rpms/policycoreutils/F-13 policycoreutils-sepolgen.patch, 1.43, 1.44 policycoreutils.spec, 1.723, 1.724
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Jun 21 14:12:58 UTC 2010
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv28822
Modified Files:
policycoreutils-sepolgen.patch policycoreutils.spec
Log Message:
* Tue Jun 21 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-32
- Fix audit2allow type reporting
policycoreutils-sepolgen.patch:
sepolgen/access.py | 13 ++++++--
sepolgen/audit.py | 46 ++++++++++++++++++++++++++++--
sepolgen/defaults.py | 3 ++
sepolgen/interfaces.py | 73 +++++++++++++++++++++++++++++++++++++++++++------
sepolgen/matching.py | 9 +++---
sepolgen/policygen.py | 38 ++++++++++++++++++++++++-
sepolgen/refparser.py | 2 -
share/perm_map | 51 +++++++++++++++++++---------------
8 files changed, 192 insertions(+), 43 deletions(-)
Index: policycoreutils-sepolgen.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/F-13/policycoreutils-sepolgen.patch,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -p -r1.43 -r1.44
--- policycoreutils-sepolgen.patch 2 Jun 2010 15:48:41 -0000 1.43
+++ policycoreutils-sepolgen.patch 21 Jun 2010 14:12:58 -0000 1.44
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py
--- nsasepolgen/src/sepolgen/access.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/access.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/access.py 2010-06-16 08:22:43.000000000 -0400
@@ -32,6 +32,7 @@
"""
@@ -45,9 +45,9 @@ diff --exclude-from=exclude -N -u -r nsa
access.perms.update(perms)
if audit_msg:
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py
--- nsasepolgen/src/sepolgen/audit.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/audit.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/audit.py 2010-06-16 08:22:43.000000000 -0400
@@ -68,6 +68,17 @@
stdout=subprocess.PIPE).communicate()[0]
return output
@@ -131,9 +131,9 @@ diff --exclude-from=exclude -N -u -r nsa
return av_set
class AVCTypeFilter:
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/defaults.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py
--- nsasepolgen/src/sepolgen/defaults.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/defaults.py 2010-06-16 08:22:43.000000000 -0400
@@ -30,6 +30,9 @@
def interface_info():
return data_dir() + "/interface_info"
@@ -144,9 +144,9 @@ diff --exclude-from=exclude -N -u -r nsa
def refpolicy_devel():
return "/usr/share/selinux/devel"
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/interfaces.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py
--- nsasepolgen/src/sepolgen/interfaces.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-05-03 09:33:11.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/interfaces.py 2010-06-16 08:22:43.000000000 -0400
@@ -29,6 +29,8 @@
from sepolgeni18n import _
@@ -262,9 +262,9 @@ diff --exclude-from=exclude -N -u -r nsa
self.expand_ifcalls(headers)
self.index()
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/matching.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py
--- nsasepolgen/src/sepolgen/matching.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/matching.py 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/matching.py 2010-06-16 08:22:43.000000000 -0400
@@ -50,7 +50,7 @@
return 1
@@ -293,9 +293,9 @@ diff --exclude-from=exclude -N -u -r nsa
def __iter__(self):
return iter(self.children)
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py
--- nsasepolgen/src/sepolgen/policygen.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-02 11:45:17.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/policygen.py 2010-06-21 10:10:01.000000000 -0400
@@ -29,6 +29,8 @@
import access
import interfaces
@@ -347,18 +347,18 @@ diff --exclude-from=exclude -N -u -r nsa
+ for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
+ if i not in self.domains:
+ types.append(i)
-+ if len(types) == 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
-+ elif len(types) >= 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
++ if len(types) == 1:
++ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
++ elif len(types) >= 1:
++ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
+ except:
+ pass
self.module.children.append(rule)
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-05-21 10:26:43.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/sepolgen/refparser.py 2010-06-16 08:22:43.000000000 -0400
@@ -1044,7 +1044,7 @@
# of misc_macros. We are just going to pretend that this is an interface
# to make the expansion work correctly.
@@ -368,9 +368,9 @@ diff --exclude-from=exclude -N -u -r nsa
"getattr","lock","execute","ioctl"])
can_exec.children.append(refpolicy.AVRule(av))
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/share/perm_map policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map
--- nsasepolgen/src/share/perm_map 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.82/sepolgen-1.0.23/src/share/perm_map 2010-04-28 17:12:20.000000000 -0400
++++ policycoreutils-2.0.83/sepolgen-1.0.23/src/share/perm_map 2010-06-16 08:22:43.000000000 -0400
@@ -124,7 +124,7 @@
quotamod w 1
quotaget r 1
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/F-13/policycoreutils.spec,v
retrieving revision 1.723
retrieving revision 1.724
diff -u -p -r1.723 -r1.724
--- policycoreutils.spec 15 Jun 2010 17:16:38 -0000 1.723
+++ policycoreutils.spec 21 Jun 2010 14:12:58 -0000 1.724
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.82
-Release: 31%{?dist}
+Release: 32%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -314,6 +314,9 @@ fi
exit 0
%changelog
+* Tue Jun 21 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-32
+- Fix audit2allow type reporting
+
* Tue Jun 15 2010 Dan Walsh <dwalsh at redhat.com> 2.0.82-31
- Fix sepolgen code generation
Resolve: #603001
More information about the scm-commits
mailing list