Commit Graph

720 Commits

Author SHA1 Message Date
Petr Lautrbach
087b495201 update from bachradsusi/selinux branch 2.4
policycoreutils-2.4-0.6
- policycoreutils: semanage: update to new source policy infrastructure
- semanage: move permissive module creation to /tmp
2015-07-03 10:27:31 +02:00
Petr Lautrbach
dec177337d - semanage_migrate_store: add -r <root> option for migrating inside chroots
- fixes needed for secadm_r and auditadm_r in MLS policy
2015-05-25 16:37:16 +02:00
Petr Lautrbach
be16d7c136 Update to upstream release 2.4 from https://github.com/bachradsusi/selinux.git branch 2.4 2015-04-13 13:55:14 +02:00
Petr Lautrbach
15238906cb Simplication of sepolicy-manpage web functionality (#1193552)
system_release is no longer hardcoded and it creates only index.html and html man pages in the directory for the system release.
2015-02-24 17:02:35 +01:00
Petr Lautrbach
bb04b4de9b Re-create policycoreutils-rhat.patch from
03cfe4ebfa
- We need to cover file_context.XXX.homedir to have fixfiles with exclude_dirs working correctly.
- use dnf instead of yum - rhbz#1156547
2015-02-02 17:21:15 +01:00
Petr Lautrbach
9d99a57696 Make packaging more transparent
- add make-rhat-patches.sh script which creates policycoreutils-rhat.patch and sepolgen-rhat.patch patches
- use source files from https://github.com/SELinuxProject/selinux/wiki/Releases
- extract sources to selinux/ directory and build them there

Create -rhat patches from
c83f4d17e7
2015-02-02 16:42:37 +01:00
Miroslav Grepl
180235ba1d - Examples are no longer in the main semanage man page (#1084390)
- Add support for Fedora22 man pages. We need to fix it to not using hardcoding.
- Print usage for all mutually exclusive options.
- Fix selinux man page to refer seinfo and sesearch tools.
2014-07-23 08:26:28 +02:00
Dan Walsh
cbb4c3ee48 Update Miroslav Grepl Patches
* If there is no executable we don't want to print a part of STANDARD FILE CON
  * Add-manpages-for-typealiased-types
  * Make fixfiles_exclude_dirs working if there is a substituion for the given d
2014-05-16 11:48:54 -04:00
Dan Walsh
d60939fccd Update to upstream
* Add -P semodule option to man page from Dan Walsh.
	* selinux_current_policy_path will return none on a disabled SELinux system from Dan Walsh.
	* Add new icons for sepolicy gui from Dan Walsh.
	* Only return writeable files that are enabled from Dan Walsh.
	* Add domain to short list of domains, when -t and -d from Dan Walsh.
	* Fix up desktop files to match current standards from Dan Walsh.
	* Add support to return sensitivities and categories for python from Dan Walsh.
	* Cleanup whitespace from Dan Walsh.
	* Add message to tell user to install sandbox policy from Dan Walsh.
	* Add systemd unit file for mcstrans from Laurent Bigonville.
	* Improve restorecond systemd unit file from Laurent Bigonville.
	* Minor man pages improvements from Laurent Bigonville.
2014-05-06 14:58:32 -04:00
Dan Walsh
e9004a6bf6 Update Translations 2014-04-01 09:37:30 -04:00
Dan Walsh
86feb38872 [PATCH] Add support for Fedora21 html manpage structure
-  From Miroslav Grepl
2014-03-31 08:34:41 -04:00
Dan Walsh
60924625b8 mgrepl [PATCH] Deleteall user customization fails if there is a user used
- for the default login. We do not want to fail on it and continue to delete
- customizations for users which are not used for default login.
2014-03-26 09:15:58 -04:00
Dan Walsh
794d8879f7 Update Translations
- Make selinux-policy build working also on another architectures related to s
- Miroslav grepl patch to fix the creation of man pages on different architectures.
- Add ability to list the actual active modules
- Fix spelling mistake on sesearch in generate man pages.
2014-03-25 10:47:23 -04:00
Dan Walsh
f30728b86b Update Translations
- Make selinux-policy build working also on another architectures related to s
- Miroslav grepl patch to fix the creation of man pages on different architectures.
- Add ability to list the actual active modules
- Fix spelling mistake on sesearch in generate man pages.
2014-03-24 14:56:27 -04:00
Dan Walsh
fec09b4310 Allow manpages to be built on aarch64 2014-02-24 11:45:05 -05:00
Dan Walsh
f17032379c Don't be verbose in fixfiles if there is not tty 2014-02-14 12:33:24 -05:00
Dan Walsh
57422a62c6 Update translations 2014-01-21 09:18:34 -05:00
Dan Walsh
a3dfb2e273 Add Miroslav patch to
- Fix previously_modified_initialize() to show modified changes properly for all selections
2014-01-16 12:34:30 -05:00
Dan Walsh
16f2333d36 Add Miroslav patch to
-    Fix previously_modified_initialize() to show modified changes properly for all selections
2014-01-16 12:12:35 -05:00
Dan Walsh
b371ba3420 Don't require /usr/share/selinux/devel/Makefile to build permissive domains 2014-01-08 11:20:05 -05:00
Dan Walsh
b9afd68089 Update to upstream
* Ignore selevel/serange if MLS is disabled from Sven Vermeulen.
2014-01-06 10:24:11 -05:00
Dan Walsh
2200ddeea6 Update Tranlations
- Patch from Yuri Chornoivan to fix typos
2014-01-03 16:06:52 -05:00
Dan Walsh
53ac00459c Fixes Customized booleans causing a crash of the sepolicy gui 2014-01-03 14:39:18 -05:00
Dan Walsh
fa2e38d15a Fix sepolicy gui selection for advanced screen
- Update Translations
2013-12-20 09:01:14 -05:00
Dan Walsh
576b3e8a80 Break out python3 code into separate package 2013-12-13 08:48:16 -05:00
Dan Walsh
5c1fb32c8b Update to upstream
* Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems.
- Add patches for sepolicy gui from mgrepl to
  Fix advanced_item_button_push() to allow to select an application in advanced search menu
  Fix previously_modified_initialize() to show modified changes properly for all selections
2013-12-03 15:50:34 -05:00
Dan Walsh
e0ae96d544 Update to upstream
* Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh.
	* Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh.
- Apply Miroslav Grepl patch to fix TEMPLATETYPE_domtrans description in sepolicy generate
2013-11-22 09:06:48 -05:00
Dan Walsh
934834e6cb Fix selinux-polgengui, get_all_modules call 2013-11-20 09:19:24 -05:00
Dan Walsh
394f387019 Speed up startup time of sepolicy gui
- Clean up ports screen to only show enabled ports.
- Update to upstream
	* Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh.
	* Make yum/extract_rpms optional for sepolicy generate from Dan Walsh.
	* Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.
2013-11-18 13:28:42 -05:00
Dan Walsh
5d97d38d1b Speed up startup time of sepolicy gui
- Clean up ports screen to only show enabled ports.
- Update to upstream
	* Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh.
	* Make yum/extract_rpms optional for sepolicy generate from Dan Walsh.
	* Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.
2013-11-15 09:06:16 -05:00
Dan Walsh
6e2e7ad1d8 Update to upstream
* Properly build the swig exception file from Laurent Bigonville.
	* Fix man pages from Laurent Bigonville.
	* Support overriding PATH and INITDIR in Makefile from Laurent Bigonville.
	* Fix LDFLAGS usage from Laurent Bigonville.
	* Fix init_policy warning from Laurent Bigonville.
	* Fix semanage logging from Laurent Bigonville.
	* Open newrole stdin as read/write from Sven Vermeulen.
	* Fix sepolicy transition from Sven Vermeulen.
	* Support overriding CFLAGS from Simon Ruderich.
	* Create correct man directory for run_init from Russell Coker.
	* restorecon GLOB_BRACE change from Michal Trunecka.
	* Extend audit2why to report additional constraint information.
	* Catch IOError errors within audit2allow from Dan Walsh.
	* semanage export/import fixes from Dan Walsh.
	* Improve setfiles progress reporting from Dan Walsh.
	* Document setfiles -o option in usage from Dan Walsh.
	* Change setfiles to always return -1 on failure from Dan Walsh.
	* Improve setsebool error r eporting from Dan Walsh.
	* Major overhaul of gui from Dan Walsh.
	* Fix sepolicy handling of non-MLS policy from Dan Walsh.
	* Support returning type aliases from Dan Walsh.
	* Add sepolicy tests from Dan Walsh.
	* Add org.selinux.config.policy from Dan Walsh.
	* Improve range and user input checking by semanage from Dan Walsh.
	* Prevent source or target arguments that end with / for substitutions from Dan Walsh.
	* Allow use of <<none>> for semanage fcontext from Dan Walsh.
        * Report customized user levels from Dan Walsh.
	* Support deleteall for restoring disabled modules from Dan Walsh.
	* Improve semanage error reporting from Dan Walsh.
	* Only list disabled modules for module locallist from Dan Walsh.
	* Fix logging from Dan Walsh.
	* Define new constants for file type character codes from Dan Walsh.
	* Improve bash completions from Dan Walsh.
	* Convert semanage to argparse from Dan Walsh (originally by Dave Quigley).
	* Add semanage tests from Dan Walsh.
	* Split semanage man pages from Dan Walsh.
	* Move bash completion scripts from Dan Walsh.
	* Replace genhomedircon script with a link to semodule from Dan Walsh.
	* Fix fixfiles from Dan Walsh.
	* Add support for systemd service for restorecon from Dan Walsh.
	* Spelling corrections from Dan Walsh.
	* Improve sandbox support for home dir symlinks and file caps from Dan Walsh.
	* Switch sandbox to openbox window manager from Dan Walsh.
	* Coalesce audit2why and audit2allow from Dan Walsh.
	* Change audit2allow to append to output file from Dan Walsh.
	* Update translations from Dan Walsh.
	* Change audit2why to use selinux_current_policy_path from Dan Walsh.
2013-10-31 14:27:38 -04:00
Dan Walsh
2b7d10b4f0 Update to upstream
* Properly build the swig exception file from Laurent Bigonville.
	* Fix man pages from Laurent Bigonville.
	* Support overriding PATH and INITDIR in Makefile from Laurent Bigonville.
	* Fix LDFLAGS usage from Laurent Bigonville.
	* Fix init_policy warning from Laurent Bigonville.
	* Fix semanage logging from Laurent Bigonville.
	* Open newrole stdin as read/write from Sven Vermeulen.
	* Fix sepolicy transition from Sven Vermeulen.
	* Support overriding CFLAGS from Simon Ruderich.
	* Create correct man directory for run_init from Russell Coker.
	* restorecon GLOB_BRACE change from Michal Trunecka.
	* Extend audit2why to report additional constraint information.
	* Catch IOError errors within audit2allow from Dan Walsh.
	* semanage export/import fixes from Dan Walsh.
	* Improve setfiles progress reporting from Dan Walsh.
	* Document setfiles -o option in usage from Dan Walsh.
	* Change setfiles to always return -1 on failure from Dan Walsh.
	* Improve setsebool error r eporting from Dan Walsh.
	* Major overhaul of gui from Dan Walsh.
	* Fix sepolicy handling of non-MLS policy from Dan Walsh.
	* Support returning type aliases from Dan Walsh.
	* Add sepolicy tests from Dan Walsh.
	* Add org.selinux.config.policy from Dan Walsh.
	* Improve range and user input checking by semanage from Dan Walsh.
	* Prevent source or target arguments that end with / for substitutions from Dan Walsh.
	* Allow use of <<none>> for semanage fcontext from Dan Walsh.
        * Report customized user levels from Dan Walsh.
	* Support deleteall for restoring disabled modules from Dan Walsh.
	* Improve semanage error reporting from Dan Walsh.
	* Only list disabled modules for module locallist from Dan Walsh.
	* Fix logging from Dan Walsh.
	* Define new constants for file type character codes from Dan Walsh.
	* Improve bash completions from Dan Walsh.
	* Convert semanage to argparse from Dan Walsh (originally by Dave Quigley).
	* Add semanage tests from Dan Walsh.
	* Split semanage man pages from Dan Walsh.
	* Move bash completion scripts from Dan Walsh.
	* Replace genhomedircon script with a link to semodule from Dan Walsh.
	* Fix fixfiles from Dan Walsh.
	* Add support for systemd service for restorecon from Dan Walsh.
	* Spelling corrections from Dan Walsh.
	* Improve sandbox support for home dir symlinks and file caps from Dan Walsh.
	* Switch sandbox to openbox window manager from Dan Walsh.
	* Coalesce audit2why and audit2allow from Dan Walsh.
	* Change audit2allow to append to output file from Dan Walsh.
	* Update translations from Dan Walsh.
	* Change audit2why to use selinux_current_policy_path from Dan Walsh.
2013-10-31 10:06:05 -04:00
Dan Walsh
256317fccc Cleanup errors found by pychecker
- Apply patch from Michal Trunecka to allow restorecon to handle {} in globs
2013-10-16 15:20:12 -04:00
Dan Walsh
8f0685b998 sepolicy gui
- mgrepl fixes for users and login
- Update Translations.
2013-10-15 15:37:37 -04:00
Dan Walsh
9f7fe58ac4 sepolicy gui
- mgrepl added delete screens for users and login
  - Fix lots of bugs.
- Update Translations.
2013-10-11 17:15:18 -04:00
Dan Walsh
58b140fa6b mgrepl added delete screens for users and login 2013-10-11 16:43:11 -04:00
Dan Walsh
f00bc4f487 Fixes for fixfiles
* exclude_from_dirs should apply to all types of restorecon calls
  * fixfiles check now works
  * exit with the correct status
2013-10-04 18:24:43 -04:00
Dan Walsh
685bf50ba2 Fixes for sepolicy gui
- Fix setsebool to return 0 on success
- Update Po
2013-10-02 16:25:25 -04:00
Dan Walsh
2683a97019 Improvements to sepolicy gui
- Add more help information
  - Cleanup code
  - Add deny_ptrace on lockdown screen
  - Make unconfined/permissivedomains lockdown work
  - Add more support for file equivalency
2013-09-28 07:06:41 -04:00
Dan Walsh
d136271edc Add back in the help png files
- Begin Adding support for file equivalency.
2013-09-18 15:38:38 -04:00
Dan Walsh
6879d63783 Add back in the help png files
- Begin Adding support for file equivalency.
2013-09-18 15:03:38 -04:00
Dan Walsh
0a77d12b6f Random fixes for sepolicy gui
* Do not prompt for password until you make a change
  * Add user mappings and selinux users page
  * lots of code cleanup
2013-09-11 09:45:00 -04:00
Dan Walsh
05a4073c77 Update sepolicy gui code, cleanups and add file transition tab
- Fix semanage fcontext -a --ftype code to work.
2013-08-15 10:14:40 -04:00
Dan Walsh
02d8b93ce5 Update sepolicy gui code, cleanups and add file transition tab
- Fix semanage fcontext -a --ftype code to work.
2013-08-15 09:00:32 -04:00
Dan Walsh
79e2d33ac3 If policy is not installed get_bools should not crash 2013-08-09 05:49:38 -04:00
Dan Walsh
9f373bc68a Update sepolicy gui code, cleanups and add file transition tab
- Fix semanage argparse problems
2013-08-06 17:29:03 -04:00
Dan Walsh
56c629dbeb Update sepolicy gui code, adding dbus calls
- Update Translations
2013-08-02 14:42:48 -04:00
Dan Walsh
0385dda17f Update sepolicy gui code, adding dbus calls
- Update Translations
2013-08-02 14:24:25 -04:00
Dan Walsh
0eb608c431 Fix semanage argparse bugs
- Update Translations
- Add test suite for semanage command lines
2013-07-26 12:20:20 -04:00
Dan Walsh
04c19314d5 Fix semanage argparse bugs 2013-07-24 11:46:08 -04:00