rpms
/
policycoreutils
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix selinux-polgengui, get_all_modules call

This commit is contained in:
Dan Walsh 2013-11-20 09:19:24 -05:00
parent 50cb89c077
commit 934834e6cb
1 changed files with 178 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

237
policycoreutils-rhat.patch
View File

@ -982,11 +982,105 @@ index 9ff0766..a52863e 100644
+ except subprocess.CalledProcessError as e:
+ self.error(e.output)
+ self.ready()
diff --git a/policycoreutils/gui/polgen.glade b/policycoreutils/gui/polgen.glade
index 37c1472..9854fb2 100644
--- a/policycoreutils/gui/polgen.glade
+++ b/policycoreutils/gui/polgen.glade
@@ -758,7 +758,7 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
- <signal name="clicked" handler="on_exec_select_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_exec_select_clicked"/>
</widget>
<packing>
<property name="left_attach">2</property>
@@ -840,7 +840,7 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
- <signal name="clicked" handler="on_init_script_select_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_init_script_select_clicked" />
</widget>
<packing>
<property name="left_attach">2</property>
@@ -1983,7 +1983,7 @@ Tab</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
- <signal name="clicked" handler="on_add_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_add_clicked" />
<child>
<widget class="GtkAlignment" id="alignment6">
<property name="visible">True</property>
@@ -2036,7 +2036,7 @@ Tab</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
- <signal name="clicked" handler="on_add_dir_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_add_dir_clicked" />
<child>
<widget class="GtkAlignment" id="alignment5">
<property name="visible">True</property>
@@ -2091,7 +2091,7 @@ Tab</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_stock">True</property>
- <signal name="clicked" handler="on_delete_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_delete_clicked" />
<accelerator key="Delete" signal="clicked"/>
</widget>
<packing>
@@ -2188,7 +2188,7 @@ Tab</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
- <signal name="clicked" handler="on_add_boolean_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_add_boolean_clicked" />
<child>
<widget class="GtkAlignment" id="alignment1">
<property name="visible">True</property>
@@ -2243,7 +2243,7 @@ Tab</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_stock">True</property>
- <signal name="clicked" handler="on_delete_boolean_clicked" swapped="no"/>
+ <signal name="clicked" handler="on_delete_boolean_clicked" />
<accelerator key="Delete" signal="clicked"/>
</widget>
<packing>
@@ -2414,7 +2414,7 @@ Tab</property>
<property name="can_default">True</property>
<property name="receives_default">False</property>
<property name="use_stock">True</property>
- <signal name="activate" handler="on_cancel_activate" swapped="no"/>
+ <signal name="activate" handler="on_cancel_activate" />
</widget>
<packing>
<property name="expand">False</property>
@@ -2430,7 +2430,7 @@ Tab</property>
<property name="can_default">True</property>
<property name="receives_default">False</property>
<property name="use_stock">True</property>
- <signal name="activate" handler="on_back_activate" swapped="no"/>
+ <signal name="activate" handler="on_back_activate" />
</widget>
<packing>
<property name="expand">False</property>
@@ -2446,7 +2446,7 @@ Tab</property>
<property name="can_default">True</property>
<property name="receives_default">False</property>
<property name="use_stock">True</property>
- <signal name="activate" handler="on_forward_activate" swapped="no"/>
+ <signal name="activate" handler="on_forward_activate" />
</widget>
<packing>
<property name="expand">False</property>
diff --git a/policycoreutils/gui/polgengui.py b/policycoreutils/gui/polgengui.py
index 0f0e564..ab2b9c5 100644
index 0f0e564..1b88c47 100644
--- a/policycoreutils/gui/polgengui.py
+++ b/policycoreutils/gui/polgengui.py
@@ -30,25 +30,29 @@ import gnome
@@ -30,29 +30,15 @@ import gnome
import sys
try:
from sepolicy import generate
@ -1002,10 +1096,8 @@ index 0f0e564..ab2b9c5 100644
import re
def get_all_modules():
+ all_modules = []
+ cmd = "semodule -l 2>/dev/null"
try:
-def get_all_modules():
- try:
- all_modules = []
- rc, output=commands.getstatusoutput("semodule -l 2>/dev/null")
- if rc == 0:
@ -1014,20 +1106,14 @@ index 0f0e564..ab2b9c5 100644
- all_modules.append(i.split()[0])
- except:
- pass
+ output = subprocess.check_output(cmd,
+ stderr=subprocess.STDOUT,
+ shell=True)
+ l = output.split("\n")
+ for i in l:
+ all_modules.append(i.split()[0])
+
+ except subprocess.CalledProcessError as e:
+ self.error(e.output)
+ self.ready()
return all_modules
@@ -67,8 +71,8 @@ try:
-
- return all_modules
-
-
##
## I18N
##
@@ -67,8 +53,8 @@ try:
unicode=False,
codeset = 'utf-8')
except IOError:
@ -1038,8 +1124,12 @@ index 0f0e564..ab2b9c5 100644
gnome.program_init("SELinux Policy Generation Tool", "5")
@@ -194,7 +198,7 @@ class childWindow:
self.all_modules = get_all_modules()
@@ -191,10 +177,10 @@ class childWindow:
try:
self.all_types = generate.get_all_types()
- self.all_modules = get_all_modules()
+ self.all_modules = sepolicy.get_all_modules()
self.all_roles = generate.get_all_roles()
self.all_users = generate.get_all_users()
- except RuntimeError, e:
@ -1047,7 +1137,7 @@ index 0f0e564..ab2b9c5 100644
self.all_types = []
self.all_modules = []
self.all_roles = []
@@ -262,7 +266,7 @@ class childWindow:
@@ -262,7 +248,7 @@ class childWindow:
self.out_udp_entry = self.xml.get_widget("out_udp_entry")
self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
@ -1056,7 +1146,7 @@ index 0f0e564..ab2b9c5 100644
b.connect("clicked",self.network_all_clicked)
self.boolean_treeview = self.xml.get_widget("boolean_treeview")
@@ -333,7 +337,7 @@ class childWindow:
@@ -333,7 +319,7 @@ class childWindow:
for a in sepolicy.interface.get_admin():
iter = self.admin_store.append()
self.admin_store.set_value(iter, 0, a)
@ -1065,7 +1155,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
def confine_application(self):
@@ -519,7 +523,7 @@ class childWindow:
@@ -519,7 +505,7 @@ class childWindow:
self.info(my_policy.generate(outputdir))
return False
@ -1074,7 +1164,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
def delete(self, args):
@@ -687,7 +691,7 @@ class childWindow:
@@ -687,7 +673,7 @@ class childWindow:
try:
generate.verify_ports(self.in_tcp_entry.get_text())
generate.verify_ports(self.in_udp_entry.get_text())
@ -1083,7 +1173,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
return True
@@ -695,7 +699,7 @@ class childWindow:
@@ -695,7 +681,7 @@ class childWindow:
try:
generate.verify_ports(self.out_tcp_entry.get_text())
generate.verify_ports(self.out_udp_entry.get_text())
@ -1092,7 +1182,7 @@ index 0f0e564..ab2b9c5 100644
self.error(e.message)
return True
@@ -734,12 +738,12 @@ class childWindow:
@@ -734,12 +720,12 @@ class childWindow:
policy.set_program(exe)
policy.gen_writeable()
policy.gen_symbols()
@ -259690,10 +259780,10 @@ index 74fb347..adb6ca5 100755
+ print("Out")
sys.exit(0)
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
index fd95c16..e7607fd 100644
index fd95c16..7ef8adf 100644
--- a/policycoreutils/sepolicy/sepolicy/__init__.py
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
@@ -3,7 +3,7 @@
@@ -3,23 +3,27 @@
# Author: Dan Walsh <dwalsh@redhat.com>
# Author: Ryan Hallisey <rhallise@redhat.com>
@ -259702,7 +259792,11 @@ index fd95c16..e7607fd 100644
import selinux, glob
PROGNAME="policycoreutils"
import gettext
@@ -14,12 +14,15 @@ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
import sepolgen.defaults as defaults
import sepolgen.interfaces as interfaces
import sys
+import subprocess
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
try:
gettext.install(PROGNAME,
@ -259722,7 +259816,7 @@ index fd95c16..e7607fd 100644
TYPE = _policy.TYPE
ROLE = _policy.ROLE
@@ -28,6 +31,8 @@ PORT = _policy.PORT
@@ -28,6 +32,8 @@ PORT = _policy.PORT
USER = _policy.USER
BOOLEAN = _policy.BOOLEAN
TCLASS = _policy.CLASS
@ -259731,7 +259825,7 @@ index fd95c16..e7607fd 100644
ALLOW = 'allow'
AUDITALLOW = 'auditallow'
@@ -59,7 +64,7 @@ def search(types, info = {}):
@@ -59,7 +65,7 @@ def search(types, info = {}):
dict_list = _policy.search(seinfo)
if dict_list and len(perms) != 0:
@ -259740,7 +259834,7 @@ index fd95c16..e7607fd 100644
return dict_list
def get_conditionals(src,dest,tclass,perm):
@@ -75,7 +80,7 @@ def get_conditionals(src,dest,tclass,perm):
@@ -75,7 +81,7 @@ def get_conditionals(src,dest,tclass,perm):
allows=[]
allows.append(i)
try:
@ -259749,7 +259843,7 @@ index fd95c16..e7607fd 100644
tdict.update({'source':i['source'],'boolean':i['boolean']})
if tdict not in tlist:
tlist.append(tdict)
@@ -86,8 +91,8 @@ def get_conditionals(src,dest,tclass,perm):
@@ -86,8 +92,8 @@ def get_conditionals(src,dest,tclass,perm):
return (tlist)
def get_conditionals_format_text(cond):
@ -259760,7 +259854,33 @@ index fd95c16..e7607fd 100644
def get_types_from_attribute(attribute):
return info(ATTRIBUTE,attribute)[0]["types"]
@@ -141,6 +146,9 @@ def get_writable_files(setype):
@@ -112,6 +118,25 @@ trans_file_type_str["-s"] = "s"
trans_file_type_str["-l"] = "l"
trans_file_type_str["-p"] = "p"
+def get_all_modules():
+ all_modules = []
+ cmd = "semodule -l 2>/dev/null"
+ try:
+ output = subprocess.check_output(cmd,
+ stderr=subprocess.STDOUT,
+ shell=True)
+ l = output.split("\n")
+
+ except subprocess.CalledProcessError as e:
+ from .sedbus import SELinuxDBus
+ l = SELinuxDBus().semodule_list().split("\n")
+
+ for i in l:
+ if len(i):
+ all_modules.append(i.split()[0])
+
+ return all_modules
+
def get_file_types(setype):
flist=[]
mpaths={}
@@ -141,6 +166,9 @@ def get_writable_files(setype):
for i in permlist:
if i['target'] in attributes:
continue
@ -259770,7 +259890,7 @@ index fd95c16..e7607fd 100644
if i['target'].endswith("_t"):
if i['target'] not in file_types:
continue
@@ -166,7 +174,7 @@ def find_file(reg):
@@ -166,7 +194,7 @@ def find_file(reg):
try:
pat = re.compile(r"%s$" % reg)
except:
@ -259779,7 +259899,7 @@ index fd95c16..e7607fd 100644
return []
p = reg
if p.endswith("(/.*)?"):
@@ -178,19 +186,19 @@ def find_file(reg):
@@ -178,19 +206,19 @@ def find_file(reg):
if path[-1] != "/": # is pass in it breaks without try block
path += "/"
except IndexError:
@ -259802,7 +259922,7 @@ index fd95c16..e7607fd 100644
if exe.endswith("_exec_t") and exe not in exclude_list:
for path in executable_files[exe]:
for f in find_file(path):
@@ -218,7 +226,7 @@ def read_file_equiv(edict, fc_path, modify):
@@ -218,7 +246,7 @@ def read_file_equiv(edict, fc_path, modify):
f = e.split()
edict[f[0]] = { "equiv" : f[1], "modify" : modify }
return edict
@ -259811,7 +259931,7 @@ index fd95c16..e7607fd 100644
file_equiv_modified=None
def get_file_equiv_modified(fc_path = selinux.selinux_file_context_path()):
global file_equiv_modified
@@ -236,7 +244,7 @@ def get_file_equiv(fc_path = selinux.selinux_file_context_path()):
@@ -236,7 +264,7 @@ def get_file_equiv(fc_path = selinux.selinux_file_context_path()):
file_equiv = get_file_equiv_modified(fc_path)
file_equiv = read_file_equiv(file_equiv, fc_path + ".subs_dist", modify = False)
return file_equiv
@ -259820,7 +259940,7 @@ index fd95c16..e7607fd 100644
local_files=None
def get_local_file_paths(fc_path = selinux.selinux_file_context_path()):
global local_files
@@ -306,7 +314,7 @@ def get_fcdict(fc_path = selinux.selinux_file_context_path()):
@@ -306,7 +334,7 @@ def get_fcdict(fc_path = selinux.selinux_file_context_path()):
def get_transitions_into(setype):
try:
@ -259829,7 +259949,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return None
@@ -320,7 +328,7 @@ def get_transitions(setype):
@@ -320,7 +348,7 @@ def get_transitions(setype):
def get_file_transitions(setype):
try:
@ -259838,7 +259958,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return None
@@ -344,7 +352,7 @@ def get_all_entrypoints():
@@ -344,7 +372,7 @@ def get_all_entrypoints():
def get_entrypoint_types(setype):
entrypoints = []
try:
@ -259847,7 +259967,7 @@ index fd95c16..e7607fd 100644
except TypeError:
pass
return entrypoints
@@ -352,7 +360,7 @@ def get_entrypoint_types(setype):
@@ -352,7 +380,7 @@ def get_entrypoint_types(setype):
def get_init_transtype(path):
entrypoint = selinux.getfilecon(path)[1].split(":")[2]
try:
@ -259856,7 +259976,7 @@ index fd95c16..e7607fd 100644
if len(entrypoints) == 0:
return None
return entrypoints[0]["transtype"]
@@ -362,7 +370,7 @@ def get_init_transtype(path):
@@ -362,7 +390,7 @@ def get_init_transtype(path):
def get_init_entrypoint(transtype):
try:
@ -259865,7 +259985,7 @@ index fd95c16..e7607fd 100644
if len(entrypoints) == 0:
return None
return entrypoints[0]["target"]
@@ -372,7 +380,7 @@ def get_init_entrypoint(transtype):
@@ -372,7 +400,7 @@ def get_init_entrypoint(transtype):
def get_init_entrypoint_target(entrypoint):
try:
@ -259874,7 +259994,7 @@ index fd95c16..e7607fd 100644
return entrypoints[0]
except TypeError:
pass
@@ -410,7 +418,7 @@ def get_methods():
@@ -410,7 +438,7 @@ def get_methods():
# List of per_role_template interfaces
ifs = interfaces.InterfaceSet()
ifs.from_file(fd)
@ -259883,7 +260003,7 @@ index fd95c16..e7607fd 100644
fd.close()
except:
sys.stderr.write("could not open interface info [%s]\n" % fn)
@@ -423,7 +431,7 @@ all_types = None
@@ -423,7 +451,7 @@ all_types = None
def get_all_types():
global all_types
if all_types == None:
@ -259892,16 +260012,15 @@ index fd95c16..e7607fd 100644
return all_types
user_types = None
@@ -465,7 +473,7 @@ portrecs = None
@@ -465,7 +493,6 @@ portrecs = None
portrecsbynum = None
def gen_interfaces():
- import commands
+ import subprocess
ifile = defaults.interface_info()
headers = defaults.headers()
rebuild = False
@@ -477,7 +485,9 @@ def gen_interfaces():
@@ -477,7 +504,9 @@ def gen_interfaces():
if os.getuid() != 0:
raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
@ -259912,7 +260031,7 @@ index fd95c16..e7607fd 100644
def gen_port_dict():
global portrecs
@@ -511,12 +521,26 @@ def get_all_domains():
@@ -511,12 +540,26 @@ def get_all_domains():
all_domains = info(ATTRIBUTE,"domain")[0]["types"]
return all_domains
@ -259940,7 +260059,7 @@ index fd95c16..e7607fd 100644
roles.remove("object_r")
roles.sort()
return roles
@@ -549,7 +573,7 @@ def get_login_mappings():
@@ -549,7 +592,7 @@ def get_login_mappings():
return login_mappings
def get_all_users():
@ -259949,7 +260068,7 @@ index fd95c16..e7607fd 100644
users.sort()
return users
@@ -697,7 +721,7 @@ all_attributes = None
@@ -697,7 +740,7 @@ all_attributes = None
def get_all_attributes():
global all_attributes
if not all_attributes:
@ -259958,7 +260077,7 @@ index fd95c16..e7607fd 100644
return all_attributes
def policy(policy_file):
@@ -727,7 +751,7 @@ def policy(policy_file):
@@ -727,7 +770,7 @@ def policy(policy_file):
try:
policy_file = get_installed_policy()
policy(policy_file)
@ -259967,7 +260086,7 @@ index fd95c16..e7607fd 100644
if selinux.is_selinux_enabled() == 1:
raise e
@@ -755,7 +779,7 @@ def get_bools(setype):
@@ -755,7 +798,7 @@ def get_bools(setype):
bools = []
domainbools = []
domainname, short_name = gen_short_name(setype)
@ -259976,7 +260095,7 @@ index fd95c16..e7607fd 100644
for b in i:
if not isinstance(b,tuple):
continue
@@ -818,7 +842,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
@@ -818,7 +861,7 @@ def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
desc = i.find("desc").find("p").text.strip("\n")
desc = re.sub("\n", " ", desc)
booleans_dict[i.get('name')] = ("global", i.get('dftval'), desc)
@ -259985,7 +260104,7 @@ index fd95c16..e7607fd 100644
pass
return booleans_dict
@@ -841,12 +865,13 @@ def get_os_version():
@@ -841,12 +884,13 @@ def get_os_version():
os_version = ""
pkg_name = "selinux-policy"
try:
@ -260005,7 +260124,7 @@ index fd95c16..e7607fd 100644
if os_version[0:2] == "fc":
os_version = "Fedora"+os_version[2:]
@@ -868,7 +893,7 @@ def reinit():
@@ -868,7 +912,7 @@ def reinit():
global file_types
global local_files
global methods