Compare commits
38 Commits
Author | SHA1 | Date |
---|---|---|
Dan Walsh | 4fe8139010 | |
Dan Walsh | 93c78bf904 | |
Dan Walsh | 1898c6355b | |
Dan Walsh | 42d4d3b08c | |
Dan Walsh | f3e0d7cac1 | |
rhatdan | 1063cbdf9d | |
rhatdan | 98eaf65163 | |
rhatdan | 5c7a0bffef | |
Miroslav Grepl | d6d5e59c6d | |
rhatdan | 55176e973a | |
Dan Walsh | 31d136f0c8 | |
Dan Walsh | 04506bbd4a | |
Dan Walsh | 2c71ea7ca5 | |
Miroslav Grepl | 235c664466 | |
Miroslav Grepl | 849d1a0185 | |
Dan Walsh | b3b46a612c | |
Dan Walsh | cca543296e | |
Dan Walsh | 5f9de81a61 | |
Dan Walsh | e0bcbf6793 | |
Dan Walsh | 64f47b2ef0 | |
Dan Walsh | 93276dba0a | |
Dan Walsh | 468db64317 | |
Dan Walsh | dfb2f0d2c2 | |
Dan Walsh | 9f88a0acb3 | |
Dan Walsh | c8276ae4f1 | |
Dan Walsh | 45edf10943 | |
Dan Walsh | 1ff7f2bd1c | |
Dan Walsh | f63a1684d9 | |
Dan Walsh | 1976dcee6a | |
Dan Walsh | 354dee2a71 | |
Dan Walsh | 4872b3ca72 | |
Dan Walsh | 0e3efcdc53 | |
Dan Walsh | 68192df099 | |
Dan Walsh | 57f2f1bc45 | |
Dan Walsh | 78a847dc43 | |
Dan Walsh | 2c95861ef0 | |
Dan Walsh | 51b0ee258d | |
Dan Walsh | 1cc037b422 |
|
@ -1,6 +1,6 @@
|
|||
diff -up policycoreutils-2.1.10/gui/booleansPage.py.gui policycoreutils-2.1.10/gui/booleansPage.py
|
||||
--- policycoreutils-2.1.10/gui/booleansPage.py.gui 2012-02-01 08:39:50.132218033 -0500
|
||||
+++ policycoreutils-2.1.10/gui/booleansPage.py 2012-02-01 08:39:50.132218033 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/booleansPage.py.gui policycoreutils-2.1.11/gui/booleansPage.py
|
||||
--- policycoreutils-2.1.11/gui/booleansPage.py.gui 2012-04-05 10:13:37.905837243 -0400
|
||||
+++ policycoreutils-2.1.11/gui/booleansPage.py 2012-04-05 10:13:37.905837243 -0400
|
||||
@@ -0,0 +1,247 @@
|
||||
+#
|
||||
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
|
||||
|
@ -249,9 +249,9 @@ diff -up policycoreutils-2.1.10/gui/booleansPage.py.gui policycoreutils-2.1.10/g
|
|||
+ self.load(self.filter)
|
||||
+ return True
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/domainsPage.py.gui policycoreutils-2.1.10/gui/domainsPage.py
|
||||
--- policycoreutils-2.1.10/gui/domainsPage.py.gui 2012-02-01 08:39:50.132218033 -0500
|
||||
+++ policycoreutils-2.1.10/gui/domainsPage.py 2012-02-01 08:39:50.132218033 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/domainsPage.py.gui policycoreutils-2.1.11/gui/domainsPage.py
|
||||
--- policycoreutils-2.1.11/gui/domainsPage.py.gui 2012-04-05 10:13:37.905837243 -0400
|
||||
+++ policycoreutils-2.1.11/gui/domainsPage.py 2012-04-05 10:13:37.905837243 -0400
|
||||
@@ -0,0 +1,154 @@
|
||||
+## domainsPage.py - show selinux domains
|
||||
+## Copyright (C) 2009 Red Hat, Inc.
|
||||
|
@ -407,9 +407,9 @@ diff -up policycoreutils-2.1.10/gui/domainsPage.py.gui policycoreutils-2.1.10/gu
|
|||
+
|
||||
+ except ValueError, e:
|
||||
+ self.error(e.args[0])
|
||||
diff -up policycoreutils-2.1.10/gui/fcontextPage.py.gui policycoreutils-2.1.10/gui/fcontextPage.py
|
||||
--- policycoreutils-2.1.10/gui/fcontextPage.py.gui 2012-02-01 08:39:50.133218034 -0500
|
||||
+++ policycoreutils-2.1.10/gui/fcontextPage.py 2012-02-01 08:39:50.133218034 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/fcontextPage.py.gui policycoreutils-2.1.11/gui/fcontextPage.py
|
||||
--- policycoreutils-2.1.11/gui/fcontextPage.py.gui 2012-04-05 10:13:37.905837243 -0400
|
||||
+++ policycoreutils-2.1.11/gui/fcontextPage.py 2012-04-05 10:13:37.905837243 -0400
|
||||
@@ -0,0 +1,223 @@
|
||||
+## fcontextPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006 Red Hat, Inc.
|
||||
|
@ -634,9 +634,9 @@ diff -up policycoreutils-2.1.10/gui/fcontextPage.py.gui policycoreutils-2.1.10/g
|
|||
+ self.store.set_value(iter, SPEC_COL, fspec)
|
||||
+ self.store.set_value(iter, FTYPE_COL, ftype)
|
||||
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
|
||||
diff -up policycoreutils-2.1.10/gui/html_util.py.gui policycoreutils-2.1.10/gui/html_util.py
|
||||
--- policycoreutils-2.1.10/gui/html_util.py.gui 2012-02-01 08:39:50.134218035 -0500
|
||||
+++ policycoreutils-2.1.10/gui/html_util.py 2012-02-01 08:39:50.134218035 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/html_util.py.gui policycoreutils-2.1.11/gui/html_util.py
|
||||
--- policycoreutils-2.1.11/gui/html_util.py.gui 2012-04-05 10:13:37.905837243 -0400
|
||||
+++ policycoreutils-2.1.11/gui/html_util.py 2012-04-05 10:13:37.906837244 -0400
|
||||
@@ -0,0 +1,164 @@
|
||||
+# Authors: John Dennis <jdennis@redhat.com>
|
||||
+#
|
||||
|
@ -802,9 +802,9 @@ diff -up policycoreutils-2.1.10/gui/html_util.py.gui policycoreutils-2.1.10/gui/
|
|||
+ doc += tail
|
||||
+ return doc
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/lockdown.glade.gui policycoreutils-2.1.10/gui/lockdown.glade
|
||||
--- policycoreutils-2.1.10/gui/lockdown.glade.gui 2012-02-01 08:39:50.135218036 -0500
|
||||
+++ policycoreutils-2.1.10/gui/lockdown.glade 2012-02-01 08:39:50.135218036 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/lockdown.glade.gui policycoreutils-2.1.11/gui/lockdown.glade
|
||||
--- policycoreutils-2.1.11/gui/lockdown.glade.gui 2012-04-05 10:13:37.906837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/lockdown.glade 2012-04-05 10:13:37.906837244 -0400
|
||||
@@ -0,0 +1,771 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
||||
|
@ -1577,9 +1577,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.glade.gui policycoreutils-2.1.10/gu
|
|||
+</widget>
|
||||
+
|
||||
+</glade-interface>
|
||||
diff -up policycoreutils-2.1.10/gui/lockdown.gladep.gui policycoreutils-2.1.10/gui/lockdown.gladep
|
||||
--- policycoreutils-2.1.10/gui/lockdown.gladep.gui 2012-02-01 08:39:50.135218036 -0500
|
||||
+++ policycoreutils-2.1.10/gui/lockdown.gladep 2012-02-01 08:39:50.135218036 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/lockdown.gladep.gui policycoreutils-2.1.11/gui/lockdown.gladep
|
||||
--- policycoreutils-2.1.11/gui/lockdown.gladep.gui 2012-04-05 10:13:37.906837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/lockdown.gladep 2012-04-05 10:13:37.906837244 -0400
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
|
||||
|
@ -1588,9 +1588,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.gladep.gui policycoreutils-2.1.10/g
|
|||
+ <name></name>
|
||||
+ <program_name></program_name>
|
||||
+</glade-project>
|
||||
diff -up policycoreutils-2.1.10/gui/lockdown.py.gui policycoreutils-2.1.10/gui/lockdown.py
|
||||
--- policycoreutils-2.1.10/gui/lockdown.py.gui 2012-02-01 08:39:50.136218037 -0500
|
||||
+++ policycoreutils-2.1.10/gui/lockdown.py 2012-02-01 08:39:50.136218037 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/lockdown.py.gui policycoreutils-2.1.11/gui/lockdown.py
|
||||
--- policycoreutils-2.1.11/gui/lockdown.py.gui 2012-04-05 10:13:37.907837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/lockdown.py 2012-04-05 10:13:37.907837244 -0400
|
||||
@@ -0,0 +1,375 @@
|
||||
+#!/usr/bin/python
|
||||
+#
|
||||
|
@ -1967,9 +1967,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.py.gui policycoreutils-2.1.10/gui/l
|
|||
+
|
||||
+ app = booleanWindow()
|
||||
+ app.stand_alone()
|
||||
diff -up policycoreutils-2.1.10/gui/loginsPage.py.gui policycoreutils-2.1.10/gui/loginsPage.py
|
||||
--- policycoreutils-2.1.10/gui/loginsPage.py.gui 2012-02-01 08:39:50.137218037 -0500
|
||||
+++ policycoreutils-2.1.10/gui/loginsPage.py 2012-02-01 08:39:50.137218037 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/loginsPage.py.gui policycoreutils-2.1.11/gui/loginsPage.py
|
||||
--- policycoreutils-2.1.11/gui/loginsPage.py.gui 2012-04-05 10:13:37.907837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/loginsPage.py 2012-04-05 10:13:37.907837244 -0400
|
||||
@@ -0,0 +1,185 @@
|
||||
+## loginsPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006 Red Hat, Inc.
|
||||
|
@ -2156,9 +2156,9 @@ diff -up policycoreutils-2.1.10/gui/loginsPage.py.gui policycoreutils-2.1.10/gui
|
|||
+ self.store.set_value(iter, 1, seuser)
|
||||
+ self.store.set_value(iter, 2, seobject.translate(serange))
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/Makefile.gui policycoreutils-2.1.10/gui/Makefile
|
||||
--- policycoreutils-2.1.10/gui/Makefile.gui 2012-02-01 08:39:50.137218037 -0500
|
||||
+++ policycoreutils-2.1.10/gui/Makefile 2012-02-01 08:39:50.138218037 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/Makefile.gui policycoreutils-2.1.11/gui/Makefile
|
||||
--- policycoreutils-2.1.11/gui/Makefile.gui 2012-04-05 10:13:37.907837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/Makefile 2012-04-05 10:13:37.907837244 -0400
|
||||
@@ -0,0 +1,40 @@
|
||||
+# Installation directories.
|
||||
+PREFIX ?= ${DESTDIR}/usr
|
||||
|
@ -2200,9 +2200,9 @@ diff -up policycoreutils-2.1.10/gui/Makefile.gui policycoreutils-2.1.10/gui/Make
|
|||
+indent:
|
||||
+
|
||||
+relabel:
|
||||
diff -up policycoreutils-2.1.10/gui/mappingsPage.py.gui policycoreutils-2.1.10/gui/mappingsPage.py
|
||||
--- policycoreutils-2.1.10/gui/mappingsPage.py.gui 2012-02-01 08:39:50.138218037 -0500
|
||||
+++ policycoreutils-2.1.10/gui/mappingsPage.py 2012-02-01 08:39:50.138218037 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/mappingsPage.py.gui policycoreutils-2.1.11/gui/mappingsPage.py
|
||||
--- policycoreutils-2.1.11/gui/mappingsPage.py.gui 2012-04-05 10:13:37.907837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/mappingsPage.py 2012-04-05 10:13:37.907837244 -0400
|
||||
@@ -0,0 +1,56 @@
|
||||
+## mappingsPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006 Red Hat, Inc.
|
||||
|
@ -2260,9 +2260,9 @@ diff -up policycoreutils-2.1.10/gui/mappingsPage.py.gui policycoreutils-2.1.10/g
|
|||
+ for k in keys:
|
||||
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/modulesPage.py.gui policycoreutils-2.1.10/gui/modulesPage.py
|
||||
--- policycoreutils-2.1.10/gui/modulesPage.py.gui 2012-02-01 08:39:50.138218037 -0500
|
||||
+++ policycoreutils-2.1.10/gui/modulesPage.py 2012-02-01 08:39:50.139218038 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/modulesPage.py.gui policycoreutils-2.1.11/gui/modulesPage.py
|
||||
--- policycoreutils-2.1.11/gui/modulesPage.py.gui 2012-04-05 10:13:37.907837244 -0400
|
||||
+++ policycoreutils-2.1.11/gui/modulesPage.py 2012-04-05 10:13:37.907837244 -0400
|
||||
@@ -0,0 +1,190 @@
|
||||
+## modulesPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006-2009 Red Hat, Inc.
|
||||
|
@ -2454,9 +2454,9 @@ diff -up policycoreutils-2.1.10/gui/modulesPage.py.gui policycoreutils-2.1.10/gu
|
|||
+
|
||||
+ except ValueError, e:
|
||||
+ self.error(e.args[0])
|
||||
diff -up policycoreutils-2.1.10/gui/polgen.glade.gui policycoreutils-2.1.10/gui/polgen.glade
|
||||
--- policycoreutils-2.1.10/gui/polgen.glade.gui 2012-02-01 08:39:50.141218040 -0500
|
||||
+++ policycoreutils-2.1.10/gui/polgen.glade 2012-02-01 08:39:50.142218041 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/polgen.glade.gui policycoreutils-2.1.11/gui/polgen.glade
|
||||
--- policycoreutils-2.1.11/gui/polgen.glade.gui 2012-04-05 10:13:37.909837247 -0400
|
||||
+++ policycoreutils-2.1.11/gui/polgen.glade 2012-04-05 10:13:37.909837247 -0400
|
||||
@@ -0,0 +1,3432 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
||||
|
@ -5890,9 +5890,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.glade.gui policycoreutils-2.1.10/gui/
|
|||
+</widget>
|
||||
+
|
||||
+</glade-interface>
|
||||
diff -up policycoreutils-2.1.10/gui/polgen.gladep.gui policycoreutils-2.1.10/gui/polgen.gladep
|
||||
--- policycoreutils-2.1.10/gui/polgen.gladep.gui 2012-02-01 08:39:50.143218042 -0500
|
||||
+++ policycoreutils-2.1.10/gui/polgen.gladep 2012-02-01 08:39:50.143218042 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/polgen.gladep.gui policycoreutils-2.1.11/gui/polgen.gladep
|
||||
--- policycoreutils-2.1.11/gui/polgen.gladep.gui 2012-04-05 10:13:37.909837247 -0400
|
||||
+++ policycoreutils-2.1.11/gui/polgen.gladep 2012-04-05 10:13:37.909837247 -0400
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
|
||||
|
@ -5901,9 +5901,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.gladep.gui policycoreutils-2.1.10/gui
|
|||
+ <name></name>
|
||||
+ <program_name></program_name>
|
||||
+</glade-project>
|
||||
diff -up policycoreutils-2.1.10/gui/polgengui.py.gui policycoreutils-2.1.10/gui/polgengui.py
|
||||
--- policycoreutils-2.1.10/gui/polgengui.py.gui 2012-02-01 08:39:50.144218043 -0500
|
||||
+++ policycoreutils-2.1.10/gui/polgengui.py 2012-02-01 08:39:50.144218043 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/polgengui.py.gui policycoreutils-2.1.11/gui/polgengui.py
|
||||
--- policycoreutils-2.1.11/gui/polgengui.py.gui 2012-04-05 10:13:37.909837247 -0400
|
||||
+++ policycoreutils-2.1.11/gui/polgengui.py 2012-04-05 10:13:37.910837250 -0400
|
||||
@@ -0,0 +1,750 @@
|
||||
+#!/usr/bin/python -Es
|
||||
+#
|
||||
|
@ -6655,10 +6655,10 @@ diff -up policycoreutils-2.1.10/gui/polgengui.py.gui policycoreutils-2.1.10/gui/
|
|||
+
|
||||
+ app = childWindow()
|
||||
+ app.stand_alone()
|
||||
diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/polgen.py
|
||||
--- policycoreutils-2.1.10/gui/polgen.py.gui 2012-02-01 08:39:50.145218044 -0500
|
||||
+++ policycoreutils-2.1.10/gui/polgen.py 2012-02-01 08:39:50.146218045 -0500
|
||||
@@ -0,0 +1,1353 @@
|
||||
diff -up policycoreutils-2.1.11/gui/polgen.py.gui policycoreutils-2.1.11/gui/polgen.py
|
||||
--- policycoreutils-2.1.11/gui/polgen.py.gui 2012-04-05 10:13:37.910837250 -0400
|
||||
+++ policycoreutils-2.1.11/gui/polgen.py 2012-04-13 10:41:56.501251501 -0400
|
||||
@@ -0,0 +1,1354 @@
|
||||
+#!/usr/bin/python -Es
|
||||
+#
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
|
@ -6957,6 +6957,7 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
|
|||
+ self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
|
||||
+ self.DEFAULT_DIRS["/tmp"] = ["tmp", [], tmp];
|
||||
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
|
||||
+ self.DEFAULT_DIRS["/usr/lib/systemd/system"] = ["unit_file", [], unit_file];
|
||||
+ self.DEFAULT_DIRS["/lib/systemd/system"] = ["unit_file", [], unit_file];
|
||||
+ self.DEFAULT_DIRS["/etc/systemd/system"] = ["unit_file", [], unit_file];
|
||||
+ self.DEFAULT_DIRS["/var/cache"] = ["var_cache", [], var_cache];
|
||||
|
@ -6965,7 +6966,7 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
|
|||
+ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
|
||||
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
|
||||
+
|
||||
+ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool", "/etc/systemd/system", "/lib/systemd/system" ]
|
||||
+ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool", "/etc/systemd/system", "/usr/lib/systemd/system", "/lib/systemd/system" ]
|
||||
+
|
||||
+ self.DEFAULT_TYPES = (\
|
||||
+( self.generate_daemon_types, self.generate_daemon_rules), \
|
||||
|
@ -8012,9 +8013,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
|
|||
+ sys.exit(0)
|
||||
+ except ValueError, e:
|
||||
+ usage(e)
|
||||
diff -up policycoreutils-2.1.10/gui/portsPage.py.gui policycoreutils-2.1.10/gui/portsPage.py
|
||||
--- policycoreutils-2.1.10/gui/portsPage.py.gui 2012-02-01 08:39:50.146218045 -0500
|
||||
+++ policycoreutils-2.1.10/gui/portsPage.py 2012-02-01 08:39:50.146218045 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/portsPage.py.gui policycoreutils-2.1.11/gui/portsPage.py
|
||||
--- policycoreutils-2.1.11/gui/portsPage.py.gui 2012-04-05 10:13:37.910837250 -0400
|
||||
+++ policycoreutils-2.1.11/gui/portsPage.py 2012-04-05 10:13:37.910837250 -0400
|
||||
@@ -0,0 +1,259 @@
|
||||
+## portsPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006 Red Hat, Inc.
|
||||
|
@ -8275,9 +8276,9 @@ diff -up policycoreutils-2.1.10/gui/portsPage.py.gui policycoreutils-2.1.10/gui/
|
|||
+
|
||||
+ return True
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/selinux.tbl.gui policycoreutils-2.1.10/gui/selinux.tbl
|
||||
--- policycoreutils-2.1.10/gui/selinux.tbl.gui 2012-02-01 08:39:50.147218045 -0500
|
||||
+++ policycoreutils-2.1.10/gui/selinux.tbl 2012-02-01 08:39:50.147218045 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/selinux.tbl.gui policycoreutils-2.1.11/gui/selinux.tbl
|
||||
--- policycoreutils-2.1.11/gui/selinux.tbl.gui 2012-04-05 10:13:37.911837252 -0400
|
||||
+++ policycoreutils-2.1.11/gui/selinux.tbl 2012-04-05 10:13:37.911837252 -0400
|
||||
@@ -0,0 +1,234 @@
|
||||
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
|
||||
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
|
||||
|
@ -8513,9 +8514,9 @@ diff -up policycoreutils-2.1.10/gui/selinux.tbl.gui policycoreutils-2.1.10/gui/s
|
|||
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
|
||||
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/semanagePage.py.gui policycoreutils-2.1.10/gui/semanagePage.py
|
||||
--- policycoreutils-2.1.10/gui/semanagePage.py.gui 2012-02-01 08:39:50.148218045 -0500
|
||||
+++ policycoreutils-2.1.10/gui/semanagePage.py 2012-02-01 08:39:50.148218045 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/semanagePage.py.gui policycoreutils-2.1.11/gui/semanagePage.py
|
||||
--- policycoreutils-2.1.11/gui/semanagePage.py.gui 2012-04-05 10:13:37.911837252 -0400
|
||||
+++ policycoreutils-2.1.11/gui/semanagePage.py 2012-04-05 10:13:37.911837252 -0400
|
||||
@@ -0,0 +1,168 @@
|
||||
+## semanagePage.py - show selinux mappings
|
||||
+## Copyright (C) 2006 Red Hat, Inc.
|
||||
|
@ -8685,9 +8686,9 @@ diff -up policycoreutils-2.1.10/gui/semanagePage.py.gui policycoreutils-2.1.10/g
|
|||
+ self.load(self.filter)
|
||||
+ return True
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/statusPage.py.gui policycoreutils-2.1.10/gui/statusPage.py
|
||||
--- policycoreutils-2.1.10/gui/statusPage.py.gui 2012-02-01 08:39:50.148218045 -0500
|
||||
+++ policycoreutils-2.1.10/gui/statusPage.py 2012-02-01 08:39:50.149218046 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/statusPage.py.gui policycoreutils-2.1.11/gui/statusPage.py
|
||||
--- policycoreutils-2.1.11/gui/statusPage.py.gui 2012-04-05 10:13:37.911837252 -0400
|
||||
+++ policycoreutils-2.1.11/gui/statusPage.py 2012-04-05 10:13:37.911837252 -0400
|
||||
@@ -0,0 +1,190 @@
|
||||
+# statusPage.py - show selinux status
|
||||
+## Copyright (C) 2006-2009 Red Hat, Inc.
|
||||
|
@ -8879,9 +8880,9 @@ diff -up policycoreutils-2.1.10/gui/statusPage.py.gui policycoreutils-2.1.10/gui
|
|||
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
|
||||
+
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/system-config-selinux.glade.gui policycoreutils-2.1.10/gui/system-config-selinux.glade
|
||||
--- policycoreutils-2.1.10/gui/system-config-selinux.glade.gui 2012-02-01 08:39:50.151218048 -0500
|
||||
+++ policycoreutils-2.1.10/gui/system-config-selinux.glade 2012-02-01 08:39:50.151218048 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/system-config-selinux.glade.gui policycoreutils-2.1.11/gui/system-config-selinux.glade
|
||||
--- policycoreutils-2.1.11/gui/system-config-selinux.glade.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/system-config-selinux.glade 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,3024 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
||||
|
@ -11907,9 +11908,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.glade.gui policycoreut
|
|||
+</widget>
|
||||
+
|
||||
+</glade-interface>
|
||||
diff -up policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui policycoreutils-2.1.10/gui/system-config-selinux.gladep
|
||||
--- policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui 2012-02-01 08:39:50.152218049 -0500
|
||||
+++ policycoreutils-2.1.10/gui/system-config-selinux.gladep 2012-02-01 08:39:50.152218049 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/system-config-selinux.gladep.gui policycoreutils-2.1.11/gui/system-config-selinux.gladep
|
||||
--- policycoreutils-2.1.11/gui/system-config-selinux.gladep.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/system-config-selinux.gladep 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
||||
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
|
||||
|
@ -11918,9 +11919,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui policycoreu
|
|||
+ <name></name>
|
||||
+ <program_name></program_name>
|
||||
+</glade-project>
|
||||
diff -up policycoreutils-2.1.10/gui/system-config-selinux.py.gui policycoreutils-2.1.10/gui/system-config-selinux.py
|
||||
--- policycoreutils-2.1.10/gui/system-config-selinux.py.gui 2012-02-01 08:39:50.152218049 -0500
|
||||
+++ policycoreutils-2.1.10/gui/system-config-selinux.py 2012-02-01 08:39:50.153218050 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/system-config-selinux.py.gui policycoreutils-2.1.11/gui/system-config-selinux.py
|
||||
--- policycoreutils-2.1.11/gui/system-config-selinux.py.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/system-config-selinux.py 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,187 @@
|
||||
+#!/usr/bin/python -Es
|
||||
+#
|
||||
|
@ -12109,9 +12110,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.py.gui policycoreutils
|
|||
+
|
||||
+ app = childWindow()
|
||||
+ app.stand_alone()
|
||||
diff -up policycoreutils-2.1.10/gui/templates/boolean.py.gui policycoreutils-2.1.10/gui/templates/boolean.py
|
||||
--- policycoreutils-2.1.10/gui/templates/boolean.py.gui 2012-02-01 08:39:50.153218050 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/boolean.py 2012-02-01 08:39:50.153218050 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/boolean.py.gui policycoreutils-2.1.11/gui/templates/boolean.py
|
||||
--- policycoreutils-2.1.11/gui/templates/boolean.py.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/boolean.py 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,40 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -12153,9 +12154,9 @@ diff -up policycoreutils-2.1.10/gui/templates/boolean.py.gui policycoreutils-2.1
|
|||
+')
|
||||
+"""
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/templates/etc_rw.py.gui policycoreutils-2.1.10/gui/templates/etc_rw.py
|
||||
--- policycoreutils-2.1.10/gui/templates/etc_rw.py.gui 2012-02-01 08:39:50.154218051 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/etc_rw.py 2012-02-01 08:39:50.154218051 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/etc_rw.py.gui policycoreutils-2.1.11/gui/templates/etc_rw.py
|
||||
--- policycoreutils-2.1.11/gui/templates/etc_rw.py.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/etc_rw.py 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,112 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -12269,10 +12270,10 @@ diff -up policycoreutils-2.1.10/gui/templates/etc_rw.py.gui policycoreutils-2.1.
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-2.1.10/gui/templates/executable.py
|
||||
--- policycoreutils-2.1.10/gui/templates/executable.py.gui 2012-02-01 08:39:50.155218052 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/executable.py 2012-02-01 08:39:50.155218052 -0500
|
||||
@@ -0,0 +1,441 @@
|
||||
diff -up policycoreutils-2.1.11/gui/templates/executable.py.gui policycoreutils-2.1.11/gui/templates/executable.py
|
||||
--- policycoreutils-2.1.11/gui/templates/executable.py.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/executable.py 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,445 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
+#
|
||||
|
@ -12699,6 +12700,10 @@ diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-
|
|||
+"""
|
||||
+
|
||||
+if_end_admin="""\
|
||||
+ optional_policy(`
|
||||
+ systemd_passwd_agent_exec($1)
|
||||
+ systemd_read_fifo_file_passwd_run($1)
|
||||
+ ')
|
||||
+')
|
||||
+"""
|
||||
+
|
||||
|
@ -12714,9 +12719,9 @@ diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-
|
|||
+fc_initscript="""\
|
||||
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/__init__.py.gui policycoreutils-2.1.10/gui/templates/__init__.py
|
||||
--- policycoreutils-2.1.10/gui/templates/__init__.py.gui 2012-02-01 08:39:50.155218052 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/__init__.py 2012-02-01 08:39:50.155218052 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/__init__.py.gui policycoreutils-2.1.11/gui/templates/__init__.py
|
||||
--- policycoreutils-2.1.11/gui/templates/__init__.py.gui 2012-04-05 10:13:37.913837254 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/__init__.py 2012-04-05 10:13:37.913837254 -0400
|
||||
@@ -0,0 +1,18 @@
|
||||
+#
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
|
@ -12736,9 +12741,9 @@ diff -up policycoreutils-2.1.10/gui/templates/__init__.py.gui policycoreutils-2.
|
|||
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
+#
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/templates/network.py.gui policycoreutils-2.1.10/gui/templates/network.py
|
||||
--- policycoreutils-2.1.10/gui/templates/network.py.gui 2012-02-01 08:39:50.156218053 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/network.py 2012-02-01 08:39:50.156218053 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/network.py.gui policycoreutils-2.1.11/gui/templates/network.py
|
||||
--- policycoreutils-2.1.11/gui/templates/network.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/network.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,102 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -12842,9 +12847,9 @@ diff -up policycoreutils-2.1.10/gui/templates/network.py.gui policycoreutils-2.1
|
|||
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
|
||||
+"""
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/templates/rw.py.gui policycoreutils-2.1.10/gui/templates/rw.py
|
||||
--- policycoreutils-2.1.10/gui/templates/rw.py.gui 2012-02-01 08:39:50.156218053 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/rw.py 2012-02-01 08:39:50.157218053 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/rw.py.gui policycoreutils-2.1.11/gui/templates/rw.py
|
||||
--- policycoreutils-2.1.11/gui/templates/rw.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/rw.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,129 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -12975,9 +12980,9 @@ diff -up policycoreutils-2.1.10/gui/templates/rw.py.gui policycoreutils-2.1.10/g
|
|||
+fc_dir="""
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.10/gui/templates/script.py
|
||||
--- policycoreutils-2.1.10/gui/templates/script.py.gui 2012-02-01 08:39:50.157218053 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/script.py 2012-02-01 08:39:50.157218053 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/script.py.gui policycoreutils-2.1.11/gui/templates/script.py
|
||||
--- policycoreutils-2.1.11/gui/templates/script.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/script.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,126 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13044,7 +13049,7 @@ diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.
|
|||
+
|
||||
+echo "Building and Loading Policy"
|
||||
+set -x
|
||||
+make -f /usr/share/selinux/devel/Makefile || exit
|
||||
+make -f /usr/share/selinux/devel/Makefile TEMPLATEFILE.pp || exit
|
||||
+/usr/sbin/semodule -i TEMPLATEFILE.pp
|
||||
+
|
||||
+"""
|
||||
|
@ -13105,9 +13110,9 @@ diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.
|
|||
+_EOF
|
||||
+fi
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/semodule.py.gui policycoreutils-2.1.10/gui/templates/semodule.py
|
||||
--- policycoreutils-2.1.10/gui/templates/semodule.py.gui 2012-02-01 08:39:50.157218053 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/semodule.py 2012-02-01 08:39:50.158218053 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/semodule.py.gui policycoreutils-2.1.11/gui/templates/semodule.py
|
||||
--- policycoreutils-2.1.11/gui/templates/semodule.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/semodule.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,41 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13150,9 +13155,9 @@ diff -up policycoreutils-2.1.10/gui/templates/semodule.py.gui policycoreutils-2.
|
|||
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
|
||||
+"""
|
||||
+
|
||||
diff -up policycoreutils-2.1.10/gui/templates/tmp.py.gui policycoreutils-2.1.10/gui/templates/tmp.py
|
||||
--- policycoreutils-2.1.10/gui/templates/tmp.py.gui 2012-02-01 08:39:50.158218053 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/tmp.py 2012-02-01 08:39:50.158218053 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/tmp.py.gui policycoreutils-2.1.11/gui/templates/tmp.py
|
||||
--- policycoreutils-2.1.11/gui/templates/tmp.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/tmp.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,102 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13256,10 +13261,10 @@ diff -up policycoreutils-2.1.10/gui/templates/tmp.py.gui policycoreutils-2.1.10/
|
|||
+ files_search_tmp($1)
|
||||
+ admin_pattern($1, TEMPLATETYPE_tmp_t)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2.1.10/gui/templates/unit_file.py
|
||||
--- policycoreutils-2.1.10/gui/templates/unit_file.py.gui 2012-02-01 08:40:34.733252831 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/unit_file.py 2012-02-01 08:40:28.444248042 -0500
|
||||
@@ -0,0 +1,69 @@
|
||||
diff -up policycoreutils-2.1.11/gui/templates/unit_file.py.gui policycoreutils-2.1.11/gui/templates/unit_file.py
|
||||
--- policycoreutils-2.1.11/gui/templates/unit_file.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/unit_file.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,72 @@
|
||||
+# Copyright (C) 2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
+#
|
||||
|
@ -13286,7 +13291,7 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
|
|||
+########################### Type Enforcement File #############################
|
||||
+te_types="""
|
||||
+type TEMPLATETYPE_unit_file_t;
|
||||
+files_type(TEMPLATETYPE_unit_file_t)
|
||||
+systemd_unit_file(TEMPLATETYPE_unit_file_t)
|
||||
+"""
|
||||
+
|
||||
+te_rules=""
|
||||
|
@ -13310,8 +13315,9 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
|
|||
+ ')
|
||||
+
|
||||
+ systemd_exec_systemctl($1)
|
||||
+ systemd_read_fifo_file_password_run($1)
|
||||
+ allow $1 TEMPLATETYPE_unit_file_t:file read_file_perms;
|
||||
+ allow $1 TEMPLATETYPE_unit_file_t:service all_service_perms;
|
||||
+ allow $1 TEMPLATETYPE_unit_file_t:service manage_service_perms;
|
||||
+
|
||||
+ ps_process_pattern($1, TEMPLATETYPE_t)
|
||||
+')
|
||||
|
@ -13319,19 +13325,21 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
|
|||
+"""
|
||||
+
|
||||
+if_admin_types="""
|
||||
+ type TEMPLATETYPE_unit_file_t;"""
|
||||
+ type TEMPLATETYPE_unit_file_t;"""
|
||||
+
|
||||
+if_admin_rules="""
|
||||
+ TEMPLATETYPE_systemctl($1)
|
||||
+ admin_pattern($1, TEMPLATETYPE_unit_file_t)
|
||||
+ allow $1 TEMPLATETYPE_unit_file_t:service all_service_perms;
|
||||
+"""
|
||||
+
|
||||
+########################### File Context ##################################
|
||||
+fc_file="""\
|
||||
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_unit_file_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/user.py.gui policycoreutils-2.1.10/gui/templates/user.py
|
||||
--- policycoreutils-2.1.10/gui/templates/user.py.gui 2012-02-01 08:39:50.159218054 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/user.py 2012-02-01 08:39:50.159218054 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/user.py.gui policycoreutils-2.1.11/gui/templates/user.py
|
||||
--- policycoreutils-2.1.11/gui/templates/user.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/user.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,204 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13537,9 +13545,9 @@ diff -up policycoreutils-2.1.10/gui/templates/user.py.gui policycoreutils-2.1.10
|
|||
+te_newrole_rules="""
|
||||
+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/var_cache.py.gui policycoreutils-2.1.10/gui/templates/var_cache.py
|
||||
--- policycoreutils-2.1.10/gui/templates/var_cache.py.gui 2012-02-01 08:39:50.159218054 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/var_cache.py 2012-02-01 08:39:50.159218054 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/var_cache.py.gui policycoreutils-2.1.11/gui/templates/var_cache.py
|
||||
--- policycoreutils-2.1.11/gui/templates/var_cache.py.gui 2012-04-05 10:13:37.914837256 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/var_cache.py 2012-04-05 10:13:37.914837256 -0400
|
||||
@@ -0,0 +1,132 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13673,9 +13681,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_cache.py.gui policycoreutils-2
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/var_lib.py.gui policycoreutils-2.1.10/gui/templates/var_lib.py
|
||||
--- policycoreutils-2.1.10/gui/templates/var_lib.py.gui 2012-02-01 08:39:50.160218055 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/var_lib.py 2012-02-01 08:39:50.160218055 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/var_lib.py.gui policycoreutils-2.1.11/gui/templates/var_lib.py
|
||||
--- policycoreutils-2.1.11/gui/templates/var_lib.py.gui 2012-04-05 10:13:37.915837258 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/var_lib.py 2012-04-05 10:13:37.915837258 -0400
|
||||
@@ -0,0 +1,160 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13837,9 +13845,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_lib.py.gui policycoreutils-2.1
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/var_log.py.gui policycoreutils-2.1.10/gui/templates/var_log.py
|
||||
--- policycoreutils-2.1.10/gui/templates/var_log.py.gui 2012-02-01 08:39:50.160218055 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/var_log.py 2012-02-01 08:39:50.161218056 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/var_log.py.gui policycoreutils-2.1.11/gui/templates/var_log.py
|
||||
--- policycoreutils-2.1.11/gui/templates/var_log.py.gui 2012-04-05 10:13:37.915837258 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/var_log.py 2012-04-05 10:13:37.915837258 -0400
|
||||
@@ -0,0 +1,114 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -13955,9 +13963,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_log.py.gui policycoreutils-2.1
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/var_run.py.gui policycoreutils-2.1.10/gui/templates/var_run.py
|
||||
--- policycoreutils-2.1.10/gui/templates/var_run.py.gui 2012-02-01 08:39:50.161218056 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/var_run.py 2012-02-01 08:39:50.161218056 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/var_run.py.gui policycoreutils-2.1.11/gui/templates/var_run.py
|
||||
--- policycoreutils-2.1.11/gui/templates/var_run.py.gui 2012-04-05 10:13:37.915837258 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/var_run.py 2012-04-05 10:13:37.915837258 -0400
|
||||
@@ -0,0 +1,101 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -14060,9 +14068,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_run.py.gui policycoreutils-2.1
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/templates/var_spool.py.gui policycoreutils-2.1.10/gui/templates/var_spool.py
|
||||
--- policycoreutils-2.1.10/gui/templates/var_spool.py.gui 2012-02-01 08:39:50.162218057 -0500
|
||||
+++ policycoreutils-2.1.10/gui/templates/var_spool.py 2012-02-01 08:39:50.162218057 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/templates/var_spool.py.gui policycoreutils-2.1.11/gui/templates/var_spool.py
|
||||
--- policycoreutils-2.1.11/gui/templates/var_spool.py.gui 2012-04-05 10:13:37.915837258 -0400
|
||||
+++ policycoreutils-2.1.11/gui/templates/var_spool.py 2012-04-05 10:13:37.915837258 -0400
|
||||
@@ -0,0 +1,131 @@
|
||||
+# Copyright (C) 2007-2012 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
@ -14195,9 +14203,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_spool.py.gui policycoreutils-2
|
|||
+fc_dir="""\
|
||||
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
|
||||
+"""
|
||||
diff -up policycoreutils-2.1.10/gui/usersPage.py.gui policycoreutils-2.1.10/gui/usersPage.py
|
||||
--- policycoreutils-2.1.10/gui/usersPage.py.gui 2012-02-01 08:39:50.162218057 -0500
|
||||
+++ policycoreutils-2.1.10/gui/usersPage.py 2012-02-01 08:39:50.163218058 -0500
|
||||
diff -up policycoreutils-2.1.11/gui/usersPage.py.gui policycoreutils-2.1.11/gui/usersPage.py
|
||||
--- policycoreutils-2.1.11/gui/usersPage.py.gui 2012-04-05 10:13:37.915837258 -0400
|
||||
+++ policycoreutils-2.1.11/gui/usersPage.py 2012-04-05 10:13:37.915837258 -0400
|
||||
@@ -0,0 +1,150 @@
|
||||
+## usersPage.py - show selinux mappings
|
||||
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
diff -up policycoreutils-2.1.13/semanage/seobject.py~ policycoreutils-2.1.13/semanage/seobject.py
|
||||
--- policycoreutils-2.1.13/semanage/seobject.py~ 2013-02-08 12:36:21.408442611 -0500
|
||||
+++ policycoreutils-2.1.13/semanage/seobject.py 2013-02-08 12:36:53.963553141 -0500
|
||||
@@ -1992,8 +1992,6 @@ class booleanRecords(semanageRecords):
|
||||
self.modify_local = False
|
||||
|
||||
def __mod(self, name, value):
|
||||
- name = selinux.selinux_boolean_sub(name)
|
||||
-
|
||||
(rc, k) = semanage_bool_key_create(self.sh, name)
|
||||
if rc < 0:
|
||||
raise ValueError(_("Could not create a key for %s") % name)
|
||||
@@ -2043,8 +2041,6 @@ class booleanRecords(semanageRecords):
|
||||
self.commit()
|
||||
|
||||
def __delete(self, name):
|
||||
- name = selinux.selinux_boolean_sub(name)
|
||||
-
|
||||
(rc, k) = semanage_bool_key_create(self.sh, name)
|
||||
if rc < 0:
|
||||
raise ValueError(_("Could not create a key for %s") % name)
|
||||
@@ -2108,11 +2104,9 @@ class booleanRecords(semanageRecords):
|
||||
return ddict
|
||||
|
||||
def get_desc(self, name):
|
||||
- name = selinux.selinux_boolean_sub(name)
|
||||
return boolean_desc(name)
|
||||
|
||||
def get_category(self, name):
|
||||
- name = selinux.selinux_boolean_sub(name)
|
||||
return boolean_category(name)
|
||||
|
||||
def customized(self):
|
344965
policycoreutils-rhat.patch
344965
policycoreutils-rhat.patch
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,10 @@
|
|||
--- policycoreutils-2.1.11/semanage/semanage.old 2012-06-29 11:33:54.832066426 +0200
|
||||
+++ policycoreutils-2.1.11/semanage/semanage 2012-06-29 11:34:36.230067371 +0200
|
||||
@@ -199,6 +199,7 @@
|
||||
seuser = ""
|
||||
prefix = "user"
|
||||
heading = True
|
||||
+ global reload
|
||||
reload = True
|
||||
value = None
|
||||
add = False
|
|
@ -1,94 +1,14 @@
|
|||
diff --git a/sepolgen/HACKING b/sepolgen/HACKING
|
||||
index 5cdf6d5..a0ec323 100644
|
||||
--- a/sepolgen/HACKING
|
||||
+++ b/sepolgen/HACKING
|
||||
@@ -76,4 +76,4 @@ information about the object classes - including information flow. It
|
||||
is separated to keep the core from being concerned about the details
|
||||
of the object classes.
|
||||
|
||||
-[selist]: http://www.nsa.gov/selinux/info/list.cfm
|
||||
\ No newline at end of file
|
||||
+[selist]: http://www.nsa.gov/research/selinux/info/list.cfm
|
||||
diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
|
||||
index 9fdfafa..9e2ccee 100644
|
||||
index 73c60f6..d636091 100644
|
||||
--- a/sepolgen/src/sepolgen/audit.py
|
||||
+++ b/sepolgen/src/sepolgen/audit.py
|
||||
@@ -20,6 +20,7 @@
|
||||
import refpolicy
|
||||
import access
|
||||
import re
|
||||
+import sys
|
||||
|
||||
# Convenience functions
|
||||
|
||||
@@ -343,6 +344,7 @@ class AuditParser:
|
||||
self.policy_load_msgs = []
|
||||
self.path_msgs = []
|
||||
self.by_header = { }
|
||||
+ self.check_input_file = False
|
||||
|
||||
# Low-level parsing function - tries to determine if this audit
|
||||
# message is an SELinux related message and then parses it into
|
||||
@@ -378,6 +380,7 @@ class AuditParser:
|
||||
found = True
|
||||
|
||||
if found:
|
||||
+ self.check_input_file = True
|
||||
try:
|
||||
msg.from_split_string(rec)
|
||||
except ValueError:
|
||||
@@ -447,6 +450,9 @@ class AuditParser:
|
||||
while line:
|
||||
self.__parse(line)
|
||||
line = input.readline()
|
||||
+ if not self.check_input_file:
|
||||
+ sys.stderr.write("Nothing to do\n")
|
||||
+ sys.exit(0)
|
||||
self.__post_process()
|
||||
|
||||
def parse_string(self, input):
|
||||
diff --git a/sepolgen/src/sepolgen/matching.py b/sepolgen/src/sepolgen/matching.py
|
||||
index 1a9a3e5..d56dd92 100644
|
||||
--- a/sepolgen/src/sepolgen/matching.py
|
||||
+++ b/sepolgen/src/sepolgen/matching.py
|
||||
@@ -50,7 +50,7 @@ class Match:
|
||||
return 1
|
||||
|
||||
class MatchList:
|
||||
- DEFAULT_THRESHOLD = 120
|
||||
+ DEFAULT_THRESHOLD = 150
|
||||
def __init__(self):
|
||||
# Match objects that pass the threshold
|
||||
self.children = []
|
||||
@@ -63,14 +63,15 @@ class MatchList:
|
||||
def best(self):
|
||||
if len(self.children):
|
||||
return self.children[0]
|
||||
- else:
|
||||
- return None
|
||||
+ if len(self.bastards):
|
||||
+ return self.bastards[0]
|
||||
+ return None
|
||||
|
||||
def __len__(self):
|
||||
# Only return the length of the matches so
|
||||
# that this can be used to test if there is
|
||||
# a match.
|
||||
- return len(self.children)
|
||||
+ return len(self.children) + len(self.bastards)
|
||||
|
||||
def __iter__(self):
|
||||
return iter(self.children)
|
||||
diff --git a/sepolgen/src/sepolgen/yacc.py b/sepolgen/src/sepolgen/yacc.py
|
||||
index 2f3c09d..bc4536d 100644
|
||||
--- a/sepolgen/src/sepolgen/yacc.py
|
||||
+++ b/sepolgen/src/sepolgen/yacc.py
|
||||
@@ -506,7 +506,7 @@ def initialize_vars():
|
||||
|
||||
Errorfunc = None # User defined error handler
|
||||
|
||||
- Signature = hashlib.md5() # Digital signature of the grammar rules, precedence
|
||||
+ Signature = hashlib.sha256() # Digital signature of the grammar rules, precedence
|
||||
# and other information. Used to determined when a
|
||||
# parsing table needs to be regenerated.
|
||||
|
||||
@@ -38,8 +38,7 @@ def get_audit_boot_msgs():
|
||||
off=float(fd.read().split()[0])
|
||||
fd.close
|
||||
s = time.localtime(time.time() - off)
|
||||
- date = time.strftime("%D/%Y", s).split("/")
|
||||
- bootdate="%s/%s/%s" % (date[0], date[1], date[3])
|
||||
+ bootdate = time.strftime("%x", s)
|
||||
boottime = time.strftime("%X", s)
|
||||
output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
|
||||
stdout=subprocess.PIPE).communicate()[0]
|
||||
|
|
|
@ -0,0 +1,111 @@
|
|||
--- policycoreutils-2.1.12/sandbox/seunshare.c 2012-07-04 13:35:21.000000000 +0200
|
||||
+++ policycoreutils-2.1.13/sandbox/seunshare.c 2012-10-24 14:34:49.346593664 +0200
|
||||
@@ -31,6 +31,12 @@
|
||||
#include <selinux/context.h> /* for context-mangling functions */
|
||||
#include <dirent.h>
|
||||
|
||||
+
|
||||
+/*
|
||||
+ * Note setfsuid never returns an error code. But the compiler complains if
|
||||
+ * I do not check, so I am checking for -1, which should never happen.
|
||||
+ */
|
||||
+
|
||||
#ifdef USE_NLS
|
||||
#include <locale.h> /* for setlocale() */
|
||||
#include <libintl.h> /* for gettext() */
|
||||
@@ -617,12 +623,15 @@
|
||||
free(cmdbuf); cmdbuf = NULL;
|
||||
|
||||
/* remove runtime temporary directory */
|
||||
- setfsuid(0);
|
||||
+ if (setfsuid(0) < 0)
|
||||
+ rc++;
|
||||
+
|
||||
if (rmdir(tmpdir) == -1)
|
||||
fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno));
|
||||
- setfsuid(pwd->pw_uid);
|
||||
+ if (setfsuid(pwd->pw_uid) < 0)
|
||||
+ rc++;
|
||||
|
||||
- return 0;
|
||||
+ return rc;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -642,7 +651,9 @@
|
||||
|
||||
/* get selinux context */
|
||||
if (execcon) {
|
||||
- setfsuid(pwd->pw_uid);
|
||||
+ if (setfsuid(pwd->pw_uid) < 0)
|
||||
+ goto err;
|
||||
+
|
||||
if ((fd_s = open(src, O_RDONLY)) < 0) {
|
||||
fprintf(stderr, _("Failed to open directory %s: %s\n"), src, strerror(errno));
|
||||
goto err;
|
||||
@@ -661,7 +672,8 @@
|
||||
}
|
||||
|
||||
/* ok to not reach this if there is an error */
|
||||
- setfsuid(0);
|
||||
+ if (setfsuid(0) < 0)
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
if (asprintf(&tmpdir, "/tmp/.sandbox-%s-XXXXXX", pwd->pw_name) == -1) {
|
||||
@@ -716,14 +728,16 @@
|
||||
}
|
||||
}
|
||||
|
||||
- setfsuid(pwd->pw_uid);
|
||||
+ if (setfsuid(pwd->pw_uid) < 0)
|
||||
+ goto err;
|
||||
|
||||
if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* ok to not reach this if there is an error */
|
||||
- setfsuid(0);
|
||||
+ if (setfsuid(0) < 0)
|
||||
+ goto err;
|
||||
|
||||
if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
|
||||
fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
|
||||
@@ -916,7 +930,8 @@
|
||||
/* Changing fsuid is usually required when user-specified directory is
|
||||
* on an NFS mount. It's also desired to avoid leaking info about
|
||||
* existence of the files not accessible to the user. */
|
||||
- setfsuid(uid);
|
||||
+ if (setfsuid(uid) < 0)
|
||||
+ return -1;
|
||||
|
||||
/* verify homedir and tmpdir */
|
||||
if (homedir_s && (
|
||||
@@ -925,7 +940,7 @@
|
||||
if (tmpdir_s && (
|
||||
verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 ||
|
||||
check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1;
|
||||
- setfsuid(0);
|
||||
+ if (setfsuid(0) < 0) return -1;
|
||||
|
||||
/* create runtime tmpdir */
|
||||
if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s,
|
||||
@@ -959,7 +974,7 @@
|
||||
}
|
||||
|
||||
/* assume fsuid==ruid after this point */
|
||||
- setfsuid(uid);
|
||||
+ if (setfsuid(uid) < 0) goto childerr;
|
||||
|
||||
/* mount homedir and tmpdir, in this order */
|
||||
if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir,
|
||||
@@ -1005,7 +1020,7 @@
|
||||
|
||||
/* selinux context */
|
||||
if (execcon && setexeccon(execcon) != 0) {
|
||||
- fprintf(stderr, _("Could not set exec context to %s.\n"), execcon);
|
||||
+ fprintf(stderr, _("Could not set exec context to %s. %s\n"), execcon, strerror(errno));
|
||||
goto childerr;
|
||||
}
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
--- policycoreutils-2.1.11/gui/templates/executable.py~ 2012-07-03 14:59:45.654659236 +0200
|
||||
+++ policycoreutils-2.1.11/gui/templates/executable.py 2012-07-03 15:02:44.226663311 +0200
|
||||
@@ -212,7 +212,7 @@
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
-## Transition to TEMPLATETYPE.
|
||||
+## Execute TEMPLATETYPE in the TEMPLATETYPE domain.
|
||||
## </summary>
|
||||
## <param name=\"domain\">
|
||||
## <summary>
|
||||
@@ -423,7 +423,7 @@
|
||||
allow $2 system_r;
|
||||
"""
|
||||
|
||||
-if_end_admin="""\
|
||||
+if_end_admin="""
|
||||
optional_policy(`
|
||||
systemd_passwd_agent_exec($1)
|
||||
systemd_read_fifo_file_passwd_run($1)
|
||||
--- policycoreutils-2.1.11/gui/templates/unit_file.py~ 2012-07-03 15:03:15.089664014 +0200
|
||||
+++ policycoreutils-2.1.11/gui/templates/unit_file.py 2012-07-03 15:03:50.931664833 +0200
|
||||
@@ -48,7 +48,7 @@
|
||||
')
|
||||
|
||||
systemd_exec_systemctl($1)
|
||||
- systemd_read_fifo_file_password_run($1)
|
||||
+ systemd_read_fifo_file_password_run($1)
|
||||
allow $1 TEMPLATETYPE_unit_file_t:file read_file_perms;
|
||||
allow $1 TEMPLATETYPE_unit_file_t:service manage_service_perms;
|
||||
|
|
@ -1,13 +1,10 @@
|
|||
%define libauditver 2.1.3-4
|
||||
%define libsepolver 2.1.4-5
|
||||
%define libsemanagever 2.1.5-1
|
||||
%define libselinuxver 2.1.8-5
|
||||
%define sepolgenver 1.1.5
|
||||
%define sepolgenver 1.1.8
|
||||
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.1.10
|
||||
Release: 21%{?dist}
|
||||
Version: 2.1.13
|
||||
Release: 27.3%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
# Based on git repository with tag 20101221
|
||||
|
@ -19,14 +16,11 @@ Source3: system-config-selinux.desktop
|
|||
Source4: system-config-selinux.pam
|
||||
Source5: system-config-selinux.console
|
||||
Source6: selinux-polgengui.desktop
|
||||
Source7: selinux-polgengui.console
|
||||
Source8: policycoreutils_man_ru2.tar.bz2
|
||||
Source9: semanage-bash-completion.sh
|
||||
Source10: restorecond.service
|
||||
Patch: policycoreutils-rhat.patch
|
||||
Patch1: policycoreutils-po.patch
|
||||
Patch3: policycoreutils-gui.patch
|
||||
Patch4: policycoreutils-sepolgen.patch
|
||||
Patch1: policycoreutils-sepolgen.patch
|
||||
Patch2: policycoreutils-nosub.patch
|
||||
Obsoletes: policycoreutils < 2.0.61-2
|
||||
Conflicts: filesystem < 3
|
||||
Provides: /sbin/fixfiles
|
||||
|
@ -36,12 +30,12 @@ Provides: /sbin/restorecon
|
|||
|
||||
%global pkgpythondir %{python_sitelib}/%{name}
|
||||
|
||||
BuildRequires: pam-devel libcgroup-devel libsepol-static >= %{libsepolver} libsemanage-static >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
|
||||
BuildRequires: pam-devel libcgroup-devel libsepol-static libsemanage-static libselinux-devel libcap-devel audit-libs-devel >= %{libauditver} gettext
|
||||
BuildRequires: desktop-file-utils dbus-devel dbus-glib-devel
|
||||
BuildRequires: python-devel
|
||||
BuildRequires: python-devel setools-devel >= 3.3.7-14
|
||||
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
|
||||
BuildRequires: systemd-units
|
||||
Requires: libsepol >= %{libsepolver} coreutils libselinux-utils >= %{libselinuxver}
|
||||
Requires: coreutils libselinux-utils
|
||||
Requires(post): systemd-units systemd-sysv
|
||||
Requires(preun): systemd-units
|
||||
Requires(postun): systemd-units
|
||||
|
@ -61,15 +55,13 @@ Control, and Multi-level Security.
|
|||
policycoreutils contains the policy core utilities that are required
|
||||
for basic operation of a SELinux system. These utilities include
|
||||
load_policy to load policies, setfiles to label filesystems, newrole
|
||||
to switch roles, and run_init to run /etc/init.d scripts in the proper
|
||||
context.
|
||||
to switch roles.
|
||||
|
||||
%prep
|
||||
%setup -q -a 1
|
||||
%patch -p2 -b .rhat
|
||||
%patch1 -p1 -b .rhatpo
|
||||
%patch3 -p1 -b .gui
|
||||
%patch4 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
|
||||
%patch1 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
|
||||
%patch2 -p1 -b .nosub
|
||||
|
||||
%build
|
||||
make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
|
||||
|
@ -103,20 +95,20 @@ install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/pixmaps
|
|||
install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/icons/hicolor/24x24/apps
|
||||
install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/system-config-selinux
|
||||
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/system-config-selinux
|
||||
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui
|
||||
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux
|
||||
tar -jxf %{SOURCE8} -C %{buildroot}/
|
||||
rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
|
||||
rm -f %{buildroot}/usr/share/man/ru/man8/open_init_pty.8.gz
|
||||
rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8
|
||||
rm -f %{buildroot}/usr/sbin/open_init_pty
|
||||
rm -f %{buildroot}/usr/sbin/run_init
|
||||
rm -f %{buildroot}/usr/share/man/ru/man8/run_init.8*
|
||||
rm -f %{buildroot}/usr/share/man/man8/run_init.8*
|
||||
rm -f %{buildroot}/etc/pam.d/run_init*
|
||||
|
||||
ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
|
||||
ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui
|
||||
|
||||
%{__mkdir} -p %{buildroot}%{_sysconfdir}/bash_completion.d/
|
||||
install -m 755 %{SOURCE9} %{buildroot}%{_sysconfdir}/bash_completion.d/
|
||||
|
||||
desktop-file-install --vendor fedora \
|
||||
--dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
|
||||
--add-category Settings \
|
||||
|
@ -138,6 +130,7 @@ Requires(pre): python >= 2.6
|
|||
Obsoletes: policycoreutils < 2.0.61-2
|
||||
Requires: setools-libs-python >= 3.3.7-14
|
||||
Requires: python-IPy checkpolicy
|
||||
Requires: selinux-policy-devel
|
||||
|
||||
%description python
|
||||
The policycoreutils-python package contains the management tools use to manage an SELinux environment.
|
||||
|
@ -149,11 +142,15 @@ The policycoreutils-python package contains the management tools use to manage a
|
|||
%{_bindir}/audit2why
|
||||
%{_bindir}/chcat
|
||||
%{_bindir}/sandbox
|
||||
%{_bindir}/sepolgen
|
||||
%{_bindir}/sepolicy
|
||||
%{_bindir}/sepolgen-ifgen
|
||||
%{_bindir}/sepolgen-ifgen-attr-helper
|
||||
%{python_sitelib}/seobject.py*
|
||||
%{python_sitelib}/sepolgen
|
||||
%{python_sitelib}/sepolicy
|
||||
%{python_sitelib}/%{name}*.egg-info
|
||||
%{python_sitelib}/sepolicy*.egg-info
|
||||
%{pkgpythondir}
|
||||
%dir /var/lib/sepolgen
|
||||
%dir /var/lib/selinux
|
||||
|
@ -165,9 +162,12 @@ The policycoreutils-python package contains the management tools use to manage a
|
|||
%{_mandir}/ru/man8/chcat.8*
|
||||
%{_mandir}/man8/sandbox.8*
|
||||
%{_mandir}/man8/semanage.8*
|
||||
%{_mandir}/man8/sepolicy*.8*
|
||||
%{_mandir}/ru/man8/semanage.8*
|
||||
%dir %{_sysconfdir}/bash_completion.d
|
||||
%{_sysconfdir}/bash_completion.d/semanage-bash-completion.sh
|
||||
%{_sysconfdir}/bash_completion.d/sepolicy-bash-completion.sh
|
||||
%{_sysconfdir}/bash_completion.d/setsebool-bash-completion.sh
|
||||
|
||||
%post python
|
||||
selinuxenabled && [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen 2>/dev/null
|
||||
|
@ -194,20 +194,10 @@ The policycoreutils-sandbox package contains the scripts to create graphical san
|
|||
%{_mandir}/man8/seunshare.8*
|
||||
%{_mandir}/man5/sandbox.5*
|
||||
|
||||
%triggerin python -- selinux-policy
|
||||
%triggerin python -- selinux-policy-devel
|
||||
selinuxenabled && [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen 2>/dev/null
|
||||
exit 0
|
||||
|
||||
%post sandbox
|
||||
if [ $1 -eq 1 ]; then
|
||||
/sbin/chkconfig sandbox --add
|
||||
fi
|
||||
|
||||
%preun sandbox
|
||||
if [ $1 -eq 0 ]; then
|
||||
/sbin/chkconfig sandbox --del
|
||||
fi
|
||||
|
||||
%package newrole
|
||||
Summary: The newrole application for RBAC/MLS
|
||||
Group: System Environment/Base
|
||||
|
@ -229,9 +219,8 @@ Summary: SELinux configuration GUI
|
|||
Group: System Environment/Base
|
||||
Requires: policycoreutils-python = %{version}-%{release}
|
||||
Requires: gnome-python2-gnome, pygtk2, pygtk2-libglade, gnome-python2-canvas
|
||||
Requires: usermode-gtk pywebkitgtk
|
||||
Requires: setools-console
|
||||
Requires: selinux-policy
|
||||
Requires: usermode-gtk
|
||||
Requires: selinux-policy-doc
|
||||
Requires: python >= 2.6
|
||||
BuildRequires: desktop-file-utils
|
||||
|
||||
|
@ -242,20 +231,15 @@ system-config-selinux is a utility for managing the SELinux environment
|
|||
%defattr(-,root,root)
|
||||
%{_bindir}/system-config-selinux
|
||||
%{_bindir}/selinux-polgengui
|
||||
%{_bindir}/sepolgen
|
||||
%{_datadir}/applications/fedora-system-config-selinux.desktop
|
||||
%{_datadir}/applications/fedora-selinux-polgengui.desktop
|
||||
%{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
|
||||
%{_datadir}/pixmaps/system-config-selinux.png
|
||||
%dir %{_datadir}/system-config-selinux
|
||||
%dir %{_datadir}/system-config-selinux/templates
|
||||
%{_datadir}/system-config-selinux/system-config-selinux.png
|
||||
%{_datadir}/system-config-selinux/*.py*
|
||||
%{_datadir}/system-config-selinux/selinux.tbl
|
||||
%{_datadir}/system-config-selinux/*.glade
|
||||
%{_datadir}/system-config-selinux/templates/*.py*
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/system-config-selinux
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/selinux-polgengui
|
||||
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-selinux
|
||||
|
||||
%clean
|
||||
|
@ -271,15 +255,12 @@ rm -rf %{buildroot}
|
|||
%{_sbindir}/setsebool
|
||||
%{_sbindir}/semodule
|
||||
%{_sbindir}/sestatus
|
||||
%{_sbindir}/run_init
|
||||
%{_sbindir}/restorecon
|
||||
%{_bindir}/secon
|
||||
%{_bindir}/semodule_deps
|
||||
%{_bindir}/semodule_expand
|
||||
%{_bindir}/semodule_link
|
||||
%{_bindir}/semodule_package
|
||||
%{_bindir}/semodule_unpackage
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/run_init
|
||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
|
||||
%{_mandir}/man5/selinux_config.5.gz
|
||||
|
@ -290,8 +271,6 @@ rm -rf %{buildroot}
|
|||
%{_mandir}/ru/man8/load_policy.8*
|
||||
%{_mandir}/man8/restorecon.8*
|
||||
%{_mandir}/ru/man8/restorecon.8*
|
||||
%{_mandir}/man8/run_init.8*
|
||||
%{_mandir}/ru/man8/run_init.8*
|
||||
%{_mandir}/man8/semodule.8*
|
||||
%{_mandir}/ru/man8/semodule.8*
|
||||
%{_mandir}/man8/semodule_deps.8*
|
||||
|
@ -334,19 +313,19 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||
|
||||
%post restorecond
|
||||
if [ $1 -eq 1 ] ; then
|
||||
/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%preun restorecond
|
||||
if [ $1 = 0 ]; then
|
||||
/usr/bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
|
||||
/usr/bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%postun restorecond
|
||||
/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
if [ $1 -ge 1 ] ; then
|
||||
/usr/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%triggerun -- restorecond < 2.0.86-13
|
||||
|
@ -356,6 +335,299 @@ fi
|
|||
%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
|
||||
|
||||
%changelog
|
||||
* Thu Jan 24 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27.2
|
||||
- Fix post install scripts to not use systemd macros
|
||||
|
||||
* Wed Nov 7 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27.1
|
||||
- Fix audit2allow -b to work in all timezones
|
||||
|
||||
* Wed Nov 7 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27
|
||||
- Only report restorecon warning for missing default label, if not running
|
||||
recusively
|
||||
- Update translations
|
||||
|
||||
* Mon Nov 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-26
|
||||
- Fix semanage booleans -l, move more boolean_dict handling into sepolicy
|
||||
- Update translations
|
||||
- Fixup sepolicy generate to discover /var/log, /var/run and /var/lib directories if they match the name
|
||||
- Fix kill function call should indicate signal_perms not kill capability
|
||||
- Error out cleanly in system-config-selinux, if it can not contact XServer
|
||||
|
||||
* Mon Nov 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-25
|
||||
- Remove run_init, no longer needed with systemd.
|
||||
- Fix sepolicy generate to not include subdirs in generated fcontext file. (mgrepl patch)
|
||||
|
||||
* Sat Nov 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-24
|
||||
- Fix manpage to generate proper man pages for alternate policy,
|
||||
basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as
|
||||
I pull the policy, policy.xml and file_contexts and file_contexts.homedir
|
||||
|
||||
* Thu Nov 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-23
|
||||
- Fix some build problems in sepolicy manpage and sepolicy transition
|
||||
|
||||
* Tue Oct 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-22
|
||||
- Add alias man pages to sepolicy manpage
|
||||
|
||||
* Mon Oct 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-21
|
||||
- Redesign sepolicy to only read the policy file once, not for every call
|
||||
|
||||
* Mon Oct 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-20
|
||||
- Fixes to sepolicy transition, allow it to list all transitions from a domain
|
||||
|
||||
* Sat Oct 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-19
|
||||
- Change sepolicy python bindings to have python pick policy file, fixes weird memory problems in sepolicy network
|
||||
|
||||
* Fri Oct 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18
|
||||
- Allow sepolicy to specify the policy to generate content from
|
||||
|
||||
* Thu Oct 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-17
|
||||
- Fix semanage boolean -F to handle boolean subs
|
||||
|
||||
* Thu Oct 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-16
|
||||
- Add Miroslav Grepl patch to generate html man pages
|
||||
- Update Translations
|
||||
- Add option to sandbox to shred files before deleting
|
||||
|
||||
* Mon Oct 22 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-15
|
||||
- Add Requires(post) PKGNAME to sepolicy generate /usr/bin/pkg
|
||||
|
||||
* Fri Oct 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-14
|
||||
- Add role_allow to sepolicy.search python bindings, this allows us to remove last requirement for setools-cmdline in gui tools.
|
||||
- Fix man page generator.
|
||||
|
||||
* Wed Oct 17 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-13
|
||||
- Remove dwalsh@redhat.com from man pages
|
||||
- Fix spec file for sepolicy generate
|
||||
|
||||
* Wed Oct 17 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-12
|
||||
- Add missing spec.py from templates directory needed for sepolicy generate
|
||||
- Add /var/tmp as collection point for sandbox apps.
|
||||
|
||||
* Tue Oct 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-11
|
||||
- Handle audit2allow -b in foreign locales
|
||||
|
||||
* Tue Oct 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-10
|
||||
- Update sepolicy generate with patch to create spec file and man page.
|
||||
- Patch initiated by Miroslav Grepl
|
||||
|
||||
* Wed Oct 10 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-9
|
||||
- Fix semanage to verify that types are appropriate for commands.
|
||||
* Patch initiated by mgrepl
|
||||
* Fixes problem of specifying non file_types for fcontext, or not port_types for semanage port
|
||||
|
||||
* Tue Oct 9 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-8
|
||||
- Fix typo in preunstall line for restorecond
|
||||
- Add mgrepl patch to consolidate file context generated by sepolicy generate
|
||||
|
||||
* Mon Oct 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-7
|
||||
- Fix manpage generation, missing import
|
||||
- Add equiv_dict to get samba booleans into smbd_selinux
|
||||
- Add proper translations for booleans and remove selinux.tbl
|
||||
|
||||
* Sat Oct 6 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-6
|
||||
- Fix system-config-selinux to use sepolicy.generate instead of sepolgen
|
||||
|
||||
* Thu Oct 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-5
|
||||
- Add sepolicy commands, and change tools to use them.
|
||||
|
||||
* Tue Sep 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-4
|
||||
- Rebuild without bogus prebuild 64 bit seunshare app
|
||||
|
||||
* Mon Sep 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-3
|
||||
- Allow fixfiles to specify -v, so they can get verbosity rather then progress.
|
||||
- Fix load_file Makefile to use SBINDIR rather then real OS.
|
||||
- Fix man pages in setfiles and restorecon to reflect what happens when you relabel the entire OS.
|
||||
|
||||
* Mon Sep 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-2
|
||||
- Use systemd post install scriptlets
|
||||
|
||||
* Thu Sep 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-1
|
||||
- Update to upstream
|
||||
* genhomedircon: manual page improvements
|
||||
* setfiles/restorecon minor improvements
|
||||
* run_init: If open_init_pty is not available then just use exec
|
||||
* newrole: do not drop capabilities when newrole is run as
|
||||
* restorecon: only update type by default
|
||||
* scripts: Don't syslog setfiles changes on a fixfiles restore
|
||||
* setfiles: do not syslog if no changes
|
||||
* Disable user restorecond by default
|
||||
* Make restorecon return 0 when a file has changed context
|
||||
* setfiles: Fix process_glob error handling
|
||||
* semanage: allow enable/disable under -m
|
||||
* add .tx to gitignore
|
||||
* translations: commit translations from Fedora community
|
||||
* po: silence build process
|
||||
* gui: Checking in policy to support polgengui and sepolgen.
|
||||
* gui: polgen: search for systemd subpackage when generating policy
|
||||
* gui: for exploring booleans
|
||||
* gui: system-config-selinux gui
|
||||
* Add Makefiles to support new gui code
|
||||
* gui: remove lockdown wizard
|
||||
* return equivalency records in fcontext customized
|
||||
* semanage: option to not load new policy into kernel after
|
||||
* sandbox: manpage update to describe standard types
|
||||
* setsebool: -N should not reload policy on changes
|
||||
* semodule: Add -N qualifier to no reload kernel policy
|
||||
* gui: polgen: sort selinux types of user controls
|
||||
* gui: polgen: follow symlinks and get the real path to
|
||||
* gui: Fix missing error function
|
||||
* setfiles: return errors when bad paths are given
|
||||
* fixfiles: tell restorecon to ignore missing paths
|
||||
* setsebool: error when setting multiple options
|
||||
* semanage: use boolean subs.
|
||||
* sandbox: Make sure Xephyr never listens on tcp ports
|
||||
* sepolgen: return and output constraint violation information
|
||||
* semanage: skip comments while reading external configuration files
|
||||
* restorecond: relabel all mount runtime files in the restorecond example
|
||||
* genhomedircon: dynamically create genhomedircon
|
||||
* Allow returning of bastard matches
|
||||
* sepolgen: return and output constraint violation information
|
||||
* audit2allow: one role/type pair per line
|
||||
|
||||
* Wed Aug 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-6
|
||||
- Change polgen to generate dbus apps as optional so they can compile on minimal policy system, patch from Miroslav Grepl
|
||||
|
||||
* Fri Jul 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-5
|
||||
- Fix sepolgen/audit2allow to handle multiple role/types in avc messages properly
|
||||
|
||||
* Thu Jul 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-4
|
||||
- Fix restorecon to generate a better percentage of completion on restorecon -R /.
|
||||
- Have audit2allow look at the constaint violation and tell the user whether it
|
||||
- is because of user,role or level
|
||||
|
||||
|
||||
* Wed Jul 11 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
|
||||
- userapps is generating sandbox code in polgengui
|
||||
|
||||
* Thu Jul 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-2
|
||||
- Remove load_policy symbolic link on usrmove systems this breaks the system
|
||||
|
||||
* Wed Jul 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
|
||||
- Update to upstream
|
||||
- policycoreutils
|
||||
* restorecond: wrong options should exit with non-zero error code
|
||||
* restorecond: Add -h option to get usage command
|
||||
* resorecond: user: fix fd leak
|
||||
* mcstrans: add -f to run in foreground
|
||||
* semanage: fix man page range and level defaults
|
||||
* semanage: bash completion for modules should include -a,-m, -d
|
||||
* semanage: manpage update for -e
|
||||
* semanage: dontaudit off should work
|
||||
* semanage: locallist option does not take an argument
|
||||
* sepolgen: Make use of setools optional within sepolgen
|
||||
- sepolgen
|
||||
* Make use of setools optional within sepolgen
|
||||
* We need to support files that have a + in them
|
||||
|
||||
* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-18
|
||||
- Make restorecon exit with an error on a bad path
|
||||
|
||||
* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-17
|
||||
- Fix setsebool command, handling of = broken.
|
||||
- Add missing error option in booleansPage
|
||||
|
||||
* Sun May 20 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-16
|
||||
- Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
|
||||
|
||||
* Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-15
|
||||
- Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
|
||||
- Trigger on selinux-policy needs to change to selinux-policy-devel
|
||||
- Update translations
|
||||
- Fix semanage dontaudit off/on exception
|
||||
|
||||
* Tue May 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-12
|
||||
- Add -N qualifier to semanage, setsebool and semodule to allow you to update
|
||||
- policy without reloading it into the kernel.
|
||||
|
||||
* Thu May 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-11
|
||||
- add some definition to the standard types available for sandboxes
|
||||
|
||||
* Mon May 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-10
|
||||
- Remove lockdown wizard
|
||||
|
||||
* Mon Apr 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-9
|
||||
- Fix semanage fcontext -E to extract the equivalance customizations.
|
||||
|
||||
* Tue Apr 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-8
|
||||
- Add mgrepl patch to have sepolgen search for -systemd rpm packages
|
||||
|
||||
* Tue Apr 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-7
|
||||
- Apply Stef Walter patch for semanage man page
|
||||
|
||||
* Mon Apr 23 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-6
|
||||
- Rebuild to get latest libsepol which fixes the file_name transition problems
|
||||
- Update translations
|
||||
- Fix calls to close fd for restorecond
|
||||
|
||||
* Fri Apr 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-5
|
||||
- Update translations
|
||||
- Fix sepolgen to discover unit files in /lib/systemd/
|
||||
|
||||
* Tue Apr 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-4
|
||||
- Update translations
|
||||
- Fix segfault on restorecon
|
||||
|
||||
* Tue Apr 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
|
||||
- Allow filename transitions to use + in a file name
|
||||
|
||||
* Fri Mar 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-2
|
||||
- Change policycoreutils-python to require selinux-policy-devel package
|
||||
|
||||
* Thu Mar 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
|
||||
- Update to upstream
|
||||
- policycoreutils
|
||||
* sandbox: do not propogate inside mounts outside
|
||||
* sandbox: Removing sandbox init script, should no longer be necessary
|
||||
* restorecond: Stop using deprecated interfaces for g_io
|
||||
* semanage: proper auditting of user changes for LSPP
|
||||
* semanage: audit message to show what record(s) and item(s) have chaged
|
||||
* scripts: Update Makefiles to handle /usrmove
|
||||
* mcstrans: Version should have been bumped on last check in
|
||||
* seunshare: Only drop caps not the Bounding Set from seunshare
|
||||
* Add bash-completion scripts for setsebool and semanage
|
||||
* newrole: Use correct capng calls in newrole
|
||||
* Fix infinite loop with inotify on 2.6.31 kernels
|
||||
* fix ftbfs with hardening flags
|
||||
* Only run setfiles if we found read-write filesystems to run it on
|
||||
* update .po files
|
||||
* remove empty po files
|
||||
* do not fail to install if unable to make load_policy lnk file
|
||||
|
||||
- sepolgen
|
||||
* Fix dead links to www.nsa.gov/selinux
|
||||
* audit.py Dont crash if empty data is passed to sepolgen
|
||||
* do not use md5 when calculating hash signatures
|
||||
* fix detection of policy loads
|
||||
|
||||
* Wed Mar 28 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-30
|
||||
- Have sepolgen script specify the pp file with the make command. From mgrepl.
|
||||
|
||||
* Wed Mar 21 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-29
|
||||
- Fix sepolgen handling of unit files.
|
||||
|
||||
* Thu Mar 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-28
|
||||
- Require selinux-policy-doc
|
||||
|
||||
* Thu Mar 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-27
|
||||
- Fix unit file handling in sepolgen
|
||||
|
||||
* Wed Feb 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-26
|
||||
- Add bash_command completion for setsebool/getsebool
|
||||
|
||||
* Mon Feb 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-25
|
||||
- Disable restorecond on desktop by default
|
||||
- Change seunshare to not modify the bounding set
|
||||
|
||||
* Mon Feb 20 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-24
|
||||
- Stop using sandbox init in post install since it no longer exists.
|
||||
|
||||
* Thu Feb 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-23
|
||||
- Change to use new selinux_current_policy_path()
|
||||
|
||||
* Wed Feb 15 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-22
|
||||
- Change to use new selinux_binary_policy_path()
|
||||
- Add systemd_passwd_agent_exec($1), and systemd_read_fifo_file_passwd_run($1) to templates for _admin interface
|
||||
|
||||
* Fri Feb 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-21
|
||||
- On full relabels we will now show a estimated percent complete rather then
|
||||
just *s.
|
||||
|
|
|
@ -64,3 +64,4 @@ Type=Application
|
|||
Terminal=false
|
||||
Categories=System;Security;
|
||||
X-Desktop-File-Install-Version=0.2
|
||||
Keywords=policy;security;selinux;avc;permission;mac;
|
||||
|
|
4
sources
4
sources
|
@ -1,3 +1,3 @@
|
|||
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
||||
86d10b576c95d220bd2e27cc387e67da policycoreutils-2.1.10.tgz
|
||||
34b1f6599517f80c9b7cfa2dc22826db sepolgen-1.1.5.tgz
|
||||
381607ecf76bcb9397286143c93071cb sepolgen-1.1.8.tgz
|
||||
98f13937f6723d7eb85b3adaf6b477e6 policycoreutils-2.1.13.tgz
|
||||
|
|
|
@ -64,3 +64,4 @@ Type=Application
|
|||
Terminal=false
|
||||
Categories=System;Security;
|
||||
X-Desktop-File-Install-Version=0.2
|
||||
Keywords=policy;security;selinux;avc;permission;mac;
|
||||
|
|
Loading…
Reference in New Issue