[setools/f18] Add filename_trans to python/setools/sesearch bindings
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Dec 17 20:47:05 UTC 2012
commit 8f27e92cc1b5b444f6bd397b3c4b5c5900affe23
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Dec 17 15:46:52 2012 -0500
Add filename_trans to python/setools/sesearch bindings
...tools-seinfo-and-sesearch-python-bindings.patch | 707 +++++++++++++-------
setools.spec | 7 +-
2 files changed, 452 insertions(+), 262 deletions(-)
---
diff --git a/0001-add-setools-seinfo-and-sesearch-python-bindings.patch b/0001-add-setools-seinfo-and-sesearch-python-bindings.patch
index 58ac0ba..de9a2ab 100644
--- a/0001-add-setools-seinfo-and-sesearch-python-bindings.patch
+++ b/0001-add-setools-seinfo-and-sesearch-python-bindings.patch
@@ -1,46 +1,6 @@
-From 32e8d1d3619dcdb40431c7eae3fe00efaae089c6 Mon Sep 17 00:00:00 2001
-From: Dan Walsh <dwalsh at redhat.com>
-Date: Tue, 20 Sep 2011 15:38:50 -0400
-Subject: [PATCH 1/6] add-setools-seinfo-and-sesearch-python-bindings
-
----
- Makefile.am | 2 +-
- configure.ac | 14 +-
- python/Makefile.am | 1 +
- python/Makefile.in | 716 +++++++++++++++++++++++++++++++++++++++++
- python/setools/Makefile.am | 36 ++
- python/setools/Makefile.in | 550 +++++++++++++++++++++++++++++++
- python/setools/__init__.py | 50 +++
- python/setools/seinfo.c | 769 ++++++++++++++++++++++++++++++++++++++++++++
- python/setools/sesearch.c | 478 +++++++++++++++++++++++++++
- python/setools/setup.py | 25 ++
- 11 files changed, 2635 insertions(+), 8 deletions(-)
- create mode 100644 python/Makefile.am
- create mode 100644 python/Makefile.in
- create mode 100644 python/setools/Makefile.am
- create mode 100644 python/setools/Makefile.in
- create mode 100644 python/setools/__init__.py
- create mode 100644 python/setools/seinfo.c
- create mode 100644 python/setools/sesearch.c
- create mode 100644 python/setools/setup.py
-
-diff --git a/Makefile.am b/Makefile.am
-index 5dc1b5d..176c8ea 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -10,7 +10,7 @@ if BUILD_GUI
- endif
- # sediffx is also built conditionally, from sediffx/Makefile.am
-
--SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
-+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
-
- #old indent opts
- #INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
-diff --git a/configure.ac b/configure.ac
-index b885981..e837e03 100644
---- a/configure.ac
-+++ b/configure.ac
+diff -up setools-3.3.7/configure.ac.python setools-3.3.7/configure.ac
+--- setools-3.3.7/configure.ac.python 2010-04-30 10:25:48.000000000 -0400
++++ setools-3.3.7/configure.ac 2012-09-29 08:24:31.587998703 -0400
@@ -194,7 +194,7 @@ AC_ARG_ENABLE(swig-java,
enable_jswig="$enableval")
if test "x${enable_jswig}" = xyes; then
@@ -95,25 +55,32 @@ index b885981..e837e03 100644
packages/Makefile packages/rpm/Makefile \
packages/libqpol.pc packages/libapol.pc packages/libpoldiff.pc packages/libseaudit.pc packages/libsefs.pc])
-diff --git a/python/Makefile.am b/python/Makefile.am
-new file mode 100644
-index 0000000..a1510c8
---- /dev/null
-+++ b/python/Makefile.am
+diff -up setools-3.3.7/Makefile.am.python setools-3.3.7/Makefile.am
+--- setools-3.3.7/Makefile.am.python 2008-02-22 14:06:28.000000000 -0500
++++ setools-3.3.7/Makefile.am 2012-09-29 08:24:31.586998699 -0400
+@@ -10,7 +10,7 @@ if BUILD_GUI
+ endif
+ # sediffx is also built conditionally, from sediffx/Makefile.am
+
+-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
++SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
+
+ #old indent opts
+ #INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
+diff -up setools-3.3.7/python/Makefile.am.python setools-3.3.7/python/Makefile.am
+--- setools-3.3.7/python/Makefile.am.python 2012-09-29 08:26:07.643330216 -0400
++++ setools-3.3.7/python/Makefile.am 2012-09-29 08:26:07.643330216 -0400
@@ -0,0 +1 @@
+SUBDIRS = setools
-diff --git a/python/Makefile.in b/python/Makefile.in
-new file mode 100644
-index 0000000..48c87ab
---- /dev/null
-+++ b/python/Makefile.in
-@@ -0,0 +1,716 @@
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
+diff -up setools-3.3.7/python/Makefile.in.python setools-3.3.7/python/Makefile.in
+--- setools-3.3.7/python/Makefile.in.python 2012-09-29 08:26:07.643330216 -0400
++++ setools-3.3.7/python/Makefile.in 2012-09-29 08:26:07.657330271 -0400
+@@ -0,0 +1,731 @@
++# Makefile.in generated by automake 1.12.2 from Makefile.am.
+# @configure_input@
+
-+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-+# Inc.
++# Copyright (C) 1994-2012 Free Software Foundation, Inc.
++
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
@@ -125,6 +92,23 @@ index 0000000..48c87ab
+
+ at SET_MAKE@
+VPATH = @srcdir@
++am__make_dryrun = \
++ { \
++ am__dry=no; \
++ case $$MAKEFLAGS in \
++ *\\[\ \ ]*) \
++ echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \
++ | grep '^AM OK$$' >/dev/null || am__dry=yes;; \
++ *) \
++ for am__flg in $$MAKEFLAGS; do \
++ case $$am__flg in \
++ *=*|--*) ;; \
++ *n*) am__dry=yes; break;; \
++ esac; \
++ done;; \
++ esac; \
++ test $$am__dry = yes; \
++ }
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
@@ -175,6 +159,11 @@ index 0000000..48c87ab
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
++am__can_run_installinfo = \
++ case $$AM_UPDATE_INFO_DIR in \
++ n|no|NO) false;; \
++ *) (install-info --version) >/dev/null 2>&1;; \
++ esac
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
@@ -515,12 +504,12 @@ index 0000000..48c87ab
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
-+# into them and run `make' without going through this Makefile.
-+# To change the values of `make' variables: instead of editing Makefiles,
-+# (1) if the variable is set in `config.status', edit `config.status'
-+# (which will cause the Makefiles to be regenerated when you run `make');
-+# (2) otherwise, pass the desired values on the `make' command line.
-+$(RECURSIVE_TARGETS):
++# into them and run 'make' without going through this Makefile.
++# To change the values of 'make' variables: instead of editing Makefiles,
++# (1) if the variable is set in 'config.status', edit 'config.status'
++# (which will cause the Makefiles to be regenerated when you run 'make');
++# (2) otherwise, pass the desired values on the 'make' command line.
++$(RECURSIVE_TARGETS) $(RECURSIVE_CLEAN_TARGETS):
+ @fail= failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
@@ -530,7 +519,11 @@ index 0000000..48c87ab
+ done; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
-+ list='$(SUBDIRS)'; for subdir in $$list; do \
++ case "$@" in \
++ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
++ *) list='$(SUBDIRS)' ;; \
++ esac; \
++ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
@@ -544,37 +537,6 @@ index 0000000..48c87ab
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
-+
-+$(RECURSIVE_CLEAN_TARGETS):
-+ @fail= failcom='exit 1'; \
-+ for f in x $$MAKEFLAGS; do \
-+ case $$f in \
-+ *=* | --[!k]*);; \
-+ *k*) failcom='fail=yes';; \
-+ esac; \
-+ done; \
-+ dot_seen=no; \
-+ case "$@" in \
-+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
-+ *) list='$(SUBDIRS)' ;; \
-+ esac; \
-+ rev=''; for subdir in $$list; do \
-+ if test "$$subdir" = "."; then :; else \
-+ rev="$$subdir $$rev"; \
-+ fi; \
-+ done; \
-+ rev="$$rev ."; \
-+ target=`echo $@ | sed s/-recursive//`; \
-+ for subdir in $$rev; do \
-+ echo "Making $$target in $$subdir"; \
-+ if test "$$subdir" = "."; then \
-+ local_target="$$target-am"; \
-+ else \
-+ local_target="$$target"; \
-+ fi; \
-+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
-+ || eval $$failcom; \
-+ done && test -z "$$fail"
+tags-recursive:
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
@@ -583,6 +545,10 @@ index 0000000..48c87ab
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+ done
++cscopelist-recursive:
++ list='$(SUBDIRS)'; for subdir in $$list; do \
++ test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) cscopelist); \
++ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -646,6 +612,20 @@ index 0000000..48c87ab
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+
++cscopelist: cscopelist-recursive $(HEADERS) $(SOURCES) $(LISP)
++ list='$(SOURCES) $(HEADERS) $(LISP)'; \
++ case "$(srcdir)" in \
++ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
++ *) sdir=$(subdir)/$(srcdir) ;; \
++ esac; \
++ for i in $$list; do \
++ if test -f "$$i"; then \
++ echo "$(subdir)/$$i"; \
++ else \
++ echo "$$sdir/$$i"; \
++ fi; \
++ done >> $(top_builddir)/cscope.files
++
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
@@ -681,13 +661,10 @@ index 0000000..48c87ab
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
-+ test -d "$(distdir)/$$subdir" \
-+ || $(MKDIR_P) "$(distdir)/$$subdir" \
-+ || exit 1; \
-+ fi; \
-+ done
-+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
-+ if test "$$subdir" = .; then :; else \
++ $(am__make_dryrun) \
++ || test -d "$(distdir)/$$subdir" \
++ || $(MKDIR_P) "$(distdir)/$$subdir" \
++ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
@@ -722,10 +699,15 @@ index 0000000..48c87ab
+
+installcheck: installcheck-recursive
+install-strip:
-+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-+ `test -z '$(STRIP)' || \
-+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
++ if test -z '$(STRIP)'; then \
++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
++ install; \
++ else \
++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
++ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
++ fi
+mostlyclean-generic:
+
+clean-generic:
@@ -803,32 +785,86 @@ index 0000000..48c87ab
+
+uninstall-am:
+
-+.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) ctags-recursive \
-+ install-am install-strip tags-recursive
++.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) \
++ cscopelist-recursive ctags-recursive install-am install-strip \
++ tags-recursive
+
+.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
+ all all-am check check-am clean clean-generic clean-libtool \
-+ ctags ctags-recursive distclean distclean-generic \
-+ distclean-libtool distclean-tags distdir dvi dvi-am html \
-+ html-am info info-am install install-am install-data \
-+ install-data-am install-dvi install-dvi-am install-exec \
-+ install-exec-am install-html install-html-am install-info \
-+ install-info-am install-man install-pdf install-pdf-am \
-+ install-ps install-ps-am install-strip installcheck \
-+ installcheck-am installdirs installdirs-am maintainer-clean \
-+ maintainer-clean-generic mostlyclean mostlyclean-generic \
-+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \
-+ uninstall uninstall-am
++ cscopelist cscopelist-recursive ctags ctags-recursive \
++ distclean distclean-generic distclean-libtool distclean-tags \
++ distdir dvi dvi-am html html-am info info-am install \
++ install-am install-data install-data-am install-dvi \
++ install-dvi-am install-exec install-exec-am install-html \
++ install-html-am install-info install-info-am install-man \
++ install-pdf install-pdf-am install-ps install-ps-am \
++ install-strip installcheck installcheck-am installdirs \
++ installdirs-am maintainer-clean maintainer-clean-generic \
++ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
++ ps ps-am tags tags-recursive uninstall uninstall-am
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-diff --git a/python/setools/Makefile.am b/python/setools/Makefile.am
-new file mode 100644
-index 0000000..c4635fb
---- /dev/null
-+++ b/python/setools/Makefile.am
+diff -up setools-3.3.7/python/setools/__init__.py.python setools-3.3.7/python/setools/__init__.py
+--- setools-3.3.7/python/setools/__init__.py.python 2012-09-29 08:26:07.650330243 -0400
++++ setools-3.3.7/python/setools/__init__.py 2012-09-29 08:26:07.644330220 -0400
+@@ -0,0 +1,51 @@
++#!/usr/bin/env python
++
++# Author: Thomas Liu <tliu at redhat.com>
++
++import _sesearch
++import _seinfo
++import types
++
++TYPE = _seinfo.TYPE
++ROLE = _seinfo.ROLE
++ATTRIBUTE = _seinfo.ATTRIBUTE
++PORT = _seinfo.PORT
++USER = _seinfo.USER
++
++ALLOW = 'allow'
++AUDITALLOW = 'auditallow'
++NEVERALLOW = 'neverallow'
++DONTAUDIT = 'dontaudit'
++SCONTEXT = 'scontext'
++TCONTEXT = 'tcontext'
++PERMS = 'permlist'
++CLASS = 'class'
++TRANSITION = 'transition'
++
++def sesearch(types, info):
++ valid_types = [ALLOW, AUDITALLOW, NEVERALLOW, DONTAUDIT, TRANSITION]
++ for type in types:
++ if type not in valid_types:
++ raise ValueError("Type has to be in %s" % valid_types)
++ info[type] = True
++
++ perms = []
++ if PERMS in info:
++ perms = info[PERMS]
++ info[PERMS] = ",".join(info[PERMS])
++
++
++ dict_list = _sesearch.sesearch(info)
++ if dict_list and len(perms) != 0:
++ dict_list = filter(lambda x: dict_has_perms(x, perms), dict_list)
++ return dict_list
++
++def dict_has_perms(dict, perms):
++ for perm in perms:
++ if perm not in dict[PERMS]:
++ return False
++ return True
++
++def seinfo(setype, name=None):
++ dict_list = _seinfo.seinfo(setype, name)
++ return dict_list
+diff -up setools-3.3.7/python/setools/Makefile.am.python setools-3.3.7/python/setools/Makefile.am
+--- setools-3.3.7/python/setools/Makefile.am.python 2012-09-29 08:26:07.650330243 -0400
++++ setools-3.3.7/python/setools/Makefile.am 2012-09-29 08:26:07.649330238 -0400
@@ -0,0 +1,36 @@
+EXTRA_DIST = \
+ sesearch.c \
@@ -866,18 +902,15 @@ index 0000000..c4635fb
+ $(PYTHON) setup.py clean -a
+ rm -f *~
+
-diff --git a/python/setools/Makefile.in b/python/setools/Makefile.in
-new file mode 100644
-index 0000000..704ffc7
---- /dev/null
-+++ b/python/setools/Makefile.in
-@@ -0,0 +1,550 @@
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
+diff -up setools-3.3.7/python/setools/Makefile.in.python setools-3.3.7/python/setools/Makefile.in
+--- setools-3.3.7/python/setools/Makefile.in.python 2012-09-29 08:26:07.649330238 -0400
++++ setools-3.3.7/python/setools/Makefile.in 2012-09-29 08:26:07.656330267 -0400
+@@ -0,0 +1,578 @@
++# Makefile.in generated by automake 1.12.2 from Makefile.am.
+# @configure_input@
+
-+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-+# Inc.
++# Copyright (C) 1994-2012 Free Software Foundation, Inc.
++
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
@@ -889,6 +922,23 @@ index 0000000..704ffc7
+
+ at SET_MAKE@
+VPATH = @srcdir@
++am__make_dryrun = \
++ { \
++ am__dry=no; \
++ case $$MAKEFLAGS in \
++ *\\[\ \ ]*) \
++ echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \
++ | grep '^AM OK$$' >/dev/null || am__dry=yes;; \
++ *) \
++ for am__flg in $$MAKEFLAGS; do \
++ case $$am__flg in \
++ *=*|--*) ;; \
++ *n*) am__dry=yes; break;; \
++ esac; \
++ done;; \
++ esac; \
++ test $$am__dry = yes; \
++ }
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
@@ -932,6 +982,11 @@ index 0000000..704ffc7
+CONFIG_CLEAN_VPATH_FILES =
+SOURCES =
+DIST_SOURCES =
++am__can_run_installinfo = \
++ case $$AM_UPDATE_INFO_DIR in \
++ n|no|NO) false;; \
++ *) (install-info --version) >/dev/null 2>&1;; \
++ esac
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
@@ -1260,6 +1315,8 @@ index 0000000..704ffc7
+ctags: CTAGS
+CTAGS:
+
++cscope cscopelist:
++
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
@@ -1305,10 +1362,15 @@ index 0000000..704ffc7
+
+installcheck: installcheck-am
+install-strip:
-+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-+ `test -z '$(STRIP)' || \
-+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
++ if test -z '$(STRIP)'; then \
++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
++ install; \
++ else \
++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
++ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
++ fi
+mostlyclean-generic:
+
+clean-generic:
@@ -1422,67 +1484,9 @@ index 0000000..704ffc7
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-diff --git a/python/setools/__init__.py b/python/setools/__init__.py
-new file mode 100644
-index 0000000..6f075c4
---- /dev/null
-+++ b/python/setools/__init__.py
-@@ -0,0 +1,50 @@
-+#!/usr/bin/env python
-+
-+# Author: Thomas Liu <tliu at redhat.com>
-+
-+import _sesearch
-+import _seinfo
-+import types
-+
-+TYPE = _seinfo.TYPE
-+ROLE = _seinfo.ROLE
-+ATTRIBUTE = _seinfo.ATTRIBUTE
-+PORT = _seinfo.PORT
-+USER = _seinfo.USER
-+
-+ALLOW = 'allow'
-+AUDITALLOW = 'auditallow'
-+NEVERALLOW = 'neverallow'
-+DONTAUDIT = 'dontaudit'
-+SCONTEXT = 'scontext'
-+TCONTEXT = 'tcontext'
-+PERMS = 'permlist'
-+CLASS = 'class'
-+
-+def sesearch(types, info):
-+ valid_types = [ALLOW, AUDITALLOW, NEVERALLOW, DONTAUDIT]
-+ for type in types:
-+ if type not in valid_types:
-+ raise ValueError("Type has to be in %s" % valid_types)
-+ info[type] = True
-+
-+ perms = []
-+ if PERMS in info:
-+ perms = info[PERMS]
-+ info[PERMS] = ",".join(info[PERMS])
-+
-+
-+ dict_list = _sesearch.sesearch(info)
-+ if dict_list and len(perms) != 0:
-+ dict_list = filter(lambda x: dict_has_perms(x, perms), dict_list)
-+ return dict_list
-+
-+def dict_has_perms(dict, perms):
-+ for perm in perms:
-+ if perm not in dict[PERMS]:
-+ return False
-+ return True
-+
-+def seinfo(setype, name=None):
-+ dict_list = _seinfo.seinfo(setype, name)
-+ return dict_list
-diff --git a/python/setools/seinfo.c b/python/setools/seinfo.c
-new file mode 100644
-index 0000000..211930a
---- /dev/null
-+++ b/python/setools/seinfo.c
+diff -up setools-3.3.7/python/setools/seinfo.c.python setools-3.3.7/python/setools/seinfo.c
+--- setools-3.3.7/python/setools/seinfo.c.python 2012-09-29 08:26:07.655330263 -0400
++++ setools-3.3.7/python/setools/seinfo.c 2012-09-29 08:26:07.656330267 -0400
@@ -0,0 +1,769 @@
+/**
+ * @file
@@ -2253,12 +2257,10 @@ index 0000000..211930a
+ PyModule_AddIntConstant(m, "TYPE", TYPE);
+ PyModule_AddIntConstant(m, "USER", USER);
+}
-diff --git a/python/setools/sesearch.c b/python/setools/sesearch.c
-new file mode 100644
-index 0000000..faaf8b7
---- /dev/null
-+++ b/python/setools/sesearch.c
-@@ -0,0 +1,478 @@
+diff -up setools-3.3.7/python/setools/sesearch.c.python setools-3.3.7/python/setools/sesearch.c
+--- setools-3.3.7/python/setools/sesearch.c.python 2012-09-29 08:26:07.650330243 -0400
++++ setools-3.3.7/python/setools/sesearch.c 2012-09-29 08:26:07.650330243 -0400
+@@ -0,0 +1,668 @@
+// Author: Thomas Liu <tliu at redhat.com>
+
+/**
@@ -2355,6 +2357,184 @@ index 0000000..faaf8b7
+ apol_vector_t *perm_vector;
+} options_t;
+
++static int perform_ft_query(const apol_policy_t * policy, const options_t * opt, apol_vector_t ** v)
++{
++ apol_filename_trans_query_t *ftq = NULL;
++ size_t i;
++ int error = 0;
++
++ if (!policy || !opt || !v) {
++ PyErr_SetString(PyExc_RuntimeError,strerror(EINVAL));
++ errno = EINVAL;
++ return -1;
++ }
++
++ if (!opt->type && !opt->all) {
++ *v = NULL;
++ return 0; /* no search to do */
++ }
++
++ ftq = apol_filename_trans_query_create();
++ if (!ftq) {
++ PyErr_SetString(PyExc_RuntimeError,strerror(ENOMEM));
++ errno = ENOMEM;
++ return -1;
++ }
++
++ apol_filename_trans_query_set_regex(policy, ftq, opt->useregex);
++ if (opt->src_name) {
++ if (apol_filename_trans_query_set_source(policy, ftq, opt->src_name, opt->indirect)) {
++ goto err;
++ }
++ }
++
++ if (opt->tgt_name) {
++ if (apol_filename_trans_query_set_target(policy, ftq, opt->tgt_name, opt->indirect)) {
++ goto err;
++ }
++ }
++#if 0
++ if (opt->default_name) {
++ if (apol_filename_trans_query_set_default(policy, ftq, opt->default_name)) {
++ goto err;
++ }
++ }
++#endif
++ if (opt->class_name) {
++ if (opt->class_vector == NULL) {
++ if (apol_filename_trans_query_append_class(policy, ftq, opt->class_name)) {
++ goto err;
++ }
++ } else {
++ for (i = 0; i < apol_vector_get_size(opt->class_vector); ++i) {
++ char *class_name;
++ class_name = apol_vector_get_element(opt->class_vector, i);
++ if (!class_name)
++ continue;
++ if (apol_filename_trans_query_append_class(policy, ftq, class_name)) {
++ goto err;
++ }
++ }
++ }
++ }
++
++ if (apol_filename_trans_get_by_query(policy, ftq, v)) {
++ error = errno;
++ }
++
++ apol_filename_trans_query_destroy(&ftq);
++ return 0;
++
++ err:
++ error = errno;
++ PyErr_SetString(PyExc_RuntimeError,strerror(errno));
++ apol_vector_destroy(v);
++ apol_filename_trans_query_destroy(&ftq);
++ errno = error;
++ return -1;
++}
++
++static PyObject* get_ft_results(const apol_policy_t * policy, const options_t * opt, const apol_vector_t * v, PyObject *list)
++{
++ PyObject *obj;
++ size_t i, num_filename_trans = 0;
++ const char *tmp_name;
++ int error = 0;
++ const qpol_filename_trans_t *filename_trans = NULL;
++ const qpol_class_t *obj_class = NULL;
++ char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
++ qpol_policy_t *q = apol_policy_get_qpol(policy);
++ const qpol_type_t *type = NULL;
++
++ if (!(num_filename_trans = apol_vector_get_size(v)))
++ goto cleanup;
++
++ for (i = 0; i < num_filename_trans; i++) {
++ if (!(filename_trans = apol_vector_get_element(v, i)))
++ goto cleanup;
++
++ PyObject *dict = PyDict_New();
++
++ obj = PyString_FromString("type_transition");
++ PyDict_SetItemString(dict, "type", obj);
++ Py_DECREF(obj);
++
++ /* source type */
++ if (qpol_filename_trans_get_source_type(q, filename_trans, &type)) {
++ goto err;
++ }
++ if (qpol_type_get_name(q, type, &tmp_name)) {
++ goto err;
++ }
++
++ obj = PyString_FromString(tmp_name);
++ PyDict_SetItemString(dict, "source", obj);
++ Py_DECREF(obj);
++
++ /* target type */
++ if (qpol_filename_trans_get_target_type(q, filename_trans, &type)) {
++ goto err;
++ }
++ if (qpol_type_get_name(q, type, &tmp_name)) {
++ goto err;
++ }
++
++ obj = PyString_FromString(tmp_name);
++ PyDict_SetItemString(dict, "target", obj);
++ Py_DECREF(obj);
++
++ /* object class */
++ if (qpol_filename_trans_get_object_class(q, filename_trans, &obj_class)) {
++ goto err;
++ }
++ if (qpol_class_get_name(q, obj_class, &tmp_name)) {
++ goto err;
++ }
++
++ obj = PyString_FromString(tmp_name);
++ PyDict_SetItemString(dict, "class", obj);
++ Py_DECREF(obj);
++
++ /* default type */
++ if (qpol_filename_trans_get_default_type(q, filename_trans, &type)) {
++ goto err;
++ }
++ if (qpol_type_get_name(q, type, &tmp_name)) {
++ goto err;
++ }
++
++ obj = PyString_FromString(tmp_name);
++ PyDict_SetItemString(dict, "transtype", obj);
++ Py_DECREF(obj);
++
++ if (qpol_filename_trans_get_filename(q, filename_trans, &tmp_name)) {
++ goto err;
++ }
++
++ obj = PyString_FromString(tmp_name);
++ PyDict_SetItemString(dict, "filename", obj);
++ Py_DECREF(obj);
++
++ PyList_Append(list, dict);
++ Py_DECREF(dict);
++
++ free(filename_trans_str);
++ filename_trans_str = NULL;
++ free(expr);
++ expr = NULL;
++ }
++ goto cleanup;
++err:
++ error = errno;
++ PyErr_SetString(PyExc_RuntimeError,strerror(errno));
++ errno = error;
++cleanup:
++ free(tmp);
++ free(filename_trans_str);
++ free(expr);
++ return list;
++}
++
+static int perform_av_query(const apol_policy_t * policy, const options_t * opt, apol_vector_t ** v)
+{
+ apol_avrule_query_t *avq = NULL;
@@ -2404,7 +2584,7 @@ index 0000000..faaf8b7
+ }
+ } else {
+ size_t i;
-+ for (i = 0; i < apol_vector_get_size(opt->class_vector); ++i) {
++ for (i = 0; i < apol_vector_get_size(opt->class_vector); ++i) {
+ char *class_name;
+ class_name = apol_vector_get_element(opt->class_vector, i);
+ if (!class_name)
@@ -2460,15 +2640,12 @@ index 0000000..faaf8b7
+
+
+
-+static PyObject* get_av_results(const apol_policy_t * policy, const options_t * opt, const apol_vector_t * v)
++static PyObject* get_av_results(const apol_policy_t * policy, const options_t * opt, const apol_vector_t * v, PyObject *list)
+{
-+ int retval = -1;
-+ PyObject *list = PyList_New(0);
+ qpol_policy_t *q = apol_policy_get_qpol(policy);
+ size_t i, num_rules = 0;
+ const qpol_avrule_t *rule = NULL;
+ char *tmp = NULL, *rule_str = NULL, *expr = NULL;
-+ char enable_char = ' ', branch_char = ' ';
+ qpol_iterator_t *iter = NULL;
+ uint32_t enabled = 0;
+
@@ -2479,23 +2656,22 @@ index 0000000..faaf8b7
+ return NULL;
+
+ for (i = 0; i < num_rules; i++) {
-+ enable_char = branch_char = ' ';
+ if (!(rule = apol_vector_get_element(v, i)))
+ goto cleanup;
-+
++
+ if (qpol_avrule_get_is_enabled(q, rule, &enabled))
+ goto cleanup;
+ if (!enabled)
+ continue;
-+
++
+ const qpol_type_t *type;
+ const char *tmp_name;
+ uint32_t rule_type = 0;
-+
++
+ const qpol_class_t *obj_class = NULL;
-+
-+ PyObject *dict = PyDict_New();
-+
++
++ PyObject *dict = PyDict_New();
++
+ qpol_avrule_get_rule_type(q, rule, &rule_type);
+ tmp_name = apol_rule_type_to_str(rule_type);
+ PyObject *obj = PyString_FromString(tmp_name);
@@ -2507,13 +2683,13 @@ index 0000000..faaf8b7
+ obj = PyString_FromString(tmp_name);
+ PyDict_SetItemString(dict, "scontext", obj);
+ Py_DECREF(obj);
-+
++
+ qpol_avrule_get_target_type(q, rule, &type);
+ qpol_type_get_name(q, type, &tmp_name);
+ obj = PyString_FromString(tmp_name);
+ PyDict_SetItemString(dict, "tcontext", obj);
+ Py_DECREF(obj);
-+
++
+ qpol_avrule_get_object_class(q, rule, &obj_class);
+ qpol_type_get_name(q, type, &tmp_name);
+ obj = PyString_FromString(tmp_name);
@@ -2530,53 +2706,50 @@ index 0000000..faaf8b7
+ }
+ PyDict_SetItemString(dict, "permlist", permlist);
+ Py_DECREF(permlist);
-+ PyList_Append(list, dict);
++ PyList_Append(list, dict);
+ Py_DECREF(dict);
-+
++
+ free(rule_str);
+ rule_str = NULL;
+ free(expr);
+ expr = NULL;
+ }
-+ retval = 0;
++
+ cleanup:
+ free(tmp);
+ free(rule_str);
+ free(expr);
-+ if (retval) {
-+ Py_DECREF(list);
-+ return NULL;
-+ }
+ return list;
+}
+
+
+PyObject* sesearch(bool allow,
-+ bool neverallow,
-+ bool auditallow,
-+ bool dontaudit,
-+ const char *src_name,
-+ const char *tgt_name,
-+ const char *class_name,
-+ const char *permlist
-+ )
++ bool neverallow,
++ bool auditallow,
++ bool dontaudit,
++ bool transition,
++ const char *src_name,
++ const char *tgt_name,
++ const char *class_name,
++ const char *permlist
++ )
+{
+ options_t cmd_opts;
+ int rt = -1;
-+ PyObject *output = NULL;
-+
++ PyObject *output = PyList_New(0);
+ apol_policy_t *policy = NULL;
+ apol_vector_t *v = NULL;
+ apol_policy_path_t *pol_path = NULL;
+ apol_vector_t *mod_paths = NULL;
+ apol_policy_path_type_e path_type = APOL_POLICY_PATH_TYPE_MONOLITHIC;
-+
++
+ memset(&cmd_opts, 0, sizeof(cmd_opts));
+ cmd_opts.indirect = true;
+ cmd_opts.allow = allow;
+ cmd_opts.nallow = neverallow;
+ cmd_opts.auditallow = auditallow;
+ cmd_opts.dontaudit = dontaudit;
++ cmd_opts.type = transition;
+ if (src_name)
+ cmd_opts.src_name = strdup(src_name);
+ if (tgt_name)
@@ -2590,15 +2763,15 @@ index 0000000..faaf8b7
+ int pol_opt = 0;
+ if (!(cmd_opts.nallow || cmd_opts.all))
+ pol_opt |= QPOL_POLICY_OPTION_NO_NEVERALLOWS;
-+
-+
++
++
+ rt = qpol_default_policy_find(&policy_file);
+ if (rt) {
+ PyErr_SetString(PyExc_RuntimeError,"No default policy found.");
+ return NULL;
+ }
+ pol_opt |= QPOL_POLICY_OPTION_MATCH_SYSTEM;
-+
++
+ if (apol_file_is_policy_path_list(policy_file) > 0) {
+ pol_path = apol_policy_path_create_from_file(policy_file);
+ if (!pol_path) {
@@ -2617,7 +2790,7 @@ index 0000000..faaf8b7
+ }
+ free(policy_file);
+ apol_vector_destroy(&mod_paths);
-+
++
+ policy = apol_policy_create_from_policy_path(pol_path, pol_opt, NULL, NULL);
+ if (!policy) {
+ apol_policy_path_destroy(&pol_path);
@@ -2677,9 +2850,23 @@ index 0000000..faaf8b7
+ goto cleanup;
+ }
+ if (v) {
-+ output = get_av_results(policy, &cmd_opts, v);
++ output = get_av_results(policy, &cmd_opts, v, output);
++ }
++
++ if (cmd_opts.all || cmd_opts.type) {
++ apol_vector_destroy(&v);
++ if (perform_ft_query(policy, &cmd_opts, &v)) {
++ rt = 1;
++ goto cleanup;
++ }
++
++ if (v) {
++ output = get_ft_results(policy, &cmd_opts, v, output);
++ }
+ }
++
+ apol_vector_destroy(&v);
++
+ cleanup:
+ apol_policy_destroy(&policy);
+ apol_policy_path_destroy(&pol_path);
@@ -2693,38 +2880,43 @@ index 0000000..faaf8b7
+ apol_vector_destroy(&cmd_opts.perm_vector);
+ apol_vector_destroy(&cmd_opts.class_vector);
+
-+ if (output) return output;
-+ return Py_None;
++ if (PyList_GET_SIZE(output) == 0) {
++ Py_DECREF(output);
++ return Py_None;
++ }
++ return output;
+}
++
+static int Dict_ContainsInt(PyObject *dict, const char *key){
+ PyObject *item = PyDict_GetItemString(dict, key);
+ if (item)
-+ return PyInt_AsLong(item);
++ return PyInt_AsLong(item);
+ return false;
+}
+
+static const char *Dict_ContainsString(PyObject *dict, const char *key){
+ PyObject *item = PyDict_GetItemString(dict, key);
+ if (item)
-+ return PyString_AsString(item);
++ return PyString_AsString(item);
+ return NULL;
+}
+
+PyObject *wrap_sesearch(PyObject *self, PyObject *args){
+ PyObject *dict;
+ if (!PyArg_ParseTuple(args, "O", &dict))
-+ return NULL;
++ return NULL;
+ int allow = Dict_ContainsInt(dict, "allow");
+ int neverallow = Dict_ContainsInt(dict, "neverallow");
+ int auditallow = Dict_ContainsInt(dict, "auditallow");
-+ int dontaudit = Dict_ContainsInt(dict, "dontaudit");
-+
++ int dontaudit = Dict_ContainsInt(dict, "dontaudit");
++ int transition = Dict_ContainsInt(dict, "transition");
++
+ const char *src_name = Dict_ContainsString(dict, "scontext");
+ const char *tgt_name = Dict_ContainsString(dict, "tcontext");
+ const char *class_name = Dict_ContainsString(dict, "class");
+ const char *permlist = Dict_ContainsString(dict, "permlist");
-+
-+ return Py_BuildValue("O",sesearch(allow, neverallow, auditallow, dontaudit, src_name, tgt_name, class_name, permlist));
++
++ return Py_BuildValue("O",sesearch(allow, neverallow, auditallow, dontaudit, transition, src_name, tgt_name, class_name, permlist));
+
+}
+
@@ -2737,11 +2929,9 @@ index 0000000..faaf8b7
+ PyObject *m;
+ m = Py_InitModule("_sesearch", methods);
+}
-diff --git a/python/setools/setup.py b/python/setools/setup.py
-new file mode 100644
-index 0000000..053b885
---- /dev/null
-+++ b/python/setools/setup.py
+diff -up setools-3.3.7/python/setools/setup.py.python setools-3.3.7/python/setools/setup.py
+--- setools-3.3.7/python/setools/setup.py.python 2012-09-29 08:26:07.650330243 -0400
++++ setools-3.3.7/python/setools/setup.py 2012-09-29 08:26:07.646330228 -0400
@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+
@@ -2768,6 +2958,3 @@ index 0000000..053b885
+extension_seinfo.library_dirs=LIBDIRS
+
+setup(name = "setools", version="1.0", description="Python setools bindings", author="Thomas Liu", author_email="tliu at redhat.com", ext_modules=[extension_sesearch, extension_seinfo], packages=["setools"])
---
-1.7.6.2
-
diff --git a/setools.spec b/setools.spec
index eb0cfcd..6ab414b 100644
--- a/setools.spec
+++ b/setools.spec
@@ -5,7 +5,7 @@
Name: setools
Version: %{setools_maj_ver}.%{setools_min_ver}
-Release: 30%{?dist}
+Release: 31%{?dist}
License: GPLv2
URL: http://oss.tresys.com/projects/setools
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -185,7 +185,6 @@ This package includes the following graphical tools:
%patch10 -p 1 -b .current
%patch11 -p 1 -b .noship
%patch12 -p 1 -b .seaudit
-
%ifarch sparc sparcv9 sparc64 s390 s390x
for file in `find . -name Makefile.am`; do
sed -i -e 's:-fpic:-fPIC:' $file;
@@ -311,8 +310,12 @@ rm -rf ${RPM_BUILD_ROOT}
%postun libs-tcl -p /sbin/ldconfig
%changelog
+* Fri Sep 28 2012 Dan Walsh <dwalsh at redhat.com> - 3.3.7-31
+- Add filename_trans to python/setools/sesearch bindings
+
* Fri Sep 28 2012 Dan Walsh <dwalsh at redhat.com> - 3.3.7-30
- Apply Lars Jensen patch to fix seaudit
+- Remove java bindings, not supported
* Mon Sep 16 2012 Dan Walsh <dwalsh at redhat.com> - 3.3.7-29
- Remove tools that we do not want to support
More information about the scm-commits
mailing list