* Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> 2.0.52-6

- Fix boolean handling
- Upgrade to latest sepolgen
- Update po patch
This commit is contained in:
Daniel J Walsh 2008-07-29 19:49:46 +00:00
parent d769e7d333
commit b151130909
5 changed files with 3091 additions and 2993 deletions

File diff suppressed because it is too large Load Diff

View File

@ -1,15 +1,15 @@
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.52/Makefile
--- nsapolicycoreutils/Makefile 2008-06-12 23:25:24.000000000 -0400
+++ policycoreutils-2.0.52/Makefile 2008-07-09 08:44:40.000000000 -0400
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.52/Makefile
--- nsapolicycoreutils/Makefile 2008-07-02 17:19:34.000000000 -0400
+++ policycoreutils-2.0.52/Makefile 2008-07-29 15:48:03.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.52/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2008-06-12 23:25:21.000000000 -0400
+++ policycoreutils-2.0.52/restorecond/restorecond.c 2008-07-09 08:44:40.000000000 -0400
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.52/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2008-07-02 17:19:34.000000000 -0400
+++ policycoreutils-2.0.52/restorecond/restorecond.c 2008-07-29 15:48:03.000000000 -0400
@@ -210,9 +210,10 @@
}
@ -36,12 +36,21 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
}
free(scontext);
close(fd);
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.52/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-07-02 17:19:15.000000000 -0400
+++ policycoreutils-2.0.52/semanage/semanage 2008-07-09 08:44:58.000000000 -0400
@@ -51,7 +51,7 @@
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.52/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-07-02 17:19:34.000000000 -0400
+++ policycoreutils-2.0.52/semanage/semanage 2008-07-29 15:48:20.000000000 -0400
@@ -45,13 +45,13 @@
def usage(message = ""):
print _("""
semanage {boolean|login|user|port|interface|fcontext|translation} -{l|D} [-n]
-semanage login -{a|d|m} [-sr] login_name
-semanage user -{a|d|m} [-LrRP] selinux_name
+semanage login -{a|d|m} [-srF] login_name | login_file
+semanage user -{a|d|m} [-LrRPF] selinux_name | user_file
semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
semanage interface -{a|d|m} [-tr] interface_spec
semanage fcontext -{a|d|m} [-frst] file_spec
-semanage fcontext -{a|d|m} [-frst] file_spec
+semanage fcontext -{a|d|m} [-frstF] file_spec | fcontext_file
semanage translation -{a|d|m} [-T] level
-semanage boolean -{d|m} boolean
+semanage boolean -{d|m} [-F] boolean | boolean_file
@ -56,7 +65,22 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
-p, --proto Port protocol (tcp or udp)
-P, --prefix Prefix for home directory labeling
-L, --level Default SELinux Level (MLS/MCS Systems only)
@@ -114,7 +115,7 @@
@@ -102,19 +103,19 @@
valid_option={}
valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ]
valid_option["login"] = []
- valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
+ valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range', "-F", "--file"]
valid_option["user"] = []
- valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ]
+ valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix', "-F", "--file"]
valid_option["port"] = []
valid_option["port"] += valid_everyone + [ '-t', '--type', '-r', '--range', '-p', '--proto' ]
valid_option["interface"] = []
valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
valid_option["fcontext"] = []
- valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
+ valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range', "-F", "--file"]
valid_option["translation"] = []
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = []
@ -65,9 +89,12 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
valid_option["permissive"] = []
valid_option["permissive"] += [ '-a', '--add', '-d', '--delete', '-l', '--list', '-h', '--help', '-n', '--noheading', '-D', '--deleteall' ]
return valid_option
@@ -136,13 +137,14 @@
@@ -134,15 +135,16 @@
setrans = ""
roles = ""
seuser = ""
prefix = ""
- prefix = ""
+ prefix = "user"
heading=1
- value=0
- add = 0
@ -156,10 +183,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
if o == "--on" or o == "-1":
- value = 1
+ value = True
if o == "-off" or o == "-0":
- if o == "-off" or o == "-0":
- value = 0
+ value = False
+ value = "on"
+ if o == "--off" or o == "-0":
+ value = "off"
if object == "login":
OBJECT = seobject.loginRecords(store)
@ -175,12 +203,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
sys.exit(0);
if deleteall:
@@ -298,8 +308,6 @@
rlist = roles.split()
if len(rlist) == 0:
raise ValueError(_("You must specify a role"))
@@ -295,11 +305,9 @@
OBJECT.add(target, setrans)
if object == "user":
- rlist = roles.split()
- if len(rlist) == 0:
- raise ValueError(_("You must specify a role"))
- if prefix == "":
- raise ValueError(_("You must specify a prefix"))
+ rlist = []
+ if not use_file:
+ rlist = roles.split()
OBJECT.add(target, rlist, selevel, serange, prefix)
if object == "port":
@ -193,9 +227,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
if object == "login":
OBJECT.modify(target, seuser, serange)
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.52/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-07-02 17:19:15.000000000 -0400
+++ policycoreutils-2.0.52/semanage/semanage.8 2008-07-09 08:44:40.000000000 -0400
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.52/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-07-02 17:19:34.000000000 -0400
+++ policycoreutils-2.0.52/semanage/semanage.8 2008-07-29 15:48:03.000000000 -0400
@@ -3,9 +3,9 @@
semanage \- SELinux Policy Management tool
@ -230,9 +264,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
.I \-t, \-\-type
SELinux Type for the object
.TP
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.52/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2008-07-02 17:19:15.000000000 -0400
+++ policycoreutils-2.0.52/semanage/seobject.py 2008-07-09 08:55:45.000000000 -0400
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.52/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2008-07-02 17:19:34.000000000 -0400
+++ policycoreutils-2.0.52/semanage/seobject.py 2008-07-29 15:48:15.000000000 -0400
@@ -330,20 +330,15 @@
for name in dirs:
os.rmdir(os.path.join(root, name))
@ -256,7 +290,20 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
def deleteall(self):
l = self.get_all()
if len(l) > 0:
@@ -1447,54 +1442,72 @@
@@ -567,7 +562,11 @@
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
- def add(self, name, roles, selevel, serange, prefix):
+ def add(self, name, roles, selevel, serange, prefix, use_file = False):
+
+ if len(roles) == 0:
+ raise ValueError(_("You must specify a role"))
+
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
@@ -1447,54 +1446,72 @@
class booleanRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@ -363,7 +410,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
(rc,exists) = semanage_bool_exists(self.sh, k)
if rc < 0:
raise ValueError(_("Could not check if boolean %s is defined") % name)
@@ -1571,8 +1584,15 @@
@@ -1571,8 +1588,15 @@
else:
return _("unknown")

View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.49/sepolgen-1.0.12/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2008-06-12 23:25:26.000000000 -0400
+++ policycoreutils-2.0.49/sepolgen-1.0.12/src/sepolgen/refparser.py 2008-06-27 07:21:06.000000000 -0400
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.49/sepolgen-1.0.13/src/sepolgen/refparser.py
--- nsasepolgen/src/sepolgen/refparser.py 2008-06-13 23:25:26.000000000 -0400
+++ policycoreutils-2.0.49/sepolgen-1.0.13/src/sepolgen/refparser.py 2008-06-27 07:21:06.000000000 -0400
@@ -919,7 +919,7 @@
def list_headers(root):
modules = []

View File

@ -2,11 +2,11 @@
%define libsepolver 2.0.19-1
%define libsemanagever 2.0.5-1
%define libselinuxver 2.0.46-5
%define sepolgenver 1.0.12
%define sepolgenver 1.0.13
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.52
Release: 5%{?dist}
Release: 6%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -192,6 +192,11 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
* Tue Jul 29 2008 Dan Walsh <dwalsh@redhat.com> 2.0.52-6
- Fix boolean handling
- Upgrade to latest sepolgen
- Update po patch
* Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> 2.0.52-5
- Additial cleanup of boolean handling for semanage

View File

@ -1,2 +1,2 @@
4813a1ed80f19068ed9897165f073e8b sepolgen-1.0.12.tgz
b6756a012c26f414e4a5f8f438ce2188 sepolgen-1.0.13.tgz
311e95b3374fe1993fb91a303b6675b2 policycoreutils-2.0.52.tgz