rpms/setools
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix to build with latest libsepol

Browse Source 
Show filename transition files
This commit is contained in:
Dan Walsh 2011-09-20 17:12:38 -04:00
parent 26a7d40fae
commit 0fd1802836
8 changed files with 4822 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2773
0001-add-setools-seinfo-and-sesearch-python-bindings.patch Normal file
View File

File diff suppressed because it is too large Load Diff

133
0002-setools-should-exit-with-an-error-status-if-it-gets-.patch Normal file
View File

@ -0,0 +1,133 @@
From 667fe9187c203ffcba855e821dff11c8f71ef000 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:39:51 -0400
Subject: [PATCH 2/6] setools-should-exit-with-an-error-status-if-it-gets-an
error
---
secmds/seinfo.c | 51 +++++++++++++++++++++++++++------------------------
1 files changed, 27 insertions(+), 24 deletions(-)
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
index fdf23e9..3088f88 100644
--- a/secmds/seinfo.c
+++ b/secmds/seinfo.c
@@ -827,7 +827,7 @@ static int print_sens(FILE * fp, const char *name, int expand, const apol_policy
*/
static int print_cats(FILE * fp, const char *name, int expand, const apol_policy_t * policydb)
{
- int retval = 0;
+ int retval = -1;
apol_cat_query_t *query = NULL;
apol_vector_t *v = NULL;
const qpol_cat_t *cat_datum = NULL;
@@ -911,9 +911,10 @@ static int print_fsuse(FILE * fp, const char *type, const apol_policy_t * policy
fprintf(fp, " %s\n", tmp);
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No fs_use statement for filesystem of type %s.", type);
-
+ goto cleanup;
+ }
retval = 0;
cleanup:
apol_fs_use_query_destroy(&query);
@@ -949,7 +950,6 @@ static int print_genfscon(FILE * fp, const char *type, const apol_policy_t * pol
ERR(policydb, "%s", strerror(ENOMEM));
goto cleanup;
}
-
if (apol_genfscon_query_set_filesystem(policydb, query, type))
goto cleanup;
if (apol_genfscon_get_by_query(policydb, query, &v))
@@ -967,8 +967,10 @@ static int print_genfscon(FILE * fp, const char *type, const apol_policy_t * pol
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No genfscon statement for filesystem of type %s.", type);
+ goto cleanup;
+ }
retval = 0;
cleanup:
@@ -1646,6 +1648,7 @@ cleanup: // close and destroy iterators etc.
int main(int argc, char **argv)
{
+ int rc = 0;
int classes, types, attribs, roles, users, all, expand, stats, rt, optc, isids, bools, sens, cats, fsuse, genfs, netif,
node, port, permissives, polcaps, constrain, linebreaks;
apol_policy_t *policydb = NULL;
@@ -1851,46 +1854,46 @@ int main(int argc, char **argv)
/* display requested info */
if (stats || all)
- print_stats(stdout, policydb);
+ rc = print_stats(stdout, policydb);
if (classes || all)
- print_classes(stdout, class_name, expand, policydb);
+ rc = print_classes(stdout, class_name, expand, policydb);
if (types || all)
- print_types(stdout, type_name, expand, policydb);
+ rc = print_types(stdout, type_name, expand, policydb);
if (attribs || all)
- print_attribs(stdout, attrib_name, expand, policydb);
+ rc = print_attribs(stdout, attrib_name, expand, policydb);
if (roles || all)
- print_roles(stdout, role_name, expand, policydb);
+ rc = print_roles(stdout, role_name, expand, policydb);
if (users || all)
- print_users(stdout, user_name, expand, policydb);
+ rc = print_users(stdout, user_name, expand, policydb);
if (bools || all)
- print_booleans(stdout, bool_name, expand, policydb);
+ rc = print_booleans(stdout, bool_name, expand, policydb);
if (sens || all)
- print_sens(stdout, sens_name, expand, policydb);
+ rc = print_sens(stdout, sens_name, expand, policydb);
if (cats || all)
- print_cats(stdout, cat_name, expand, policydb);
+ rc = print_cats(stdout, cat_name, expand, policydb);
if (fsuse || all)
- print_fsuse(stdout, fsuse_type, policydb);
+ rc = print_fsuse(stdout, fsuse_type, policydb);
if (genfs || all)
- print_genfscon(stdout, genfs_type, policydb);
+ rc = print_genfscon(stdout, genfs_type, policydb);
if (netif || all)
- print_netifcon(stdout, netif_name, policydb);
+ rc = print_netifcon(stdout, netif_name, policydb);
if (node || all)
- print_nodecon(stdout, node_addr, policydb);
+ rc = print_nodecon(stdout, node_addr, policydb);
if (port || all)
- print_portcon(stdout, port_num, protocol, policydb);
+ rc = print_portcon(stdout, port_num, protocol, policydb);
if (isids || all)
- print_isids(stdout, isid_name, expand, policydb);
+ rc = print_isids(stdout, isid_name, expand, policydb);
if (permissives || all)
- print_permissives(stdout, permissive_name, expand, policydb);
+ rc = print_permissives(stdout, permissive_name, expand, policydb);
if (polcaps || all)
- print_polcaps(stdout, polcap_name, expand, policydb);
+ rc = print_polcaps(stdout, polcap_name, expand, policydb);
if (constrain || all)
- print_constraints(stdout, expand, policydb, linebreaks);
+ rc = print_constraints(stdout, expand, policydb, linebreaks);
apol_policy_destroy(&policydb);
apol_policy_path_destroy(&pol_path);
free(policy_file);
- exit(0);
+ exit(rc);
}
/**
--
1.7.6.2

28
0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch Normal file
View File

@ -0,0 +1,28 @@
From 252b7c8bf311d615164a20f4f402767e5859d972 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:40:28 -0400
Subject: [PATCH 3/6] Since-we-do-not-ship-neverallow-rules-all-always-fail
---
libqpol/src/avrule_query.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/libqpol/src/avrule_query.c b/libqpol/src/avrule_query.c
index 749565b..76dcaa3 100644
--- a/libqpol/src/avrule_query.c
+++ b/libqpol/src/avrule_query.c
@@ -57,8 +57,9 @@ int qpol_policy_get_avrule_iter(const qpol_policy_t * policy, uint32_t rule_type
if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
- errno = ENOTSUP;
- return STATUS_ERR;
+/* errno = ENOTSUP;
+ return STATUS_ERR; */
+ return STATUS_SUCCESS;
}
db = &policy->p->p;
--
1.7.6.2

78
0004-Fix-man-pages-and-getoptions.patch Normal file
View File

@ -0,0 +1,78 @@
From b3c8ef5822dbf3e3272fc29627ddac7e20e936d5 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:41:12 -0400
Subject: [PATCH 4/6] Fix-man-pages-and-getoptions
---
man/replcon.1 | 2 ++
man/seinfo.1 | 6 +++++-
seaudit/seaudit-report.c | 2 +-
sediff/sediff.c | 2 +-
4 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/man/replcon.1 b/man/replcon.1
index 8aca08a..478dc51 100644
--- a/man/replcon.1
+++ b/man/replcon.1
@@ -44,6 +44,8 @@ Search for files which include PATH.
.IP "-c CLASS, --class=CLASS"
Search only files of object class CLASS.
.SH OPTIONS
+.IP "-R, --regex"
+Enable regular expressions
.IP "-v, --verbose"
Display context info during replacement.
.IP "-h, --help"
diff --git a/man/seinfo.1 b/man/seinfo.1
index 8612119..6bc17db 100644
--- a/man/seinfo.1
+++ b/man/seinfo.1
@@ -76,6 +76,10 @@ There is no expanded information for this component.
.IP "--nodecon[=ADDR]"
Print a list of node contexts or, if ADDR is provided, print the statement for the node with address ADDR.
There is no expanded information for this component.
+.IP "--polcap"
+Print policy capabilities.
+.IP "--permissive"
+Print permissive types.
.IP "--portcon[=PORT]"
Print a list of port contexts or, if PORT is provided, print the statement for port PORT.
There is no expanded information for this component.
@@ -93,7 +97,7 @@ These details include the types assigned to an attribute or role and the permiss
This option is not available for all component types; see the description of each component for the details this option will provide.
.IP "--stats"
Print policy statistics including policy type and version information and counts of all components and rules.
-.IP "-l"
+.IP "-l, --line-breaks"
Print line breaks when displaying constraint statements.
.IP "-h, --help"
Print help information and exit.
diff --git a/seaudit/seaudit-report.c b/seaudit/seaudit-report.c
index af3c6fb..d436c18 100644
--- a/seaudit/seaudit-report.c
+++ b/seaudit/seaudit-report.c
@@ -100,7 +100,7 @@ static void seaudit_report_info_usage(const char *program_name, int brief)
printf(" -s, --stdin read log data from standard input\n");
printf(" -m, --malformed include malformed log messages\n");
printf(" -o FILE, --output=FILE output to FILE\n");
- printf(" --config=FILE read configuration from FILE\n");
+ printf(" -c FILE, --config=FILE read configuration from FILE\n");
printf(" --html set output format to HTML\n");
printf(" --stylesheet=FILE HTML style sheet for formatting HTML report\n");
printf(" (ignored if --html is not given)\n");
diff --git a/sediff/sediff.c b/sediff/sediff.c
index 6022775..341c650 100644
--- a/sediff/sediff.c
+++ b/sediff/sediff.c
@@ -420,7 +420,7 @@ int main(int argc, char **argv)
poldiff_t *diff = NULL;
size_t total = 0;
- while ((optc = getopt_long(argc, argv, "ctarubANDLMCRqhV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ctarubAqhV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
--
1.7.6.2

34
0005-Fix-sepol-calls-to-work-with-latest-libsepol.patch Normal file
View File

@ -0,0 +1,34 @@
From 2b58d92add64b53b16cbb438e7b69e85d046afd1 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:46:38 -0400
Subject: [PATCH 5/6] Fix sepol calls to work with latest libsepol
---
configure.ac | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index e837e03..3c11e23 100644
--- a/configure.ac
+++ b/configure.ac
@@ -505,7 +505,7 @@ AC_COMPILE_IFELSE(
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return role_set_expand(NULL, NULL, NULL, NULL);
+ return role_set_expand(NULL, NULL, NULL, NULL, NULL);
}])],
sepol_new_user_role_mapping="yes",
sepol_new_user_role_mapping="no")
@@ -541,7 +541,7 @@ if test ${sepol_check_boolmap} = "yes"; then
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0);
+ return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 0);
}])],
AC_MSG_RESULT([yes]),
AC_MSG_ERROR([this version of libsepol is incompatible with SETools]))
--
1.7.6.2

1483
0006-Changes-to-support-named-file_trans-rules.patch Normal file
View File

File diff suppressed because it is too large Load Diff

277
0007-Remove-unused-variables.patch Normal file
View File

@ -0,0 +1,277 @@
From e30036e358b8f1c3f56048b467e8646fa3bfffb6 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 16:40:26 -0400
Subject: [PATCH 7/7] Remove unused variables
---
libapol/src/ftrule-query.c | 11 ++----
libqpol/src/ftrule_query.c | 2 -
secmds/sesearch.c | 86 +++++++++++++++++++++++++++++++++-----------
3 files changed, 68 insertions(+), 31 deletions(-)
diff --git a/libapol/src/ftrule-query.c b/libapol/src/ftrule-query.c
index dc248de..9c7a23b 100644
--- a/libapol/src/ftrule-query.c
+++ b/libapol/src/ftrule-query.c
@@ -45,14 +45,11 @@ struct apol_filename_trans_query
int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filename_trans_query_t * t, apol_vector_t ** v)
{
apol_vector_t *source_list = NULL, *target_list = NULL, *class_list = NULL, *default_list = NULL;
- int retval = -1, source_as_any = 0, is_regex = 0, append_filename_trans;
- char *bool_name = NULL;
+ int retval = -1, source_as_any = 0, is_regex = 0;
*v = NULL;
- unsigned int flags = 0;
- qpol_iterator_t *iter = NULL, *type_iter = NULL;
+ qpol_iterator_t *iter = NULL;
if (t != NULL) {
- flags = t->flags;
is_regex = t->flags & APOL_QUERY_REGEX;
if (t->source != NULL &&
(source_list =
@@ -104,7 +101,7 @@ int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filenam
if (qpol_iterator_get_item(iter, (void **)&filename_trans) < 0) {
goto cleanup;
}
- int match_source = 0, match_target = 0, match_default = 0, match_bool = 0;
+ int match_source = 0, match_target = 0, match_default = 0;
size_t i;
if (source_list == NULL) {
@@ -265,10 +262,8 @@ char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filena
{
char *tmp = NULL;
const char *tmp_name = NULL;
- const char *filename_trans_type_str;
int error = 0;
size_t tmp_sz = 0;
- uint32_t filename_trans_type = 0;
const qpol_type_t *type = NULL;
const qpol_class_t *obj_class = NULL;
diff --git a/libqpol/src/ftrule_query.c b/libqpol/src/ftrule_query.c
index d6db848..3148d30 100644
--- a/libqpol/src/ftrule_query.c
+++ b/libqpol/src/ftrule_query.c
@@ -254,7 +254,6 @@ int qpol_filename_trans_get_default_type(const qpol_policy_t * policy, const qpo
int qpol_filename_trans_get_filename(const qpol_policy_t * policy, const qpol_filename_trans_t * rule, const char ** name)
{
- policydb_t *db = NULL;
filename_trans_t *ft = NULL;
if (name) {
@@ -267,7 +266,6 @@ int qpol_filename_trans_get_filename(const qpol_policy_t * policy, const qpol_fi
return STATUS_ERR;
}
- db = &policy->p->p;
ft = (filename_trans_t *) rule;
*name = ft->name;
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
index e44b3bc..319ffe7 100644
--- a/secmds/sesearch.c
+++ b/secmds/sesearch.c
@@ -72,6 +72,7 @@ static struct option const longopts[] = {
{"source", required_argument, NULL, 's'},
{"target", required_argument, NULL, 't'},
+ {"default", required_argument, NULL, 'D'},
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
{"class", required_argument, NULL, 'c'},
@@ -92,6 +93,7 @@ typedef struct options
{
char *src_name;
char *tgt_name;
+ char *default_name;
char *src_role_name;
char *tgt_role_name;
char *class_name;
@@ -293,7 +295,8 @@ static void print_syn_av_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -356,7 +359,8 @@ static void print_av_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -488,7 +492,8 @@ static void print_syn_te_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -553,7 +558,8 @@ static void print_te_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -586,7 +592,7 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
return -1;
}
- if (!opt->type == QPOL_RULE_TYPE_TRANS && !opt->all) {
+ if (!opt->type && !opt->all) {
*v = NULL;
return 0; /* no search to do */
}
@@ -600,17 +606,44 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
apol_filename_trans_query_set_regex(policy, ftq, opt->useregex);
if (opt->src_name) {
- if (apol_filename_trans_query_set_source(policy, ftq, opt->src_name)) {
+ if (apol_filename_trans_query_set_source(policy, ftq, opt->src_name, opt->indirect)) {
error = errno;
goto err;
}
}
+
if (opt->tgt_name) {
if (apol_filename_trans_query_set_target(policy, ftq, opt->tgt_name, opt->indirect)) {
error = errno;
goto err;
}
}
+ if (opt->default_name) {
+ if (apol_filename_trans_query_set_default(policy, ftq, opt->default_name)) {
+ error = errno;
+ goto err;
+ }
+ }
+
+ if (opt->class_name) {
+ if (opt->class_vector == NULL) {
+ if (apol_filename_trans_query_append_class(policy, ftq, opt->class_name)) {
+ error = errno;
+ goto err;
+ }
+ } else {
+ for (size_t i = 0; i < apol_vector_get_size(opt->class_vector); ++i) {
+ char *class_name;
+ class_name = apol_vector_get_element(opt->class_vector, i);
+ if (!class_name)
+ continue;
+ if (apol_filename_trans_query_append_class(policy, ftq, class_name)) {
+ error = errno;
+ goto err;
+ }
+ }
+ }
+ }
if (apol_filename_trans_get_by_query(policy, ftq, v)) {
error = errno;
@@ -630,37 +663,36 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
static void print_ft_results(const apol_policy_t * policy, const options_t * opt, const apol_vector_t * v)
{
- qpol_policy_t *q = apol_policy_get_qpol(policy);
- size_t i, num_rules = 0;
- const qpol_filename_trans_t *rule = NULL;
- char *tmp = NULL, *rule_str = NULL, *expr = NULL;
+ size_t i, num_filename_trans = 0;
+ const qpol_filename_trans_t *filename_trans = NULL;
+ char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
char enable_char = ' ', branch_char = ' ';
qpol_iterator_t *iter = NULL;
const qpol_cond_t *cond = NULL;
uint32_t enabled = 0, list = 0;
- if (!(num_rules = apol_vector_get_size(v)))
+ if (!(num_filename_trans = apol_vector_get_size(v)))
goto cleanup;
- fprintf(stdout, "Found %zd named file transition rules:\n", num_rules);
+ fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
- for (i = 0; i < num_rules; i++) {
+ for (i = 0; i < num_filename_trans; i++) {
enable_char = branch_char = ' ';
- if (!(rule = apol_vector_get_element(v, i)))
+ if (!(filename_trans = apol_vector_get_element(v, i)))
goto cleanup;
- if (!(rule_str = apol_filename_trans_render(policy, rule)))
+ if (!(filename_trans_str = apol_filename_trans_render(policy, filename_trans)))
goto cleanup;
- fprintf(stdout, "%s %s\n", rule_str, expr ? expr : "");
- free(rule_str);
- rule_str = NULL;
+ fprintf(stdout, "%s %s\n", filename_trans_str, expr ? expr : "");
+ free(filename_trans_str);
+ filename_trans_str = NULL;
free(expr);
expr = NULL;
}
cleanup:
free(tmp);
- free(rule_str);
+ free(filename_trans_str);
free(expr);
}
@@ -930,7 +962,7 @@ int main(int argc, char **argv)
memset(&cmd_opts, 0, sizeof(cmd_opts));
cmd_opts.indirect = true;
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dRnSChV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
@@ -946,6 +978,18 @@ int main(int argc, char **argv)
exit(1);
}
break;
+ case 'D': /* source */
+ if (optarg == 0) {
+ usage(argv[0], 1);
+ printf("Missing source default type for -D (--default)\n");
+ exit(1);
+ }
+ cmd_opts.default_name = strdup(optarg);
+ if (!cmd_opts.default_name) {
+
+ exit(1);
+ }
+ break;
case 't': /* target */
if (optarg == 0) {
usage(argv[0], 1);
@@ -1218,7 +1262,7 @@ int main(int argc, char **argv)
fprintf(stdout, "\n");
}
- if (cmd_opts.all || cmd_opts.type == QPOL_RULE_TYPE_TRANS) {
+ if (cmd_opts.all || cmd_opts.type) {
apol_vector_destroy(&v);
if (perform_ft_query(policy, &cmd_opts, &v)) {
rt = 1;
--
1.7.6.2

22
setools.spec
View File

@ -5,7 +5,7 @@
Name: setools
Version: %{setools_maj_ver}.%{setools_min_ver}
Release: 16%{?dist}
Release: 17%{?dist}
License: GPLv2
URL: http://oss.tresys.com/projects/setools
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@ -14,10 +14,13 @@ Source1: setools.pam
Source2: apol.desktop
Source3: seaudit.desktop
Source4: sediffx.desktop
Patch1: setools-python.patch
Patch2: setools-exitstatus.patch
Patch3: setools-neverallow.patch
Patch4: setools-cmdline.patch
Patch1: 0001-add-setools-seinfo-and-sesearch-python-bindings.patch
Patch2: 0002-setools-should-exit-with-an-error-status-if-it-gets-.patch
Patch3: 0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch
Patch4: 0004-Fix-man-pages-and-getoptions.patch
Patch5: 0005-Fix-sepol-calls-to-work-with-latest-libsepol.patch
Patch6: 0006-Changes-to-support-named-file_trans-rules.patch
Patch7: 0007-Remove-unused-variables.patch
Summary: Policy analysis tools for SELinux
Group: System Environment/Base
Requires: setools-libs = %{version}-%{release} setools-libs-tcl = %{version}-%{release} setools-gui = %{version}-%{release} setools-console = %{version}-%{release}
@ -192,7 +195,10 @@ This package includes the following graphical tools:
%patch1 -p 1 -b .python
%patch2 -p 1 -b .exitstatus
%patch3 -p 1 -b .neverallow
%patch4 -p 1 -b .cmdline
%patch4 -p 1 -b .manpage
%patch5 -p 1 -b .libsepol
%patch6 -p 1 -b .filenametrans
%patch7 -p 1 -b .unused
%ifarch sparc sparcv9 sparc64 s390 s390x
for file in `find . -name Makefile.am`; do
@ -359,6 +365,10 @@ rm -rf ${RPM_BUILD_ROOT}
%postun libs-tcl -p /sbin/ldconfig
%changelog
* Tue Sep 20 2011 Dan Walsh <dwalsh@redhat.com> - 3.3.7-17
- Fix to build with latest libsepol
- Show filename transition files
* Thu Apr 21 2011 Dan Walsh <dwalsh@redhat.com> - 3.3.7-16
- Rebuild for new sepol