rpms/policycoreutils/devel policycoreutils-sepolgen.patch,1.35,1.36
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Jun 21 14:11:32 UTC 2010
Author: dwalsh
Update of /cvs/pkgs/rpms/policycoreutils/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv28429
Modified Files:
policycoreutils-sepolgen.patch
Log Message:
* Tue Jun 15 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-1
- Update to upstream
* Add sandbox support from Dan Walsh with modifications from Steve Lawrence.
policycoreutils-sepolgen.patch:
sepolgen/access.py | 13 ++++++--
sepolgen/audit.py | 46 ++++++++++++++++++++++++++++--
sepolgen/defaults.py | 3 ++
sepolgen/interfaces.py | 73 +++++++++++++++++++++++++++++++++++++++++++------
sepolgen/matching.py | 9 +++---
sepolgen/policygen.py | 38 ++++++++++++++++++++++++-
sepolgen/refparser.py | 2 -
share/perm_map | 51 +++++++++++++++++++---------------
8 files changed, 192 insertions(+), 43 deletions(-)
Index: policycoreutils-sepolgen.patch
===================================================================
RCS file: /cvs/pkgs/rpms/policycoreutils/devel/policycoreutils-sepolgen.patch,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -p -r1.35 -r1.36
--- policycoreutils-sepolgen.patch 2 Jun 2010 15:48:32 -0000 1.35
+++ policycoreutils-sepolgen.patch 21 Jun 2010 14:11:31 -0000 1.36
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py
--- nsasepolgen/src/sepolgen/access.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py 2010-06-16 08:22:43.000000000 -0400
@@ -32,6 +32,7 @@
"""
@@ -45,9 +45,9 @@ diff --exclude-from=exclude -N -u -r nsa
access.perms.update(perms)
if audit_msg:
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py
--- nsasepolgen/src/sepolgen/audit.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py 2010-06-16 08:22:43.000000000 -0400
@@ -68,6 +68,17 @@
stdout=subprocess.PIPE).communicate()[0]
return output
@@ -131,9 +131,9 @@ diff --exclude-from=exclude -N -u -r nsa
return av_set
class AVCTypeFilter:
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py
--- nsasepolgen/src/sepolgen/defaults.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-06-16 08:22:43.000000000 -0400
@@ -30,6 +30,9 @@
def interface_info():
return data_dir() + "/interface_info"
@@ -144,9 +144,9 @@ diff --exclude-from=exclude -N -u -r nsa
def refpolicy_devel():
return "/usr/share/selinux/devel"
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py
--- nsasepolgen/src/sepolgen/interfaces.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-05-03 09:33:11.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-06-16 08:22:43.000000000 -0400
@@ -29,6 +29,8 @@
from sepolgeni18n import _
@@ -262,9 +262,9 @@ diff --exclude-from=exclude -N -u -r nsa
self.expand_ifcalls(headers)
self.index()
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py
--- nsasepolgen/src/sepolgen/matching.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py 2010-06-16 08:22:43.000000000 -0400
@@ -50,7 +50,7 @@
return 1
@@ -293,9 +293,9 @@ diff --exclude-from=exclude -N -u -r nsa
def __iter__(self):
return iter(self.children)
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py
--- nsasepolgen/src/sepolgen/policygen.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-02 11:45:17.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-21 10:10:01.000000000 -0400
@@ -29,6 +29,8 @@
import access
import interfaces
@@ -347,18 +347,18 @@ diff --exclude-from=exclude -N -u -r nsa
+ for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
+ if i not in self.domains:
+ types.append(i)
-+ if len(types) == 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
-+ elif len(types) >= 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
++ if len(types) == 1:
++ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
++ elif len(types) >= 1:
++ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
+ except:
+ pass
self.module.children.append(rule)
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-05-21 10:26:43.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-06-16 08:22:43.000000000 -0400
@@ -1044,7 +1044,7 @@
# of misc_macros. We are just going to pretend that this is an interface
# to make the expansion work correctly.
@@ -368,9 +368,9 @@ diff --exclude-from=exclude -N -u -r nsa
"getattr","lock","execute","ioctl"])
can_exec.children.append(refpolicy.AVRule(av))
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map
--- nsasepolgen/src/share/perm_map 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map 2010-06-16 08:22:43.000000000 -0400
@@ -124,7 +124,7 @@
quotamod w 1
quotaget r 1
More information about the scm-commits
mailing list