rpms
/
policycoreutils
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Tue Jun 15 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-2 

- Change python scripts to use -s flag
- Update po
This commit is contained in:
Daniel J Walsh 2010-07-13 17:13:03 +00:00
parent b467ef31d0
commit dd0f3a9721
2 changed files with 63619 additions and 75345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

292
policycoreutils-gui.patch
View File

@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.82/gui/booleansPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.83/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/booleansPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/booleansPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,247 @@ @@ -0,0 +1,247 @@
+# +#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.load(self.filter) + self.load(self.filter)
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.82/gui/domainsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.83/gui/domainsPage.py
--- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/domainsPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/domainsPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,154 @@ @@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains +## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc. +## Copyright (C) 2009 Red Hat, Inc.
@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
+ +
+ except ValueError, e: + except ValueError, e:
+ self.error(e.args[0]) + self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.82/gui/fcontextPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.83/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/fcontextPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,223 @@ @@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings +## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, SPEC_COL, fspec) + self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype) + self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) + self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.82/gui/html_util.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.83/gui/html_util.py
--- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/html_util.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/html_util.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,164 @@ @@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis@redhat.com> +# Authors: John Dennis <jdennis@redhat.com>
+# +#
@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
+ doc += tail + doc += tail
+ return doc + return doc
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.82/gui/lockdown.glade diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.83/gui/lockdown.glade
--- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/lockdown.glade 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/lockdown.glade 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,771 @@ @@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.82/gui/lockdown.gladep diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.83/gui/lockdown.gladep
--- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/lockdown.gladep 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd"> +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1588,11 +1588,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
+ <name></name> + <name></name>
+ <program_name></program_name> + <program_name></program_name>
+</glade-project> +</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.82/gui/lockdown.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.83/gui/lockdown.py
--- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/lockdown.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/lockdown.py 2010-07-13 13:10:45.000000000 -0400
@@ -0,0 +1,382 @@ @@ -0,0 +1,382 @@
+#!/usr/bin/python +#!/usr/bin/python -Es
+# +#
+# lockdown.py - GUI for Booleans page in system-config-securitylevel +# lockdown.py - GUI for Booleans page in system-config-securitylevel
+# +#
@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ +
+ app = booleanWindow() + app = booleanWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.82/gui/loginsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.83/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/loginsPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/loginsPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,185 @@ @@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings +## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange)) + self.store.set_value(iter, 2, seobject.translate(serange))
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.82/gui/Makefile diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.83/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/Makefile 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/Makefile 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
+# Installation directories. +# Installation directories.
+PREFIX ?= ${DESTDIR}/usr +PREFIX ?= ${DESTDIR}/usr
@ -2207,9 +2207,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+indent: +indent:
+ +
+relabel: +relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.82/gui/mappingsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.83/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/mappingsPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,56 @@ @@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings +## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -2267,9 +2267,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+ for k in keys: + for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.82/gui/modulesPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.83/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/modulesPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/modulesPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,190 @@ @@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings +## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc. +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2461,9 +2461,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+ +
+ except ValueError, e: + except ValueError, e:
+ self.error(e.args[0]) + self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.82/gui/polgen.glade diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.83/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/polgen.glade 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/polgen.glade 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,3305 @@ @@ -0,0 +1,3305 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -5770,9 +5770,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.82/gui/polgen.gladep diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.83/gui/polgen.gladep
--- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/polgen.gladep 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/polgen.gladep 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd"> +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5781,11 +5781,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
+ <name></name> + <name></name>
+ <program_name></program_name> + <program_name></program_name>
+</glade-project> +</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.82/gui/polgengui.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/polgengui.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/polgengui.py 2010-07-13 13:09:52.000000000 -0400
@@ -0,0 +1,627 @@ @@ -0,0 +1,627 @@
+#!/usr/bin/python -E +#!/usr/bin/python -Es
+# +#
+# polgengui.py - GUI for SELinux Config tool in system-config-selinux +# polgengui.py - GUI for SELinux Config tool in system-config-selinux
+# +#
@ -6412,11 +6412,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ +
+ app = childWindow() + app = childWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.82/gui/polgen.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/polgen.py 2010-06-07 16:38:00.000000000 -0400 +++ policycoreutils-2.0.83/gui/polgen.py 2010-07-13 13:10:01.000000000 -0400
@@ -0,0 +1,1273 @@ @@ -0,0 +1,1286 @@
+#!/usr/bin/python +#!/usr/bin/python -Es
+# +#
+# Copyright (C) 2007-2010 Red Hat +# Copyright (C) 2007-2010 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -7115,7 +7115,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ +
+ if self.type == USER: + if self.type == USER:
+ for u in self.transition_users: + for u in self.transition_users:
+ temp = re.sub("TEMPLATETYPE", self.name, executable.te_userapp_trans_rules) + temp = re.sub("TEMPLATETYPE", self.name, user.te_user_trans_rules)
+ newte += re.sub("USER", u.split("_u")[0], temp) + newte += re.sub("USER", u.split("_u")[0], temp)
+ +
+ return newte + return newte
@ -7131,6 +7131,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ +
+ for u in self.transition_users: + for u in self.transition_users:
+ role = u.split("_u")[0] + role = u.split("_u")[0]
+
+ if (role + "_r") in self.all_roles: + if (role + "_r") in self.all_roles:
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules) + tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules)
+ newte += re.sub("USER", role, tmp) + newte += re.sub("USER", role, tmp)
@ -7265,11 +7266,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ newif ="" + newif =""
+ if self.use_terminal or self.type == USER: + if self.use_terminal or self.type == USER:
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_user_program_rules) + newif = re.sub("TEMPLATETYPE", self.name, executable.if_user_program_rules)
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_role_change_rules)
+ return newif + return newif
+ +
+ +
+ def generate_if(self): + def generate_if(self):
+ newif = "" + newif = ""
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_heading_rules)
+ if self.program != "": + if self.program != "":
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_program_rules) + newif += re.sub("TEMPLATETYPE", self.name, executable.if_program_rules)
+ if self.initscript != "": + if self.initscript != "":
@ -7299,6 +7302,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ if self.type in ( TUSER, XUSER, AUSER, LUSER, EUSER): + if self.type in ( TUSER, XUSER, AUSER, LUSER, EUSER):
+ roles = "" + roles = ""
+ if len(self.roles) > 0: + if len(self.roles) > 0:
+ newte += re.sub("TEMPLATETYPE", self.name, user.te_sudo_rules)
+ newte += re.sub("TEMPLATETYPE", self.name, user.te_newrole_rules) + newte += re.sub("TEMPLATETYPE", self.name, user.te_newrole_rules)
+ for role in self.roles: + for role in self.roles:
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_roles_rules) + tmp = re.sub("TEMPLATETYPE", self.name, user.te_roles_rules)
@ -7317,7 +7321,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+######################################## +########################################
+# +#
+# %s local policy +# %s local policy
+#""" % self.name +#
+""" % self.name
+ newte += self.generate_capabilities() + newte += self.generate_capabilities()
+ newte += self.generate_process() + newte += self.generate_process()
+ newte += self.generate_network_types() + newte += self.generate_network_types()
@ -7357,6 +7362,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ def generate_fc(self): + def generate_fc(self):
+ newfc = "" + newfc = ""
+ fclist = [] + fclist = []
+ if self.type in USERS:
+ return re.sub("EXECUTABLE", self.program, executable.fc_user)
+ if self.program == "": + if self.program == "":
+ raise ValueError(_("You must enter the executable path for your confined process")) + raise ValueError(_("You must enter the executable path for your confined process"))
+ +
@ -7480,7 +7487,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ fcfile = "%s/my%s.fc" % (out_dir, self.file_name) + fcfile = "%s/my%s.fc" % (out_dir, self.file_name)
+ else: + else:
+ fcfile = "%s/%s.fc" % (out_dir, self.file_name) + fcfile = "%s/%s.fc" % (out_dir, self.file_name)
+ if self.type in APPLICATIONS:
+ fd = open(fcfile, "w") + fd = open(fcfile, "w")
+ fd.write(self.generate_fc()) + fd.write(self.generate_fc())
+ fd.close() + fd.close()
@ -7501,6 +7507,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.exit(1) + sys.exit(1)
+ +
+def test(): +def test():
+ import tempfile
+
+ tmpdir = tempfile.mkdtemp()
+ mypolicy = policy("mycgi", CGI) + mypolicy = policy("mycgi", CGI)
+ mypolicy.set_program("/var/www/cgi-bin/cgi") + mypolicy.set_program("/var/www/cgi-bin/cgi")
+ mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000") + mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000")
@ -7510,7 +7519,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_use_syslog(True) + mypolicy.set_use_syslog(True)
+ mypolicy.set_use_pam(True) + mypolicy.set_use_pam(True)
+ mypolicy.set_out_tcp(0,"8000") + mypolicy.set_out_tcp(0,"8000")
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ mypolicy = policy("myuser", USER) + mypolicy = policy("myuser", USER)
+ mypolicy.set_program("/usr/bin/myuser") + mypolicy.set_program("/usr/bin/myuser")
@ -7523,7 +7532,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.add_file("/var/lib/myuser/myuser.sock") + mypolicy.add_file("/var/lib/myuser/myuser.sock")
+ mypolicy.set_out_tcp(0,"8000") + mypolicy.set_out_tcp(0,"8000")
+ mypolicy.set_transition_users(["unconfined_u", "staff_u"]) + mypolicy.set_transition_users(["unconfined_u", "staff_u"])
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ +
+ mypolicy = policy("myrwho", DAEMON) + mypolicy = policy("myrwho", DAEMON)
@ -7537,7 +7546,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_use_pam(True) + mypolicy.set_use_pam(True)
+ mypolicy.add_dir("/var/run/myrwho") + mypolicy.add_dir("/var/run/myrwho")
+ mypolicy.add_dir("/var/lib/myrwho") + mypolicy.add_dir("/var/lib/myrwho")
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ mypolicy = policy("myinetd", INETD) + mypolicy = policy("myinetd", INETD)
+ mypolicy.set_program("/usr/bin/mytest") + mypolicy.set_program("/usr/bin/mytest")
@ -7562,7 +7571,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_use_terminal(True) + mypolicy.set_use_terminal(True)
+ mypolicy.set_use_mail(True) + mypolicy.set_use_mail(True)
+ mypolicy.set_out_tcp(0,"8000") + mypolicy.set_out_tcp(0,"8000")
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ +
+ mypolicy = policy("mydbus", DBUS) + mypolicy = policy("mydbus", DBUS)
@ -7573,24 +7582,27 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_use_tmp(True) + mypolicy.set_use_tmp(True)
+ mypolicy.set_use_syslog(True) + mypolicy.set_use_syslog(True)
+ mypolicy.set_use_pam(True) + mypolicy.set_use_pam(True)
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ mypolicy = policy("mytuser", TUSER) + mypolicy = policy("mytuser", TUSER)
+ mypolicy.set_transition_domains(["sudo"])
+ mypolicy.set_admin_roles(["mydbadm"]) + mypolicy.set_admin_roles(["mydbadm"])
+ mypolicy.add_boolean("allow_mytuser_setuid", "Allow mytuser users to run setuid applications") + mypolicy.add_boolean("allow_mytuser_setuid", "Allow mytuser users to run setuid applications")
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ mypolicy = policy("myxuser", XUSER) + mypolicy = policy("myxuser", XUSER)
+ mypolicy.set_in_tcp(1, 1, 1, "28920") + mypolicy.set_in_tcp(1, 1, 1, "28920")
+ mypolicy.set_in_udp(0, 0, 1, "1513") + mypolicy.set_in_udp(0, 0, 1, "1513")
+ mypolicy.set_transition_domains(["mozilla"]) + mypolicy.set_transition_domains(["mozilla"])
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ +
+ mypolicy = policy("mydbadm", RUSER) + mypolicy = policy("mydbadm", RUSER)
+ mypolicy.set_admin_domains(["postgresql", "mysql"]) + mypolicy.set_admin_domains(["postgresql", "mysql"])
+ print mypolicy.generate("/var/tmp") + print mypolicy.generate(tmpdir)
+ + os.chdir(tmpdir)
+ rc, output=commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile1")
+ print output
+ print type(rc), os.WEXITSTATUS(rc)
+ sys.exit(os.WEXITSTATUS(rc))
+ +
+import os, sys, getopt, socket, random, fcntl +import os, sys, getopt, socket, random, fcntl
+ +
@ -7610,7 +7622,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ print _(""" + print _("""
+%s +%s
+ +
+polgen [ -m ] [ -t type ] executable +polgen [ -m ] [ -t type ] [ executable | Name ]
+valid Types: +valid Types:
+""") % msg +""") % msg
+ keys=poltype.keys() + keys=poltype.keys()
@ -7655,13 +7667,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ usage(_("Options Error %s ") % error.msg) + usage(_("Options Error %s ") % error.msg)
+ +
+ if len(cmds) == 0: + if len(cmds) == 0:
+ usage(_("Executable required")) + usage(_("Executable or Name required"))
+ +
+ try: + try:
+ if not name: + if not name:
+ name = os.path.basename(cmds[0]).replace("-","_") + name = os.path.basename(cmds[0]).replace("-","_")
+ cmd = cmds[0] + cmd = cmds[0]
+ mypolicy = policy(name, setype) + mypolicy = policy(name, setype)
+ if setype in APPLICATIONS:
+ mypolicy.set_program(cmd) + mypolicy.set_program(cmd)
+ for f in gen_writeable(cmd): + for f in gen_writeable(cmd):
+ for b in mypolicy.DEFAULT_DIRS: + for b in mypolicy.DEFAULT_DIRS:
@ -7689,9 +7702,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.exit(0) + sys.exit(0)
+ except ValueError, e: + except ValueError, e:
+ usage(e) + usage(e)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.82/gui/portsPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.83/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/portsPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/portsPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,259 @@ @@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings +## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -7952,9 +7965,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ +
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.82/gui/selinux.tbl diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.83/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/selinux.tbl 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/selinux.tbl 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,234 @@ @@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /") +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -8190,9 +8203,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories") +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories") +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.82/gui/semanagePage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.83/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/semanagePage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/semanagePage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,168 @@ @@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings +## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc. +## Copyright (C) 2006 Red Hat, Inc.
@ -8362,9 +8375,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.load(self.filter) + self.load(self.filter)
+ return True + return True
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.82/gui/statusPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.83/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/statusPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/statusPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,190 @@ @@ -0,0 +1,190 @@
+# statusPage.py - show selinux status +# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc. +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8556,9 +8569,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ return self.types[self.selinuxTypeOptionMenu.get_active()] + return self.types[self.selinuxTypeOptionMenu.get_active()]
+ +
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.82/gui/system-config-selinux.glade diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.83/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/system-config-selinux.glade 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,3024 @@ @@ -0,0 +1,3024 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd"> +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -11584,9 +11597,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</widget> +</widget>
+ +
+</glade-interface> +</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.82/gui/system-config-selinux.gladep diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.83/gui/system-config-selinux.gladep
--- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/system-config-selinux.gladep 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*--> +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd"> +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -11595,11 +11608,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ <name></name> + <name></name>
+ <program_name></program_name> + <program_name></program_name>
+</glade-project> +</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.82/gui/system-config-selinux.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.83/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/system-config-selinux.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-07-13 13:10:11.000000000 -0400
@@ -0,0 +1,187 @@ @@ -0,0 +1,187 @@
+#!/usr/bin/python +#!/usr/bin/python -Es
+# +#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux +# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
+# +#
@ -11786,9 +11799,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ +
+ app = childWindow() + app = childWindow()
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.82/gui/templates/boolean.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.83/gui/templates/boolean.py
--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/boolean.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -11830,9 +11843,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
+') +')
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.82/gui/templates/etc_rw.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.83/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/etc_rw.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,113 @@ @@ -0,0 +1,113 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -11947,10 +11960,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.82/gui/templates/executable.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.83/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/executable.py 2010-06-07 16:40:33.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/executable.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,361 @@ @@ -0,0 +1,382 @@
+# Copyright (C) 2007-2009 Red Hat +# Copyright (C) 2007-2009 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
+# +#
@ -12049,7 +12062,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+ +
+apache_content_template(TEMPLATETYPE) +apache_content_template(TEMPLATETYPE)
+ +
+permissive http_TEMPLATETYPE_script_t; +permissive httpd_TEMPLATETYPE_script_t;
+""" +"""
+ +
+te_daemon_rules=""" +te_daemon_rules="""
@ -12127,20 +12140,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+miscfiles_read_localization(TEMPLATETYPE_t) +miscfiles_read_localization(TEMPLATETYPE_t)
+""" +"""
+ +
+te_userapp_trans_rules=""" +########################### Interface File #############################
+optional_policy(`
+ gen_require(`
+ type USER_t;
+ role USER_r;
+ ')
+ +
+ TEMPLATETYPE_run(USER_t, USER_r) +if_heading_rules="""
+') +## <summary>policy for TEMPLATETYPE</summary>
+""" +"""
+ +
+########################### Interface File #############################
+if_program_rules=""" +if_program_rules="""
+## <summary>policy for TEMPLATETYPE</summary>
+ +
+######################################## +########################################
+## <summary> +## <summary>
@ -12215,6 +12221,29 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+ ps_process_pattern($2, TEMPLATETYPE_t) + ps_process_pattern($2, TEMPLATETYPE_t)
+ allow $2 TEMPLATETYPE_t:process signal; + allow $2 TEMPLATETYPE_t:process signal;
+') +')
+
+"""
+
+if_role_change_rules="""
+########################################
+## <summary>
+## Change to the TEMPLATETYPE role.
+## </summary>
+## <param name="role">
+## <summary>
+## Role allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`TEMPLATETYPE_role_change',`
+ gen_require(`
+ role TEMPLATETYPE_r;
+ ')
+
+ allow $1 TEMPLATETYPE_r;
+')
+
+""" +"""
+ +
+if_initscript_rules=""" +if_initscript_rules="""
@ -12308,13 +12337,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+ +
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0) +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
+""" +"""
+
+fc_user="""\
+# Users do not have file context, leave blank
+"""
+
+fc_initscript="""\ +fc_initscript="""\
+ +
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0) +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.82/gui/templates/__init__.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.83/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/__init__.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,18 @@ @@ -0,0 +1,18 @@
+# +#
+# Copyright (C) 2007 Red Hat, Inc. +# Copyright (C) 2007 Red Hat, Inc.
@ -12334,9 +12368,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+# +#
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.82/gui/templates/network.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.83/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/network.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/network.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,80 @@ @@ -0,0 +1,80 @@
+te_port_types=""" +te_port_types="""
+type TEMPLATETYPE_port_t; +type TEMPLATETYPE_port_t;
@ -12418,9 +12452,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.82/gui/templates/rw.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.83/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/rw.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/rw.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,131 @@ @@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -12553,9 +12587,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+fc_dir=""" +fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.82/gui/templates/script.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.83/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/script.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/script.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,126 @@ @@ -0,0 +1,126 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -12683,9 +12717,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+_EOF +_EOF
+fi +fi
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.82/gui/templates/semodule.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.83/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/semodule.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -12728,9 +12762,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.82/gui/templates/tmp.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.83/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/tmp.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,102 @@ @@ -0,0 +1,102 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -12834,10 +12868,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+ files_search_tmp($1) + files_search_tmp($1)
+ admin_pattern($1, TEMPLATETYPE_tmp_t) + admin_pattern($1, TEMPLATETYPE_tmp_t)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.82/gui/templates/user.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/user.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/user.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,179 @@ @@ -0,0 +1,195 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
+# +#
@ -12880,7 +12914,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+# Declarations +# Declarations
+# +#
+ +
+userdom_admin_login_user_template(TEMPLATETYPE) +userdom_admin_user_template(TEMPLATETYPE)
+""" +"""
+ +
+te_min_login_user_types="""\ +te_min_login_user_types="""\
@ -12933,6 +12967,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+# +#
+# TEMPLATETYPE local policy +# TEMPLATETYPE local policy
+# +#
+
+""" +"""
+ +
+te_existing_user_rules="""\ +te_existing_user_rules="""\
@ -12966,6 +13001,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+') +')
+""" +"""
+ +
+te_user_trans_rules="""
+optional_policy(`
+ gen_require(`
+ role USER_r;
+ ')
+
+ TEMPLATETYPE_role_change(USER_r)
+')
+"""
+
+te_admin_rules=""" +te_admin_rules="""
+allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice }; +allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
+files_dontaudit_search_all_dirs(TEMPLATETYPE_t) +files_dontaudit_search_all_dirs(TEMPLATETYPE_t)
@ -12981,45 +13026,50 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t) +domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t)
+domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t) +domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t)
+ +
+userdom_dontaudit_search_sysadm_home_dirs(TEMPLATETYPE_t) +userdom_dontaudit_search_admin_dir(TEMPLATETYPE_t)
+userdom_dontaudit_search_generic_user_home_dirs(TEMPLATETYPE_t) +userdom_dontaudit_search_user_home_dirs(TEMPLATETYPE_t)
+ +
+bool TEMPLATETYPE_read_user_files false; +bool TEMPLATETYPE_read_user_files false;
+bool TEMPLATETYPE_manage_user_files false; +bool TEMPLATETYPE_manage_user_files false;
+ +
+if (TEMPLATETYPE_read_user_files) { +if (TEMPLATETYPE_read_user_files) {
+ userdom_read_unpriv_users_home_content_files(TEMPLATETYPE_t) + userdom_read_user_home_content_files(TEMPLATETYPE_t)
+ userdom_read_unpriv_users_tmp_files(TEMPLATETYPE_t) + userdom_read_user_tmp_files(TEMPLATETYPE_t)
+} +}
+ +
+if (TEMPLATETYPE_manage_user_files) { +if (TEMPLATETYPE_manage_user_files) {
+ userdom_manage_unpriv_users_home_content_dirs(TEMPLATETYPE_t) + userdom_manage_user_home_content(TEMPLATETYPE_t)
+ userdom_read_unpriv_users_tmp_files(TEMPLATETYPE_t) + userdom_manage_user_tmp_files(TEMPLATETYPE_t)
+ userdom_write_unpriv_users_tmp_files(TEMPLATETYPE_t)
+} +}
+ +
+""" +"""
+ +
+te_admin_trans_rules=""" +te_admin_trans_rules="""
+userdom_role_change_template(USER, TEMPLATETYPE) +allow user_r TEMPLATETYPE_r;
+""" +"""
+ +
+te_admin_domain_rules=""" +te_admin_domain_rules="""
+optional_policy(` +optional_policy(`
+ APPLICATION_admin(TEMPLATETYPE_t, TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t }) + APPLICATION_admin(TEMPLATETYPE_t, TEMPLATETYPE_r, { TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+') +')
+""" +"""
+ +
+te_roles_rules=""" +te_roles_rules="""
+userdom_role_change_template(TEMPLATETYPE, ROLE) +ROLE_role_change(TEMPLATETYPE_r)
+"""
+
+te_sudo_rules="""
+optional_policy(`
+ sudo_role_template(TEMPLATETYPE, TEMPLATETYPE_r, TEMPLATETYPE_t)
+')
+""" +"""
+ +
+te_newrole_rules=""" +te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t }) +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r, { TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.82/gui/templates/var_cache.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.83/gui/templates/var_cache.py
--- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/var_cache.py 2010-06-07 16:46:31.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,133 @@ @@ -0,0 +1,133 @@
+# Copyright (C) 2010 Red Hat +# Copyright (C) 2010 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -13154,9 +13204,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.82/gui/templates/var_lib.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.83/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/var_lib.py 2010-05-26 09:29:58.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,161 @@ @@ -0,0 +1,161 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -13319,9 +13369,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.82/gui/templates/var_log.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.83/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/var_log.py 2010-05-26 09:32:01.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,116 @@ @@ -0,0 +1,116 @@
+# Copyright (C) 2007,2010 Red Hat +# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -13439,9 +13489,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+""" +"""
+ +
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.82/gui/templates/var_run.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.83/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/var_run.py 2010-05-26 09:28:54.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,101 @@ @@ -0,0 +1,101 @@
+# Copyright (C) 2007,2010 Red Hat +# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -13544,9 +13594,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.82/gui/templates/var_spool.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.83/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/templates/var_spool.py 2010-06-07 16:46:58.000000000 -0400 +++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,133 @@ @@ -0,0 +1,133 @@
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -13681,9 +13731,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+fc_dir="""\ +fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0) +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+""" +"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.82/gui/usersPage.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.83/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.82/gui/usersPage.py 2010-04-28 17:12:20.000000000 -0400 +++ policycoreutils-2.0.83/gui/usersPage.py 2010-06-16 08:22:43.000000000 -0400
@@ -0,0 +1,150 @@ @@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings +## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc. +## Copyright (C) 2006,2007,2008 Red Hat, Inc.

138624
policycoreutils-po.patch
View File

File diff suppressed because it is too large Load Diff