From e22a60e70fcafd9f1b3b1ae2fb0d8dcc2a24ed3b Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 15 Apr 2021 11:46:34 +0200
Subject: [PATCH] setroubleshoot-3.3.26

- Fix plugin exception reporting
- Update translations
- Stop SetroubleshootFixit after 10 seconds of inactivity
- Do not use Python slip package

Resolves: rhbz#1949834
---
 .gitignore                                    |   1 +
 ...ootFixit-after-10-seconds-of-inactiv.patch |  45 ++++++++
 0002-Do-not-use-Python-slip-package.patch     | 103 ++++++++++++++++++
 setroubleshoot.spec                           |  14 ++-
 sources                                       |   2 +-
 5 files changed, 161 insertions(+), 4 deletions(-)
 create mode 100644 0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
 create mode 100644 0002-Do-not-use-Python-slip-package.patch

diff --git a/.gitignore b/.gitignore
index 737545d..d0bc9e3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -210,3 +210,4 @@ setroubleshoot-2.2.93.tar.gz
 /setroubleshoot-3.3.23.tar.gz
 /setroubleshoot-3.3.24.tar.gz
 /setroubleshoot-3.3.25.tar.gz
+/setroubleshoot-3.3.26.tar.gz
diff --git a/0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch b/0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
new file mode 100644
index 0000000..99630bc
--- /dev/null
+++ b/0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
@@ -0,0 +1,45 @@
+From 56cf1525b5ebeb3591d4a3ded5299fe82d0f9208 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Wed, 14 Apr 2021 17:03:39 +0200
+Subject: [PATCH] Stop SetroubleshootFixit after 10 seconds of inactivity
+
+---
+ framework/src/SetroubleshootFixit.py | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
+index 15c6cab1cda4..f7cbf95f182f 100644
+--- a/framework/src/SetroubleshootFixit.py
++++ b/framework/src/SetroubleshootFixit.py
+@@ -7,6 +7,7 @@ from gi.repository import GLib
+ import slip.dbus.service
+ from slip.dbus import polkit
+ import os
++import signal
+ 
+ 
+ class RunFix(slip.dbus.service.Object):
+@@ -14,12 +15,20 @@ class RunFix(slip.dbus.service.Object):
+ 
+     def __init__(self, *p, **k):
+         super(RunFix, self).__init__(*p, **k)
++        self.timeout = 10
++        self.alarm(self.timeout)
++
++    def alarm(self, timeout=10):
++        signal.alarm(timeout)
++
+ 
+     @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
+     def run_fix(self, local_id, analysis_id):
+         import subprocess
++        self.alarm(0)
+         command = ["sealert", "-f", local_id, "-P", analysis_id]
+         return subprocess.check_output(command, universal_newlines=True)
++        self.alarm(self.timeout)
+ 
+ if __name__ == "__main__":
+     mainloop = GLib.MainLoop()
+-- 
+2.31.1
+
diff --git a/0002-Do-not-use-Python-slip-package.patch b/0002-Do-not-use-Python-slip-package.patch
new file mode 100644
index 0000000..81dff13
--- /dev/null
+++ b/0002-Do-not-use-Python-slip-package.patch
@@ -0,0 +1,103 @@
+From 65145c512908badc45fbab8f3b329e9923b42fb1 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Wed, 14 Apr 2021 17:04:59 +0200
+Subject: [PATCH] Do not use Python slip package
+
+It's not maintained anymore and it allows us to drop dependency on
+Python slip package
+
+Use DBUS polkit interface instead -
+https://www.freedesktop.org/software/polkit/docs/latest/eggdbus-interface-org.freedesktop.PolicyKit1.Authority.html
+---
+ framework/src/SetroubleshootFixit.py    | 35 ++++++++++++++++++-------
+ framework/src/setroubleshoot/browser.py |  3 ---
+ 2 files changed, 25 insertions(+), 13 deletions(-)
+
+diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
+index f7cbf95f182f..ab0ad2bf632c 100644
+--- a/framework/src/SetroubleshootFixit.py
++++ b/framework/src/SetroubleshootFixit.py
+@@ -4,13 +4,11 @@ import dbus
+ import dbus.service
+ import dbus.mainloop.glib
+ from gi.repository import GLib
+-import slip.dbus.service
+-from slip.dbus import polkit
+ import os
+ import signal
++import subprocess
+ 
+-
+-class RunFix(slip.dbus.service.Object):
++class RunFix(dbus.service.Object):
+     default_polkit_auth_required = "org.fedoraproject.setroubleshootfixit.write"
+ 
+     def __init__(self, *p, **k):
+@@ -21,14 +19,32 @@ class RunFix(slip.dbus.service.Object):
+     def alarm(self, timeout=10):
+         signal.alarm(timeout)
+ 
+-
+-    @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
+-    def run_fix(self, local_id, analysis_id):
+-        import subprocess
++    def is_authorized(self, sender):
++        bus = dbus.SystemBus()
++
++        proxy = bus.get_object('org.freedesktop.PolicyKit1', '/org/freedesktop/PolicyKit1/Authority')
++        authority = dbus.Interface(proxy, dbus_interface='org.freedesktop.PolicyKit1.Authority')
++        subject = ('system-bus-name', {'name' : sender})
++        action_id = 'org.fedoraproject.setroubleshootfixit.write'
++        details = {}
++        flags = 1            # AllowUserInteraction flag
++        cancellation_id = '' # No cancellation id
++        result = authority.CheckAuthorization(subject, action_id, details, flags, cancellation_id)
++        return result[0]
++
++    @dbus.service.method("org.fedoraproject.SetroubleshootFixit", sender_keyword="sender", in_signature='ss', out_signature='s')
++    def run_fix(self, local_id, analysis_id, sender):
+         self.alarm(0)
+         command = ["sealert", "-f", local_id, "-P", analysis_id]
+-        return subprocess.check_output(command, universal_newlines=True)
++
++        if self.is_authorized(sender):
++            result = subprocess.check_output(command, universal_newlines=True)
++        else:
++            result = "Authorization failed"
++
+         self.alarm(self.timeout)
++        return result
++
+ 
+ if __name__ == "__main__":
+     mainloop = GLib.MainLoop()
+@@ -36,5 +52,4 @@ if __name__ == "__main__":
+     system_bus = dbus.SystemBus()
+     name = dbus.service.BusName("org.fedoraproject.SetroubleshootFixit", system_bus)
+     object = RunFix(system_bus, "/org/fedoraproject/SetroubleshootFixit/object")
+-    slip.dbus.service.set_mainloop(mainloop)
+     mainloop.run()
+diff --git a/framework/src/setroubleshoot/browser.py b/framework/src/setroubleshoot/browser.py
+index 2d37bb43df02..3203f75e0c17 100644
+--- a/framework/src/setroubleshoot/browser.py
++++ b/framework/src/setroubleshoot/browser.py
+@@ -65,8 +65,6 @@ from setroubleshoot.util import *
+ from setroubleshoot.html_util import html_to_text
+ import re
+ import dbus
+-import slip.dbus.service
+-from slip.dbus import polkit
+ import report
+ import report.io
+ import report.io.GTKIO
+@@ -933,7 +931,6 @@ class DBusProxy (object):
+         self.bus = dbus.SystemBus()
+         self.dbus_object = self.bus.get_object("org.fedoraproject.SetroubleshootFixit", "/org/fedoraproject/SetroubleshootFixit/object")
+ 
+-    @polkit.enable_proxy
+     def run_fix(self, local_id, plugin_name):
+         return self.dbus_object.run_fix(local_id, plugin_name, dbus_interface="org.fedoraproject.SetroubleshootFixit")
+ 
+-- 
+2.31.1
+
diff --git a/setroubleshoot.spec b/setroubleshoot.spec
index 10cfa1a..7f3ffe9 100644
--- a/setroubleshoot.spec
+++ b/setroubleshoot.spec
@@ -3,14 +3,16 @@
 
 Summary: Helps troubleshoot SELinux problems
 Name: setroubleshoot
-Version: 3.3.25
+Version: 3.3.26
 Release: 1%{?dist}
 License: GPLv2+
 URL: https://pagure.io/setroubleshoot
 Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
 Source1: %{name}.tmpfiles
-# git format-patch -N setroubleshoot-3.3.24 -- framework
+# git format-patch -N setroubleshoot-3.3.26 -- framework
 # i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
+Patch0001: 0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
+Patch0002: 0002-Do-not-use-Python-slip-package.patch
 BuildRequires: gcc
 BuildRequires: make
 BuildRequires: libcap-ng-devel
@@ -95,7 +97,7 @@ Requires: libselinux-python3  >= 2.1.5-1
 Requires: policycoreutils-python-utils
 BuildRequires: intltool gettext python3
 BuildRequires: python3-devel
-Requires: python3-slip-dbus systemd-python3 >= 206-1
+Requires: systemd-python3 >= 206-1
 Requires: python3-gobject-base >= 3.11
 Requires: dbus
 Requires: python3-dbus python3-dasbus
@@ -188,6 +190,12 @@ chown -R setroubleshoot:setroubleshoot %{pkgvardatadir}
 %doc AUTHORS COPYING ChangeLog DBUS.md NEWS README TODO
 
 %changelog
+* Thu Apr 15 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.26-1
+- Fix plugin exception reporting
+- Update translations
+- Stop SetroubleshootFixit after 10 seconds of inactivity
+- Do not use Python slip package
+
 * Wed Mar 10 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.25-1
 - Use Python dasbus instead of pydbus
 - Optimize get_rpm_nvr_by_type by adding a cache
diff --git a/sources b/sources
index bc05194..14df6fa 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (setroubleshoot-3.3.25.tar.gz) = cbac9ef9ccbc192e8043a606366bda7c26989e2b144b619d78dd2cf8ed9a22844e509cd8666392f6cca5c6e37421d04745a731a34e073a54c2e857932c9e93e0
+SHA512 (setroubleshoot-3.3.26.tar.gz) = e081a07303635e555923956541b6099fdf07c35d352f8f16ce9c131aa7155aaa5cb295919959af2088823400b074d4098a8a59741b09d25ef9ba0c86e45c62be