import setools-4.4.0-3.el9

2021-11-03 19:31:50 -04:00 · 2021-11-03 19:31:50 -04:00 · a664fa9b0d
commit a664fa9b0d
7 changed files with 472 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+SOURCES/4.4.0.tar.gz
--- a/.setools.metadata
+++ b/.setools.metadata
@ -0,0 +1 @@
+aaaea87c58e6677d5b3674b7e8bb8503964f6873 SOURCES/4.4.0.tar.gz
--- a/SOURCES/1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
+++ b/SOURCES/1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
@ -0,0 +1,142 @@
+From e47d19f4985098ca316eea4a383510d419ec6055 Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Fri, 26 Apr 2019 15:27:25 +0200
+Subject: [PATCH 1/2] Do not export/use setools.InfoFlowAnalysis and
+ setools.DomainTransitionAnalysis
+
+dta and infoflow modules require networkx which brings lot of dependencies.
+These dependencies are not necessary for setools module itself as it's
+used in policycoreutils.
+
+Therefore it's better to use setools.infoflow.InfoFlowAnalysis and
+setools.dta.DomainTransitionAnalysis and let the package containing
+sedta and seinfoflow to require python3-networkx
+---
+ sedta                       | 5 +++--
+ seinfoflow                  | 4 ++--
+ setools/__init__.py         | 4 ----
+ setoolsgui/apol/dta.py      | 2 +-
+ setoolsgui/apol/infoflow.py | 2 +-
+ tests/dta.py                | 2 +-
+ tests/infoflow.py           | 2 +-
+ 7 files changed, 9 insertions(+), 12 deletions(-)
+
+diff --git a/sedta b/sedta
+index 57070098fe10..51890ea8ea73 100755
+--- a/sedta
+++ b/sedta
+@@ -23,9 +23,10 @@ import logging
+ import signal
+ 
+ import setools
+import setools.dta
+ 
+ 
+-def print_transition(trans: setools.DomainTransition) -> None:
+def print_transition(trans: setools.dta.DomainTransition) -> None:
+     if trans.transition:
+         print("Domain transition rule(s):")
+         for t in trans.transition:
+@@ -114,7 +115,7 @@ else:
+ 
+ try:
+     p = setools.SELinuxPolicy(args.policy)
+-    g = setools.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
+    g = setools.dta.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
+ 
+     if args.shortest_path or args.all_paths:
+         if args.shortest_path:
+diff --git a/seinfoflow b/seinfoflow
+index 0ddcfdc7c1fb..8321718b2640 100755
+--- a/seinfoflow
+++ b/seinfoflow
+@@ -17,7 +17,7 @@
+ # along with SETools.  If not, see <http://www.gnu.org/licenses/>.
+ #
+ 
+-import setools
+import setools.infoflow
+ import argparse
+ import sys
+ import logging
+@@ -102,7 +102,7 @@ elif args.booleans is not None:
+ try:
+     p = setools.SELinuxPolicy(args.policy)
+     m = setools.PermissionMap(args.map)
+-    g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
+    g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
+                                  booleans=booleans)
+ 
+     if args.shortest_path or args.all_paths:
+diff --git a/setools/__init__.py b/setools/__init__.py
+index d72d343e7e79..642485b9018d 100644
+--- a/setools/__init__.py
+++ b/setools/__init__.py
+@@ -91,12 +91,8 @@ from .pcideviceconquery import PcideviceconQuery
+ from .devicetreeconquery import DevicetreeconQuery
+ 
+ # Information Flow Analysis
+-from .infoflow import InfoFlowAnalysis
+ from .permmap import PermissionMap, RuleWeight, Mapping
+ 
+-# Domain Transition Analysis
+-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
+-
+ # Policy difference
+ from .diff import PolicyDifference
+ 
+diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
+index 62dbf04d9a5e..0ea000e790f0 100644
+--- a/setoolsgui/apol/dta.py
+++ b/setoolsgui/apol/dta.py
+@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
+ from PyQt5.QtGui import QPalette, QTextCursor
+ from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
+     QTreeWidgetItem
+-from setools import DomainTransitionAnalysis
+from setools.dta import DomainTransitionAnalysis
+ 
+ from ..logtosignal import LogHandlerToSignal
+ from .analysistab import AnalysisSection, AnalysisTab
+diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
+index 28009aa2329c..92d350bf727c 100644
+--- a/setoolsgui/apol/infoflow.py
+++ b/setoolsgui/apol/infoflow.py
+@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
+ from PyQt5.QtGui import QPalette, QTextCursor
+ from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
+     QTreeWidgetItem
+-from setools import InfoFlowAnalysis
+from setools.infoflow import InfoFlowAnalysis
+ from setools.exception import UnmappedClass, UnmappedPermission
+ 
+ from ..logtosignal import LogHandlerToSignal
+diff --git a/tests/dta.py b/tests/dta.py
+index a0cc9381469c..177e6fb0b961 100644
+--- a/tests/dta.py
+++ b/tests/dta.py
+@@ -18,7 +18,7 @@
+ import os
+ import unittest
+ 
+-from setools import DomainTransitionAnalysis
+from setools.dta import DomainTransitionAnalysis
+ from setools import TERuletype as TERT
+ from setools.exception import InvalidType
+ from setools.policyrep import Type
+diff --git a/tests/infoflow.py b/tests/infoflow.py
+index aa0e44a7e4f8..fca2848aeca5 100644
+--- a/tests/infoflow.py
+++ b/tests/infoflow.py
+@@ -18,7 +18,7 @@
+ import os
+ import unittest
+ 
+-from setools import InfoFlowAnalysis
+from setools.infoflow import InfoFlowAnalysis
+ from setools import TERuletype as TERT
+ from setools.exception import InvalidType
+ from setools.permmap import PermissionMap
+-- 
+2.30.0
+
--- a/SOURCES/1003-Require-networkx-on-package-level.patch
+++ b/SOURCES/1003-Require-networkx-on-package-level.patch
@ -0,0 +1,24 @@
+From 7b73bdeda54b9c944774452bfa3b3c1f2733b3f0 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Thu, 2 Apr 2020 16:06:14 +0200
+Subject: [PATCH 2/2] Require networkx on package level
+
+It allows us to ship python3-setools without dependency on python3-networkx
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index c593b786cc61..0551811e3fd1 100644
+--- a/setup.py
+++ b/setup.py
+@@ -163,5 +163,5 @@ setup(name='setools',
+       # setup also requires libsepol and libselinux
+       # C libraries and headers to compile.
+       setup_requires=['setuptools', 'Cython>=0.27'],
+-      install_requires=['setuptools', 'networkx>=2.0']
+      install_requires=['setuptools']
+       )
+-- 
+2.30.0
+
--- a/SOURCES/apol.desktop
+++ b/SOURCES/apol.desktop
@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=SELinux Policy Analysis
+GenericName=SELinux Policy Analysis Tool 
+Comment=This tool can examine, search, and relate policy components and policy rules 
+Icon=apol
+Exec=/usr/bin/apol
+Type=Application
+Terminal=false
+Categories=System;
+X-Desktop-File-Install-Version=0.2
+StartupNotify=true
--- a/SOURCES/setools.pam
+++ b/SOURCES/setools.pam
@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		include		config-util
+account		include		config-util
+session		include		config-util
--- a/SPECS/setools.spec
+++ b/SPECS/setools.spec
@ -0,0 +1,289 @@
+%global sepol_ver 3.2-1
+%global selinux_ver 3.2-1
+
+Name:           setools
+Version:        4.4.0
+Release:        3%{?dist}
+Summary:        Policy analysis tools for SELinux
+
+License:        GPLv2
+URL:            https://github.com/SELinuxProject/setools/wiki
+Source0:        https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz
+Source1:        setools.pam
+Source2:        apol.desktop
+Patch1002:      1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
+Patch1003:      1003-Require-networkx-on-package-level.patch
+Obsoletes:      setools < 4.0.0, setools-devel < 4.0.0
+BuildRequires:  flex,  bison
+BuildRequires:  glibc-devel, gcc, git-core
+BuildRequires:  libsepol-devel >= %{sepol_ver}, libsepol-static >= %{sepol_ver}
+BuildRequires:  qt5-qtbase-devel
+BuildRequires:  swig
+BuildRequires:  python3-Cython
+BuildRequires:  python3-devel
+BuildRequires:  python3-setuptools
+BuildRequires:  libselinux-devel
+
+Requires:       %{name}-console = %{version}-%{release}
+Requires:       %{name}-console-analyses = %{version}-%{release}
+Requires:       %{name}-gui = %{version}-%{release}
+
+%description
+SETools is a collection of graphical tools, command-line tools, and
+Python modules designed to facilitate SELinux policy analysis.
+
+%package     console
+Summary:     Policy analysis command-line tools for SELinux
+License:     GPLv2
+Requires:    python3-setools = %{version}-%{release}
+Requires:    libselinux >= %{selinux_ver}
+
+%description console
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes the following console tools:
+
+  sediff       Compare two policies to find differences.
+  seinfo       List policy components.
+  sesearch     Search rules (allow, type_transition, etc.)
+
+
+%package     console-analyses
+Summary:     Policy analysis command-line tools for SELinux
+License:     GPLv2
+Requires:    python3-setools = %{version}-%{release}
+Requires:    libselinux >= %{selinux_ver}
+Requires:    python3-networkx
+
+%description console-analyses
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes the following console tools:
+
+  sedta        Perform domain transition analyses.
+  seinfoflow   Perform information flow analyses.
+
+
+%package     -n python3-setools
+Summary:     Policy analysis tools for SELinux  
+Obsoletes:   setools-libs < 4.0.0
+Recommends:  libselinux-python3
+%{?python_provide:%python_provide python3-setools}
+Requires:    python3-setuptools
+
+%description -n python3-setools
+SETools is a collection of graphical tools, command-line tools, and
+Python 3 modules designed to facilitate SELinux policy analysis.
+
+
+%package     gui
+Summary:     Policy analysis graphical tools for SELinux
+Requires:    python3-setools = %{version}-%{release}
+Requires:    python3-qt5
+Requires:    python3-networkx
+
+%description gui
+SETools is a collection of graphical tools, command-line tools, and
+Python modules designed to facilitate SELinux policy analysis.
+
+
+%prep
+%autosetup -p 1 -S git -n setools-%{version}
+
+
+%build
+%py3_build
+
+
+%install
+%py3_install
+
+%check
+%if %{?_with_check:1}%{!?_with_check:0}
+%{__python3} setup.py test
+%endif
+
+
+%files
+
+%files console
+%{_bindir}/sechecker
+%{_bindir}/sediff
+%{_bindir}/seinfo
+%{_bindir}/sesearch
+%{_mandir}/man1/sechecker*
+%{_mandir}/man1/sediff*
+%{_mandir}/man1/seinfo*
+%{_mandir}/man1/sesearch*
+%{_mandir}/ru/man1/sediff*
+%{_mandir}/ru/man1/seinfo*
+%{_mandir}/ru/man1/sesearch*
+
+%files console-analyses
+%{_bindir}/sedta
+%{_bindir}/seinfoflow
+%{_mandir}/man1/sedta*
+%{_mandir}/man1/seinfoflow*
+%{_mandir}/ru/man1/sedta*
+%{_mandir}/ru/man1/seinfoflow*
+
+%files -n python3-setools
+%license COPYING COPYING.GPL COPYING.LGPL
+%{python3_sitearch}/setools
+%{python3_sitearch}/setools-*
+
+%files gui
+%{_bindir}/apol
+%{python3_sitearch}/setoolsgui
+%{_mandir}/man1/apol*
+%{_mandir}/ru/man1/apol*
+
+%changelog
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 4.4.0-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 4.4.0-2
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Mon Mar  8 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-1
+- SETools 4.4.0 release
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.4.0-0.3.20210121git16c0696
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Jan 21 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20210121git16c0696
+- Rebuild with SELinux userspace 3.2-rc1
+- Update to 16c0696
+
+* Thu Dec 10 2020 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20201102git05e90ee
+- Fix imports in /usr/bin/sedta
+
+* Tue Nov  3 2020 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.1.20201102git05e90ee
+- Update to 05e90ee
+- Add /usr/bin/sechecker
+- Adapt to new libsepol filename transition structures
+- Rebuild with libsepol.so.2
+
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.3.0-5
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.3.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Thu Jul 16 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-3
+- rebuild with SELinux userspace 3.1 release
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 4.3.0-2
+- Rebuilt for Python 3.9
+
+* Thu Apr  2 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-1
+- SETools 4.3.0 release
+- Revised sediff method for TE rules. This drastically reduced memory and run time.
+- Added infiniband context support to seinfo, sediff, and apol.
+- Added apol configuration for location of Qt assistant.
+- Fixed sediff issue where properties header would display when not requested.
+- Fixed sediff issue with type_transition file name comparison.
+- Fixed permission map socket sendto information flow direction.
+- Added methods to TypeAttribute class to make it a complete Python collection.
+- Genfscon now will look up classes rather than using fixed values which
+    were dropped from libsepol.
+
+* Mon Mar 23 2020 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-5
+- setools requires -console, -console-analyses and -gui packages (#1794314)
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 4.2.2-3
+- Rebuilt for Python 3.8.0rc1 (#1748018)
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 4.2.2-2
+- Rebuilt for Python 3.8
+
+* Mon Jul 08 2019 Vit Mojzis <vmojzis@redhat.com> - 4.2.2-1}
+- SETools 4.2.2 release
+
+* Mon May 13 2019 Vit Mojzis <vmojzis@redhat.com> - 4.2.1-3
+- Use %set_build_flags instead of %optflags
+
+* Mon May 06 2019 Vit Mojzis <vmojzis@redhat.com> - 4.2.1-2
+- SELinuxPolicy: Create a map of aliases on policy load (#1672631)
+
+* Tue Mar 26 2019 Petr Lautrbach <plautrba@redhat.com> - 4.2.1-1
+- SETools 4.2.1 release (#1581761, #1595582)
+
+* Wed Nov 14 2018 Vit Mojzis <vmojzis@redhat.com> - 4.2.0-1
+- Update source to SETools 4.2.0 release
+
+* Mon Oct 01 2018 Vit Mojzis <vmojzis@redhat.com> - 4.2.0-0.3.rc
+- Update upstream source to 4.2.0-rc
+
+* Wed Sep 19 2018 Vit Mojzis <vmojzis@redhat.com> - 4.2.0-0.2.beta
+- Require userspace release 2.8
+- setools-gui requires python3-setools
+- Add Requires for python[23]-setuptools - no longer required (just recommended) by python[23] (#1623371)
+- Drop python2 subpackage (4.2.0 no longer supports python2)
+
+* Wed Aug 29 2018 Vit Mojzis <vmojzis@redhat.com> - 4.1.1-13
+- Add Requires for python[23]-setuptools - no longer required (just recommended)
+  by python[23] (#1623371)
+
+* Wed Aug 22 2018 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-12.1
+- Fix SCTP patch - https://github.com/SELinuxProject/setools/issues/9
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.1.1-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 4.1.1-10
+- Rebuilt for Python 3.7
+
+* Thu Jun 14 2018 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-9
+- Move gui python files to -gui subpackage
+
+* Thu Apr 26 2018 Vit Mojzis <vmojzis@redhat.com> - 4.1.1-8
+- Add support for SCTP protocol (#1568333)
+
+* Thu Apr 19 2018 Iryna Shcherbina <shcherbina.iryna@gmail.com> - 4.1.1-7
+- Update Python 2 dependency declarations to new packaging standards
+  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.1.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Mon Sep 04 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-5
+- setools-python2 requires python2-enum34
+
+* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 4.1.1-4
+- Add Provides for the old name without %%_isa
+
+* Thu Aug 10 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 4.1.1-3
+- Python 2 binary package renamed to python2-setools
+  See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
+- Python 3 binary package renamed to python3-setools
+
+* Thu Aug 10 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-2
+- bswap_* macros are defined in byteswap.h
+
+* Mon Aug 07 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-1
+- New upstream release
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.1.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.1.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Mon May 22 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.0-3
+- setools-python{,3} packages should have a weak dependency on libselinux-python{,3}
+  (#1447747)
+
+* Thu Feb 23 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.0-2
+- Move python networkx dependency to -gui and -console-analyses
+- Ship sedta and seinfoflow in setools-console-analyses
+
+* Wed Feb 15 2017 Petr Lautrbach <plautrba@redhat.com> - 4.1.0-1
+- New upstream release.
				`@ -0,0 +1 @@`
				`aaaea87c58e6677d5b3674b7e8bb8503964f6873 SOURCES/4.4.0.tar.gz`