[policycoreutils/f16] fix sepolgen to not crash on echo "" | audit2allow Fix English in templates for sepolgen Add unit fi
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Jan 18 21:52:19 UTC 2012
commit 2fb6f5383f67ebfe7728b35d38969113b4f7e66b
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Jan 18 16:52:15 2012 -0500
fix sepolgen to not crash on echo "" | audit2allow
Fix English in templates for sepolgen
Add unit file support to sepolgen, and cleanup some of the output.
policycoreutils-gui.patch | 312 +++++++++++++++++++--------------------
policycoreutils-sepolgen.patch | 202 ++++++--------------------
policycoreutils.spec | 9 +-
sources | 2 +-
4 files changed, 206 insertions(+), 319 deletions(-)
---
diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index f956a2b..ad35b9e 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,6 +1,6 @@
-diff -up policycoreutils-2.1.8/gui/booleansPage.py.gui policycoreutils-2.1.8/gui/booleansPage.py
---- policycoreutils-2.1.8/gui/booleansPage.py.gui 2011-11-07 15:12:01.891834224 -0500
-+++ policycoreutils-2.1.8/gui/booleansPage.py 2011-11-07 15:12:01.892834224 -0500
+diff -up policycoreutils-2.1.10/gui/booleansPage.py.gui policycoreutils-2.1.10/gui/booleansPage.py
+--- policycoreutils-2.1.10/gui/booleansPage.py.gui 2012-01-15 16:48:40.225095742 -0500
++++ policycoreutils-2.1.10/gui/booleansPage.py 2012-01-15 16:48:40.225095742 -0500
@@ -0,0 +1,247 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -249,9 +249,9 @@ diff -up policycoreutils-2.1.8/gui/booleansPage.py.gui policycoreutils-2.1.8/gui
+ self.load(self.filter)
+ return True
+
-diff -up policycoreutils-2.1.8/gui/domainsPage.py.gui policycoreutils-2.1.8/gui/domainsPage.py
---- policycoreutils-2.1.8/gui/domainsPage.py.gui 2011-11-07 15:12:01.892834224 -0500
-+++ policycoreutils-2.1.8/gui/domainsPage.py 2011-11-07 15:12:01.892834224 -0500
+diff -up policycoreutils-2.1.10/gui/domainsPage.py.gui policycoreutils-2.1.10/gui/domainsPage.py
+--- policycoreutils-2.1.10/gui/domainsPage.py.gui 2012-01-15 16:48:40.225095742 -0500
++++ policycoreutils-2.1.10/gui/domainsPage.py 2012-01-15 16:48:40.225095742 -0500
@@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc.
@@ -407,9 +407,9 @@ diff -up policycoreutils-2.1.8/gui/domainsPage.py.gui policycoreutils-2.1.8/gui/
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff -up policycoreutils-2.1.8/gui/fcontextPage.py.gui policycoreutils-2.1.8/gui/fcontextPage.py
---- policycoreutils-2.1.8/gui/fcontextPage.py.gui 2011-11-07 15:12:01.893834225 -0500
-+++ policycoreutils-2.1.8/gui/fcontextPage.py 2011-11-07 15:12:01.893834225 -0500
+diff -up policycoreutils-2.1.10/gui/fcontextPage.py.gui policycoreutils-2.1.10/gui/fcontextPage.py
+--- policycoreutils-2.1.10/gui/fcontextPage.py.gui 2012-01-15 16:48:40.226095742 -0500
++++ policycoreutils-2.1.10/gui/fcontextPage.py 2012-01-15 16:48:40.226095742 -0500
@@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -634,9 +634,9 @@ diff -up policycoreutils-2.1.8/gui/fcontextPage.py.gui policycoreutils-2.1.8/gui
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff -up policycoreutils-2.1.8/gui/html_util.py.gui policycoreutils-2.1.8/gui/html_util.py
---- policycoreutils-2.1.8/gui/html_util.py.gui 2011-11-07 15:12:01.894834226 -0500
-+++ policycoreutils-2.1.8/gui/html_util.py 2011-11-07 15:12:01.894834226 -0500
+diff -up policycoreutils-2.1.10/gui/html_util.py.gui policycoreutils-2.1.10/gui/html_util.py
+--- policycoreutils-2.1.10/gui/html_util.py.gui 2012-01-15 16:48:40.226095742 -0500
++++ policycoreutils-2.1.10/gui/html_util.py 2012-01-15 16:48:40.226095742 -0500
@@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis at redhat.com>
+#
@@ -802,9 +802,9 @@ diff -up policycoreutils-2.1.8/gui/html_util.py.gui policycoreutils-2.1.8/gui/ht
+ doc += tail
+ return doc
+
-diff -up policycoreutils-2.1.8/gui/lockdown.glade.gui policycoreutils-2.1.8/gui/lockdown.glade
---- policycoreutils-2.1.8/gui/lockdown.glade.gui 2011-11-07 15:12:01.895834226 -0500
-+++ policycoreutils-2.1.8/gui/lockdown.glade 2011-11-07 15:12:01.895834226 -0500
+diff -up policycoreutils-2.1.10/gui/lockdown.glade.gui policycoreutils-2.1.10/gui/lockdown.glade
+--- policycoreutils-2.1.10/gui/lockdown.glade.gui 2012-01-15 16:48:40.226095742 -0500
++++ policycoreutils-2.1.10/gui/lockdown.glade 2012-01-15 16:48:40.226095742 -0500
@@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -1577,9 +1577,9 @@ diff -up policycoreutils-2.1.8/gui/lockdown.glade.gui policycoreutils-2.1.8/gui/
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.1.8/gui/lockdown.gladep.gui policycoreutils-2.1.8/gui/lockdown.gladep
---- policycoreutils-2.1.8/gui/lockdown.gladep.gui 2011-11-07 15:12:01.896834226 -0500
-+++ policycoreutils-2.1.8/gui/lockdown.gladep 2011-11-07 15:12:01.896834226 -0500
+diff -up policycoreutils-2.1.10/gui/lockdown.gladep.gui policycoreutils-2.1.10/gui/lockdown.gladep
+--- policycoreutils-2.1.10/gui/lockdown.gladep.gui 2012-01-15 16:48:40.226095742 -0500
++++ policycoreutils-2.1.10/gui/lockdown.gladep 2012-01-15 16:48:40.226095742 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -1588,9 +1588,9 @@ diff -up policycoreutils-2.1.8/gui/lockdown.gladep.gui policycoreutils-2.1.8/gui
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.1.8/gui/lockdown.py.gui policycoreutils-2.1.8/gui/lockdown.py
---- policycoreutils-2.1.8/gui/lockdown.py.gui 2011-11-07 15:12:01.897834227 -0500
-+++ policycoreutils-2.1.8/gui/lockdown.py 2011-11-07 15:12:01.897834227 -0500
+diff -up policycoreutils-2.1.10/gui/lockdown.py.gui policycoreutils-2.1.10/gui/lockdown.py
+--- policycoreutils-2.1.10/gui/lockdown.py.gui 2012-01-15 16:48:40.227095742 -0500
++++ policycoreutils-2.1.10/gui/lockdown.py 2012-01-15 16:48:40.227095742 -0500
@@ -0,0 +1,375 @@
+#!/usr/bin/python
+#
@@ -1967,9 +1967,9 @@ diff -up policycoreutils-2.1.8/gui/lockdown.py.gui policycoreutils-2.1.8/gui/loc
+
+ app = booleanWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.1.8/gui/loginsPage.py.gui policycoreutils-2.1.8/gui/loginsPage.py
---- policycoreutils-2.1.8/gui/loginsPage.py.gui 2011-11-07 15:12:01.898834228 -0500
-+++ policycoreutils-2.1.8/gui/loginsPage.py 2011-11-07 15:12:01.898834228 -0500
+diff -up policycoreutils-2.1.10/gui/loginsPage.py.gui policycoreutils-2.1.10/gui/loginsPage.py
+--- policycoreutils-2.1.10/gui/loginsPage.py.gui 2012-01-15 16:48:40.227095742 -0500
++++ policycoreutils-2.1.10/gui/loginsPage.py 2012-01-15 16:48:40.227095742 -0500
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2156,9 +2156,9 @@ diff -up policycoreutils-2.1.8/gui/loginsPage.py.gui policycoreutils-2.1.8/gui/l
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff -up policycoreutils-2.1.8/gui/Makefile.gui policycoreutils-2.1.8/gui/Makefile
---- policycoreutils-2.1.8/gui/Makefile.gui 2011-11-07 15:12:01.898834228 -0500
-+++ policycoreutils-2.1.8/gui/Makefile 2011-11-07 15:12:01.898834228 -0500
+diff -up policycoreutils-2.1.10/gui/Makefile.gui policycoreutils-2.1.10/gui/Makefile
+--- policycoreutils-2.1.10/gui/Makefile.gui 2012-01-15 16:48:40.227095742 -0500
++++ policycoreutils-2.1.10/gui/Makefile 2012-01-15 16:48:40.227095742 -0500
@@ -0,0 +1,40 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -2200,9 +2200,9 @@ diff -up policycoreutils-2.1.8/gui/Makefile.gui policycoreutils-2.1.8/gui/Makefi
+indent:
+
+relabel:
-diff -up policycoreutils-2.1.8/gui/mappingsPage.py.gui policycoreutils-2.1.8/gui/mappingsPage.py
---- policycoreutils-2.1.8/gui/mappingsPage.py.gui 2011-11-07 15:12:01.899834229 -0500
-+++ policycoreutils-2.1.8/gui/mappingsPage.py 2011-11-07 15:12:01.899834229 -0500
+diff -up policycoreutils-2.1.10/gui/mappingsPage.py.gui policycoreutils-2.1.10/gui/mappingsPage.py
+--- policycoreutils-2.1.10/gui/mappingsPage.py.gui 2012-01-15 16:48:40.227095742 -0500
++++ policycoreutils-2.1.10/gui/mappingsPage.py 2012-01-15 16:48:40.227095742 -0500
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2260,9 +2260,9 @@ diff -up policycoreutils-2.1.8/gui/mappingsPage.py.gui policycoreutils-2.1.8/gui
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff -up policycoreutils-2.1.8/gui/modulesPage.py.gui policycoreutils-2.1.8/gui/modulesPage.py
---- policycoreutils-2.1.8/gui/modulesPage.py.gui 2011-11-07 15:12:01.899834229 -0500
-+++ policycoreutils-2.1.8/gui/modulesPage.py 2011-11-07 15:12:01.899834229 -0500
+diff -up policycoreutils-2.1.10/gui/modulesPage.py.gui policycoreutils-2.1.10/gui/modulesPage.py
+--- policycoreutils-2.1.10/gui/modulesPage.py.gui 2012-01-15 16:48:40.227095742 -0500
++++ policycoreutils-2.1.10/gui/modulesPage.py 2012-01-15 16:48:40.227095742 -0500
@@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -2454,9 +2454,9 @@ diff -up policycoreutils-2.1.8/gui/modulesPage.py.gui policycoreutils-2.1.8/gui/
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff -up policycoreutils-2.1.8/gui/polgen.glade.gui policycoreutils-2.1.8/gui/polgen.glade
---- policycoreutils-2.1.8/gui/polgen.glade.gui 2011-11-07 15:12:01.902834231 -0500
-+++ policycoreutils-2.1.8/gui/polgen.glade 2011-11-07 15:12:01.903834231 -0500
+diff -up policycoreutils-2.1.10/gui/polgen.glade.gui policycoreutils-2.1.10/gui/polgen.glade
+--- policycoreutils-2.1.10/gui/polgen.glade.gui 2012-01-15 16:48:40.229095742 -0500
++++ policycoreutils-2.1.10/gui/polgen.glade 2012-01-15 16:48:40.229095742 -0500
@@ -0,0 +1,3432 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -5890,9 +5890,9 @@ diff -up policycoreutils-2.1.8/gui/polgen.glade.gui policycoreutils-2.1.8/gui/po
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.1.8/gui/polgen.gladep.gui policycoreutils-2.1.8/gui/polgen.gladep
---- policycoreutils-2.1.8/gui/polgen.gladep.gui 2011-11-07 15:12:01.903834231 -0500
-+++ policycoreutils-2.1.8/gui/polgen.gladep 2011-11-07 15:12:01.903834231 -0500
+diff -up policycoreutils-2.1.10/gui/polgen.gladep.gui policycoreutils-2.1.10/gui/polgen.gladep
+--- policycoreutils-2.1.10/gui/polgen.gladep.gui 2012-01-15 16:48:40.229095742 -0500
++++ policycoreutils-2.1.10/gui/polgen.gladep 2012-01-15 16:48:40.229095742 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -5901,9 +5901,9 @@ diff -up policycoreutils-2.1.8/gui/polgen.gladep.gui policycoreutils-2.1.8/gui/p
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.1.8/gui/polgengui.py.gui policycoreutils-2.1.8/gui/polgengui.py
---- policycoreutils-2.1.8/gui/polgengui.py.gui 2011-11-07 15:12:01.904834232 -0500
-+++ policycoreutils-2.1.8/gui/polgengui.py 2011-11-07 15:12:01.904834232 -0500
+diff -up policycoreutils-2.1.10/gui/polgengui.py.gui policycoreutils-2.1.10/gui/polgengui.py
+--- policycoreutils-2.1.10/gui/polgengui.py.gui 2012-01-15 16:48:40.230095742 -0500
++++ policycoreutils-2.1.10/gui/polgengui.py 2012-01-15 16:48:40.230095742 -0500
@@ -0,0 +1,750 @@
+#!/usr/bin/python -Es
+#
@@ -6655,13 +6655,13 @@ diff -up policycoreutils-2.1.8/gui/polgengui.py.gui policycoreutils-2.1.8/gui/po
+
+ app = childWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polgen.py
---- policycoreutils-2.1.8/gui/polgen.py.gui 2011-11-07 15:12:01.905834233 -0500
-+++ policycoreutils-2.1.8/gui/polgen.py 2011-11-07 15:12:39.045857808 -0500
-@@ -0,0 +1,1351 @@
+diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/polgen.py
+--- policycoreutils-2.1.10/gui/polgen.py.gui 2012-01-15 16:48:40.230095742 -0500
++++ policycoreutils-2.1.10/gui/polgen.py 2012-01-15 16:49:37.290099123 -0500
+@@ -0,0 +1,1353 @@
+#!/usr/bin/python -Es
+#
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -6690,6 +6690,7 @@ diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polge
+from templates import executable
+from templates import boolean
+from templates import etc_rw
++from templates import unit_file
+from templates import var_cache
+from templates import var_spool
+from templates import var_lib
@@ -6956,13 +6957,15 @@ diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polge
+ self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
+ self.DEFAULT_DIRS["/tmp"] = ["tmp", [], tmp];
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
++ self.DEFAULT_DIRS["/lib/systemd/system"] = ["unit_file", [], unit_file];
++ self.DEFAULT_DIRS["/etc/systemd/system"] = ["unit_file", [], unit_file];
+ self.DEFAULT_DIRS["/var/cache"] = ["var_cache", [], var_cache];
+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
+ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
+
-+ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool"]
++ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool", "/etc/systemd/system", "/lib/systemd/system" ]
+
+ self.DEFAULT_TYPES = (\
+( self.generate_daemon_types, self.generate_daemon_rules), \
@@ -7803,7 +7806,6 @@ diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polge
+ if os.path.isfile("/etc/rc.d/init.d/%s" % self.name):
+ self.set_init_script("/etc/rc\.d/init\.d/%s" % self.name)
+
-+
+ def gen_symbols(self):
+ if self.type not in APPLICATIONS:
+ return
@@ -8010,9 +8012,9 @@ diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polge
+ sys.exit(0)
+ except ValueError, e:
+ usage(e)
-diff -up policycoreutils-2.1.8/gui/portsPage.py.gui policycoreutils-2.1.8/gui/portsPage.py
---- policycoreutils-2.1.8/gui/portsPage.py.gui 2011-11-07 15:12:01.906834233 -0500
-+++ policycoreutils-2.1.8/gui/portsPage.py 2011-11-07 15:12:01.906834233 -0500
+diff -up policycoreutils-2.1.10/gui/portsPage.py.gui policycoreutils-2.1.10/gui/portsPage.py
+--- policycoreutils-2.1.10/gui/portsPage.py.gui 2012-01-15 16:48:40.231095742 -0500
++++ policycoreutils-2.1.10/gui/portsPage.py 2012-01-15 16:48:40.231095742 -0500
@@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8273,9 +8275,9 @@ diff -up policycoreutils-2.1.8/gui/portsPage.py.gui policycoreutils-2.1.8/gui/po
+
+ return True
+
-diff -up policycoreutils-2.1.8/gui/selinux.tbl.gui policycoreutils-2.1.8/gui/selinux.tbl
---- policycoreutils-2.1.8/gui/selinux.tbl.gui 2011-11-07 15:12:01.907834233 -0500
-+++ policycoreutils-2.1.8/gui/selinux.tbl 2011-11-07 15:12:01.907834233 -0500
+diff -up policycoreutils-2.1.10/gui/selinux.tbl.gui policycoreutils-2.1.10/gui/selinux.tbl
+--- policycoreutils-2.1.10/gui/selinux.tbl.gui 2012-01-15 16:48:40.231095742 -0500
++++ policycoreutils-2.1.10/gui/selinux.tbl 2012-01-15 16:48:40.231095742 -0500
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -8511,9 +8513,9 @@ diff -up policycoreutils-2.1.8/gui/selinux.tbl.gui policycoreutils-2.1.8/gui/sel
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff -up policycoreutils-2.1.8/gui/semanagePage.py.gui policycoreutils-2.1.8/gui/semanagePage.py
---- policycoreutils-2.1.8/gui/semanagePage.py.gui 2011-11-07 15:12:01.908834234 -0500
-+++ policycoreutils-2.1.8/gui/semanagePage.py 2011-11-07 15:12:01.908834234 -0500
+diff -up policycoreutils-2.1.10/gui/semanagePage.py.gui policycoreutils-2.1.10/gui/semanagePage.py
+--- policycoreutils-2.1.10/gui/semanagePage.py.gui 2012-01-15 16:48:40.231095742 -0500
++++ policycoreutils-2.1.10/gui/semanagePage.py 2012-01-15 16:48:40.231095742 -0500
@@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8683,9 +8685,9 @@ diff -up policycoreutils-2.1.8/gui/semanagePage.py.gui policycoreutils-2.1.8/gui
+ self.load(self.filter)
+ return True
+
-diff -up policycoreutils-2.1.8/gui/statusPage.py.gui policycoreutils-2.1.8/gui/statusPage.py
---- policycoreutils-2.1.8/gui/statusPage.py.gui 2011-11-07 15:12:01.909834235 -0500
-+++ policycoreutils-2.1.8/gui/statusPage.py 2011-11-07 15:12:01.909834235 -0500
+diff -up policycoreutils-2.1.10/gui/statusPage.py.gui policycoreutils-2.1.10/gui/statusPage.py
+--- policycoreutils-2.1.10/gui/statusPage.py.gui 2012-01-15 16:48:40.231095742 -0500
++++ policycoreutils-2.1.10/gui/statusPage.py 2012-01-15 16:48:40.231095742 -0500
@@ -0,0 +1,190 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -8877,9 +8879,9 @@ diff -up policycoreutils-2.1.8/gui/statusPage.py.gui policycoreutils-2.1.8/gui/s
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff -up policycoreutils-2.1.8/gui/system-config-selinux.glade.gui policycoreutils-2.1.8/gui/system-config-selinux.glade
---- policycoreutils-2.1.8/gui/system-config-selinux.glade.gui 2011-11-07 15:12:01.913834238 -0500
-+++ policycoreutils-2.1.8/gui/system-config-selinux.glade 2011-11-07 15:12:01.913834238 -0500
+diff -up policycoreutils-2.1.10/gui/system-config-selinux.glade.gui policycoreutils-2.1.10/gui/system-config-selinux.glade
+--- policycoreutils-2.1.10/gui/system-config-selinux.glade.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/system-config-selinux.glade 2012-01-15 16:48:40.233095742 -0500
@@ -0,0 +1,3024 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -11905,9 +11907,9 @@ diff -up policycoreutils-2.1.8/gui/system-config-selinux.glade.gui policycoreuti
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.1.8/gui/system-config-selinux.gladep.gui policycoreutils-2.1.8/gui/system-config-selinux.gladep
---- policycoreutils-2.1.8/gui/system-config-selinux.gladep.gui 2011-11-07 15:12:01.914834238 -0500
-+++ policycoreutils-2.1.8/gui/system-config-selinux.gladep 2011-11-07 15:12:01.914834238 -0500
+diff -up policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui policycoreutils-2.1.10/gui/system-config-selinux.gladep
+--- policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/system-config-selinux.gladep 2012-01-15 16:48:40.233095742 -0500
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -11916,9 +11918,9 @@ diff -up policycoreutils-2.1.8/gui/system-config-selinux.gladep.gui policycoreut
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.1.8/gui/system-config-selinux.py.gui policycoreutils-2.1.8/gui/system-config-selinux.py
---- policycoreutils-2.1.8/gui/system-config-selinux.py.gui 2011-11-07 15:12:01.914834238 -0500
-+++ policycoreutils-2.1.8/gui/system-config-selinux.py 2011-11-07 15:12:01.915834239 -0500
+diff -up policycoreutils-2.1.10/gui/system-config-selinux.py.gui policycoreutils-2.1.10/gui/system-config-selinux.py
+--- policycoreutils-2.1.10/gui/system-config-selinux.py.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/system-config-selinux.py 2012-01-15 16:48:40.233095742 -0500
@@ -0,0 +1,187 @@
+#!/usr/bin/python -Es
+#
@@ -12107,11 +12109,11 @@ diff -up policycoreutils-2.1.8/gui/system-config-selinux.py.gui policycoreutils-
+
+ app = childWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.1.8/gui/templates/boolean.py.gui policycoreutils-2.1.8/gui/templates/boolean.py
---- policycoreutils-2.1.8/gui/templates/boolean.py.gui 2011-11-07 15:12:01.915834239 -0500
-+++ policycoreutils-2.1.8/gui/templates/boolean.py 2011-11-07 15:12:01.916834240 -0500
+diff -up policycoreutils-2.1.10/gui/templates/boolean.py.gui policycoreutils-2.1.10/gui/templates/boolean.py
+--- policycoreutils-2.1.10/gui/templates/boolean.py.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/templates/boolean.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,40 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -12151,11 +12153,11 @@ diff -up policycoreutils-2.1.8/gui/templates/boolean.py.gui policycoreutils-2.1.
+')
+"""
+
-diff -up policycoreutils-2.1.8/gui/templates/etc_rw.py.gui policycoreutils-2.1.8/gui/templates/etc_rw.py
---- policycoreutils-2.1.8/gui/templates/etc_rw.py.gui 2011-11-07 15:12:01.916834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/etc_rw.py 2011-11-07 15:12:01.916834240 -0500
+diff -up policycoreutils-2.1.10/gui/templates/etc_rw.py.gui policycoreutils-2.1.10/gui/templates/etc_rw.py
+--- policycoreutils-2.1.10/gui/templates/etc_rw.py.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/templates/etc_rw.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,112 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -12252,7 +12254,7 @@ diff -up policycoreutils-2.1.8/gui/templates/etc_rw.py.gui policycoreutils-2.1.8
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_etc_rw_t;"""
++ type TEMPLATETYPE_etc_rw_t;"""
+
+if_admin_rules="""
+ files_search_etc($1)
@@ -12267,11 +12269,11 @@ diff -up policycoreutils-2.1.8/gui/templates/etc_rw.py.gui policycoreutils-2.1.8
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2.1.8/gui/templates/executable.py
---- policycoreutils-2.1.8/gui/templates/executable.py.gui 2011-11-07 15:12:01.916834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/executable.py 2011-11-07 15:12:01.917834240 -0500
-@@ -0,0 +1,451 @@
-+# Copyright (C) 2007-2011 Red Hat
+diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-2.1.10/gui/templates/executable.py
+--- policycoreutils-2.1.10/gui/templates/executable.py.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/templates/executable.py 2012-01-15 16:48:48.559096233 -0500
+@@ -0,0 +1,441 @@
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -12387,7 +12389,7 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+permissive httpd_TEMPLATETYPE_script_t;
+"""
+
-+te_daemon_rules="""
++te_daemon_rules="""\
+allow TEMPLATETYPE_t self:fifo_file rw_fifo_file_perms;
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
+"""
@@ -12479,8 +12481,7 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+########################### Interface File #############################
+
+if_heading_rules="""
-+## <summary>policy for TEMPLATETYPE</summary>
-+"""
++## <summary>policy for TEMPLATETYPE</summary>"""
+
+if_program_rules="""
+
@@ -12502,7 +12503,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+ corecmd_search_bin($1)
+ domtrans_pattern($1, TEMPLATETYPE_exec_t, TEMPLATETYPE_t)
+')
-+
+"""
+
+if_user_program_rules="""
@@ -12558,7 +12558,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+ ps_process_pattern($2, TEMPLATETYPE_t)
+ allow $2 TEMPLATETYPE_t:process signal;
+')
-+
+"""
+
+if_sandbox_rules="""
@@ -12594,7 +12593,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+ allow TEMPLATETYPE_client_t $1:process { sigchld signull };
+ allow TEMPLATETYPE_client_t $1:fifo_file rw_inherited_fifo_file_perms;
+')
-+
+"""
+
+if_role_change_rules="""
@@ -12616,7 +12614,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+
+ allow $1 TEMPLATETYPE_r;
+')
-+
+"""
+
+if_initscript_rules="""
@@ -12637,7 +12634,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+
+ init_labeled_script_domtrans($1, TEMPLATETYPE_initrc_exec_t)
+')
-+
+"""
+
+if_dbus_rules="""
@@ -12661,7 +12657,6 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+ allow $1 TEMPLATETYPE_t:dbus send_msg;
+ allow TEMPLATETYPE_t $1:dbus send_msg;
+')
-+
+"""
+
+if_begin_admin="""
@@ -12694,7 +12689,7 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+"""
+
+if_initscript_admin_types="""
-+ type TEMPLATETYPE_initrc_exec_t;"""
++ type TEMPLATETYPE_initrc_exec_t;"""
+
+if_initscript_admin="""
+ TEMPLATETYPE_initrc_domtrans($1)
@@ -12703,14 +12698,12 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+ allow $2 system_r;
+"""
+
-+if_end_admin="""
++if_end_admin="""\
+')
-+
+"""
+
+########################### File Context ##################################
+fc_program="""\
-+
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
+"""
+
@@ -12719,15 +12712,14 @@ diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2
+"""
+
+fc_initscript="""\
-+
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/__init__.py.gui policycoreutils-2.1.8/gui/templates/__init__.py
---- policycoreutils-2.1.8/gui/templates/__init__.py.gui 2011-11-07 15:12:01.917834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/__init__.py 2011-11-07 15:12:01.917834240 -0500
+diff -up policycoreutils-2.1.10/gui/templates/__init__.py.gui policycoreutils-2.1.10/gui/templates/__init__.py
+--- policycoreutils-2.1.10/gui/templates/__init__.py.gui 2012-01-15 16:48:40.233095742 -0500
++++ policycoreutils-2.1.10/gui/templates/__init__.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,18 @@
+#
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
@@ -12744,11 +12736,11 @@ diff -up policycoreutils-2.1.8/gui/templates/__init__.py.gui policycoreutils-2.1
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
-diff -up policycoreutils-2.1.8/gui/templates/network.py.gui policycoreutils-2.1.8/gui/templates/network.py
---- policycoreutils-2.1.8/gui/templates/network.py.gui 2011-11-07 15:12:01.917834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/network.py 2011-11-07 15:12:01.918834240 -0500
+diff -up policycoreutils-2.1.10/gui/templates/network.py.gui policycoreutils-2.1.10/gui/templates/network.py
+--- policycoreutils-2.1.10/gui/templates/network.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/network.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,102 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -12850,11 +12842,11 @@ diff -up policycoreutils-2.1.8/gui/templates/network.py.gui policycoreutils-2.1.
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff -up policycoreutils-2.1.8/gui/templates/rw.py.gui policycoreutils-2.1.8/gui/templates/rw.py
---- policycoreutils-2.1.8/gui/templates/rw.py.gui 2011-11-07 15:12:01.918834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/rw.py 2011-11-07 15:12:01.918834240 -0500
+diff -up policycoreutils-2.1.10/gui/templates/rw.py.gui policycoreutils-2.1.10/gui/templates/rw.py
+--- policycoreutils-2.1.10/gui/templates/rw.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/rw.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,129 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -12968,7 +12960,7 @@ diff -up policycoreutils-2.1.8/gui/templates/rw.py.gui policycoreutils-2.1.8/gui
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_rw_t;"""
++ type TEMPLATETYPE_rw_t;"""
+
+if_admin_rules="""
+ files_search_etc($1)
@@ -12983,11 +12975,11 @@ diff -up policycoreutils-2.1.8/gui/templates/rw.py.gui policycoreutils-2.1.8/gui
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/script.py.gui policycoreutils-2.1.8/gui/templates/script.py
---- policycoreutils-2.1.8/gui/templates/script.py.gui 2011-11-07 15:12:01.918834240 -0500
-+++ policycoreutils-2.1.8/gui/templates/script.py 2011-11-07 15:12:01.919834241 -0500
+diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.10/gui/templates/script.py
+--- policycoreutils-2.1.10/gui/templates/script.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/script.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,126 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13113,11 +13105,11 @@ diff -up policycoreutils-2.1.8/gui/templates/script.py.gui policycoreutils-2.1.8
+_EOF
+fi
+"""
-diff -up policycoreutils-2.1.8/gui/templates/semodule.py.gui policycoreutils-2.1.8/gui/templates/semodule.py
---- policycoreutils-2.1.8/gui/templates/semodule.py.gui 2011-11-07 15:12:01.919834241 -0500
-+++ policycoreutils-2.1.8/gui/templates/semodule.py 2011-11-07 15:12:01.919834241 -0500
+diff -up policycoreutils-2.1.10/gui/templates/semodule.py.gui policycoreutils-2.1.10/gui/templates/semodule.py
+--- policycoreutils-2.1.10/gui/templates/semodule.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/semodule.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,41 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13158,11 +13150,11 @@ diff -up policycoreutils-2.1.8/gui/templates/semodule.py.gui policycoreutils-2.1
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff -up policycoreutils-2.1.8/gui/templates/tmp.py.gui policycoreutils-2.1.8/gui/templates/tmp.py
---- policycoreutils-2.1.8/gui/templates/tmp.py.gui 2011-11-07 15:12:01.919834241 -0500
-+++ policycoreutils-2.1.8/gui/templates/tmp.py 2011-11-07 15:12:01.920834242 -0500
+diff -up policycoreutils-2.1.10/gui/templates/tmp.py.gui policycoreutils-2.1.10/gui/templates/tmp.py
+--- policycoreutils-2.1.10/gui/templates/tmp.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/tmp.py 2012-01-15 16:48:48.559096233 -0500
@@ -0,0 +1,102 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13258,17 +13250,17 @@ diff -up policycoreutils-2.1.8/gui/templates/tmp.py.gui policycoreutils-2.1.8/gu
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_tmp_t;"""
++ type TEMPLATETYPE_tmp_t;"""
+
+if_admin_rules="""
+ files_search_tmp($1)
+ admin_pattern($1, TEMPLATETYPE_tmp_t)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/user.py.gui policycoreutils-2.1.8/gui/templates/user.py
---- policycoreutils-2.1.8/gui/templates/user.py.gui 2011-11-07 15:12:01.920834242 -0500
-+++ policycoreutils-2.1.8/gui/templates/user.py 2011-11-07 15:12:01.920834242 -0500
+diff -up policycoreutils-2.1.10/gui/templates/user.py.gui policycoreutils-2.1.10/gui/templates/user.py
+--- policycoreutils-2.1.10/gui/templates/user.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/user.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,204 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13472,11 +13464,11 @@ diff -up policycoreutils-2.1.8/gui/templates/user.py.gui policycoreutils-2.1.8/g
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/var_cache.py.gui policycoreutils-2.1.8/gui/templates/var_cache.py
---- policycoreutils-2.1.8/gui/templates/var_cache.py.gui 2011-11-07 15:12:01.920834242 -0500
-+++ policycoreutils-2.1.8/gui/templates/var_cache.py 2011-11-07 15:12:01.921834243 -0500
+diff -up policycoreutils-2.1.10/gui/templates/var_cache.py.gui policycoreutils-2.1.10/gui/templates/var_cache.py
+--- policycoreutils-2.1.10/gui/templates/var_cache.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/var_cache.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,132 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13593,7 +13585,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_cache.py.gui policycoreutils-2.
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_cache_t;"""
++ type TEMPLATETYPE_cache_t;"""
+
+if_admin_rules="""
+ files_search_var($1)
@@ -13608,11 +13600,11 @@ diff -up policycoreutils-2.1.8/gui/templates/var_cache.py.gui policycoreutils-2.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/var_lib.py.gui policycoreutils-2.1.8/gui/templates/var_lib.py
---- policycoreutils-2.1.8/gui/templates/var_lib.py.gui 2011-11-07 15:12:01.921834243 -0500
-+++ policycoreutils-2.1.8/gui/templates/var_lib.py 2011-11-07 15:12:01.921834243 -0500
+diff -up policycoreutils-2.1.10/gui/templates/var_lib.py.gui policycoreutils-2.1.10/gui/templates/var_lib.py
+--- policycoreutils-2.1.10/gui/templates/var_lib.py.gui 2012-01-15 16:48:40.234095742 -0500
++++ policycoreutils-2.1.10/gui/templates/var_lib.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,160 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13735,7 +13727,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_lib.py.gui policycoreutils-2.1.
+if_stream_rules="""
+########################################
+## <summary>
-+## Connect to TEMPLATETYPE over an unix stream socket.
++## Connect to TEMPLATETYPE over a unix stream socket.
+## </summary>
+## <param name="domain">
+## <summary>
@@ -13753,7 +13745,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_lib.py.gui policycoreutils-2.1.
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_var_lib_t;"""
++ type TEMPLATETYPE_var_lib_t;"""
+
+if_admin_rules="""
+ files_search_var_lib($1)
@@ -13772,11 +13764,11 @@ diff -up policycoreutils-2.1.8/gui/templates/var_lib.py.gui policycoreutils-2.1.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/var_log.py.gui policycoreutils-2.1.8/gui/templates/var_log.py
---- policycoreutils-2.1.8/gui/templates/var_log.py.gui 2011-11-07 15:12:01.921834243 -0500
-+++ policycoreutils-2.1.8/gui/templates/var_log.py 2011-11-07 15:12:01.922834244 -0500
+diff -up policycoreutils-2.1.10/gui/templates/var_log.py.gui policycoreutils-2.1.10/gui/templates/var_log.py
+--- policycoreutils-2.1.10/gui/templates/var_log.py.gui 2012-01-15 16:48:40.235095742 -0500
++++ policycoreutils-2.1.10/gui/templates/var_log.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,114 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13812,7 +13804,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_log.py.gui policycoreutils-2.1.
+"""
+
+########################### Interface File #############################
-+if_rules="""
++if_rules="""\
+########################################
+## <summary>
+## Read TEMPLATETYPE's log files.
@@ -13875,7 +13867,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_log.py.gui policycoreutils-2.1.
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_log_t;"""
++ type TEMPLATETYPE_log_t;"""
+
+if_admin_rules="""
+ logging_search_logs($1)
@@ -13890,11 +13882,11 @@ diff -up policycoreutils-2.1.8/gui/templates/var_log.py.gui policycoreutils-2.1.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.8/gui/templates/var_run.py
---- policycoreutils-2.1.8/gui/templates/var_run.py.gui 2011-11-07 15:12:01.922834244 -0500
-+++ policycoreutils-2.1.8/gui/templates/var_run.py 2011-11-07 15:12:01.922834244 -0500
+diff -up policycoreutils-2.1.10/gui/templates/var_run.py.gui policycoreutils-2.1.10/gui/templates/var_run.py
+--- policycoreutils-2.1.10/gui/templates/var_run.py.gui 2012-01-15 16:48:40.235095742 -0500
++++ policycoreutils-2.1.10/gui/templates/var_run.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,101 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -13933,7 +13925,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.
+files_pid_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t, sock_file)
+"""
+
-+if_rules="""
++if_rules="""\
+########################################
+## <summary>
+## Read TEMPLATETYPE PID files.
@@ -13958,7 +13950,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.
+if_stream_rules="""\
+########################################
+## <summary>
-+## Connect to TEMPLATETYPE over an unix stream socket.
++## Connect to TEMPLATETYPE over a unix stream socket.
+## </summary>
+## <param name="domain">
+## <summary>
@@ -13977,7 +13969,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_var_run_t;"""
++ type TEMPLATETYPE_var_run_t;"""
+
+if_admin_rules="""
+ files_search_pids($1)
@@ -13995,11 +13987,11 @@ diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/templates/var_spool.py.gui policycoreutils-2.1.8/gui/templates/var_spool.py
---- policycoreutils-2.1.8/gui/templates/var_spool.py.gui 2011-11-07 15:12:01.922834244 -0500
-+++ policycoreutils-2.1.8/gui/templates/var_spool.py 2011-11-07 15:12:01.923834245 -0500
+diff -up policycoreutils-2.1.10/gui/templates/var_spool.py.gui policycoreutils-2.1.10/gui/templates/var_spool.py
+--- policycoreutils-2.1.10/gui/templates/var_spool.py.gui 2012-01-15 16:48:40.235095742 -0500
++++ policycoreutils-2.1.10/gui/templates/var_spool.py 2012-01-15 16:48:48.560096233 -0500
@@ -0,0 +1,131 @@
-+# Copyright (C) 2007-2011 Red Hat
++# Copyright (C) 2007-2012 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@@ -14115,7 +14107,7 @@ diff -up policycoreutils-2.1.8/gui/templates/var_spool.py.gui policycoreutils-2.
+"""
+
+if_admin_types="""
-+ type TEMPLATETYPE_spool_t;"""
++ type TEMPLATETYPE_spool_t;"""
+
+if_admin_rules="""
+ files_search_spool($1)
@@ -14130,9 +14122,9 @@ diff -up policycoreutils-2.1.8/gui/templates/var_spool.py.gui policycoreutils-2.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff -up policycoreutils-2.1.8/gui/usersPage.py.gui policycoreutils-2.1.8/gui/usersPage.py
---- policycoreutils-2.1.8/gui/usersPage.py.gui 2011-11-07 15:12:01.923834245 -0500
-+++ policycoreutils-2.1.8/gui/usersPage.py 2011-11-07 15:12:01.923834245 -0500
+diff -up policycoreutils-2.1.10/gui/usersPage.py.gui policycoreutils-2.1.10/gui/usersPage.py
+--- policycoreutils-2.1.10/gui/usersPage.py.gui 2012-01-15 16:48:40.235095742 -0500
++++ policycoreutils-2.1.10/gui/usersPage.py 2012-01-15 16:48:40.235095742 -0500
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils-sepolgen.patch b/policycoreutils-sepolgen.patch
index 0482ee2..16b300d 100644
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@@ -1,72 +1,52 @@
+diff --git a/sepolgen/HACKING b/sepolgen/HACKING
+index 5cdf6d5..a0ec323 100644
+--- a/sepolgen/HACKING
++++ b/sepolgen/HACKING
+@@ -76,4 +76,4 @@ information about the object classes - including information flow. It
+ is separated to keep the core from being concerned about the details
+ of the object classes.
+
+-[selist]: http://www.nsa.gov/selinux/info/list.cfm
+\ No newline at end of file
++[selist]: http://www.nsa.gov/research/selinux/info/list.cfm
diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
-index 898fbc3..9fdfafa 100644
+index 9fdfafa..9e2ccee 100644
--- a/sepolgen/src/sepolgen/audit.py
+++ b/sepolgen/src/sepolgen/audit.py
-@@ -127,6 +127,9 @@ class PathMessage(AuditMessage):
- if fields[0] == "path":
- self.path = fields[1][1:-1]
- return
-+import selinux.audit2why as audit2why
-+
-+avcdict = {}
-
- class AVCMessage(AuditMessage):
- """AVC message representing an access denial or granted message.
-@@ -168,6 +171,8 @@ class AVCMessage(AuditMessage):
- self.name = ""
- self.accesses = []
- self.denial = True
-+ self.type = audit2why.TERULE
-+ self.bools = []
-
- def __parse_access(self, recs, start):
- # This is kind of sucky - the access that is in a space separated
-@@ -229,7 +234,31 @@ class AVCMessage(AuditMessage):
-
- if not found_src or not found_tgt or not found_class or not found_access:
- raise ValueError("AVC message in invalid format [%s]\n" % self.message)
--
-+ self.analyze()
-+
-+ def analyze(self):
-+ tcontext = self.tcontext.to_string()
-+ scontext = self.scontext.to_string()
-+ access_tuple = tuple( self.accesses)
-+ if (scontext, tcontext, self.tclass, access_tuple) in avcdict.keys():
-+ self.type, self.bools = avcdict[(scontext, tcontext, self.tclass, access_tuple)]
-+ else:
-+ self.type, self.bools = audit2why.analyze(scontext, tcontext, self.tclass, self.accesses);
-+ if self.type == audit2why.NOPOLICY:
-+ self.type = audit2why.TERULE
-+ if self.type == audit2why.BADTCON:
-+ raise ValueError("Invalid Target Context %s\n" % tcontext)
-+ if self.type == audit2why.BADSCON:
-+ raise ValueError("Invalid Source Context %s\n" % scontext)
-+ if self.type == audit2why.BADSCON:
-+ raise ValueError("Invalid Type Class %s\n" % self.tclass)
-+ if self.type == audit2why.BADPERM:
-+ raise ValueError("Invalid permission %s\n" % " ".join(self.accesses))
-+ if self.type == audit2why.BADCOMPUTE:
-+ raise ValueError("Error during access vector computation")
-+
-+ avcdict[(scontext, tcontext, self.tclass, access_tuple)] = (self.type, self.bools)
-+
- class PolicyLoadMessage(AuditMessage):
- """Audit message indicating that the policy was reloaded."""
- def __init__(self, message):
-@@ -472,10 +501,10 @@ class AuditParser:
- if avc_filter:
- if avc_filter.filter(avc):
- av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
-- avc.accesses, avc)
-+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools)
- else:
- av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
-- avc.accesses, avc)
-+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools)
- return av_set
-
- class AVCTypeFilter:
+@@ -20,6 +20,7 @@
+ import refpolicy
+ import access
+ import re
++import sys
+
+ # Convenience functions
+
+@@ -343,6 +344,7 @@ class AuditParser:
+ self.policy_load_msgs = []
+ self.path_msgs = []
+ self.by_header = { }
++ self.check_input_file = False
+
+ # Low-level parsing function - tries to determine if this audit
+ # message is an SELinux related message and then parses it into
+@@ -378,6 +380,7 @@ class AuditParser:
+ found = True
+
+ if found:
++ self.check_input_file = True
+ try:
+ msg.from_split_string(rec)
+ except ValueError:
+@@ -447,6 +450,9 @@ class AuditParser:
+ while line:
+ self.__parse(line)
+ line = input.readline()
++ if not self.check_input_file:
++ sys.stderr.write("Nothing to do\n")
++ sys.exit(0)
+ self.__post_process()
+
+ def parse_string(self, input):
diff --git a/sepolgen/src/sepolgen/matching.py b/sepolgen/src/sepolgen/matching.py
index 1a9a3e5..d56dd92 100644
--- a/sepolgen/src/sepolgen/matching.py
@@ -99,93 +79,3 @@ index 1a9a3e5..d56dd92 100644
def __iter__(self):
return iter(self.children)
-diff --git a/sepolgen/src/sepolgen/policygen.py b/sepolgen/src/sepolgen/policygen.py
-index 0e6b502..4882999 100644
---- a/sepolgen/src/sepolgen/policygen.py
-+++ b/sepolgen/src/sepolgen/policygen.py
-@@ -29,6 +29,8 @@ import objectmodel
- import access
- import interfaces
- import matching
-+import selinux.audit2why as audit2why
-+from setools import *
-
- # Constants for the level of explanation from the generation
- # routines
-@@ -77,6 +79,7 @@ class PolicyGenerator:
-
- self.dontaudit = False
-
-+ self.domains = None
- def set_gen_refpol(self, if_set=None, perm_maps=None):
- """Set whether reference policy interfaces are generated.
-
-@@ -151,8 +154,41 @@ class PolicyGenerator:
- rule = refpolicy.AVRule(av)
- if self.dontaudit:
- rule.rule_type = rule.DONTAUDIT
-+ rule.comment = ""
- if self.explain:
-- rule.comment = refpolicy.Comment(explain_access(av, verbosity=self.explain))
-+ rule.comment = str(refpolicy.Comment(explain_access(av, verbosity=self.explain)))
-+ if av.type == audit2why.ALLOW:
-+ rule.comment += "#!!!! This avc is allowed in the current policy\n"
-+ if av.type == audit2why.DONTAUDIT:
-+ rule.comment += "#!!!! This avc has a dontaudit rule in the current policy\n"
-+
-+ if av.type == audit2why.BOOLEAN:
-+ if len(av.bools) > 1:
-+ rule.comment += "#!!!! This avc can be allowed using one of the these booleans:\n# %s\n" % ", ".join(map(lambda x: x[0], av.bools))
-+ else:
-+ rule.comment += "#!!!! This avc can be allowed using the boolean '%s'\n" % av.bools[0][0]
-+
-+ if av.type == audit2why.CONSTRAINT:
-+ rule.comment += "#!!!! This avc is a constraint violation. You will need to add an attribute to either the source or target type to make it work.\n"
-+ rule.comment += "#Constraint rule: "
-+
-+ if av.type == audit2why.TERULE:
-+ if "write" in av.perms:
-+ if "dir" in av.obj_class or "open" in av.perms:
-+ if not self.domains:
-+ self.domains = seinfo(ATTRIBUTE, name="domain")[0]["types"]
-+ types=[]
-+
-+ try:
-+ for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
-+ if i not in self.domains:
-+ types.append(i)
-+ if len(types) == 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
-+ elif len(types) >= 1:
-+ rule.comment += "#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
-+ except:
-+ pass
- self.module.children.append(rule)
-
-
-diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
-index 955784d..9a79340 100644
---- a/sepolgen/src/sepolgen/refparser.py
-+++ b/sepolgen/src/sepolgen/refparser.py
-@@ -245,7 +245,7 @@ def t_refpolicywarn(t):
- t.lexer.lineno += 1
-
- def t_IDENTIFIER(t):
-- r'[a-zA-Z_\$\"][a-zA-Z0-9_\-\.\$\*\"]*'
-+ r'[a-zA-Z_\$\"][a-zA-Z0-9_\-\.\$\*\"~]*'
- # Handle any keywords
- t.type = reserved.get(t.value,'IDENTIFIER')
- return t
-diff --git a/sepolgen/src/sepolgen/yacc.py b/sepolgen/src/sepolgen/yacc.py
-index 58332de..2f3c09d 100644
---- a/sepolgen/src/sepolgen/yacc.py
-+++ b/sepolgen/src/sepolgen/yacc.py
-@@ -594,7 +594,7 @@ class MiniProduction:
- pass
-
- # regex matching identifiers
--_is_identifier = re.compile(r'^[a-zA-Z0-9_-]+$')
-+_is_identifier = re.compile(r'^[a-zA-Z0-9_-~]+$')
-
- # -----------------------------------------------------------------------------
- # add_production()
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 036ee0f..29cb7d0 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -2,12 +2,12 @@
%define libsepolver 2.1.0-1
%define libsemanagever 2.0.46-6
%define libselinuxver 2.0.102-6
-%define sepolgenver 1.1.3
+%define sepolgenver 1.1.5
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.4
-Release: 13%{?dist}
+Release: 15%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -354,6 +354,11 @@ fi
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Wed Jan 18 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.4-15
+- fix sepolgen to not crash on echo "" | audit2allow
+- Fix English in templates for sepolgen
+- Add unit file support to sepolgen, and cleanup some of the output.
+
* Fri Dec 23 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.4-13
- Fix the handling of namespaces in seunshare/sandbox.
- Currently mounting of directories within sandbox is propogating to the
diff --git a/sources b/sources
index 1c2c7f4..9f62f51 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
7e1e18c09798ffb44913bce3d60c667d policycoreutils-2.1.4.tgz
-3bd4588bcf8608c6e8a18ad5a8b68971 sepolgen-1.1.3.tgz
+34b1f6599517f80c9b7cfa2dc22826db sepolgen-1.1.5.tgz
More information about the scm-commits
mailing list