setools-4.4.3-1

Resolves: rhbz#2231801
2023-08-14 17:15:05 +02:00 · 2023-08-14 17:15:05 +02:00 · a51d655c4a
commit a51d655c4a
parent e9f831dfdb
4 changed files with 13 additions and 96 deletions
--- a/.gitignore
+++ b/.gitignore
@ -14,3 +14,4 @@ setools-3.3.8-f1e5b20.tar.bz2
 /4.4.0.tar.gz
 /4.4.1.tar.gz
 /4.4.2.tar.gz
+/4.4.3.tar.gz
--- a/0001-Disable-remove-neverallow-options-in-sediff.patch
+++ b/0001-Disable-remove-neverallow-options-in-sediff.patch
@ -1,92 +0,0 @@
-From b6b7a20618595ab88480f05348e91491345b70ef Mon Sep 17 00:00:00 2001
-From: Petr Lautrbach <lautrbach@redhat.com>
-Date: Tue, 9 May 2023 19:22:01 +0200
-Subject: [PATCH] Disable/remove neverallow options in sediff.
-Content-type: text/plain
-
-Apply change from commit 06335957b701 ("Disable/remove neverallow
-options in frontends.") to sediff
-
-Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
- man/ru/sediff.1 |  4 ----
- man/sediff.1    |  4 ----
- sediff          | 10 +++++++---
- 3 files changed, 7 insertions(+), 11 deletions(-)
-
-diff --git a/man/ru/sediff.1 b/man/ru/sediff.1
-index c6bf2939443f..af5d8efcf82c 100644
--- a/man/ru/sediff.1
-+++ b/man/ru/sediff.1
-@@ -57,16 +57,12 @@ sediff \- утилита выявления различий политик SELi
- Найти различия правил включения журналирования событий.
- .IP "--dontaudit"
- Найти различия правил запрета журналирования событий.
-.IP "--neverallow"
-Найти различия запрещающих правил.
- .IP "--allowxperm"
- Найти различия расширенных разрешительных правил.
- .IP "--auditallowxperm"
- Найти различия расширенных правил включения журналирования событий.
- .IP "--dontauditxperm"
- Найти различия расширенных правил запрета журналирования событий.
-.IP "--neverallowxperm"
-Найти различия расширенных запрещающих правил.
- .IP "-T, --type_trans"
- Найти различия правил перехода типов.
- .IP "--type_member"
-diff --git a/man/sediff.1 b/man/sediff.1
-index ed3b497db2c4..18466d8aeb68 100644
--- a/man/sediff.1
-+++ b/man/sediff.1
-@@ -50,16 +50,12 @@ Find differences in allow rules.
- Find differences in auditallow rules.
- .IP "--dontaudit"
- Find differences in dontaudit rules.
-.IP "--neverallow"
-Find differences in neverallow rules.
- .IP "--allowxperm"
- Find differences in allowxperm rules.
- .IP "--auditallowxperm"
- Find differences in auditallowxperm rules.
- .IP "--dontauditxperm"
- Find differences in dontauditxperm rules.
-.IP "--neverallowxperm"
-Find differences in neverallowxperm rules.
- .IP "-T, --type_trans"
- Find differences in type_transition rules.
- .IP "--type_member"
-diff --git a/sediff b/sediff
-index dfaa319d1d59..97899c13caf4 100755
--- a/sediff
-+++ b/sediff
-@@ -46,12 +46,12 @@ comp.add_argument("--level", action="store_true", help="Print MLS level definiti
- terule = parser.add_argument_group("type enforcement rule differences")
- terule.add_argument("-A", action="store_true", help="Print allow and allowxperm rule differences")
- terule.add_argument("--allow", action="store_true", help="Print allow rule differences")
-terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences")
-+# terule.add_argument("--neverallow", action="store_true", help="Print neverallow rule differences")
- terule.add_argument("--auditallow", action="store_true", help="Print auditallow rule differences")
- terule.add_argument("--dontaudit", action="store_true", help="Print dontaudit rule differences")
- terule.add_argument("--allowxperm", action="store_true", help="Print allowxperm rule differences")
-terule.add_argument("--neverallowxperm", action="store_true",
-                    help="Print neverallowxperm rule differences")
-+# terule.add_argument("--neverallowxperm", action="store_true",
-+#                     help="Print neverallowxperm rule differences")
- terule.add_argument("--auditallowxperm", action="store_true",
-                     help="Print auditallowxperm rule differences")
- terule.add_argument("--dontauditxperm", action="store_true",
-@@ -98,6 +98,10 @@ other.add_argument("--typebounds", action="store_true", help="Print typebounds d
- 
- args = parser.parse_args()
- 
-+# neverallow and neverallowxperm options are disabled
-+args.neverallow = False
-+args.neverallowxperm = False
-+
- if args.A:
-     args.allow = True
-     args.allowxperm = True
-- 
-2.40.1
-
--- a/setools.spec
+++ b/setools.spec
@ -2,8 +2,8 @@
 %global selinux_ver 3.5-1

 Name:           setools
-Version:        4.4.2
-Release:        2.1%{?dist}
+Version:        4.4.3
+Release:        1%{?dist}
 Summary:        Policy analysis tools for SELinux

 License:        GPL-2.0-only and LGPL-2.1-only
@ -11,7 +11,7 @@ URL:            https://github.com/SELinuxProject/setools/wiki
 Source0:        https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz
 Source1:        setools.pam
 Source2:        apol.desktop
-Patch1:         0001-Disable-remove-neverallow-options-in-sediff.patch
+
 Obsoletes:      setools < 4.0.0, setools-devel < 4.0.0
 BuildRequires:  flex,  bison
 BuildRequires:  glibc-devel, gcc, git-core
@ -144,6 +144,14 @@ Python modules designed to facilitate SELinux policy analysis.
 %{_mandir}/ru/man1/apol*

 %changelog
+* Mon Aug 14 2023 Petr Lautrbach <lautrbach@redhat.com> - 4.4.3-1
+- SETools 4.4.3 release
+- Improve man pages
+- seinfoflow: Add -r option to get flows into the source type.
+- seinfoflow.1: Remove references to sepolgen permission map.
+- AVRule/AVRuleXperm: Treat rules with no permissions as invalid policy.
+- SELinuxPolicy: Add explicit cast for libspol message
+
 * Wed May 10 2023 Petr Lautrbach <lautrbach@redhat.com> - 4.4.2-2.1
 - Disable sediff --neverallow and --neverallowxperm options

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (4.4.2.tar.gz) = b5117c5de1503e25183c2a1af92cd015320dd37e0cf26b8e09bd5d0ff879734d2f9c301def2a40b476c1ed1960f9ee04ae13b284df73f39f743004104ac85fb1
+SHA512 (4.4.3.tar.gz) = dcea6f10af0f46cb7f06aa1b29a757de7dbc30b52fe705c51a4f395d6cc25bfc7b78c15b6fc5c09ec05a2bbe8316bc79b87156304de5fe098040007d33a70143