diff --git a/policycoreutils-2.4/Makefile b/policycoreutils-2.4/Makefile index 962ac12..6a9c40c 100644 --- a/policycoreutils-2.4/Makefile +++ b/policycoreutils-2.4/Makefile @@ -1,4 +1,4 @@ -SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll +SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll semanage/default_encoding INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --git a/policycoreutils-2.4/audit2allow/audit2allow b/policycoreutils-2.4/audit2allow/audit2allow index c9713a2..5c5bd6e 100644 --- a/policycoreutils-2.4/audit2allow/audit2allow +++ b/policycoreutils-2.4/audit2allow/audit2allow @@ -271,7 +271,7 @@ class AuditToPolicy: if rc == audit2why.CONSTRAINT: print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n" print "#Constraint rule:" - print "\n\t" + data[0] + print "\n#\t" + data[0] for reason in data[1:]: print "#\tPossible cause is the source %s and target %s are different.\n" % reason diff --git a/policycoreutils-2.4/audit2allow/sepolgen-ifgen b/policycoreutils-2.4/audit2allow/sepolgen-ifgen index 83c7ecf..7f8caaf 100644 --- a/policycoreutils-2.4/audit2allow/sepolgen-ifgen +++ b/policycoreutils-2.4/audit2allow/sepolgen-ifgen @@ -82,7 +82,7 @@ def get_attrs(policy_path): sys.stderr.write("No installed policy to check\n") return None outfile = tempfile.NamedTemporaryFile() - except IOError, e: + except IOError as e: sys.stderr.write("could not open attribute output file\n") return None except OSError: @@ -100,7 +100,7 @@ def get_attrs(policy_path): try: attrs.from_file(outfile) except: - print "error parsing attribute info" + print("error parsing attribute info") return None return attrs @@ -111,7 +111,7 @@ def main(): # Open the output first to generate errors before parsing try: f = open(options.output, "w") - except IOError, e: + except IOError as e: sys.stderr.write("could not open output file [%s]\n" % options.output) return 1 @@ -130,9 +130,9 @@ def main(): # Parse the headers try: headers = refparser.parse_headers(options.headers, output=log, debug=options.debug) - except ValueError, e: - print "error parsing headers" - print str(e) + except ValueError as e: + print("error parsing headers") + print(str(e)) return 1 if_set = interfaces.InterfaceSet(output=log) diff --git a/policycoreutils-2.4/gui/Makefile b/policycoreutils-2.4/gui/Makefile index 9d9f820..0c2b390 100644 --- a/policycoreutils-2.4/gui/Makefile +++ b/policycoreutils-2.4/gui/Makefile @@ -12,7 +12,6 @@ domainsPage.py \ fcontextPage.py \ html_util.py \ loginsPage.py \ -mappingsPage.py \ modulesPage.py \ polgen.glade \ portsPage.py \ diff --git a/policycoreutils-2.4/gui/booleansPage.py b/policycoreutils-2.4/gui/booleansPage.py index eee954d..0c4b14b 100644 --- a/policycoreutils-2.4/gui/booleansPage.py +++ b/policycoreutils-2.4/gui/booleansPage.py @@ -18,20 +18,17 @@ # You should have received a copy of the GNU General Public License # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # -import string import gtk import gtk.glade -import os import gobject import sys -import tempfile import seobject import semanagePage INSTALLPATH='/usr/share/system-config-selinux' sys.path.append(INSTALLPATH) -import commands +import subprocess ENFORCING=0 PERMISSIVE=1 DISABLED=2 @@ -50,10 +47,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode - -from glob import fnmatch + import builtins + builtins.__dict__['_'] = str class Modifier: def __init__(self,name, on, save): @@ -103,8 +98,6 @@ class booleansPage: self.revertButton = xml.get_widget("booleanRevertButton") self.revertButton.set_sensitive(self.local) self.revertButton.connect("clicked", self.on_revert_clicked) - listStore = gtk.ListStore(gobject.TYPE_STRING) - cell = gtk.CellRendererText() self.store = gtk.ListStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) self.store.set_sort_column_id(1, gtk.SORT_ASCENDING) @@ -123,7 +116,7 @@ class booleansPage: self.booleansView.append_column(col) col = gtk.TreeViewColumn("Description", gtk.CellRendererText(), text=DESC) - col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) + col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) col.set_fixed_width(400) col.set_sort_column_id(DESC) col.set_resizable(True) @@ -170,16 +163,15 @@ class booleansPage: # change cursor if boolean == None: return + self.wait() try: - self.wait() - (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean) - - self.ready() - if rc != 0: - return self.error(out) + subprocess.check_output("semanage boolean -d %s" % boolean, + stderr=subprocess.STDOUT, + shell=True) self.load(self.filter) - except ValueError, e: - self.error(e.args[0]) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def filter_changed(self, *arg): filter = arg[0].get_text() @@ -224,17 +216,25 @@ class booleansPage: self.store.set_value(iter, ACTIVE , not val) self.wait() setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val) - rc,out = commands.getstatusoutput(setsebool) - if rc != 0: - self.error(out) - self.load(self.filter) + try: + subprocess.check_output(setsebool, + stderr=subprocess.STDOUT, + shell=True) + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() def on_revert_clicked(self, button): self.wait() setsebool="semanage boolean --deleteall" - commands.getstatusoutput(setsebool) - self.load(self.filter) + try: + subprocess.check_output(setsebool, + stderr=subprocess.STDOUT, + shell=True) + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() def on_local_clicked(self, button): diff --git a/policycoreutils-2.4/gui/domainsPage.py b/policycoreutils-2.4/gui/domainsPage.py index 6af1e9a..39a4574 100644 --- a/policycoreutils-2.4/gui/domainsPage.py +++ b/policycoreutils-2.4/gui/domainsPage.py @@ -20,7 +20,7 @@ import string import gtk import gtk.glade import os -import commands +import subprocess import gobject import sys import seobject @@ -41,8 +41,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class domainsPage(semanagePage): def __init__(self, xml): @@ -115,18 +115,17 @@ class domainsPage(semanagePage): selection = self.view.get_selection() store, iter = selection.get_selected() domain = store.get_value(iter, 0) + self.wait() + cmd = "semanage permissive -d %s_t" % domain try: - self.wait() - status, output = commands.getstatusoutput("semanage permissive -d %s_t" % domain) - self.ready() - if status != 0: - self.error(output) - else: - domain = store.set_value(iter, 1, "") - self.itemSelected(selection) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + domain = store.set_value(iter, 1, "") + self.itemSelected(selection) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def propertiesDialog(self): # Do nothing @@ -140,15 +139,14 @@ class domainsPage(semanagePage): selection = self.view.get_selection() store, iter = selection.get_selected() domain = store.get_value(iter, 0) + self.wait() + cmd = "semanage permissive -a %s_t" % domain try: - self.wait() - status, output = commands.getstatusoutput("semanage permissive -a %s_t" % domain) - self.ready() - if status != 0: - self.error(output) - else: - domain = store.set_value(iter, 1, _("Permissive")) - self.itemSelected(selection) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + domain = store.set_value(iter, 1, _("Permissive")) + self.itemSelected(selection) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() diff --git a/policycoreutils-2.4/gui/fcontextPage.py b/policycoreutils-2.4/gui/fcontextPage.py index 131f1c2..9a34143 100644 --- a/policycoreutils-2.4/gui/fcontextPage.py +++ b/policycoreutils-2.4/gui/fcontextPage.py @@ -18,10 +18,9 @@ ## Author: Dan Walsh import gtk import gtk.glade -import os import gobject import seobject -import commands +import subprocess from semanagePage import *; SPEC_COL = 0 @@ -55,8 +54,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class fcontextPage(semanagePage): @@ -72,16 +71,16 @@ class fcontextPage(semanagePage): self.view.set_search_equal_func(self.search) col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL) - col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) - col.set_fixed_width(250) + col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) + col.set_fixed_width(250) col.set_sort_column_id(SPEC_COL) col.set_resizable(True) self.view.append_column(col) col = gtk.TreeViewColumn(_("Selinux\nFile Type"), gtk.CellRendererText(), text=TYPE_COL) - col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) - col.set_fixed_width(250) + col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) + col.set_fixed_width(250) col.set_sort_column_id(TYPE_COL) col.set_resizable(True) self.view.append_column(col) @@ -97,16 +96,16 @@ class fcontextPage(semanagePage): liststore=self.fcontextFileTypeCombo.get_model() for k in seobject.file_types: if len(k) > 0 and k[0] != '-': - iter=liststore.append() - liststore.set_value(iter, 0, k) - iter = liststore.get_iter_first() - self.fcontextFileTypeCombo.set_active_iter(iter) + it=liststore.append() + liststore.set_value(it, 0, k) + it = liststore.get_iter_first() + self.fcontextFileTypeCombo.set_active_iter(it) self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry") self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry") - def match(self, fcon_dict, k, filter): + def match(self, fcon_dict, k, filt): try: - f=filter.lower() + f=filt.lower() for con in k: k=con.lower() if k.find(f) >= 0: @@ -119,46 +118,46 @@ class fcontextPage(semanagePage): pass return False - def load(self, filter=""): - self.filter=filter + def load(self, filt=""): + self.filter=filt self.fcontext=seobject.fcontextRecords() self.store.clear() fcon_dict=self.fcontext.get_all(self.local) - keys = fcon_dict.keys() + keys = list(fcon_dict.keys()) keys.sort() for k in keys: - if not self.match(fcon_dict, k, filter): + if not self.match(fcon_dict, k, filt): continue - iter=self.store.append() - self.store.set_value(iter, SPEC_COL, k[0]) - self.store.set_value(iter, FTYPE_COL, k[1]) + it=self.store.append() + self.store.set_value(it, SPEC_COL, k[0]) + self.store.set_value(it, FTYPE_COL, k[1]) if fcon_dict[k]: rec="%s:%s" % (fcon_dict[k][2], seobject.translate(fcon_dict[k][3],False)) else: rec="<>" - self.store.set_value(iter, TYPE_COL, rec) + self.store.set_value(it, TYPE_COL, rec) self.view.get_selection().select_path ((0,)) def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: - self.load(filter) + filt = arg[0].get_text() + if filt != self.filter: + self.load(filt) def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL)) + store, it = self.view.get_selection().get_selected() + self.fcontextEntry.set_text(store.get_value(it, SPEC_COL)) self.fcontextEntry.set_sensitive(False) - scontext = store.get_value(iter, TYPE_COL) + scontext = store.get_value(it, TYPE_COL) scon=context(scontext) self.fcontextTypeEntry.set_text(scon.type) self.fcontextMLSEntry.set_text(scon.mls) - type=store.get_value(iter, FTYPE_COL) + setype=store.get_value(it, FTYPE_COL) liststore=self.fcontextFileTypeCombo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter,0) != type: - iter = liststore.iter_next(iter) - if iter != None: - self.fcontextFileTypeCombo.set_active_iter(iter) + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != setype: + it = liststore.iter_next(it) + if it != None: + self.fcontextFileTypeCombo.set_active_iter(it) self.fcontextFileTypeCombo.set_sensitive(False) def dialogClear(self): @@ -169,55 +168,60 @@ class fcontextPage(semanagePage): self.fcontextMLSEntry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() + fspec=store.get_value(it, SPEC_COL) + ftype=store.get_value(it, FTYPE_COL) + self.wait() try: - fspec=store.get_value(iter, SPEC_COL) - ftype=store.get_value(iter, FTYPE_COL) - self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec)) - self.ready() - - if rc != 0: - return self.error(out) - store.remove(iter) + subprocess.check_output("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec), + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) self.view.get_selection().select_path ((0,)) - except ValueError, e: - self.error(e.args[0]) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def add(self): ftype=["", "--", "-d", "-c", "-b", "-s", "-l", "-p" ] fspec=self.fcontextEntry.get_text().strip() - type=self.fcontextTypeEntry.get_text().strip() + setype=self.fcontextTypeEntry.get_text().strip() mls=self.fcontextMLSEntry.get_text().strip() list_model=self.fcontextFileTypeCombo.get_model() active = self.fcontextFileTypeCombo.get_active() self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, ftype[active], fspec)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype[active], fspec), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it=self.store.append() + self.store.set_value(it, SPEC_COL, fspec) + self.store.set_value(it, FTYPE_COL, ftype) + self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter=self.store.append() - self.store.set_value(iter, SPEC_COL, fspec) - self.store.set_value(iter, FTYPE_COL, ftype) - self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) - def modify(self): fspec=self.fcontextEntry.get_text().strip() - type=self.fcontextTypeEntry.get_text().strip() + setype=self.fcontextTypeEntry.get_text().strip() mls=self.fcontextMLSEntry.get_text().strip() list_model=self.fcontextFileTypeCombo.get_model() - iter = self.fcontextFileTypeCombo.get_active_iter() - ftype=list_model.get_value(iter,0) + it = self.fcontextFileTypeCombo.get_active_iter() + ftype=list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (type, mls, ftype, fspec)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype, fspec), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, SPEC_COL, fspec) + self.store.set_value(it, FTYPE_COL, ftype) + self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, SPEC_COL, fspec) - self.store.set_value(iter, FTYPE_COL, ftype) - self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) diff --git a/policycoreutils-2.4/gui/html_util.py b/policycoreutils-2.4/gui/html_util.py index 68eed76..32de37a 100644 --- a/policycoreutils-2.4/gui/html_util.py +++ b/policycoreutils-2.4/gui/html_util.py @@ -30,7 +30,8 @@ import htmllib import formatter as Formatter import string from types import * -import StringIO +import io +import collections #------------------------------------------------------------------------------ @@ -119,7 +120,7 @@ def unescape_html(s): def html_to_text(html, maxcol=80): try: - buffer = StringIO.StringIO() + buffer = io.StringIO() formatter = Formatter.AbstractFormatter(TextWriter(buffer, maxcol)) parser = HTMLParserAnchor(formatter) parser.feed(html) @@ -127,7 +128,7 @@ def html_to_text(html, maxcol=80): text = buffer.getvalue() buffer.close() return text - except Exception, e: + except Exception as e: log_program.error('cannot convert html to text: %s' % e) return None @@ -149,7 +150,7 @@ def html_document(*body_components): elif type(body_component) in [TupleType, ListType]: for item in body_component: doc += item - elif callable(body_component): + elif isinstance(body_component, collections.Callable): result = body_component() if type(result) in [TupleType, ListType]: for item in result: diff --git a/policycoreutils-2.4/gui/loginsPage.py b/policycoreutils-2.4/gui/loginsPage.py index ec29fd9..8a1c0b7 100644 --- a/policycoreutils-2.4/gui/loginsPage.py +++ b/policycoreutils-2.4/gui/loginsPage.py @@ -16,13 +16,10 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys -import commands +import subprocess import seobject from semanagePage import *; @@ -39,8 +36,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class loginsPage(semanagePage): def __init__(self, xml): @@ -68,21 +65,21 @@ class loginsPage(semanagePage): self.filter=filter self.login = seobject.loginRecords() dict = self.login.get_all(0) - keys = dict.keys() + keys = list(dict.keys()) keys.sort() self.store.clear() for k in keys: range = seobject.translate(dict[k][1]) if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)): continue - iter = self.store.append() - self.store.set_value(iter, 0, k) - self.store.set_value(iter, 1, dict[k][0]) - self.store.set_value(iter, 2, range) + it = self.store.append() + self.store.set_value(it, 0, k) + self.store.set_value(it, 1, dict[k][0]) + self.store.set_value(it, 2, range) self.view.get_selection().select_path ((0,)) def __dialogSetup(self): - if self.firstTime == True: + if self.firstTime: return self.firstTime = True liststore = gtk.ListStore(gobject.TYPE_STRING) @@ -92,31 +89,31 @@ class loginsPage(semanagePage): self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) selusers = seobject.seluserRecords().get_all(0) - keys = selusers.keys() + keys = list(selusers.keys()) keys.sort() for k in keys: if k != "system_u": self.loginsSelinuxUserCombo.append_text(k) - iter = liststore.get_iter_first() - while liststore.get_value(iter,0) != "user_u": - iter = liststore.iter_next(iter) - self.loginsSelinuxUserCombo.set_active_iter(iter) + it = liststore.get_iter_first() + while liststore.get_value(it,0) != "user_u": + it = liststore.iter_next(it) + self.loginsSelinuxUserCombo.set_active_iter(it) def dialogInit(self): self.__dialogSetup() - store, iter = self.view.get_selection().get_selected() - self.loginsNameEntry.set_text(store.get_value(iter, 0)) + store, it = self.view.get_selection().get_selected() + self.loginsNameEntry.set_text(store.get_value(it, 0)) self.loginsNameEntry.set_sensitive(False) - self.loginsMLSEntry.set_text(store.get_value(iter, 2)) - seuser = store.get_value(iter, 1) + self.loginsMLSEntry.set_text(store.get_value(it, 2)) + seuser = store.get_value(it, 1) liststore = self.loginsSelinuxUserCombo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter,0) != seuser: - iter = liststore.iter_next(iter) - if iter != None: - self.loginsSelinuxUserCombo.set_active_iter(iter) + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != seuser: + it = liststore.iter_next(it) + if it != None: + self.loginsSelinuxUserCombo.set_active_iter(it) def dialogClear(self): @@ -126,21 +123,25 @@ class loginsPage(semanagePage): self.loginsMLSEntry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() try: - login=store.get_value(iter, 0) + login=store.get_value(it, 0) if login == "root" or login == "__default__": raise ValueError(_("Login '%s' is required") % login) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -d %s" % login) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -d %s" % login, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.ready() + self.error(e.output) return False - store.remove(iter) - self.view.get_selection().select_path ((0,)) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) def add(self): @@ -149,36 +150,42 @@ class loginsPage(semanagePage): if serange == "": serange="s0" list_model=self.loginsSelinuxUserCombo.get_model() - iter = self.loginsSelinuxUserCombo.get_active_iter() - seuser = list_model.get_value(iter,0) + it = self.loginsSelinuxUserCombo.get_active_iter() + seuser = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -a -s %s -r %s %s" % (seuser, serange, target), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it = self.store.append() + self.store.set_value(it, 0, target) + self.store.set_value(it, 1, seuser) + self.store.set_value(it, 2, seobject.translate(serange)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter = self.store.append() - self.store.set_value(iter, 0, target) - self.store.set_value(iter, 1, seuser) - self.store.set_value(iter, 2, seobject.translate(serange)) - def modify(self): target=self.loginsNameEntry.get_text().strip() serange=self.loginsMLSEntry.get_text().strip() if serange == "": serange = "s0" list_model = self.loginsSelinuxUserCombo.get_model() - iter = self.loginsSelinuxUserCombo.get_active_iter() - seuser=list_model.get_value(iter,0) + it = self.loginsSelinuxUserCombo.get_active_iter() + seuser=list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -m -s %s -r %s %s" % (seuser, serange, target), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, 0, target) + self.store.set_value(it, 1, seuser) + self.store.set_value(it, 2, seobject.translate(serange)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, 0, target) - self.store.set_value(iter, 1, seuser) - self.store.set_value(iter, 2, seobject.translate(serange)) diff --git a/policycoreutils-2.4/gui/modulesPage.py b/policycoreutils-2.4/gui/modulesPage.py index 9ff0766..a52863e 100644 --- a/policycoreutils-2.4/gui/modulesPage.py +++ b/policycoreutils-2.4/gui/modulesPage.py @@ -20,7 +20,7 @@ import string import gtk import gtk.glade import os -import commands +import subprocess import gobject import sys import seobject @@ -41,8 +41,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class modulesPage(semanagePage): def __init__(self, xml): @@ -85,8 +85,8 @@ class modulesPage(semanagePage): except: return 0 - def load(self, filter=""): - self.filter=filter + def load(self, filt=""): + self.filter=filt self.store.clear() try: fd = Popen("semodule -l", shell=True, stdout=PIPE).stdout @@ -94,11 +94,11 @@ class modulesPage(semanagePage): fd.close() for i in l: module, ver, newline = i.split('\t') - if not (self.match(module, filter) or self.match(ver, filter)): + if not (self.match(module, filt) or self.match(ver, filt)): continue - iter = self.store.append() - self.store.set_value(iter, 0, module.strip()) - self.store.set_value(iter, 1, ver.strip()) + it = self.store.append() + self.store.set_value(it, 0, module.strip()) + self.store.set_value(it, 1, ver.strip()) except: pass self.view.get_selection().select_path ((0,)) @@ -107,53 +107,51 @@ class modulesPage(semanagePage): def new_module(self, args): try: Popen(["/usr/share/system-config-selinux/polgengui.py"]) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) def delete(self): - store, iter = self.view.get_selection().get_selected() - module = store.get_value(iter, 0) + store, it = self.view.get_selection().get_selected() + module = store.get_value(it, 0) + self.wait() try: - self.wait() - status, output = commands.getstatusoutput("semodule -r %s" % module) - self.ready() - if status != 0: - self.error(output) - else: - store.remove(iter) - self.view.get_selection().select_path ((0,)) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output("semodule -r %s" % module, + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def enable_audit(self, button): self.audit_enabled = not self.audit_enabled + if self.audit_enabled: + cmd = "semodule -DB" + label = _("Disable Audit") + else: + cmd = "semodule -B" + label = _("Enable Audit") + self.wait() try: - self.wait() - if self.audit_enabled: - status, output =commands.getstatusoutput("semodule -DB") - button.set_label(_("Disable Audit")) - else: - status, output =commands.getstatusoutput("semodule -B") - button.set_label(_("Enable Audit")) - self.ready() - - if status != 0: - self.error(output) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + button.set_label(label) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def disable_audit(self, button): + self.wait() + cmd = "semodule -B" try: - self.wait() - status, output =commands.getstatusoutput("semodule -B") - self.ready() - if status != 0: - self.error(output) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def propertiesDialog(self): # Do nothing @@ -167,10 +165,10 @@ class modulesPage(semanagePage): gtk.STOCK_OPEN, gtk.RESPONSE_OK)) dialog.set_default_response(gtk.RESPONSE_OK) - filter = gtk.FileFilter() - filter.set_name("Policy Files") - filter.add_pattern("*.pp") - dialog.add_filter(filter) + filt = gtk.FileFilter() + filt.set_name("Policy Files") + filt.add_pattern("*.pp") + dialog.add_filter(filt) response = dialog.run() if response == gtk.RESPONSE_OK: @@ -178,14 +176,13 @@ class modulesPage(semanagePage): dialog.destroy() def add(self, file): + self.wait() + cmd = "semodule -i %s" % file try: - self.wait() - status, output =commands.getstatusoutput("semodule -i %s" % file) - self.ready() - if status != 0: - self.error(output) - else: - self.load() - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.load() + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() diff --git a/policycoreutils-2.4/gui/polgen.glade b/policycoreutils-2.4/gui/polgen.glade index 37c1472..9854fb2 100644 --- a/policycoreutils-2.4/gui/polgen.glade +++ b/policycoreutils-2.4/gui/polgen.glade @@ -758,7 +758,7 @@ True False True - + 2 @@ -840,7 +840,7 @@ True False True - + 2 @@ -1983,7 +1983,7 @@ Tab True True False - + True @@ -2036,7 +2036,7 @@ Tab True True False - + True @@ -2091,7 +2091,7 @@ Tab True False True - + @@ -2188,7 +2188,7 @@ Tab True True False - + True @@ -2243,7 +2243,7 @@ Tab True False True - + @@ -2414,7 +2414,7 @@ Tab True False True - + False @@ -2430,7 +2430,7 @@ Tab True False True - + False @@ -2446,7 +2446,7 @@ Tab True False True - + False diff --git a/policycoreutils-2.4/gui/polgengui.py b/policycoreutils-2.4/gui/polgengui.py index 0f0e564..1b88c47 100644 --- a/policycoreutils-2.4/gui/polgengui.py +++ b/policycoreutils-2.4/gui/polgengui.py @@ -30,29 +30,15 @@ import gnome import sys try: from sepolicy import generate -except ValueError,e: +except ValueError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) - + import sepolicy.interface -import commands +import subprocess import re -def get_all_modules(): - try: - all_modules = [] - rc, output=commands.getstatusoutput("semodule -l 2>/dev/null") - if rc == 0: - l = output.split("\n") - for i in l: - all_modules.append(i.split()[0]) - except: - pass - - return all_modules - - ## ## I18N ## @@ -67,8 +53,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str gnome.program_init("SELinux Policy Generation Tool", "5") @@ -191,10 +177,10 @@ class childWindow: try: self.all_types = generate.get_all_types() - self.all_modules = get_all_modules() + self.all_modules = sepolicy.get_all_modules() self.all_roles = generate.get_all_roles() self.all_users = generate.get_all_users() - except RuntimeError, e: + except RuntimeError as e: self.all_types = [] self.all_modules = [] self.all_roles = [] @@ -262,7 +248,7 @@ class childWindow: self.out_udp_entry = self.xml.get_widget("out_udp_entry") self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ] - for b in self.network_buttons.keys(): + for b in list(self.network_buttons.keys()): b.connect("clicked",self.network_all_clicked) self.boolean_treeview = self.xml.get_widget("boolean_treeview") @@ -333,7 +319,7 @@ class childWindow: for a in sepolicy.interface.get_admin(): iter = self.admin_store.append() self.admin_store.set_value(iter, 0, a) - except ValueError,e: + except ValueError as e: self.error(e.message) def confine_application(self): @@ -519,7 +505,7 @@ class childWindow: self.info(my_policy.generate(outputdir)) return False - except ValueError, e: + except ValueError as e: self.error(e.message) def delete(self, args): @@ -687,7 +673,7 @@ class childWindow: try: generate.verify_ports(self.in_tcp_entry.get_text()) generate.verify_ports(self.in_udp_entry.get_text()) - except ValueError, e: + except ValueError as e: self.error(e.message) return True @@ -695,7 +681,7 @@ class childWindow: try: generate.verify_ports(self.out_tcp_entry.get_text()) generate.verify_ports(self.out_udp_entry.get_text()) - except ValueError, e: + except ValueError as e: self.error(e.message) return True @@ -734,12 +720,12 @@ class childWindow: policy.set_program(exe) policy.gen_writeable() policy.gen_symbols() - for f in policy.files.keys(): + for f in list(policy.files.keys()): iter = self.store.append() self.store.set_value(iter, 0, f) self.store.set_value(iter, 1, FILE) - for f in policy.dirs.keys(): + for f in list(policy.dirs.keys()): iter = self.store.append() self.store.set_value(iter, 0, f) self.store.set_value(iter, 1, DIR) diff --git a/policycoreutils-2.4/gui/portsPage.py b/policycoreutils-2.4/gui/portsPage.py index bfb4e36..e6c87c5 100644 --- a/policycoreutils-2.4/gui/portsPage.py +++ b/policycoreutils-2.4/gui/portsPage.py @@ -16,14 +16,11 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys import seobject -import commands +import subprocess from semanagePage import *; ## @@ -43,8 +40,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class portsPage(semanagePage): def __init__(self, xml): @@ -62,19 +59,19 @@ class portsPage(semanagePage): self.ports_properties_button = xml.get_widget("portsPropertiesButton") self.ports_delete_button = xml.get_widget("portsDeleteButton") liststore = self.ports_protocol_combo.get_model() - iter = liststore.get_iter_first() - self.ports_protocol_combo.set_active_iter(iter) + it = liststore.get_iter_first() + self.ports_protocol_combo.set_active_iter(it) self.init_store() self.edit = True self.load() def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: + filt = arg[0].get_text() + if filt != self.filter: if self.edit: - self.load(filter) + self.load(filt) else: - self.group_load(filter) + self.group_load(filt) def init_store(self): self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING) @@ -116,43 +113,43 @@ class portsPage(semanagePage): except: return 0 - def load(self,filter = ""): - self.filter=filter + def load(self,filt = ""): + self.filter=filt self.port = seobject.portRecords() - dict = self.port.get_all(self.local) - keys = dict.keys() + pdict = self.port.get_all(self.local) + keys = list(pdict.keys()) keys.sort() self.store.clear() for k in keys: - if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)): + if not (self.match(str(k[0]), filt) or self.match(pdict[k][0], filt) or self.match(k[2], filt) or self.match(pdict[k][1], filt) or self.match(pdict[k][1], filt)): continue - iter = self.store.append() + it = self.store.append() if k[0] == k[1]: - self.store.set_value(iter, PORT_COL, k[0]) + self.store.set_value(it, PORT_COL, k[0]) else: rec = "%s-%s" % k[:2] - self.store.set_value(iter, PORT_COL, rec) - self.store.set_value(iter, TYPE_COL, dict[k][0]) - self.store.set_value(iter, PROTOCOL_COL, k[2]) - self.store.set_value(iter, MLS_COL, dict[k][1]) + self.store.set_value(it, PORT_COL, rec) + self.store.set_value(it, TYPE_COL, pdict[k][0]) + self.store.set_value(it, PROTOCOL_COL, k[2]) + self.store.set_value(it, MLS_COL, pdict[k][1]) self.view.get_selection().select_path ((0,)) - def group_load(self, filter = ""): - self.filter=filter + def group_load(self, filt = ""): + self.filter=filt self.port = seobject.portRecords() - dict = self.port.get_all_by_type(self.local) - keys = dict.keys() + pdict = self.port.get_all_by_type(self.local) + keys = list(pdict.keys()) keys.sort() self.store.clear() for k in keys: - ports_string = ", ".join(dict[k]) - if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter) ): + ports_string = ", ".join(pdict[k]) + if not (self.match(ports_string, filt) or self.match(k[0], filt) or self.match(k[1], filt) ): continue - iter = self.store.append() - self.store.set_value(iter, TYPE_COL, k[0]) - self.store.set_value(iter, PROTOCOL_COL, k[1]) - self.store.set_value(iter, PORT_COL, ports_string) - self.store.set_value(iter, MLS_COL, "") + it = self.store.append() + self.store.set_value(it, TYPE_COL, k[0]) + self.store.set_value(it, PROTOCOL_COL, k[1]) + self.store.set_value(it, PORT_COL, ports_string) + self.store.set_value(it, MLS_COL, "") self.view.get_selection().select_path ((0,)) def propertiesDialog(self): @@ -160,19 +157,19 @@ class portsPage(semanagePage): semanagePage.propertiesDialog(self) def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) + store, it = self.view.get_selection().get_selected() + self.ports_number_entry.set_text(store.get_value(it, PORT_COL)) self.ports_number_entry.set_sensitive(False) self.ports_protocol_combo.set_sensitive(False) - self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) - self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) - protocol = store.get_value(iter, PROTOCOL_COL) + self.ports_name_entry.set_text(store.get_value(it, TYPE_COL)) + self.ports_mls_entry.set_text(store.get_value(it, MLS_COL)) + protocol = store.get_value(it, PROTOCOL_COL) liststore = self.ports_protocol_combo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter,0) != protocol: - iter = liststore.iter_next(iter) - if iter != None: - self.ports_protocol_combo.set_active_iter(iter) + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != protocol: + it = liststore.iter_next(it) + if it != None: + self.ports_protocol_combo.set_active_iter(it) def dialogClear(self): self.ports_number_entry.set_text("") @@ -182,19 +179,20 @@ class portsPage(semanagePage): self.ports_mls_entry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() - port = store.get_value(iter, PORT_COL) - protocol = store.get_value(iter, 1) + store, it = self.view.get_selection().get_selected() + port = store.get_value(it, PORT_COL) + protocol = store.get_value(it, 1) + self.wait() + cmd = "semanage port -d -p %s %s" % (protocol, port) try: - self.wait() - (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port)) - self.ready() - if rc != 0: - return self.error(out) - store.remove(iter) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) self.view.get_selection().select_path ((0,)) - except ValueError, e: - self.error(e.args[0]) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def add(self): target = self.ports_name_entry.get_text().strip() @@ -207,39 +205,47 @@ class portsPage(semanagePage): self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number ) return False list_model = self.ports_protocol_combo.get_model() - iter = self.ports_protocol_combo.get_active_iter() - protocol = list_model.get_value(iter,0) + it = self.ports_protocol_combo.get_active_iter() + protocol = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) + cmd = "semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + it = self.store.append() + self.store.set_value(it, TYPE_COL, target) + self.store.set_value(it, PORT_COL, port_number) + self.store.set_value(it, PROTOCOL_COL, protocol) + self.store.set_value(it, MLS_COL, mls) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() - if rc != 0: - self.error(out) - return False - iter = self.store.append() - - self.store.set_value(iter, TYPE_COL, target) - self.store.set_value(iter, PORT_COL, port_number) - self.store.set_value(iter, PROTOCOL_COL, protocol) - self.store.set_value(iter, MLS_COL, mls) def modify(self): target = self.ports_name_entry.get_text().strip() mls = self.ports_mls_entry.get_text().strip() port_number = self.ports_number_entry.get_text().strip() list_model = self.ports_protocol_combo.get_model() - iter = self.ports_protocol_combo.get_active_iter() - protocol = list_model.get_value(iter,0) + it = self.ports_protocol_combo.get_active_iter() + protocol = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) - self.ready() - if rc != 0: - self.error(out) + cmd = "semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, TYPE_COL, target) + self.store.set_value(it, PORT_COL, port_number) + self.store.set_value(it, PROTOCOL_COL, protocol) + self.store.set_value(it, MLS_COL, mls) + self.ready() + return True + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, TYPE_COL, target) - self.store.set_value(iter, PORT_COL, port_number) - self.store.set_value(iter, PROTOCOL_COL, protocol) - self.store.set_value(iter, MLS_COL, mls) def on_group_clicked(self, button): self.ports_add_button.set_sensitive(self.group) diff --git a/policycoreutils-2.4/gui/semanagePage.py b/policycoreutils-2.4/gui/semanagePage.py index 3a0e478..040a4f8 100644 --- a/policycoreutils-2.4/gui/semanagePage.py +++ b/policycoreutils-2.4/gui/semanagePage.py @@ -37,8 +37,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str def idle_func(): while gtk.events_pending(): @@ -77,9 +77,9 @@ class semanagePage: return def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: - self.load(filter) + filt = arg[0].get_text() + if filt != self.filter: + self.load(filt) def search(self, model, col, key, i): sort_col = self.store.get_sort_column_id()[0] @@ -122,13 +122,37 @@ class semanagePage: dlg.destroy() def deleteDialog(self): - store, iter = self.view.get_selection().get_selected() - if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: + store, it = self.view.get_selection().get_selected() + if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(it, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: self.delete() def use_menus(self): return True + def load(self, filt): + raise RuntimeError("load method not implemented in parent class"); + + def filter(self): + raise RuntimeError("filter method not implemented in parent class"); + + def store(self): + raise RuntimeError("store method not implemented in parent class"); + + def add(self): + raise RuntimeError("add method not implemented"); + + def modify(self): + raise RuntimeError("modify method not implemented"); + + def delete(self): + raise RuntimeError("delete method not implemented"); + + def dialogInit(self): + raise RuntimeError("dialogInit method not implemented"); + + def dialogClear(self): + raise RuntimeError("dialogClear method not implemented"); + def addDialog(self): self.dialogClear() self.dialog.set_title(_("Add %s" % self.description)) @@ -136,10 +160,10 @@ class semanagePage: while self.dialog.run() == gtk.RESPONSE_OK: try: - if self.add() == False: + if not self.add(): continue break; - except ValueError, e: + except ValueError as e: self.error(e.args[0]) self.dialog.hide() @@ -149,10 +173,10 @@ class semanagePage: self.dialog.set_position(gtk.WIN_POS_MOUSE) while self.dialog.run() == gtk.RESPONSE_OK: try: - if self.modify() == False: + if not self.modify(): continue break; - except ValueError, e: + except ValueError as e: self.error(e.args[0]) self.dialog.hide() diff --git a/policycoreutils-2.4/gui/statusPage.py b/policycoreutils-2.4/gui/statusPage.py index 02685f2..6510d2a 100644 --- a/policycoreutils-2.4/gui/statusPage.py +++ b/policycoreutils-2.4/gui/statusPage.py @@ -16,18 +16,14 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade import os -import gobject import sys -import tempfile INSTALLPATH = '/usr/share/system-config-selinux' sys.path.append(INSTALLPATH) -import commands ENFORCING = 1 PERMISSIVE = 0 DISABLED = -1 @@ -47,8 +43,8 @@ import selinux try: gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = unicode class statusPage: def __init__(self, xml): @@ -127,21 +123,21 @@ class statusPage: return rc def typemenu_changed(self, menu): - type = self.get_type() + setype = self.get_type() enabled = self.enabledOptionMenu.get_active() - if self.initialtype != type: + if self.initialtype != setype: if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: menu.set_active(self.typeHistory) return None self.relabel_checkbutton.set_active(True) - self.write_selinux_config(modearray[enabled], type ) + self.write_selinux_config(modearray[enabled], setype ) self.typeHistory = menu.get_active() def enabled_changed(self, combo): enabled = combo.get_active() - type = self.get_type() + setype = self.get_type() if self.initEnabled != DISABLED and enabled == DISABLED: if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO: @@ -154,11 +150,11 @@ class statusPage: return None self.relabel_checkbutton.set_active(True) - self.write_selinux_config(modearray[enabled], type ) + self.write_selinux_config(modearray[enabled], setype ) self.enabled = enabled - def write_selinux_config(self, enforcing, type): - path = selinux.selinux_path() + "config" + def write_selinux_config(self, enforcing, setype): + path = selinux.selinux_path() + "config" backup_path = path + ".bck" fd = open(path) lines = fd.readlines() @@ -169,7 +165,7 @@ class statusPage: fd.write("SELINUX=%s\n" % enforcing) continue if l.startswith("SELINUXTYPE="): - fd.write("SELINUXTYPE=%s\n" % type) + fd.write("SELINUXTYPE=%s\n" % setype) continue fd.write(l) fd.close() diff --git a/policycoreutils-2.4/gui/system-config-selinux.py b/policycoreutils-2.4/gui/system-config-selinux.py index bc3027e..9482fa5 100644 --- a/policycoreutils-2.4/gui/system-config-selinux.py +++ b/policycoreutils-2.4/gui/system-config-selinux.py @@ -25,9 +25,9 @@ import string import sys try: import gtk -except RuntimeError, e: - print "system-config-selinux:", e - print "This is a graphical application and requires DISPLAY to be set." +except RuntimeError as e: + print("system-config-selinux:", e) + print("This is a graphical application and requires DISPLAY to be set.") sys.exit (1) import gtk.glade @@ -57,8 +57,8 @@ try: unicode=False, codeset = 'utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str gnome.program_init("SELinux Management Tool", "5") @@ -95,7 +95,7 @@ class childWindow: self.add_page(portsPage.portsPage(xml)) self.add_page(modulesPage.modulesPage(xml)) # modules self.add_page(domainsPage.domainsPage(xml)) # domains - except ValueError, e: + except ValueError as e: self.error(e.message) xml.signal_connect("on_quit_activate", self.destroy) diff --git a/policycoreutils-2.4/gui/usersPage.py b/policycoreutils-2.4/gui/usersPage.py index 93804ac..1451903 100644 --- a/policycoreutils-2.4/gui/usersPage.py +++ b/policycoreutils-2.4/gui/usersPage.py @@ -16,13 +16,10 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys -import commands +import subprocess import seobject from semanagePage import *; @@ -36,8 +33,8 @@ gettext.textdomain(PROGNAME) try: gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = unicode class usersPage(semanagePage): def __init__(self, xml): @@ -65,34 +62,30 @@ class usersPage(semanagePage): self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") - def load(self, filter = ""): - self.filter=filter + def load(self, filt = ""): + self.filter=filt self.user = seobject.seluserRecords() - dict = self.user.get_all() - keys = dict.keys() + udict = self.user.get_all() + keys = list(udict.keys()) keys.sort() self.store.clear() for k in keys: - range = seobject.translate(dict[k][2]) - if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): + serange = seobject.translate(udict[k][2]) + if not (self.match(k, filt) or self.match(udict[k][0], filter) or self.match(serange, filt) or self.match(udict[k][3], filt)): continue - iter = self.store.append() - self.store.set_value(iter, 0, k) - self.store.set_value(iter, 1, range) - self.store.set_value(iter, 2, dict[k][3]) + it = self.store.append() + self.store.set_value(it, 0, k) + self.store.set_value(it, 1, serange) + self.store.set_value(it, 2, udict[k][3]) self.view.get_selection().select_path ((0,)) - def delete(self): - if semanagePage.delete(self) == gtk.RESPONSE_NO: - return None - def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.selinuxUserEntry.set_text(store.get_value(iter, 0)) + store, it = self.view.get_selection().get_selected() + self.selinuxUserEntry.set_text(store.get_value(it, 0)) self.selinuxUserEntry.set_sensitive(False) - self.mlsRangeEntry.set_text(store.get_value(iter, 1)) - self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) + self.mlsRangeEntry.set_text(store.get_value(it, 1)) + self.selinuxRolesEntry.set_text(store.get_value(it, 2)) def dialogClear(self): self.selinuxUserEntry.set_text("") @@ -102,48 +95,62 @@ class usersPage(semanagePage): def add(self): user = self.selinuxUserEntry.get_text() - range = self.mlsRangeEntry.get_text() + serange = self.mlsRangeEntry.get_text() roles = self.selinuxRolesEntry.get_text() self.wait() - (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage user -a -R '%s' -r %s %s" % (roles, serange, user), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it = self.store.append() + self.store.set_value(it, 0, user) + self.store.set_value(it, 1, serange) + self.store.set_value(it, 2, roles) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter = self.store.append() - self.store.set_value(iter, 0, user) - self.store.set_value(iter, 1, range) - self.store.set_value(iter, 2, roles) def modify(self): user = self.selinuxUserEntry.get_text() - range = self.mlsRangeEntry.get_text() + serange = self.mlsRangeEntry.get_text() roles = self.selinuxRolesEntry.get_text() self.wait() - (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) - self.ready() - - if rc != 0: - self.error(out) + cmd = "semanage user -m -R '%s' -r %s %s" % (roles, serange, user) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - self.load(self.filter) + return True def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() try: - user=store.get_value(iter, 0) + user=store.get_value(it, 0) if user == "root" or user == "user_u": raise ValueError(_("SELinux user '%s' is required") % user) self.wait() - (rc, out) = commands.getstatusoutput("semanage user -d %s" % user) - self.ready() - if rc != 0: - self.error(out) + cmd = "semanage user -d %s" % user + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - store.remove(iter) - self.view.get_selection().select_path ((0,)) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) diff --git a/policycoreutils-2.4/hll/pp/pp.c b/policycoreutils-2.4/hll/pp/pp.c index b863346..d994891 100644 --- a/policycoreutils-2.4/hll/pp/pp.c +++ b/policycoreutils-2.4/hll/pp/pp.c @@ -1995,12 +1995,23 @@ static int role_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN // one of these roles in base, the declaration will not appeaer in // the resulting policy, likely resulting in a compilation error in // CIL. + // + // To make things more complicated, the auditadm_r and secadm_r + // roles could actually be in either the base module or a non-base + // module, or both. So we can't rely on this same behavior. So for + // these roles, don't declare them here, even if they are in a base + // or non-base module. Instead we will just declare them in the + // base module elsewhere. int is_base_role = (!strcmp(key, "user_r") || !strcmp(key, "staff_r") || !strcmp(key, "sysadm_r") || !strcmp(key, "system_r") || !strcmp(key, "unconfined_r")); - if ((is_base_role && pdb->policy_type == SEPOL_POLICY_BASE) || !is_base_role) { + int is_builtin_role = (!strcmp(key, "auditadm_r") || + !strcmp(key, "secadm_r")); + if ((is_base_role && pdb->policy_type == SEPOL_POLICY_BASE) || + (!is_base_role && !is_builtin_role)) { + cil_println(indent, "(role %s)", key); } } @@ -2051,7 +2062,9 @@ static int role_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN for (i = 0; i < num_types; i++) { - cil_println(indent, "(roletype %s %s)", key, types[i]); + if (is_id_in_scope(pdb, decl_stack, types[i], SYM_TYPES)) { + cil_println(indent, "(roletype %s %s)", key, types[i]); + } } break; @@ -3594,6 +3607,17 @@ static int generate_default_object(void) return 0; } +static int generate_builtin_roles(void) +{ + // due to inconsistentencies between policies and CIL not allowing + // duplicate roles, some roles are always created, regardless of if they + // are declared in modules or not + cil_println(0, "(role auditadm_r)"); + cil_println(0, "(role secadm_r)"); + + return 0; +} + static int generate_gen_require_attribute(void) { cil_println(0, "(typeattribute " GEN_REQUIRE_ATTR ")"); @@ -3679,6 +3703,11 @@ static int module_package_to_cil(struct sepol_module_package *mod_pkg) goto exit; } + rc = generate_builtin_roles(); + if (rc != 0) { + goto exit; + } + // default attribute to be used to mimic gen_require in CIL rc = generate_gen_require_attribute(); if (rc != 0) { diff --git a/policycoreutils-2.4/newrole/newrole.c b/policycoreutils-2.4/newrole/newrole.c index 94794e9..55e8d39 100644 --- a/policycoreutils-2.4/newrole/newrole.c +++ b/policycoreutils-2.4/newrole/newrole.c @@ -278,7 +278,7 @@ static int process_pam_config(FILE * cfg) continue; app = service = NULL; - ret = sscanf(buffer, "%as %as\n", &app, &service); + ret = sscanf(buffer, "%ms %ms\n", &app, &service); if (ret < 2 || !app || !service) goto err; @@ -546,9 +546,7 @@ static int drop_capabilities(int full) if (!uid) return 0; capng_setpid(getpid()); - capng_clear(CAPNG_SELECT_BOTH); - if (capng_lock() < 0) - return -1; + capng_clear(CAPNG_SELECT_CAPS); /* Change uid */ if (setresuid(uid, uid, uid)) { @@ -557,7 +555,7 @@ static int drop_capabilities(int full) } if (! full) capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_AUDIT_WRITE); - return capng_apply(CAPNG_SELECT_BOTH); + return capng_apply(CAPNG_SELECT_CAPS); } #elif defined(NAMESPACE_PRIV) /** @@ -575,20 +573,21 @@ static int drop_capabilities(int full) */ static int drop_capabilities(int full) { + uid_t uid = getuid(); + if (!uid) return 0; + capng_setpid(getpid()); - capng_clear(CAPNG_SELECT_BOTH); - if (capng_lock() < 0) - return -1; + capng_clear(CAPNG_SELECT_CAPS); - uid_t uid = getuid(); /* Change uid */ if (setresuid(uid, uid, uid)) { fprintf(stderr, _("Error changing uid, aborting.\n")); return -1; } if (! full) - capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1); - return capng_apply(CAPNG_SELECT_BOTH); + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_AUDIT_WRITE, -1); + + return capng_apply(CAPNG_SELECT_CAPS); } #else @@ -679,7 +678,7 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, security_context_t * tty_context, security_context_t * new_tty_context) { - int fd; + int fd, rc; int enforcing = security_getenforce(); security_context_t tty_con = NULL; security_context_t new_tty_con = NULL; @@ -698,7 +697,13 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, fprintf(stderr, _("Error! Could not open %s.\n"), ttyn); return fd; } - fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + /* this craziness is to make sure we cann't block on open and deadlock */ + rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + if (rc) { + fprintf(stderr, _("Error! Could not clear O_NONBLOCK on %s\n"), ttyn); + close(fd); + return rc; + } if (fgetfilecon(fd, &tty_con) < 0) { fprintf(stderr, _("%s! Could not get current context " @@ -1009,9 +1014,9 @@ int main(int argc, char *argv[]) int fd; pid_t childPid = 0; char *shell_argv0 = NULL; + int rc; #ifdef USE_PAM - int rc; int pam_status; /* pam return code */ pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */ @@ -1104,7 +1109,7 @@ int main(int argc, char *argv[]) * command when invoked by newrole. */ char *cmd = NULL; - rc = sscanf(argv[optind + 1], "%as", &cmd); + rc = sscanf(argv[optind + 1], "%ms", &cmd); if (rc != EOF && cmd) { char *app_service_name = (char *)hashtab_search(app_service_names, @@ -1222,18 +1227,26 @@ int main(int argc, char *argv[]) fprintf(stderr, _("Could not close descriptors.\n")); goto err_close_pam; } - fd = open(ttyn, O_RDWR | O_NONBLOCK); + fd = open(ttyn, O_RDONLY | O_NONBLOCK); if (fd != 0) goto err_close_pam; - fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + if (rc) + goto err_close_pam; + fd = open(ttyn, O_RDWR | O_NONBLOCK); if (fd != 1) goto err_close_pam; - fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + if (rc) + goto err_close_pam; + fd = open(ttyn, O_RDWR | O_NONBLOCK); if (fd != 2) goto err_close_pam; - fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); + if (rc) + goto err_close_pam; } /* @@ -1267,19 +1280,24 @@ int main(int argc, char *argv[]) } #endif - if (send_audit_message(1, old_context, new_context, ttyn)) + if (send_audit_message(1, old_context, new_context, ttyn)) { + fprintf(stderr, _("Failed to send audit message")); goto err_close_pam_session; + } freecon(old_context); old_context=NULL; freecon(new_context); new_context=NULL; #ifdef NAMESPACE_PRIV - if (transition_to_caller_uid()) + if (transition_to_caller_uid()) { + fprintf(stderr, _("Failed to transition to namespace\n")); goto err_close_pam_session; + } #endif - if (drop_capabilities(TRUE)) + if (drop_capabilities(TRUE)) { + fprintf(stderr, _("Failed to drop capabilities %m\n")); goto err_close_pam_session; - + } /* Handle environment changes */ if (restore_environment(preserve_environment, old_environ, &pw)) { fprintf(stderr, _("Unable to restore the environment, " diff --git a/policycoreutils-2.4/po/Makefile b/policycoreutils-2.4/po/Makefile index a693823..555f381 100644 --- a/policycoreutils-2.4/po/Makefile +++ b/policycoreutils-2.4/po/Makefile @@ -28,7 +28,7 @@ POTFILES = \ ../run_init/run_init.c \ ../semodule_link/semodule_link.c \ ../audit2allow/audit2allow \ - ../semanage/seobject.py \ + ../semanage/seobject/__init__.py \ ../setsebool/setsebool.c \ ../newrole/newrole.c \ ../load_policy/load_policy.c \ @@ -49,7 +49,6 @@ POTFILES = \ ../gui/booleansPage.py \ ../gui/fcontextPage.py \ ../gui/loginsPage.py \ - ../gui/mappingsPage.py \ ../gui/modulesPage.py \ ../gui/polgen.glade \ ../gui/polgengui.py \ @@ -61,6 +60,36 @@ POTFILES = \ ../gui/usersPage.py \ ../secon/secon.c \ booleans.py \ + ../sepolicy/sepolicy/help/booleans_more_show.txt \ + ../sepolicy/sepolicy/help/booleans_more.txt \ + ../sepolicy/sepolicy/help/booleans_toggled.txt \ + ../sepolicy/sepolicy/help/booleans.txt \ + ../sepolicy/sepolicy/help/file_equiv.txt \ + ../sepolicy/sepolicy/help/files_apps.txt \ + ../sepolicy/sepolicy/help/files_exec.txt \ + ../sepolicy/sepolicy/help/files_write.txt \ + ../sepolicy/sepolicy/help/lockdown_permissive.txt \ + ../sepolicy/sepolicy/help/lockdown_ptrace.txt \ + ../sepolicy/sepolicy/help/lockdown.txt \ + ../sepolicy/sepolicy/help/lockdown_unconfined.txt \ + ../sepolicy/sepolicy/help/login_default.txt \ + ../sepolicy/sepolicy/help/login.txt \ + ../sepolicy/sepolicy/help/ports_inbound.txt \ + ../sepolicy/sepolicy/help/ports_outbound.txt \ + ../sepolicy/sepolicy/help/start.txt \ + ../sepolicy/sepolicy/help/system_boot_mode.txt \ + ../sepolicy/sepolicy/help/system_current_mode.txt \ + ../sepolicy/sepolicy/help/system_export.txt \ + ../sepolicy/sepolicy/help/system_policy_type.txt \ + ../sepolicy/sepolicy/help/system_relabel.txt \ + ../sepolicy/sepolicy/help/system.txt \ + ../sepolicy/sepolicy/help/transition_file.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean_1.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean_2.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean.txt \ + ../sepolicy/sepolicy/help/transition_from.txt \ + ../sepolicy/sepolicy/help/transition_to.txt \ + ../sepolicy/sepolicy/help/users.txt \ ../sepolicy/info.c \ ../sepolicy/search.c \ ../sepolicy/sepolicy.py \ diff --git a/policycoreutils-2.4/po/POTFILES b/policycoreutils-2.4/po/POTFILES index bcb9e99..ae25133 100644 --- a/policycoreutils-2.4/po/POTFILES +++ b/policycoreutils-2.4/po/POTFILES @@ -2,7 +2,7 @@ ../run_init/run_init.c ../semodule_link/semodule_link.c ../audit2allow/audit2allow - ../semanage/seobject.py + ../semanage/seobject/__init__.py ../setsebool/setsebool.c ../newrole/newrole.c ../load_policy/load_policy.c @@ -23,7 +23,6 @@ ../gui/booleansPage.py ../gui/fcontextPage.py ../gui/loginsPage.py - ../gui/mappingsPage.py ../gui/modulesPage.py ../gui/polgen.glade ../gui/polgengui.py @@ -47,6 +46,36 @@ ../gui/templates/var_log.py ../gui/templates/var_run.py ../gui/templates/var_spool.py + ../sepolicy/sepolicy/help/booleans_more_show.txt + ../sepolicy/sepolicy/help/booleans_more.txt + ../sepolicy/sepolicy/help/booleans_toggled.txt + ../sepolicy/sepolicy/help/booleans.txt + ../sepolicy/sepolicy/help/file_equiv.txt + ../sepolicy/sepolicy/help/files_apps.txt + ../sepolicy/sepolicy/help/files_exec.txt + ../sepolicy/sepolicy/help/files_write.txt + ../sepolicy/sepolicy/help/lockdown_permissive.txt + ../sepolicy/sepolicy/help/lockdown_ptrace.txt + ../sepolicy/sepolicy/help/lockdown.txt + ../sepolicy/sepolicy/help/lockdown_unconfined.txt + ../sepolicy/sepolicy/help/login_default.txt + ../sepolicy/sepolicy/help/login.txt + ../sepolicy/sepolicy/help/ports_inbound.txt + ../sepolicy/sepolicy/help/ports_outbound.txt + ../sepolicy/sepolicy/help/start.txt + ../sepolicy/sepolicy/help/system_boot_mode.txt + ../sepolicy/sepolicy/help/system_current_mode.txt + ../sepolicy/sepolicy/help/system_export.txt + ../sepolicy/sepolicy/help/system_policy_type.txt + ../sepolicy/sepolicy/help/system_relabel.txt + ../sepolicy/sepolicy/help/system.txt + ../sepolicy/sepolicy/help/transition_file.txt + ../sepolicy/sepolicy/help/transition_from_boolean_1.txt + ../sepolicy/sepolicy/help/transition_from_boolean_2.txt + ../sepolicy/sepolicy/help/transition_from_boolean.txt + ../sepolicy/sepolicy/help/transition_from.txt + ../sepolicy/sepolicy/help/transition_to.txt + ../sepolicy/sepolicy/help/users.txt ../sepolicy/info.c ../sepolicy/search.c ../sepolicy/sepolicy.py diff --git a/policycoreutils-2.4/po/POTFILES.in b/policycoreutils-2.4/po/POTFILES.in index aca0474..0ccb542 100644 --- a/policycoreutils-2.4/po/POTFILES.in +++ b/policycoreutils-2.4/po/POTFILES.in @@ -2,7 +2,7 @@ run_init/open_init_pty.c run_init/run_init.c semodule_link/semodule_link.c audit2allow/audit2allow -semanage/seobject.py +semanage/seobject/__init__.py setsebool/setsebool.c newrole/newrole.c load_policy/load_policy.c @@ -23,7 +23,6 @@ restorecond/utmpwatcher.c gui/booleansPage.py gui/fcontextPage.py gui/loginsPage.py -gui/mappingsPage.py gui/modulesPage.py gui/polgen.glade gui/polgengui.py @@ -45,6 +44,36 @@ sepolicy/sepolicy/generate.py sepolicy/sepolicy/sepolicy.glade sepolicy/sepolicy/gui.py sepolicy/sepolicy/manpage.py +sepolicy/sepolicy/help/booleans_more_show.txt +sepolicy/sepolicy/help/booleans_more.txt +sepolicy/sepolicy/help/booleans_toggled.txt +sepolicy/sepolicy/help/booleans.txt +sepolicy/sepolicy/help/file_equiv.txt +sepolicy/sepolicy/help/files_apps.txt +sepolicy/sepolicy/help/files_exec.txt +sepolicy/sepolicy/help/files_write.txt +sepolicy/sepolicy/help/lockdown_permissive.txt +sepolicy/sepolicy/help/lockdown_ptrace.txt +sepolicy/sepolicy/help/lockdown.txt +sepolicy/sepolicy/help/lockdown_unconfined.txt +sepolicy/sepolicy/help/login_default.txt +sepolicy/sepolicy/help/login.txt +sepolicy/sepolicy/help/ports_inbound.txt +sepolicy/sepolicy/help/ports_outbound.txt +sepolicy/sepolicy/help/start.txt +sepolicy/sepolicy/help/system_boot_mode.txt +sepolicy/sepolicy/help/system_current_mode.txt +sepolicy/sepolicy/help/system_export.txt +sepolicy/sepolicy/help/system_policy_type.txt +sepolicy/sepolicy/help/system_relabel.txt +sepolicy/sepolicy/help/system.txt +sepolicy/sepolicy/help/transition_file.txt +sepolicy/sepolicy/help/transition_from_boolean_1.txt +sepolicy/sepolicy/help/transition_from_boolean_2.txt +sepolicy/sepolicy/help/transition_from_boolean.txt +sepolicy/sepolicy/help/transition_from.txt +sepolicy/sepolicy/help/transition_to.txt +sepolicy/sepolicy/help/users.txt sepolicy/sepolicy/transition.py sepolicy/sepolicy/templates/executable.py sepolicy/sepolicy/templates/__init__.py diff --git a/policycoreutils-2.4/po/ach.po b/policycoreutils-2.4/po/ach.po new file mode 100644 index 0000000..0d84e13 --- /dev/null +++ b/policycoreutils-2.4/po/ach.po @@ -0,0 +1,5198 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: Policycoreutils\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2014-01-03 16:04-0500\n" +"PO-Revision-Date: 2014-03-24 16:46+0000\n" +"Last-Translator: jsmith \n" +"Language-Team: Acoli (http://www.transifex.com/projects/p/fedora/language/ach/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: ach\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" + +#: ../run_init/run_init.c:67 +msgid "" +"USAGE: run_init