[policycoreutils/f18] Add FILENAME support to sepolgen
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Apr 23 17:27:32 UTC 2013
commit f4d9a592055d721c4d1f40b8c7103db035ddd567
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Apr 23 13:27:29 2013 -0400
Add FILENAME support to sepolgen
- Add back support for '<<none>>' in semanage fcontext.
...tils-rawhide.patch => policycoreutils-f19.patch | 240 ++++++++++++++++----
policycoreutils.spec | 8 +-
2 files changed, 199 insertions(+), 49 deletions(-)
---
diff --git a/policycoreutils-rawhide.patch b/policycoreutils-f19.patch
similarity index 90%
rename from policycoreutils-rawhide.patch
rename to policycoreutils-f19.patch
index d0eca91..505656d 100644
--- a/policycoreutils-rawhide.patch
+++ b/policycoreutils-f19.patch
@@ -1,6 +1,6 @@
diff -up policycoreutils-2.1.13/gui/domainsPage.py.f19 policycoreutils-2.1.13/gui/domainsPage.py
---- policycoreutils-2.1.13/gui/domainsPage.py.f19 2013-03-19 20:06:36.341223283 -0400
-+++ policycoreutils-2.1.13/gui/domainsPage.py 2013-03-19 20:06:36.515223688 -0400
+--- policycoreutils-2.1.13/gui/domainsPage.py.f19 2013-04-17 11:46:20.547725750 -0400
++++ policycoreutils-2.1.13/gui/domainsPage.py 2013-04-17 11:46:20.727726444 -0400
@@ -26,7 +26,7 @@ import sys
import seobject
import selinux
@@ -20,8 +20,8 @@ diff -up policycoreutils-2.1.13/gui/domainsPage.py.f19 policycoreutils-2.1.13/gu
def get_modules(self):
diff -up policycoreutils-2.1.13/gui/statusPage.py.f19 policycoreutils-2.1.13/gui/statusPage.py
---- policycoreutils-2.1.13/gui/statusPage.py.f19 2013-03-19 20:06:36.346223294 -0400
-+++ policycoreutils-2.1.13/gui/statusPage.py 2013-03-19 20:06:36.515223688 -0400
+--- policycoreutils-2.1.13/gui/statusPage.py.f19 2013-04-17 11:46:20.555725781 -0400
++++ policycoreutils-2.1.13/gui/statusPage.py 2013-04-17 11:46:20.727726444 -0400
@@ -177,7 +177,11 @@ class statusPage:
def read_selinux_config(self):
@@ -36,8 +36,8 @@ diff -up policycoreutils-2.1.13/gui/statusPage.py.f19 policycoreutils-2.1.13/gui
self.enabledOptionMenu.set_active(self.enabled + 1 )
diff -up policycoreutils-2.1.13/restorecond/restorecond.conf.f19 policycoreutils-2.1.13/restorecond/restorecond.conf
---- policycoreutils-2.1.13/restorecond/restorecond.conf.f19 2013-03-19 20:06:36.492223634 -0400
-+++ policycoreutils-2.1.13/restorecond/restorecond.conf 2013-03-19 20:06:36.515223688 -0400
+--- policycoreutils-2.1.13/restorecond/restorecond.conf.f19 2013-04-17 11:46:20.706726363 -0400
++++ policycoreutils-2.1.13/restorecond/restorecond.conf 2013-04-17 11:46:20.727726444 -0400
@@ -1,6 +1,7 @@
/etc/services
/etc/resolv.conf
@@ -48,7 +48,7 @@ diff -up policycoreutils-2.1.13/restorecond/restorecond.conf.f19 policycoreutils
/root/*
diff -up policycoreutils-2.1.13/restorecond/user.c.f19 policycoreutils-2.1.13/restorecond/user.c
--- policycoreutils-2.1.13/restorecond/user.c.f19 2012-09-25 16:17:37.000000000 -0400
-+++ policycoreutils-2.1.13/restorecond/user.c 2013-03-19 20:06:36.516223690 -0400
++++ policycoreutils-2.1.13/restorecond/user.c 2013-04-17 11:46:20.727726444 -0400
@@ -54,6 +54,7 @@ static const char *PATH="/org/selinux/Re
static const char *INTERFACE="org.selinux.RestorecondIface";
static const char *RULE="type='signal',interface='org.selinux.RestorecondIface'";
@@ -101,8 +101,8 @@ diff -up policycoreutils-2.1.13/restorecond/user.c.f19 policycoreutils-2.1.13/re
return 0;
}
diff -up policycoreutils-2.1.13/sandbox/seunshare.c.f19 policycoreutils-2.1.13/sandbox/seunshare.c
---- policycoreutils-2.1.13/sandbox/seunshare.c.f19 2013-03-19 20:06:36.492223634 -0400
-+++ policycoreutils-2.1.13/sandbox/seunshare.c 2013-03-25 09:23:39.404480393 -0400
+--- policycoreutils-2.1.13/sandbox/seunshare.c.f19 2013-04-17 11:46:20.706726363 -0400
++++ policycoreutils-2.1.13/sandbox/seunshare.c 2013-04-17 11:46:20.727726444 -0400
@@ -31,12 +31,6 @@
#include <selinux/context.h> /* for context-mangling functions */
#include <dirent.h>
@@ -262,9 +262,68 @@ diff -up policycoreutils-2.1.13/sandbox/seunshare.c.f19 policycoreutils-2.1.13/s
free(display);
free(LANG);
exit(-1);
+diff -up policycoreutils-2.1.13/semanage/semanage.8.f19 policycoreutils-2.1.13/semanage/semanage.8
+--- policycoreutils-2.1.13/semanage/semanage.8.f19 2013-04-23 13:20:31.640489842 -0400
++++ policycoreutils-2.1.13/semanage/semanage.8 2013-04-23 13:20:37.522515873 -0400
+@@ -14,15 +14,15 @@ Input local customizations
+ Manage booleans. Booleans allow the administrator to modify the confinement of
+ processes based on his configuration.
+ .br
+-.B semanage boolean [\-S store] \-{d|m|l|D} [\-nN] [\-\-on|\-\-off|\-\1|\-0] -F boolean | boolean_file
++.B semanage boolean [\-S store] \-{d|m|l|D|E} [\-nN] [\-\-on|\-\-off|\-\1|\-0] -F boolean | boolean_file
+
+ Manage SELinux confined users (Roles and levels for an SELinux user)
+ .br
+-.B semanage user [\-S store] \-{a|d|m|l|D} [\-LnNPrR] selinux_name
++.B semanage user [\-S store] \-{a|d|m|l|D|E} [\-LnNPrR] selinux_name
+
+ Manage login mappings between linux users and SELinux confined users.
+ .br
+-.B semanage login [\-S store] \-{a|d|m|l|D} [\-nNrs] login_name | %groupname
++.B semanage login [\-S store] \-{a|d|m|l|D|E} [\-nNrs] login_name | %groupname
+
+ Manage policy modules.
+ .br
+@@ -30,16 +30,16 @@ Manage policy modules.
+
+ Manage network port type definitions
+ .br
+-.B semanage port [\-S store] \-{a|d|m|l|D} [\-nNrt] [\-p proto] port | port_range
++.B semanage port [\-S store] \-{a|d|m|l|D|E} [\-nNrt] [\-p proto] port | port_range
+ .br
+
+ Manage network interface type definitions
+ .br
+-.B semanage interface [\-S store] \-{a|d|m|l|D} [\-nNrt] interface_spec
++.B semanage interface [\-S store] \-{a|d|m|l|D|E} [\-nNrt] interface_spec
+
+ Manage network node type definitions
+ .br
+-.B semanage node [\-S store] -{a|d|m|l|D} [-nNrt] [ -p protocol ] [-M netmask] address
++.B semanage node [\-S store] -{a|d|m|l|D|E} [-nNrt] [ -p protocol ] [-M netmask] address
+ .br
+
+ Manage file context mapping definitions
+@@ -123,11 +123,15 @@ Currently booleans only.
+
+ .TP
+ .I \-h, \-\-help
+-display this message
++display usage message
+ .TP
+ .I \-l, \-\-list
+ List the OBJECTS
+ .TP
++.I \-E, \-\-extract
++Extract custommizable commands, which could then be used on another machine.
++Command output is suitable for a transaction. See also --output
++.TP
+ .I \-C, \-\-locallist
+ List only locally defined settings, not base policy settings.
+ .TP
diff -up policycoreutils-2.1.13/semanage/semanage.f19 policycoreutils-2.1.13/semanage/semanage
---- policycoreutils-2.1.13/semanage/semanage.f19 2013-03-19 20:06:36.494223639 -0400
-+++ policycoreutils-2.1.13/semanage/semanage 2013-03-19 20:06:36.516223690 -0400
+--- policycoreutils-2.1.13/semanage/semanage.f19 2013-04-17 11:46:20.708726371 -0400
++++ policycoreutils-2.1.13/semanage/semanage 2013-04-23 13:20:11.522400405 -0400
@@ -61,7 +61,7 @@ semanage interface -{a|d|m|l|D|E} [-Nntr
semanage module -{a|d|m} [--enable|--disable] [-N] module
semanage node -{a|d|m|l|D|E} [-Nntr] [ -p protocol ] [-M netmask] addr
@@ -274,6 +333,15 @@ diff -up policycoreutils-2.1.13/semanage/semanage.f19 policycoreutils-2.1.13/sem
semanage permissive -{d|a|l} [-Nn] type
semanage dontaudit [ on | off ] [-N]
+@@ -73,7 +73,7 @@ Primary Options:
+ -i, --input Input multiple semange commands in a transaction
+ -o, --output Output current customizations as semange commands
+ -l, --list List the OBJECTS
+- -E, --extract extract customizable commands
++ -E, --extract Extract customizable commands, for use within a transaction
+ -C, --locallist List OBJECTS local customizations
+ -D, --deleteall Remove all OBJECTS local customizations
+
@@ -376,11 +376,8 @@ Object-specific Options (see above):
OBJECT = seobject.moduleRecords(store)
@@ -298,8 +366,8 @@ diff -up policycoreutils-2.1.13/semanage/semanage.f19 policycoreutils-2.1.13/sem
return
diff -up policycoreutils-2.1.13/semanage/seobject.py.f19 policycoreutils-2.1.13/semanage/seobject.py
---- policycoreutils-2.1.13/semanage/seobject.py.f19 2013-03-19 20:06:36.494223639 -0400
-+++ policycoreutils-2.1.13/semanage/seobject.py 2013-03-19 20:06:36.517223693 -0400
+--- policycoreutils-2.1.13/semanage/seobject.py.f19 2013-04-17 11:46:20.709726374 -0400
++++ policycoreutils-2.1.13/semanage/seobject.py 2013-04-23 13:19:12.826140783 -0400
@@ -373,7 +373,11 @@ class permissiveRecords(semanageRecords)
def add(self, type):
@@ -337,21 +405,22 @@ diff -up policycoreutils-2.1.13/semanage/seobject.py.f19 policycoreutils-2.1.13/
def __init__(self, store = ""):
semanageRecords.__init__(self,store)
-@@ -1634,8 +1644,11 @@ class interfaceRecords(semanageRecords):
+@@ -1634,8 +1644,12 @@ class interfaceRecords(semanageRecords):
print "%-30s %s:%s:%s " % (k,ddict[k][0], ddict[k][1],ddict[k][2])
class fcontextRecords(semanageRecords):
- valid_types = sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
- valid_types += sepolicy.info(sepolicy.ATTRIBUTE,"device_node")[0]["types"]
++ valid_types = ["<<none>>"]
+ try:
-+ valid_types = sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
++ valid_types += sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
+ valid_types += sepolicy.info(sepolicy.ATTRIBUTE,"device_node")[0]["types"]
+ except RuntimeError:
-+ valid_types = []
++ pass
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
-@@ -2018,6 +2031,9 @@ class booleanRecords(semanageRecords):
+@@ -2018,6 +2032,9 @@ class booleanRecords(semanageRecords):
self.modify_local = False
def __mod(self, name, value):
@@ -361,9 +430,86 @@ diff -up policycoreutils-2.1.13/semanage/seobject.py.f19 policycoreutils-2.1.13/
name = selinux.selinux_boolean_sub(name)
(rc, k) = semanage_bool_key_create(self.sh, name)
+diff -up policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refparser.py.f19 policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refparser.py
+--- policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refparser.py.f19 2013-04-23 13:23:29.135260349 -0400
++++ policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refparser.py 2013-04-23 13:23:39.420304400 -0400
+@@ -65,6 +65,7 @@ tokens = (
+ 'BAR',
+ 'EXPL',
+ 'EQUAL',
++ 'FILENAME',
+ 'IDENTIFIER',
+ 'NUMBER',
+ 'PATH',
+@@ -249,11 +250,17 @@ def t_refpolicywarn(t):
+ t.lexer.lineno += 1
+
+ def t_IDENTIFIER(t):
+- r'[a-zA-Z_\$\"][a-zA-Z0-9_\-\+\.\$\*\"~]*'
++ r'[a-zA-Z_\$][a-zA-Z0-9_\-\+\.\$\*~]*'
+ # Handle any keywords
+ t.type = reserved.get(t.value,'IDENTIFIER')
+ return t
+
++def t_FILENAME(t):
++ r'\"[a-zA-Z0-9_\-\+\.\$\*~ :]+\"'
++ # Handle any keywords
++ t.type = reserved.get(t.value,'FILENAME')
++ return t
++
+ def t_comment(t):
+ r'\#.*\n'
+ # Ignore all comments
+@@ -450,6 +457,7 @@ def p_interface_call_param(p):
+ | nested_id_set
+ | TRUE
+ | FALSE
++ | FILENAME
+ '''
+ # Intentionally let single identifiers pass through
+ # List means set, non-list identifier
+@@ -461,6 +469,7 @@ def p_interface_call_param(p):
+ def p_interface_call_param_list(p):
+ '''interface_call_param_list : interface_call_param
+ | interface_call_param_list COMMA interface_call_param
++ | interface_call_param_list COMMA interface_call_param COMMA interface_call_param_list
+ '''
+ if len(p) == 2:
+ p[0] = [p[1]]
+@@ -787,6 +796,7 @@ def p_avrule_def(p):
+
+ def p_typerule_def(p):
+ '''typerule_def : TYPE_TRANSITION names names COLON names IDENTIFIER SEMI
++ | TYPE_TRANSITION names names COLON names IDENTIFIER FILENAME SEMI
+ | TYPE_TRANSITION names names COLON names IDENTIFIER IDENTIFIER SEMI
+ | TYPE_CHANGE names names COLON names IDENTIFIER SEMI
+ | TYPE_MEMBER names names COLON names IDENTIFIER SEMI
+@@ -800,6 +810,7 @@ def p_typerule_def(p):
+ t.tgt_types = p[3]
+ t.obj_classes = p[5]
+ t.dest_type = p[6]
++ t.file_name = p[7]
+ p[0] = t
+
+ def p_bool(p):
+diff -up policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refpolicy.py.f19 policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refpolicy.py
+--- policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refpolicy.py.f19 2013-04-23 13:23:01.751142859 -0400
++++ policycoreutils-2.1.13/sepolgen-1.1.8/src/sepolgen/refpolicy.py 2013-04-23 13:23:08.986173931 -0400
+@@ -361,9 +361,9 @@ class TypeAttribute(Leaf):
+ return "typeattribute %s %s;" % (self.type, self.attributes.to_comma_str())
+
+ class RoleAttribute(Leaf):
+- """SElinux typeattribute statement.
++ """SElinux roleattribute statement.
+
+- This class represents a typeattribute statement.
++ This class represents a roleattribute statement.
+ """
+ def __init__(self, parent=None):
+ Leaf.__init__(self, parent)
diff -up policycoreutils-2.1.13/sepolicy/info.c.f19 policycoreutils-2.1.13/sepolicy/info.c
---- policycoreutils-2.1.13/sepolicy/info.c.f19 2013-03-19 20:06:36.495223641 -0400
-+++ policycoreutils-2.1.13/sepolicy/info.c 2013-03-19 20:06:36.518223695 -0400
+--- policycoreutils-2.1.13/sepolicy/info.c.f19 2013-04-17 11:46:20.710726378 -0400
++++ policycoreutils-2.1.13/sepolicy/info.c 2013-04-17 11:46:20.728726447 -0400
@@ -988,39 +988,51 @@ PyObject* info( int type, const char *na
{
PyObject* output = NULL;
@@ -433,8 +579,8 @@ diff -up policycoreutils-2.1.13/sepolicy/info.c.f19 policycoreutils-2.1.13/sepol
void init_info (PyObject *m) {
diff -up policycoreutils-2.1.13/sepolicy/Makefile.f19 policycoreutils-2.1.13/sepolicy/Makefile
---- policycoreutils-2.1.13/sepolicy/Makefile.f19 2013-03-19 20:06:36.495223641 -0400
-+++ policycoreutils-2.1.13/sepolicy/Makefile 2013-03-19 20:06:36.518223695 -0400
+--- policycoreutils-2.1.13/sepolicy/Makefile.f19 2013-04-17 11:46:20.709726374 -0400
++++ policycoreutils-2.1.13/sepolicy/Makefile 2013-04-17 11:46:20.728726447 -0400
@@ -23,10 +23,10 @@ clean:
-rm -rf build *~ \#* *pyc .#*
@@ -449,8 +595,8 @@ diff -up policycoreutils-2.1.13/sepolicy/Makefile.f19 policycoreutils-2.1.13/sep
install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)
- install -m 644 *.8 $(MANDIR)/man8
diff -up policycoreutils-2.1.13/sepolicy/policy.c.f19 policycoreutils-2.1.13/sepolicy/policy.c
---- policycoreutils-2.1.13/sepolicy/policy.c.f19 2013-03-19 20:06:36.495223641 -0400
-+++ policycoreutils-2.1.13/sepolicy/policy.c 2013-03-19 20:06:36.518223695 -0400
+--- policycoreutils-2.1.13/sepolicy/policy.c.f19 2013-04-17 11:46:20.710726378 -0400
++++ policycoreutils-2.1.13/sepolicy/policy.c 2013-04-17 11:46:20.729726451 -0400
@@ -66,7 +66,6 @@ PyObject *wrap_policy(PyObject *UNUSED(s
}
apol_vector_destroy(&mod_paths);
@@ -460,8 +606,8 @@ diff -up policycoreutils-2.1.13/sepolicy/policy.c.f19 policycoreutils-2.1.13/sep
apol_policy_path_destroy(&pol_path);
if (!policy) {
diff -up policycoreutils-2.1.13/sepolicy/search.c.f19 policycoreutils-2.1.13/sepolicy/search.c
---- policycoreutils-2.1.13/sepolicy/search.c.f19 2013-03-19 20:06:36.496223644 -0400
-+++ policycoreutils-2.1.13/sepolicy/search.c 2013-03-19 20:06:36.519223697 -0400
+--- policycoreutils-2.1.13/sepolicy/search.c.f19 2013-04-17 11:46:20.710726378 -0400
++++ policycoreutils-2.1.13/sepolicy/search.c 2013-04-17 11:46:20.729726451 -0400
@@ -204,14 +204,14 @@ static PyObject* get_ra_results(const ap
goto err;
@@ -600,8 +746,8 @@ diff -up policycoreutils-2.1.13/sepolicy/search.c.f19 policycoreutils-2.1.13/sep
+ return search(allow, neverallow, auditallow, dontaudit, transition, role_allow, src_name, tgt_name, class_name, permlist);
}
diff -up policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh.f19 policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh
---- policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh.f19 2013-03-19 20:06:36.496223644 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh 2013-03-19 20:06:36.519223697 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh.f19 2013-04-17 11:46:20.711726382 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh 2013-04-17 11:46:20.729726451 -0400
@@ -45,6 +45,9 @@ __get_all_user_role_interaces () {
__get_all_user_domains () {
seinfo -auserdomain -x 2> /dev/null | tail -n +2
@@ -666,8 +812,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy-bash-completion.sh.f19 policyc
return 0
elif test "$prev" = "-p" || test "$prev" = "--path" ; then
diff -up policycoreutils-2.1.13/sepolicy/sepolicy-generate.8.f19 policycoreutils-2.1.13/sepolicy/sepolicy-generate.8
---- policycoreutils-2.1.13/sepolicy/sepolicy-generate.8.f19 2013-03-19 20:06:36.497223646 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy-generate.8 2013-03-19 20:06:36.519223697 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy-generate.8.f19 2013-04-17 11:46:20.711726382 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy-generate.8 2013-04-17 11:46:20.729726451 -0400
@@ -5,15 +5,21 @@ sepolicy-generate \- Generate an initial
.SH "SYNOPSIS"
@@ -728,8 +874,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy-generate.8.f19 policycoreutils
Generate Policy for Sandbox
.TP
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/generate.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/generate.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/generate.py.f19 2013-03-19 20:06:36.499223651 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/generate.py 2013-03-19 20:06:36.520223699 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/generate.py.f19 2013-04-17 11:46:20.713726390 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/generate.py 2013-04-17 11:46:20.730726455 -0400
@@ -24,6 +24,7 @@
import os, sys, stat
import re
@@ -1024,8 +1170,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/generate.py.f19 policycoreutil
if self.initscript != "":
newspec += re.sub("FILENAME", self.initscript, spec.define_relabel_files_end)
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py.f19 2013-03-19 20:06:36.498223648 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py 2013-03-19 20:06:36.521223702 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py.f19 2013-04-17 11:46:20.712726386 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py 2013-04-17 11:46:20.730726455 -0400
@@ -7,6 +7,9 @@ import _policy
import selinux, glob
PROGNAME="policycoreutils"
@@ -1288,8 +1434,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/__init__.py.f19 policycoreutil
booleans_dict = None
def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/interface.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/interface.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/interface.py.f19 2013-03-19 20:06:36.499223651 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/interface.py 2013-03-19 20:06:36.521223702 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/interface.py.f19 2013-04-17 11:46:20.713726390 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/interface.py 2013-04-17 11:46:20.730726455 -0400
@@ -22,14 +22,12 @@
#
#
@@ -1347,8 +1493,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/interface.py.f19 policycoreuti
trans_list.append(m[0])
return trans_list
diff -up policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8.f19 policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8
---- policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8.f19 2013-03-19 20:06:36.497223646 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8 2013-03-19 20:06:36.521223702 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8.f19 2013-04-17 11:46:20.711726382 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8 2013-04-17 11:46:20.730726455 -0400
@@ -5,7 +5,7 @@ sepolicy-manpage \- Generate a man page
.SH "SYNOPSIS"
@@ -1369,8 +1515,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy-manpage.8.f19 policycoreutils-
Generate an additional HTML man pages for the specified domain(s).
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py.f19 2013-03-19 20:06:36.500223653 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py 2013-03-19 20:06:36.522223704 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py.f19 2013-04-17 11:46:20.714726394 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py 2013-04-17 11:46:20.731726459 -0400
@@ -28,12 +28,12 @@ import string
import argparse
import selinux
@@ -1774,8 +1920,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/manpage.py.f19 policycoreutils
.SH NETWORK
""")
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/network.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/network.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/network.py.f19 2013-03-19 20:06:36.500223653 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/network.py 2013-03-19 20:06:36.522223704 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/network.py.f19 2013-04-17 11:46:20.714726394 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/network.py 2013-04-17 11:46:20.731726459 -0400
@@ -25,27 +25,6 @@ import sepolicy
search=sepolicy.search
info=sepolicy.info
@@ -1813,8 +1959,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/network.py.f19 policycoreutils
tlist = get_types(src, "%s_socket" % protocol, [perm])
if len(tlist) > 0:
diff -up policycoreutils-2.1.13/sepolicy/sepolicy.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy.py
---- policycoreutils-2.1.13/sepolicy/sepolicy.py.f19 2013-03-19 20:06:36.498223648 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy.py 2013-03-19 20:06:36.523223706 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy.py.f19 2013-04-17 11:46:20.712726386 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy.py 2013-04-17 11:46:20.731726459 -0400
@@ -22,6 +22,8 @@
#
#
@@ -2202,8 +2348,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy.py.f19 policycoreutils-2.1.13/
sys.exit(0)
except ValueError,e:
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py.f19 2013-03-19 20:06:36.501223655 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py 2013-03-19 20:06:36.523223706 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py.f19 2013-04-17 11:46:20.715726397 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py 2013-04-17 11:46:20.731726459 -0400
@@ -446,7 +446,7 @@ EXECUTABLE -- gen_context(system_u:obje
"""
@@ -2214,8 +2360,8 @@ diff -up policycoreutils-2.1.13/sepolicy/sepolicy/templates/executable.py.f19 po
fc_initscript="""\
diff -up policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py.f19 policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py
---- policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py.f19 2013-03-19 20:06:36.501223655 -0400
-+++ policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py 2013-03-19 20:06:36.523223706 -0400
+--- policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py.f19 2013-04-17 11:46:20.715726397 -0400
++++ policycoreutils-2.1.13/sepolicy/sepolicy/templates/network.py 2013-04-17 11:46:20.732726463 -0400
@@ -20,7 +20,7 @@
#
#
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 6cd2543..69852b1 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.13
-Release: 59%{?dist}
+Release: 60%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -23,7 +23,7 @@ Source8: policycoreutils_man_ru2.tar.bz2
Source10: restorecond.service
Patch: policycoreutils-rhat.patch
Patch1: policycoreutils-sepolgen.patch
-Patch2: policycoreutils-rawhide.patch
+Patch2: policycoreutils-f19.patch
Obsoletes: policycoreutils < 2.0.61-2
Conflicts: filesystem < 3
Provides: /sbin/fixfiles
@@ -340,6 +340,10 @@ The policycoreutils-restorecond package contains the restorecond service.
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Tue Apr 23 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-60
+- Add FILENAME support to sepolgen
+- Add back support for '<<none>>' in semanage fcontext.
+
* Mon Mar 25 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-59
- Can not unshare IPC in sandbox, since it blows up Xephyr
- Remove bogus error message sandbox about reseting setfsuid
More information about the scm-commits
mailing list