[policycoreutils/f20] Fix selinux-polgengui, get_all_modules call
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Nov 20 14:17:52 UTC 2013
commit 8c581a5cd4b63d4554e0b7e20cc1773f1b71207c
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Nov 20 09:18:10 2013 -0500
Fix selinux-polgengui, get_all_modules call
policycoreutils-rhat.patch | 237 +++++++++++++++++++++++++++++++++-----------
policycoreutils.spec | 5 +-
2 files changed, 182 insertions(+), 60 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index affaded..0937df8 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -982,11 +982,105 @@ index 9ff0766..a52863e 100644
+ except subprocess.CalledProcessError as e:
+ self.error(e.output)
+ self.ready()
+diff --git a/policycoreutils/gui/polgen.glade b/policycoreutils/gui/polgen.glade
+index 37c1472..9854fb2 100644
+--- a/policycoreutils/gui/polgen.glade
++++ b/policycoreutils/gui/polgen.glade
+@@ -758,7 +758,7 @@
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_underline">True</property>
+- <signal name="clicked" handler="on_exec_select_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_exec_select_clicked"/>
+ </widget>
+ <packing>
+ <property name="left_attach">2</property>
+@@ -840,7 +840,7 @@
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_underline">True</property>
+- <signal name="clicked" handler="on_init_script_select_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_init_script_select_clicked" />
+ </widget>
+ <packing>
+ <property name="left_attach">2</property>
+@@ -1983,7 +1983,7 @@ Tab</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+- <signal name="clicked" handler="on_add_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_add_clicked" />
+ <child>
+ <widget class="GtkAlignment" id="alignment6">
+ <property name="visible">True</property>
+@@ -2036,7 +2036,7 @@ Tab</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+- <signal name="clicked" handler="on_add_dir_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_add_dir_clicked" />
+ <child>
+ <widget class="GtkAlignment" id="alignment5">
+ <property name="visible">True</property>
+@@ -2091,7 +2091,7 @@ Tab</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_stock">True</property>
+- <signal name="clicked" handler="on_delete_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_delete_clicked" />
+ <accelerator key="Delete" signal="clicked"/>
+ </widget>
+ <packing>
+@@ -2188,7 +2188,7 @@ Tab</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+- <signal name="clicked" handler="on_add_boolean_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_add_boolean_clicked" />
+ <child>
+ <widget class="GtkAlignment" id="alignment1">
+ <property name="visible">True</property>
+@@ -2243,7 +2243,7 @@ Tab</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_stock">True</property>
+- <signal name="clicked" handler="on_delete_boolean_clicked" swapped="no"/>
++ <signal name="clicked" handler="on_delete_boolean_clicked" />
+ <accelerator key="Delete" signal="clicked"/>
+ </widget>
+ <packing>
+@@ -2414,7 +2414,7 @@ Tab</property>
+ <property name="can_default">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_stock">True</property>
+- <signal name="activate" handler="on_cancel_activate" swapped="no"/>
++ <signal name="activate" handler="on_cancel_activate" />
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+@@ -2430,7 +2430,7 @@ Tab</property>
+ <property name="can_default">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_stock">True</property>
+- <signal name="activate" handler="on_back_activate" swapped="no"/>
++ <signal name="activate" handler="on_back_activate" />
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+@@ -2446,7 +2446,7 @@ Tab</property>
+ <property name="can_default">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_stock">True</property>
+- <signal name="activate" handler="on_forward_activate" swapped="no"/>
++ <signal name="activate" handler="on_forward_activate" />
+ </widget>
+ <packing>
+ <property name="expand">False</property>
diff --git a/policycoreutils/gui/polgengui.py b/policycoreutils/gui/polgengui.py
-index 0f0e564..ab2b9c5 100644
+index 0f0e564..1b88c47 100644
--- a/policycoreutils/gui/polgengui.py
+++ b/policycoreutils/gui/polgengui.py
-@@ -30,25 +30,29 @@ import gnome
+@@ -30,29 +30,15 @@ import gnome
import sys
try:
from sepolicy import generate
@@ -1002,10 +1096,8 @@ index 0f0e564..ab2b9c5 100644
import re
- def get_all_modules():
-+ all_modules = []
-+ cmd = "semodule -l 2>/dev/null"
- try:
+-def get_all_modules():
+- try:
- all_modules = []
- rc, output=commands.getstatusoutput("semodule -l 2>/dev/null")
- if rc == 0:
@@ -1014,20 +1106,14 @@ index 0f0e564..ab2b9c5 100644
- all_modules.append(i.split()[0])
- except:
- pass
-+ output = subprocess.check_output(cmd,
-+ stderr=subprocess.STDOUT,
-+ shell=True)
-+ l = output.split("\n")
-+ for i in l:
-+ all_modules.append(i.split()[0])
-+
-+ except subprocess.CalledProcessError as e:
-+ self.error(e.output)
-+ self.ready()
-
- return all_modules
-
-@@ -67,8 +71,8 @@ try:
+-
+- return all_modules
+-
+-
+ ##
+ ## I18N
+ ##
+@@ -67,8 +53,8 @@ try:
unicode=False,
codeset = 'utf-8')
except IOError:
@@ -1038,8 +1124,12 @@ index 0f0e564..ab2b9c5 100644
gnome.program_init("SELinux Policy Generation Tool", "5")
-@@ -194,7 +198,7 @@ class childWindow:
- self.all_modules = get_all_modules()
+@@ -191,10 +177,10 @@ class childWindow:
+
+ try:
+ self.all_types = generate.get_all_types()
+- self.all_modules = get_all_modules()
++ self.all_modules = sepolicy.get_all_modules()
self.all_roles = generate.get_all_roles()
self.all_users = generate.get_all_users()
- except RuntimeError, e:
@@ -1047,7 +1137,7 @@ index 0f0e564..ab2b9c5 100644
self.all_types = []
self.all_modules = []
self.all_roles = []
-@@ -262,7 +266,7 @@ class childWindow:
+@@ -262,7 +248,7 @@ class childWindow:
self.out_udp_entry = self.xml.get_widget("out_udp_entry")
self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
@@ -1056,7 +1146,7 @@ index 0f0e564..ab2b9c5 100644
b.connect("clicked",self.network_all_clicked)
self.boolean_treeview = self.xml.get_widget("boolean_treeview")
-@@ -333,7 +337,7 @@ class childWindow:
+@@ -333,7 +319,7 @@ class childWindow:
for a in sepolicy.interface.get_admin():
iter = self.admin_store.append()
self.admin_store.set_value(iter, 0, a)
@@ -1065,7 +1155,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
def confine_application(self):
-@@ -519,7 +523,7 @@ class childWindow:
+@@ -519,7 +505,7 @@ class childWindow:
self.info(my_policy.generate(outputdir))
return False
@@ -1074,7 +1164,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
def delete(self, args):
-@@ -687,7 +691,7 @@ class childWindow:
+@@ -687,7 +673,7 @@ class childWindow:
try:
generate.verify_ports(self.in_tcp_entry.get_text())
generate.verify_ports(self.in_udp_entry.get_text())
@@ -1083,7 +1173,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
return True
-@@ -695,7 +699,7 @@ class childWindow:
+@@ -695,7 +681,7 @@ class childWindow:
try:
generate.verify_ports(self.out_tcp_entry.get_text())
generate.verify_ports(self.out_udp_entry.get_text())
@@ -1092,7 +1182,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
return True
-@@ -734,12 +738,12 @@ class childWindow:
+@@ -734,12 +720,12 @@ class childWindow:
policy.set_program(exe)
policy.gen_writeable()
policy.gen_symbols()
@@ -259690,10 +259780,10 @@ index 74fb347..adb6ca5 100755
+ print("Out")
sys.exit(0)
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
-index fd95c16..e7607fd 100644
+index fd95c16..7ef8adf 100644
--- a/policycoreutils/sepolicy/sepolicy/__init__.py
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
-@@ -3,7 +3,7 @@
+@@ -3,23 +3,27 @@
# Author: Dan Walsh <dwalsh at redhat.com>
# Author: Ryan Hallisey <rhallise at redhat.com>
@@ -259702,7 +259792,11 @@ index fd95c16..e7607fd 100644
import selinux, glob
PROGNAME="policycoreutils"
import gettext
-@@ -14,12 +14,15 @@ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+ import sepolgen.defaults as defaults
+ import sepolgen.interfaces as interfaces
+ import sys
++import subprocess
+ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
try:
gettext.install(PROGNAME,
@@ -259722,7 +259816,7 @@ index fd95c16..e7607fd 100644
TYPE = _policy.TYPE
ROLE = _policy.ROLE
-@@ -28,6 +31,8 @@ PORT = _policy.PORT
+@@ -28,6 +32,8 @@ PORT = _policy.PORT
USER = _policy.USER
BOOLEAN = _policy.BOOLEAN
TCLASS = _policy.CLASS
@@ -259731,7 +259825,7 @@ index fd95c16..e7607fd 100644
ALLOW = 'allow'
AUDITALLOW = 'auditallow'
-@@ -59,7 +64,7 @@ def search(types, info = {}):
+@@ -59,7 +65,7 @@ def search(types, info = {}):
dict_list = _policy.search(seinfo)
if dict_list and len(perms) != 0:
@@ -259740,7 +259834,7 @@ index fd95c16..e7607fd 100644
return dict_list
def get_conditionals(src,dest,tclass,perm):
-@@ -75,7 +80,7 @@ def get_conditionals(src,dest,tclass,perm):
+@@ -75,7 +81,7 @@ def get_conditionals(src,dest,tclass,perm):
allows=[]
allows.append(i)
try:
@@ -259749,7 +259843,7 @@ index fd95c16..e7607fd 100644
tdict.update({'source':i['source'],'boolean':i['boolean']})
if tdict not in tlist:
tlist.append(tdict)
-@@ -86,8 +91,8 @@ def get_conditionals(src,dest,tclass,perm):
+@@ -86,8 +92,8 @@ def get_conditionals(src,dest,tclass,perm):
return (tlist)
def get_conditionals_format_text(cond):
@@ -259760,7 +259854,33 @@ index fd95c16..e7607fd 100644
def get_types_from_attribute(attribute):
return info(ATTRIBUTE,attribute)[0]["types"]
-@@ -141,6 +146,9 @@ def get_writable_files(setype):
+@@ -112,6 +118,25 @@ trans_file_type_str["-s"] = "s"
+ trans_file_type_str["-l"] = "l"
+ trans_file_type_str["-p"] = "p"
+
++def get_all_modules():
++ all_modules = []
++ cmd = "semodule -l 2>/dev/null"
++ try:
++ output = subprocess.check_output(cmd,
++ stderr=subprocess.STDOUT,
++ shell=True)
++ l = output.split("\n")
++
++ except subprocess.CalledProcessError as e:
++ from .sedbus import SELinuxDBus
++ l = SELinuxDBus().semodule_list().split("\n")
++
++ for i in l:
++ if len(i):
++ all_modules.append(i.split()[0])
++
++ return all_modules
++
+ def get_file_types(setype):
+ flist=[]
+ mpaths={}
+@@ -141,6 +166,9 @@ def get_writable_files(setype):
for i in permlist:
if i['target'] in attributes:
continue
@@ -259770,7 +259890,7 @@ index fd95c16..e7607fd 100644
if i['target'].endswith("_t"):
if i['target'] not in file_types:
continue
-@@ -166,7 +174,7 @@ def find_file(reg):
+@@ -166,7 +194,7 @@ def find_file(reg):
try:
pat = re.compile(r"%s$" % reg)
except:
@@ -259779,7 +259899,7 @@ index fd95c16..e7607fd 100644
return []
p = reg
if p.endswith("(/.*)?"):
-@@ -178,19 +186,19 @@ def find_file(reg):
+@@ -178,19 +206,19 @@ def find_file(reg):
if path[-1] != "/": # is pass in it breaks without try block
path += "/"
except IndexError:
@@ -259802,7 +259922,7 @@ index fd95c16..e7607fd 100644
if exe.endswith("_exec_t") and exe not in exclude_list:
for path in executable_files[exe]:
for f in find_file(path):
-@@ -218,7 +226,7 @@ def read_file_equiv(edict, fc_path, modify):
+@@ -218,7 +246,7 @@ def read_file_equiv(edict, fc_path, modify):
f = e.split()
edict[f[0]] = { "equiv" : f[1], "modify" : modify }
return edict
@@ -259811,7 +259931,7 @@ index fd95c16..e7607fd 100644
file_equiv_modified=None
def get_file_equiv_modified(fc_path = selinux.selinux_file_context_path()):
global file_equiv_modified
-@@ -236,7 +244,7 @@ def get_file_equiv(fc_path = selinux.selinux_file_context_path()):
+@@ -236,7 +264,7 @@ def get_file_equiv(fc_path = selinux.selinux_file_context_path()):
file_equiv = get_file_equiv_modified(fc_path)
file_equiv = read_file_equiv(file_equiv, fc_path + ".subs_dist", modify = False)
return file_equiv
@@ -259820,7 +259940,7 @@ index fd95c16..e7607fd 100644
local_files=None
def get_local_file_paths(fc_path = selinux.selinux_file_context_path()):
global local_files
-@@ -306,7 +314,7 @@ def get_fcdict(fc_path = selinux.selinux_file_context_path()):
+@@ -306,7 +334,7 @@ def get_fcdict(fc_path = selinux.selinux_file_context_path()):
def get_transitions_into(setype):
try:
@@ -259829,7 +259949,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return None
-@@ -320,7 +328,7 @@ def get_transitions(setype):
+@@ -320,7 +348,7 @@ def get_transitions(setype):
def get_file_transitions(setype):
try:
@@ -259838,7 +259958,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return None
-@@ -344,7 +352,7 @@ def get_all_entrypoints():
+@@ -344,7 +372,7 @@ def get_all_entrypoints():
def get_entrypoint_types(setype):
entrypoints = []
try:
@@ -259847,7 +259967,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return entrypoints
-@@ -352,7 +360,7 @@ def get_entrypoint_types(setype):
+@@ -352,7 +380,7 @@ def get_entrypoint_types(setype):
def get_init_transtype(path):
entrypoint = selinux.getfilecon(path)[1].split(":")[2]
try:
@@ -259856,7 +259976,7 @@ index fd95c16..e7607fd 100644
if len(entrypoints) == 0:
return None
return entrypoints[0]["transtype"]
-@@ -362,7 +370,7 @@ def get_init_transtype(path):
+@@ -362,7 +390,7 @@ def get_init_transtype(path):
def get_init_entrypoint(transtype):
try:
@@ -259865,7 +259985,7 @@ index fd95c16..e7607fd 100644
if len(entrypoints) == 0:
return None
return entrypoints[0]["target"]
-@@ -372,7 +380,7 @@ def get_init_entrypoint(transtype):
+@@ -372,7 +400,7 @@ def get_init_entrypoint(transtype):
def get_init_entrypoint_target(entrypoint):
try:
@@ -259874,7 +259994,7 @@ index fd95c16..e7607fd 100644
return entrypoints[0]
except TypeError:
pass
-@@ -410,7 +418,7 @@ def get_methods():
+@@ -410,7 +438,7 @@ def get_methods():
# List of per_role_template interfaces
ifs = interfaces.InterfaceSet()
ifs.from_file(fd)
@@ -259883,7 +260003,7 @@ index fd95c16..e7607fd 100644
fd.close()
except:
sys.stderr.write("could not open interface info [%s]\n" % fn)
-@@ -423,7 +431,7 @@ all_types = None
+@@ -423,7 +451,7 @@ all_types = None
def get_all_types():
global all_types
if all_types == None:
@@ -259892,16 +260012,15 @@ index fd95c16..e7607fd 100644
return all_types
user_types = None
-@@ -465,7 +473,7 @@ portrecs = None
+@@ -465,7 +493,6 @@ portrecs = None
portrecsbynum = None
def gen_interfaces():
- import commands
-+ import subprocess
ifile = defaults.interface_info()
headers = defaults.headers()
rebuild = False
-@@ -477,7 +485,9 @@ def gen_interfaces():
+@@ -477,7 +504,9 @@ def gen_interfaces():
if os.getuid() != 0:
raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
@@ -259912,7 +260031,7 @@ index fd95c16..e7607fd 100644
def gen_port_dict():
global portrecs
-@@ -511,12 +521,26 @@ def get_all_domains():
+@@ -511,12 +540,26 @@ def get_all_domains():
all_domains = info(ATTRIBUTE,"domain")[0]["types"]
return all_domains
@@ -259940,7 +260059,7 @@ index fd95c16..e7607fd 100644
roles.remove("object_r")
roles.sort()
return roles
-@@ -549,7 +573,7 @@ def get_login_mappings():
+@@ -549,7 +592,7 @@ def get_login_mappings():
return login_mappings
def get_all_users():
@@ -259949,7 +260068,7 @@ index fd95c16..e7607fd 100644
users.sort()
return users
-@@ -697,7 +721,7 @@ all_attributes = None
+@@ -697,7 +740,7 @@ all_attributes = None
def get_all_attributes():
global all_attributes
if not all_attributes:
@@ -259958,7 +260077,7 @@ index fd95c16..e7607fd 100644
return all_attributes
def policy(policy_file):
-@@ -727,7 +751,7 @@ def policy(policy_file):
+@@ -727,7 +770,7 @@ def policy(policy_file):
try:
policy_file = get_installed_policy()
policy(policy_file)
@@ -259967,7 +260086,7 @@ index fd95c16..e7607fd 100644
if selinux.is_selinux_enabled() == 1:
raise e
-@@ -755,7 +779,7 @@ def get_bools(setype):
+@@ -755,7 +798,7 @@ def get_bools(setype):
bools = []
domainbools = []
domainname, short_name = gen_short_name(setype)
@@ -259976,7 +260095,7 @@ index fd95c16..e7607fd 100644
for b in i:
if not isinstance(b,tuple):
continue
-@@ -818,7 +842,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
+@@ -818,7 +861,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
desc = i.find("desc").find("p").text.strip("\n")
desc = re.sub("\n", " ", desc)
booleans_dict[i.get('name')] = ("global", i.get('dftval'), desc)
@@ -259985,7 +260104,7 @@ index fd95c16..e7607fd 100644
pass
return booleans_dict
-@@ -841,12 +865,13 @@ def get_os_version():
+@@ -841,12 +884,13 @@ def get_os_version():
os_version = ""
pkg_name = "selinux-policy"
try:
@@ -260005,7 +260124,7 @@ index fd95c16..e7607fd 100644
if os_version[0:2] == "fc":
os_version = "Fedora"+os_version[2:]
-@@ -868,7 +893,7 @@ def reinit():
+@@ -868,7 +912,7 @@ def reinit():
global file_types
global local_files
global methods
diff --git a/policycoreutils.spec b/policycoreutils.spec
index bf86d36..e58a603 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.2.2
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -347,6 +347,9 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service
%changelog
+* Wed Nov 20 2013 Dan Walsh <dwalsh at redhat.com> - 2.2.2-2
+- Fix selinux-polgengui, get_all_modules call
+
* Fri Nov 15 2013 Dan Walsh <dwalsh at redhat.com> - 2.2.2-1
- Speed up startup time of sepolicy gui
- Clean up ports screen to only show enabled ports.
More information about the scm-commits
mailing list