diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 99d6c4d..6955be6 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -4211,7 +4211,7 @@ index 70d1a20..fb6a79b 100644 +.br Examples by Thomas Bleher . diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py -index b7d257b..d5920aa 100644 +index b7d257b..4462c9e 100644 --- a/policycoreutils/semanage/seobject.py +++ b/policycoreutils/semanage/seobject.py @@ -25,51 +25,17 @@ import pwd, grp, string, selinux, tempfile, os, re, sys, stat @@ -4593,18 +4593,18 @@ index b7d257b..d5920aa 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number")) -@@ -958,21 +1094,35 @@ class portRecords(semanageRecords): +@@ -958,21 +1094,36 @@ class portRecords(semanageRecords): class nodeRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self,store) -- -- def __add(self, addr, mask, proto, serange, ctype): + self.protocol = ["ipv4", "ipv6"] + + def validate(self, addr, mask, protocol): -+ newaddr="" -+ newmask="" ++ newaddr=addr ++ newmask=mask + newprotocol="" + +- def __add(self, addr, mask, proto, serange, ctype): if addr == "": raise ValueError(_("Node Address is required")) @@ -4619,14 +4619,14 @@ index b7d257b..d5920aa 100644 + # verify valid comination + if len(mask) == 0 or mask[0] == "/": + i = IP(addr + mask) -+ else: -+ i = IP(addr + "/" + mask) -+ newaddr = i.strNormal(0) -+ newmask = str(i.netmask()) -+ if protocol == "": ++ newaddr = i.strNormal(0) ++ newmask = str(i.netmask()) ++ if newmask == "0.0.0.0" and i.version() == 6: ++ newmask = "::" ++ + protocol = "ipv%d" % i.version() -+ -+ try: ++ ++ try: + newprotocol = self.protocol.index(protocol) + except: raise ValueError(_("Unknown or missing protocol")) @@ -4639,7 +4639,7 @@ index b7d257b..d5920aa 100644 if is_mls_enabled == 1: if serange == "": -@@ -991,11 +1141,13 @@ class nodeRecords(semanageRecords): +@@ -991,11 +1142,13 @@ class nodeRecords(semanageRecords): (rc, exists) = semanage_node_exists(self.sh, k) if exists: @@ -4654,7 +4654,7 @@ index b7d257b..d5920aa 100644 rc = semanage_node_set_addr(self.sh, node, proto, addr) (rc, con) = semanage_context_create(self.sh) -@@ -1005,8 +1157,7 @@ class nodeRecords(semanageRecords): +@@ -1005,8 +1158,7 @@ class nodeRecords(semanageRecords): rc = semanage_node_set_mask(self.sh, node, proto, mask) if rc < 0: raise ValueError(_("Could not set mask for %s") % addr) @@ -4664,7 +4664,7 @@ index b7d257b..d5920aa 100644 rc = semanage_context_set_user(self.sh, con, "system_u") if rc < 0: raise ValueError(_("Could not set user in addr context for %s") % addr) -@@ -1042,18 +1193,8 @@ class nodeRecords(semanageRecords): +@@ -1042,18 +1194,8 @@ class nodeRecords(semanageRecords): self.commit() def __modify(self, addr, mask, proto, serange, setype): @@ -4684,7 +4684,7 @@ index b7d257b..d5920aa 100644 if serange == "" and setype == "": raise ValueError(_("Requires setype or serange")) -@@ -1068,12 +1209,11 @@ class nodeRecords(semanageRecords): +@@ -1068,12 +1210,11 @@ class nodeRecords(semanageRecords): if not exists: raise ValueError(_("Addr %s is not defined") % addr) @@ -4698,7 +4698,7 @@ index b7d257b..d5920aa 100644 if serange != "": semanage_context_set_mls(self.sh, con, untranslate(serange)) if setype != "": -@@ -1092,18 +1232,8 @@ class nodeRecords(semanageRecords): +@@ -1092,18 +1233,8 @@ class nodeRecords(semanageRecords): self.commit() def __delete(self, addr, mask, proto): @@ -4718,7 +4718,7 @@ index b7d257b..d5920aa 100644 (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) if rc < 0: -@@ -1132,6 +1262,16 @@ class nodeRecords(semanageRecords): +@@ -1132,6 +1263,16 @@ class nodeRecords(semanageRecords): self.__delete(addr, mask, proto) self.commit() @@ -4735,7 +4735,7 @@ index b7d257b..d5920aa 100644 def get_all(self, locallist = 0): ddict = {} if locallist : -@@ -1145,15 +1285,20 @@ class nodeRecords(semanageRecords): +@@ -1145,15 +1286,20 @@ class nodeRecords(semanageRecords): con = semanage_node_get_con(node) addr = semanage_node_get_addr(self.sh, node) mask = semanage_node_get_mask(self.sh, node) @@ -4761,7 +4761,7 @@ index b7d257b..d5920aa 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context") -@@ -1193,7 +1338,8 @@ class interfaceRecords(semanageRecords): +@@ -1193,7 +1339,8 @@ class interfaceRecords(semanageRecords): if rc < 0: raise ValueError(_("Could not check if interface %s is defined") % interface) if exists: @@ -4771,7 +4771,7 @@ index b7d257b..d5920aa 100644 (rc, iface) = semanage_iface_create(self.sh) if rc < 0: -@@ -1307,6 +1453,16 @@ class interfaceRecords(semanageRecords): +@@ -1307,6 +1454,16 @@ class interfaceRecords(semanageRecords): self.__delete(interface) self.commit() @@ -4788,7 +4788,7 @@ index b7d257b..d5920aa 100644 def get_all(self, locallist = 0): ddict = {} if locallist: -@@ -1322,6 +1478,15 @@ class interfaceRecords(semanageRecords): +@@ -1322,6 +1479,15 @@ class interfaceRecords(semanageRecords): return ddict @@ -4804,7 +4804,7 @@ index b7d257b..d5920aa 100644 def list(self, heading = 1, locallist = 0): if heading: print "%-30s %s\n" % (_("SELinux Interface"), _("Context")) -@@ -1338,6 +1503,48 @@ class interfaceRecords(semanageRecords): +@@ -1338,6 +1504,48 @@ class interfaceRecords(semanageRecords): class fcontextRecords(semanageRecords): def __init__(self, store = ""): semanageRecords.__init__(self, store) @@ -4853,7 +4853,7 @@ index b7d257b..d5920aa 100644 def createcon(self, target, seuser = "system_u"): (rc, con) = semanage_context_create(self.sh) -@@ -1364,6 +1571,8 @@ class fcontextRecords(semanageRecords): +@@ -1364,6 +1572,8 @@ class fcontextRecords(semanageRecords): def validate(self, target): if target == "" or target.find("\n") >= 0: raise ValueError(_("Invalid file specification")) @@ -4862,7 +4862,7 @@ index b7d257b..d5920aa 100644 def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"): self.validate(target) -@@ -1388,7 +1597,8 @@ class fcontextRecords(semanageRecords): +@@ -1388,7 +1598,8 @@ class fcontextRecords(semanageRecords): raise ValueError(_("Could not check if file context for %s is defined") % target) if exists: @@ -4872,7 +4872,7 @@ index b7d257b..d5920aa 100644 (rc, fcontext) = semanage_fcontext_create(self.sh) if rc < 0: -@@ -1504,9 +1714,16 @@ class fcontextRecords(semanageRecords): +@@ -1504,9 +1715,16 @@ class fcontextRecords(semanageRecords): raise ValueError(_("Could not delete the file context %s") % target) semanage_fcontext_key_free(k) @@ -4889,7 +4889,7 @@ index b7d257b..d5920aa 100644 (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) if rc < 0: raise ValueError(_("Could not create a key for %s") % target) -@@ -1561,12 +1778,22 @@ class fcontextRecords(semanageRecords): +@@ -1561,12 +1779,22 @@ class fcontextRecords(semanageRecords): return ddict @@ -4914,7 +4914,7 @@ index b7d257b..d5920aa 100644 for k in keys: if fcon_dict[k]: if is_mls_enabled: -@@ -1575,6 +1802,12 @@ class fcontextRecords(semanageRecords): +@@ -1575,6 +1803,12 @@ class fcontextRecords(semanageRecords): print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2]) else: print "%-50s %-18s <>" % (k[0], k[1]) @@ -4927,7 +4927,7 @@ index b7d257b..d5920aa 100644 class booleanRecords(semanageRecords): def __init__(self, store = ""): -@@ -1587,6 +1820,18 @@ class booleanRecords(semanageRecords): +@@ -1587,6 +1821,18 @@ class booleanRecords(semanageRecords): self.dict["1"] = 1 self.dict["0"] = 0 @@ -4946,7 +4946,7 @@ index b7d257b..d5920aa 100644 def __mod(self, name, value): (rc, k) = semanage_bool_key_create(self.sh, name) if rc < 0: -@@ -1606,9 +1851,10 @@ class booleanRecords(semanageRecords): +@@ -1606,9 +1852,10 @@ class booleanRecords(semanageRecords): else: raise ValueError(_("You must specify one of the following values: %s") % ", ".join(self.dict.keys()) ) @@ -4960,7 +4960,7 @@ index b7d257b..d5920aa 100644 rc = semanage_bool_modify_local(self.sh, k, b) if rc < 0: raise ValueError(_("Could not modify boolean %s") % name) -@@ -1691,8 +1937,12 @@ class booleanRecords(semanageRecords): +@@ -1691,8 +1938,12 @@ class booleanRecords(semanageRecords): value = [] name = semanage_bool_get_name(boolean) value.append(semanage_bool_get_value(boolean)) @@ -4975,7 +4975,7 @@ index b7d257b..d5920aa 100644 ddict[name] = value return ddict -@@ -1706,6 +1956,16 @@ class booleanRecords(semanageRecords): +@@ -1706,6 +1957,16 @@ class booleanRecords(semanageRecords): else: return _("unknown") diff --git a/policycoreutils.spec b/policycoreutils.spec index 6da2a16..5322229 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.85 -Release: 26%{?dist} +Release: 27%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -331,9 +331,15 @@ fi exit 0 %changelog +* Thu Mar 24 2011 Dan Walsh 2.0.85-27 +- Fix semange node handling of ipv6 addresses + * Wed Mar 23 2011 Dan Walsh 2.0.85-26 - Fix sepolgen-ifgen call, add -p option +* Wed Mar 23 2011 Dan Walsh 2.0.85-25 +- Fix sepolgen-ifgen call + * Fri Mar 18 2011 Dan Walsh 2.0.85-24 - Fix rsync command to work if the directory is old. - Fix all tests