[policycoreutils] - Polgengui raises the wrong type of exception. #471078 - Change semanage to not allow it to semana
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Jan 4 22:23:38 UTC 2011
commit 448a84b06ad5de2e8caf3c3822204c377542c8d4
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Jan 4 17:23:27 2011 -0500
- Polgengui raises the wrong type of exception. #471078
- Change semanage to not allow it to semanage module -D
policycoreutils-gui.patch | 158 ++++++++++++++++++++++----------------------
policycoreutils-rhat.patch | 138 +++++++++++++++++++++-----------------
policycoreutils.spec | 4 +
3 files changed, 158 insertions(+), 142 deletions(-)
---
diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index 16c7242..497dc74 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.83/gui/booleansPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.85/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/booleansPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/booleansPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,247 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.83/gui/domainsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.85/gui/domainsPage.py
--- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/domainsPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/domainsPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc.
@@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.83/gui/fcontextPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.85/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/fcontextPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.83/gui/html_util.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.85/gui/html_util.py
--- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/html_util.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/html_util.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis at redhat.com>
+#
@@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
+ doc += tail
+ return doc
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.83/gui/lockdown.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.85/gui/lockdown.glade
--- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.glade 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/lockdown.glade 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+</widget>
+
+</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.83/gui/lockdown.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.85/gui/lockdown.gladep
--- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/lockdown.gladep 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -1588,9 +1588,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.83/gui/lockdown.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.85/gui/lockdown.py
--- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/lockdown.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,382 @@
+#!/usr/bin/python -Es
+#
@@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+
+ app = booleanWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.83/gui/loginsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.85/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/loginsPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/loginsPage.py 2011-01-04 17:02:41.000000000 -0500
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.83/gui/Makefile
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.85/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/Makefile 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/Makefile 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,40 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -2207,9 +2207,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+indent:
+
+relabel:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.83/gui/mappingsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.85/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/mappingsPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2267,9 +2267,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.83/gui/modulesPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.85/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/modulesPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/modulesPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -2461,9 +2461,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.83/gui/polgen.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.85/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.glade 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/polgen.glade 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,3305 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -5770,9 +5770,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+</widget>
+
+</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.83/gui/polgen.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.85/gui/polgen.gladep
--- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.gladep 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/polgen.gladep 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -5781,9 +5781,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.85/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgengui.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/polgengui.py 2011-01-04 17:02:52.000000000 -0500
@@ -0,0 +1,657 @@
+#!/usr/bin/python -Es
+#
@@ -6119,7 +6119,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ if self.existing_user_radiobutton.get_active():
+ store, iter = self.existing_user_treeview.get_selection().get_selected()
+ if iter == None:
-+ raise(_("You must select a user"))
++ raise ValueError(_("You must select a user"))
+ return store.get_value(iter, 0)
+ else:
+ return self.name_entry.get_text()
@@ -6442,9 +6442,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+
+ app = childWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.85/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/polgen.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,1311 @@
+#!/usr/bin/python -Es
+#
@@ -7757,9 +7757,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.exit(0)
+ except ValueError, e:
+ usage(e)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.83/gui/portsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.85/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/portsPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/portsPage.py 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8020,9 +8020,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.83/gui/selinux.tbl
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.85/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/selinux.tbl 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/selinux.tbl 2010-12-21 16:16:39.000000000 -0500
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -8258,9 +8258,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.83/gui/semanagePage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.85/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/semanagePage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/semanagePage.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8430,9 +8430,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.83/gui/statusPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.85/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/statusPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/statusPage.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,190 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -8624,9 +8624,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.83/gui/system-config-selinux.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.85/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/system-config-selinux.glade 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,3024 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -11652,9 +11652,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</widget>
+
+</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.83/gui/system-config-selinux.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.85/gui/system-config-selinux.gladep
--- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/system-config-selinux.gladep 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -11663,9 +11663,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.83/gui/system-config-selinux.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.85/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/system-config-selinux.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,187 @@
+#!/usr/bin/python -Es
+#
@@ -11854,9 +11854,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+
+ app = childWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.83/gui/templates/boolean.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.85/gui/templates/boolean.py
--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/boolean.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11898,9 +11898,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
+')
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.83/gui/templates/etc_rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.85/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/etc_rw.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,113 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12015,9 +12015,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.83/gui/templates/executable.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.85/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/executable.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/executable.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,393 @@
+# Copyright (C) 2007-2009 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12412,9 +12412,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.83/gui/templates/__init__.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.85/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/__init__.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@@ -12434,9 +12434,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.83/gui/templates/network.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.85/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/network.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/network.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@@ -12518,9 +12518,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.83/gui/templates/polgen.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.85/gui/templates/polgen.py
--- nsapolicycoreutils/gui/templates/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/polgen.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,1303 @@
+#!/usr/bin/python -Es
+#
@@ -13825,9 +13825,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py
+ sys.exit(0)
+ except ValueError, e:
+ usage(e)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.83/gui/templates/rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.85/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/rw.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/rw.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13960,9 +13960,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.83/gui/templates/script.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.85/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/script.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/script.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,126 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14090,9 +14090,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+_EOF
+fi
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.83/gui/templates/semodule.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.85/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/semodule.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14135,9 +14135,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.83/gui/templates/tmp.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.85/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/tmp.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,102 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14241,9 +14241,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+ files_search_tmp($1)
+ admin_pattern($1, TEMPLATETYPE_tmp_t)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.85/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/user.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/user.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,205 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14450,9 +14450,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.83/gui/templates/var_cache.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.85/gui/templates/var_cache.py
--- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/var_cache.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,133 @@
+# Copyright (C) 2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14587,9 +14587,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.83/gui/templates/var_lib.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.85/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/var_lib.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,161 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14752,9 +14752,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.83/gui/templates/var_log.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.85/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/var_log.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,116 @@
+# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14872,9 +14872,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.83/gui/templates/var_run.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.85/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/var_run.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,101 @@
+# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14977,9 +14977,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.83/gui/templates/var_spool.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.85/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/templates/var_spool.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,133 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15114,9 +15114,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.83/gui/usersPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.85/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/usersPage.py 2010-10-29 09:54:44.000000000 -0400
++++ policycoreutils-2.0.85/gui/usersPage.py 2010-12-21 16:16:40.000000000 -0500
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index a453d90..ecd1798 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -2793,7 +2793,7 @@ index 0000000..e2befdb
+ packages=["policycoreutils"],
+)
diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage
-index ffaca5b..75b53e8 100644
+index ffaca5b..05d6834 100644
--- a/policycoreutils/semanage/semanage
+++ b/policycoreutils/semanage/semanage
@@ -1,4 +1,4 @@
@@ -2810,7 +2810,7 @@ index ffaca5b..75b53e8 100644
import sys, getopt, re
import seobject
import selinux
-@@ -32,27 +33,36 @@ gettext.textdomain(PROGNAME)
+@@ -32,27 +33,35 @@ gettext.textdomain(PROGNAME)
try:
gettext.install(PROGNAME,
localedir="/usr/share/locale",
@@ -2834,25 +2834,30 @@ index ffaca5b..75b53e8 100644
def usage(message = ""):
text = _("""
semanage [ -S store ] -i [ input_file | - ]
-+semanage [ -S store ] -o [ output_file | - ]
-
+-
-semanage {boolean|login|user|port|interface|node|fcontext} -{l|D} [-n]
-+semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n]
- semanage login -{a|d|m} [-sr] login_name | %groupname
- semanage user -{a|d|m} [-LrRP] selinux_name
- semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
- semanage interface -{a|d|m} [-tr] interface_spec
-+semanage module -{a|d|m} [--enable|--disable] module
- semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
+-semanage login -{a|d|m} [-sr] login_name | %groupname
+-semanage user -{a|d|m} [-LrRP] selinux_name
+-semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
+-semanage interface -{a|d|m} [-tr] interface_spec
+-semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
-semanage fcontext -{a|d|m} [-frst] file_spec
-+semanage fcontext -{a|d|m} [-efrst] file_spec
++semanage [ -S store ] -o [ output_file | - ]
++
++semanage login -{a|d|m|l|D|E} [-nrs] login_name | %groupname
++semanage user -{a|d|m|l|D|E} [-LnrRP] selinux_name
++semanage port -{a|d|m|l|D|E} [-nrt] [ -p proto ] port | port_range
++semanage interface -{a|d|m|l|D|E} [-nrt] interface_spec
++semanage module -{a|d|m} [--enable|--disable] module
++semanage node -{a|d|m|l|D|E} [-nrt] [ -p protocol ] [-M netmask] addr
++semanage fcontext -{a|d|m|l|D|E} [-efnrst] file_spec
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
-semanage permissive -{d|a} type
-+semanage permissive -{d|a|l} type
++semanage permissive -{d|a|l} [-n] type
semanage dontaudit [ on | off ]
Primary Options:
-@@ -61,7 +71,9 @@ Primary Options:
+@@ -61,7 +70,9 @@ Primary Options:
-d, --delete Delete a OBJECT record NAME
-m, --modify Modify a OBJECT record NAME
-i, --input Input multiple semange commands in a transaction
@@ -2862,7 +2867,7 @@ index ffaca5b..75b53e8 100644
-C, --locallist List OBJECTS local customizations
-D, --deleteall Remove all OBJECTS local customizations
-@@ -84,12 +96,15 @@ Object-specific Options (see above):
+@@ -84,12 +95,15 @@ Object-specific Options (see above):
-F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
-M, --mask Netmask
@@ -2878,27 +2883,40 @@ index ffaca5b..75b53e8 100644
""")
raise ValueError("%s\n%s" % (text, message))
-@@ -101,7 +116,7 @@ Object-specific Options (see above):
+@@ -101,22 +115,25 @@ Object-specific Options (see above):
def get_options():
valid_option={}
- valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ]
-+ valid_everyone=[ '-a', '--add', '-d', '--delete', '-E', '--extract', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ]
++ valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-S', '--store' ]
++ valid_local=[ '-E', '--extract', '-C', '--locallist', '-D', '--deleteall']
valid_option["login"] = []
- valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
+- valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
++ valid_option["login"] += valid_everyone + valid_local + [ '-s', '--seuser', '-r', '--range']
valid_option["user"] = []
-@@ -112,8 +127,10 @@ Object-specific Options (see above):
- valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
+- valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ]
++ valid_option["user"] += valid_everyone + valid_local + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ]
+ valid_option["port"] = []
+- valid_option["port"] += valid_everyone + [ '-t', '--type', '-r', '--range', '-p', '--proto' ]
++ valid_option["port"] += valid_everyone + valid_local + [ '-t', '--type', '-r', '--range', '-p', '--proto' ]
+ valid_option["interface"] = []
+- valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
++ valid_option["interface"] += valid_everyone + valid_local + [ '-t', '--type', '-r', '--range']
valid_option["node"] = []
- valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
+- valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
++ valid_option["node"] += valid_everyone + valid_local + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
+ valid_option["module"] = []
+ valid_option["module"] += valid_everyone + [ '--enable', '--disable']
valid_option["fcontext"] = []
- valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
-+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
++ valid_option["fcontext"] += valid_everyone + valid_local + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
valid_option["dontaudit"] = [ '-S', '--store' ]
valid_option["boolean"] = []
- valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
+- valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
++ valid_option["boolean"] += valid_everyone + valid_local + [ '--on', "--off", "-1", "-0", "-F", "--file"]
+ valid_option["permissive"] = []
+ valid_option["permissive"] += [ '-a', '--add', '-d', '--delete', '-l', '--list', '-h', '--help', '-n', '--noheading', '-D', '--deleteall' ]
+ return valid_option
@@ -168,6 +185,8 @@ Object-specific Options (see above):
return ret
@@ -3417,7 +3435,7 @@ index 70d1a20..fb6a79b 100644
+.br
Examples by Thomas Bleher <ThomasBleher at gmx.de>.
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
-index b7d257b..40e57e9 100644
+index b7d257b..735c1ba 100644
--- a/policycoreutils/semanage/seobject.py
+++ b/policycoreutils/semanage/seobject.py
@@ -29,47 +29,12 @@ import sepolgen.module as module
@@ -3472,7 +3490,7 @@ index b7d257b..40e57e9 100644
file_types = {}
file_types[""] = SEMANAGE_FCONTEXT_ALL;
-@@ -194,45 +159,154 @@ def untranslate(trans, prepend = 1):
+@@ -194,45 +159,148 @@ def untranslate(trans, prepend = 1):
return trans
else:
return raw
@@ -3632,16 +3650,10 @@ index b7d257b..40e57e9 100644
+
+ self.commit()
+
-+ def deleteall(self):
-+ l = self.get_all()
-+ if len(l) > 0:
-+ all = " ".join(l[0])
-+ self.delete(all)
-+
class dontauditClass(semanageRecords):
def __init__(self, store):
semanageRecords.__init__(self, store)
-@@ -259,14 +333,23 @@ class permissiveRecords(semanageRecords):
+@@ -259,14 +327,23 @@ class permissiveRecords(semanageRecords):
name = semanage_module_get_name(mod)
if name and name.startswith("permissive_"):
l.append(name.split("permissive_")[1])
@@ -3669,7 +3681,7 @@ index b7d257b..40e57e9 100644
def add(self, type):
import glob
-@@ -343,7 +426,9 @@ class loginRecords(semanageRecords):
+@@ -343,7 +420,9 @@ class loginRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if login mapping for %s is defined") % name)
if exists:
@@ -3680,7 +3692,7 @@ index b7d257b..40e57e9 100644
if name[0] == '%':
try:
grp.getgrnam(name[1:])
-@@ -475,6 +560,16 @@ class loginRecords(semanageRecords):
+@@ -475,6 +554,16 @@ class loginRecords(semanageRecords):
mylog.log(1, "delete SELinux user mapping", name);
@@ -3697,7 +3709,7 @@ index b7d257b..40e57e9 100644
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -489,6 +584,15 @@ class loginRecords(semanageRecords):
+@@ -489,6 +578,15 @@ class loginRecords(semanageRecords):
ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u))
return ddict
@@ -3713,7 +3725,7 @@ index b7d257b..40e57e9 100644
def list(self,heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -531,7 +635,8 @@ class seluserRecords(semanageRecords):
+@@ -531,7 +629,8 @@ class seluserRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if SELinux user %s is defined") % name)
if exists:
@@ -3723,7 +3735,7 @@ index b7d257b..40e57e9 100644
(rc, u) = semanage_user_create(self.sh)
if rc < 0:
-@@ -682,6 +787,16 @@ class seluserRecords(semanageRecords):
+@@ -682,6 +781,16 @@ class seluserRecords(semanageRecords):
mylog.log(1,"delete SELinux user record", name)
@@ -3740,7 +3752,7 @@ index b7d257b..40e57e9 100644
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -702,6 +817,15 @@ class seluserRecords(semanageRecords):
+@@ -702,6 +811,15 @@ class seluserRecords(semanageRecords):
return ddict
@@ -3756,7 +3768,7 @@ index b7d257b..40e57e9 100644
def list(self, heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -740,12 +864,16 @@ class portRecords(semanageRecords):
+@@ -740,12 +858,16 @@ class portRecords(semanageRecords):
low = int(ports[0])
high = int(ports[1])
@@ -3773,7 +3785,7 @@ index b7d257b..40e57e9 100644
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -808,6 +936,7 @@ class portRecords(semanageRecords):
+@@ -808,6 +930,7 @@ class portRecords(semanageRecords):
self.commit()
def __modify(self, port, proto, serange, setype):
@@ -3781,7 +3793,7 @@ index b7d257b..40e57e9 100644
if serange == "" and setype == "":
if is_mls_enabled == 1:
raise ValueError(_("Requires setype or serange"))
-@@ -942,6 +1071,18 @@ class portRecords(semanageRecords):
+@@ -942,6 +1065,18 @@ class portRecords(semanageRecords):
ddict[(ctype,proto_str)].append("%d-%d" % (low, high))
return ddict
@@ -3800,7 +3812,7 @@ index b7d257b..40e57e9 100644
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
-@@ -958,7 +1099,8 @@ class portRecords(semanageRecords):
+@@ -958,7 +1093,8 @@ class portRecords(semanageRecords):
class nodeRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self,store)
@@ -3810,7 +3822,7 @@ index b7d257b..40e57e9 100644
def __add(self, addr, mask, proto, serange, ctype):
if addr == "":
raise ValueError(_("Node Address is required"))
-@@ -966,14 +1108,11 @@ class nodeRecords(semanageRecords):
+@@ -966,14 +1102,11 @@ class nodeRecords(semanageRecords):
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3828,7 +3840,7 @@ index b7d257b..40e57e9 100644
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -991,11 +1130,13 @@ class nodeRecords(semanageRecords):
+@@ -991,11 +1124,13 @@ class nodeRecords(semanageRecords):
(rc, exists) = semanage_node_exists(self.sh, k)
if exists:
@@ -3843,7 +3855,7 @@ index b7d257b..40e57e9 100644
rc = semanage_node_set_addr(self.sh, node, proto, addr)
(rc, con) = semanage_context_create(self.sh)
-@@ -1005,8 +1146,7 @@ class nodeRecords(semanageRecords):
+@@ -1005,8 +1140,7 @@ class nodeRecords(semanageRecords):
rc = semanage_node_set_mask(self.sh, node, proto, mask)
if rc < 0:
raise ValueError(_("Could not set mask for %s") % addr)
@@ -3853,7 +3865,7 @@ index b7d257b..40e57e9 100644
rc = semanage_context_set_user(self.sh, con, "system_u")
if rc < 0:
raise ValueError(_("Could not set user in addr context for %s") % addr)
-@@ -1047,13 +1187,10 @@ class nodeRecords(semanageRecords):
+@@ -1047,13 +1181,10 @@ class nodeRecords(semanageRecords):
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3871,7 +3883,7 @@ index b7d257b..40e57e9 100644
if serange == "" and setype == "":
raise ValueError(_("Requires setype or serange"))
-@@ -1068,12 +1205,11 @@ class nodeRecords(semanageRecords):
+@@ -1068,12 +1199,11 @@ class nodeRecords(semanageRecords):
if not exists:
raise ValueError(_("Addr %s is not defined") % addr)
@@ -3885,7 +3897,7 @@ index b7d257b..40e57e9 100644
if serange != "":
semanage_context_set_mls(self.sh, con, untranslate(serange))
if setype != "":
-@@ -1098,11 +1234,9 @@ class nodeRecords(semanageRecords):
+@@ -1098,11 +1228,9 @@ class nodeRecords(semanageRecords):
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3900,7 +3912,7 @@ index b7d257b..40e57e9 100644
raise ValueError(_("Unknown or missing protocol"))
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
-@@ -1132,6 +1266,16 @@ class nodeRecords(semanageRecords):
+@@ -1132,6 +1260,16 @@ class nodeRecords(semanageRecords):
self.__delete(addr, mask, proto)
self.commit()
@@ -3917,7 +3929,7 @@ index b7d257b..40e57e9 100644
def get_all(self, locallist = 0):
ddict = {}
if locallist :
-@@ -1145,15 +1289,20 @@ class nodeRecords(semanageRecords):
+@@ -1145,15 +1283,20 @@ class nodeRecords(semanageRecords):
con = semanage_node_get_con(node)
addr = semanage_node_get_addr(self.sh, node)
mask = semanage_node_get_mask(self.sh, node)
@@ -3943,7 +3955,7 @@ index b7d257b..40e57e9 100644
def list(self, heading = 1, locallist = 0):
if heading:
print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
-@@ -1193,7 +1342,8 @@ class interfaceRecords(semanageRecords):
+@@ -1193,7 +1336,8 @@ class interfaceRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface)
if exists:
@@ -3953,7 +3965,7 @@ index b7d257b..40e57e9 100644
(rc, iface) = semanage_iface_create(self.sh)
if rc < 0:
-@@ -1307,6 +1457,16 @@ class interfaceRecords(semanageRecords):
+@@ -1307,6 +1451,16 @@ class interfaceRecords(semanageRecords):
self.__delete(interface)
self.commit()
@@ -3970,7 +3982,7 @@ index b7d257b..40e57e9 100644
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -1322,6 +1482,15 @@ class interfaceRecords(semanageRecords):
+@@ -1322,6 +1476,15 @@ class interfaceRecords(semanageRecords):
return ddict
@@ -3986,7 +3998,7 @@ index b7d257b..40e57e9 100644
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
-@@ -1338,6 +1507,48 @@ class interfaceRecords(semanageRecords):
+@@ -1338,6 +1501,48 @@ class interfaceRecords(semanageRecords):
class fcontextRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@@ -4035,7 +4047,7 @@ index b7d257b..40e57e9 100644
def createcon(self, target, seuser = "system_u"):
(rc, con) = semanage_context_create(self.sh)
-@@ -1364,6 +1575,8 @@ class fcontextRecords(semanageRecords):
+@@ -1364,6 +1569,8 @@ class fcontextRecords(semanageRecords):
def validate(self, target):
if target == "" or target.find("\n") >= 0:
raise ValueError(_("Invalid file specification"))
@@ -4044,7 +4056,7 @@ index b7d257b..40e57e9 100644
def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
self.validate(target)
-@@ -1388,7 +1601,8 @@ class fcontextRecords(semanageRecords):
+@@ -1388,7 +1595,8 @@ class fcontextRecords(semanageRecords):
raise ValueError(_("Could not check if file context for %s is defined") % target)
if exists:
@@ -4054,7 +4066,7 @@ index b7d257b..40e57e9 100644
(rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0:
-@@ -1504,9 +1718,16 @@ class fcontextRecords(semanageRecords):
+@@ -1504,9 +1712,16 @@ class fcontextRecords(semanageRecords):
raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k)
@@ -4071,7 +4083,7 @@ index b7d257b..40e57e9 100644
(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
if rc < 0:
raise ValueError(_("Could not create a key for %s") % target)
-@@ -1561,12 +1782,22 @@ class fcontextRecords(semanageRecords):
+@@ -1561,12 +1776,22 @@ class fcontextRecords(semanageRecords):
return ddict
@@ -4096,7 +4108,7 @@ index b7d257b..40e57e9 100644
for k in keys:
if fcon_dict[k]:
if is_mls_enabled:
-@@ -1575,6 +1806,12 @@ class fcontextRecords(semanageRecords):
+@@ -1575,6 +1800,12 @@ class fcontextRecords(semanageRecords):
print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
else:
print "%-50s %-18s <<None>>" % (k[0], k[1])
@@ -4109,7 +4121,7 @@ index b7d257b..40e57e9 100644
class booleanRecords(semanageRecords):
def __init__(self, store = ""):
-@@ -1587,6 +1824,18 @@ class booleanRecords(semanageRecords):
+@@ -1587,6 +1818,18 @@ class booleanRecords(semanageRecords):
self.dict["1"] = 1
self.dict["0"] = 0
@@ -4128,7 +4140,7 @@ index b7d257b..40e57e9 100644
def __mod(self, name, value):
(rc, k) = semanage_bool_key_create(self.sh, name)
if rc < 0:
-@@ -1606,9 +1855,10 @@ class booleanRecords(semanageRecords):
+@@ -1606,9 +1849,10 @@ class booleanRecords(semanageRecords):
else:
raise ValueError(_("You must specify one of the following values: %s") % ", ".join(self.dict.keys()) )
@@ -4142,7 +4154,7 @@ index b7d257b..40e57e9 100644
rc = semanage_bool_modify_local(self.sh, k, b)
if rc < 0:
raise ValueError(_("Could not modify boolean %s") % name)
-@@ -1691,8 +1941,12 @@ class booleanRecords(semanageRecords):
+@@ -1691,8 +1935,12 @@ class booleanRecords(semanageRecords):
value = []
name = semanage_bool_get_name(boolean)
value.append(semanage_bool_get_value(boolean))
@@ -4157,7 +4169,7 @@ index b7d257b..40e57e9 100644
ddict[name] = value
return ddict
-@@ -1706,6 +1960,16 @@ class booleanRecords(semanageRecords):
+@@ -1706,6 +1954,16 @@ class booleanRecords(semanageRecords):
else:
return _("unknown")
diff --git a/policycoreutils.spec b/policycoreutils.spec
index f6bb5de..cc41b91 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -329,6 +329,10 @@ fi
exit 0
%changelog
+* Tue Jan 4 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-3
+- Polgengui raises the wrong type of exception. #471078
+- Change semanage to not allow it to semanage module -D
+
* Wed Dec 22 2010 Dan Walsh <dwalsh at redhat.com> 2.0.85-2
- Fix restorecond watching utmp file for people logging in our out
More information about the scm-commits
mailing list