* Mon Oct 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-12

- Add generation of the users context file to polgengui
2009-10-19 19:05:28 +00:00 · 2009-10-19 19:05:28 +00:00 · d189740fc7
parent 573cd1c340
commit d189740fc7
2 changed files with 42 additions and 5 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -6414,8 +6414,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.74/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/polgen.py	2009-10-15 10:37:42.000000000 -0400
-@@ -0,0 +1,1188 @@
+++ policycoreutils-2.0.74/gui/polgen.py	2009-10-19 15:04:09.000000000 -0400
+@@ -0,0 +1,1195 @@
 +#!/usr/bin/python
 +#
 +# Copyright (C) 2007, 2008, 2009 Red Hat 
@ -7339,6 +7339,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +                for u in self.transition_users:
 +                    tmp =  re.sub("TEMPLATETYPE", self.name, script.admin_trans)
 +                    newsh += re.sub("USER", u, tmp)
+
+            if self.type == LUSER:
+                    newsh +=  re.sub("TEMPLATETYPE", self.name, script.min_login_user_default_context)
+            else:
+                    newsh +=  re.sub("TEMPLATETYPE", self.name, script.x_login_user_default_context)
+
+                
 +            return newsh
 +        
 +	def generate_sh(self):
@ -12480,8 +12487,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.74/gui/templates/script.py
 --- nsapolicycoreutils/gui/templates/script.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/script.py	2009-10-15 10:37:42.000000000 -0400
-@@ -0,0 +1,99 @@
+++ policycoreutils-2.0.74/gui/templates/script.py	2009-10-19 15:03:15.000000000 -0400
+@@ -0,0 +1,126 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
 +#
@ -12581,6 +12588,33 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
 +# Adding roles to SELinux user USER
 +/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER
 +"""
+
+min_login_user_default_context="""\
+if [ ! -f /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u ]; then
+cat > /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u << _EOF
+TEMPLATETYPE_r:TEMPLATETYPE_t:s0	TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:crond_t		TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:initrc_su_t		TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t	        TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t  	TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t 		TEMPLATETYPE_r:TEMPLATETYPE_t
+_EOF
+fi
+"""
+
+x_login_user_default_context="""\
+if [ ! -f /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u ]; then
+cat > /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u << _EOF
+TEMPLATETYPE_r:TEMPLATETYPE_t	TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:crond_t		TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:initrc_su_t		TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t	        TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t	        TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t		        TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:xdm_t	 	        TEMPLATETYPE_r:TEMPLATETYPE_t
+_EOF
+fi
+"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.74/gui/templates/semodule.py
 --- nsapolicycoreutils/gui/templates/semodule.py	1969-12-31 19:00:00.000000000 -0500
 +++ policycoreutils-2.0.74/gui/templates/semodule.py	2009-10-15 10:37:42.000000000 -0400
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.74
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -296,6 +296,9 @@ fi
 exit 0

 %changelog
+* Mon Oct 19 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-12
+- Add generation of the users context file to polgengui
+
 * Fri Oct 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-11
 - Remove tabs from system-config-selinux glade file