sepolicy manpage:
- use nroff instead of man2html - Remove checking for name of person who created the man page - audit2allow - Fix output to show the level that is different.
This commit is contained in:
Dan Walsh
parent
38c288127b
commit
f5c1b2817f
@ -2897,7 +2897,7 @@ index 8b063ca..c9036c3 100644
|
|||||||
trans_list.append(m[0])
|
trans_list.append(m[0])
|
||||||
return trans_list
|
return trans_list
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
|
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||||
index 25062da..757ae2b 100755
|
index 25062da..f184b0c 100755
|
||||||
--- a/policycoreutils/sepolicy/sepolicy/manpage.py
|
--- a/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||||
+++ b/policycoreutils/sepolicy/sepolicy/manpage.py
|
+++ b/policycoreutils/sepolicy/sepolicy/manpage.py
|
||||||
@@ -28,12 +28,12 @@ import string
|
@@ -28,12 +28,12 @@ import string
|
||||||
@ -2915,7 +2915,26 @@ index 25062da..757ae2b 100755
|
|||||||
|
|
||||||
equiv_dirs=[ "/var" ]
|
equiv_dirs=[ "/var" ]
|
||||||
modules_dict = None
|
modules_dict = None
|
||||||
@@ -416,40 +416,33 @@ class ManPage:
|
@@ -184,14 +184,12 @@ def get_alphabet_manpages(manpage_list):
|
||||||
|
return alphabet_manpages
|
||||||
|
|
||||||
|
def convert_manpage_to_html(html_manpage,manpage):
|
||||||
|
- fd = open(html_manpage,'w')
|
||||||
|
- rc, output = commands.getstatusoutput("man2html -r %s" % manpage)
|
||||||
|
+ rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
|
||||||
|
if rc == 0:
|
||||||
|
+ print html_manpage, " has been created"
|
||||||
|
+ fd = open(html_manpage,'w')
|
||||||
|
fd.write(output)
|
||||||
|
- else:
|
||||||
|
- fd.write("Man page does not exist")
|
||||||
|
-
|
||||||
|
- fd.close()
|
||||||
|
+ fd.close()
|
||||||
|
|
||||||
|
class HTMLManPages:
|
||||||
|
"""
|
||||||
|
@@ -416,40 +414,33 @@ class ManPage:
|
||||||
"""
|
"""
|
||||||
Generate a Manpage on an SELinux domain in the specified path
|
Generate a Manpage on an SELinux domain in the specified path
|
||||||
"""
|
"""
|
||||||
@ -2974,7 +2993,7 @@ index 25062da..757ae2b 100755
|
|||||||
self.booleans_dict = gen_bool_dict(self.xmlpath)
|
self.booleans_dict = gen_bool_dict(self.xmlpath)
|
||||||
|
|
||||||
if domainname.endswith("_t"):
|
if domainname.endswith("_t"):
|
||||||
@@ -459,7 +452,10 @@ class ManPage:
|
@@ -459,7 +450,10 @@ class ManPage:
|
||||||
|
|
||||||
if self.domainname + "_t" not in self.all_domains:
|
if self.domainname + "_t" not in self.all_domains:
|
||||||
raise ValueError("domain %s_t does not exist" % self.domainname)
|
raise ValueError("domain %s_t does not exist" % self.domainname)
|
||||||
@ -2986,7 +3005,7 @@ index 25062da..757ae2b 100755
|
|||||||
|
|
||||||
self.type = self.domainname + "_t"
|
self.type = self.domainname + "_t"
|
||||||
self._gen_bools()
|
self._gen_bools()
|
||||||
@@ -483,16 +479,23 @@ class ManPage:
|
@@ -483,16 +477,23 @@ class ManPage:
|
||||||
def _gen_bools(self):
|
def _gen_bools(self):
|
||||||
self.bools=[]
|
self.bools=[]
|
||||||
self.domainbools=[]
|
self.domainbools=[]
|
||||||
@ -3020,7 +3039,7 @@ index 25062da..757ae2b 100755
|
|||||||
|
|
||||||
self.bools.sort()
|
self.bools.sort()
|
||||||
self.domainbools.sort()
|
self.domainbools.sort()
|
||||||
@@ -538,9 +541,6 @@ class ManPage:
|
@@ -538,9 +539,6 @@ class ManPage:
|
||||||
print path
|
print path
|
||||||
|
|
||||||
def __gen_man_page(self):
|
def __gen_man_page(self):
|
||||||
@ -3030,18 +3049,29 @@ index 25062da..757ae2b 100755
|
|||||||
self.anon_list = []
|
self.anon_list = []
|
||||||
|
|
||||||
self.attributes = {}
|
self.attributes = {}
|
||||||
@@ -563,8 +563,8 @@ class ManPage:
|
@@ -563,19 +561,8 @@ class ManPage:
|
||||||
|
|
||||||
def _get_ptypes(self):
|
def _get_ptypes(self):
|
||||||
for f in self.all_domains:
|
for f in self.all_domains:
|
||||||
- if f.startswith(self.short_name):
|
- if f.startswith(self.short_name):
|
||||||
- self.ptypes.append(f)
|
- self.ptypes.append(f)
|
||||||
|
-
|
||||||
|
- def __whoami(self):
|
||||||
|
- import pwd
|
||||||
|
- fd = open("/proc/self/loginuid", "r")
|
||||||
|
- uid = int(fd.read())
|
||||||
|
- fd.close()
|
||||||
|
- pw = pwd.getpwuid(uid)
|
||||||
|
- if len(pw.pw_gecos) > 0:
|
||||||
|
- return pw.pw_gecos
|
||||||
|
- else:
|
||||||
|
- return pw.pw_name
|
||||||
+ if f.startswith(self.short_name) or f.startswith(self.domainname):
|
+ if f.startswith(self.short_name) or f.startswith(self.domainname):
|
||||||
+ self.ptypes.append(f)
|
+ self.ptypes.append(f)
|
||||||
|
|
||||||
def __whoami(self):
|
def _header(self):
|
||||||
import pwd
|
self.fd.write('.TH "%(domainname)s_selinux" "8" "%(date)s" "%(domainname)s" "SELinux Policy documentation for %(domainname)s"'
|
||||||
@@ -774,7 +774,7 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
@@ -774,7 +761,7 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
|
||||||
def _port_types(self):
|
def _port_types(self):
|
||||||
self.ports = []
|
self.ports = []
|
||||||
for f in self.all_port_types:
|
for f in self.all_port_types:
|
||||||
@ -3050,7 +3080,7 @@ index 25062da..757ae2b 100755
|
|||||||
self.ports.append(f)
|
self.ports.append(f)
|
||||||
|
|
||||||
if len(self.ports) == 0:
|
if len(self.ports) == 0:
|
||||||
@@ -923,13 +923,12 @@ to apply the labels.
|
@@ -923,13 +910,12 @@ to apply the labels.
|
||||||
|
|
||||||
def _see_also(self):
|
def _see_also(self):
|
||||||
ret = ""
|
ret = ""
|
||||||
@ -3066,7 +3096,7 @@ index 25062da..757ae2b 100755
|
|||||||
ret += ", %s_selinux(8)" % d
|
ret += ", %s_selinux(8)" % d
|
||||||
self.fd.write(ret)
|
self.fd.write(ret)
|
||||||
|
|
||||||
@@ -947,13 +946,14 @@ semanage fcontext -a -t public_content_t "/var/%(domainname)s(/.*)?"
|
@@ -947,13 +933,14 @@ semanage fcontext -a -t public_content_t "/var/%(domainname)s(/.*)?"
|
||||||
.B restorecon -F -R -v /var/%(domainname)s
|
.B restorecon -F -R -v /var/%(domainname)s
|
||||||
.pp
|
.pp
|
||||||
.TP
|
.TP
|
||||||
@ -3083,7 +3113,22 @@ index 25062da..757ae2b 100755
|
|||||||
""" % {'domainname':self.domainname})
|
""" % {'domainname':self.domainname})
|
||||||
for b in self.anon_list:
|
for b in self.anon_list:
|
||||||
desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
|
desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
|
||||||
@@ -1230,6 +1230,7 @@ The SELinux user %s_u is not able to terminal login.
|
@@ -998,12 +985,11 @@ is a GUI tool available to customize SELinux policy settings.
|
||||||
|
|
||||||
|
.SH AUTHOR
|
||||||
|
This manual page was auto-generated using
|
||||||
|
-.B "sepolicy manpage"
|
||||||
|
-by %s.
|
||||||
|
+.B "sepolicy manpage".
|
||||||
|
|
||||||
|
.SH "SEE ALSO"
|
||||||
|
selinux(8), %s(8), semanage(8), restorecon(8), chcon(1), sepolicy(8)
|
||||||
|
-""" % (self.__whoami(), self.domainname))
|
||||||
|
+""" % (self.domainname))
|
||||||
|
|
||||||
|
if self.booltext != "":
|
||||||
|
self.fd.write(", setsebool(8)")
|
||||||
|
@@ -1230,6 +1216,7 @@ The SELinux user %s_u is not able to terminal login.
|
||||||
""" % self.domainname)
|
""" % self.domainname)
|
||||||
|
|
||||||
def _network(self):
|
def _network(self):
|
||||||
|
|||||||
@ -7,7 +7,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.1.14
|
Version: 2.1.14
|
||||||
Release: 22%{?dist}
|
Release: 23%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
# Based on git repository with tag 20101221
|
# Based on git repository with tag 20101221
|
||||||
@ -309,6 +309,13 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 19 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-23
|
||||||
|
- sepolicy manpage:
|
||||||
|
- use nroff instead of man2html
|
||||||
|
- Remove checking for name of person who created the man page
|
||||||
|
- audit2allow
|
||||||
|
- Fix output to show the level that is different.
|
||||||
|
|
||||||
* Thu Mar 14 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-22
|
* Thu Mar 14 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-22
|
||||||
- Fix newrole to not drop capabilities from the bounding set.
|
- Fix newrole to not drop capabilities from the bounding set.
|
||||||
- Stop dropping capabilities from its children.
|
- Stop dropping capabilities from its children.
|
||||||
@ -318,6 +325,11 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
* Mon Mar 11 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-21
|
* Mon Mar 11 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-21
|
||||||
- sepolicy generate should look for booleans that effect equivalence names, and add them to the man page
|
- sepolicy generate should look for booleans that effect equivalence names, and add them to the man page
|
||||||
|
|
||||||
|
* Thu Mar 7 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-20
|
||||||
|
- Mention creation of permissive domains in sepolicy generate man page
|
||||||
|
- Change sepolicy manpage to use shortname with an "_" to stop accidently grabbing unrelated types for a domain.
|
||||||
|
- Fix audit2allow to show better information on constraint violations.
|
||||||
|
|
||||||
* Wed Mar 6 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-19
|
* Wed Mar 6 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-19
|
||||||
- Have restorecon exit -1 on errors for consistancy.
|
- Have restorecon exit -1 on errors for consistancy.
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user