Compare commits
24 Commits
Author | SHA1 | Date |
---|---|---|
Fedora Release Engineering | bb7c01d71f | |
Bill Nottingham | fe359d693e | |
Ville Skyttä | 13be1a99f5 | |
Daniel J Walsh | d4bd0baeb3 | |
Daniel J Walsh | 18a7a1c03e | |
Daniel J Walsh | bf61436c6c | |
Daniel J Walsh | 1322ca76af | |
Daniel J Walsh | 4a3071268a | |
Daniel J Walsh | c450cec1ab | |
Daniel J Walsh | 941f446b7b | |
Daniel J Walsh | 6d19aa7c9d | |
Daniel J Walsh | 718151101e | |
Daniel J Walsh | dc8cef6f58 | |
Daniel J Walsh | 099332feda | |
Daniel J Walsh | ad939ea03b | |
Daniel J Walsh | 06b0e4f2db | |
Daniel J Walsh | 9b246acac1 | |
Daniel J Walsh | 465ba00217 | |
Daniel J Walsh | 2f18c41d42 | |
Daniel J Walsh | a0371d337b | |
Daniel J Walsh | 87538e92c4 | |
Daniel J Walsh | 263a6fe04c | |
Daniel J Walsh | aeed29539d | |
Jesse Keating | 9aee215ef2 |
|
@ -163,3 +163,4 @@ policycoreutils-2.0.27.tgz
|
|||
policycoreutils-2.0.28.tgz
|
||||
policycoreutils-2.0.29.tgz
|
||||
policycoreutils-2.0.31.tgz
|
||||
policycoreutils_man_ru2.tar.bz2
|
2
Makefile
2
Makefile
|
@ -4,7 +4,7 @@ NAME := policycoreutils
|
|||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,102 @@
|
|||
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/refparser.py
|
||||
--- nsasepolgen/src/sepolgen/refparser.py 2007-09-13 08:21:11.000000000 -0400
|
||||
+++ policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/refparser.py 2007-12-19 06:05:51.000000000 -0500
|
||||
@@ -118,6 +118,7 @@
|
||||
'TEMPLATE',
|
||||
'GEN_CONTEXT',
|
||||
# m4
|
||||
+ 'IFELSE',
|
||||
'IFDEF',
|
||||
'IFNDEF',
|
||||
'DEFINE'
|
||||
@@ -174,6 +175,7 @@
|
||||
'template' : 'TEMPLATE',
|
||||
'gen_context' : 'GEN_CONTEXT',
|
||||
# M4
|
||||
+ 'ifelse' : 'IFELSE',
|
||||
'ifndef' : 'IFNDEF',
|
||||
'ifdef' : 'IFDEF',
|
||||
'define' : 'DEFINE'
|
||||
@@ -220,6 +222,12 @@
|
||||
# Ignore all comments
|
||||
t.lexer.lineno += 1
|
||||
|
||||
+def t_refpolicywarn1(t):
|
||||
+ r'define.*refpolicywarn\(.*\n'
|
||||
+ # Ignore refpolicywarn statements - they sometimes
|
||||
+ # contain text that we can't parse.
|
||||
+ t.skip(1)
|
||||
+
|
||||
def t_refpolicywarn(t):
|
||||
r'refpolicywarn\(.*\n'
|
||||
# Ignore refpolicywarn statements - they sometimes
|
||||
@@ -258,6 +266,7 @@
|
||||
m = None
|
||||
# error is either None (indicating no error) or a string error message.
|
||||
error = None
|
||||
+parse_file = ""
|
||||
# spt is the support macros (e.g., obj/perm sets) - it is an instance of
|
||||
# refpolicy.SupportMacros and should always be present during parsing
|
||||
# though it may not contain any macros.
|
||||
@@ -382,6 +391,19 @@
|
||||
collect(p[12], x, val=False)
|
||||
p[0] = [x]
|
||||
|
||||
+def p_ifelse(p):
|
||||
+ '''ifelse : IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
|
||||
+ | IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
|
||||
+ '''
|
||||
+# x = refpolicy.IfDef(p[4])
|
||||
+# v = True
|
||||
+# collect(p[8], x, val=v)
|
||||
+# if len(p) > 12:
|
||||
+# collect(p[12], x, val=False)
|
||||
+# p[0] = [x]
|
||||
+ pass
|
||||
+
|
||||
+
|
||||
def p_ifdef(p):
|
||||
'''ifdef : IFDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
|
||||
| IFNDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
|
||||
@@ -446,6 +468,7 @@
|
||||
| optional_policy
|
||||
| tunable_policy
|
||||
| ifdef
|
||||
+ | ifelse
|
||||
| conditional
|
||||
'''
|
||||
p[0] = p[1]
|
||||
@@ -844,7 +867,8 @@
|
||||
|
||||
def p_error(tok):
|
||||
global error
|
||||
- error = "Syntax error on line %d %s [type=%s]" % (tok.lineno, tok.value, tok.type)
|
||||
+ global parse_file
|
||||
+ error = "%s: Syntax error on line %d %s [type=%s]" % (parse_file, tok.lineno, tok.value, tok.type)
|
||||
print error
|
||||
|
||||
def prep_spt(spt):
|
||||
@@ -892,7 +916,7 @@
|
||||
def list_headers(root):
|
||||
modules = []
|
||||
support_macros = None
|
||||
- blacklist = ["init.if", "inetd.if", "uml.if", "thunderbird.if"]
|
||||
+ blacklist = ["uml.if", "thunderbird.if"]
|
||||
|
||||
for dirpath, dirnames, filenames in os.walk(root):
|
||||
for name in filenames:
|
||||
@@ -941,12 +965,14 @@
|
||||
output.write(msg)
|
||||
|
||||
def parse_file(f, module, spt=None):
|
||||
+ global parse_file
|
||||
if debug:
|
||||
o("parsing file %s\n" % f)
|
||||
try:
|
||||
fd = open(f)
|
||||
txt = fd.read()
|
||||
fd.close()
|
||||
+ parse_file = f
|
||||
parse(txt, module, spt, debug)
|
||||
except IOError, e:
|
||||
return
|
|
@ -2,11 +2,11 @@
|
|||
%define libsepolver 2.0.10-1
|
||||
%define libsemanagever 2.0.5-1
|
||||
%define libselinuxver 2.0.34-1
|
||||
%define sepolgenver 1.0.10
|
||||
%define sepolgenver 1.0.11
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.31
|
||||
Release: 7%{?dist}
|
||||
Version: 2.0.34
|
||||
Release: 8%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
|
@ -18,10 +18,12 @@ Source4: system-config-selinux.pam
|
|||
Source5: system-config-selinux.console
|
||||
Source6: selinux-polgengui.desktop
|
||||
Source7: selinux-polgengui.console
|
||||
Source8: policycoreutils_man_ru2.tar.bz2
|
||||
Patch: policycoreutils-rhat.patch
|
||||
Patch1: policycoreutils-po.patch
|
||||
#Patch2: policycoreutils-sepolgen.patch
|
||||
Patch3: policycoreutils-gui.patch
|
||||
Patch4: policycoreutils-sepolgen.patch
|
||||
|
||||
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
|
||||
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
|
||||
|
@ -52,6 +54,7 @@ context.
|
|||
%patch1 -p1 -b .rhatpo
|
||||
#%patch2 -p1 -b .sepolgen
|
||||
%patch3 -p1 -b .gui
|
||||
%patch4 -p1 -b .sepolgen
|
||||
|
||||
%build
|
||||
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
|
||||
|
@ -76,6 +79,7 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/system-config-selinux
|
|||
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui
|
||||
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux
|
||||
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/security/console.apps/selinux-polgengui
|
||||
tar -jxf %{SOURCE8} -C %{buildroot}/
|
||||
ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
|
||||
ln -sf consolehelper %{buildroot}%{_bindir}/selinux-polgengui
|
||||
|
||||
|
@ -111,7 +115,7 @@ Requires: gnome-python2, pygtk2, pygtk2-libglade, gnome-python2-canvas
|
|||
Requires: usermode, rhpl
|
||||
Requires: python >= 2.4
|
||||
BuildRequires: desktop-file-utils
|
||||
Requires: selinux-policy
|
||||
Requires: selinux-policy-devel
|
||||
|
||||
%description gui
|
||||
system-config-selinux is a utility for managing the SELinux environment
|
||||
|
@ -159,25 +163,7 @@ rm -rf %{buildroot}
|
|||
%{_bindir}/semodule_expand
|
||||
%{_bindir}/semodule_link
|
||||
%{_bindir}/semodule_package
|
||||
%{_mandir}/man8/chcat.8.gz
|
||||
%{_mandir}/man8/restorecond.8.gz
|
||||
%{_mandir}/man8/restorecon.8.gz
|
||||
%{_mandir}/man8/sestatus.8.gz
|
||||
%{_mandir}/man8/semanage.8.gz
|
||||
%{_mandir}/man8/semodule.8.gz
|
||||
%{_mandir}/man8/semodule_deps.8.gz
|
||||
%{_mandir}/man8/semodule_link.8.gz
|
||||
%{_mandir}/man8/semodule_package.8.gz
|
||||
%{_mandir}/man8/semodule_expand.8.gz
|
||||
%{_mandir}/man8/setfiles.8.gz
|
||||
%{_mandir}/man8/fixfiles.8.gz
|
||||
%{_mandir}/man8/load_policy.8.gz
|
||||
%{_mandir}/man8/audit2why.8.gz
|
||||
%{_mandir}/man8/open_init_pty.8.gz
|
||||
%{_mandir}/man8/setsebool.8.gz
|
||||
%{_mandir}/man8/run_init.8.gz
|
||||
%{_mandir}/man1/audit2allow.1.gz
|
||||
%{_mandir}/man1/secon.1.gz
|
||||
%{_mandir}/*
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/newrole
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/run_init
|
||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||
|
@ -207,6 +193,99 @@ if [ "$1" -ge "1" ]; then
|
|||
fi
|
||||
|
||||
%changelog
|
||||
* Thu May 22 2008 Dan Walsh <dwalsh@redhat.com> 2.0.34-8
|
||||
- Stop verifying prefix, so livecd will work
|
||||
|
||||
* Tue Jan 8 2008 Dan Walsh <dwalsh@redhat.com> 2.0.34-7
|
||||
- Fix fixfiles to handle no args
|
||||
|
||||
* Mon Dec 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-5
|
||||
- Fix roles output when creating a module
|
||||
|
||||
* Mon Dec 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-4
|
||||
- Handle files with spaces in fixfiles
|
||||
|
||||
* Fri Dec 21 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-3
|
||||
- Catch SELINUX_ERR with audit2allow and generate policy
|
||||
|
||||
* Thu Dec 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-2
|
||||
- Make sepolgen set error exit code when partial failure
|
||||
- audit2why now checks booleans for avc diagnosis
|
||||
|
||||
* Wed Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.34-1
|
||||
- Update to upstream
|
||||
|
||||
* Wed Dec 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-4
|
||||
- Fix sepolgen to be able to parse Fedora 9 policy
|
||||
Handle ifelse statements
|
||||
Handle refpolicywarn inside of define
|
||||
Add init.if and inetd.if into parse
|
||||
Add parse_file to syntax error message
|
||||
|
||||
* Fri Dec 14 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-3
|
||||
- Add scroll bar to fcontext gui page
|
||||
|
||||
* Tue Dec 11 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-2
|
||||
- Add Russion Man pages
|
||||
|
||||
* Mon Dec 10 2007 Dan Walsh <dwalsh@redhat.com> 2.0.33-1
|
||||
- Upgrade from NSA
|
||||
* Drop verbose output on fixfiles -C from Dan Walsh.
|
||||
* Fix argument handling in fixfiles from Dan Walsh.
|
||||
* Enhance boolean support in semanage, including using the .xml description when available, from Dan Walsh.
|
||||
- Fix handling of final screen in polgengui
|
||||
|
||||
* Sun Dec 2 2007 Dan Walsh <dwalsh@redhat.com> 2.0.32-2
|
||||
- Fix handling of disable selinux button in gui
|
||||
|
||||
* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.32-1
|
||||
- Upgrade from NSA
|
||||
* load_policy initial load option from Chad Sellers.
|
||||
|
||||
* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-20
|
||||
- Don't show error on missing policy.xml
|
||||
|
||||
* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-19
|
||||
- GUI Enhancements
|
||||
- Fix cgi generation
|
||||
- Use more patterns
|
||||
|
||||
* Mon Nov 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-18
|
||||
- Remove codec hacking, which seems to be fixed in python
|
||||
|
||||
* Fri Nov 16 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-17
|
||||
- Fix typo
|
||||
- Change to upstream minimal privledge interfaces
|
||||
|
||||
* Fri Nov 16 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-16
|
||||
- Fix fixfiles argument parsing
|
||||
|
||||
* Thu Nov 15 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-15
|
||||
- Fix File Labeling add
|
||||
|
||||
* Thu Nov 8 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-14
|
||||
- Fix semanage to handle state where policy.xml is not installed
|
||||
|
||||
* Mon Nov 5 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-13
|
||||
- Remove -v from restorecon in fixfiles
|
||||
|
||||
* Mon Nov 5 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-12
|
||||
- Fix filter and search capabilities, add wait cursor
|
||||
|
||||
* Fri Nov 2 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-11
|
||||
- Translate booleans via policy.xml
|
||||
- Allow booleans to be set via semanage
|
||||
|
||||
* Thu Nov 1 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-10
|
||||
- Require use of selinux-policy-devel
|
||||
|
||||
* Wed Oct 31 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-9
|
||||
- Validate semanage fcontext input
|
||||
- Fix template names for log files in gui
|
||||
|
||||
* Fri Oct 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-8
|
||||
- Fix template to generate correct content
|
||||
|
||||
* Fri Oct 19 2007 Dan Walsh <dwalsh@redhat.com> 2.0.31-7
|
||||
- Fix consolekit link to selinux-polgengui
|
||||
|
||||
|
|
5
sources
5
sources
|
@ -1,2 +1,3 @@
|
|||
eddb3e34fb982d752aa8cbed7b98f3d2 sepolgen-1.0.10.tgz
|
||||
dd5e29a0c739566edbbbb4f77cee5d7c policycoreutils-2.0.31.tgz
|
||||
3fed5cd04ee67c0f86e3cc6825261819 sepolgen-1.0.11.tgz
|
||||
ca550750667febd8441a8eb498863602 policycoreutils-2.0.34.tgz
|
||||
7915287c8377b768ccae7eb6dc736783 policycoreutils_man_ru2.tar.bz2
|
||||
|
|
Loading…
Reference in New Issue