */
|
||||
typedef struct apol_level_query {} apol_level_query_t;
|
||||
%extend apol_level_query_t {
|
||||
- apol_level_query_t() {
|
||||
+ apol_level_query() {
|
||||
apol_level_query_t * alq;
|
||||
BEGIN_EXCEPTION
|
||||
alq = apol_level_query_create();
|
||||
@@ -1289,7 +1289,7 @@ typedef struct apol_level_query {} apol_level_query_t;
|
||||
fail:
|
||||
return alq;
|
||||
};
|
||||
- ~apol_level_query_t() {
|
||||
+ ~apol_level_query() {
|
||||
apol_level_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1329,7 +1329,7 @@ typedef struct apol_level_query {} apol_level_query_t;
|
||||
/* apol cat query */
|
||||
typedef struct apol_cat_query {} apol_cat_query_t;
|
||||
%extend apol_cat_query_t {
|
||||
- apol_cat_query_t() {
|
||||
+ apol_cat_query() {
|
||||
apol_cat_query_t * acq;
|
||||
BEGIN_EXCEPTION
|
||||
acq = apol_cat_query_create();
|
||||
@@ -1340,7 +1340,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
|
||||
fail:
|
||||
return acq;
|
||||
};
|
||||
- ~apol_cat_query_t() {
|
||||
+ ~apol_cat_query() {
|
||||
apol_cat_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t *);
|
||||
@@ -1379,7 +1379,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
|
||||
#endif
|
||||
typedef struct apol_user_query {} apol_user_query_t;
|
||||
%extend apol_user_query_t {
|
||||
- apol_user_query_t() {
|
||||
+ apol_user_query() {
|
||||
apol_user_query_t *auq;
|
||||
BEGIN_EXCEPTION
|
||||
auq = apol_user_query_create();
|
||||
@@ -1390,7 +1390,7 @@ typedef struct apol_user_query {} apol_user_query_t;
|
||||
fail:
|
||||
return auq;
|
||||
};
|
||||
- ~apol_user_query_t() {
|
||||
+ ~apol_user_query() {
|
||||
apol_user_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1448,7 +1448,7 @@ typedef struct apol_user_query {} apol_user_query_t;
|
||||
/* apol context */
|
||||
typedef struct apol_context {} apol_context_t;
|
||||
%extend apol_context_t {
|
||||
- apol_context_t() {
|
||||
+ apol_context() {
|
||||
apol_context_t *ctx;
|
||||
BEGIN_EXCEPTION
|
||||
ctx = apol_context_create();
|
||||
@@ -1459,7 +1459,7 @@ typedef struct apol_context {} apol_context_t;
|
||||
fail:
|
||||
return ctx;
|
||||
};
|
||||
- apol_context_t(apol_policy_t *p, qpol_context_t *in) {
|
||||
+ apol_context(apol_policy_t *p, qpol_context_t *in) {
|
||||
apol_context_t *ctx;
|
||||
BEGIN_EXCEPTION
|
||||
ctx = apol_context_create_from_qpol_context(p, in);
|
||||
@@ -1470,7 +1470,7 @@ typedef struct apol_context {} apol_context_t;
|
||||
fail:
|
||||
return ctx;
|
||||
};
|
||||
- apol_context_t(const char *str) {
|
||||
+ apol_context(const char *str) {
|
||||
apol_context_t *ctx;
|
||||
BEGIN_EXCEPTION
|
||||
ctx = apol_context_create_from_literal(str);
|
||||
@@ -1481,7 +1481,7 @@ typedef struct apol_context {} apol_context_t;
|
||||
fail:
|
||||
return ctx;
|
||||
};
|
||||
- ~apol_context_t() {
|
||||
+ ~apol_context() {
|
||||
apol_context_destroy(&self);
|
||||
};
|
||||
void set_user(apol_policy_t *p, char *name) {
|
||||
@@ -1583,7 +1583,7 @@ int apol_context_compare(apol_policy_t * p, apol_context_t * target, apol_contex
|
||||
/* apol constraint query */
|
||||
typedef struct apol_constraint_query {} apol_constraint_query_t;
|
||||
%extend apol_constraint_query_t {
|
||||
- apol_constraint_query_t() {
|
||||
+ apol_constraint_query() {
|
||||
apol_constraint_query_t *acq;
|
||||
BEGIN_EXCEPTION
|
||||
acq = apol_constraint_query_create();
|
||||
@@ -1594,7 +1594,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
|
||||
fail:
|
||||
return acq;
|
||||
};
|
||||
- ~apol_constraint_query_t() {
|
||||
+ ~apol_constraint_query() {
|
||||
apol_constraint_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1634,7 +1634,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
|
||||
/* apol validatetrans query */
|
||||
typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
|
||||
%extend apol_validatetrans_query_t {
|
||||
- apol_validatetrans_query_t() {
|
||||
+ apol_validatetrans_query() {
|
||||
apol_validatetrans_query_t *avq;
|
||||
BEGIN_EXCEPTION
|
||||
avq = apol_validatetrans_query_create();
|
||||
@@ -1645,7 +1645,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
|
||||
fail:
|
||||
return avq;
|
||||
};
|
||||
- ~apol_validatetrans_query_t() {
|
||||
+ ~apol_validatetrans_query() {
|
||||
apol_validatetrans_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1684,7 +1684,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
|
||||
#endif
|
||||
typedef struct apol_genfscon_query {} apol_genfscon_query_t;
|
||||
%extend apol_genfscon_query_t {
|
||||
- apol_genfscon_query_t() {
|
||||
+ apol_genfscon_query() {
|
||||
apol_genfscon_query_t *agq;
|
||||
BEGIN_EXCEPTION
|
||||
agq = apol_genfscon_query_create();
|
||||
@@ -1695,7 +1695,7 @@ typedef struct apol_genfscon_query {} apol_genfscon_query_t;
|
||||
fail:
|
||||
return agq;
|
||||
};
|
||||
- ~apol_genfscon_query_t() {
|
||||
+ ~apol_genfscon_query() {
|
||||
apol_genfscon_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1746,7 +1746,7 @@ char *apol_genfscon_render(apol_policy_t * p, qpol_genfscon_t * genfscon);
|
||||
/* apol fs_use query */
|
||||
typedef struct apol_fs_use_query {} apol_fs_use_query_t;
|
||||
%extend apol_fs_use_query_t {
|
||||
- apol_fs_use_query_t() {
|
||||
+ apol_fs_use_query() {
|
||||
apol_fs_use_query_t *afq;
|
||||
BEGIN_EXCEPTION
|
||||
afq = apol_fs_use_query_create();
|
||||
@@ -1757,7 +1757,7 @@ typedef struct apol_fs_use_query {} apol_fs_use_query_t;
|
||||
fail:
|
||||
return afq;
|
||||
};
|
||||
- ~apol_fs_use_query_t() {
|
||||
+ ~apol_fs_use_query() {
|
||||
apol_fs_use_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1799,7 +1799,7 @@ char *apol_fs_use_render(apol_policy_t * p, qpol_fs_use_t * fsuse);
|
||||
/* apol initial sid query */
|
||||
typedef struct apol_isid_query {} apol_isid_query_t;
|
||||
%extend apol_isid_query_t {
|
||||
- apol_isid_query_t() {
|
||||
+ apol_isid_query() {
|
||||
apol_isid_query_t *aiq;
|
||||
BEGIN_EXCEPTION
|
||||
aiq = apol_isid_query_create();
|
||||
@@ -1810,7 +1810,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
|
||||
fail:
|
||||
return aiq;
|
||||
};
|
||||
- ~apol_isid_query_t() {
|
||||
+ ~apol_isid_query() {
|
||||
apol_isid_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1841,7 +1841,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
|
||||
/* apol portcon query */
|
||||
typedef struct apol_portcon_query {} apol_portcon_query_t;
|
||||
%extend apol_portcon_query_t {
|
||||
- apol_portcon_query_t() {
|
||||
+ apol_portcon_query() {
|
||||
apol_portcon_query_t *apq;
|
||||
BEGIN_EXCEPTION
|
||||
apq = apol_portcon_query_create();
|
||||
@@ -1852,7 +1852,7 @@ typedef struct apol_portcon_query {} apol_portcon_query_t;
|
||||
fail:
|
||||
return apq;
|
||||
};
|
||||
- ~apol_portcon_query_t() {
|
||||
+ ~apol_portcon_query() {
|
||||
apol_portcon_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1885,7 +1885,7 @@ char *apol_portcon_render(apol_policy_t * p, qpol_portcon_t * portcon);
|
||||
/* apol netifcon query */
|
||||
typedef struct apol_netifcon_query {} apol_netifcon_query_t;
|
||||
%extend apol_netifcon_query_t {
|
||||
- apol_netifcon_query_t() {
|
||||
+ apol_netifcon_query() {
|
||||
apol_netifcon_query_t *anq;
|
||||
BEGIN_EXCEPTION
|
||||
anq = apol_netifcon_query_create();
|
||||
@@ -1896,7 +1896,7 @@ typedef struct apol_netifcon_query {} apol_netifcon_query_t;
|
||||
fail:
|
||||
return anq;
|
||||
};
|
||||
- ~apol_netifcon_query_t() {
|
||||
+ ~apol_netifcon_query() {
|
||||
apol_netifcon_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -1932,7 +1932,7 @@ char *apol_netifcon_render(apol_policy_t * p, qpol_netifcon_t * netifcon);
|
||||
/* apol nodecon query */
|
||||
typedef struct apol_nodecon_query {} apol_nodecon_query_t;
|
||||
%extend apol_nodecon_query_t {
|
||||
- apol_nodecon_query_t() {
|
||||
+ apol_nodecon_query() {
|
||||
apol_nodecon_query_t *anq;
|
||||
BEGIN_EXCEPTION
|
||||
anq = apol_nodecon_query_create();
|
||||
@@ -1943,7 +1943,7 @@ typedef struct apol_nodecon_query {} apol_nodecon_query_t;
|
||||
fail:
|
||||
return anq;
|
||||
};
|
||||
- ~apol_nodecon_query_t() {
|
||||
+ ~apol_nodecon_query() {
|
||||
apol_nodecon_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2012,7 +2012,7 @@ char *apol_nodecon_render(apol_policy_t * p, qpol_nodecon_t * nodecon);
|
||||
/* apol avrule query */
|
||||
typedef struct apol_avrule_query {} apol_avrule_query_t;
|
||||
%extend apol_avrule_query_t {
|
||||
- apol_avrule_query_t() {
|
||||
+ apol_avrule_query() {
|
||||
apol_avrule_query_t *avq;
|
||||
BEGIN_EXCEPTION
|
||||
avq = apol_avrule_query_create();
|
||||
@@ -2023,7 +2023,7 @@ typedef struct apol_avrule_query {} apol_avrule_query_t;
|
||||
fail:
|
||||
return avq;
|
||||
};
|
||||
- ~apol_avrule_query_t() {
|
||||
+ ~apol_avrule_query() {
|
||||
apol_avrule_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2163,7 +2163,7 @@ char *apol_syn_avrule_render(apol_policy_t * policy, qpol_syn_avrule_t * rule);
|
||||
/* apol terule query */
|
||||
typedef struct apol_terule_query {} apol_terule_query_t;
|
||||
%extend apol_terule_query_t {
|
||||
- apol_terule_query_t() {
|
||||
+ apol_terule_query() {
|
||||
apol_terule_query_t *atq;
|
||||
BEGIN_EXCEPTION
|
||||
atq = apol_terule_query_create();
|
||||
@@ -2174,7 +2174,7 @@ typedef struct apol_terule_query {} apol_terule_query_t;
|
||||
fail:
|
||||
return atq;
|
||||
};
|
||||
- ~apol_terule_query_t() {
|
||||
+ ~apol_terule_query() {
|
||||
apol_terule_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2287,7 +2287,7 @@ apol_vector_t *apol_terule_list_to_syn_terules(apol_policy_t * p, apol_vector_t
|
||||
/* apol cond rule query */
|
||||
typedef struct apol_cond_query {} apol_cond_query_t;
|
||||
%extend apol_cond_query_t {
|
||||
- apol_cond_query_t() {
|
||||
+ apol_cond_query() {
|
||||
apol_cond_query_t *acq;
|
||||
BEGIN_EXCEPTION
|
||||
acq = apol_cond_query_create();
|
||||
@@ -2298,7 +2298,7 @@ typedef struct apol_cond_query {} apol_cond_query_t;
|
||||
fail:
|
||||
return acq;
|
||||
};
|
||||
- ~apol_cond_query_t() {
|
||||
+ ~apol_cond_query() {
|
||||
apol_cond_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2331,7 +2331,7 @@ char *apol_cond_expr_render(apol_policy_t * p, qpol_cond_t * cond);
|
||||
/* apol role allow query */
|
||||
typedef struct apol_role_allow_query {} apol_role_allow_query_t;
|
||||
%extend apol_role_allow_query_t {
|
||||
- apol_role_allow_query_t() {
|
||||
+ apol_role_allow_query() {
|
||||
apol_role_allow_query_t *arq;
|
||||
BEGIN_EXCEPTION
|
||||
arq = apol_role_allow_query_create();
|
||||
@@ -2342,7 +2342,7 @@ typedef struct apol_role_allow_query {} apol_role_allow_query_t;
|
||||
fail:
|
||||
return arq;
|
||||
};
|
||||
- ~apol_role_allow_query_t() {
|
||||
+ ~apol_role_allow_query() {
|
||||
apol_role_allow_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2387,7 +2387,7 @@ char *apol_role_allow_render(apol_policy_t * policy, qpol_role_allow_t * rule);
|
||||
/* apol role transition rule query */
|
||||
typedef struct apol_role_trans_query {} apol_role_trans_query_t;
|
||||
%extend apol_role_trans_query_t {
|
||||
- apol_role_trans_query_t() {
|
||||
+ apol_role_trans_query() {
|
||||
apol_role_trans_query_t *arq;
|
||||
BEGIN_EXCEPTION
|
||||
arq = apol_role_trans_query_create();
|
||||
@@ -2398,7 +2398,7 @@ typedef struct apol_role_trans_query {} apol_role_trans_query_t;
|
||||
fail:
|
||||
return arq;
|
||||
};
|
||||
- ~apol_role_trans_query_t() {
|
||||
+ ~apol_role_trans_query() {
|
||||
apol_role_trans_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2452,7 +2452,7 @@ char *apol_role_trans_render(apol_policy_t * policy, qpol_role_trans_t * rule);
|
||||
/* apol range transition rule query */
|
||||
typedef struct apol_range_trans_query {} apol_range_trans_query_t;
|
||||
%extend apol_range_trans_query_t {
|
||||
- apol_range_trans_query_t() {
|
||||
+ apol_range_trans_query() {
|
||||
apol_range_trans_query_t *arq;
|
||||
BEGIN_EXCEPTION
|
||||
arq = apol_range_trans_query_create();
|
||||
@@ -2463,7 +2463,7 @@ typedef struct apol_range_trans_query {} apol_range_trans_query_t;
|
||||
fail:
|
||||
return arq;
|
||||
};
|
||||
- ~apol_range_trans_query_t() {
|
||||
+ ~apol_range_trans_query() {
|
||||
apol_range_trans_query_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2531,7 +2531,7 @@ char *apol_range_trans_render(apol_policy_t * policy, qpol_range_trans_t * rule)
|
||||
#define APOL_DOMAIN_TRANS_SEARCH_BOTH (APOL_DOMAIN_TRANS_SEARCH_VALID|APOL_DOMAIN_TRANS_SEARCH_INVALID)
|
||||
typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
|
||||
%extend apol_domain_trans_analysis_t {
|
||||
- apol_domain_trans_analysis_t() {
|
||||
+ apol_domain_trans_analysis() {
|
||||
apol_domain_trans_analysis_t *dta;
|
||||
BEGIN_EXCEPTION
|
||||
dta = apol_domain_trans_analysis_create();
|
||||
@@ -2542,7 +2542,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
|
||||
fail:
|
||||
return dta;
|
||||
};
|
||||
- ~apol_domain_trans_analysis_t() {
|
||||
+ ~apol_domain_trans_analysis() {
|
||||
apol_domain_trans_analysis_destroy(&self);
|
||||
};
|
||||
void set_direction(apol_policy_t *p, int direction) {
|
||||
@@ -2622,7 +2622,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
|
||||
};
|
||||
typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
|
||||
%extend apol_domain_trans_result_t {
|
||||
- apol_domain_trans_result_t(apol_domain_trans_result_t *in) {
|
||||
+ apol_domain_trans_result(apol_domain_trans_result_t *in) {
|
||||
apol_domain_trans_result_t *dtr;
|
||||
BEGIN_EXCEPTION
|
||||
dtr = apol_domain_trans_result_create_from_domain_trans_result(in);
|
||||
@@ -2633,7 +2633,7 @@ typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
|
||||
fail:
|
||||
return dtr;
|
||||
};
|
||||
- ~apol_domain_trans_result_t() {
|
||||
+ ~apol_domain_trans_result() {
|
||||
apol_domain_trans_result_destroy(&self);
|
||||
};
|
||||
const qpol_type_t *get_start_type() {
|
||||
@@ -2705,14 +2705,14 @@ int apol_domain_trans_table_verify_trans(apol_policy_t * policy, qpol_type_t * s
|
||||
%}
|
||||
typedef struct apol_infoflow {} apol_infoflow_t;
|
||||
%extend apol_infoflow_t {
|
||||
- apol_infoflow_t() {
|
||||
+ apol_infoflow() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_infoflow_t() {
|
||||
+ ~apol_infoflow() {
|
||||
apol_infoflow_destroy(&self);
|
||||
};
|
||||
%newobject extract_graph();
|
||||
@@ -2730,7 +2730,7 @@ typedef struct apol_infoflow {} apol_infoflow_t;
|
||||
};
|
||||
typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
|
||||
%extend apol_infoflow_analysis_t {
|
||||
- apol_infoflow_analysis_t() {
|
||||
+ apol_infoflow_analysis() {
|
||||
apol_infoflow_analysis_t *aia;
|
||||
BEGIN_EXCEPTION
|
||||
aia = apol_infoflow_analysis_create();
|
||||
@@ -2741,7 +2741,7 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
|
||||
fail:
|
||||
return aia;
|
||||
};
|
||||
- ~apol_infoflow_analysis_t() {
|
||||
+ ~apol_infoflow_analysis() {
|
||||
apol_infoflow_analysis_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -2823,14 +2823,14 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
|
||||
};
|
||||
typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
|
||||
%extend apol_infoflow_graph_t {
|
||||
- apol_infoflow_graph_t() {
|
||||
+ apol_infoflow_graph() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_graph_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_infoflow_graph_t() {
|
||||
+ ~apol_infoflow_graph() {
|
||||
apol_infoflow_graph_destroy(&self);
|
||||
};
|
||||
%newobject do_more(apol_policy_t*, char*);
|
||||
@@ -2867,14 +2867,14 @@ typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
|
||||
};
|
||||
typedef struct apol_infoflow_result {} apol_infoflow_result_t;
|
||||
%extend apol_infoflow_result_t {
|
||||
- apol_infoflow_result_t() {
|
||||
+ apol_infoflow_result() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_result_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_infoflow_result_t() {
|
||||
+ ~apol_infoflow_result() {
|
||||
/* no op - vector will destroy */
|
||||
return;
|
||||
};
|
||||
@@ -2901,14 +2901,14 @@ typedef struct apol_infoflow_result {} apol_infoflow_result_t;
|
||||
%}
|
||||
typedef struct apol_infoflow_step {} apol_infoflow_step_t;
|
||||
%extend apol_infoflow_step_t {
|
||||
- apol_infoflow_step_t() {
|
||||
+ apol_infoflow_step() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_step_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_infoflow_step_t() {
|
||||
+ ~apol_infoflow_step() {
|
||||
/* no op */
|
||||
return;
|
||||
};
|
||||
@@ -2938,7 +2938,7 @@ typedef struct apol_infoflow_step {} apol_infoflow_step_t;
|
||||
#define APOL_RELABEL_DIR_SUBJECT 0x04
|
||||
typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
|
||||
%extend apol_relabel_analysis_t {
|
||||
- apol_relabel_analysis_t() {
|
||||
+ apol_relabel_analysis() {
|
||||
apol_relabel_analysis_t *ara;
|
||||
BEGIN_EXCEPTION
|
||||
ara = apol_relabel_analysis_create();
|
||||
@@ -2949,7 +2949,7 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
|
||||
fail:
|
||||
return ara;
|
||||
};
|
||||
- ~apol_relabel_analysis_t() {
|
||||
+ ~apol_relabel_analysis() {
|
||||
apol_relabel_analysis_destroy(&self);
|
||||
};
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -3011,14 +3011,14 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
|
||||
};
|
||||
typedef struct apol_relabel_result {} apol_relabel_result_t;
|
||||
%extend apol_relabel_result_t {
|
||||
- apol_relabel_result_t() {
|
||||
+ apol_relabel_result() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_relabel_result_t() {
|
||||
+ ~apol_relabel_result() {
|
||||
/* no op - vector will destroy */
|
||||
return;
|
||||
};
|
||||
@@ -3042,14 +3042,14 @@ typedef struct apol_relabel_result {} apol_relabel_result_t;
|
||||
%}
|
||||
typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
|
||||
%extend apol_relabel_result_pair_t {
|
||||
- apol_relabel_result_pair_t() {
|
||||
+ apol_relabel_result_pair() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_pair_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_relabel_result_pair_t() {
|
||||
+ ~apol_relabel_result_pair() {
|
||||
/* no op - owned and free()'d by apol_relabel_result_t */
|
||||
return;
|
||||
};
|
||||
@@ -3084,7 +3084,7 @@ typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
|
||||
#define APOL_TYPES_RELATION_TRANS_FLOW_BA 0x8000
|
||||
typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
|
||||
%extend apol_types_relation_analysis_t {
|
||||
- apol_types_relation_analysis_t() {
|
||||
+ apol_types_relation_analysis() {
|
||||
apol_types_relation_analysis_t *atr;
|
||||
BEGIN_EXCEPTION
|
||||
atr = apol_types_relation_analysis_create();
|
||||
@@ -3095,7 +3095,7 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
|
||||
fail:
|
||||
return atr;
|
||||
};
|
||||
- ~apol_types_relation_analysis_t() {
|
||||
+ ~apol_types_relation_analysis() {
|
||||
apol_types_relation_analysis_destroy(&self);
|
||||
}
|
||||
%newobject run(apol_policy_t*);
|
||||
@@ -3139,14 +3139,14 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
|
||||
};
|
||||
typedef struct apol_types_relation_result {} apol_types_relation_result_t;
|
||||
%extend apol_types_relation_result_t {
|
||||
- apol_types_relation_result_t() {
|
||||
+ apol_types_relation_result() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_result_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_types_relation_result_t() {
|
||||
+ ~apol_types_relation_result() {
|
||||
apol_types_relation_result_destroy(&self);
|
||||
};
|
||||
const apol_vector_t *get_attributes() {
|
||||
@@ -3194,14 +3194,14 @@ typedef struct apol_types_relation_result {} apol_types_relation_result_t;
|
||||
};
|
||||
typedef struct apol_types_relation_access {} apol_types_relation_access_t;
|
||||
%extend apol_types_relation_access_t {
|
||||
- apol_types_relation_access_t() {
|
||||
+ apol_types_relation_access() {
|
||||
BEGIN_EXCEPTION
|
||||
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_access_t objects");
|
||||
END_EXCEPTION
|
||||
fail:
|
||||
return NULL;
|
||||
};
|
||||
- ~apol_types_relation_access_t() {
|
||||
+ ~apol_types_relation_access() {
|
||||
/* no op - vector will destroy */
|
||||
return;
|
||||
};
|
||||
--
|
||||
1.8.5.3
|
||||
|
154
0011-Fix-Wformat-security-issues.patch
Normal file
154
0011-Fix-Wformat-security-issues.patch
Normal file
@ -0,0 +1,154 @@
|
||||
From 32ede3cc817ee4f6806877a34a6c84ed50c31df7 Mon Sep 17 00:00:00 2001
|
||||
From: Miroslav Grepl <mgrepl@redhat.com>
|
||||
Date: Fri, 11 Apr 2014 18:49:33 +0200
|
||||
Subject: [PATCH 11/11] Fix -Wformat-security issues
|
||||
|
||||
---
|
||||
libseaudit/src/bool_message.c | 4 ++--
|
||||
libseaudit/src/filter.c | 2 +-
|
||||
libseaudit/src/model.c | 2 +-
|
||||
seaudit/progress.c | 4 ++--
|
||||
seaudit/toplevel.c | 2 +-
|
||||
seaudit/utilgui.c | 2 +-
|
||||
sediff/progress.c | 4 ++--
|
||||
sediff/toplevel.c | 2 +-
|
||||
sediff/utilgui.c | 2 +-
|
||||
9 files changed, 12 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/libseaudit/src/bool_message.c b/libseaudit/src/bool_message.c
|
||||
index f105cf0..d5b1e33 100644
|
||||
--- a/libseaudit/src/bool_message.c
|
||||
+++ b/libseaudit/src/bool_message.c
|
||||
@@ -101,7 +101,7 @@ char *bool_message_to_string(const seaudit_message_t * msg, const char *date)
|
||||
return NULL;
|
||||
}
|
||||
if ((misc_string = bool_message_to_misc_string(boolm)) == NULL ||
|
||||
- apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) {
|
||||
+ apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) {
|
||||
free(misc_string);
|
||||
return NULL;
|
||||
}
|
||||
@@ -128,7 +128,7 @@ char *bool_message_to_string_html(const seaudit_message_t * msg, const char *dat
|
||||
return NULL;
|
||||
}
|
||||
if ((misc_string = bool_message_to_misc_string(boolm)) == NULL ||
|
||||
- apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s<br>", s, close_brace) < 0) {
|
||||
+ apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s<br>", s, close_brace) < 0) {
|
||||
free(misc_string);
|
||||
return NULL;
|
||||
}
|
||||
diff --git a/libseaudit/src/filter.c b/libseaudit/src/filter.c
|
||||
index 298a309..c710ce4 100644
|
||||
--- a/libseaudit/src/filter.c
|
||||
+++ b/libseaudit/src/filter.c
|
||||
@@ -1108,7 +1108,7 @@ int seaudit_filter_save_to_file(const seaudit_filter_t * filter, const char *fil
|
||||
if ((file = fopen(filename, "w")) == NULL) {
|
||||
return -1;
|
||||
}
|
||||
- fprintf(file, XML_VER);
|
||||
+ fprintf(file, "%s", XML_VER);
|
||||
fprintf(file, "<view xmlns=\"http://oss.tresys.com/projects/setools/seaudit-%s/\">\n", FILTER_FILE_FORMAT_VERSION);
|
||||
filter_append_to_file(filter, file, 1);
|
||||
fprintf(file, "</view>\n");
|
||||
diff --git a/libseaudit/src/model.c b/libseaudit/src/model.c
|
||||
index 1bc4a23..4a130cb 100644
|
||||
--- a/libseaudit/src/model.c
|
||||
+++ b/libseaudit/src/model.c
|
||||
@@ -514,7 +514,7 @@ int seaudit_model_save_to_file(const seaudit_model_t * model, const char *filena
|
||||
if ((file = fopen(filename, "w")) == NULL) {
|
||||
return -1;
|
||||
}
|
||||
- fprintf(file, XML_VER);
|
||||
+ fprintf(file, "%s", XML_VER);
|
||||
fprintf(file, "<view xmlns=\"http://oss.tresys.com/projects/setools/seaudit-%s/\" name=\"%s\" match=\"%s\" show=\"%s\">\n",
|
||||
FILTER_FILE_FORMAT_VERSION, model->name,
|
||||
model->match == SEAUDIT_FILTER_MATCH_ALL ? "all" : "any",
|
||||
diff --git a/seaudit/progress.c b/seaudit/progress.c
|
||||
index 2e0abeb..f092858 100644
|
||||
--- a/seaudit/progress.c
|
||||
+++ b/seaudit/progress.c
|
||||
@@ -114,10 +114,10 @@ int progress_wait(progress_t * progress)
|
||||
}
|
||||
g_mutex_unlock(progress->mutex);
|
||||
if (progress->done < 0) {
|
||||
- toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label);
|
||||
+ toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label);
|
||||
return progress->done;
|
||||
} else if (progress->done > 1) {
|
||||
- toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label);
|
||||
+ toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label);
|
||||
return progress->done - 1;
|
||||
} else {
|
||||
progress->done = 0;
|
||||
diff --git a/seaudit/toplevel.c b/seaudit/toplevel.c
|
||||
index d901a99..27938d5 100644
|
||||
--- a/seaudit/toplevel.c
|
||||
+++ b/seaudit/toplevel.c
|
||||
@@ -902,7 +902,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch
|
||||
ERR(NULL, "%s", strerror(errno));
|
||||
return;
|
||||
}
|
||||
- dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
|
||||
+ dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
|
||||
free(msg);
|
||||
gtk_dialog_run(GTK_DIALOG(dialog));
|
||||
gtk_widget_destroy(dialog);
|
||||
diff --git a/seaudit/utilgui.c b/seaudit/utilgui.c
|
||||
index 22028e1..78a1a08 100644
|
||||
--- a/seaudit/utilgui.c
|
||||
+++ b/seaudit/utilgui.c
|
||||
@@ -30,7 +30,7 @@
|
||||
void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg)
|
||||
{
|
||||
GtkWidget *dialog;
|
||||
- dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
|
||||
+ dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
|
||||
gtk_dialog_run(GTK_DIALOG(dialog));
|
||||
gtk_widget_destroy(dialog);
|
||||
}
|
||||
diff --git a/sediff/progress.c b/sediff/progress.c
|
||||
index efaa120..312789e 100644
|
||||
--- a/sediff/progress.c
|
||||
+++ b/sediff/progress.c
|
||||
@@ -115,10 +115,10 @@ int progress_wait(progress_t * progress)
|
||||
}
|
||||
g_mutex_unlock(progress->mutex);
|
||||
if (progress->done < 0) {
|
||||
- toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label);
|
||||
+ toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label);
|
||||
return progress->done;
|
||||
} else if (progress->done > 1) {
|
||||
- toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label);
|
||||
+ toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label);
|
||||
return progress->done - 1;
|
||||
} else {
|
||||
progress->done = 0;
|
||||
diff --git a/sediff/toplevel.c b/sediff/toplevel.c
|
||||
index db6d1f5..aabd039 100644
|
||||
--- a/sediff/toplevel.c
|
||||
+++ b/sediff/toplevel.c
|
||||
@@ -453,7 +453,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch
|
||||
ERR(NULL, "%s", strerror(errno));
|
||||
return;
|
||||
}
|
||||
- dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
|
||||
+ dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
|
||||
free(msg);
|
||||
gtk_dialog_run(GTK_DIALOG(dialog));
|
||||
gtk_widget_destroy(dialog);
|
||||
diff --git a/sediff/utilgui.c b/sediff/utilgui.c
|
||||
index 04e1e05..9e183ba 100644
|
||||
--- a/sediff/utilgui.c
|
||||
+++ b/sediff/utilgui.c
|
||||
@@ -31,7 +31,7 @@
|
||||
void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg)
|
||||
{
|
||||
GtkWidget *dialog;
|
||||
- dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
|
||||
+ dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
|
||||
gtk_dialog_run(GTK_DIALOG(dialog));
|
||||
gtk_widget_destroy(dialog);
|
||||
}
|
||||
--
|
||||
1.8.5.3
|
||||
|
59
setools.spec
59
setools.spec
@ -1,9 +1,9 @@
|
||||
%define setools_maj_ver 3.3
|
||||
%define setools_min_ver 7
|
||||
%define setools_min_ver 8
|
||||
|
||||
Name: setools
|
||||
Version: %{setools_maj_ver}.%{setools_min_ver}
|
||||
Release: 41%{?dist}
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2
|
||||
URL: http://oss.tresys.com/projects/setools
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
||||
@ -11,21 +11,17 @@ Source: http://oss.tresys.com/projects/setools/chrome/site/dists/setools-%{versi
|
||||
Source1: setools.pam
|
||||
Source2: apol.desktop
|
||||
Source3: seaudit.desktop
|
||||
Patch2: 0002-setools-should-exit-with-an-error-status-if-it-gets-.patch
|
||||
Patch3: 0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch
|
||||
Patch4: 0004-Fix-man-pages-and-getoptions.patch
|
||||
Patch5: 0005-Fix-sepol-calls-to-work-with-latest-libsepol.patch
|
||||
Patch6: 0006-Changes-to-support-named-file_trans-rules.patch
|
||||
Patch7: 0007-Remove-unused-variables.patch
|
||||
Patch8: 0008-Fix-output-to-match-policy-lines.patch
|
||||
Patch9: 0009-Fix-swig-coding-style-for-structures.patch
|
||||
Patch10: 0010-selinux_current_policy_path.patch
|
||||
Patch11: 0011-setools-noship.patch
|
||||
Patch12: 0012-seaudit.patch
|
||||
Patch13: 0013-swig.patch
|
||||
Patch14: 0014-boolsub.patch
|
||||
Patch15: 0015-aliases.patch
|
||||
Patch16: 0016-cmdline.patch
|
||||
Patch1: 0001-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch
|
||||
Patch2: 0002-Fix-sepol-calls-to-work-with-latest-libsepol.patch
|
||||
Patch3: 0003-mgrepl-patch-to-Fix-swig-coding-style-for-structures.patch
|
||||
Patch4: 0004-Apply-selinux_current_policy_path-patch.patch
|
||||
Patch5: 0005-Apply-seaudit-patch-for-progress.c.patch
|
||||
Patch6: 0006-Add-support-for-boolean-subs.patch
|
||||
Patch7: 0007-Setools-noship.patch
|
||||
Patch8: 0008-Add-alias-support-to-seinfo-t.patch
|
||||
Patch9: 0009-Fix-help-message-on-sesearch-D.patch
|
||||
Patch10: 0010-Apply-swig-patch-to-make-apol-work-again.patch
|
||||
Patch11: 0011-Fix-Wformat-security-issues.patch
|
||||
|
||||
Summary: Policy analysis tools for SELinux
|
||||
Group: System Environment/Base
|
||||
@ -153,21 +149,17 @@ This package includes the following graphical tools:
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch2 -p 1 -b .exitstatus
|
||||
%patch3 -p 1 -b .neverallow
|
||||
%patch4 -p 1 -b .manpage
|
||||
%patch5 -p 1 -b .libsepol
|
||||
%patch6 -p 1 -b .filenametrans
|
||||
%patch7 -p 1 -b .unused
|
||||
%patch8 -p 1 -b .fixoutput
|
||||
%patch9 -p 1 -b .fixswig
|
||||
%patch10 -p 1 -b .current
|
||||
%patch11 -p 1 -b .noship
|
||||
%patch12 -p 1 -b .seaudit
|
||||
%patch13 -p 1 -b .swig
|
||||
%patch14 -p 2 -b .boolsub
|
||||
%patch15 -p 1 -b .aliases
|
||||
%patch16 -p 1 -b .cmdline
|
||||
%patch1 -p 1 -b .neverallow
|
||||
%patch2 -p 1 -b .libsepol
|
||||
%patch3 -p 1 -b .swig
|
||||
%patch4 -p 1 -b .current_policy
|
||||
%patch5 -p 1 -b .seaudit
|
||||
%patch6 -p 1 -b .boolean-subs
|
||||
%patch7 -p 1 -b .noship
|
||||
%patch8 -p 1 -b .seinfo-t
|
||||
%patch9 -p 1 -b .sesearch-D
|
||||
%patch10 -p 1 -b .wig-patch
|
||||
%patch11 -p 1 -b .Wformat-security
|
||||
%ifarch sparc sparcv9 sparc64 s390 s390x
|
||||
for file in `find . -name Makefile.am`; do
|
||||
sed -i -e 's:-fpic:-fPIC:' $file;
|
||||
@ -284,6 +276,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%postun libs-tcl -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Fri Apr 11 2013 Miroslav Grepl <mgrepl@redhat.com> - 3.3.8-1
|
||||
- Update to upstream
|
||||
|
||||
* Mon Sep 16 2013 Dan Walsh <dwalsh@redhat.com> - 3.3.7-41
|
||||
- Cleanup Destop files.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user