rpms/setroubleshoot
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Auto sync2gitlab import of setroubleshoot-3.3.26-3.el8.src.rpm

Browse Source
This commit is contained in:
James Antill 2022-05-26 14:24:26 -04:00
parent 1a3fafdcb2
commit 0140faade5
11 changed files with 42264 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/setroubleshoot-3.3.26.tar.gz

45
0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch Normal file
View File

@ -0,0 +1,45 @@
From 78840f4e0bd41d3ba1b3c90b909e6c2cf7ef4ea7 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 14 Apr 2021 17:03:39 +0200
Subject: [PATCH] Stop SetroubleshootFixit after 10 seconds of inactivity
---
src/SetroubleshootFixit.py | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
index 15c6cab..f7cbf95 100644
--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
@@ -7,6 +7,7 @@ from gi.repository import GLib
import slip.dbus.service
from slip.dbus import polkit
import os
+import signal
class RunFix(slip.dbus.service.Object):
@@ -14,12 +15,20 @@ class RunFix(slip.dbus.service.Object):
def __init__(self, *p, **k):
super(RunFix, self).__init__(*p, **k)
+ self.timeout = 10
+ self.alarm(self.timeout)
+
+ def alarm(self, timeout=10):
+ signal.alarm(timeout)
+
@dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
def run_fix(self, local_id, analysis_id):
import subprocess
+ self.alarm(0)
command = ["sealert", "-f", local_id, "-P", analysis_id]
return subprocess.check_output(command, universal_newlines=True)
+ self.alarm(self.timeout)
if __name__ == "__main__":
mainloop = GLib.MainLoop()
--
2.30.2

103
0002-Do-not-use-Python-slip-package.patch Normal file
View File

@ -0,0 +1,103 @@
From e9def2b8b0098842d0223d0951f41e2106821a88 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 14 Apr 2021 17:04:59 +0200
Subject: [PATCH] Do not use Python slip package
It's not maintained anymore and it allows us to drop dependency on
Python slip package
Use DBUS polkit interface instead -
https://www.freedesktop.org/software/polkit/docs/latest/eggdbus-interface-org.freedesktop.PolicyKit1.Authority.html
---
src/SetroubleshootFixit.py | 35 +++++++++++++++++++++++++----------
src/setroubleshoot/browser.py | 3 ---
2 files changed, 25 insertions(+), 13 deletions(-)
diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
index f7cbf95..ab0ad2b 100644
--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
@@ -4,13 +4,11 @@ import dbus
import dbus.service
import dbus.mainloop.glib
from gi.repository import GLib
-import slip.dbus.service
-from slip.dbus import polkit
import os
import signal
+import subprocess
-
-class RunFix(slip.dbus.service.Object):
+class RunFix(dbus.service.Object):
default_polkit_auth_required = "org.fedoraproject.setroubleshootfixit.write"
def __init__(self, *p, **k):
@@ -21,14 +19,32 @@ class RunFix(slip.dbus.service.Object):
def alarm(self, timeout=10):
signal.alarm(timeout)
-
- @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
- def run_fix(self, local_id, analysis_id):
- import subprocess
+ def is_authorized(self, sender):
+ bus = dbus.SystemBus()
+
+ proxy = bus.get_object('org.freedesktop.PolicyKit1', '/org/freedesktop/PolicyKit1/Authority')
+ authority = dbus.Interface(proxy, dbus_interface='org.freedesktop.PolicyKit1.Authority')
+ subject = ('system-bus-name', {'name' : sender})
+ action_id = 'org.fedoraproject.setroubleshootfixit.write'
+ details = {}
+ flags = 1 # AllowUserInteraction flag
+ cancellation_id = '' # No cancellation id
+ result = authority.CheckAuthorization(subject, action_id, details, flags, cancellation_id)
+ return result[0]
+
+ @dbus.service.method("org.fedoraproject.SetroubleshootFixit", sender_keyword="sender", in_signature='ss', out_signature='s')
+ def run_fix(self, local_id, analysis_id, sender):
self.alarm(0)
command = ["sealert", "-f", local_id, "-P", analysis_id]
- return subprocess.check_output(command, universal_newlines=True)
+
+ if self.is_authorized(sender):
+ result = subprocess.check_output(command, universal_newlines=True)
+ else:
+ result = "Authorization failed"
+
self.alarm(self.timeout)
+ return result
+
if __name__ == "__main__":
mainloop = GLib.MainLoop()
@@ -36,5 +52,4 @@ if __name__ == "__main__":
system_bus = dbus.SystemBus()
name = dbus.service.BusName("org.fedoraproject.SetroubleshootFixit", system_bus)
object = RunFix(system_bus, "/org/fedoraproject/SetroubleshootFixit/object")
- slip.dbus.service.set_mainloop(mainloop)
mainloop.run()
diff --git a/framework/src/setroubleshoot/browser.py b/framework/src/setroubleshoot/browser.py
index 2d37bb4..3203f75 100644
--- a/framework/src/setroubleshoot/browser.py
+++ b/framework/src/setroubleshoot/browser.py
@@ -65,8 +65,6 @@ from setroubleshoot.util import *
from setroubleshoot.html_util import html_to_text
import re
import dbus
-import slip.dbus.service
-from slip.dbus import polkit
import report
import report.io
import report.io.GTKIO
@@ -933,7 +931,6 @@ class DBusProxy (object):
self.bus = dbus.SystemBus()
self.dbus_object = self.bus.get_object("org.fedoraproject.SetroubleshootFixit", "/org/fedoraproject/SetroubleshootFixit/object")
- @polkit.enable_proxy
def run_fix(self, local_id, plugin_name):
return self.dbus_object.run_fix(local_id, plugin_name, dbus_interface="org.fedoraproject.SetroubleshootFixit")
--
2.30.2

82
0003-Fix-typos-in-help-man-pages-and-developer-s-guide.patch Normal file
View File

@ -0,0 +1,82 @@
From f6a21742b2531f5dfd0fa68400848ca4314f972f Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Mon, 6 Dec 2021 12:14:04 +0100
Subject: [PATCH] Fix typos in --help, man pages and developer's guide
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
TODO | 2 +-
doc/sealert.8 | 2 +-
src/config.py.in | 2 +-
src/sealert | 2 +-
src/setroubleshoot/server.py | 2 +-
5 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/framework/TODO b/framework/TODO
index 6c2f375..25072ea 100644
--- a/framework/TODO
+++ b/framework/TODO
@@ -22,7 +22,7 @@ return plain text (to be used for plaintext email and writing to
stdout).
(John) Add log file scanning support (I'm currently working on this).
-We could use a better parser for AVC's in log file or other "stream",
+We could use a better parser for AVCs in log file or other "stream",
should work by accepting data via a feed() method and invoke a
callback when it finds an AVC returning an AVC class and a range
(start,end) where it was located (question: should the range be line
diff --git a/framework/doc/sealert.8 b/framework/doc/sealert.8
index 89f4dff..d3e81e3 100644
--- a/framework/doc/sealert.8
+++ b/framework/doc/sealert.8
@@ -102,7 +102,7 @@ Start sealert without dbus service as stand alone app
Lookup alert by id, if id is wildcard * then return all alerts
.TP
.B \-a \-\-analyze file
-Scan a log file, analyze its AVC's
+Scan a log file, analyze its AVCs
.TP
.B \-u \-\-user
logon as user
diff --git a/framework/src/config.py.in b/framework/src/config.py.in
index cbb0542..daf9a68 100644
--- a/framework/src/config.py.in
+++ b/framework/src/config.py.in
@@ -184,7 +184,7 @@ the alert's last seen date will be purged first. Zero implies no limit''',
'max_alert_age': {
'value': '',
'description' : '''
-Purge any alerts whose age based on it's last seen date exceeds this threshold.
+Purge any alerts whose age based on its last seen date exceeds this threshold.
Age may be specified as a sequence of integer unit pairs. Units may be one of
year,month,week,day,hour,minute,second and may optionally be plural.
Example: '2 weeks 1 day' sets the threshold at 15 days.
diff --git a/framework/src/sealert b/framework/src/sealert
index bae0c81..2663a21 100755
--- a/framework/src/sealert
+++ b/framework/src/sealert
@@ -598,7 +598,7 @@ if __name__ == '__main__':
parser.add_option("-l", "--lookupid", dest="lookupid", default=False,
help="Lookup alert by id, id may be wildcard * to lookup all alerts")
parser.add_option("-a", "--analyze", dest="analyze", default=False,
- help="Scan a log file, analyze it's AVC's", metavar="FILE")
+ help="Scan a log file, analyze its AVCs", metavar="FILE")
parser.add_option("-u", "--user", dest="user", default=False,
help="logon user name")
parser.add_option("-p", "--password", dest="password", default=False,
diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
index aef0346..771ea15 100755
--- a/framework/src/setroubleshoot/server.py
+++ b/framework/src/setroubleshoot/server.py
@@ -764,7 +764,7 @@ def RunFaultServer(timeout=10):
try:
# FIXME: should this be using our logging objects in log.py?
# currently syslog is only used for putting an alert into
- # the syslog with it's id
+ # the syslog with its id
global pkg_name
syslog.openlog(pkg_name)
--
2.30.2

174
0004-Revert-Replace-pydbus-with-dasbus.patch Normal file
View File

@ -0,0 +1,174 @@
From e0cf9f2e50e8da856ffd511cbbab7ee36a31bb74 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Fri, 10 Dec 2021 15:04:21 +0100
Subject: [PATCH] Revert "Replace pydbus with dasbus"
dasbus is not available in rhel8.
This reverts commit 5290ca0ee06d69102bf2b756e2decc0f8c5b770f.
---
configure.ac | 6 +++---
src/SetroubleshootPrivileged.py | 32 ++++++++++++++------------------
src/seapplet | 21 +++++++++++++--------
src/setroubleshoot/util.py | 9 +++------
4 files changed, 33 insertions(+), 35 deletions(-)
diff --git a/framework/configure.ac b/framework/configure.ac
index d1d0176..e3b7b5a 100644
--- a/framework/configure.ac
+++ b/framework/configure.ac
@@ -65,13 +65,13 @@ else
$python_module_result])
fi
-AC_MSG_CHECKING([for the dasbus python3 module])
-python_module_result=`$PYTHON -c "import dasbus" 2>&1`
+AC_MSG_CHECKING([for the pydbus python3 module])
+python_module_result=`$PYTHON -c "import pydbus" 2>&1`
if test -z "$python_module_result"; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
- AC_MSG_ERROR([cannot import Python3 module dasbus.
+ AC_MSG_ERROR([cannot import Python3 module pydbus.
Please check your Python3 installation. The error was:
$python_module_result])
fi
diff --git a/framework/src/SetroubleshootPrivileged.py b/framework/src/SetroubleshootPrivileged.py
index d2a9ea4..899e687 100644
--- a/framework/src/SetroubleshootPrivileged.py
+++ b/framework/src/SetroubleshootPrivileged.py
@@ -19,23 +19,23 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from gi.repository import GLib
-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
import setroubleshoot.util
import signal
loop = GLib.MainLoop()
class Privileged(object):
- __dbus_xml__ = """
- <node>
- <interface name='org.fedoraproject.SetroubleshootPrivileged'>
- <method name='get_rpm_nvr_by_scontext'>
- <arg type='s' name='scontext' direction='in'/>
- <arg type='s' name='rpmnvr' direction='out'/>
- </method>
- <method name='finish'/>
- </interface>
- </node>
+ """
+ <node>
+ <interface name='org.fedoraproject.SetroubleshootPrivileged'>
+ <method name='get_rpm_nvr_by_scontext'>
+ <arg type='s' name='scontext' direction='in'/>
+ <arg type='s' name='rpmnvr' direction='out'/>
+ </method>
+ <method name='finish'/>
+ </interface>
+ </node>
"""
def __init__(self, timeout=10):
@@ -58,10 +58,6 @@ class Privileged(object):
loop.quit()
if __name__ == "__main__":
- bus = SystemMessageBus()
- try:
- bus.publish_object("/org/fedoraproject/SetroubleshootPrivileged", Privileged())
- bus.register_service("org.fedoraproject.SetroubleshootPrivileged")
- loop.run()
- finally:
- bus.disconnect()
+ bus = SystemBus()
+ bus.publish("org.fedoraproject.SetroubleshootPrivileged", Privileged())
+ loop.run()
diff --git a/framework/src/seapplet b/framework/src/seapplet
index b5f65d1..79b5ef2 100644
--- a/framework/src/seapplet
+++ b/framework/src/seapplet
@@ -26,7 +26,7 @@ from gi.repository import Gtk
gi.require_version('Notify', '0.7')
from gi.repository import Notify
-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
import selinux
import sys
@@ -52,14 +52,13 @@ class SEApplet(GObject.Object):
def __init__(self):
- bus = SystemMessageBus()
- Setroubleshootd = bus.get_proxy(
- 'org.fedoraproject.Setroubleshootd',
- '/org/fedoraproject/Setroubleshootd'
+ bus = SystemBus()
+ self.bus_signal = bus.subscribe(
+ iface='org.fedoraproject.SetroubleshootdIface',
+ signal='alert',
+ signal_fired=self.send_notification
)
- Setroubleshootd.alert.connect(self.send_notification)
-
super(SEApplet, self).__init__()
Notify.init("seapplet")
# lets initialise with the application name
@@ -81,6 +80,11 @@ class SEApplet(GObject.Object):
except:
pass
+ Setroubleshootd = bus.get(
+ 'org.fedoraproject.Setroubleshootd',
+ '/org/fedoraproject/Setroubleshootd'
+ )
+
(count, red) = Setroubleshootd.check_for_new(last_id)
if count > 0:
@@ -115,7 +119,8 @@ class SEApplet(GObject.Object):
launcher.launch(None, context)
self.status_icon.set_visible(False)
- def send_notification(self, *params):
+ def send_notification(self, sender, dobject, iface, signal, params):
+
status_icon = self.__init_status_icon()
status_icon.set_visible(True)
diff --git a/framework/src/setroubleshoot/util.py b/framework/src/setroubleshoot/util.py
index 02c4f75..657c882 100755
--- a/framework/src/setroubleshoot/util.py
+++ b/framework/src/setroubleshoot/util.py
@@ -69,7 +69,7 @@ __all__ = [
import bz2
import six
import datetime
-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
import glob
from gi.repository import GObject
import os
@@ -522,11 +522,8 @@ Finds an SELinux module which defines given SELinux context
"""
if use_dbus:
- bus = SystemMessageBus()
- remote_object = bus.get_proxy(
- "org.fedoraproject.SetroubleshootPrivileged",
- "/org/fedoraproject/SetroubleshootPrivileged"
- )
+ bus = SystemBus()
+ remote_object = bus.get("org.fedoraproject.SetroubleshootPrivileged")
return str(remote_object.get_rpm_nvr_by_scontext(str(scontext)))
else:
context = selinux.context_new(str(scontext))
--
2.30.2

40
0005-Improve-after_first-email-filter-behavior.patch Normal file
View File

@ -0,0 +1,40 @@
From 73d60acf9d4d7ae740d450f9c9a9566dac1c3111 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 3 Feb 2022 18:14:05 +0100
Subject: [PATCH] Improve after_first email filter behavior
after_first used to send 2 emails before it started to filter. The
problem was in the email users were not saved into database when a new
signature was created.
Also we need to skip email users when we evaluated whether send a
desktop notification or not.
---
src/setroubleshoot/server.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
index 771ea15..10ef215 100755
--- a/framework/src/setroubleshoot/server.py
+++ b/framework/src/setroubleshoot/server.py
@@ -220,6 +220,7 @@ class AlertPluginReportReceiver(PluginReportReceiver):
if len(to_addrs):
from setroubleshoot.email_alert import email_alert
email_alert(siginfo, to_addrs)
+ self.database.mark_modified()
log_debug("sending alert to all clients")
@@ -234,6 +235,9 @@ class AlertPluginReportReceiver(PluginReportReceiver):
systemd.journal.send(siginfo.format_text(), OBJECT_PID=pid, SYSLOG_IDENTIFIER=pkg_name)
for u in siginfo.users:
+ if u.username[0:6] == "email:":
+ # skip email users - they were evaluated before
+ continue
action = siginfo.evaluate_filter_for_user(u.username)
if action == "ignore":
return siginfo
--
2.30.2

39843
0006-Update-translations.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1
EMPTY
View File

@ -1 +0,0 @@

1974
setroubleshoot.spec Normal file
View File

File diff suppressed because it is too large Load Diff

1
setroubleshoot.tmpfiles Normal file
View File

@ -0,0 +1 @@
d /run/setroubleshoot 711 setroubleshoot setroubleshoot -

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (setroubleshoot-3.3.26.tar.gz) = e081a07303635e555923956541b6099fdf07c35d352f8f16ce9c131aa7155aaa5cb295919959af2088823400b074d4098a8a59741b09d25ef9ba0c86e45c62be