rpms
/
policycoreutils
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

*** empty log message ***

This commit is contained in:
Daniel J Walsh 2007-11-02 20:27:48 +00:00
parent 951b855b36
commit f73ca01a5e
2 changed files with 148 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
policycoreutils-rhat.patch
View File

@ -135,9 +135,74 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
}
free(scontext);
close(fd);
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.31/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2007-10-05 13:09:53.000000000 -0400
+++ policycoreutils-2.0.31/semanage/semanage 2007-11-02 15:50:54.000000000 -0400
@@ -1,5 +1,5 @@
#! /usr/bin/python -E
-# Copyright (C) 2005 Red Hat
+# Copyright (C) 2005, 2006, 2007 Red Hat
# see file 'COPYING' for use and warranty information
#
# semanage is a tool for managing SELinux configuration files
@@ -115,7 +115,7 @@
valid_option["translation"] = []
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = []
- valid_option["boolean"] += valid_everyone
+ valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0" ]
return valid_option
#
@@ -135,7 +135,7 @@
seuser = ""
prefix = ""
heading=1
-
+ value=0
add = 0
modify = 0
delete = 0
@@ -154,7 +154,7 @@
args = sys.argv[2:]
gopts, cmds = getopt.getopt(args,
- 'adf:lhmnp:s:CDR:L:r:t:T:P:S:',
+ '01adf:lhmnp:s:CDR:L:r:t:T:P:S:',
['add',
'delete',
'deleteall',
@@ -164,6 +164,8 @@
'modify',
'noheading',
'localist',
+ 'off',
+ 'on',
'proto=',
'seuser=',
'store=',
@@ -242,6 +244,11 @@
if o == "-T" or o == "--trans":
setrans = a
+ if o == "--on" or o == "-1":
+ value = 1
+ if o == "-off" or o == "-0":
+ value = 0
+
if object == "login":
OBJECT = seobject.loginRecords(store)
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.31/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2007-10-07 21:46:43.000000000 -0400
+++ policycoreutils-2.0.31/semanage/seobject.py 2007-10-31 06:52:51.000000000 -0400
+++ policycoreutils-2.0.31/semanage/seobject.py 2007-11-02 15:51:27.000000000 -0400
@@ -1,5 +1,5 @@
#! /usr/bin/python -E
-# Copyright (C) 2005 Red Hat
+# Copyright (C) 2005, 2006, 2007 Red Hat
# see file 'COPYING' for use and warranty information
#
# semanage is a tool for managing SELinux configuration files
@@ -1095,7 +1092,13 @@
return con
@ -160,3 +225,76 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po
(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
if rc < 0:
@@ -1303,9 +1307,35 @@
else:
print "%-50s %-18s <<None>>" % (fcon[0], fcon[1])
+import sys, os
+import re
+import xml.etree.ElementTree
+
class booleanRecords(semanageRecords):
+
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
+ self.dict={}
+
+ tree=xml.etree.ElementTree.parse("/usr/share/selinux/devel/policy.xml")
+ for l in tree.findall("layer"):
+ for m in l.findall("module"):
+ for b in m.findall("tunable"):
+ desc = b.find("desc").find("p").text.strip("\n")
+ desc = re.sub("\n", " ", desc)
+ self.dict[b.get('name')] = (m.get("name"), b.get('dftval'), desc)
+ for b in m.findall("bool"):
+ desc = b.find("desc").find("p").text.strip("\n")
+ desc = re.sub("\n", " ", desc)
+ self.dict[b.get('name')] = (m.get("name"), b.get('dftval'), desc)
+ for i in tree.findall("bool"):
+ desc = i.find("desc").find("p").text.strip("\n")
+ desc = re.sub("\n", " ", desc)
+ self.dict[i.get('name')] = ("Global", i.get('dftval'), desc)
+ for i in tree.findall("tunable"):
+ desc = i.find("desc").find("p").text.strip("\n")
+ desc = re.sub("\n", " ", desc)
+ self.dict[i.get('name')] = ("Global", i.get('dftval'), desc)
def modify(self, name, value = ""):
if value == "":
@@ -1328,11 +1358,14 @@
if value != "":
nvalue = int(value)
semanage_bool_set_value(b, nvalue)
+ else:
+ raise ValueError(_("You must specify a value"))
rc = semanage_begin_transaction(self.sh)
if rc < 0:
raise ValueError(_("Could not start semanage transaction"))
+ rc = semanage_bool_set_active(self.sh, k, b)
rc = semanage_bool_modify_local(self.sh, k, b)
if rc < 0:
raise ValueError(_("Could not modify boolean %s") % name)
@@ -1416,11 +1449,19 @@
return ddict
+ def get_desc(self, boolean):
+ if boolean in self.dict:
+ return _(self.dict[boolean][2])
+ else:
+ return boolean
+
def list(self, heading = 1, locallist = 0):
+ on_off = (_("off"),_("on"))
if heading:
- print "%-50s %7s %7s %7s\n" % (_("SELinux boolean"), _("value"), _("pending"), _("active") )
+ print "%-40s %s\n" % (_("SELinux boolean"), _("Description"))
ddict = self.get_all(locallist)
keys = ddict.keys()
for k in keys:
if ddict[k]:
- print "%-50s %7d %7d %7d " % (k, ddict[k][0],ddict[k][1], ddict[k][2])
+ print "%-30s -> %-5s %s" % (k, on_off[ddict[k][2]], self.get_desc(k))
+

11
policycoreutils.spec
View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.31
Release: 9%{?dist}
Release: 11%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -111,7 +111,7 @@ Requires: gnome-python2, pygtk2, pygtk2-libglade, gnome-python2-canvas
Requires: usermode, rhpl
Requires: python >= 2.4
BuildRequires: desktop-file-utils
Requires: selinux-policy
Requires: selinux-policy-devel
%description gui
system-config-selinux is a utility for managing the SELinux environment
@ -208,6 +208,13 @@ fi
%changelog
* Fri Nov 2 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-11
- Translate booleans via policy.xml
- Allow booleans to be set via semanage
* Thu Nov 1 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-10
- Require use of selinux-policy-devel
* Wed Oct 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-9
- Validate semanage fcontext input
- Fix template names for log files in gui