Fix handling of sepolicy network sorting.
- Additional interfaces needed for sepolicy gui
This commit is contained in:
Dan Walsh
parent
39c0a6ec6a
commit
305ae476dd
|
|
@ -250089,7 +250089,7 @@ index b6abdf5..c05c943 100644
|
|||
Generate an additional HTML man pages for the specified domain(s).
|
||||
|
||||
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
|
||||
index b25d3b2..a0b262b 100755
|
||||
index b25d3b2..9b29b39 100755
|
||||
--- a/policycoreutils/sepolicy/sepolicy.py
|
||||
+++ b/policycoreutils/sepolicy/sepolicy.py
|
||||
@@ -22,6 +22,8 @@
|
||||
|
|
@ -250169,7 +250169,7 @@ index b25d3b2..a0b262b 100755
|
|||
newval = getattr(namespace, self.dest)
|
||||
if not newval:
|
||||
newval = []
|
||||
@@ -140,19 +165,40 @@ class CheckPolicyType(argparse.Action):
|
||||
@@ -140,27 +165,65 @@ class CheckPolicyType(argparse.Action):
|
||||
|
||||
class CheckUser(argparse.Action):
|
||||
def __call__(self, parser, namespace, value, option_string=None):
|
||||
|
|
@ -250205,6 +250205,19 @@ index b25d3b2..a0b262b 100755
|
|||
+ usage_text = _(usage_text)
|
||||
+
|
||||
+ return usage_text
|
||||
+
|
||||
+def numcmp(val1,val2):
|
||||
+ try:
|
||||
+ v1 = int(val1.split(",")[0].split("-")[0])
|
||||
+ v2 = int(val2.split(",")[0].split("-")[0])
|
||||
+ if v1 > v2:
|
||||
+ return 1
|
||||
+ if v1 == v2:
|
||||
+ return 0
|
||||
+ if v1 < v2:
|
||||
+ return -1
|
||||
+ except:
|
||||
+ return cmp(val1,val2)
|
||||
+
|
||||
def _print_net(src, protocol, perm):
|
||||
- from sepolicy.network import get_network_connect
|
||||
|
|
@ -250213,9 +250226,15 @@ index b25d3b2..a0b262b 100755
|
|||
+ portdict = sepolicy.network.get_network_connect(src, protocol, perm)
|
||||
if len(portdict) > 0:
|
||||
print "%s: %s %s" % (src, protocol, perm)
|
||||
+ port_strings=[]
|
||||
for p in portdict:
|
||||
@@ -160,7 +206,7 @@ def _print_net(src, protocol, perm):
|
||||
print "\t" + recs
|
||||
- for recs in portdict[p]:
|
||||
- print "\t" + recs
|
||||
+ for t, recs in portdict[p]:
|
||||
+ port_strings.append(", ".join(recs))
|
||||
+ port_strings.sort(numcmp)
|
||||
+ for p in port_strings:
|
||||
+ print "\t" + p
|
||||
|
||||
def network(args):
|
||||
- from sepolicy.network import portrecsbynum, portrecs, get_network_connect
|
||||
|
|
@ -250223,7 +250242,7 @@ index b25d3b2..a0b262b 100755
|
|||
if args.list_ports:
|
||||
all_ports = []
|
||||
for i in portrecs:
|
||||
@@ -201,41 +247,41 @@ def manpage(args):
|
||||
@@ -201,41 +264,41 @@ def manpage(args):
|
||||
from sepolicy.manpage import ManPage, HTMLManPages, manpage_domains, manpage_roles, gen_domains
|
||||
|
||||
path = args.path
|
||||
|
|
@ -250288,7 +250307,7 @@ index b25d3b2..a0b262b 100755
|
|||
|
||||
def gen_network_args(parser):
|
||||
net = parser.add_parser("network",
|
||||
@@ -283,7 +329,6 @@ def gen_communicate_args(parser):
|
||||
@@ -283,7 +346,6 @@ def gen_communicate_args(parser):
|
||||
comm.set_defaults(func=communicate)
|
||||
|
||||
def booleans(args):
|
||||
|
|
@ -250296,7 +250315,7 @@ index b25d3b2..a0b262b 100755
|
|||
from sepolicy import boolean_desc
|
||||
if args.all:
|
||||
rc, args.booleans = selinux.security_get_boolean_names()
|
||||
@@ -300,6 +345,7 @@ def gen_booleans_args(parser):
|
||||
@@ -300,6 +362,7 @@ def gen_booleans_args(parser):
|
||||
action="store_true",
|
||||
help=_("get all booleans descriptions"))
|
||||
group.add_argument("-b", "--boolean", dest="booleans", nargs="+",
|
||||
|
|
@ -250304,7 +250323,7 @@ index b25d3b2..a0b262b 100755
|
|||
help=_("boolean to get description"))
|
||||
bools.set_defaults(func=booleans)
|
||||
|
||||
@@ -319,22 +365,49 @@ def gen_transition_args(parser):
|
||||
@@ -319,22 +382,49 @@ def gen_transition_args(parser):
|
||||
help=_("target process domain"))
|
||||
trans.set_defaults(func=transition)
|
||||
|
||||
|
|
@ -250363,7 +250382,7 @@ index b25d3b2..a0b262b 100755
|
|||
if not args.command:
|
||||
raise ValueError(_("Command required for this type of policy"))
|
||||
cmd = os.path.realpath(args.command)
|
||||
@@ -346,8 +419,18 @@ def generate(args):
|
||||
@@ -346,8 +436,18 @@ def generate(args):
|
||||
mypolicy.set_program(cmd)
|
||||
|
||||
if args.types:
|
||||
|
|
@ -250382,7 +250401,7 @@ index b25d3b2..a0b262b 100755
|
|||
for p in args.writepaths:
|
||||
if os.path.isdir(p):
|
||||
mypolicy.add_dir(p)
|
||||
@@ -366,20 +449,34 @@ def generate(args):
|
||||
@@ -366,20 +466,34 @@ def generate(args):
|
||||
def gen_interface_args(parser):
|
||||
itf = parser.add_parser("interface",
|
||||
help=_('List SELinux Policy interfaces'))
|
||||
|
|
@ -250420,7 +250439,7 @@ index b25d3b2..a0b262b 100755
|
|||
help=_('Generate SELinux Policy module template'))
|
||||
pol.add_argument("-d", "--domain", dest="domain", default=[],
|
||||
action=CheckDomain, nargs="*",
|
||||
@@ -397,53 +494,57 @@ def gen_generate_args(parser):
|
||||
@@ -397,53 +511,57 @@ def gen_generate_args(parser):
|
||||
help=argparse.SUPPRESS)
|
||||
pol.add_argument("-t", "--type", dest="types", default=[], nargs="*",
|
||||
action=CheckType,
|
||||
|
|
@ -250504,7 +250523,7 @@ index b25d3b2..a0b262b 100755
|
|||
pol.set_defaults(func=generate)
|
||||
|
||||
if __name__ == '__main__':
|
||||
@@ -461,11 +562,17 @@ if __name__ == '__main__':
|
||||
@@ -461,11 +579,17 @@ if __name__ == '__main__':
|
||||
gen_transition_args(subparsers)
|
||||
|
||||
try:
|
||||
|
|
@ -250524,7 +250543,7 @@ index b25d3b2..a0b262b 100755
|
|||
except KeyboardInterrupt:
|
||||
sys.exit(0)
|
||||
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
|
||||
index 5e7415c..92a6b88 100644
|
||||
index 5e7415c..3a5391e 100644
|
||||
--- a/policycoreutils/sepolicy/sepolicy/__init__.py
|
||||
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
|
||||
@@ -7,6 +7,9 @@ import _policy
|
||||
|
|
@ -250537,7 +250556,7 @@ index 5e7415c..92a6b88 100644
|
|||
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
||||
gettext.textdomain(PROGNAME)
|
||||
try:
|
||||
@@ -37,9 +40,75 @@ CLASS = 'class'
|
||||
@@ -37,9 +40,116 @@ CLASS = 'class'
|
||||
TRANSITION = 'transition'
|
||||
ROLE_ALLOW = 'role_allow'
|
||||
|
||||
|
|
@ -250563,6 +250582,39 @@ index 5e7415c..92a6b88 100644
|
|||
+ dict_list = filter(lambda x: _dict_has_perms(x, perms), dict_list)
|
||||
+ return dict_list
|
||||
+
|
||||
+def get_types_from_attribute(attribute):
|
||||
+ return info(ATTRIBUTE,attribute)[0]["types"]
|
||||
+
|
||||
+def get_writable_files(setype):
|
||||
+ all_attributes = get_all_attributes()
|
||||
+ all_writes = []
|
||||
+ mpaths = {}
|
||||
+ permlist = search([ALLOW],{'source':setype, 'permlist':['open', 'write'], 'class':'file'})
|
||||
+ if permlist == None or len(permlist) == 0:
|
||||
+ return mpaths
|
||||
+
|
||||
+ fcdict = get_fcdict()
|
||||
+
|
||||
+ attributes = ["proc_type", "sysctl_type"]
|
||||
+ for i in permlist:
|
||||
+ if i['target'] in attributes:
|
||||
+ continue
|
||||
+ if i['target'].endswith("_t"):
|
||||
+ if i['target'] not in all_writes:
|
||||
+ if i['target'] != setype:
|
||||
+ all_writes.append(i['target'])
|
||||
+ else:
|
||||
+ for t in get_types_from_attribute(i['target']):
|
||||
+ if t not in all_writes:
|
||||
+ all_writes.append(t)
|
||||
+
|
||||
+ for f in all_writes:
|
||||
+ try:
|
||||
+ mpaths[f] = fcdict[f]
|
||||
+ except KeyError:
|
||||
+ mpaths[f] = []
|
||||
+ return mpaths
|
||||
+
|
||||
+fcdict=None
|
||||
+def get_fcdict(fc_path = selinux.selinux_file_context_path()):
|
||||
+ global fcdict
|
||||
|
|
@ -250601,6 +250653,14 @@ index 5e7415c..92a6b88 100644
|
|||
+ entrypoints = map(lambda x: x['target'], search([ALLOW],{'source':setype, 'permlist':['entrypoint'], 'class':'file'}))
|
||||
+ return entrypoints
|
||||
+
|
||||
+def get_init_entrypoint_target(entrypoint):
|
||||
+ try:
|
||||
+ entrypoints = map(lambda x: x['transtype'], search([TRANSITION],{'source':"init_t", 'target':entrypoint, 'class':'process'}))
|
||||
+ return entrypoints[0]
|
||||
+ except TypeError:
|
||||
+ pass
|
||||
+ return None
|
||||
+
|
||||
+def get_all_entrypoints(setype):
|
||||
+ fcdict = get_fcdict()
|
||||
+ mpaths = {}
|
||||
|
|
@ -250615,7 +250675,7 @@ index 5e7415c..92a6b88 100644
|
|||
policies = glob.glob ("%s.*" % path )
|
||||
policies.sort()
|
||||
return policies[-1]
|
||||
@@ -47,6 +116,27 @@ def __get_installed_policy():
|
||||
@@ -47,6 +157,27 @@ def __get_installed_policy():
|
||||
pass
|
||||
raise ValueError(_("No SELinux Policy installed"))
|
||||
|
||||
|
|
@ -250643,7 +250703,7 @@ index 5e7415c..92a6b88 100644
|
|||
all_types = None
|
||||
def get_all_types():
|
||||
global all_types
|
||||
@@ -54,6 +144,13 @@ def get_all_types():
|
||||
@@ -54,6 +185,13 @@ def get_all_types():
|
||||
all_types = map(lambda x: x['name'], info(TYPE))
|
||||
return all_types
|
||||
|
||||
|
|
@ -250657,7 +250717,7 @@ index 5e7415c..92a6b88 100644
|
|||
role_allows = None
|
||||
def get_all_role_allows():
|
||||
global role_allows
|
||||
@@ -71,6 +168,7 @@ def get_all_role_allows():
|
||||
@@ -71,6 +209,7 @@ def get_all_role_allows():
|
||||
return role_allows
|
||||
|
||||
def get_all_entrypoint_domains():
|
||||
|
|
@ -250665,7 +250725,7 @@ index 5e7415c..92a6b88 100644
|
|||
all_domains = []
|
||||
types=get_all_types()
|
||||
types.sort()
|
||||
@@ -81,11 +179,54 @@ def get_all_entrypoint_domains():
|
||||
@@ -81,11 +220,54 @@ def get_all_entrypoint_domains():
|
||||
all_domains.append(m[0])
|
||||
return all_domains
|
||||
|
||||
|
|
@ -250721,7 +250781,7 @@ index 5e7415c..92a6b88 100644
|
|||
return all_domains
|
||||
|
||||
roles = None
|
||||
@@ -139,50 +280,62 @@ def get_all_attributes():
|
||||
@@ -139,50 +321,92 @@ def get_all_attributes():
|
||||
return all_attributes
|
||||
|
||||
def policy(policy_file):
|
||||
|
|
@ -250786,6 +250846,36 @@ index 5e7415c..92a6b88 100644
|
|||
-def info(setype, name=None):
|
||||
- dict_list = _policy.info(setype, name)
|
||||
- return dict_list
|
||||
+def gen_short_name(setype):
|
||||
+ all_domains = get_all_domains()
|
||||
+ if setype.endswith("_t"):
|
||||
+ domainname = setype[:-2]
|
||||
+ else:
|
||||
+ domainname = setype
|
||||
+ if domainname + "_t" not in all_domains:
|
||||
+ raise ValueError("domain %s_t does not exist" % domainname)
|
||||
+ if domainname[-1]=='d':
|
||||
+ short_name = domainname[:-1] + "_"
|
||||
+ else:
|
||||
+ short_name = domainname + "_"
|
||||
+ return (domainname, short_name)
|
||||
+
|
||||
+def get_bools(setype):
|
||||
+ bools = []
|
||||
+ domainbools = []
|
||||
+ domainname, short_name = gen_short_name(setype)
|
||||
+ for i in map(lambda x: x['boolean'], filter(lambda x: 'boolean' in x, search([ALLOW],{'source' : setype}))):
|
||||
+ for b in i:
|
||||
+ if not isinstance(b,tuple):
|
||||
+ continue
|
||||
+ if b[0].startswith(short_name) or b[0].startswith(domainname):
|
||||
+ if b not in domainbools and (b[0], not b[1]) not in domainbools:
|
||||
+ domainbools.append(b)
|
||||
+ else:
|
||||
+ if b not in bools and (b[0], not b[1]) not in bools:
|
||||
+ bools.append(b)
|
||||
+ return (domainbools, bools)
|
||||
+
|
||||
+booleans = None
|
||||
+def get_all_booleans():
|
||||
+ global booleans
|
||||
|
|
@ -250809,7 +250899,7 @@ index 5e7415c..92a6b88 100644
|
|||
def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
|
||||
global booleans_dict
|
||||
if booleans_dict:
|
||||
@@ -191,7 +344,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
|
||||
@@ -191,7 +415,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
|
||||
import re
|
||||
booleans_dict = {}
|
||||
try:
|
||||
|
|
@ -251242,7 +251332,7 @@ index 8b063ca..c7dac62 100644
|
|||
+ else:
|
||||
+ sys.stderr.write(_("\nCompiling of %s interface is not supported." % interface))
|
||||
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||
index 25062da..cc5467f 100755
|
||||
index 25062da..086f2a7 100755
|
||||
--- a/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||
+++ b/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||
@@ -28,12 +28,12 @@ import string
|
||||
|
|
@ -251299,7 +251389,7 @@ index 25062da..cc5467f 100755
|
|||
|
||||
class HTMLManPages:
|
||||
"""
|
||||
@@ -416,40 +414,33 @@ class ManPage:
|
||||
@@ -416,56 +414,42 @@ class ManPage:
|
||||
"""
|
||||
Generate a Manpage on an SELinux domain in the specified path
|
||||
"""
|
||||
|
|
@ -251357,16 +251447,15 @@ index 25062da..cc5467f 100755
|
|||
+ self.xmlpath = self.root + "/usr/share/selinux/devel/policy.xml"
|
||||
self.booleans_dict = gen_bool_dict(self.xmlpath)
|
||||
|
||||
if domainname.endswith("_t"):
|
||||
@@ -459,13 +450,16 @@ class ManPage:
|
||||
|
||||
if self.domainname + "_t" not in self.all_domains:
|
||||
raise ValueError("domain %s_t does not exist" % self.domainname)
|
||||
- if domainname.endswith("_t"):
|
||||
- self.domainname = domainname[:-2]
|
||||
- else:
|
||||
- self.domainname = domainname
|
||||
-
|
||||
- if self.domainname + "_t" not in self.all_domains:
|
||||
- raise ValueError("domain %s_t does not exist" % self.domainname)
|
||||
- self.short_name = self.domainname
|
||||
+ if self.domainname[-1]=='d':
|
||||
+ self.short_name = self.domainname[:-1] + "_"
|
||||
+ else:
|
||||
+ self.short_name = self.domainname + "_"
|
||||
+ self.domainname, self.short_name = gen_short_name(domainname)
|
||||
|
||||
self.type = self.domainname + "_t"
|
||||
self._gen_bools()
|
||||
|
|
@ -251377,7 +251466,7 @@ index 25062da..cc5467f 100755
|
|||
self.__gen_user_man_page()
|
||||
if self.html:
|
||||
manpage_roles.append(self.man_page_path)
|
||||
@@ -483,16 +477,23 @@ class ManPage:
|
||||
@@ -483,16 +467,16 @@ class ManPage:
|
||||
def _gen_bools(self):
|
||||
self.bools=[]
|
||||
self.domainbools=[]
|
||||
|
|
@ -251398,20 +251487,13 @@ index 25062da..cc5467f 100755
|
|||
+ types.append(t+"_t")
|
||||
+
|
||||
+ for t in types:
|
||||
+ for i in map(lambda x: x['boolean'], filter(lambda x: 'boolean' in x, sepolicy.search([sepolicy.ALLOW],{'source' : t }))):
|
||||
+ for b in i:
|
||||
+ if not isinstance(b,tuple):
|
||||
+ continue
|
||||
+ if b[0].startswith(self.short_name) or b[0].startswith(self.domainname):
|
||||
+ if b not in self.domainbools and (b[0], not b[1]) not in self.domainbools:
|
||||
+ self.domainbools.append(b)
|
||||
+ else:
|
||||
+ if b not in self.bools and (b[0], not b[1]) not in self.bools:
|
||||
+ self.bools.append(b)
|
||||
+ domainbools, bools = get_bools(t)
|
||||
+ self.bools += bools
|
||||
+ self.domainbools += bools
|
||||
|
||||
self.bools.sort()
|
||||
self.domainbools.sort()
|
||||
@@ -538,9 +539,6 @@ class ManPage:
|
||||
@@ -538,9 +522,6 @@ class ManPage:
|
||||
print path
|
||||
|
||||
def __gen_man_page(self):
|
||||
|
|
@ -251421,7 +251503,7 @@ index 25062da..cc5467f 100755
|
|||
self.anon_list = []
|
||||
|
||||
self.attributes = {}
|
||||
@@ -563,22 +561,11 @@ class ManPage:
|
||||
@@ -563,22 +544,11 @@ class ManPage:
|
||||
|
||||
def _get_ptypes(self):
|
||||
for f in self.all_domains:
|
||||
|
|
@ -251447,7 +251529,7 @@ index 25062da..cc5467f 100755
|
|||
% {'domainname':self.domainname, 'date': time.strftime("%y-%m-%d")})
|
||||
self.fd.write(r"""
|
||||
.SH "NAME"
|
||||
@@ -774,7 +761,7 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
||||
@@ -774,7 +744,7 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
||||
def _port_types(self):
|
||||
self.ports = []
|
||||
for f in self.all_port_types:
|
||||
|
|
@ -251456,7 +251538,7 @@ index 25062da..cc5467f 100755
|
|||
self.ports.append(f)
|
||||
|
||||
if len(self.ports) == 0:
|
||||
@@ -923,13 +910,12 @@ to apply the labels.
|
||||
@@ -923,13 +893,12 @@ to apply the labels.
|
||||
|
||||
def _see_also(self):
|
||||
ret = ""
|
||||
|
|
@ -251472,7 +251554,7 @@ index 25062da..cc5467f 100755
|
|||
ret += ", %s_selinux(8)" % d
|
||||
self.fd.write(ret)
|
||||
|
||||
@@ -947,13 +933,14 @@ semanage fcontext -a -t public_content_t "/var/%(domainname)s(/.*)?"
|
||||
@@ -947,13 +916,14 @@ semanage fcontext -a -t public_content_t "/var/%(domainname)s(/.*)?"
|
||||
.B restorecon -F -R -v /var/%(domainname)s
|
||||
.pp
|
||||
.TP
|
||||
|
|
@ -251489,7 +251571,7 @@ index 25062da..cc5467f 100755
|
|||
""" % {'domainname':self.domainname})
|
||||
for b in self.anon_list:
|
||||
desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
|
||||
@@ -998,12 +985,11 @@ is a GUI tool available to customize SELinux policy settings.
|
||||
@@ -998,12 +968,11 @@ is a GUI tool available to customize SELinux policy settings.
|
||||
|
||||
.SH AUTHOR
|
||||
This manual page was auto-generated using
|
||||
|
|
@ -251504,7 +251586,7 @@ index 25062da..cc5467f 100755
|
|||
|
||||
if self.booltext != "":
|
||||
self.fd.write(", setsebool(8)")
|
||||
@@ -1230,6 +1216,7 @@ The SELinux user %s_u is not able to terminal login.
|
||||
@@ -1230,6 +1199,7 @@ The SELinux user %s_u is not able to terminal login.
|
||||
""" % self.domainname)
|
||||
|
||||
def _network(self):
|
||||
|
|
@ -251513,7 +251595,7 @@ index 25062da..cc5467f 100755
|
|||
.SH NETWORK
|
||||
""")
|
||||
diff --git a/policycoreutils/sepolicy/sepolicy/network.py b/policycoreutils/sepolicy/sepolicy/network.py
|
||||
index 66efe26..a446d68 100755
|
||||
index 66efe26..739afa9 100755
|
||||
--- a/policycoreutils/sepolicy/sepolicy/network.py
|
||||
+++ b/policycoreutils/sepolicy/sepolicy/network.py
|
||||
@@ -25,27 +25,6 @@ import sepolicy
|
||||
|
|
@ -251552,6 +251634,28 @@ index 66efe26..a446d68 100755
|
|||
d={}
|
||||
tlist = get_types(src, "%s_socket" % protocol, [perm])
|
||||
if len(tlist) > 0:
|
||||
@@ -77,16 +57,16 @@ def get_network_connect(src, protocol, perm):
|
||||
if "port_t" in tlist:
|
||||
continue
|
||||
if i == "port_t":
|
||||
- d[(src,protocol,perm)].append("all ports with out defined types")
|
||||
+ d[(src,protocol,perm)].append((i, ["all ports with out defined types"]))
|
||||
elif i == "unreserved_port_type":
|
||||
- d[(src,protocol,perm)].append("%s: all ports > 1024" % i)
|
||||
+ d[(src,protocol,perm)].append((i, ["all ports > 1024"]))
|
||||
elif i == "reserved_port_type":
|
||||
- d[(src,protocol,perm)].append("%s: all ports < 1024" % i)
|
||||
+ d[(src,protocol,perm)].append((i, ["all ports < 1024"]))
|
||||
elif i == "rpc_port_type":
|
||||
- d[(src,protocol,perm)].append("%s: all ports > 500 and < 1024" % i)
|
||||
+ d[(src,protocol,perm)].append((i, ["all ports > 500 and < 1024"]))
|
||||
else:
|
||||
try:
|
||||
- d[(src,protocol,perm)].append("%s: %s" % (i, ",".join(portrecs[(i, protocol)])))
|
||||
+ d[(src,protocol,perm)].append((i, portrecs[(i, protocol)]))
|
||||
except KeyError:
|
||||
pass
|
||||
return d
|
||||
diff --git a/policycoreutils/sepolicy/sepolicy/templates/script.py b/policycoreutils/sepolicy/sepolicy/templates/script.py
|
||||
index c139070..c79738b 100644
|
||||
--- a/policycoreutils/sepolicy/sepolicy/templates/script.py
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.1.14
|
||||
Release: 51%{?dist}
|
||||
Release: 52%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
# Based on git repository with tag 20101221
|
||||
|
|
@ -311,6 +311,10 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||
%systemd_postun_with_restart restorecond.service
|
||||
|
||||
%changelog
|
||||
* Mon Jun 17 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-52
|
||||
- Fix handling of sepolicy network sorting.
|
||||
- Additional interfaces needed for sepolicy gui
|
||||
|
||||
* Thu Jun 6 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-51
|
||||
- Fix handling of semanage args
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue