diff --git a/.gitignore b/.gitignore index 22b1b71..0ebaafd 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/setroubleshoot-3.3.22.tar.gz +SOURCES/setroubleshoot-3.3.24.tar.gz diff --git a/.setroubleshoot.metadata b/.setroubleshoot.metadata index 2c00d46..24c58b9 100644 --- a/.setroubleshoot.metadata +++ b/.setroubleshoot.metadata @@ -1 +1 @@ -8ab402c866d3120ca6e4d9a0d8c1429693a33e3d SOURCES/setroubleshoot-3.3.22.tar.gz +d0ea80b5f1af32ae7f424e03b3d9f11c23aac1ed SOURCES/setroubleshoot-3.3.24.tar.gz diff --git a/SOURCES/0001-framework-sepolicy.info-returns-a-generator-not-a-li.patch b/SOURCES/0001-framework-sepolicy.info-returns-a-generator-not-a-li.patch deleted file mode 100644 index 28abd29..0000000 --- a/SOURCES/0001-framework-sepolicy.info-returns-a-generator-not-a-li.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 2b40f9e254ee2514a5ca113620b6761c0a1d2ae6 Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Sat, 11 Jan 2020 10:19:25 +0100 -Subject: [PATCH] framework: sepolicy.info() returns a generator, not a list - -Fixes: - $ sealert -a ./short.log - 100% done'generator' object is not subscriptable ---- - framework/src/setroubleshoot/audit_data.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/framework/src/setroubleshoot/audit_data.py b/framework/src/setroubleshoot/audit_data.py -index 66986a7adfb0..6f0e1e8166ac 100644 ---- a/framework/src/setroubleshoot/audit_data.py -+++ b/framework/src/setroubleshoot/audit_data.py -@@ -713,7 +713,7 @@ class AVC: - types = wtypes - for t in types: - if t in all_attributes: -- wtypes.extend(info(ATTRIBUTE, t)[0]["types"]) -+ wtypes.extend(next(info(ATTRIBUTE, t))["types"]) - - for t in wtypes: - if t in all_types: --- -2.23.0 - diff --git a/SOURCES/0002-framework-Log-plugin-exception-traceback-when-log-le.patch b/SOURCES/0002-framework-Log-plugin-exception-traceback-when-log-le.patch deleted file mode 100644 index 3b88f6e..0000000 --- a/SOURCES/0002-framework-Log-plugin-exception-traceback-when-log-le.patch +++ /dev/null @@ -1,40 +0,0 @@ -From fc7aad6d9df91eba2445eac53e09372d844f5fd3 Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Sat, 11 Jan 2020 20:34:22 +0100 -Subject: [PATCH] framework: Log plugin exception traceback when log level is - DEBUG - -Use the following setting to enable traceback logging when there's a 'Plugin -Exception'. - -/etc/setroubleshoot/setroubleshoot.conf: -[sealert_log] -level = debug ---- - framework/src/setroubleshoot/analyze.py | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/framework/src/setroubleshoot/analyze.py b/framework/src/setroubleshoot/analyze.py -index e16a47a3791f..43b2484be353 100644 ---- a/framework/src/setroubleshoot/analyze.py -+++ b/framework/src/setroubleshoot/analyze.py -@@ -33,6 +33,7 @@ from gi.repository import GObject, GLib - import os - import time - import threading -+import traceback - from stat import * - import sys - from functools import cmp_to_key -@@ -213,6 +214,8 @@ class Analyze(object): - except Exception as e: - print(e, file=sys.stderr) - syslog.syslog(syslog.LOG_ERR, "Plugin Exception %s " % plugin.analysis_id) -+ (v1, v2, v3) = sys.exc_info() -+ log_debug(join(traceback.format_tb(v3))) - self.plugins.remove(plugin) - - report_receiver.report_problem(siginfo) --- -2.23.0 - diff --git a/SPECS/setroubleshoot.spec b/SPECS/setroubleshoot.spec index a0d7d51..ff31792 100644 --- a/SPECS/setroubleshoot.spec +++ b/SPECS/setroubleshoot.spec @@ -1,14 +1,13 @@ Summary: Helps troubleshoot SELinux problems Name: setroubleshoot -Version: 3.3.22 -Release: 2%{?dist} +Version: 3.3.24 +Release: 1%{?dist} License: GPLv2+ URL: https://pagure.io/setroubleshoot Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz Source1: %{name}.tmpfiles -# git format-patch -N setroubleshoot-3.3.22 -- framework -Patch0001: 0001-framework-sepolicy.info-returns-a-generator-not-a-li.patch -Patch0002: 0002-framework-Log-plugin-exception-traceback-when-log-le.patch +# git format-patch -N setroubleshoot-3.3.24 -- framework +# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done BuildRequires: gcc BuildRequires: libcap-ng-devel BuildRequires: intltool gettext python3 python3-devel @@ -62,6 +61,7 @@ to user preference. The same tools can be run on existing log files. %autosetup -p 2 %build +autoreconf -f %configure PYTHON=%{__python3} --enable-seappletlegacy=yes --with-auditpluginsdir=/etc/audit/plugins.d make @@ -104,7 +104,7 @@ BuildRequires: python3-devel Requires: python3-slip-dbus systemd-python3 >= 206-1 Requires: python3-gobject >= 3.11 Requires: dbus -Requires: python3-dbus +Requires: python3-dbus python3-pydbus Requires: polkit Requires: initscripts Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd @@ -173,10 +173,11 @@ chown -R setroubleshoot:setroubleshoot %{pkgvardatadir} %{pkgpythondir}/__pycache__/uuid.cpython* %{pkgpythondir}/__pycache__/xml_serialize.cpython* %dir %{pkgdatadir} -%{pkgdatadir}/SetroubleshootFixit.py* -%{pkgdatadir}/updater.py* +%{pkgdatadir}/SetroubleshootFixit.py +%{pkgdatadir}/SetroubleshootPrivileged.py %config(noreplace) %{pkgconfigdir}/%{name}.conf %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.Setroubleshootd.conf +%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootPrivileged.conf %attr(0700,setroubleshoot,setroubleshoot) %dir %{pkgvardatadir} %ghost %attr(0600,setroubleshoot,setroubleshoot) %{pkgdatabase} %ghost %attr(0600,setroubleshoot,setroubleshoot) %{pkgvardatadir}/email_alert_recipients @@ -186,6 +187,7 @@ chown -R setroubleshoot:setroubleshoot %{pkgvardatadir} %{_mandir}/man8/setroubleshootd.8.gz %config /etc/audit/plugins.d/sedispatch.conf %{_datadir}/dbus-1/system-services/org.fedoraproject.Setroubleshootd.service +%{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootPrivileged.service %{_datadir}/polkit-1/actions/org.fedoraproject.setroubleshootfixit.policy %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootFixit.conf %{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootFixit.service @@ -206,6 +208,32 @@ SELinux troubleshoot legacy applet %{_bindir}/seappletlegacy %changelog +* Wed Aug 12 2020 Vit Mojzis - 3.3.24-1 +- Add 'fur' into shipped locales +- Update translations (#1820570) +- Log full reports with correct syslog identifier +- Cancel pending alarm during AVC analyses + +* Mon Apr 27 2020 Vit Mojzis - 3.3.23-1 +- browser: Check return value of Gdk.Screen().get_default() (#1574434) +- Improve and unify error messages (#1763982) +- setroubleshoot.util: Catch exceptions from sepolicy import +- Add dpkg support +- Do not refer to hardcoded selinux-policy rpm in signature +- Make date/time format locale specific (#1812674) +- Improve speed of plugin evaluation (#1794807) +- Do not try to report a bug on None package +- sealert: Drop unused import slib.dbus.service +- Drop updater.py - it's not used and doesn't work +- root user doesn't need to use SetroubleshootPrivileged API +- Use pydbus, a modern Python dbus API, for SetroubleshootPrivileged +- Report bug on a package which owns the related SELinux domain (#1811644) + https://pagure.io/setroubleshoot/issue/18 +- Add Local SELinux policy package version to analyses reports +- setroubleshoot.utils.get_rpm_nvr_by_scontext add option to use DBUS method +- Export setroubleshoot.utils.get_rpm_nvr_by_scontext via DBUS +- setroubleshoot.util: get_rpm_nvr_by_type() and get_rpm_nvr_by_scontext() + * Sat Jan 11 2020 Petr Lautrbach - 3.3.22-2 - Log plugin exception traceback when log level is DEBUG - sepolicy.info() returns a generator, not a list (#1784564)