rpms/setools
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import setools-4.3.0-1.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-07-28 09:46:34 -04:00 committed by Stepan Oksanichenko
parent 51eb0a7218
commit b6113583a7
7 changed files with 78 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/4.2.2.tar.gz
SOURCES/4.3.0.tar.gz

2
.setools.metadata
View File

@ -1 +1 @@
96da818e44293bac44d765453036b624ed573512 SOURCES/4.2.2.tar.gz
7b4a07a20ecee70da558bfe4ad26edf7eb6ca103 SOURCES/4.3.0.tar.gz

10
SOURCES/1001-Do-not-use-Werror-during-build.patch
View File

@ -1,7 +1,7 @@
From 4b3dc6b38abbd32cda557d5ef9ea1383ac5fdcf2 Mon Sep 17 00:00:00 2001
From 8d98b324fabcad6b09f9c734f79e6da9f9e85786 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Thu, 23 Feb 2017 08:17:07 +0100
Subject: [PATCH 2/3] Do not use -Werror during build
Subject: [PATCH] Do not use -Werror during build
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -32,10 +32,10 @@ error: command 'gcc' failed with exit status 1
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setup.py b/setup.py
index c94daf1..a7442ac 100644
index 457c830..4dcb301 100644
--- a/setup.py
+++ b/setup.py
@@ -105,7 +105,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
@@ -106,7 +106,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
libraries=['selinux', 'sepol'],
library_dirs=lib_dirs,
define_macros=macros,
@ -45,5 +45,5 @@ index c94daf1..a7442ac 100644
'-Wfloat-equal',
'-Wformat', '-Wformat=2',
--
2.17.2
2.25.1

20
SOURCES/1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
View File

@ -1,7 +1,7 @@
From b960869bcbcb58f2ce9af598484f209935c096b0 Mon Sep 17 00:00:00 2001
From 52f5f911c4ae481530a57b6a0dd42067406a9d36 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Fri, 26 Apr 2019 15:27:25 +0200
Subject: [PATCH 3/3] Do not export/use setools.InfoFlowAnalysis and
Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and
setools.DomainTransitionAnalysis
dta and infoflow modules require networkx which brings lot of dependencies.
@ -44,7 +44,7 @@ index 60861ca..41e38a2 100755
if args.shortest_path or args.all_paths:
if args.shortest_path:
diff --git a/seinfoflow b/seinfoflow
index 97b14ba..e7f965d 100755
index f10c39d..fee749a 100755
--- a/seinfoflow
+++ b/seinfoflow
@@ -17,7 +17,7 @@
@ -56,20 +56,20 @@ index 97b14ba..e7f965d 100755
import argparse
import sys
import logging
@@ -81,7 +81,7 @@ else:
@@ -101,7 +101,7 @@ elif args.booleans is not None:
try:
p = setools.SELinuxPolicy(args.policy)
m = setools.PermissionMap(args.map)
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
booleans=booleans)
if args.shortest_path or args.all_paths:
if args.shortest_path:
diff --git a/setools/__init__.py b/setools/__init__.py
index 7b70f5e..5a5f7fe 100644
index 26fa5aa..b7e51c4 100644
--- a/setools/__init__.py
+++ b/setools/__init__.py
@@ -73,12 +73,8 @@ from .pcideviceconquery import PcideviceconQuery
@@ -75,12 +75,8 @@ from .pcideviceconquery import PcideviceconQuery
from .devicetreeconquery import DevicetreeconQuery
# Information Flow Analysis
@ -135,5 +135,5 @@ index aa0e44a..fca2848 100644
from setools.exception import InvalidType
from setools.permmap import PermissionMap
--
2.17.2
2.25.1

24
SOURCES/1003-Require-networkx-on-package-level.patch Normal file
View File

@ -0,0 +1,24 @@
From 67067b6df7139cc38cf33d3cb2c66434cf4e89e4 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 2 Apr 2020 16:06:14 +0200
Subject: [PATCH] Require networkx on package level
It allows us to ship python3-setools without dependency on python3-networkx
---
setup.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setup.py b/setup.py
index 4dcb301..9333e0c 100644
--- a/setup.py
+++ b/setup.py
@@ -170,5 +170,5 @@ setup(name='setools',
# setup also requires libsepol and libselinux
# C libraries and headers to compile.
setup_requires=['setuptools', 'Cython>=0.27'],
- install_requires=['setuptools', 'networkx>=2.0']
+ install_requires=['setuptools']
)
--
2.25.1

14
SOURCES/1003-Do-not-use-NoteNotFound-as-it-s-not-implemented-in-n.patch → SOURCES/1004-Do-not-use-NoteNotFound-as-it-s-not-implemented-in-n.patch
View File

@ -1,4 +1,4 @@
From acfb532e781d600271e5ab1ebc5d9d6d6ea3a7f8 Mon Sep 17 00:00:00 2001
From d249ea3316fcfaa203055d2b1f2c52423216e7e7 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Tue, 30 Jul 2019 17:13:44 +0200
Subject: [PATCH] Do not use NoteNotFound as it's not implemented in networkx-1
@ -49,7 +49,7 @@ index 3239d2d..e15d8b8 100644
# NetworkXNoPath: no paths or the target type is
# not in the graph
diff --git a/setools/infoflow.py b/setools/infoflow.py
index 1b88efa..4fbe682 100644
index 579e064..89e5c8e 100644
--- a/setools/infoflow.py
+++ b/setools/infoflow.py
@@ -21,7 +21,7 @@ import logging
@ -60,8 +60,8 @@ index 1b88efa..4fbe682 100644
+from networkx.exception import NetworkXError, NetworkXNoPath
from .descriptors import EdgeAttrIntMax, EdgeAttrList
from .policyrep import TERuletype
@@ -118,7 +118,7 @@ class InfoFlowAnalysis:
from .exception import RuleNotConditional
@@ -124,7 +124,7 @@ class InfoFlowAnalysis:
self.log.info("Generating one shortest information flow path from {0} to {1}...".
format(s, t))
@ -70,7 +70,7 @@ index 1b88efa..4fbe682 100644
# NodeNotFound: the type is valid but not in graph, e.g.
# excluded or disconnected due to min weight
# NetworkXNoPath: no paths or the target type is
@@ -157,7 +157,7 @@ class InfoFlowAnalysis:
@@ -163,7 +163,7 @@ class InfoFlowAnalysis:
self.log.info("Generating all information flow paths from {0} to {1}, max length {2}...".
format(s, t, maxlen))
@ -79,7 +79,7 @@ index 1b88efa..4fbe682 100644
# NodeNotFound: the type is valid but not in graph, e.g.
# excluded or disconnected due to min weight
# NetworkXNoPath: no paths or the target type is
@@ -191,7 +191,7 @@ class InfoFlowAnalysis:
@@ -197,7 +197,7 @@ class InfoFlowAnalysis:
self.log.info("Generating all shortest information flow paths from {0} to {1}...".
format(s, t))
@ -89,5 +89,5 @@ index 1b88efa..4fbe682 100644
# excluded or disconnected due to min weight
# NetworkXNoPath: no paths or the target type is
--
2.22.0
2.25.1

36
SPECS/setools.spec
View File

@ -7,8 +7,8 @@
%bcond_without networkx
Name: setools
Version: 4.2.2
Release: 2%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
Version: 4.3.0
Release: 1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
Summary: Policy analysis tools for SELinux
License: GPLv2
@ -18,7 +18,8 @@ Source1: setools.pam
Source2: apol.desktop
Patch1001: 1001-Do-not-use-Werror-during-build.patch
Patch1002: 1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
Patch1003: 1003-Do-not-use-NoteNotFound-as-it-s-not-implemented-in-n.patch
Patch1003: 1003-Require-networkx-on-package-level.patch
Patch1004: 1004-Do-not-use-NoteNotFound-as-it-s-not-implemented-in-n.patch
Obsoletes: setools < 4.0.0, setools-devel < 4.0.0
BuildRequires: flex, bison
@ -32,7 +33,11 @@ BuildRequires: python3-setuptools
BuildRequires: libselinux-devel
# BuildArch:
Requires: python3-%{name} = %{version}-%{release}
Requires: %{name}-console = %{version}-%{release}
%if %{with networkx}
Requires: %{name}-console-analyses = %{version}-%{release}
Requires: %{name}-gui = %{version}-%{release}
%endif
%description
SETools is a collection of graphical tools, command-line tools, and
@ -121,9 +126,9 @@ Python modules designed to facilitate SELinux policy analysis.
%if %{without networkx}
rm -f %{buildroot}%{_bindir}/sedta %{buildroot}%{_bindir}/seinfoflow \
%{buildroot}%{_mandir}/man1/sedta* %{buildroot}%{_mandir}/man1/sedinfoflow*
%{buildroot}%{_mandir}*/man1/sedta* %{buildroot}%{_mandir}*/man1/sedinfoflow* \
rm -rf %{buildroot}%{_bindir}/apol %{buildroot}%{python3_sitearch}/setoolsgui \
%{buildroot}%{_mandir}/man1/apol*
%{buildroot}%{_mandir}*/man1/apol*
%endif
%check
@ -141,6 +146,9 @@ rm -rf %{buildroot}%{_bindir}/apol %{buildroot}%{python3_sitearch}/setoolsgui \
%{_mandir}/man1/sediff*
%{_mandir}/man1/seinfo*
%{_mandir}/man1/sesearch*
%{_mandir}/ru/man1/sediff*
%{_mandir}/ru/man1/seinfo*
%{_mandir}/ru/man1/sesearch*
%if %{with networkx}
%files console-analyses
@ -148,6 +156,8 @@ rm -rf %{buildroot}%{_bindir}/apol %{buildroot}%{python3_sitearch}/setoolsgui \
%{_bindir}/seinfoflow
%{_mandir}/man1/sedta*
%{_mandir}/man1/seinfoflow*
%{_mandir}/ru/man1/sedta*
%{_mandir}/ru/man1/seinfoflow*
%endif
%files -n python3-setools
@ -160,9 +170,23 @@ rm -rf %{buildroot}%{_bindir}/apol %{buildroot}%{python3_sitearch}/setoolsgui \
%{_bindir}/apol
%{python3_sitearch}/setoolsgui
%{_mandir}/man1/apol*
%{_mandir}/ru/man1/apol*
%endif
%changelog
* Fri Apr 03 2020 Vit Mojzis <vmojzis@redhat.com> - 4.3.0-1
- SETools 4.3.0 release (#1820079)
- Revised sediff method for TE rules. This drastically reduced memory and run time.
- Added infiniband context support to seinfo, sediff, and apol.
- Added apol configuration for location of Qt assistant.
- Fixed sediff issue where properties header would display when not requested.
- Fixed sediff issue with type_transition file name comparison.
- Fixed permission map socket sendto information flow direction.
- Added methods to TypeAttribute class to make it a complete Python collection.
- Genfscon now will look up classes rather than using fixed values which
were dropped from libsepol.
- setools requires -console, -console-analyses and -gui packages (#1820078)
* Sat Nov 30 2019 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-2
- Build setools-console-analyses and setools-gui (#1731519)