Simplication of sepolicy-manpage web functionality (#1193552)
system_release is no longer hardcoded and it creates only index.html and html man pages in the directory for the system release.
This commit is contained in:
parent
93602ec85a
commit
15238906cb
|
@ -658646,7 +658646,7 @@ index 74fb347..adb6ca5 100755
|
||||||
+ print("Out")
|
+ print("Out")
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
diff --git a/policycoreutils-2.3/sepolicy/sepolicy/__init__.py b/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
diff --git a/policycoreutils-2.3/sepolicy/sepolicy/__init__.py b/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
||||||
index 679725d..075da91 100644
|
index 679725d..d3dc4be 100644
|
||||||
--- a/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
--- a/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
||||||
+++ b/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
+++ b/policycoreutils-2.3/sepolicy/sepolicy/__init__.py
|
||||||
@@ -3,23 +3,27 @@
|
@@ -3,23 +3,27 @@
|
||||||
|
@ -659028,9 +659028,13 @@ index 679725d..075da91 100644
|
||||||
pass
|
pass
|
||||||
return booleans_dict
|
return booleans_dict
|
||||||
|
|
||||||
@@ -844,19 +937,23 @@ def get_os_version():
|
@@ -841,24 +934,14 @@ def boolean_desc(boolean):
|
||||||
os_version = ""
|
return "Allow %s to %s" % (desc[0], " ".join(desc[1:]))
|
||||||
pkg_name = "selinux-policy"
|
|
||||||
|
def get_os_version():
|
||||||
|
- os_version = ""
|
||||||
|
- pkg_name = "selinux-policy"
|
||||||
|
+ system_release = ""
|
||||||
try:
|
try:
|
||||||
- import commands
|
- import commands
|
||||||
- rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
|
- rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
|
||||||
|
@ -659038,33 +659042,24 @@ index 679725d..075da91 100644
|
||||||
- os_version = output.split(".")[-2]
|
- os_version = output.split(".")[-2]
|
||||||
- except:
|
- except:
|
||||||
- os_version = ""
|
- os_version = ""
|
||||||
+ import subprocess
|
-
|
||||||
+ output = subprocess.check_output("rpm -q '%s'" % pkg_name,
|
|
||||||
+ stderr=subprocess.STDOUT,
|
|
||||||
+ shell=True)
|
|
||||||
+ try:
|
|
||||||
+ os_version = str(output).split(".")[-2]
|
|
||||||
+ if os_version[0:2] == "fc":
|
|
||||||
+ os_version = "Fedora"+os_version[2:]
|
|
||||||
+ elif os_version[0:2] == "el":
|
|
||||||
+ os_version = "RHEL"+os_version[2:]
|
|
||||||
+ else:
|
|
||||||
+ os_version = "Misc"
|
|
||||||
+ except IndexError:
|
|
||||||
+ os_version = "Misc"
|
|
||||||
|
|
||||||
- if os_version[0:2] == "fc":
|
- if os_version[0:2] == "fc":
|
||||||
- os_version = "Fedora"+os_version[2:]
|
- os_version = "Fedora"+os_version[2:]
|
||||||
- elif os_version[0:2] == "el":
|
- elif os_version[0:2] == "el":
|
||||||
- os_version = "RHEL"+os_version[2:]
|
- os_version = "RHEL"+os_version[2:]
|
||||||
- else:
|
- else:
|
||||||
- os_version = ""
|
- os_version = ""
|
||||||
+ except subprocess.CalledProcessError:
|
+ with open('/etc/system-release') as f:
|
||||||
+ os_version = "Misc"
|
+ system_release = f.readline().rstrip()
|
||||||
|
+ except IOError:
|
||||||
|
+ system_release = "Misc"
|
||||||
|
|
||||||
return os_version
|
- return os_version
|
||||||
|
+ return system_release
|
||||||
|
|
||||||
@@ -871,7 +968,7 @@ def reinit():
|
def reinit():
|
||||||
|
global all_attributes
|
||||||
|
@@ -871,7 +954,7 @@ def reinit():
|
||||||
global file_types
|
global file_types
|
||||||
global local_files
|
global local_files
|
||||||
global methods
|
global methods
|
||||||
|
@ -661118,7 +661113,7 @@ index bbabb3b..b17f6af 100644
|
||||||
os.remove(v)
|
os.remove(v)
|
||||||
|
|
||||||
diff --git a/policycoreutils-2.3/sepolicy/sepolicy/manpage.py b/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
diff --git a/policycoreutils-2.3/sepolicy/sepolicy/manpage.py b/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
||||||
index ba15b2c..04f9799 100755
|
index ba15b2c..2316f50 100755
|
||||||
--- a/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
--- a/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
||||||
+++ b/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
+++ b/policycoreutils-2.3/sepolicy/sepolicy/manpage.py
|
||||||
@@ -30,103 +30,111 @@ import selinux
|
@@ -30,103 +30,111 @@ import selinux
|
||||||
|
@ -661310,14 +661305,13 @@ index ba15b2c..04f9799 100755
|
||||||
|
|
||||||
def prettyprint(f,trim):
|
def prettyprint(f,trim):
|
||||||
return " ".join(f[:-len(trim)].split("_"))
|
return " ".join(f[:-len(trim)].split("_"))
|
||||||
@@ -135,72 +143,78 @@ def prettyprint(f,trim):
|
@@ -135,150 +143,106 @@ def prettyprint(f,trim):
|
||||||
manpage_domains = []
|
manpage_domains = []
|
||||||
manpage_roles = []
|
manpage_roles = []
|
||||||
|
|
||||||
-fedora_releases = ["Fedora17","Fedora18"]
|
-fedora_releases = ["Fedora17","Fedora18"]
|
||||||
+fedora_releases = ["Fedora17","Fedora18","Fedora19","Fedora20","Fedora21","Fedora22"]
|
-rhel_releases = ["RHEL6","RHEL7"]
|
||||||
rhel_releases = ["RHEL6","RHEL7"]
|
-
|
||||||
|
|
||||||
def get_alphabet_manpages(manpage_list):
|
def get_alphabet_manpages(manpage_list):
|
||||||
- alphabet_manpages = dict.fromkeys(string.ascii_letters, [])
|
- alphabet_manpages = dict.fromkeys(string.ascii_letters, [])
|
||||||
- for i in string.ascii_letters:
|
- for i in string.ascii_letters:
|
||||||
|
@ -661409,9 +661403,9 @@ index ba15b2c..04f9799 100755
|
||||||
+ self.manpage_domains = get_alphabet_manpages(manpage_domains)
|
+ self.manpage_domains = get_alphabet_manpages(manpage_domains)
|
||||||
+ self.os_version = os_version
|
+ self.os_version = os_version
|
||||||
+ self.old_path = path + "/"
|
+ self.old_path = path + "/"
|
||||||
+ self.new_path = self.old_path + self.os_version+"/"
|
+ self.new_path = self.old_path
|
||||||
+
|
+
|
||||||
+ if (self.os_version in fedora_releases) or (self.os_version in rhel_releases) or (self.os_version == "Misc"):
|
+ if self.os_version:
|
||||||
+
|
+
|
||||||
+ self.__gen_html_manpages()
|
+ self.__gen_html_manpages()
|
||||||
+ else:
|
+ else:
|
||||||
|
@ -661421,7 +661415,6 @@ index ba15b2c..04f9799 100755
|
||||||
+ def __gen_html_manpages(self):
|
+ def __gen_html_manpages(self):
|
||||||
+ self._write_html_manpage()
|
+ self._write_html_manpage()
|
||||||
+ self._gen_index()
|
+ self._gen_index()
|
||||||
+ self._gen_body()
|
|
||||||
+ self._gen_css()
|
+ self._gen_css()
|
||||||
+
|
+
|
||||||
+ def _write_html_manpage(self):
|
+ def _write_html_manpage(self):
|
||||||
|
@ -661440,40 +661433,49 @@ index ba15b2c..04f9799 100755
|
||||||
+
|
+
|
||||||
+
|
+
|
||||||
+ def _gen_index(self):
|
+ def _gen_index(self):
|
||||||
+ index = self.old_path+"index.html"
|
+ html = self.new_path+"index.html"
|
||||||
+ fd = open(index,'w')
|
+ fd = open(html,'w')
|
||||||
+ fd.write("""
|
+ fd.write("""
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<link rel=stylesheet type="text/css" href="style.css" title="style">
|
- <link rel=stylesheet type="text/css" href="style.css" title="style">
|
||||||
@@ -219,11 +233,11 @@ Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
- <title>SELinux man pages online</title>
|
||||||
</tr></table>
|
+ <link rel=stylesheet type="text/css" href="style.css" title="style">
|
||||||
<pre>
|
+ <title>SELinux man pages</title>
|
||||||
""")
|
</head>
|
||||||
|
<body>
|
||||||
|
-<h1>SELinux man pages</h1>
|
||||||
|
-<br></br>
|
||||||
|
-Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
||||||
|
-<br></br>
|
||||||
|
-<hr>
|
||||||
|
-<h3>Fedora</h3>
|
||||||
|
-<table><tr>
|
||||||
|
-<td valign="middle">
|
||||||
|
-</td>
|
||||||
|
-</tr></table>
|
||||||
|
-<pre>
|
||||||
|
-""")
|
||||||
- for f in fedora_releases:
|
- for f in fedora_releases:
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
+ for f in fedora_releases:
|
-<a href=%s/%s.html>%s</a> - SELinux man pages for %s """ % (f,f,f,f))
|
||||||
+ fd.write("""
|
-
|
||||||
<a href=%s/%s.html>%s</a> - SELinux man pages for %s """ % (f,f,f,f))
|
|
||||||
|
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
+ fd.write("""
|
-</pre>
|
||||||
</pre>
|
-<hr>
|
||||||
<hr>
|
-<h3>RHEL</h3>
|
||||||
<h3>RHEL</h3>
|
-<table><tr>
|
||||||
@@ -233,24 +247,24 @@ Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
-<td valign="middle">
|
||||||
</tr></table>
|
-</td>
|
||||||
<pre>
|
-</tr></table>
|
||||||
""")
|
-<pre>
|
||||||
|
-""")
|
||||||
- for r in rhel_releases:
|
- for r in rhel_releases:
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
+ for r in rhel_releases:
|
-<a href=%s/%s.html>%s</a> - SELinux man pages for %s """ % (r,r,r,r))
|
||||||
+ fd.write("""
|
-
|
||||||
<a href=%s/%s.html>%s</a> - SELinux man pages for %s """ % (r,r,r,r))
|
|
||||||
|
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
+ fd.write("""
|
-</pre>
|
||||||
</pre>
|
|
||||||
- """)
|
- """)
|
||||||
- fd.close()
|
- fd.close()
|
||||||
- print("%s has been created") % index
|
- print("%s has been created") % index
|
||||||
|
@ -661482,30 +661484,23 @@ index ba15b2c..04f9799 100755
|
||||||
- html = self.new_path+self.os_version+".html"
|
- html = self.new_path+self.os_version+".html"
|
||||||
- fd = open(html,'w')
|
- fd = open(html,'w')
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
+ """)
|
-<html>
|
||||||
+ fd.close()
|
-<head>
|
||||||
+ print(("%s has been created") % index)
|
|
||||||
+
|
|
||||||
+ def _gen_body(self):
|
|
||||||
+ html = self.new_path+self.os_version+".html"
|
|
||||||
+ fd = open(html,'w')
|
|
||||||
+ fd.write("""
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
- <link rel=stylesheet type="text/css" href="../style.css" title="style">
|
- <link rel=stylesheet type="text/css" href="../style.css" title="style">
|
||||||
- <title>Linux man-pages online for Fedora18</title>
|
- <title>Linux man-pages online for Fedora18</title>
|
||||||
+ <link rel=stylesheet type="text/css" href="../style.css" title="style">
|
-</head>
|
||||||
+ <title>Linux man-pages online for Fedora</title>
|
-<body>
|
||||||
</head>
|
-<h1>SELinux man pages for Fedora18</h1>
|
||||||
<body>
|
+<h1>SELinux man pages for %s</h1>
|
||||||
<h1>SELinux man pages for Fedora18</h1>
|
<hr>
|
||||||
@@ -259,26 +273,26 @@ Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
<table><tr>
|
||||||
<td valign="middle">
|
<td valign="middle">
|
||||||
<h3>SELinux roles</h3>
|
<h3>SELinux roles</h3>
|
||||||
""")
|
-""")
|
||||||
- for letter in self.manpage_roles:
|
- for letter in self.manpage_roles:
|
||||||
- if len(self.manpage_roles[letter]):
|
- if len(self.manpage_roles[letter]):
|
||||||
- fd.write("""
|
- fd.write("""
|
||||||
|
+""" % self.os_version)
|
||||||
+ for letter in self.manpage_roles:
|
+ for letter in self.manpage_roles:
|
||||||
+ if len(self.manpage_roles[letter]):
|
+ if len(self.manpage_roles[letter]):
|
||||||
+ fd.write("""
|
+ fd.write("""
|
||||||
|
@ -661540,7 +661535,7 @@ index ba15b2c..04f9799 100755
|
||||||
</pre>
|
</pre>
|
||||||
<hr>
|
<hr>
|
||||||
<table><tr>
|
<table><tr>
|
||||||
@@ -286,38 +300,38 @@ Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
@@ -286,38 +250,38 @@ Fedora or Red Hat Enterprise Linux Man Pages.</h2>
|
||||||
<h3>SELinux domains</h3>"""
|
<h3>SELinux domains</h3>"""
|
||||||
% rolename_body)
|
% rolename_body)
|
||||||
|
|
||||||
|
@ -661599,7 +661594,7 @@ index ba15b2c..04f9799 100755
|
||||||
html, body {
|
html, body {
|
||||||
background-color: #fcfcfc;
|
background-color: #fcfcfc;
|
||||||
font-family: arial, sans-serif;
|
font-family: arial, sans-serif;
|
||||||
@@ -326,9 +340,9 @@ html, body {
|
@@ -326,9 +290,9 @@ html, body {
|
||||||
}
|
}
|
||||||
|
|
||||||
h1, h2, h3, h4, h5, h5 {
|
h1, h2, h3, h4, h5, h5 {
|
||||||
|
@ -661612,7 +661607,7 @@ index ba15b2c..04f9799 100755
|
||||||
}
|
}
|
||||||
|
|
||||||
a {
|
a {
|
||||||
@@ -374,159 +388,198 @@ pre.code {
|
@@ -374,159 +338,198 @@ pre.code {
|
||||||
}
|
}
|
||||||
""")
|
""")
|
||||||
|
|
||||||
|
@ -661935,7 +661930,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH "NAME"
|
.SH "NAME"
|
||||||
%(domainname)s_selinux \- Security Enhanced Linux Policy for the %(domainname)s processes
|
%(domainname)s_selinux \- Security Enhanced Linux Policy for the %(domainname)s processes
|
||||||
.SH "DESCRIPTION"
|
.SH "DESCRIPTION"
|
||||||
@@ -543,20 +596,20 @@ For example:
|
@@ -543,20 +546,20 @@ For example:
|
||||||
|
|
||||||
|
|
||||||
def _format_boolean_desc(self, b):
|
def _format_boolean_desc(self, b):
|
||||||
|
@ -661968,7 +661963,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
If you want to %s, you must turn on the %s boolean. %s by default.
|
If you want to %s, you must turn on the %s boolean. %s by default.
|
||||||
|
|
||||||
@@ -565,34 +618,34 @@ If you want to %s, you must turn on the %s boolean. %s by default.
|
@@ -565,34 +568,34 @@ If you want to %s, you must turn on the %s boolean. %s by default.
|
||||||
|
|
||||||
.EE
|
.EE
|
||||||
""" % (self._format_boolean_desc(b), b, self.enabled_str[enabled], b)
|
""" % (self._format_boolean_desc(b), b, self.enabled_str[enabled], b)
|
||||||
|
@ -662019,7 +662014,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
If you want to %s for the %s, you must turn on the %s boolean.
|
If you want to %s for the %s, you must turn on the %s boolean.
|
||||||
|
|
||||||
@@ -601,12 +654,12 @@ If you want to %s for the %s, you must turn on the %s boolean.
|
@@ -601,12 +604,12 @@ If you want to %s for the %s, you must turn on the %s boolean.
|
||||||
.EE
|
.EE
|
||||||
""" % (self._format_boolean_desc(b),(", ".join(nsswitch_types)), b, b)
|
""" % (self._format_boolean_desc(b),(", ".join(nsswitch_types)), b, b)
|
||||||
|
|
||||||
|
@ -662036,7 +662031,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH PROCESS TYPES
|
.SH PROCESS TYPES
|
||||||
SELinux defines process types (domains) for each process running on the system
|
SELinux defines process types (domains) for each process running on the system
|
||||||
.PP
|
.PP
|
||||||
@@ -617,11 +670,11 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
@@ -617,11 +620,11 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
||||||
.PP
|
.PP
|
||||||
The following process types are defined for %(domainname)s:
|
The following process types are defined for %(domainname)s:
|
||||||
""" % {'domainname':self.domainname})
|
""" % {'domainname':self.domainname})
|
||||||
|
@ -662050,7 +662045,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
Note:
|
Note:
|
||||||
.B semanage permissive -a %(domainname)s_t
|
.B semanage permissive -a %(domainname)s_t
|
||||||
@@ -629,14 +682,14 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
@@ -629,14 +632,14 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
||||||
""" % {'domainname':self.domainname})
|
""" % {'domainname':self.domainname})
|
||||||
|
|
||||||
def _port_types(self):
|
def _port_types(self):
|
||||||
|
@ -662071,7 +662066,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH PORT TYPES
|
.SH PORT TYPES
|
||||||
SELinux defines port types to represent TCP and UDP ports.
|
SELinux defines port types to represent TCP and UDP ports.
|
||||||
.PP
|
.PP
|
||||||
@@ -650,8 +703,8 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
@@ -650,8 +653,8 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
||||||
.PP
|
.PP
|
||||||
The following port types are defined for %(domainname)s:""" % {'domainname':self.domainname})
|
The following port types are defined for %(domainname)s:""" % {'domainname':self.domainname})
|
||||||
|
|
||||||
|
@ -662082,7 +662077,7 @@ index ba15b2c..04f9799 100755
|
||||||
|
|
||||||
.EX
|
.EX
|
||||||
.TP 5
|
.TP 5
|
||||||
@@ -659,49 +712,52 @@ The following port types are defined for %(domainname)s:""" % {'domainname':self
|
@@ -659,49 +662,52 @@ The following port types are defined for %(domainname)s:""" % {'domainname':self
|
||||||
.TP 10
|
.TP 10
|
||||||
.EE
|
.EE
|
||||||
""" % p)
|
""" % p)
|
||||||
|
@ -662172,7 +662167,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH FILE CONTEXTS
|
.SH FILE CONTEXTS
|
||||||
SELinux requires files to have an extended attribute to define the file type.
|
SELinux requires files to have an extended attribute to define the file type.
|
||||||
.PP
|
.PP
|
||||||
@@ -712,13 +768,13 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
@@ -712,13 +718,13 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
||||||
.PP
|
.PP
|
||||||
""" % {'domainname':self.domainname})
|
""" % {'domainname':self.domainname})
|
||||||
|
|
||||||
|
@ -662190,7 +662185,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
%(domainname)s policy stores data with multiple different file context types under the %(equiv)s directory. If you would like to store the data in a different directory you can use the semanage command to create an equivalence mapping. If you wanted to store this data under the /srv dirctory you would execute the following command:
|
%(domainname)s policy stores data with multiple different file context types under the %(equiv)s directory. If you would like to store the data in a different directory you can use the semanage command to create an equivalence mapping. If you wanted to store this data under the /srv dirctory you would execute the following command:
|
||||||
.PP
|
.PP
|
||||||
@@ -728,25 +784,26 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
@@ -728,25 +734,26 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
||||||
.PP
|
.PP
|
||||||
""" % {'domainname':self.domainname, 'equiv': e, 'alt': e.split('/')[-1] })
|
""" % {'domainname':self.domainname, 'equiv': e, 'alt': e.split('/')[-1] })
|
||||||
|
|
||||||
|
@ -662223,7 +662218,7 @@ index ba15b2c..04f9799 100755
|
||||||
|
|
||||||
.EX
|
.EX
|
||||||
.PP
|
.PP
|
||||||
@@ -756,19 +813,19 @@ Note: SELinux often uses regular expressions to specify labels that match multip
|
@@ -756,19 +763,19 @@ Note: SELinux often uses regular expressions to specify labels that match multip
|
||||||
- %s
|
- %s
|
||||||
""" % ( f, sepolicy.get_description(f)))
|
""" % ( f, sepolicy.get_description(f)))
|
||||||
|
|
||||||
|
@ -662251,7 +662246,7 @@ index ba15b2c..04f9799 100755
|
||||||
|
|
||||||
.PP
|
.PP
|
||||||
Note: File context can be temporarily modified with the chcon command. If you want to permanently change the file context you need to use the
|
Note: File context can be temporarily modified with the chcon command. If you want to permanently change the file context you need to use the
|
||||||
@@ -779,19 +836,19 @@ to apply the labels.
|
@@ -779,19 +786,19 @@ to apply the labels.
|
||||||
""")
|
""")
|
||||||
|
|
||||||
def _see_also(self):
|
def _see_also(self):
|
||||||
|
@ -662282,7 +662277,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH SHARING FILES
|
.SH SHARING FILES
|
||||||
If you want to share files with multiple domains (Apache, FTP, rsync, Samba), you can set a file context of public_content_t and public_content_rw_t. These context allow any of the above domains to read the content. If you want a particular domain to write to the public_content_rw_t domain, you must set the appropriate boolean.
|
If you want to share files with multiple domains (Apache, FTP, rsync, Samba), you can set a file context of public_content_t and public_content_rw_t. These context allow any of the above domains to read the content. If you want a particular domain to write to the public_content_rw_t domain, you must set the appropriate boolean.
|
||||||
.TP
|
.TP
|
||||||
@@ -812,9 +869,9 @@ semanage fcontext -a -t public_content_rw_t "/var/%(domainname)s/incoming(/.*)?"
|
@@ -812,9 +819,9 @@ semanage fcontext -a -t public_content_rw_t "/var/%(domainname)s/incoming(/.*)?"
|
||||||
.br
|
.br
|
||||||
.B setsebool -P %(domainname)s_anon_write 1
|
.B setsebool -P %(domainname)s_anon_write 1
|
||||||
""" % {'domainname':self.domainname})
|
""" % {'domainname':self.domainname})
|
||||||
|
@ -662295,7 +662290,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
If you want to %s, you must turn on the %s boolean.
|
If you want to %s, you must turn on the %s boolean.
|
||||||
|
|
||||||
@@ -824,7 +881,7 @@ If you want to %s, you must turn on the %s boolean.
|
@@ -824,7 +831,7 @@ If you want to %s, you must turn on the %s boolean.
|
||||||
""" % (desc, b, b))
|
""" % (desc, b, b))
|
||||||
|
|
||||||
def _footer(self):
|
def _footer(self):
|
||||||
|
@ -662304,7 +662299,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH "COMMANDS"
|
.SH "COMMANDS"
|
||||||
.B semanage fcontext
|
.B semanage fcontext
|
||||||
can also be used to manipulate default file context mappings.
|
can also be used to manipulate default file context mappings.
|
||||||
@@ -836,19 +893,19 @@ can also be used to manipulate whether or not a process type is permissive.
|
@@ -836,19 +843,19 @@ can also be used to manipulate whether or not a process type is permissive.
|
||||||
can also be used to enable/disable/install/remove policy modules.
|
can also be used to enable/disable/install/remove policy modules.
|
||||||
""")
|
""")
|
||||||
|
|
||||||
|
@ -662329,7 +662324,7 @@ index ba15b2c..04f9799 100755
|
||||||
.PP
|
.PP
|
||||||
.B system-config-selinux
|
.B system-config-selinux
|
||||||
is a GUI tool available to customize SELinux policy settings.
|
is a GUI tool available to customize SELinux policy settings.
|
||||||
@@ -861,102 +918,102 @@ This manual page was auto-generated using
|
@@ -861,102 +868,102 @@ This manual page was auto-generated using
|
||||||
selinux(8), %s(8), semanage(8), restorecon(8), chcon(1), sepolicy(8)
|
selinux(8), %s(8), semanage(8), restorecon(8), chcon(1), sepolicy(8)
|
||||||
""" % (self.domainname))
|
""" % (self.domainname))
|
||||||
|
|
||||||
|
@ -662495,7 +662490,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH "NAME"
|
.SH "NAME"
|
||||||
%(user)s_u \- \fB%(desc)s\fP - Security Enhanced Linux Policy
|
%(user)s_u \- \fB%(desc)s\fP - Security Enhanced Linux Policy
|
||||||
|
|
||||||
@@ -989,22 +1046,22 @@ If you wanted to change the default user mapping to use the %(user)s_u user, you
|
@@ -989,22 +996,22 @@ If you wanted to change the default user mapping to use the %(user)s_u user, you
|
||||||
|
|
||||||
""" % {'desc': self.desc, 'type':self.type, 'user':self.domainname,'range':self._get_users_range()})
|
""" % {'desc': self.desc, 'type':self.type, 'user':self.domainname,'range':self._get_users_range()})
|
||||||
|
|
||||||
|
@ -662526,7 +662521,7 @@ index ba15b2c..04f9799 100755
|
||||||
The SELinux user %(user)s can execute sudo.
|
The SELinux user %(user)s can execute sudo.
|
||||||
|
|
||||||
You can set up sudo to allow %(user)s to transition to an administrative domain:
|
You can set up sudo to allow %(user)s to transition to an administrative domain:
|
||||||
@@ -1012,14 +1069,14 @@ You can set up sudo to allow %(user)s to transition to an administrative domain:
|
@@ -1012,14 +1019,14 @@ You can set up sudo to allow %(user)s to transition to an administrative domain:
|
||||||
Add one or more of the following record to sudoers using visudo.
|
Add one or more of the following record to sudoers using visudo.
|
||||||
|
|
||||||
""" % { 'user':self.domainname } )
|
""" % { 'user':self.domainname } )
|
||||||
|
@ -662544,7 +662539,7 @@ index ba15b2c..04f9799 100755
|
||||||
You might also need to add one or more of these new roles to your SELinux user record.
|
You might also need to add one or more of these new roles to your SELinux user record.
|
||||||
|
|
||||||
List the SELinux roles your SELinux user can reach by executing:
|
List the SELinux roles your SELinux user can reach by executing:
|
||||||
@@ -1033,104 +1090,104 @@ Modify the roles list and add %(user)s_r to this list.
|
@@ -1033,104 +1040,104 @@ Modify the roles list and add %(user)s_r to this list.
|
||||||
For more details you can see semanage man page.
|
For more details you can see semanage man page.
|
||||||
|
|
||||||
""" % {'user':self.domainname, "roles": " ".join([role] + self.role_allows[role]) } )
|
""" % {'user':self.domainname, "roles": " ".join([role] + self.role_allows[role]) } )
|
||||||
|
@ -662691,7 +662686,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH TRANSITIONS
|
.SH TRANSITIONS
|
||||||
|
|
||||||
Three things can happen when %(type)s attempts to execute a program.
|
Three things can happen when %(type)s attempts to execute a program.
|
||||||
@@ -1143,7 +1200,7 @@ Three things can happen when %(type)s attempts to execute a program.
|
@@ -1143,7 +1150,7 @@ Three things can happen when %(type)s attempts to execute a program.
|
||||||
|
|
||||||
Execute the following to see the types that the SELinux user %(type)s can execute without transitioning:
|
Execute the following to see the types that the SELinux user %(type)s can execute without transitioning:
|
||||||
|
|
||||||
|
@ -662700,7 +662695,7 @@ index ba15b2c..04f9799 100755
|
||||||
|
|
||||||
.TP
|
.TP
|
||||||
|
|
||||||
@@ -1151,15 +1208,15 @@ Execute the following to see the types that the SELinux user %(type)s can execut
|
@@ -1151,15 +1158,15 @@ Execute the following to see the types that the SELinux user %(type)s can execut
|
||||||
|
|
||||||
Execute the following to see the types that the SELinux user %(type)s can execute and transition:
|
Execute the following to see the types that the SELinux user %(type)s can execute and transition:
|
||||||
|
|
||||||
|
@ -662721,7 +662716,7 @@ index ba15b2c..04f9799 100755
|
||||||
.SH "NAME"
|
.SH "NAME"
|
||||||
%(user)s_r \- \fB%(desc)s\fP - Security Enhanced Linux Policy
|
%(user)s_r \- \fB%(desc)s\fP - Security Enhanced Linux Policy
|
||||||
|
|
||||||
@@ -1201,21 +1258,21 @@ You need to add %(user)s_r to the staff_u user. You could setup the staff_u use
|
@@ -1201,21 +1208,21 @@ You need to add %(user)s_r to the staff_u user. You could setup the staff_u use
|
||||||
.B $ semanage user -m -R 'staff_r system_r %(user)s_r' staff_u
|
.B $ semanage user -m -R 'staff_r system_r %(user)s_r' staff_u
|
||||||
|
|
||||||
""" % {'desc': self.desc, 'user':self.domainname})
|
""" % {'desc': self.desc, 'user':self.domainname})
|
||||||
|
|
|
@ -18,6 +18,7 @@ Source2: policycoreutils_man_ru2.tar.bz2
|
||||||
Source3: system-config-selinux.png
|
Source3: system-config-selinux.png
|
||||||
Source4: sepolicy-icons.tgz
|
Source4: sepolicy-icons.tgz
|
||||||
# use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/
|
# use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/
|
||||||
|
# https://github.com/fedora-selinux/selinux/commit/2f23ca54e96a0c1465fbfb0f83196beca0fedccf
|
||||||
Patch: policycoreutils-rhat.patch
|
Patch: policycoreutils-rhat.patch
|
||||||
Patch1: sepolgen-rhat.patch
|
Patch1: sepolgen-rhat.patch
|
||||||
Obsoletes: policycoreutils < 2.0.61-2
|
Obsoletes: policycoreutils < 2.0.61-2
|
||||||
|
|
Loading…
Reference in New Issue