diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index 51b4347..d5c3964 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -5783,8 +5783,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgengui.py 2010-08-05 17:40:33.000000000 -0400 -@@ -0,0 +1,650 @@ ++++ policycoreutils-2.0.83/gui/polgengui.py 2010-09-10 11:45:24.000000000 -0400 +@@ -0,0 +1,657 @@ +#!/usr/bin/python -Es +# +# polgengui.py - GUI for SELinux Config tool in system-config-selinux @@ -5878,8 +5878,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + + def __init__(self): + self.xml = xml -+ self.all_types=polgen.get_all_types() -+ self.all_modules=polgen.get_all_modules() ++ try: ++ self.all_types = polgen.get_all_types() ++ self.all_modules = polgen.get_all_modules() ++ self.all_roles = polgen.get_all_roles() ++ self.all_users = polgen.get_all_users() ++ except RuntimeError, e: ++ self.all_types = [] ++ self.all_modules = [] ++ self.all_roles = [] ++ self.all_users = [] ++ self.error(str(e)) ++ + self.name="" + xml.signal_connect("on_delete_clicked", self.delete) + xml.signal_connect("on_delete_boolean_clicked", self.delete_boolean) @@ -5970,13 +5980,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + col = gtk.TreeViewColumn(_("Existing_User"), gtk.CellRendererText(), text = 0) + self.existing_user_treeview.append_column(col) + -+ roles = polgen.get_all_roles() -+ for i in roles: ++ for i in self.all_roles: + iter = self.role_store.append() + self.role_store.set_value(iter, 0, i[:-2]) + -+ self.types = polgen.get_all_types() -+ + self.transition_treeview = self.xml.get_widget("transition_treeview") + self.transition_store = gtk.ListStore(gobject.TYPE_STRING) + self.transition_treeview.set_model(self.transition_store) @@ -5993,7 +6000,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0) + self.user_transition_treeview.append_column(col) + -+ for i in polgen.get_all_users(): ++ for i in self.all_users: + iter = self.user_transition_store.append() + self.user_transition_store.set_value(iter, 0, i[:-2]) + iter = self.existing_user_store.append() @@ -6010,7 +6017,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + for i in polgen.methods: + m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i) + if len(m) > 0: -+ if "%s_exec_t" % m[0] in self.types: ++ if "%s_exec_t" % m[0] in self.all_types: + iter = self.transition_store.append() + self.transition_store.set_value(iter, 0, m[0]) + continue @@ -6437,8 +6444,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.83/gui/polgen.py 2010-08-05 17:40:15.000000000 -0400 -@@ -0,0 +1,1309 @@ ++++ policycoreutils-2.0.83/gui/polgen.py 2010-09-10 11:45:43.000000000 -0400 +@@ -0,0 +1,1318 @@ +#!/usr/bin/python -Es +# +# Copyright (C) 2007-2010 Red Hat @@ -6638,6 +6645,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.ports = get_all_ports() + except ValueError, e: + print "Can not get port types, must be root for this information" ++ except RuntimeError, e: ++ print "Can not get port types", e + + self.symbols = {} + self.symbols["openlog"] = "set_use_kerberos(True)" @@ -6786,7 +6795,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.transition_domains = [] + self.transition_users = [] + self.roles = [] -+ self.all_roles = get_all_roles() + + def __isnetset(self, l): + return l[ALL] or l[RESERVED] or l[UNRESERVED] or len(l[PORTS]) > 0 @@ -7157,10 +7165,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_domain_rules) + newte += re.sub("APPLICATION", app, tmp) + ++ all_roles = [] ++ try: ++ all_roles = get_all_roles() ++ except ValueError, e: ++ print "Can not get all roles, must be root for this information" ++ except RuntimeError, e: ++ print "Can not get all roles", e ++ + for u in self.transition_users: + role = u.split("_u")[0] + -+ if (role + "_r") in self.all_roles: ++ if (role + "_r") in all_roles: + tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules) + newte += re.sub("USER", role, tmp) + diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 84e96dd..f886068 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1647,7 +1647,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po @python test_sandbox.py -v diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 2010-06-16 08:03:38.000000000 -0400 -+++ policycoreutils-2.0.83/sandbox/sandbox 2010-09-09 16:28:25.000000000 -0400 ++++ policycoreutils-2.0.83/sandbox/sandbox 2010-09-13 11:40:20.000000000 -0400 @@ -1,5 +1,6 @@ -#! /usr/bin/python -E +#! /usr/bin/python -Es @@ -1704,16 +1704,20 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po if not os.path.exists(newdir): os.makedirs(newdir) dest = newdir + "/" + bname -@@ -83,7 +87,7 @@ +@@ -81,9 +85,10 @@ + shutil.copytree(file, dest) + else: shutil.copy2(file, dest) ++ except shutil.Error, elist: - for e in elist: +- for e in elist: - sys.stderr.write(e[1]) -+ sys.stderr.write(str(e[1])) ++ for e in elist.message: ++ sys.stderr.write(e[2]) SAVE_FILES[file] = (dest, os.path.getmtime(dest)) -@@ -161,10 +165,10 @@ +@@ -161,10 +166,10 @@ if not self.__options.homedir or not self.__options.tmpdir: self.usage(_("Homedir and tempdir required for level mounts")) @@ -1727,7 +1731,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po def __mount_callback(self, option, opt, value, parser): self.__mount = True -@@ -172,6 +176,15 @@ +@@ -172,6 +177,15 @@ def __x_callback(self, option, opt, value, parser): self.__mount = True setattr(parser.values, option.dest, True) @@ -1743,7 +1747,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po def __validdir(self, option, opt, value, parser): if not os.path.isdir(value): -@@ -218,7 +231,7 @@ +@@ -218,7 +232,7 @@ /usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap %s & WM_PID=$! @@ -1752,7 +1756,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po kill -TERM $WM_PID 2> /dev/null """ % (command, wm, command)) fd.close() -@@ -230,9 +243,9 @@ +@@ -230,9 +244,9 @@ def __parse_options(self): from optparse import OptionParser usage = _(""" @@ -1764,7 +1768,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po """) parser = OptionParser(version=self.VERSION, usage=usage) -@@ -268,6 +281,10 @@ +@@ -268,6 +282,10 @@ action="callback", callback=self.__validdir, help=_("alternate /tmp directory to use for mounting")) @@ -1775,7 +1779,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po parser.add_option("-W", "--windowmanager", dest="wm", type="string", default="/usr/bin/matchbox-window-manager -use_titlebar no", -@@ -276,13 +293,17 @@ +@@ -276,13 +294,17 @@ parser.add_option("-l", "--level", dest="level", help=_("MCS/MLS level for the sandbox")) @@ -1794,7 +1798,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po if self.__options.setype: self.setype = self.__options.setype -@@ -299,6 +320,9 @@ +@@ -299,6 +321,9 @@ self.__options.X_ind = True self.__homedir = self.__options.homedir self.__tmpdir = self.__options.tmpdir @@ -1804,7 +1808,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po else: if len(cmds) == 0: self.usage(_("Command required")) -@@ -351,22 +375,24 @@ +@@ -351,22 +376,24 @@ def __execute(self): try: diff --git a/policycoreutils.spec b/policycoreutils.spec index 1df53c5..64127ba 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.83 -Release: 25%{?dist} +Release: 27%{?dist} License: GPLv2 Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -315,7 +315,13 @@ fi exit 0 %changelog -* Thu Sep 8 2010 Dan Walsh 2.0.83-25 +* Mon Sep 13 2010 Dan Walsh 2.0.83-27 +- Fix sandbox copyfile when copying a dir with a socket, print error + +* Fri Sep 10 2010 Dan Walsh 2.0.83-26 +- Stop polgengui from crashing if selinux policy is not installed + +* Thu Sep 9 2010 Dan Walsh 2.0.83-25 - Fix bug preventing sandbox from using -l * Tue Sep 7 2010 Dan Walsh 2.0.83-24