* Tue Jan 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-1

- Update to upstream * chcat: cut categories at arbitrary point (25) from Dan Walsh * semodule: use new interfaces in libsemanage for compressed files from Dan Walsh * audit2allow: string changes for usage
2009-01-13 14:01:10 +00:00 · 2009-01-13 14:01:10 +00:00 · 114d182b28
parent e2044195fe
commit 114d182b28
5 changed files with 19 additions and 163 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -193,3 +193,4 @@ policycoreutils-2.0.58.tgz
 policycoreutils-2.0.59.tgz
 policycoreutils-2.0.60.tgz
 sepolgen-1.0.14.tgz
+policycoreutils-2.0.61.tgz
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,54 +1,7 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.60/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow	2008-11-10 08:53:49.000000000 -0500
-+++ policycoreutils-2.0.60/audit2allow/audit2allow	2008-12-15 15:34:54.000000000 -0500
-@@ -42,10 +42,10 @@
-         from optparse import OptionParser
- 
-         parser = OptionParser(version=self.VERSION)
-        parser.add_option("-a", "--audit", action="store_true", dest="audit", default=False,
-+        parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
-                           help="read input from audit log - conflicts with -i")
-         parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
-                          help="read input from dmesg - conflicts with --audit and --input")
-+                          help="read input from dmesg - conflicts with --all and --input")
-         parser.add_option("-i", "--input", dest="input",
-                           help="read input from <input> - conflicts with -a")
-         parser.add_option("-l", "--lastreload", action="store_true", dest="lastreload", default=False,
-@@ -82,9 +82,9 @@
-         # Make -d, -a, and -i conflict
-         if options.audit is True:
-             if options.input is not None:
-                sys.stderr.write("error: --audit conflicts with --input\n")
-+                sys.stderr.write("error: --all conflicts with --input\n")
-             if options.dmesg is True:
-                sys.stderr.write("error: --audit conflicts with --dmesg\n")
-+                sys.stderr.write("error: --all conflicts with --dmesg\n")
-         if options.input is not None and options.dmesg is True:
-             sys.stderr.write("error: --input conflicts with --dmesg\n")
- 
-@@ -200,7 +200,7 @@
-         try:
-             fd = open(filename, "w")
-         except IOError, e:
-            sys.stderr.write("could not write output file: %s\n", str(e))
-+            sys.stderr.write("could not write output file: %s\n" % str(e))
-             sys.exit(1)
- 
-         writer.write(generator.get_module(), fd)
 diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.60/audit2allow/audit2allow.1
--- nsapolicycoreutils/audit2allow/audit2allow.1	2008-11-10 08:53:49.000000000 -0500
+--- nsapolicycoreutils/audit2allow/audit2allow.1	2009-01-13 08:45:35.000000000 -0500
 +++ policycoreutils-2.0.60/audit2allow/audit2allow.1	2008-12-15 15:35:46.000000000 -0500
-@@ -44,9 +44,6 @@
- Note that all audit messages are not available via dmesg when
- auditd is running; use "ausearch -m avc | audit2allow"  or "-a" instead.
- .TP
-.B "\-f" | "\-\-fcfile" <File Context File>
-Add File Context File to generated Module Package. Requires -M option.
-.TP
- .B "\-h" | "\-\-help"
- Print a short usage message
- .TP
-@@ -78,9 +75,6 @@
+@@ -75,9 +75,6 @@
 Generate reference policy using installed macros.
 This attempts to match denials against interfaces and may be inaccurate.
 .TP
@ -116,21 +69,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po
 	if (prev_utmp_ptr) {
 		changed = strings_list_diff(prev_utmp_ptr, utmp_ptr);
 		strings_list_free(prev_utmp_ptr);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.60/scripts/chcat
--- nsapolicycoreutils/scripts/chcat	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.60/scripts/chcat	2008-12-15 15:34:54.000000000 -0500
-@@ -291,6 +291,8 @@
-             for i in c.split(","):
-                 if i not in newcats:
-                     newcats.append(i)
-+    if len(newcats) > 25:
-+        return cats
-     return newcats
- 
- def translate(cats):
 diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.60/semanage/semanage
 --- nsapolicycoreutils/semanage/semanage	2008-11-14 17:10:15.000000000 -0500
-+++ policycoreutils-2.0.60/semanage/semanage	2009-01-05 14:07:44.000000000 -0500
+++ policycoreutils-2.0.60/semanage/semanage	2009-01-13 08:55:07.000000000 -0500
@@ -219,6 +219,7 @@
 					     'seuser=',
 					     'store=',
@ -140,79 +81,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po
 					     'roles=',
 					     'type=',
 diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.60/semodule/semodule.c
--- nsapolicycoreutils/semodule/semodule.c	2008-08-28 09:34:24.000000000 -0400
+--- nsapolicycoreutils/semodule/semodule.c	2009-01-13 08:45:35.000000000 -0500
 +++ policycoreutils-2.0.60/semodule/semodule.c	2009-01-06 08:56:37.000000000 -0500
-@@ -60,24 +60,6 @@
- 	free(commands);
- }
- 
-/* mmap() a file to '*data', returning the total number of bytes in
- * the file.  Returns 0 if file could not be opened or mapped. */
-static size_t map_file(char *filename, char **data)
-{
-	int fd;
-	struct stat sb;
-	if ((fd = open(filename, O_RDONLY)) == -1) {
-		return 0;
-	}
-	if (fstat(fd, &sb) == -1 ||
-	    (*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) ==
-	    MAP_FAILED) {
-		sb.st_size = 0;
-	}
-	close(fd);
-	return sb.st_size;
-}
-
- /* Signal handlers. */
- static void handle_signal(int sig_num)
- {
-@@ -339,16 +321,6 @@
- 	for (i = 0; i < num_commands; i++) {
- 		enum client_modes mode = commands[i].mode;
- 		char *mode_arg = commands[i].arg;
-		char *data = NULL;
-		size_t data_len = 0;
-		if (mode == INSTALL_M || mode == UPGRADE_M || mode == BASE_M) {
-			if ((data_len = map_file(mode_arg, &data)) == 0) {
-				fprintf(stderr,
-					"%s:  Could not read file '%s': %s\n",
-					argv[0], mode_arg, errno ? strerror(errno) : "");
-				goto cleanup;
-			}
-		}
- 		switch (mode) {
- 		case INSTALL_M:{
- 				if (verbose) {
-@@ -357,7 +329,7 @@
- 					     mode_arg);
- 				}
- 				result =
-				    semanage_module_install(sh, data, data_len);
-+				    semanage_module_install_file(sh, mode_arg);
- 				break;
- 			}
- 		case UPGRADE_M:{
-@@ -367,7 +339,7 @@
- 					     mode_arg);
- 				}
- 				result =
-				    semanage_module_upgrade(sh, data, data_len);
-+				    semanage_module_upgrade_file(sh, mode_arg);
- 				break;
- 			}
- 		case BASE_M:{
-@@ -377,8 +349,7 @@
- 					     mode_arg);
- 				}
- 				result =
-				    semanage_module_install_base(sh, data,
-								 data_len);
-+				    semanage_module_install_base_file(sh, mode_arg);
- 				break;
- 			}
- 		case REMOVE_M:{
-@@ -388,6 +359,9 @@
+@@ -359,6 +359,9 @@
 					     mode_arg);
 				}
 				result = semanage_module_remove(sh, mode_arg);
@ -222,14 +93,3 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po
 				break;
 			}
 		case LIST_M:{
-@@ -429,9 +403,6 @@
- 			}
- 		}
- 		commit += do_commit[mode];
-		if (mode == INSTALL_M || mode == UPGRADE_M || mode == BASE_M) {
-			munmap(data, data_len);
-		}
- 		if (result < 0) {
- 			fprintf(stderr, "%s:  Failed on %s!\n", argv[0],
- 				mode_arg ? : "list");
-Binary files nsapolicycoreutils/semodule/semodule.o and policycoreutils-2.0.60/semodule/semodule.o differ
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@ -1,18 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/access.py
--- nsasepolgen/src/sepolgen/access.py	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/access.py	2008-12-01 11:47:09.000000000 -0500
-@@ -313,7 +313,7 @@
- 
-     def __len__(self):
-         """Return the unique number of role allow statements."""
-        return len(self.roles)
-+        return len(self.role_type.keys())
- 
-     def add(self, role, type):
-         if self.role_types.has_key(role):
 diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/refparser.py
 --- nsasepolgen/src/sepolgen/refparser.py	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/refparser.py	2008-12-01 11:47:09.000000000 -0500
+++ policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/refparser.py	2008-12-15 15:34:55.000000000 -0500
@@ -919,7 +919,7 @@
 def list_headers(root):
     modules = []
@ -24,7 +12,7 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py polic
         for name in filenames:
 diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/yacc.py policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/yacc.py
 --- nsasepolgen/src/sepolgen/yacc.py	2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/yacc.py	2008-12-06 07:26:04.000000000 -0500
+++ policycoreutils-2.0.60/sepolgen-1.0.14/src/sepolgen/yacc.py	2008-12-15 15:34:55.000000000 -0500
@@ -67,7 +67,7 @@
 
 error_count = 3                # Number of symbols that must be shifted to leave recovery mode
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -5,8 +5,8 @@
 %define	sepolgenver	1.0.14
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
-Version: 2.0.60
-Release: 7%{?dist}
+Version: 2.0.61
+Release: 1%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -25,7 +25,7 @@ Patch3:	 policycoreutils-gui.patch
 Patch4:	 policycoreutils-sepolgen.patch

 BuildRequires: pam-devel libsepol-static >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver}  libcap-devel audit-libs-devel >=  %{libauditver} gettext
-Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed 
+Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed /usr/bin/make
 Requires: libsepol >= %{libsepolver} libsemanage-python >= %{libsemanagever} coreutils audit-libs-python >=  %{libauditver} checkpolicy libselinux-python libselinux-utils >=  %{libselinuxver} 
 Requires(post): /sbin/service /sbin/chkconfig 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -192,6 +192,13 @@ if [ "$1" -ge "1" ]; then
 fi

 %changelog
+* Tue Jan 13 2009 Dan Walsh <dwalsh@redhat.com> 2.0.61-1
+- Update to upstream
+	* chcat: cut categories at arbitrary point (25) from Dan Walsh
+	* semodule: use new interfaces in libsemanage for compressed files
+	  from Dan Walsh
+	* audit2allow: string changes for usage
+
 * Tue Jan 6 2009 Dan Walsh <dwalsh@redhat.com> 2.0.60-7
 - Don't error out when removing a non existing module

--- a/2
+++ b/2
@ -1,2 +1,2 @@
-53c9e85e3807a80e3ccca2bfd42e787d  policycoreutils-2.0.60.tgz
 df57d9d33c940c60994c6cbaa9f8e4a3  sepolgen-1.0.14.tgz
+1ba7555adc6d14e0bf41186aa9ce833e  policycoreutils-2.0.61.tgz