[policycoreutils] Have sepolgen return name field in AVC

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 13 17:30:00 UTC 2011 

commit 4f4e4913d76f45dbbcd894eeffd2c61acee66a56
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu Oct 13 13:29:56 2011 -0400

    Have sepolgen return name field in AVC

 policycoreutils-sepolgen.patch |   16 ++++++++++++----
 policycoreutils.spec           |    5 ++++-
 2 files changed, 16 insertions(+), 5 deletions(-)
---
diff --git a/policycoreutils-sepolgen.patch b/policycoreutils-sepolgen.patch
index ee09b7c..f4087ea 100644
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@@ -1,5 +1,5 @@
 diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
-index 24e308e..e23725f 100644
+index 24e308e..1b0a8e5 100644
 --- a/sepolgen/src/sepolgen/audit.py
 +++ b/sepolgen/src/sepolgen/audit.py
 @@ -68,6 +68,17 @@ def get_dmesg_msgs():
@@ -30,8 +30,11 @@ index 24e308e..e23725f 100644
  
  class AVCMessage(AuditMessage):
      """AVC message representing an access denial or granted message.
-@@ -167,6 +181,8 @@ class AVCMessage(AuditMessage):
+@@ -165,8 +179,11 @@ class AVCMessage(AuditMessage):
+         self.comm = ""
+         self.exe = ""
          self.path = ""
++        self.name = ""
          self.accesses = []
          self.denial = True
 +        self.type = audit2why.TERULE
@@ -39,7 +42,12 @@ index 24e308e..e23725f 100644
  
      def __parse_access(self, recs, start):
          # This is kind of sucky - the access that is in a space separated
-@@ -226,7 +242,31 @@ class AVCMessage(AuditMessage):
+@@ -223,10 +240,36 @@ class AVCMessage(AuditMessage):
+                 self.comm = fields[1][1:-1]
+             elif fields[0] == "exe":
+                 self.exe = fields[1][1:-1]
++            elif fields[0] == "name":
++                self.name = fields[1][1:-1]
  
          if not found_src or not found_tgt or not found_class or not found_access:
              raise ValueError("AVC message in invalid format [%s]\n" % self.message)
@@ -72,7 +80,7 @@ index 24e308e..e23725f 100644
  class PolicyLoadMessage(AuditMessage):
      """Audit message indicating that the policy was reloaded."""
      def __init__(self, message):
-@@ -469,10 +509,10 @@ class AuditParser:
+@@ -469,10 +512,10 @@ class AuditParser:
              if avc_filter:
                  if avc_filter.filter(avc):
                      av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
diff --git a/policycoreutils.spec b/policycoreutils.spec
index f6d69a3..53a412b 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.7
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -352,6 +352,9 @@ fi
 /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Thu Oct 13 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-4
+- Have sepolgen return name field in AVC
+
 * Thu Oct 6 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.7-3
 - restorecond -u needs to watch terminal for exit if run outside of dbus.

More information about the scm-commits mailing list