[setools] - Return None when no records match python setools.sesearch
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 14 18:25:28 UTC 2010
commit 764e7165c1b01a8cfa360dd827778dac00548e7c
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Oct 14 14:25:23 2010 -0400
- Return None when no records match python setools.sesearch
setools-python.patch | 252 ++++++++++++++++++++++++++++++++++++++++----------
setools.spec | 14 +++-
2 files changed, 215 insertions(+), 51 deletions(-)
---
diff --git a/setools-python.patch b/setools-python.patch
index 03596e3..01cb56a 100644
--- a/setools-python.patch
+++ b/setools-python.patch
@@ -1,7 +1,16 @@
-diff -up setools-3.3.6/configure.ac.python setools-3.3.6/configure.ac
---- setools-3.3.6/configure.ac.python 2009-07-22 14:07:35.000000000 -0400
-+++ setools-3.3.6/configure.ac 2009-08-11 13:15:57.000000000 -0400
-@@ -216,6 +216,9 @@ if test "x${enable_jswig}" = xyes; then
+diff -up setools-3.3.7/configure.ac.python setools-3.3.7/configure.ac
+--- setools-3.3.7/configure.ac.python 2010-04-30 10:25:48.000000000 -0400
++++ setools-3.3.7/configure.ac 2010-07-30 15:02:10.000000000 -0400
+@@ -194,7 +194,7 @@ AC_ARG_ENABLE(swig-java,
+ enable_jswig="$enableval")
+ if test "x${enable_jswig}" = xyes; then
+ if test ${do_swigify} = no; then
+- AC_PROG_SWIG(1.3.28)
++ AC_PROG_SWIG(2.0.0)
+ fi
+ AC_JAVA_OPTIONS
+ if test "x$JAVAPREFIX" = x; then
+@@ -216,21 +216,23 @@ if test "x${enable_jswig}" = xyes; then
do_swigify_java=yes
do_swigify=yes
fi
@@ -11,15 +20,33 @@ diff -up setools-3.3.6/configure.ac.python setools-3.3.6/configure.ac
AC_ARG_ENABLE(swig-python,
AC_HELP_STRING([--enable-swig-python],
[build SWIG interfaces for Python]),
-@@ -224,7 +227,6 @@ if test "x${enable_pyswig}" = xyes; then
+ enable_pyswig="$enableval")
+ if test "x${enable_pyswig}" = xyes; then
if test ${do_swigify} = no; then
- AC_PROG_SWIG(1.3.28)
+- AC_PROG_SWIG(1.3.28)
++ AC_PROG_SWIG(2.0.0)
fi
- AM_PATH_PYTHON(2.3)
SWIG_PYTHON
do_swigify_python=yes
do_swigify=yes
-@@ -873,6 +875,8 @@ AC_CONFIG_FILES([Makefile VERSION \
+ fi
+ if test ${do_swigify} = "yes"; then
+- AC_PROG_SWIG(1.3.28)
++ AC_PROG_SWIG(2.0.0)
+ fi
+ build_apol=yes
+ AC_ARG_ENABLE(swig-tcl,
+@@ -239,7 +241,7 @@ AC_ARG_ENABLE(swig-tcl,
+ enable_tclswig="$enableval", enable_tclswig="yes")
+ if test "x${enable_tclswig}" = xyes; then
+ if test ${do_swigify} = no; then
+- AC_PROG_SWIG(1.3.28)
++ AC_PROG_SWIG(2.0.0)
+ fi
+ TEA_INIT(3.5)
+ TEA_PATH_TCLCONFIG
+@@ -888,6 +890,8 @@ AC_CONFIG_FILES([Makefile VERSION \
sediff/Makefile \
man/Makefile \
debian/Makefile \
@@ -28,9 +55,9 @@ diff -up setools-3.3.6/configure.ac.python setools-3.3.6/configure.ac
packages/Makefile packages/rpm/Makefile \
packages/libqpol.pc packages/libapol.pc packages/libpoldiff.pc packages/libseaudit.pc packages/libsefs.pc])
-diff -up setools-3.3.6/Makefile.am.python setools-3.3.6/Makefile.am
---- setools-3.3.6/Makefile.am.python 2008-02-22 14:06:28.000000000 -0500
-+++ setools-3.3.6/Makefile.am 2009-08-11 13:15:57.000000000 -0400
+diff -up setools-3.3.7/Makefile.am.python setools-3.3.7/Makefile.am
+--- setools-3.3.7/Makefile.am.python 2008-02-22 14:06:28.000000000 -0500
++++ setools-3.3.7/Makefile.am 2010-07-30 15:02:10.000000000 -0400
@@ -10,7 +10,7 @@ if BUILD_GUI
endif
# sediffx is also built conditionally, from sediffx/Makefile.am
@@ -40,9 +67,9 @@ diff -up setools-3.3.6/Makefile.am.python setools-3.3.6/Makefile.am
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
-diff -up setools-3.3.6/Makefile.in.python setools-3.3.6/Makefile.in
---- setools-3.3.6/Makefile.in.python 2009-07-22 14:08:36.000000000 -0400
-+++ setools-3.3.6/Makefile.in 2009-08-11 15:14:56.000000000 -0400
+diff -up setools-3.3.7/Makefile.in.python setools-3.3.7/Makefile.in
+--- setools-3.3.7/Makefile.in.python 2010-05-12 10:01:09.000000000 -0400
++++ setools-3.3.7/Makefile.in 2010-07-30 15:02:47.000000000 -0400
@@ -79,7 +79,7 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGE
ETAGS = etags
CTAGS = ctags
@@ -52,7 +79,7 @@ diff -up setools-3.3.6/Makefile.in.python setools-3.3.6/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
-@@ -384,7 +384,7 @@ AUTOMAKE_OPTIONS = dist-bzip2
+@@ -385,7 +385,7 @@ AUTOMAKE_OPTIONS = dist-bzip2
@BUILD_APOL_TRUE at MAYBE_APOL = apol
@BUILD_GUI_TRUE at MAYBE_GUI = seaudit
# sediffx is also built conditionally, from sediffx/Makefile.am
@@ -61,16 +88,16 @@ diff -up setools-3.3.6/Makefile.in.python setools-3.3.6/Makefile.in
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
-diff -up /dev/null setools-3.3.6/python/Makefile.am
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/Makefile.am 2009-08-11 15:12:36.000000000 -0400
+diff -up setools-3.3.7/python/Makefile.am.python setools-3.3.7/python/Makefile.am
+--- setools-3.3.7/python/Makefile.am.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/Makefile.am 2010-07-30 15:02:10.000000000 -0400
@@ -0,0 +1 @@
+SUBDIRS = setools
-diff -up /dev/null setools-3.3.6/python/Makefile.in
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/Makefile.in 2009-08-11 15:14:56.000000000 -0400
-@@ -0,0 +1,715 @@
-+# Makefile.in generated by automake 1.11 from Makefile.am.
+diff -up setools-3.3.7/python/Makefile.in.python setools-3.3.7/python/Makefile.in
+--- setools-3.3.7/python/Makefile.in.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/Makefile.in 2010-07-30 15:02:46.000000000 -0400
+@@ -0,0 +1,716 @@
++# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -249,6 +276,7 @@ diff -up /dev/null setools-3.3.6/python/Makefile.in
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
++PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIXBUF_CFLAGS = @PIXBUF_CFLAGS@
@@ -482,7 +510,7 @@ diff -up /dev/null setools-3.3.6/python/Makefile.in
+# (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
-+ @failcom='exit 1'; \
++ @fail= failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
@@ -507,7 +535,7 @@ diff -up /dev/null setools-3.3.6/python/Makefile.in
+ fi; test -z "$$fail"
+
+$(RECURSIVE_CLEAN_TARGETS):
-+ @failcom='exit 1'; \
++ @fail= failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
@@ -785,10 +813,10 @@ diff -up /dev/null setools-3.3.6/python/Makefile.in
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-diff -up /dev/null setools-3.3.6/python/setools/__init__.py
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/__init__.py 2009-08-11 13:15:57.000000000 -0400
-@@ -0,0 +1,49 @@
+diff -up setools-3.3.7/python/setools/__init__.py.python setools-3.3.7/python/setools/__init__.py
+--- setools-3.3.7/python/setools/__init__.py.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/__init__.py 2010-08-03 15:52:27.000000000 -0400
+@@ -0,0 +1,50 @@
+#!/usr/bin/env python
+
+# Author: Thomas Liu <tliu at redhat.com>
@@ -800,6 +828,7 @@ diff -up /dev/null setools-3.3.6/python/setools/__init__.py
+TYPE = _seinfo.TYPE
+ROLE = _seinfo.ROLE
+ATTRIBUTE = _seinfo.ATTRIBUTE
++PORT = _seinfo.PORT
+USER = _seinfo.USER
+
+ALLOW = 'allow'
@@ -838,9 +867,9 @@ diff -up /dev/null setools-3.3.6/python/setools/__init__.py
+def seinfo(setype, name=None):
+ dict_list = _seinfo.seinfo(setype, name)
+ return dict_list
-diff -up /dev/null setools-3.3.6/python/setools/Makefile.am
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/Makefile.am 2009-08-11 17:17:15.000000000 -0400
+diff -up setools-3.3.7/python/setools/Makefile.am.python setools-3.3.7/python/setools/Makefile.am
+--- setools-3.3.7/python/setools/Makefile.am.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/Makefile.am 2010-07-30 15:02:10.000000000 -0400
@@ -0,0 +1,36 @@
+EXTRA_DIST = \
+ sesearch.c \
@@ -878,11 +907,11 @@ diff -up /dev/null setools-3.3.6/python/setools/Makefile.am
+ $(PYTHON) setup.py clean -a
+ rm -f *~
+
-diff -up /dev/null setools-3.3.6/python/setools/Makefile.in
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/Makefile.in 2009-08-11 17:17:18.000000000 -0400
-@@ -0,0 +1,549 @@
-+# Makefile.in generated by automake 1.11 from Makefile.am.
+diff -up setools-3.3.7/python/setools/Makefile.in.python setools-3.3.7/python/setools/Makefile.in
+--- setools-3.3.7/python/setools/Makefile.in.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/Makefile.in 2010-07-30 15:02:46.000000000 -0400
+@@ -0,0 +1,550 @@
++# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -1021,6 +1050,7 @@ diff -up /dev/null setools-3.3.6/python/setools/Makefile.in
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
++PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PIXBUF_CFLAGS = @PIXBUF_CFLAGS@
@@ -1431,10 +1461,10 @@ diff -up /dev/null setools-3.3.6/python/setools/Makefile.in
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-diff -up /dev/null setools-3.3.6/python/setools/seinfo.c
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/seinfo.c 2009-08-11 16:31:05.000000000 -0400
-@@ -0,0 +1,649 @@
+diff -up setools-3.3.7/python/setools/seinfo.c.python setools-3.3.7/python/setools/seinfo.c
+--- setools-3.3.7/python/setools/seinfo.c.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/seinfo.c 2010-08-03 18:07:17.000000000 -0400
+@@ -0,0 +1,769 @@
+/**
+ * @file
+ * Command line tool to search TE rules.
@@ -1492,7 +1522,7 @@ diff -up /dev/null setools-3.3.6/python/setools/seinfo.c
+
+enum input
+{
-+ TYPE, ATTRIBUTE, ROLE, USER
++ TYPE, ATTRIBUTE, ROLE, USER, PORT,
+};
+
+/**
@@ -1902,6 +1932,122 @@ diff -up /dev/null setools-3.3.6/python/setools/seinfo.c
+}
+
+/**
++ * Get statistics regarding a policy's ports.
++ * If this function is given a name, it will attempt to
++ * get statistics about a particular port; otherwise
++ * the function get statistics about all of the policy's ports.
++ *
++ * @param name Reference to an port's name; if NULL,
++ * all ports will be considered
++ * @param policydb Reference to a policy
++ *
++ * @return 0 on success, < 0 on error.
++ */
++static PyObject* get_ports(const char *num, const apol_policy_t * policydb)
++{
++ PyObject *list = PyList_New(0);
++ int retval = -1;
++ const qpol_portcon_t *portcon = NULL;
++ qpol_iterator_t *iter = NULL;
++ uint16_t low_port, high_port;
++ uint8_t ocon_proto;
++ qpol_policy_t *q = apol_policy_get_qpol(policydb);
++ const qpol_context_t *ctxt = NULL;
++ const char *proto_str;
++ PyObject *dict;
++ const char *type = NULL;
++ const apol_mls_range_t *range = NULL;
++ char *range_str = NULL;
++ PyObject *obj = NULL;
++ apol_context_t *c = NULL;
++
++ if (qpol_policy_get_portcon_iter(q, &iter))
++ goto cleanup;
++
++ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
++ if (qpol_iterator_get_item(iter, (void **)&portcon))
++ goto cleanup;
++ if (qpol_portcon_get_low_port(q, portcon, &low_port))
++ goto cleanup;
++ if (qpol_portcon_get_high_port(q, portcon, &high_port))
++ goto cleanup;
++ if (qpol_portcon_get_protocol(q, portcon, &ocon_proto))
++ goto cleanup;
++ if (num) {
++ if (atoi(num) < low_port || atoi(num) > high_port)
++ continue;
++ }
++
++ if ((ocon_proto != IPPROTO_TCP) &&
++ (ocon_proto != IPPROTO_UDP))
++ goto cleanup;
++
++ if (qpol_portcon_get_context(q, portcon, &ctxt)) {
++ PyErr_SetString(PyExc_RuntimeError, "Could not get for port context.");
++ goto cleanup;
++ }
++
++ if ((proto_str = apol_protocol_to_str(ocon_proto)) == NULL) {
++ PyErr_SetString(PyExc_RuntimeError, "Invalid protocol for port");
++ goto cleanup;
++ }
++
++ if ((c = apol_context_create_from_qpol_context(policydb, ctxt)) == NULL) {
++ goto cleanup;
++ }
++
++ if((type = apol_context_get_type(c)) == NULL) {
++ apol_context_destroy(&c);
++ goto cleanup;
++ }
++
++ dict = PyDict_New();
++ obj = PyString_FromString(type);
++ PyDict_SetItemString(dict, "type", obj);
++ Py_DECREF(obj);
++
++ if((range = apol_context_get_range(c)) == NULL) {
++ goto cleanup;
++ }
++
++ range_str = apol_mls_range_render(policydb, range);
++ if (range_str == NULL) {
++ goto cleanup;
++ }
++ obj = PyString_FromString(range_str);
++ PyDict_SetItemString(dict, "range", obj);
++ Py_DECREF(obj);
++
++ obj = PyString_FromString(proto_str);
++ PyDict_SetItemString(dict, "protocol", obj);
++ Py_DECREF(obj);
++
++ obj = PyInt_FromLong(high_port);
++ PyDict_SetItemString(dict, "high", obj);
++ Py_DECREF(obj);
++
++ obj = PyInt_FromLong(low_port);
++ PyDict_SetItemString(dict, "low", obj);
++ Py_DECREF(obj);
++
++ PyList_Append(list, dict);
++ Py_DECREF(dict);
++ }
++ retval = 0;
++ cleanup:
++ free(range_str);
++ apol_context_destroy(&c);
++ qpol_iterator_destroy(&iter);
++
++ if (retval) {
++ Py_DECREF(list);
++ PyErr_SetString(PyExc_RuntimeError,strerror(errno));
++ return NULL;
++ }
++ return list;
++}
++
++/**
+ * Get statistics regarding a policy's roles.
+ * If this function is given a name, it will attempt to
+ * get statistics about a particular role; otherwise
@@ -2055,6 +2201,9 @@ diff -up /dev/null setools-3.3.6/python/setools/seinfo.c
+ if (type == USER)
+ output = get_users(name, policydb);
+
++ if (type == PORT)
++ output = get_ports(name, policydb);
++
+ apol_policy_destroy(&policydb);
+ apol_policy_path_destroy(&pol_path);
+ return output;
@@ -2080,14 +2229,15 @@ diff -up /dev/null setools-3.3.6/python/setools/seinfo.c
+ PyObject *m;
+ m = Py_InitModule("_seinfo", methods);
+ PyModule_AddIntConstant(m, "ATTRIBUTE", ATTRIBUTE);
++ PyModule_AddIntConstant(m, "PORT", PORT);
+ PyModule_AddIntConstant(m, "ROLE", ROLE);
+ PyModule_AddIntConstant(m, "TYPE", TYPE);
+ PyModule_AddIntConstant(m, "USER", USER);
+}
-diff -up /dev/null setools-3.3.6/python/setools/sesearch.c
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/sesearch.c 2009-08-11 16:31:05.000000000 -0400
-@@ -0,0 +1,477 @@
+diff -up setools-3.3.7/python/setools/sesearch.c.python setools-3.3.7/python/setools/sesearch.c
+--- setools-3.3.7/python/setools/sesearch.c.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/sesearch.c 2010-10-14 11:04:53.000000000 -0400
+@@ -0,0 +1,479 @@
+// Author: Thomas Liu <tliu at redhat.com>
+
+/**
@@ -2506,6 +2656,7 @@ diff -up /dev/null setools-3.3.6/python/setools/sesearch.c
+ goto cleanup;
+ }
+ if (v) {
++ printf("Dan 1\n");
+ output = get_av_results(policy, &cmd_opts, v);
+ }
+ apol_vector_destroy(&v);
@@ -2521,8 +2672,9 @@ diff -up /dev/null setools-3.3.6/python/setools/sesearch.c
+ free(cmd_opts.tgt_role_name);
+ apol_vector_destroy(&cmd_opts.perm_vector);
+ apol_vector_destroy(&cmd_opts.class_vector);
-+
-+ return output;
++
++ if (output) return output;
++ return Py_None;
+}
+static int Dict_ContainsInt(PyObject *dict, const char *key){
+ PyObject *item = PyDict_GetItemString(dict, key);
@@ -2565,9 +2717,9 @@ diff -up /dev/null setools-3.3.6/python/setools/sesearch.c
+ PyObject *m;
+ m = Py_InitModule("_sesearch", methods);
+}
-diff -up /dev/null setools-3.3.6/python/setools/setup.py
---- /dev/null 2009-08-08 15:30:39.325298375 -0400
-+++ setools-3.3.6/python/setools/setup.py 2009-08-11 17:29:42.000000000 -0400
+diff -up setools-3.3.7/python/setools/setup.py.python setools-3.3.7/python/setools/setup.py
+--- setools-3.3.7/python/setools/setup.py.python 2010-07-30 15:02:10.000000000 -0400
++++ setools-3.3.7/python/setools/setup.py 2010-07-30 15:02:10.000000000 -0400
@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+
diff --git a/setools.spec b/setools.spec
index 910778b..6d8e2b6 100644
--- a/setools.spec
+++ b/setools.spec
@@ -5,7 +5,7 @@
Name: setools
Version: %{setools_maj_ver}.%{setools_min_ver}
-Release: 4%{?dist}
+Release: 8%{?dist}
License: GPLv2
URL: http://oss.tresys.com/projects/setools
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -353,6 +353,18 @@ rm -rf ${RPM_BUILD_ROOT}
%postun libs-tcl -p /sbin/ldconfig
%changelog
+* Thu Oct 14 2010 Dan Walsh <dwalsh at redhat.com> 3.3.6-8
+- Return None when no records match python setools.sesearch
+
+* Thu Aug 19 2010 Dan Walsh <dwalsh at redhat.com> 3.3.6-7
+- Add range to ports in seinfo python
+
+* Tue Aug 3 2010 Dan Walsh <dwalsh at redhat.com> 3.3.6-6
+- Return range with ports
+
+* Tue Aug 3 2010 Dan Walsh <dwalsh at redhat.com> 3.3.6-5
+- Add port support to setools python
+
* Mon Jul 26 2010 David Malcolm <dmalcolm at redhat.com> - 3.3.7-4
- fixup configure.ac to expect SWIG 2.0.0; bump the python version to 2.7 in
patch 1
More information about the scm-commits
mailing list