[policycoreutils] Fix manpage to generate proper man pages for alternate policy,
Daniel J Walsh
dwalsh at fedoraproject.org
Sat Nov 3 11:19:42 UTC 2012
commit cc08d7735b276a04814689207a33bda02bcc22e4
Author: Dan Walsh <dwalsh at redhat.com>
Date: Sat Nov 3 07:19:34 2012 -0400
Fix manpage to generate proper man pages for alternate policy,
basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as
I pull the policy, policy.xml and file_contexts and file_contexts.homedir
policycoreutils-rhat.patch | 362 +++++++++++++++++++++++++++----------------
policycoreutils.spec | 7 +-
2 files changed, 233 insertions(+), 136 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 9a48d6b..7c21877 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -341404,10 +341404,10 @@ index 0000000..c1d9411
+}
diff --git a/policycoreutils/sepolicy/sepolicy-bash-completion.sh b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
new file mode 100644
-index 0000000..c574a46
+index 0000000..d7cd4dc
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
-@@ -0,0 +1,139 @@
+@@ -0,0 +1,147 @@
+# This file is part of systemd.
+#
+# Copyright 2011 Dan Walsh
@@ -341473,7 +341473,7 @@ index 0000000..c574a46
+
+ COMMONOPTS='-P --policy -h --help'
+ local -A OPTS=(
-+ [manpage]='-h --help -p --path -a -all -d --domain -w --web'
++ [manpage]='-h --help -p --path -a -all -o --os -d --domain -w --web'
+ [network]='-h --help -d --domain -l --list -p --port -t --type '
+ [communicate]='-h --help -s --source -t --target -c --class -S --sourceaccess -T --targetaccess'
+ [transition]='-h --help -s --source -t --target'
@@ -341489,11 +341489,19 @@ index 0000000..c574a46
+ done
+
+ if [[ -z $verb ]]; then
++ if [ "$prev" = "-P" -o "$prev" = "--policy" ]; then
++ COMPREPLY=( $( compgen -f -- "$cur") )
++ compopt -o filenames
++ return 0
++ else
+ comps="${VERBS[*]} ${COMMONOPTS}"
++ fi
+ elif [ "$verb" = "manpage" ]; then
+ if [ "$prev" = "-d" -o "$prev" = "--domain" ]; then
+ COMPREPLY=( $(compgen -W "$( __get_all_domains ) " -- "$cur") )
+ return 0
++ elif [ "$prev" = "-o" -o "$prev" = "--os" ]; then
++ return 0
+ elif test "$prev" = "-p" || test "$prev" = "--path" ; then
+ COMPREPLY=( $( compgen -d -- "$cur") )
+ compopt -o filenames
@@ -341891,10 +341899,10 @@ index 0000000..2e0163b
+selinux(8), sepolicy-generate(8), sepolicy-communicate(8), sepolicy-generate(8), sepolicy-network(8), sepolicy-transition(8)
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
new file mode 100755
-index 0000000..9f96fd5
+index 0000000..eee20af
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy.py
-@@ -0,0 +1,303 @@
+@@ -0,0 +1,310 @@
+#! /usr/bin/python -Es
+# Copyright (C) 2012 Red Hat
+# AUTHOR: Dan Walsh <dwalsh at redhat.com>
@@ -341981,11 +341989,11 @@ index 0000000..9f96fd5
+ _print_net(d, net, "name_bind")
+
+def manpage(args):
-+ from sepolicy.manpage import ManPage, HTMLManPages, domains, manpage_domains, manpage_roles, os_version
++ from sepolicy.manpage import ManPage, HTMLManPages, manpage_domains, manpage_roles, gen_domains
+
+ path = args.path
+ if args.all:
-+ test_domains = domains
++ test_domains = gen_domains()
+ else:
+ test_domains = args.domain
+
@@ -341994,7 +342002,7 @@ index 0000000..9f96fd5
+ print m.get_man_page_path()
+
+ if args.web:
-+ HTMLManPages(manpage_roles, manpage_domains, path, os_version)
++ HTMLManPages(manpage_roles, manpage_domains, path, args.os)
+
+class CheckPath(argparse.Action):
+ def __call__(self, parser, namespace, values, option_string=None):
@@ -342007,8 +342015,9 @@ index 0000000..9f96fd5
+ help=_('Generate SELinux man pages'))
+
+ man.add_argument("-p", "--path", dest="path", default="/tmp",
-+ action=CheckPath,
-+ help=_("path in which the generated SELinux man pages will be stored"))
++ help=_("path in which the generated SELinux man pages will be stored"))
++ man.add_argument("-o", "--os", dest="os", default=sepolicy.get_os_version(),
++ help=_("name of the OS for man pages"))
+ man.add_argument("-w", "--web", dest="web", default=False, action="store_true",
+ help=_("Generate HTML man pages structure for selected SELinux man page"))
+ group = man.add_mutually_exclusive_group(required=True)
@@ -342053,6 +342062,11 @@ index 0000000..9f96fd5
+ newval.append(v)
+ setattr(namespace, self.dest, values)
+
++class LoadPolicy(argparse.Action):
++ def __call__(self, parser, namespace, values, option_string=None):
++ sepolicy.policy(values)
++ setattr(namespace, self.dest, values)
++
+class CheckPolicyType(argparse.Action):
+ def __call__(self, parser, namespace, values, option_string=None):
+ from sepolicy.generate import get_poltype_desc, poltype
@@ -342181,6 +342195,7 @@ index 0000000..9f96fd5
+ parser = argparse.ArgumentParser(description='SELinux Policy Inspection Tool')
+ subparsers = parser.add_subparsers(help=_("commands"))
+ parser.add_argument("-P", "--policy", dest="policy",
++ action=LoadPolicy,
+ default=None, help=_("Alternate SELinux policy, defaults to /sys/fs/selinux/policy"))
+ gen_manpage_args(subparsers)
+ gen_network_args(subparsers)
@@ -342191,19 +342206,19 @@ index 0000000..9f96fd5
+
+ try:
+ args = parser.parse_args()
-+ if args.policy:
-+ sepolicy.policy(args.policy)
+ args.func(args)
+ sys.exit(0)
+ except ValueError,e:
+ sys.stderr.write("%s: %s" % (e.__class__.__name__, str(e)))
+ sys.exit(1)
++ except KeyboardInterrupt:
++ sys.exit(0)
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
new file mode 100644
-index 0000000..22c0724
+index 0000000..5df16bb
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
-@@ -0,0 +1,87 @@
+@@ -0,0 +1,110 @@
+#!/usr/bin/env python
+
+# Author: Thomas Liu <tliu at redhat.com>
@@ -342263,12 +342278,16 @@ index 0000000..22c0724
+ dict_list = _policy.info(setype, name)
+ return dict_list
+
-+def _gen_boolens_dict():
++booleans_dict = None
++def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
++ global booleans_dict
++ if booleans_dict:
++ return booleans_dict
+ import xml.etree.ElementTree
+ import re
+ booleans_dict = {}
+ try:
-+ tree = xml.etree.ElementTree.parse("/usr/share/selinux/devel/policy.xml")
++ tree = xml.etree.ElementTree.parse(path)
+ for l in tree.findall("layer"):
+ for m in l.findall("module"):
+ for b in m.findall("tunable"):
@@ -342290,7 +342309,26 @@ index 0000000..22c0724
+ except IOError, e:
+ pass
+ return booleans_dict
-+booleans_dict = _gen_boolens_dict()
++
++def get_os_version():
++ os_version = ""
++ pkg_name = "selinux-policy"
++ try:
++ import commands
++ rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
++ if rc == 0:
++ os_version = output.split(".")[-2]
++ except:
++ os_version = ""
++
++ if os_version[0:2] == "fc":
++ os_version = "Fedora"+os_version[2:]
++ elif os_version[0:2] == "el":
++ os_version = "RHEL"+os_version[2:]
++ else:
++ os_version = ""
++
++ return os_version
diff --git a/policycoreutils/sepolicy/sepolicy/booleans.py b/policycoreutils/sepolicy/sepolicy/booleans.py
new file mode 100644
index 0000000..c23cb11
@@ -343686,10 +343724,10 @@ index 0000000..93b0762
+ return out
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
new file mode 100755
-index 0000000..e3f9b70
+index 0000000..82e6388
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy/manpage.py
-@@ -0,0 +1,1297 @@
+@@ -0,0 +1,1351 @@
+#! /usr/bin/python -Es
+# Copyright (C) 2012 Red Hat
+# AUTHOR: Dan Walsh <dwalsh at redhat.com>
@@ -343714,24 +343752,29 @@ index 0000000..e3f9b70
+# 02111-1307 USA
+#
+#
-+__all__ = [ 'ManPage', 'HTMLManPages', 'domains', 'manpage_domains', 'manpage_roles', 'os_version' ]
++__all__ = [ 'ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_domains' ]
+
+import string
+import argparse
-+from sepolicy import network, booleans_dict
+import selinux
+import sepolicy
++from sepolicy import network, gen_bool_dict
++
+import commands
+import sys, os, re, time
+
-+equiv_dict={ "smbd" : ( "samba" ), "httpd" : ( "apache" ), "virtd" : ( "virt", "libvirt" ) }
++equiv_dict={ "smbd" : [ "samba" ], "httpd" : [ "apache" ], "virtd" : [ "virt", "libvirt" ], "named" : [ "bind" ] }
+
+modules_dict = None
-+def _gen_modules_dict():
++def gen_modules_dict(path = "/usr/share/selinux/devel/policy.xml"):
++ global modules_dict
++ if modules_dict:
++ return modules_dict
++
+ import xml.etree.ElementTree
+ modules_dict = {}
+ try:
-+ tree = xml.etree.ElementTree.parse("/usr/share/selinux/devel/policy.xml")
++ tree = xml.etree.ElementTree.parse(path)
+ for l in tree.findall("layer"):
+ for m in l.findall("module"):
+ name = m.get("name")
@@ -343747,16 +343790,71 @@ index 0000000..e3f9b70
+ pass
+ return modules_dict
+
-+all_attributes = map(lambda x: x['name'], sepolicy.info(sepolicy.ATTRIBUTE))
-+entrypoints = sepolicy.info(sepolicy.ATTRIBUTE,"entry_type")[0]["types"]
-+alldomains = sepolicy.info(sepolicy.ATTRIBUTE,"domain")[0]["types"]
++all_attributes = None
++def get_all_attributes():
++ global all_attributes
++ if not all_attributes:
++ all_attributes = map(lambda x: x['name'], sepolicy.info(sepolicy.ATTRIBUTE))
++ return all_attributes
++
++all_entrypoints = None
++def get_entrypoints():
++ global all_entrypoints
++ if not all_entrypoints:
++ all_entrypoints = sepolicy.info(sepolicy.ATTRIBUTE,"entry_type")[0]["types"]
++ return all_entrypoints
++
++all_domains = None
++def get_all_domains():
++ global all_domains
++ if not all_domains:
++ all_domains = sepolicy.info(sepolicy.ATTRIBUTE,"domain")[0]["types"]
++ return all_domains
++
++roles = None
++def get_all_roles():
++ global roles
++ if roles:
++ return roles
++ roles = []
++ allroles = map(lambda x: x['name'], sepolicy.info(sepolicy.ROLE))
++ for r in allroles:
++ if r not in [ "system_r", "object_r" ]:
++ roles.append(r[:-2])
++ return roles
+
-+def _gen_fcdict():
-+ fc_path = selinux.selinux_file_context_path()
-+ fd = open(selinux.selinux_file_context_path(), "r")
++domains = None
++def gen_domains():
++ global domains
++ if domains:
++ return domains
++ domains = []
++ for d in get_all_domains():
++ found = False
++ domain = d[:-2]
++ if domain + "_exec_t" not in get_entrypoints():
++ continue
++ if domain in domains:
++ continue
++ domains.append(domain)
++
++ for role in get_all_roles():
++ if role in domains:
++ continue
++ domains.append(role)
++
++ domains.sort()
++ return domains
++
++fcdict=None
++def _gen_fcdict(fc_path = selinux.selinux_file_context_path()):
++ global fcdict
++ if fcdict:
++ return fcdict
++ fd = open(fc_path, "r")
+ fc = fd.readlines()
+ fd.close()
-+ fd = open(selinux.selinux_file_context_path()+".homedirs", "r")
++ fd = open(fc_path+".homedirs", "r")
+ fc += fd.readlines()
+ fd.close()
+ fcdict = {}
@@ -343780,9 +343878,12 @@ index 0000000..e3f9b70
+ fcdict["file_type"] = [ "all files on the system" ]
+ fcdict["samba_share_t"] = [ "use this label for random content that will be shared using samba" ]
+ return fcdict
-+fcdict = _gen_fcdict()
+
-+def _gen_role_allows():
++role_allows = None
++def get_all_role_allows():
++ global role_allows
++ if role_allows:
++ return role_allows
+ role_allows = {}
+ for r in sepolicy.search([sepolicy.ROLE_ALLOW]):
+ if r["source"] == "system_r" or r["target"] == "system_r":
@@ -343793,40 +343894,13 @@ index 0000000..e3f9b70
+ role_allows[r["source"]] = [ r["target"] ]
+
+ return role_allows
-+role_allows = _gen_role_allows()
+
-+def _gen_roles():
-+ roles = []
-+ allroles = map(lambda x: x['name'], sepolicy.info(sepolicy.ROLE))
-+ for r in allroles:
-+ if r not in [ "system_r", "object_r" ]:
-+ roles.append(r[:-2])
-+ return roles
-+
-+roles = _gen_roles()
-+
-+def _gen_domains():
-+ domains = []
-+ for d in alldomains:
-+ found = False
-+ domain = d[:-2]
-+ if domain + "_exec_t" not in entrypoints:
-+ continue
-+ if domain in domains:
-+ continue
-+ domains.append(domain)
-+
-+ for role in roles:
-+ if role in domains:
-+ continue
-+ domains.append(role)
-+
-+ domains.sort()
-+ return domains
-+
-+domains = _gen_domains()
++users = None
++def get_all_users():
++ global users
++ if users:
++ return users
+
-+def _gen_users():
+ users = []
+ allusers = map(lambda x: x['name'], sepolicy.info(sepolicy.USER))
+ for u in allusers:
@@ -343835,9 +343909,11 @@ index 0000000..e3f9b70
+ users.sort()
+ return users
+
-+users = _gen_users()
-+
++types = None
+def _gen_types():
++ global types
++ if types:
++ return types
+ all_types = sepolicy.info(sepolicy.TYPE)
+ types = {}
+ for rec in all_types:
@@ -343847,50 +343923,37 @@ index 0000000..e3f9b70
+ types[rec["name"]] = []
+ return types
+
-+types = _gen_types()
-+
-+def _gen_file_types():
++file_types = None
++def get_all_file_types():
++ global file_types
++ if file_types:
++ return file_types
+ file_types = sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
+ file_types.sort()
+ return file_types
-+file_types = _gen_file_types()
+
-+def _gen_port_types():
++port_types = None
++def get_all_port_types():
++ global port_types
++ if port_types:
++ return port_types
+ port_types = sepolicy.info(sepolicy.ATTRIBUTE,"port_type")[0]["types"]
+ port_types.sort()
+ return port_types
-+port_types = _gen_port_types()
+
-+portrecs = network.portrecs
+files_dict = {}
-+bools = sepolicy.info(sepolicy.BOOLEAN)
++
++bools = None
++def get_all_bools():
++ global bools
++ if not bools:
++ bools = sepolicy.info(sepolicy.BOOLEAN)
++ return bools
+
+def prettyprint(f,trim):
+ return " ".join(f[:-len(trim)].split("_"))
+
-+def _get_os_version():
-+ os_version = ""
-+ pkg_name = "selinux-policy"
-+ try:
-+ import commands
-+ rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
-+ if rc == 0:
-+ os_version = output.split(".")[-2]
-+ except:
-+ os_version = ""
-+
-+ if os_version[0:2] == "fc":
-+ os_version = "Fedora"+os_version[2:]
-+ elif os_version[0:2] == "el":
-+ os_version = "RHEL"+os_version[2:]
-+ else:
-+ os_version = ""
-+
-+ return os_version
-+
-+
+# for HTML man pages
-+os_version = _get_os_version()
+manpage_domains = []
+manpage_roles = []
+
@@ -343925,7 +343988,6 @@ index 0000000..e3f9b70
+ """
+
+ def __init__(self, manpage_roles, manpage_domains, path, os_version):
-+
+ self.manpage_roles = get_alphabet_manpages(manpage_roles)
+ self.manpage_domains = get_alphabet_manpages(manpage_domains)
+ self.os_version = os_version
@@ -343971,7 +344033,7 @@ index 0000000..e3f9b70
+<body>
+<h1>SELinux man pages</h1>
+<br></br>
-+The following links contain SELinux man pages for particular either Fedora or Red Hat Enterprise Linux releases.</h2>
++Fedora or Red Hat Enterprise Linux Man Pages.</h2>
+<br></br>
+<hr>
+<h3>Fedora</h3>
@@ -344143,22 +344205,53 @@ index 0000000..e3f9b70
+ """
+ Generate a Manpage on an SELinux domain in the specified path
+ """
++ all_attributes = get_all_attributes()
++ all_domains = get_all_domains()
++ all_bools = get_all_bools()
++ all_port_types = get_all_port_types()
++ all_roles = get_all_roles()
++ all_users = get_all_users()
++ all_file_types = get_all_file_types()
++ types = _gen_types()
++ modules_dict = None
++ domains = gen_domains()
++ role_allows = get_all_role_allows()
++
+ def __init__(self, domainname, path = "/tmp", html = False):
+ self.html = html
++ self.portrecs = network.portrecs
++
++ fcpath = path + "/file_contexts"
++ if os.path.exists(fcpath):
++ self.fcpath = fcpath
++ else:
++ self.fcpath = selinux.selinux_file_context_path()
++ self.fcdict = _gen_fcdict(self.fcpath)
++
++ if not os.path.exists(path):
++ os.makedirs(path)
+ self.path = path
++
++ xmlpath = path + "/policy.xml"
++ if os.path.exists(xmlpath):
++ self.xmlpath = xmlpath
++ else:
++ self.xmlpath = "/usr/share/selinux/devel/policy.xml"
++ self.booleans_dict = gen_bool_dict(self.xmlpath)
++
+ if domainname.endswith("_t"):
+ self.domainname = domainname[:-2]
+ else:
+ self.domainname = domainname
+
-+ if self.domainname + "_t" not in alldomains:
++ if self.domainname + "_t" not in self.all_domains:
+ raise ValueError("domain %s_t does not exist" % self.domainname)
+ self.short_name = self.domainname
+
+ self.type = self.domainname + "_t"
+ self.man_page_path = "%s/%s_selinux.8" % (path, self.domainname)
+ self.fd = open(self.man_page_path, 'w')
-+ if domainname in roles:
++ if domainname in self.all_roles:
+ self.__gen_user_man_page()
+ if self.html:
+ manpage_roles.append(self.man_page_path)
@@ -344178,16 +344271,15 @@ index 0000000..e3f9b70
+
+ def __gen_user_man_page(self):
+ self.role = self.domainname + "_r"
-+ global modules_dict
-+ if not modules_dict:
-+ modules_dict = _gen_modules_dict()
++ if not self.modules_dict:
++ self.modules_dict = gen_modules_dict(self.xmlpath)
+
+ try:
-+ self.desc = modules_dict[self.domainname]
++ self.desc = self.modules_dict[self.domainname]
+ except:
+ self.desc = "%s user role" % self.domainname
+
-+ if self.domainname in users:
++ if self.domainname in self.all_users:
+ self.attributes = sepolicy.info(sepolicy.TYPE,(self.type))[0]["attributes"]
+ self._user_header()
+ self._user_attribute()
@@ -344239,7 +344331,7 @@ index 0000000..e3f9b70
+ self._footer()
+
+ def _get_ptypes(self):
-+ for f in alldomains:
++ for f in self.all_domains:
+ if f.startswith(self.short_name):
+ self.ptypes.append(f)
+
@@ -344364,15 +344456,15 @@ index 0000000..e3f9b70
+
+ def _gen_bool_text(self, name):
+ booltext = ""
-+ for bdict in bools:
++ for bdict in self.all_bools:
+ b = bdict['name']
+ if b.find(name) >= 0:
+ if b.endswith("anon_write"):
+ self.anon_list.append(b)
+ else:
-+ if b not in booleans_dict:
++ if b not in self.booleans_dict:
+ continue
-+ desc = booleans_dict[b][2][0].lower() + booleans_dict[b][2][1:]
++ desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
+ if desc[-1] == ".":
+ desc = desc[:-1]
+ booltext += """
@@ -344390,15 +344482,15 @@ index 0000000..e3f9b70
+ for alias in equiv_dict[self.domainname]:
+ self.booltext += self._gen_bool_text(alias)
+
-+ for bdict in bools:
++ for bdict in self.all_bools:
+ b = bdict['name']
+ if b.find(self.short_name) >= 0:
+ if b.endswith("anon_write"):
+ self.anon_list.append(b)
+ else:
-+ if b not in booleans_dict:
++ if b not in self.booleans_dict:
+ continue
-+ desc = booleans_dict[b][2][0].lower() + booleans_dict[b][2][1:]
++ desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
+ if desc[-1] == ".":
+ desc = desc[:-1]
+ self.booltext += """
@@ -344423,7 +344515,7 @@ index 0000000..e3f9b70
+ nsswitch_types = []
+ nsswitch_booleans = ['authlogin_nsswitch_use_ldap', 'kerberos_enabled']
+ nsswitchbooltext = ""
-+ if "nsswitch_domain" in all_attributes:
++ if "nsswitch_domain" in self.all_attributes:
+ self.fd.write("""
+.SH NSSWITCH DOMAIN
+""")
@@ -344433,7 +344525,7 @@ index 0000000..e3f9b70
+
+ if len(nsswitch_types):
+ for i in nsswitch_booleans:
-+ desc = booleans_dict[i][2][0].lower() + booleans_dict[i][2][1:-1]
++ desc = self.booleans_dict[i][2][0].lower() + self.booleans_dict[i][2][1:-1]
+ nsswitchbooltext += """
+.PP
+If you want to %s for the %s, you must turn on the %s boolean.
@@ -344472,7 +344564,7 @@ index 0000000..e3f9b70
+
+ def _port_types(self):
+ self.ports = []
-+ for f in port_types:
++ for f in self.all_port_types:
+ if f.startswith(self.short_name):
+ self.ports.append(f)
+
@@ -344503,7 +344595,7 @@ index 0000000..e3f9b70
+""" % p)
+ once = True
+ for prot in ( "tcp", "udp" ):
-+ if (p,prot) in portrecs:
++ if (p,prot) in self.portrecs:
+ if once:
+ self.fd.write("""
+
@@ -344511,7 +344603,7 @@ index 0000000..e3f9b70
+ once = False
+ self.fd.write(r"""
+%s %s
-+.EE""" % (prot, ",".join(portrecs[(p,prot)])))
++.EE""" % (prot, ",".join(self.portrecs[(p,prot)])))
+
+ def _file_context(self):
+ self.fd.write(r"""
@@ -344525,7 +344617,7 @@ index 0000000..e3f9b70
+.PP
+The following file types are defined for %(domainname)s:
+""" % {'domainname':self.domainname})
-+ for f in file_types:
++ for f in self.all_file_types:
+ if f.startswith(self.domainname):
+ self.fd.write("""
+
@@ -344562,7 +344654,7 @@ index 0000000..e3f9b70
+ def _see_also(self):
+ ret = ""
+ prefix = self.short_name.split("_")[0]
-+ for d in domains:
++ for d in self.domains:
+ if d == self.domainname:
+ continue
+ if d.startswith(prefix):
@@ -344594,7 +344686,7 @@ index 0000000..e3f9b70
+
+""" % {'domainname':self.domainname})
+ for b in self.anon_list:
-+ desc = booleans_dict[b][2][0].lower() + booleans_dict[b][2][1:]
++ desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
+ self.fd.write("""
+.PP
+If you want to %s, you must turn on the %s boolean.
@@ -344653,7 +344745,7 @@ index 0000000..e3f9b70
+ return False
+ if check.endswith("_t"):
+ for a in attributes:
-+ if a in types[check]:
++ if a in self.types[check]:
+ return False
+ return True
+
@@ -344674,8 +344766,8 @@ index 0000000..e3f9b70
+""" % (self.domainname, entrypoints_str, self.domainname))
+ paths=[]
+ for entrypoint in entrypoints:
-+ if entrypoint in fcdict:
-+ paths += fcdict[entrypoint]
++ if entrypoint in self.fcdict:
++ paths += self.fcdict[entrypoint]
+
+ self.fd.write("""
+%s""" % ", ".join(paths))
@@ -344714,8 +344806,8 @@ index 0000000..e3f9b70
+.B %s
+
+""" % f)
-+ if f in fcdict:
-+ for path in fcdict[f]:
++ if f in self.fcdict:
++ for path in self.fcdict[f]:
+ self.fd.write("""\t%s
+.br
+""" % path)
@@ -344757,7 +344849,7 @@ index 0000000..e3f9b70
+
+""" % {'desc': self.desc, 'type':self.type, 'user':self.domainname})
+
-+ if "login_userdomain" in self.attributes and "login_userdomain" in all_attributes:
++ if "login_userdomain" in self.attributes and "login_userdomain" in self.all_attributes:
+ self.fd.write("""
+If you want to map the one Linux user (joe) to the SELinux user %(user)s, you would execute:
+
@@ -344770,7 +344862,7 @@ index 0000000..e3f9b70
+ self.fd.write("""
+.SH SUDO
+""")
-+ if sudotype in types:
++ if sudotype in self.types:
+ role = self.domainname + "_r"
+ self.fd.write("""
+The SELinux user %(user)s can execute sudo.
@@ -344780,7 +344872,7 @@ index 0000000..e3f9b70
+Add one or more of the following record to sudoers using visudo.
+
+""" % { 'user':self.domainname } )
-+ for adminrole in role_allows[role]:
++ for adminrole in self.role_allows[role]:
+ self.fd.write("""
+USERNAME ALL=(ALL) ROLE=%(admin)s_r TYPE=%(admin)s_t COMMAND
+.br
@@ -344800,7 +344892,7 @@ index 0000000..e3f9b70
+
+For more details you can see semanage man page.
+
-+""" % {'user':self.domainname, "roles": " ".join([role] + role_allows[role]) } )
++""" % {'user':self.domainname, "roles": " ".join([role] + self.role_allows[role]) } )
+ else:
+ self.fd.write("""
+The SELinux type %s_t is not allowed to execute sudo.
@@ -344826,7 +344918,7 @@ index 0000000..e3f9b70
+""" % self.domainname)
+
+ def _xwindows_login(self):
-+ if "x_domain" in all_attributes:
++ if "x_domain" in self.all_attributes:
+ self.fd.write("""
+.SH X WINDOWS LOGIN
+""")
@@ -344840,7 +344932,7 @@ index 0000000..e3f9b70
+""" % self.domainname)
+
+ def _terminal_login(self):
-+ if "login_userdomain" in all_attributes:
++ if "login_userdomain" in self.all_attributes:
+ self.fd.write("""
+.SH TERMINAL LOGIN
+""")
@@ -344858,7 +344950,7 @@ index 0000000..e3f9b70
+.SH NETWORK
+""")
+ for net in ("tcp", "udp"):
-+ portdict = sepolicy.network.get_network_connect(self.type, net, "name_bind")
++ portdict = network.get_network_connect(self.type, net, "name_bind")
+ if len(portdict) > 0:
+ self.fd.write("""
+.TP
@@ -344969,8 +345061,8 @@ index 0000000..e3f9b70
+
+""" % {'desc': self.desc, 'user':self.domainname})
+ troles = []
-+ for i in role_allows:
-+ if self.domainname +"_r" in role_allows[i]:
++ for i in self.role_allows:
++ if self.domainname +"_r" in self.role_allows[i]:
+ troles.append(i)
+ if len(troles) > 0:
+ plural = ""
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 621e6da..cbff1cc 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.13
-Release: 23%{?dist}
+Release: 24%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -329,6 +329,11 @@ The policycoreutils-restorecond package contains the restorecond service.
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Sat Nov 3 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-24
+- Fix manpage to generate proper man pages for alternate policy,
+basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as
+I pull the policy, policy.xml and file_contexts and file_contexts.homedir
+
* Thu Nov 1 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-23
- Fix some build problems in sepolicy manpage and sepolicy transition
More information about the scm-commits
mailing list