From 82364982d79ca15a6ecdf3aba6c2b3bb95490284 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 27 Sep 2004 20:01:22 +0000 Subject: [PATCH] add setools patch and new desktop tools --- apol.console | 3 + apol.desktop | 12 +++ seaudit.console | 3 + seaudit.desktop | 12 +++ setools-rhat.patch | 200 ++++++++++++++++++++++++++++----------------- setools.spec | 50 +++++++++--- 6 files changed, 192 insertions(+), 88 deletions(-) create mode 100644 apol.console create mode 100644 apol.desktop create mode 100644 seaudit.console create mode 100644 seaudit.desktop diff --git a/apol.console b/apol.console new file mode 100644 index 0000000..17dacbf --- /dev/null +++ b/apol.console @@ -0,0 +1,3 @@ +USER=root +PROGRAM=/usr/sbin/apol +SESSION=true diff --git a/apol.desktop b/apol.desktop new file mode 100644 index 0000000..76379d2 --- /dev/null +++ b/apol.desktop @@ -0,0 +1,12 @@ +[Desktop Entry] +Name=APOL +GenericName=SELinux Policy Analysis Tool +Comment=This tool can examine, search, and relate policy components and policy rules +#Icon=/usr/share/pixmaps/apol.xpm +Exec=/usr/bin/apol +Type=Application +Terminal=false +Encoding=UTF-8 +Categories=SELinux;System;X-Red-Hat-Base;X-Red-Hat-ServerConfig; +X-Desktop-File-Install-Version=0.2 +StartupNotify=true diff --git a/seaudit.console b/seaudit.console new file mode 100644 index 0000000..52990b5 --- /dev/null +++ b/seaudit.console @@ -0,0 +1,3 @@ +USER=root +PROGRAM=/usr/sbin/seaudit +SESSION=true diff --git a/seaudit.desktop b/seaudit.desktop new file mode 100644 index 0000000..f5372e6 --- /dev/null +++ b/seaudit.desktop @@ -0,0 +1,12 @@ +[Desktop Entry] +Name=seaudit +GenericName=SELinux Audit Log Analysis Tool +Comment=The tool parses syslog files and extracts all policy , AVC and change of boolean messages. +#Icon=/usr/share/pixmaps/seaudit.xpm +Exec=/usr/bin/seaudit +Type=Application +Terminal=false +Encoding=UTF-8 +Categories=SELinux;System;X-Red-Hat-Base;X-Red-Hat-ServerConfig; +X-Desktop-File-Install-Version=0.2 +StartupNotify=true diff --git a/setools-rhat.patch b/setools-rhat.patch index 6130c0b..129dc01 100644 --- a/setools-rhat.patch +++ b/setools-rhat.patch @@ -1,5 +1,104 @@ +--- setools-1.4.1/apol/Makefile.rhat 2004-07-07 16:37:38.000000000 -0400 ++++ setools-1.4.1/apol/Makefile 2004-09-17 14:55:59.906697348 -0400 +@@ -17,7 +17,7 @@ + CFLAGS += -DSTARTUP_SCRIPT='"$(APOL_STARTUP_SCRIPT)"' + + apol: $(GUI-OBJ) apol.tcl +- $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) ++ $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux + + + apol.tcl: $(TCL-FILES) +@@ -45,7 +45,7 @@ + + + install: apol apol.tcl +- install -m 755 apol $(BINDIR) ++ install -m 755 apol $(SBINDIR) + @if [ -n $(INSTALL_LIBDIR) ]; then \ + for file in $(TCL-FILES); do \ + if [ -f $(INSTALL_LIBDIR)/$$file ]; then \ +@@ -54,6 +54,7 @@ + done \ + fi + install -m 644 apol.tcl $(APOL_HELP_FILES) $(APOL_PERM_MAPS) $(INSTALL_LIBDIR) ++ install -m 644 $(APOL_HELP_FILES) $(APOL_PERM_MAPS) ${INSTALL_HELPDIR} + cd $(INSTALL_LIBDIR); ln -sf $(APOL_DFLT_PMAP) apol_perm_mapping + + clean: +--- setools-1.4.1/seaudit/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 ++++ setools-1.4.1/seaudit/Makefile 2004-09-17 14:53:57.182637843 -0400 +@@ -22,7 +22,7 @@ + $(CC) $(CFLAGS) $(GTK_CFLAGS) $(INCLUDE) -c $< + + install: seaudit +- install -m 755 seaudit $(BINDIR) ++ install -m 755 seaudit $(SBINDIR) + install -m 644 $(GLADE_FILES) $(INSTALL_LIBDIR) + install -m 644 seaudit_help.txt $(INSTALL_LIBDIR) + install -m 444 dot_seaudit $(INSTALL_LIBDIR) +--- setools-1.4.1/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 ++++ setools-1.4.1/Makefile 2004-09-17 15:02:24.825557300 -0400 +@@ -25,8 +25,8 @@ + # File location defaults; used in various places in code + # Change these if you want different defaults + SELINUX_DIR = $(DESTDIR)/selinux +-SELINUX_POLICY_DIR = $(DESTDIR)/etc/security/selinux +-POLICY_INSTALL_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR) ++SELINUX_POLICY_DIR = $(DESTDIR)/etc/selinux/strict/ ++POLICY_INSTALL_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR)/policy + POLICY_SRC_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR)/src/policy + POLICY_SRC_FILE = $(POLICY_SRC_DIR)/policy.conf + DEFAULT_LOG_FILE = /var/log/messages +@@ -46,6 +46,7 @@ + # Install directories + # Binaries go here + BINDIR = $(DESTDIR)/usr/bin ++SBINDIR = $(DESTDIR)/usr/sbin + + + # The code uses the specified path below. If you change this, DO NOT add +@@ -66,7 +67,7 @@ + POLICYINSTALLDIRS = seuser + + # exports +-export CFLAGS CC YACC LEX LINKFLAGS BINDIR INSTALL_LIBDIR INSTALL_HELPDIR LIBS TCL_LIBINC TCL_LIBS MAKE ++export CFLAGS CC YACC LEX LINKFLAGS BINDIR SBINDIR INSTALL_LIBDIR INSTALL_HELPDIR LIBS TCL_LIBINC TCL_LIBS MAKE + export SELINUX_DIR POLICY_INSTALL_DIR POLICY_SRC_DIR SRC_POLICY_DIR POLICY_SRC_FILE DEFAULT_LOG_FILE + export SHARED_LIB_INSTALL_DIR STATIC_LIB_INSTALL_DIR SETOOLS_INCLUDE + +@@ -224,7 +225,7 @@ + + install-nogui: $(INSTALL_LIBDIR) install-seuser install-secmds + +-install: install-apol install-seuserx install-sepcut install-awish install-secmds install-seaudit ++install: install-apol install-seuserx install-sepcut install-awish install-secmds install-seaudit install-bwidget install-docs + + # Install the libraries + install-libseuser: +--- setools-1.4.1/packages/Makefile.rhat 2004-07-07 16:37:38.000000000 -0400 ++++ setools-1.4.1/packages/Makefile 2004-09-17 14:38:28.803731785 -0400 +@@ -4,9 +4,10 @@ + + # INSTALL_PATH is set based upon your current + # version of tcl using the tcl_vars script. +-INSTALL_PATH=$(shell env tclsh ../tcl_vars tcl_library) ++INSTALL_PATH=$(DESTDIR)/$(shell env tclsh ../tcl_vars tcl_library) + + install: ++ mkdir -p $(INSTALL_PATH) + tar -zxvf BWidget-1.4.1.tar.gz + mv BWidget-1.4.1 $(INSTALL_PATH) + +@@ -19,4 +20,4 @@ + clean: + rm -rf BWidget-1.4.1/ + +-bare: clean +\ No newline at end of file ++bare: clean --- setools-1.4.1/libseuser/seuser_db.c.rhat 2004-07-07 16:37:39.000000000 -0400 -+++ setools-1.4.1/libseuser/seuser_db.c 2004-07-08 12:15:29.906712667 -0400 ++++ setools-1.4.1/libseuser/seuser_db.c 2004-09-17 14:38:28.800732121 -0400 @@ -17,8 +17,15 @@ #include #include @@ -62,7 +161,7 @@ fclose(fp); free_conf_info(db); --- setools-1.4.1/libseuser/Makefile.rhat 2004-07-07 16:37:38.000000000 -0400 -+++ setools-1.4.1/libseuser/Makefile 2004-07-08 12:02:22.124320696 -0400 ++++ setools-1.4.1/libseuser/Makefile 2004-09-17 14:38:28.800732121 -0400 @@ -19,7 +19,7 @@ $(CC) $(LDFLAGS) -shared -o $(LIBSO) $(LIB-OBJ) -Wl,-soname,$(SONAME) @@ -72,81 +171,8 @@ libseuser-tcl.a: $(LIB-OBJ-TCL) ar cr $@ $(LIB-OBJ-TCL) ---- setools-1.4.1/apol/Makefile.rhat 2004-07-07 16:37:38.000000000 -0400 -+++ setools-1.4.1/apol/Makefile 2004-07-08 12:02:22.125320586 -0400 -@@ -17,7 +17,7 @@ - CFLAGS += -DSTARTUP_SCRIPT='"$(APOL_STARTUP_SCRIPT)"' - - apol: $(GUI-OBJ) apol.tcl -- $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) -+ $(CC) $(TCL_LIBINC) -o $@ $(GUI-OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux - - - apol.tcl: $(TCL-FILES) -@@ -54,6 +54,7 @@ - done \ - fi - install -m 644 apol.tcl $(APOL_HELP_FILES) $(APOL_PERM_MAPS) $(INSTALL_LIBDIR) -+ install -m 644 $(APOL_HELP_FILES) $(APOL_PERM_MAPS) ${INSTALL_HELPDIR} - cd $(INSTALL_LIBDIR); ln -sf $(APOL_DFLT_PMAP) apol_perm_mapping - - clean: ---- setools-1.4.1/awish/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 -+++ setools-1.4.1/awish/Makefile 2004-07-08 12:02:22.125320586 -0400 -@@ -4,7 +4,7 @@ - AWISH_OBJ = awish.o $(LIBSEUSER-TCL) $(LIBAPOL-TCL) - - awish: $(AWISH_OBJ) -- $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) -+ $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux - - - %.o: %.c ---- setools-1.4.1/Makefile.rhat 2004-07-08 12:18:16.143697579 -0400 -+++ setools-1.4.1/Makefile 2004-07-08 12:19:05.458057985 -0400 -@@ -25,8 +25,8 @@ - # File location defaults; used in various places in code - # Change these if you want different defaults - SELINUX_DIR = $(DESTDIR)/selinux --SELINUX_POLICY_DIR = $(DESTDIR)/etc/security/selinux --POLICY_INSTALL_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR) -+SELINUX_POLICY_DIR = $(DESTDIR)/etc/selinux/strict/ -+POLICY_INSTALL_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR)/policy - POLICY_SRC_DIR = $(DESTDIR)$(SELINUX_POLICY_DIR)/src/policy - POLICY_SRC_FILE = $(POLICY_SRC_DIR)/policy.conf - DEFAULT_LOG_FILE = /var/log/messages -@@ -224,7 +224,7 @@ - - install-nogui: $(INSTALL_LIBDIR) install-seuser install-secmds - --install: install-apol install-seuserx install-sepcut install-awish install-secmds install-seaudit -+install: install-apol install-seuserx install-sepcut install-awish install-secmds install-seaudit install-bwidget install-docs - - # Install the libraries - install-libseuser: ---- setools-1.4.1/packages/Makefile.rhat 2004-07-07 16:37:38.000000000 -0400 -+++ setools-1.4.1/packages/Makefile 2004-07-08 12:02:22.127320366 -0400 -@@ -4,9 +4,10 @@ - - # INSTALL_PATH is set based upon your current - # version of tcl using the tcl_vars script. --INSTALL_PATH=$(shell env tclsh ../tcl_vars tcl_library) -+INSTALL_PATH=$(DESTDIR)/$(shell env tclsh ../tcl_vars tcl_library) - - install: -+ mkdir -p $(INSTALL_PATH) - tar -zxvf BWidget-1.4.1.tar.gz - mv BWidget-1.4.1 $(INSTALL_PATH) - -@@ -19,4 +20,4 @@ - clean: - rm -rf BWidget-1.4.1/ - --bare: clean -\ No newline at end of file -+bare: clean --- setools-1.4.1/seuser/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 -+++ setools-1.4.1/seuser/Makefile 2004-07-08 12:02:22.128320256 -0400 ++++ setools-1.4.1/seuser/Makefile 2004-09-17 14:55:34.387595850 -0400 @@ -22,10 +22,10 @@ SHELL = /bin/sh @@ -160,8 +186,17 @@ se_user.tcl: $(TCL-FILES) cat $(TCL-FILES) | \ +@@ -148,7 +148,7 @@ + install: seuser seuserx se_user.tcl + install -d $(BINDIR) + install -m 755 seuser $(BINDIR) +- install -m 755 seuserx $(BINDIR); ++ install -m 755 seuserx $(SBINDIR); + install -m 755 $(SE_SHELL_SCRIPTS) $(BINDIR) + install -m 644 se_user.tcl $(SEUSER_HELP_FILE) $(INSTALL_LIBDIR) + install -m 644 $(SEUSER_CONF_FILE) $(INSTALL_LIBDIR); --- setools-1.4.1/docs-src/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 -+++ setools-1.4.1/docs-src/Makefile 2004-07-08 12:21:10.492761493 -0400 ++++ setools-1.4.1/docs-src/Makefile 2004-09-17 14:38:28.805731560 -0400 @@ -55,3 +55,15 @@ for file in $(TOP-DOCS); do \ rm -f ../$$file; \ @@ -178,3 +213,14 @@ + install -m 644 ../sepct/sepcut_help.txt ${INSTALL_HELPDIR} + install -m 644 ../apol/*.txt ${INSTALL_HELPDIR} + +--- setools-1.4.1/awish/Makefile.rhat 2004-07-07 16:37:39.000000000 -0400 ++++ setools-1.4.1/awish/Makefile 2004-09-17 14:38:28.802731897 -0400 +@@ -4,7 +4,7 @@ + AWISH_OBJ = awish.o $(LIBSEUSER-TCL) $(LIBAPOL-TCL) + + awish: $(AWISH_OBJ) +- $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) ++ $(CC) $(TCL_LIBINC) -o $@ $(AWISH_OBJ) $(LINKFLAGS) $(TCL_LIBS) -lselinux + + + %.o: %.c diff --git a/setools.spec b/setools.spec index f73d168..7fed500 100644 --- a/setools.spec +++ b/setools.spec @@ -1,10 +1,18 @@ Summary: SELinux tools for managing policy Name: setools Version: 1.4.1 -Release: 1 +Release: 2 License: GPL Group: System Environment/Base Source: http://www.tresys.com/Downloads/selinux-tools/setools-%{version}.tgz +Source1: setools.pam +Source2: apol.console +Source3: seuserx.console +Source4: seaudit.console +Source5: apol.desktop +Source6: seuserx.desktop +Source7: seaudit.desktop + Prefix: %{_prefix} BuildRoot: %{_tmppath}/%{name}-buildroot Requires: checkpolicy, policycoreutils @@ -13,6 +21,7 @@ BuildRequires: libselinux-devel, libxml2-devel BuildPrereq: bison, flex, pkgconfig Patch0: setools-rhat.patch +Patch1: setools-1.4.1-selinux-usr-2004081908.patch.gz Obsoletes: setools-devel %description @@ -47,14 +56,6 @@ Summary: Graphical tools for handling SETools Group: System Environment/Base Requires: %name -#%package devel -#Summary: Libraries used for manipulation of policy by SETools -#Group: System Environment/Base -#Requires: %name - -#%description devel -#setools libraries used for manipulation and investigation of policy. - %description gui Security-enhanced Linux is a patch of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access @@ -86,6 +87,7 @@ tools. %prep %setup -q %patch0 -p1 -b .rhat +%patch1 -p1 -b .selinux_usr %build make LIBDIR=%{_libdir} all @@ -93,25 +95,51 @@ make LIBDIR=%{_libdir} all %install rm -rf ${RPM_BUILD_ROOT} mkdir -p $RPM_BUILD_ROOT/%_bindir +mkdir -p $RPM_BUILD_ROOT/%_sbindir mkdir -p $RPM_BUILD_ROOT/%_libdir mkdir -p $RPM_BUILD_ROOT/usr/include/selinux/apol mkdir -p $RPM_BUILD_ROOT/usr/share/doc/setools-%{version} -make DESTDIR="${RPM_BUILD_ROOT}" INSTALL_HELPDIR=$RPM_BUILD_ROOT/usr/share/doc/setools-%{version} install +make DESTDIR="${RPM_BUILD_ROOT}" INSTALL_HELPDIR=$RPM_BUILD_ROOT/usr/share/doc/setools-%{version} install rm -f ${RPM_BUILD_ROOT}/etc/selinux/strict/src/policy/domains/program/seuser.te rm -f ${RPM_BUILD_ROOT}/etc/selinux/strict/src/policy/file_contexts/program/seuser.fc rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon +install -D %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/apol +install -D %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/seuserx +install -D %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/seaudit +install -D %{SOURCE2} ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/apol +install -D %{SOURCE3} ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/seuserx +install -D %{SOURCE4} ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/seaudit +install -D %{SOURCE5} ${RPM_BUILD_ROOT}%{_datadir}/applications/apol.desktop +install -D %{SOURCE6} ${RPM_BUILD_ROOT}%{_datadir}/applications/seuserx.desktop +install -D %{SOURCE7} ${RPM_BUILD_ROOT}%{_datadir}/applications/seaudit.desktop +cd $RPM_BUILD_ROOT/%_bindir/ +ln -sf consolehelper apol +ln -sf consolehelper seuserx +ln -sf consolehelper seaudit %clean rm -rf ${RPM_BUILD_ROOT} %files gui %defattr(-,root,root) +/usr/share/tcl8.4/BWidget-1.4.1/* %_bindir/apol +%_sbindir/apol %_bindir/seuserx +%_sbindir/seuserx %_bindir/awish %_bindir/seaudit -/usr/share/tcl8.4/BWidget-1.4.1/* +%_sbindir/seaudit +%{_datadir}/applications/apol.desktop +%{_datadir}/applications/seuserx.desktop +%{_datadir}/applications/seaudit.desktop +%config %{_sysconfdir}/pam.d/apol +%config %{_sysconfdir}/pam.d/seuserx +%config %{_sysconfdir}/pam.d/seaudit +%config %{_sysconfdir}/security/console.apps/apol +%config %{_sysconfdir}/security/console.apps/seuserx +%config %{_sysconfdir}/security/console.apps/seaudit %files %defattr(-,root,root)