SETools 4.3.0 release
- Revised sediff method for TE rules. This drastically reduced memory and run time. - Added infiniband context support to seinfo, sediff, and apol. - Added apol configuration for location of Qt assistant. - Fixed sediff issue where properties header would display when not requested. - Fixed sediff issue with type_transition file name comparison. - Fixed permission map socket sendto information flow direction. - Added methods to TypeAttribute class to make it a complete Python collection. - Genfscon now will look up classes rather than using fixed values which were dropped from libsepol.
This commit is contained in:
parent
bb087c8236
commit
7a283c335f
1
.gitignore
vendored
1
.gitignore
vendored
@ -8,3 +8,4 @@ setools-3.3.8-f1e5b20.tar.bz2
|
|||||||
/4.2.0.tar.gz
|
/4.2.0.tar.gz
|
||||||
/4.2.1.tar.gz
|
/4.2.1.tar.gz
|
||||||
/4.2.2.tar.gz
|
/4.2.2.tar.gz
|
||||||
|
/4.3.0.tar.gz
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From b960869bcbcb58f2ce9af598484f209935c096b0 Mon Sep 17 00:00:00 2001
|
From 0575455a0abda5ee63c442433384268a959c4fbc Mon Sep 17 00:00:00 2001
|
||||||
From: Vit Mojzis <vmojzis@redhat.com>
|
From: Vit Mojzis <vmojzis@redhat.com>
|
||||||
Date: Fri, 26 Apr 2019 15:27:25 +0200
|
Date: Fri, 26 Apr 2019 15:27:25 +0200
|
||||||
Subject: [PATCH 3/3] Do not export/use setools.InfoFlowAnalysis and
|
Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and
|
||||||
setools.DomainTransitionAnalysis
|
setools.DomainTransitionAnalysis
|
||||||
|
|
||||||
dta and infoflow modules require networkx which brings lot of dependencies.
|
dta and infoflow modules require networkx which brings lot of dependencies.
|
||||||
@ -22,7 +22,7 @@ sedta and seinfoflow to require python3-networkx
|
|||||||
7 files changed, 8 insertions(+), 12 deletions(-)
|
7 files changed, 8 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
diff --git a/sedta b/sedta
|
diff --git a/sedta b/sedta
|
||||||
index 60861ca..41e38a2 100755
|
index 60861ca630a5..41e38a237b42 100755
|
||||||
--- a/sedta
|
--- a/sedta
|
||||||
+++ b/sedta
|
+++ b/sedta
|
||||||
@@ -22,7 +22,7 @@ import argparse
|
@@ -22,7 +22,7 @@ import argparse
|
||||||
@ -44,7 +44,7 @@ index 60861ca..41e38a2 100755
|
|||||||
if args.shortest_path or args.all_paths:
|
if args.shortest_path or args.all_paths:
|
||||||
if args.shortest_path:
|
if args.shortest_path:
|
||||||
diff --git a/seinfoflow b/seinfoflow
|
diff --git a/seinfoflow b/seinfoflow
|
||||||
index 97b14ba..e7f965d 100755
|
index f10c39de4d8e..fee749a83bb5 100755
|
||||||
--- a/seinfoflow
|
--- a/seinfoflow
|
||||||
+++ b/seinfoflow
|
+++ b/seinfoflow
|
||||||
@@ -17,7 +17,7 @@
|
@@ -17,7 +17,7 @@
|
||||||
@ -56,20 +56,20 @@ index 97b14ba..e7f965d 100755
|
|||||||
import argparse
|
import argparse
|
||||||
import sys
|
import sys
|
||||||
import logging
|
import logging
|
||||||
@@ -81,7 +81,7 @@ else:
|
@@ -101,7 +101,7 @@ elif args.booleans is not None:
|
||||||
try:
|
try:
|
||||||
p = setools.SELinuxPolicy(args.policy)
|
p = setools.SELinuxPolicy(args.policy)
|
||||||
m = setools.PermissionMap(args.map)
|
m = setools.PermissionMap(args.map)
|
||||||
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||||
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||||
|
booleans=booleans)
|
||||||
|
|
||||||
if args.shortest_path or args.all_paths:
|
if args.shortest_path or args.all_paths:
|
||||||
if args.shortest_path:
|
|
||||||
diff --git a/setools/__init__.py b/setools/__init__.py
|
diff --git a/setools/__init__.py b/setools/__init__.py
|
||||||
index 7b70f5e..5a5f7fe 100644
|
index 26fa5aa34a19..b7e51c43c4bb 100644
|
||||||
--- a/setools/__init__.py
|
--- a/setools/__init__.py
|
||||||
+++ b/setools/__init__.py
|
+++ b/setools/__init__.py
|
||||||
@@ -73,12 +73,8 @@ from .pcideviceconquery import PcideviceconQuery
|
@@ -75,12 +75,8 @@ from .pcideviceconquery import PcideviceconQuery
|
||||||
from .devicetreeconquery import DevicetreeconQuery
|
from .devicetreeconquery import DevicetreeconQuery
|
||||||
|
|
||||||
# Information Flow Analysis
|
# Information Flow Analysis
|
||||||
@ -83,7 +83,7 @@ index 7b70f5e..5a5f7fe 100644
|
|||||||
from .diff import PolicyDifference
|
from .diff import PolicyDifference
|
||||||
|
|
||||||
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
||||||
index 4608b9d..2cde44c 100644
|
index 4608b9dbf34e..2cde44c142e9 100644
|
||||||
--- a/setoolsgui/apol/dta.py
|
--- a/setoolsgui/apol/dta.py
|
||||||
+++ b/setoolsgui/apol/dta.py
|
+++ b/setoolsgui/apol/dta.py
|
||||||
@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||||
@ -96,7 +96,7 @@ index 4608b9d..2cde44c 100644
|
|||||||
from ..logtosignal import LogHandlerToSignal
|
from ..logtosignal import LogHandlerToSignal
|
||||||
from .analysistab import AnalysisTab
|
from .analysistab import AnalysisTab
|
||||||
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
||||||
index 7bca299..7fee277 100644
|
index 7bca299d23fc..7fee2778f35f 100644
|
||||||
--- a/setoolsgui/apol/infoflow.py
|
--- a/setoolsgui/apol/infoflow.py
|
||||||
+++ b/setoolsgui/apol/infoflow.py
|
+++ b/setoolsgui/apol/infoflow.py
|
||||||
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||||
@ -109,7 +109,7 @@ index 7bca299..7fee277 100644
|
|||||||
|
|
||||||
from ..logtosignal import LogHandlerToSignal
|
from ..logtosignal import LogHandlerToSignal
|
||||||
diff --git a/tests/dta.py b/tests/dta.py
|
diff --git a/tests/dta.py b/tests/dta.py
|
||||||
index a0cc938..177e6fb 100644
|
index a0cc9381469c..177e6fb0b961 100644
|
||||||
--- a/tests/dta.py
|
--- a/tests/dta.py
|
||||||
+++ b/tests/dta.py
|
+++ b/tests/dta.py
|
||||||
@@ -18,7 +18,7 @@
|
@@ -18,7 +18,7 @@
|
||||||
@ -122,7 +122,7 @@ index a0cc938..177e6fb 100644
|
|||||||
from setools.exception import InvalidType
|
from setools.exception import InvalidType
|
||||||
from setools.policyrep import Type
|
from setools.policyrep import Type
|
||||||
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
||||||
index aa0e44a..fca2848 100644
|
index aa0e44a7e4f8..fca2848aeca5 100644
|
||||||
--- a/tests/infoflow.py
|
--- a/tests/infoflow.py
|
||||||
+++ b/tests/infoflow.py
|
+++ b/tests/infoflow.py
|
||||||
@@ -18,7 +18,7 @@
|
@@ -18,7 +18,7 @@
|
||||||
@ -135,5 +135,5 @@ index aa0e44a..fca2848 100644
|
|||||||
from setools.exception import InvalidType
|
from setools.exception import InvalidType
|
||||||
from setools.permmap import PermissionMap
|
from setools.permmap import PermissionMap
|
||||||
--
|
--
|
||||||
2.17.2
|
2.26.0.rc2
|
||||||
|
|
||||||
|
24
1003-Require-networkx-on-package-level.patch
Normal file
24
1003-Require-networkx-on-package-level.patch
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
From a2faa263c9dd8bcf51465861046e0406a84975c0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
Date: Thu, 2 Apr 2020 16:06:14 +0200
|
||||||
|
Subject: [PATCH] Require networkx on package level
|
||||||
|
|
||||||
|
It allows us to ship python3-setools without dependency on python3-networkx
|
||||||
|
---
|
||||||
|
setup.py | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/setup.py b/setup.py
|
||||||
|
index 457c83049ca5..4bfd438002bb 100644
|
||||||
|
--- a/setup.py
|
||||||
|
+++ b/setup.py
|
||||||
|
@@ -170,5 +170,5 @@ setup(name='setools',
|
||||||
|
# setup also requires libsepol and libselinux
|
||||||
|
# C libraries and headers to compile.
|
||||||
|
setup_requires=['setuptools', 'Cython>=0.27'],
|
||||||
|
- install_requires=['setuptools', 'networkx>=2.0']
|
||||||
|
+ install_requires=['setuptools']
|
||||||
|
)
|
||||||
|
--
|
||||||
|
2.26.0.rc2
|
||||||
|
|
24
setools.spec
24
setools.spec
@ -6,8 +6,8 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: setools
|
Name: setools
|
||||||
Version: 4.2.2
|
Version: 4.3.0
|
||||||
Release: 5%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
|
Release: 1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
|
||||||
Summary: Policy analysis tools for SELinux
|
Summary: Policy analysis tools for SELinux
|
||||||
|
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
@ -17,7 +17,7 @@ Source1: setools.pam
|
|||||||
Source2: apol.desktop
|
Source2: apol.desktop
|
||||||
Patch1001: 1001-Do-not-use-Werror-during-build.patch
|
Patch1001: 1001-Do-not-use-Werror-during-build.patch
|
||||||
Patch1002: 1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
|
Patch1002: 1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
|
||||||
|
Patch1003: 1003-Require-networkx-on-package-level.patch
|
||||||
Obsoletes: setools < 4.0.0, setools-devel < 4.0.0
|
Obsoletes: setools < 4.0.0, setools-devel < 4.0.0
|
||||||
BuildRequires: flex, bison
|
BuildRequires: flex, bison
|
||||||
BuildRequires: glibc-devel, gcc, git
|
BuildRequires: glibc-devel, gcc, git
|
||||||
@ -120,12 +120,17 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||||||
%{_mandir}/man1/sediff*
|
%{_mandir}/man1/sediff*
|
||||||
%{_mandir}/man1/seinfo*
|
%{_mandir}/man1/seinfo*
|
||||||
%{_mandir}/man1/sesearch*
|
%{_mandir}/man1/sesearch*
|
||||||
|
%{_mandir}/ru/man1/sediff*
|
||||||
|
%{_mandir}/ru/man1/seinfo*
|
||||||
|
%{_mandir}/ru/man1/sesearch*
|
||||||
|
|
||||||
%files console-analyses
|
%files console-analyses
|
||||||
%{_bindir}/sedta
|
%{_bindir}/sedta
|
||||||
%{_bindir}/seinfoflow
|
%{_bindir}/seinfoflow
|
||||||
%{_mandir}/man1/sedta*
|
%{_mandir}/man1/sedta*
|
||||||
%{_mandir}/man1/seinfoflow*
|
%{_mandir}/man1/seinfoflow*
|
||||||
|
%{_mandir}/ru/man1/sedta*
|
||||||
|
%{_mandir}/ru/man1/seinfoflow*
|
||||||
|
|
||||||
%files -n python3-setools
|
%files -n python3-setools
|
||||||
%license COPYING COPYING.GPL COPYING.LGPL
|
%license COPYING COPYING.GPL COPYING.LGPL
|
||||||
@ -136,8 +141,21 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||||||
%{_bindir}/apol
|
%{_bindir}/apol
|
||||||
%{python3_sitearch}/setoolsgui
|
%{python3_sitearch}/setoolsgui
|
||||||
%{_mandir}/man1/apol*
|
%{_mandir}/man1/apol*
|
||||||
|
%{_mandir}/ru/man1/apol*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Apr 2 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-1
|
||||||
|
- SETools 4.3.0 release
|
||||||
|
- Revised sediff method for TE rules. This drastically reduced memory and run time.
|
||||||
|
- Added infiniband context support to seinfo, sediff, and apol.
|
||||||
|
- Added apol configuration for location of Qt assistant.
|
||||||
|
- Fixed sediff issue where properties header would display when not requested.
|
||||||
|
- Fixed sediff issue with type_transition file name comparison.
|
||||||
|
- Fixed permission map socket sendto information flow direction.
|
||||||
|
- Added methods to TypeAttribute class to make it a complete Python collection.
|
||||||
|
- Genfscon now will look up classes rather than using fixed values which
|
||||||
|
were dropped from libsepol.
|
||||||
|
|
||||||
* Mon Mar 23 2020 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-5
|
* Mon Mar 23 2020 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-5
|
||||||
- setools requires -console, -console-analyses and -gui packages (#1794314)
|
- setools requires -console, -console-analyses and -gui packages (#1794314)
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (4.2.2.tar.gz) = 5044b04d0895ffe31557b3b71bb277ab49710a6066485c8f204ce7858abab259f973000f1fcfde0149ed4e33a50103984939dcc68ce322d70e9e927e81d4f798
|
SHA512 (4.3.0.tar.gz) = 93da43c4b577ff944f1c19ef40cfc51f6d1cb1efef582e467834300540a7af440b6ae9106f29d810963c74b0fb5953003304790a9143a7318e477d17fa7d536a
|
||||||
|
Loading…
Reference in New Issue
Block a user