18e735df1b
Using patches from git makes it clean which changes are included in Fedora New workflow: 1. clone https://github.com/fedora-selinux/selinux 2. create patchset $ git format-patch 20190315 -- policycoreutils python gui sandbox dbus semodule-utils restorecond 3. update spec file $ for j in [0-9]*.patch; do printf "Patch%s: %s\n" ${j/-*/} $j; done # deleted: restorecond-fedora.patch
54 lines
1.8 KiB
Diff
54 lines
1.8 KiB
Diff
From e54db76a3bff8e911ddd7c7ce834c024d634d9e1 Mon Sep 17 00:00:00 2001
|
|
From: Petr Lautrbach <plautrba@redhat.com>
|
|
Date: Tue, 28 Feb 2017 21:29:46 +0100
|
|
Subject: [PATCH] sepolicy: Another small optimization for mcs types
|
|
|
|
---
|
|
python/sepolicy/sepolicy/manpage.py | 16 +++++++++++-----
|
|
1 file changed, 11 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/python/sepolicy/sepolicy/manpage.py b/python/sepolicy/sepolicy/manpage.py
|
|
index f8a94fc0..67d39301 100755
|
|
--- a/python/sepolicy/sepolicy/manpage.py
|
|
+++ b/python/sepolicy/sepolicy/manpage.py
|
|
@@ -142,6 +142,15 @@ def _gen_entry_types():
|
|
entry_types = next(sepolicy.info(sepolicy.ATTRIBUTE, "entry_type"))["types"]
|
|
return entry_types
|
|
|
|
+mcs_constrained_types = None
|
|
+
|
|
+def _gen_mcs_constrained_types():
|
|
+ global mcs_constrained_types
|
|
+ if mcs_constrained_types is None:
|
|
+ mcs_constrained_types = next(sepolicy.info(sepolicy.ATTRIBUTE, "mcs_constrained_type"))
|
|
+ return mcs_constrained_types
|
|
+
|
|
+
|
|
types = None
|
|
|
|
def _gen_types():
|
|
@@ -390,6 +399,7 @@ class ManPage:
|
|
self.types = _gen_types()
|
|
self.exec_types = _gen_exec_types()
|
|
self.entry_types = _gen_entry_types()
|
|
+ self.mcs_constrained_types = _gen_mcs_constrained_types()
|
|
|
|
if self.source_files:
|
|
self.fcpath = self.root + "file_contexts"
|
|
@@ -944,11 +954,7 @@ All executeables with the default executable label, usually stored in /usr/bin a
|
|
%s""" % ", ".join(paths))
|
|
|
|
def _mcs_types(self):
|
|
- try:
|
|
- mcs_constrained_type = next(sepolicy.info(sepolicy.ATTRIBUTE, "mcs_constrained_type"))
|
|
- except StopIteration:
|
|
- return
|
|
- if self.type not in mcs_constrained_type['types']:
|
|
+ if self.type not in self.mcs_constrained_types['types']:
|
|
return
|
|
self.fd.write ("""
|
|
.SH "MCS Constrained"
|
|
--
|
|
2.22.0
|
|
|