[policycoreutils/f14/master] * Thu Aug 5 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-14 - More fixes for polgen tools
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Aug 5 21:42:05 UTC 2010
commit f41eb95e233526b42eeba3f36b523e85317779c4
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Aug 5 17:42:01 2010 -0400
* Thu Aug 5 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-14
- More fixes for polgen tools
policycoreutils-gui.patch | 54 +++++++++++++++++++++++++-------------------
policycoreutils.spec | 5 +++-
2 files changed, 35 insertions(+), 24 deletions(-)
---
diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index cd6bc7d..2921918 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -5783,7 +5783,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgengui.py 2010-08-05 13:54:52.000000000 -0400
++++ policycoreutils-2.0.83/gui/polgengui.py 2010-08-05 17:40:33.000000000 -0400
@@ -0,0 +1,650 @@
+#!/usr/bin/python -Es
+#
@@ -5995,9 +5995,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+
+ for i in polgen.get_all_users():
+ iter = self.user_transition_store.append()
-+ self.user_transition_store.set_value(iter, 0, i)
++ self.user_transition_store.set_value(iter, 0, i[:-2])
+ iter = self.existing_user_store.append()
-+ self.existing_user_store.set_value(iter, 0, i)
++ self.existing_user_store.set_value(iter, 0, i[:-2])
+
+ self.admin_treeview = self.xml.get_widget("admin_treeview")
+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
@@ -6010,7 +6010,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ for i in polgen.methods:
+ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
+ if len(m) > 0:
-+ if "%s_exec" % m[0] in self.types:
++ if "%s_exec_t" % m[0] in self.types:
+ iter = self.transition_store.append()
+ self.transition_store.set_value(iter, 0, m[0])
+ continue
@@ -6437,8 +6437,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.py 2010-08-05 13:54:25.000000000 -0400
-@@ -0,0 +1,1307 @@
++++ policycoreutils-2.0.83/gui/polgen.py 2010-08-05 17:40:15.000000000 -0400
+@@ -0,0 +1,1309 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2007-2010 Red Hat
@@ -7294,7 +7294,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ newif =""
+ if self.use_terminal or self.type == USER:
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_user_program_rules)
-+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_role_change_rules)
++
++ if self.type in ( TUSER, XUSER, AUSER, LUSER):
++ newif += re.sub("TEMPLATETYPE", self.name, executable.if_role_change_rules)
+ return newif
+
+ def generate_if(self):
@@ -7568,6 +7570,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+
+ tmpdir = tempfile.mkdtemp(prefix="polgen_")
+
++ mypolicy = policy("myrwho", DAEMON)
++ mypolicy.set_program("/usr/sbin/myrwhod")
++ mypolicy.set_init_script("/etc/init.d/myrwhod")
++ mypolicy.add_dir("/etc/nasd")
++ mypolicy.set_in_tcp(1, 0, 0, "513")
++ mypolicy.set_use_uid(True)
++ mypolicy.set_use_tmp(True)
++ mypolicy.set_use_syslog(True)
++ mypolicy.set_use_pam(True)
++ mypolicy.add_dir("/var/run/myrwho")
++ mypolicy.add_dir("/var/lib/myrwho")
++ print mypolicy.generate(tmpdir)
++
+ mypolicy = policy("mywhois", USER)
+ mypolicy.set_program("/usr/bin/jwhois")
+ mypolicy.set_out_tcp(0, "43,63,4321")
@@ -7592,19 +7607,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_out_tcp(0,"8000")
+ print mypolicy.generate(tmpdir)
+
-+ mypolicy = policy("myrwho", DAEMON)
-+ mypolicy.set_program("/usr/sbin/myrwhod")
-+ mypolicy.set_init_script("/etc/init.d/myrwhod")
-+ mypolicy.add_dir("/etc/nasd")
-+ mypolicy.set_in_tcp(1, 0, 0, "513")
-+ mypolicy.set_use_uid(True)
-+ mypolicy.set_use_tmp(True)
-+ mypolicy.set_use_syslog(True)
-+ mypolicy.set_use_pam(True)
-+ mypolicy.add_dir("/var/run/myrwho")
-+ mypolicy.add_dir("/var/lib/myrwho")
-+ print mypolicy.generate(tmpdir)
-+
+ mypolicy = policy("myinetd", INETD)
+ mypolicy.set_program("/usr/bin/mytest")
+ mypolicy.set_in_tcp(1, 0, 0, "513")
@@ -14232,8 +14234,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/user.py 2010-08-05 10:24:34.000000000 -0400
-@@ -0,0 +1,199 @@
++++ policycoreutils-2.0.83/gui/templates/user.py 2010-08-05 17:40:01.000000000 -0400
+@@ -0,0 +1,205 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -14421,7 +14423,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+"""
+
+te_roles_rules="""
-+ROLE_role_change(TEMPLATETYPE_r)
++optional_policy(`
++ gen_require(`
++ role ROLE_r;
++ ')
++
++ allow TEMPLATETYPE_r ROLE_r;
++')
+"""
+
+te_sudo_rules="""
diff --git a/policycoreutils.spec b/policycoreutils.spec
index a57cc9f..6432c8c 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.83
-Release: 13%{?dist}
+Release: 14%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -312,6 +312,9 @@ fi
exit 0
%changelog
+* Thu Aug 5 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-14
+- More fixes for polgen tools
+
* Thu Aug 5 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-13
- Remove requirement to run selinux-polgen as root
More information about the scm-commits
mailing list