* Tue Mar 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.81-2
- Fix semanage handling of boolean options - Update translations
This commit is contained in:
parent
fde59fdf8d
commit
cc1f471500
@ -215,3 +215,4 @@ policycoreutils-2.0.78.tgz
|
|||||||
sepolgen-1.0.19.tgz
|
sepolgen-1.0.19.tgz
|
||||||
policycoreutils-2.0.79.tgz
|
policycoreutils-2.0.79.tgz
|
||||||
policycoreutils-2.0.80.tgz
|
policycoreutils-2.0.80.tgz
|
||||||
|
policycoreutils-2.0.81.tgz
|
||||||
|
151179
policycoreutils-po.patch
151179
policycoreutils-po.patch
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,6 @@
|
|||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.80/audit2allow/audit2allow
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.81/audit2allow/audit2allow
|
||||||
--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
|
--- nsapolicycoreutils/audit2allow/audit2allow 2010-03-12 09:34:56.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/audit2allow/audit2allow 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/audit2allow/audit2allow 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -28,6 +28,7 @@
|
@@ -28,6 +28,7 @@
|
||||||
import sepolgen.defaults as defaults
|
import sepolgen.defaults as defaults
|
||||||
import sepolgen.module as module
|
import sepolgen.module as module
|
||||||
@ -18,17 +18,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
|
parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
|
||||||
help="read input from audit log - conflicts with -i")
|
help="read input from audit log - conflicts with -i")
|
||||||
parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
|
parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
|
||||||
@@ -58,6 +61,9 @@
|
@@ -83,11 +86,11 @@
|
||||||
help="generate a module package - conflicts with -o and -m")
|
|
||||||
parser.add_option("-o", "--output", dest="output",
|
|
||||||
help="append output to <filename>, conflicts with -M")
|
|
||||||
+ parser.add_option("-D", "--dontaudit", action="store_true",
|
|
||||||
+ dest="dontaudit", default=False,
|
|
||||||
+ help="generate policy with dontaudit rules")
|
|
||||||
parser.add_option("-R", "--reference", action="store_true", dest="refpolicy",
|
|
||||||
default=True, help="generate refpolicy style output")
|
|
||||||
|
|
||||||
@@ -80,11 +86,11 @@
|
|
||||||
options, args = parser.parse_args()
|
options, args = parser.parse_args()
|
||||||
|
|
||||||
# Make -d, -a, and -i conflict
|
# Make -d, -a, and -i conflict
|
||||||
@ -43,7 +33,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
if options.input is not None and options.dmesg is True:
|
if options.input is not None and options.dmesg is True:
|
||||||
sys.stderr.write("error: --input conflicts with --dmesg\n")
|
sys.stderr.write("error: --input conflicts with --dmesg\n")
|
||||||
|
|
||||||
@@ -129,6 +135,12 @@
|
@@ -132,6 +135,12 @@
|
||||||
except OSError, e:
|
except OSError, e:
|
||||||
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
|
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
@ -56,21 +46,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
else:
|
else:
|
||||||
# This is the default if no input is specified
|
# This is the default if no input is specified
|
||||||
f = sys.stdin
|
f = sys.stdin
|
||||||
@@ -153,11 +165,11 @@
|
@@ -223,63 +232,44 @@
|
||||||
def __process_input(self):
|
|
||||||
if self.__options.type:
|
|
||||||
avcfilter = audit.AVCTypeFilter(self.__options.type)
|
|
||||||
- self.__avs = self.__parser.to_access(avcfilter)
|
|
||||||
+ self.__avs = self.__parser.to_access(avcfilter, dontaudit=self.__options.dontaudit)
|
|
||||||
csfilter = audit.ComputeSidTypeFilter(self.__options.type)
|
|
||||||
self.__role_types = self.__parser.to_role(csfilter)
|
|
||||||
else:
|
|
||||||
- self.__avs = self.__parser.to_access()
|
|
||||||
+ self.__avs = self.__parser.to_access(dontaudit=self.__options.dontaudit)
|
|
||||||
self.__role_types = self.__parser.to_role()
|
|
||||||
|
|
||||||
def __load_interface_info(self):
|
|
||||||
@@ -220,63 +232,44 @@
|
|
||||||
|
|
||||||
def __output_audit2why(self):
|
def __output_audit2why(self):
|
||||||
import selinux
|
import selinux
|
||||||
@ -146,51 +122,25 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
print "\t\tMissing role allow rule.\n"
|
print "\t\tMissing role allow rule.\n"
|
||||||
print "\t\tAdd an allow rule for the role pair.\n"
|
print "\t\tAdd an allow rule for the role pair.\n"
|
||||||
continue
|
continue
|
||||||
@@ -344,5 +337,6 @@
|
@@ -349,5 +339,6 @@
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
+ audit2why.init()
|
+ audit2why.init()
|
||||||
app = AuditToPolicy()
|
app = AuditToPolicy()
|
||||||
app.main()
|
app.main()
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.80/audit2allow/audit2allow.1
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.81/Makefile
|
||||||
--- nsapolicycoreutils/audit2allow/audit2allow.1 2009-02-18 16:44:47.000000000 -0500
|
|
||||||
+++ policycoreutils-2.0.80/audit2allow/audit2allow.1 2010-03-08 13:26:05.000000000 -0500
|
|
||||||
@@ -25,10 +25,10 @@
|
|
||||||
.TH AUDIT2ALLOW "1" "January 2005" "Security Enhanced Linux" NSA
|
|
||||||
.SH NAME
|
|
||||||
.BR audit2allow
|
|
||||||
- \- generate SELinux policy allow rules from logs of denied operations
|
|
||||||
+\- generate SELinux policy allow/dontaudit rules from logs of denied operations
|
|
||||||
|
|
||||||
.BR audit2why
|
|
||||||
- \- translates SELinux audit messages into a description of why the access was denied (audit2allow -w)
|
|
||||||
+\- translates SELinux audit messages into a description of why the access was denied (audit2allow -w)
|
|
||||||
|
|
||||||
.SH SYNOPSIS
|
|
||||||
.B audit2allow
|
|
||||||
@@ -44,6 +44,9 @@
|
|
||||||
Note that all audit messages are not available via dmesg when
|
|
||||||
auditd is running; use "ausearch -m avc | audit2allow" or "-a" instead.
|
|
||||||
.TP
|
|
||||||
+.B "\-D" | "\-\-dontaudit"
|
|
||||||
+Generate dontaudit rules (Default: allow)
|
|
||||||
+.TP
|
|
||||||
.B "\-h" | "\-\-help"
|
|
||||||
Print a short usage message
|
|
||||||
.TP
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.80/Makefile
|
|
||||||
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
|
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/Makefile 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/Makefile 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
||||||
+SUBDIRS = setfiles semanage semanage/default_encoding load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
+SUBDIRS = setfiles semanage semanage/default_encoding load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
||||||
|
|
||||||
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.80/newrole/newrole.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.81/newrole/newrole.c
|
||||||
--- nsapolicycoreutils/newrole/newrole.c 2010-02-16 12:33:05.000000000 -0500
|
--- nsapolicycoreutils/newrole/newrole.c 2010-02-16 12:33:05.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/newrole/newrole.c 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/newrole/newrole.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -1334,6 +1334,9 @@
|
@@ -1334,6 +1334,9 @@
|
||||||
|
|
||||||
if (send_audit_message(1, old_context, new_context, ttyn))
|
if (send_audit_message(1, old_context, new_context, ttyn))
|
||||||
@ -201,9 +151,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
#ifdef NAMESPACE_PRIV
|
#ifdef NAMESPACE_PRIV
|
||||||
if (transition_to_caller_uid())
|
if (transition_to_caller_uid())
|
||||||
goto err_close_pam_session;
|
goto err_close_pam_session;
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.80/restorecond/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.81/restorecond/Makefile
|
||||||
--- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/Makefile 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/Makefile 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -1,17 +1,28 @@
|
@@ -1,17 +1,28 @@
|
||||||
# Installation directories.
|
# Installation directories.
|
||||||
PREFIX ?= ${DESTDIR}/usr
|
PREFIX ?= ${DESTDIR}/usr
|
||||||
@ -250,16 +200,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
relabel: install
|
relabel: install
|
||||||
/sbin/restorecon $(SBINDIR)/restorecond
|
/sbin/restorecon $(SBINDIR)/restorecond
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.80/restorecond/org.selinux.Restorecond.service
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.81/restorecond/org.selinux.Restorecond.service
|
||||||
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/restorecond/org.selinux.Restorecond.service 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/org.selinux.Restorecond.service 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,3 @@
|
@@ -0,0 +1,3 @@
|
||||||
+[D-BUS Service]
|
+[D-BUS Service]
|
||||||
+Name=org.selinux.Restorecond
|
+Name=org.selinux.Restorecond
|
||||||
+Exec=/usr/sbin/restorecond -u
|
+Exec=/usr/sbin/restorecond -u
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-2.0.80/restorecond/restorecond.8
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-2.0.81/restorecond/restorecond.8
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.8 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.8 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.8 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.8 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -3,7 +3,7 @@
|
@@ -3,7 +3,7 @@
|
||||||
restorecond \- daemon that watches for file creation and then sets the default SELinux file context
|
restorecond \- daemon that watches for file creation and then sets the default SELinux file context
|
||||||
|
|
||||||
@ -294,9 +244,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
.BR restorecon (8),
|
.BR restorecon (8),
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.80/restorecond/restorecond.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.81/restorecond/restorecond.c
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.c 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -30,9 +30,11 @@
|
@@ -30,9 +30,11 @@
|
||||||
* and makes sure that there security context matches the systems defaults
|
* and makes sure that there security context matches the systems defaults
|
||||||
*
|
*
|
||||||
@ -803,9 +753,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
}
|
}
|
||||||
+
|
+
|
||||||
+
|
+
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.80/restorecond/restorecond.conf
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.81/restorecond/restorecond.conf
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.conf 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.conf 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -4,8 +4,5 @@
|
@@ -4,8 +4,5 @@
|
||||||
/etc/mtab
|
/etc/mtab
|
||||||
/var/run/utmp
|
/var/run/utmp
|
||||||
@ -816,9 +766,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
/root/.ssh/*
|
/root/.ssh/*
|
||||||
-
|
-
|
||||||
-
|
-
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.80/restorecond/restorecond.desktop
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.81/restorecond/restorecond.desktop
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.desktop 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.desktop 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,7 @@
|
@@ -0,0 +1,7 @@
|
||||||
+[Desktop Entry]
|
+[Desktop Entry]
|
||||||
+Name=File Context maintainer
|
+Name=File Context maintainer
|
||||||
@ -827,9 +777,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+Encoding=UTF-8
|
+Encoding=UTF-8
|
||||||
+Type=Application
|
+Type=Application
|
||||||
+StartupNotify=false
|
+StartupNotify=false
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.80/restorecond/restorecond.h
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.81/restorecond/restorecond.h
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.h 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.h 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -24,7 +24,22 @@
|
@@ -24,7 +24,22 @@
|
||||||
#ifndef RESTORED_CONFIG_H
|
#ifndef RESTORED_CONFIG_H
|
||||||
#define RESTORED_CONFIG_H
|
#define RESTORED_CONFIG_H
|
||||||
@ -855,9 +805,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+extern int watch_list_isempty();
|
+extern int watch_list_isempty();
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.80/restorecond/restorecond.init
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.81/restorecond/restorecond.init
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.init 2009-08-20 15:49:21.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.init 2009-08-20 15:49:21.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond.init 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond.init 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -75,16 +75,15 @@
|
@@ -75,16 +75,15 @@
|
||||||
status restorecond
|
status restorecond
|
||||||
RETVAL=$?
|
RETVAL=$?
|
||||||
@ -877,15 +827,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
exit $RETVAL
|
exit $RETVAL
|
||||||
-
|
-
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.80/restorecond/restorecond_user.conf
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.81/restorecond/restorecond_user.conf
|
||||||
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/restorecond/restorecond_user.conf 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/restorecond_user.conf 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,2 @@
|
@@ -0,0 +1,2 @@
|
||||||
+~/*
|
+~/*
|
||||||
+~/public_html/*
|
+~/public_html/*
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.80/restorecond/user.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.81/restorecond/user.c
|
||||||
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/restorecond/user.c 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/user.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,239 @@
|
@@ -0,0 +1,239 @@
|
||||||
+/*
|
+/*
|
||||||
+ * restorecond
|
+ * restorecond
|
||||||
@ -1126,9 +1076,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ return 0;
|
+ return 0;
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.80/restorecond/watch.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.81/restorecond/watch.c
|
||||||
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/restorecond/watch.c 2010-03-11 17:15:03.000000000 -0500
|
+++ policycoreutils-2.0.81/restorecond/watch.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,260 @@
|
@@ -0,0 +1,260 @@
|
||||||
+#define _GNU_SOURCE
|
+#define _GNU_SOURCE
|
||||||
+#include <sys/inotify.h>
|
+#include <sys/inotify.h>
|
||||||
@ -1390,17 +1340,17 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ if (master_wd == -1)
|
+ if (master_wd == -1)
|
||||||
+ exitApp("Error watching config file.");
|
+ exitApp("Error watching config file.");
|
||||||
+}
|
+}
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/basicwrapper policycoreutils-2.0.80/sandbox/deliverables/basicwrapper
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/basicwrapper policycoreutils-2.0.81/sandbox/deliverables/basicwrapper
|
||||||
--- nsapolicycoreutils/sandbox/deliverables/basicwrapper 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/deliverables/basicwrapper 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/deliverables/basicwrapper 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/deliverables/basicwrapper 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,4 @@
|
@@ -0,0 +1,4 @@
|
||||||
+import os, sys
|
+import os, sys
|
||||||
+SANDBOX_ARGS = ['-f%s' % os.environ['_CONDOR_SCRATCH_DIR']]
|
+SANDBOX_ARGS = ['-f%s' % os.environ['_CONDOR_SCRATCH_DIR']]
|
||||||
+SANDBOX_ARGS.extend(sys.argv[1::])
|
+SANDBOX_ARGS.extend(sys.argv[1::])
|
||||||
+os.execv('/usr/bin/sandbox',SANDBOX_ARGS)
|
+os.execv('/usr/bin/sandbox',SANDBOX_ARGS)
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/README policycoreutils-2.0.80/sandbox/deliverables/README
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/README policycoreutils-2.0.81/sandbox/deliverables/README
|
||||||
--- nsapolicycoreutils/sandbox/deliverables/README 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/deliverables/README 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/deliverables/README 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/deliverables/README 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,32 @@
|
@@ -0,0 +1,32 @@
|
||||||
+Files:
|
+Files:
|
||||||
+run-in-sandbox.py:
|
+run-in-sandbox.py:
|
||||||
@ -1434,9 +1384,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+
|
+
|
||||||
+Thanks for a great summer.
|
+Thanks for a great summer.
|
||||||
+Chris Pardy
|
+Chris Pardy
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py policycoreutils-2.0.80/sandbox/deliverables/run-in-sandbox.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py policycoreutils-2.0.81/sandbox/deliverables/run-in-sandbox.py
|
||||||
--- nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/deliverables/run-in-sandbox.py 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/deliverables/run-in-sandbox.py 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,49 @@
|
@@ -0,0 +1,49 @@
|
||||||
+import os
|
+import os
|
||||||
+import os.path
|
+import os.path
|
||||||
@ -1487,9 +1437,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ def get_background_items(self, window, file):
|
+ def get_background_items(self, window, file):
|
||||||
+ return
|
+ return
|
||||||
+
|
+
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/sandbox policycoreutils-2.0.80/sandbox/deliverables/sandbox
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/sandbox policycoreutils-2.0.81/sandbox/deliverables/sandbox
|
||||||
--- nsapolicycoreutils/sandbox/deliverables/sandbox 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/deliverables/sandbox 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/deliverables/sandbox 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/deliverables/sandbox 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,216 @@
|
@@ -0,0 +1,216 @@
|
||||||
+#!/usr/bin/python -E
|
+#!/usr/bin/python -E
|
||||||
+import os, sys, getopt, socket, random, fcntl, shutil
|
+import os, sys, getopt, socket, random, fcntl, shutil
|
||||||
@ -1707,9 +1657,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+
|
+
|
||||||
+ sys.exit(rc)
|
+ sys.exit(rc)
|
||||||
+
|
+
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.80/sandbox/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.81/sandbox/Makefile
|
||||||
--- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/Makefile 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/Makefile 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,41 @@
|
@@ -0,0 +1,41 @@
|
||||||
+# Installation directories.
|
+# Installation directories.
|
||||||
+PREFIX ?= ${DESTDIR}/usr
|
+PREFIX ?= ${DESTDIR}/usr
|
||||||
@ -1752,9 +1702,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ ../../scripts/Lindent $(wildcard *.[ch])
|
+ ../../scripts/Lindent $(wildcard *.[ch])
|
||||||
+
|
+
|
||||||
+relabel:
|
+relabel:
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.80/sandbox/sandbox
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.81/sandbox/sandbox
|
||||||
--- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/sandbox 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/sandbox 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,415 @@
|
@@ -0,0 +1,415 @@
|
||||||
+#! /usr/bin/python -E
|
+#! /usr/bin/python -E
|
||||||
+# Authors: Dan Walsh <dwalsh@redhat.com>
|
+# Authors: Dan Walsh <dwalsh@redhat.com>
|
||||||
@ -2171,9 +2121,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ rc = 0
|
+ rc = 0
|
||||||
+
|
+
|
||||||
+ sys.exit(rc)
|
+ sys.exit(rc)
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.80/sandbox/sandbox.8
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.81/sandbox/sandbox.8
|
||||||
--- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/sandbox.8 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/sandbox.8 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,50 @@
|
@@ -0,0 +1,50 @@
|
||||||
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
|
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
|
||||||
+.SH NAME
|
+.SH NAME
|
||||||
@ -2225,15 +2175,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+.TP
|
+.TP
|
||||||
+runcon(1)
|
+runcon(1)
|
||||||
+.PP
|
+.PP
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.config policycoreutils-2.0.80/sandbox/sandbox.config
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.config policycoreutils-2.0.81/sandbox/sandbox.config
|
||||||
--- nsapolicycoreutils/sandbox/sandbox.config 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/sandbox.config 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/sandbox.config 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/sandbox.config 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,2 @@
|
@@ -0,0 +1,2 @@
|
||||||
+# Space separate list of homedirs
|
+# Space separate list of homedirs
|
||||||
+HOMEDIRS="/home"
|
+HOMEDIRS="/home"
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.init policycoreutils-2.0.80/sandbox/sandbox.init
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.init policycoreutils-2.0.81/sandbox/sandbox.init
|
||||||
--- nsapolicycoreutils/sandbox/sandbox.init 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/sandbox.init 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/sandbox.init 2010-03-11 17:02:13.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/sandbox.init 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,67 @@
|
@@ -0,0 +1,67 @@
|
||||||
+#!/bin/bash
|
+#!/bin/bash
|
||||||
+## BEGIN INIT INFO
|
+## BEGIN INIT INFO
|
||||||
@ -2302,9 +2252,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ exit 3
|
+ exit 3
|
||||||
+ ;;
|
+ ;;
|
||||||
+esac
|
+esac
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.80/sandbox/sandboxX.sh
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.81/sandbox/sandboxX.sh
|
||||||
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/sandboxX.sh 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/sandboxX.sh 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,15 @@
|
@@ -0,0 +1,15 @@
|
||||||
+#!/bin/bash
|
+#!/bin/bash
|
||||||
+context=`id -Z | secon -t -l -P`
|
+context=`id -Z | secon -t -l -P`
|
||||||
@ -2321,9 +2271,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ break
|
+ break
|
||||||
+done
|
+done
|
||||||
+exit 0
|
+exit 0
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.80/sandbox/seunshare.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.81/sandbox/seunshare.c
|
||||||
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/seunshare.c 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/seunshare.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,265 @@
|
@@ -0,0 +1,265 @@
|
||||||
+#include <signal.h>
|
+#include <signal.h>
|
||||||
+#include <sys/types.h>
|
+#include <sys/types.h>
|
||||||
@ -2590,9 +2540,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+
|
+
|
||||||
+ return status;
|
+ return status;
|
||||||
+}
|
+}
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/test_sandbox.py policycoreutils-2.0.80/sandbox/test_sandbox.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/test_sandbox.py policycoreutils-2.0.81/sandbox/test_sandbox.py
|
||||||
--- nsapolicycoreutils/sandbox/test_sandbox.py 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/sandbox/test_sandbox.py 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/sandbox/test_sandbox.py 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/sandbox/test_sandbox.py 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,98 @@
|
@@ -0,0 +1,98 @@
|
||||||
+import unittest, os, shutil
|
+import unittest, os, shutil
|
||||||
+from tempfile import mkdtemp
|
+from tempfile import mkdtemp
|
||||||
@ -2692,9 +2642,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ unittest.main()
|
+ unittest.main()
|
||||||
+ else:
|
+ else:
|
||||||
+ print "SELinux must be in enforcing mode for this test"
|
+ print "SELinux must be in enforcing mode for this test"
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.80/scripts/fixfiles
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.81/scripts/fixfiles
|
||||||
--- nsapolicycoreutils/scripts/fixfiles 2009-12-01 15:46:50.000000000 -0500
|
--- nsapolicycoreutils/scripts/fixfiles 2009-12-01 15:46:50.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/scripts/fixfiles 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/scripts/fixfiles 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -21,6 +21,17 @@
|
@@ -21,6 +21,17 @@
|
||||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
|
||||||
@ -2780,9 +2730,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
restore
|
restore
|
||||||
}
|
}
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/default_encoding.c policycoreutils-2.0.80/semanage/default_encoding/default_encoding.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/default_encoding.c policycoreutils-2.0.81/semanage/default_encoding/default_encoding.c
|
||||||
--- nsapolicycoreutils/semanage/default_encoding/default_encoding.c 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/semanage/default_encoding/default_encoding.c 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/default_encoding/default_encoding.c 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/default_encoding/default_encoding.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,59 @@
|
@@ -0,0 +1,59 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Authors:
|
+ * Authors:
|
||||||
@ -2843,9 +2793,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ PyUnicode_SetDefaultEncoding("utf-8");
|
+ PyUnicode_SetDefaultEncoding("utf-8");
|
||||||
+ m = Py_InitModule3("default_encoding_utf8", methods, "Forces the default encoding to utf-8");
|
+ m = Py_InitModule3("default_encoding_utf8", methods, "Forces the default encoding to utf-8");
|
||||||
+}
|
+}
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/Makefile policycoreutils-2.0.80/semanage/default_encoding/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/Makefile policycoreutils-2.0.81/semanage/default_encoding/Makefile
|
||||||
--- nsapolicycoreutils/semanage/default_encoding/Makefile 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/semanage/default_encoding/Makefile 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/default_encoding/Makefile 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/default_encoding/Makefile 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,8 @@
|
@@ -0,0 +1,8 @@
|
||||||
+all:
|
+all:
|
||||||
+ LDFLAGS="" python setup.py build
|
+ LDFLAGS="" python setup.py build
|
||||||
@ -2855,9 +2805,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+
|
+
|
||||||
+clean:
|
+clean:
|
||||||
+ rm -rf build *~
|
+ rm -rf build *~
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py policycoreutils-2.0.80/semanage/default_encoding/policycoreutils/__init__.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py policycoreutils-2.0.81/semanage/default_encoding/policycoreutils/__init__.py
|
||||||
--- nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/default_encoding/policycoreutils/__init__.py 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/default_encoding/policycoreutils/__init__.py 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,17 @@
|
@@ -0,0 +1,17 @@
|
||||||
+#
|
+#
|
||||||
+# Copyright (C) 2006,2007,2008, 2009 Red Hat, Inc.
|
+# Copyright (C) 2006,2007,2008, 2009 Red Hat, Inc.
|
||||||
@ -2876,9 +2826,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+# along with this program; if not, write to the Free Software
|
+# along with this program; if not, write to the Free Software
|
||||||
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||||
+#
|
+#
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/setup.py policycoreutils-2.0.80/semanage/default_encoding/setup.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/setup.py policycoreutils-2.0.81/semanage/default_encoding/setup.py
|
||||||
--- nsapolicycoreutils/semanage/default_encoding/setup.py 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/semanage/default_encoding/setup.py 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/default_encoding/setup.py 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/default_encoding/setup.py 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -0,0 +1,38 @@
|
@@ -0,0 +1,38 @@
|
||||||
+# Authors:
|
+# Authors:
|
||||||
+# John Dennis <jdennis@redhat.com>
|
+# John Dennis <jdennis@redhat.com>
|
||||||
@ -2918,9 +2868,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ ext_modules = [default_encoding_utf8],
|
+ ext_modules = [default_encoding_utf8],
|
||||||
+ packages=["policycoreutils"],
|
+ packages=["policycoreutils"],
|
||||||
+)
|
+)
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.80/semanage/semanage
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.81/semanage/semanage
|
||||||
--- nsapolicycoreutils/semanage/semanage 2009-11-18 17:06:03.000000000 -0500
|
--- nsapolicycoreutils/semanage/semanage 2009-11-18 17:06:03.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/semanage 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/semanage 2010-03-16 14:03:19.000000000 -0400
|
||||||
@@ -20,6 +20,7 @@
|
@@ -20,6 +20,7 @@
|
||||||
# 02111-1307 USA
|
# 02111-1307 USA
|
||||||
#
|
#
|
||||||
@ -3115,26 +3065,30 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
modify = True
|
modify = True
|
||||||
|
|
||||||
if o == "-S" or o == '--store':
|
if o == "-S" or o == '--store':
|
||||||
@@ -295,6 +337,7 @@
|
@@ -292,8 +334,10 @@
|
||||||
|
|
||||||
|
if o == "--on" or o == "-1":
|
||||||
|
value = "on"
|
||||||
|
+ modify = True
|
||||||
if o == "--off" or o == "-0":
|
if o == "--off" or o == "-0":
|
||||||
value = "off"
|
value = "off"
|
||||||
|
+ modify = True
|
||||||
|
|
||||||
+
|
|
||||||
if object == "login":
|
if object == "login":
|
||||||
OBJECT = seobject.loginRecords(store)
|
OBJECT = seobject.loginRecords(store)
|
||||||
|
@@ -315,6 +359,11 @@
|
||||||
@@ -315,6 +358,10 @@
|
|
||||||
|
|
||||||
if object == "boolean":
|
if object == "boolean":
|
||||||
OBJECT = seobject.booleanRecords(store)
|
OBJECT = seobject.booleanRecords(store)
|
||||||
+ modify = True
|
+ if use_file:
|
||||||
+
|
+ modify=True
|
||||||
|
+
|
||||||
+ if object == "module":
|
+ if object == "module":
|
||||||
+ OBJECT = seobject.moduleRecords(store)
|
+ OBJECT = seobject.moduleRecords(store)
|
||||||
|
|
||||||
if object == "permissive":
|
if object == "permissive":
|
||||||
OBJECT = seobject.permissiveRecords(store)
|
OBJECT = seobject.permissiveRecords(store)
|
||||||
@@ -330,8 +377,13 @@
|
@@ -330,8 +379,13 @@
|
||||||
OBJECT.deleteall()
|
OBJECT.deleteall()
|
||||||
return
|
return
|
||||||
|
|
||||||
@ -3149,7 +3103,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
target = cmds[0]
|
target = cmds[0]
|
||||||
|
|
||||||
@@ -354,11 +406,17 @@
|
@@ -354,16 +408,20 @@
|
||||||
if object == "interface":
|
if object == "interface":
|
||||||
OBJECT.add(target, serange, setype)
|
OBJECT.add(target, serange, setype)
|
||||||
|
|
||||||
@ -3168,6 +3122,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
if object == "permissive":
|
if object == "permissive":
|
||||||
OBJECT.add(target)
|
OBJECT.add(target)
|
||||||
|
|
||||||
|
- return
|
||||||
|
-
|
||||||
|
if modify:
|
||||||
|
if object == "boolean":
|
||||||
|
OBJECT.modify(target, value, use_file)
|
||||||
@@ -375,6 +433,14 @@
|
@@ -375,6 +433,14 @@
|
||||||
rlist = roles.split()
|
rlist = roles.split()
|
||||||
OBJECT.modify(target, rlist, selevel, serange, prefix)
|
OBJECT.modify(target, rlist, selevel, serange, prefix)
|
||||||
@ -3183,22 +3142,26 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
if object == "port":
|
if object == "port":
|
||||||
OBJECT.modify(target, proto, serange, setype)
|
OBJECT.modify(target, proto, serange, setype)
|
||||||
|
|
||||||
@@ -385,7 +451,10 @@
|
@@ -385,9 +451,10 @@
|
||||||
OBJECT.modify(target, mask, proto, serange, setype)
|
OBJECT.modify(target, mask, proto, serange, setype)
|
||||||
|
|
||||||
if object == "fcontext":
|
if object == "fcontext":
|
||||||
- OBJECT.modify(target, setype, ftype, serange, seuser)
|
- OBJECT.modify(target, setype, ftype, serange, seuser)
|
||||||
|
-
|
||||||
|
- return
|
||||||
+ if equal == "":
|
+ if equal == "":
|
||||||
+ OBJECT.modify(target, setype, ftype, serange, seuser)
|
+ OBJECT.modify(target, setype, ftype, serange, seuser)
|
||||||
+ else:
|
+ else:
|
||||||
+ OBJECT.modify_equal(target, equal)
|
+ OBJECT.modify_equal(target, equal)
|
||||||
|
|
||||||
return
|
if delete:
|
||||||
|
if object == "port":
|
||||||
@@ -404,12 +473,13 @@
|
@@ -402,14 +469,13 @@
|
||||||
|
else:
|
||||||
return
|
OBJECT.delete(target)
|
||||||
|
|
||||||
|
- return
|
||||||
|
-
|
||||||
- raise ValueError(_("Invalid command") % " ".join(argv))
|
- raise ValueError(_("Invalid command") % " ".join(argv))
|
||||||
+ raise ValueError(_("Invalid command: semanage %s") % " ".join(argv))
|
+ raise ValueError(_("Invalid command: semanage %s") % " ".join(argv))
|
||||||
|
|
||||||
@ -3210,7 +3173,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
input = None
|
input = None
|
||||||
store = ""
|
store = ""
|
||||||
|
|
||||||
@@ -417,7 +487,7 @@
|
@@ -417,7 +483,7 @@
|
||||||
usage(_("Requires 2 or more arguments"))
|
usage(_("Requires 2 or more arguments"))
|
||||||
|
|
||||||
gopts, cmds = getopt.getopt(sys.argv[1:],
|
gopts, cmds = getopt.getopt(sys.argv[1:],
|
||||||
@ -3219,7 +3182,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
['add',
|
['add',
|
||||||
'delete',
|
'delete',
|
||||||
'deleteall',
|
'deleteall',
|
||||||
@@ -431,6 +501,7 @@
|
@@ -431,6 +497,7 @@
|
||||||
'localist',
|
'localist',
|
||||||
'off',
|
'off',
|
||||||
'on',
|
'on',
|
||||||
@ -3227,7 +3190,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
'proto=',
|
'proto=',
|
||||||
'seuser=',
|
'seuser=',
|
||||||
'store=',
|
'store=',
|
||||||
@@ -438,6 +509,7 @@
|
@@ -438,6 +505,7 @@
|
||||||
'level=',
|
'level=',
|
||||||
'roles=',
|
'roles=',
|
||||||
'type=',
|
'type=',
|
||||||
@ -3235,7 +3198,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
'prefix='
|
'prefix='
|
||||||
])
|
])
|
||||||
for o, a in gopts:
|
for o, a in gopts:
|
||||||
@@ -445,6 +517,16 @@
|
@@ -445,6 +513,16 @@
|
||||||
store = a
|
store = a
|
||||||
if o == "-i" or o == '--input':
|
if o == "-i" or o == '--input':
|
||||||
input = a
|
input = a
|
||||||
@ -3252,7 +3215,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
if input != None:
|
if input != None:
|
||||||
if input == "-":
|
if input == "-":
|
||||||
@@ -454,6 +536,7 @@
|
@@ -454,6 +532,7 @@
|
||||||
trans = seobject.semanageRecords(store)
|
trans = seobject.semanageRecords(store)
|
||||||
trans.start()
|
trans.start()
|
||||||
for l in fd.readlines():
|
for l in fd.readlines():
|
||||||
@ -3260,15 +3223,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
process_args(mkargv(l))
|
process_args(mkargv(l))
|
||||||
trans.finish()
|
trans.finish()
|
||||||
else:
|
else:
|
||||||
@@ -467,3 +550,5 @@
|
@@ -467,3 +546,5 @@
|
||||||
errorExit(_("Invalid value %s") % error.args[0])
|
errorExit(_("Invalid value %s") % error.args[0])
|
||||||
except IOError, error:
|
except IOError, error:
|
||||||
errorExit(error.args[1])
|
errorExit(error.args[1])
|
||||||
+ except OSError, error:
|
+ except OSError, error:
|
||||||
+ errorExit(error.args[1])
|
+ errorExit(error.args[1])
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.80/semanage/semanage.8
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.81/semanage/semanage.8
|
||||||
--- nsapolicycoreutils/semanage/semanage.8 2009-11-18 17:06:03.000000000 -0500
|
--- nsapolicycoreutils/semanage/semanage.8 2009-11-18 17:06:03.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/semanage.8 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/semanage.8 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -1,27 +1,58 @@
|
@@ -1,27 +1,58 @@
|
||||||
-.TH "semanage" "8" "2005111103" "" ""
|
-.TH "semanage" "8" "2005111103" "" ""
|
||||||
+.TH "semanage" "8" "20100223" "" ""
|
+.TH "semanage" "8" "20100223" "" ""
|
||||||
@ -3429,9 +3392,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+and Russell Coker <rcoker@redhat.com>.
|
+and Russell Coker <rcoker@redhat.com>.
|
||||||
+.br
|
+.br
|
||||||
Examples by Thomas Bleher <ThomasBleher@gmx.de>.
|
Examples by Thomas Bleher <ThomasBleher@gmx.de>.
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.80/semanage/seobject.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.81/semanage/seobject.py
|
||||||
--- nsapolicycoreutils/semanage/seobject.py 2009-11-20 10:51:25.000000000 -0500
|
--- nsapolicycoreutils/semanage/seobject.py 2009-11-20 10:51:25.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/semanage/seobject.py 2010-03-08 13:26:05.000000000 -0500
|
+++ policycoreutils-2.0.81/semanage/seobject.py 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -29,47 +29,12 @@
|
@@ -29,47 +29,12 @@
|
||||||
import gettext
|
import gettext
|
||||||
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
||||||
@ -4087,9 +4050,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
def list(self, heading = True, locallist = False, use_file = False):
|
def list(self, heading = True, locallist = False, use_file = False):
|
||||||
on_off = (_("off"), _("on"))
|
on_off = (_("off"), _("on"))
|
||||||
if use_file:
|
if use_file:
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.80/setfiles/restore.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.81/setfiles/restore.c
|
||||||
--- nsapolicycoreutils/setfiles/restore.c 2009-11-03 09:21:40.000000000 -0500
|
--- nsapolicycoreutils/setfiles/restore.c 2009-11-03 09:21:40.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/setfiles/restore.c 2010-03-11 17:14:53.000000000 -0500
|
+++ policycoreutils-2.0.81/setfiles/restore.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -1,4 +1,5 @@
|
@@ -1,4 +1,5 @@
|
||||||
#include "restore.h"
|
#include "restore.h"
|
||||||
+#include <glob.h>
|
+#include <glob.h>
|
||||||
@ -4244,9 +4207,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
+ free(buf);
|
+ free(buf);
|
||||||
+}
|
+}
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.80/setfiles/restorecon.8
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.81/setfiles/restorecon.8
|
||||||
--- nsapolicycoreutils/setfiles/restorecon.8 2008-08-28 09:34:24.000000000 -0400
|
--- nsapolicycoreutils/setfiles/restorecon.8 2008-08-28 09:34:24.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/setfiles/restorecon.8 2010-03-11 17:14:53.000000000 -0500
|
+++ policycoreutils-2.0.81/setfiles/restorecon.8 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -4,10 +4,10 @@
|
@@ -4,10 +4,10 @@
|
||||||
|
|
||||||
.SH "SYNOPSIS"
|
.SH "SYNOPSIS"
|
||||||
@ -4270,9 +4233,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
.TP
|
.TP
|
||||||
.B \-v
|
.B \-v
|
||||||
show changes in file labels.
|
show changes in file labels.
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.80/setfiles/restore.h
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.81/setfiles/restore.h
|
||||||
--- nsapolicycoreutils/setfiles/restore.h 2009-11-03 09:21:40.000000000 -0500
|
--- nsapolicycoreutils/setfiles/restore.h 2009-11-03 09:21:40.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/setfiles/restore.h 2010-03-11 17:14:53.000000000 -0500
|
+++ policycoreutils-2.0.81/setfiles/restore.h 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -27,6 +27,7 @@
|
@@ -27,6 +27,7 @@
|
||||||
int hard_links;
|
int hard_links;
|
||||||
int verbose;
|
int verbose;
|
||||||
@ -4292,9 +4255,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
+void exclude_non_seclabel_mounts();
|
+void exclude_non_seclabel_mounts();
|
||||||
#endif
|
#endif
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.80/setfiles/setfiles.8
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.81/setfiles/setfiles.8
|
||||||
--- nsapolicycoreutils/setfiles/setfiles.8 2008-08-28 09:34:24.000000000 -0400
|
--- nsapolicycoreutils/setfiles/setfiles.8 2008-08-28 09:34:24.000000000 -0400
|
||||||
+++ policycoreutils-2.0.80/setfiles/setfiles.8 2010-03-11 17:14:53.000000000 -0500
|
+++ policycoreutils-2.0.81/setfiles/setfiles.8 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -31,6 +31,9 @@
|
@@ -31,6 +31,9 @@
|
||||||
.TP
|
.TP
|
||||||
.B \-n
|
.B \-n
|
||||||
@ -4305,9 +4268,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
|
|||||||
.TP
|
.TP
|
||||||
.B \-q
|
.B \-q
|
||||||
suppress non-error output.
|
suppress non-error output.
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.80/setfiles/setfiles.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.20 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.81/setfiles/setfiles.c
|
||||||
--- nsapolicycoreutils/setfiles/setfiles.c 2009-11-03 09:21:40.000000000 -0500
|
--- nsapolicycoreutils/setfiles/setfiles.c 2009-11-03 09:21:40.000000000 -0500
|
||||||
+++ policycoreutils-2.0.80/setfiles/setfiles.c 2010-03-11 17:14:53.000000000 -0500
|
+++ policycoreutils-2.0.81/setfiles/setfiles.c 2010-03-12 10:04:13.000000000 -0500
|
||||||
@@ -5,7 +5,6 @@
|
@@ -5,7 +5,6 @@
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <regex.h>
|
#include <regex.h>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/access.py
|
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/access.py
|
||||||
--- nsasepolgen/src/sepolgen/access.py 2009-05-18 13:53:14.000000000 -0400
|
--- nsasepolgen/src/sepolgen/access.py 2009-05-18 13:53:14.000000000 -0400
|
||||||
+++ policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/access.py 2010-03-01 16:43:01.000000000 -0500
|
+++ policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/access.py 2010-03-12 09:57:04.000000000 -0500
|
||||||
@@ -32,6 +32,7 @@
|
@@ -32,6 +32,7 @@
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@ -9,18 +9,16 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policyco
|
|||||||
|
|
||||||
def is_idparam(id):
|
def is_idparam(id):
|
||||||
"""Determine if an id is a paramater in the form $N, where N is
|
"""Determine if an id is a paramater in the form $N, where N is
|
||||||
@@ -85,6 +86,10 @@
|
@@ -85,6 +86,8 @@
|
||||||
self.obj_class = None
|
self.obj_class = None
|
||||||
self.perms = refpolicy.IdSet()
|
self.perms = refpolicy.IdSet()
|
||||||
self.audit_msgs = []
|
self.audit_msgs = []
|
||||||
+ self.type = audit2why.TERULE
|
+ self.type = audit2why.TERULE
|
||||||
+ self.bools = []
|
+ self.bools = []
|
||||||
+
|
|
||||||
+ self.dontaudit = False
|
|
||||||
|
|
||||||
# The direction of the information flow represented by this
|
# The direction of the information flow represented by this
|
||||||
# access vector - used for matching
|
# access vector - used for matching
|
||||||
@@ -127,7 +132,7 @@
|
@@ -127,7 +130,7 @@
|
||||||
return self.to_string()
|
return self.to_string()
|
||||||
|
|
||||||
def to_string(self):
|
def to_string(self):
|
||||||
@ -29,12 +27,12 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policyco
|
|||||||
self.obj_class, self.perms.to_space_str())
|
self.obj_class, self.perms.to_space_str())
|
||||||
|
|
||||||
def __cmp__(self, other):
|
def __cmp__(self, other):
|
||||||
@@ -253,20 +258,23 @@
|
@@ -253,20 +256,22 @@
|
||||||
for av in l:
|
for av in l:
|
||||||
self.add_av(AccessVector(av))
|
self.add_av(AccessVector(av))
|
||||||
|
|
||||||
- def add(self, src_type, tgt_type, obj_class, perms, audit_msg=None):
|
- def add(self, src_type, tgt_type, obj_class, perms, audit_msg=None):
|
||||||
+ def add(self, src_type, tgt_type, obj_class, perms, audit_msg=None, avc_type=audit2why.TERULE, bools=[], dontaudit=False):
|
+ def add(self, src_type, tgt_type, obj_class, perms, audit_msg=None, avc_type=audit2why.TERULE, bools=[]):
|
||||||
"""Add an access vector to the set.
|
"""Add an access vector to the set.
|
||||||
"""
|
"""
|
||||||
tgt = self.src.setdefault(src_type, { })
|
tgt = self.src.setdefault(src_type, { })
|
||||||
@ -52,14 +50,13 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/access.py policyco
|
|||||||
- cls[obj_class] = access
|
- cls[obj_class] = access
|
||||||
+ access.bools = bools
|
+ access.bools = bools
|
||||||
+ access.type = avc_type
|
+ access.type = avc_type
|
||||||
+ access.dontaudit = dontaudit
|
|
||||||
+ cls[obj_class, avc_type] = access
|
+ cls[obj_class, avc_type] = access
|
||||||
|
|
||||||
access.perms.update(perms)
|
access.perms.update(perms)
|
||||||
if audit_msg:
|
if audit_msg:
|
||||||
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/audit.py
|
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/audit.py
|
||||||
--- nsasepolgen/src/sepolgen/audit.py 2009-12-01 15:46:50.000000000 -0500
|
--- nsasepolgen/src/sepolgen/audit.py 2009-12-01 15:46:50.000000000 -0500
|
||||||
+++ policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/audit.py 2010-03-01 15:25:21.000000000 -0500
|
+++ policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/audit.py 2010-03-12 09:59:05.000000000 -0500
|
||||||
@@ -23,6 +23,27 @@
|
@@ -23,6 +23,27 @@
|
||||||
|
|
||||||
# Convenience functions
|
# Convenience functions
|
||||||
@ -158,54 +155,22 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycor
|
|||||||
class PolicyLoadMessage(AuditMessage):
|
class PolicyLoadMessage(AuditMessage):
|
||||||
"""Audit message indicating that the policy was reloaded."""
|
"""Audit message indicating that the policy was reloaded."""
|
||||||
def __init__(self, message):
|
def __init__(self, message):
|
||||||
@@ -285,6 +346,9 @@
|
@@ -448,10 +509,10 @@
|
||||||
|
|
||||||
def __initialize(self):
|
|
||||||
self.avc_msgs = []
|
|
||||||
+ self.constraint_msgs = []
|
|
||||||
+ self.dontaudit_msgs = []
|
|
||||||
+ self.rbac_msgs = []
|
|
||||||
self.compute_sid_msgs = []
|
|
||||||
self.invalid_msgs = []
|
|
||||||
self.policy_load_msgs = []
|
|
||||||
@@ -424,7 +488,7 @@
|
|
||||||
|
|
||||||
return role_types
|
|
||||||
|
|
||||||
- def to_access(self, avc_filter=None, only_denials=True):
|
|
||||||
+ def to_access(self, avc_filter=None, only_denials=True, dontaudit=False):
|
|
||||||
"""Convert the audit logs access into a an access vector set.
|
|
||||||
|
|
||||||
Convert the audit logs into an access vector set, optionally
|
|
||||||
@@ -442,16 +506,17 @@
|
|
||||||
audit logs parsed by this object.
|
|
||||||
"""
|
|
||||||
av_set = access.AccessVectorSet()
|
|
||||||
+
|
|
||||||
for avc in self.avc_msgs:
|
|
||||||
if avc.denial != True and only_denials:
|
|
||||||
continue
|
|
||||||
if avc_filter:
|
if avc_filter:
|
||||||
if avc_filter.filter(avc):
|
if avc_filter.filter(avc):
|
||||||
av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
|
av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
|
||||||
- avc.accesses, avc)
|
- avc.accesses, avc)
|
||||||
+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools, dontaudit=dontaudit)
|
+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools)
|
||||||
else:
|
else:
|
||||||
av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
|
av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
|
||||||
- avc.accesses, avc)
|
- avc.accesses, avc)
|
||||||
+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools, dontaudit=dontaudit)
|
+ avc.accesses, avc, avc_type=avc.type, bools=avc.bools)
|
||||||
return av_set
|
return av_set
|
||||||
|
|
||||||
class AVCTypeFilter:
|
class AVCTypeFilter:
|
||||||
@@ -477,5 +542,3 @@
|
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/policygen.py
|
||||||
if self.regex.match(avc.tcontext.type):
|
--- nsasepolgen/src/sepolgen/policygen.py 2010-03-12 09:34:56.000000000 -0500
|
||||||
return True
|
+++ policycoreutils-2.0.81/sepolgen-1.0.20/src/sepolgen/policygen.py 2010-03-12 09:53:30.000000000 -0500
|
||||||
return False
|
|
||||||
-
|
|
||||||
-
|
|
||||||
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/policygen.py
|
|
||||||
--- nsasepolgen/src/sepolgen/policygen.py 2008-09-12 11:48:15.000000000 -0400
|
|
||||||
+++ policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/policygen.py 2010-03-01 14:49:37.000000000 -0500
|
|
||||||
@@ -29,6 +29,8 @@
|
@@ -29,6 +29,8 @@
|
||||||
import access
|
import access
|
||||||
import interfaces
|
import interfaces
|
||||||
@ -215,19 +180,18 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py polic
|
|||||||
|
|
||||||
# Constants for the level of explanation from the generation
|
# Constants for the level of explanation from the generation
|
||||||
# routines
|
# routines
|
||||||
@@ -74,7 +76,7 @@
|
@@ -77,6 +79,7 @@
|
||||||
self.moduel = module
|
|
||||||
else:
|
self.dontaudit = False
|
||||||
self.module = refpolicy.Module()
|
|
||||||
-
|
|
||||||
+ self.domains = None
|
+ self.domains = None
|
||||||
def set_gen_refpol(self, if_set=None, perm_maps=None):
|
def set_gen_refpol(self, if_set=None, perm_maps=None):
|
||||||
"""Set whether reference policy interfaces are generated.
|
"""Set whether reference policy interfaces are generated.
|
||||||
|
|
||||||
@@ -144,8 +146,35 @@
|
@@ -151,8 +154,35 @@
|
||||||
def __add_allow_rules(self, avs):
|
|
||||||
for av in avs:
|
|
||||||
rule = refpolicy.AVRule(av)
|
rule = refpolicy.AVRule(av)
|
||||||
|
if self.dontaudit:
|
||||||
|
rule.rule_type = rule.DONTAUDIT
|
||||||
+ rule.comment = ""
|
+ rule.comment = ""
|
||||||
if self.explain:
|
if self.explain:
|
||||||
rule.comment = refpolicy.Comment(explain_access(av, verbosity=self.explain))
|
rule.comment = refpolicy.Comment(explain_access(av, verbosity=self.explain))
|
||||||
@ -260,44 +224,3 @@ diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py polic
|
|||||||
self.module.children.append(rule)
|
self.module.children.append(rule)
|
||||||
|
|
||||||
|
|
||||||
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refpolicy.py policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/refpolicy.py
|
|
||||||
--- nsasepolgen/src/sepolgen/refpolicy.py 2009-10-29 15:21:39.000000000 -0400
|
|
||||||
+++ policycoreutils-2.0.79/sepolgen-1.0.19/src/sepolgen/refpolicy.py 2010-03-01 14:50:42.000000000 -0500
|
|
||||||
@@ -398,6 +398,7 @@
|
|
||||||
return "attribute %s;" % self.name
|
|
||||||
|
|
||||||
# Classes representing rules
|
|
||||||
+import selinux.audit2why as audit2why
|
|
||||||
|
|
||||||
class AVRule(Leaf):
|
|
||||||
"""SELinux access vector (AV) rule.
|
|
||||||
@@ -426,15 +427,17 @@
|
|
||||||
self.tgt_types = IdSet()
|
|
||||||
self.obj_classes = IdSet()
|
|
||||||
self.perms = IdSet()
|
|
||||||
- self.rule_type = self.ALLOW
|
|
||||||
+ self.rule_type = audit2why.TERULE
|
|
||||||
if av:
|
|
||||||
self.from_av(av)
|
|
||||||
|
|
||||||
def __rule_type_str(self):
|
|
||||||
- if self.rule_type == self.ALLOW:
|
|
||||||
+ if self.rule_type == audit2why.TERULE:
|
|
||||||
return "allow"
|
|
||||||
- elif self.rule_type == self.DONTAUDIT:
|
|
||||||
+ elif self.rule_type == audit2why.DONTAUDIT:
|
|
||||||
return "dontaudit"
|
|
||||||
+ elif self.rule_type == audit2why.CONSTRAINT:
|
|
||||||
+ return "#constraint allow"
|
|
||||||
else:
|
|
||||||
return "auditallow"
|
|
||||||
|
|
||||||
@@ -449,6 +452,8 @@
|
|
||||||
self.tgt_types.add(av.tgt_type)
|
|
||||||
self.obj_classes.add(av.obj_class)
|
|
||||||
self.perms.update(av.perms)
|
|
||||||
+ if av.dontaudit:
|
|
||||||
+ self.rule_type = audit2why.DONTAUDIT
|
|
||||||
|
|
||||||
def to_string(self):
|
|
||||||
"""Return a string representation of the rule
|
|
||||||
|
@ -2,11 +2,11 @@
|
|||||||
%define libsepolver 2.0.41-3
|
%define libsepolver 2.0.41-3
|
||||||
%define libsemanagever 2.0.43-4
|
%define libsemanagever 2.0.43-4
|
||||||
%define libselinuxver 2.0.90-3
|
%define libselinuxver 2.0.90-3
|
||||||
%define sepolgenver 1.0.19
|
%define sepolgenver 1.0.20
|
||||||
|
|
||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.80
|
Version: 2.0.81
|
||||||
Release: 2%{?dist}
|
Release: 2%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
@ -305,6 +305,14 @@ fi
|
|||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 16 2010 Dan Walsh <dwalsh@redhat.com> 2.0.81-2
|
||||||
|
- Fix semanage handling of boolean options
|
||||||
|
- Update translations
|
||||||
|
|
||||||
|
* Fri Mar 12 2010 Dan Walsh <dwalsh@redhat.com> 2.0.81-1
|
||||||
|
- Update to upstream
|
||||||
|
* Add dontaudit flag to audit2allow from Dan Walsh.
|
||||||
|
|
||||||
* Thu Mar 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.80-2
|
* Thu Mar 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.80-2
|
||||||
- Use --rbind in sandbox init scripts
|
- Use --rbind in sandbox init scripts
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1,3 +1,3 @@
|
|||||||
2ae1a9f7242e33413aae036d2edeb1d8 sepolgen-1.0.19.tgz
|
2ae1a9f7242e33413aae036d2edeb1d8 sepolgen-1.0.19.tgz
|
||||||
f0ba121158e826b5263c2cf808aa1ed2 policycoreutils-2.0.80.tgz
|
64e37bf9a411c7c3993839155a30301c policycoreutils-2.0.81.tgz
|
||||||
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
||||||
|
Loading…
Reference in New Issue
Block a user