rpms
/
setools
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Drop unused patches

This commit is contained in:
Petr Lautrbach 2017-02-23 08:09:58 +01:00
parent d5a84f04a0
commit 689c214584
32 changed files with 0 additions and 9832 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
0001-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch
View File

@ -1,28 +0,0 @@
From 852dfaa124379e84f6363c30c0ef56f00fa4b235 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:40:28 -0400
Subject: [PATCH 01/11] Since-we-do-not-ship-neverallow-rules-all-always-fail
---
libqpol/src/avrule_query.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libqpol/src/avrule_query.c b/libqpol/src/avrule_query.c
index 749565b..76dcaa3 100644
--- a/libqpol/src/avrule_query.c
+++ b/libqpol/src/avrule_query.c
@@ -57,8 +57,9 @@ int qpol_policy_get_avrule_iter(const qpol_policy_t * policy, uint32_t rule_type
if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
- errno = ENOTSUP;
- return STATUS_ERR;
+/* errno = ENOTSUP;
+ return STATUS_ERR; */
+ return STATUS_SUCCESS;
}
db = &policy->p->p;
--
1.8.5.3

34
0002-Fix-sepol-calls-to-work-with-latest-libsepol.patch
View File

@ -1,34 +0,0 @@
From 0332c009bd0581ab9a75a4ea80af92bb2d6b8b1f Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:46:38 -0400
Subject: [PATCH 02/11] Fix sepol calls to work with latest libsepol
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 577ce48..2a5b55b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -521,7 +521,7 @@ else
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return role_set_expand(NULL, NULL, NULL, NULL);
+ return role_set_expand(NULL, NULL, NULL, NULL, NULL);
}])],
sepol_new_user_role_mapping="yes",
sepol_new_user_role_mapping="no")
@@ -578,7 +578,7 @@ if test ${sepol_check_boolmap} = "yes"; then
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0);
+ return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 0);
}])],
AC_MSG_RESULT([yes]),
AC_MSG_ERROR([this version of libsepol is incompatible with SETools]))
--
1.8.5.3

133
0002-setools-should-exit-with-an-error-status-if-it-gets-.patch
View File

@ -1,133 +0,0 @@
From 667fe9187c203ffcba855e821dff11c8f71ef000 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:39:51 -0400
Subject: [PATCH 2/6] setools-should-exit-with-an-error-status-if-it-gets-an
error
---
secmds/seinfo.c | 51 +++++++++++++++++++++++++++------------------------
1 files changed, 27 insertions(+), 24 deletions(-)
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
index fdf23e9..3088f88 100644
--- a/secmds/seinfo.c
+++ b/secmds/seinfo.c
@@ -827,7 +827,7 @@ static int print_sens(FILE * fp, const char *name, int expand, const apol_policy
*/
static int print_cats(FILE * fp, const char *name, int expand, const apol_policy_t * policydb)
{
- int retval = 0;
+ int retval = -1;
apol_cat_query_t *query = NULL;
apol_vector_t *v = NULL;
const qpol_cat_t *cat_datum = NULL;
@@ -911,9 +911,10 @@ static int print_fsuse(FILE * fp, const char *type, const apol_policy_t * policy
fprintf(fp, " %s\n", tmp);
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No fs_use statement for filesystem of type %s.", type);
-
+ goto cleanup;
+ }
retval = 0;
cleanup:
apol_fs_use_query_destroy(&query);
@@ -949,7 +950,6 @@ static int print_genfscon(FILE * fp, const char *type, const apol_policy_t * pol
ERR(policydb, "%s", strerror(ENOMEM));
goto cleanup;
}
-
if (apol_genfscon_query_set_filesystem(policydb, query, type))
goto cleanup;
if (apol_genfscon_get_by_query(policydb, query, &v))
@@ -967,8 +967,10 @@ static int print_genfscon(FILE * fp, const char *type, const apol_policy_t * pol
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No genfscon statement for filesystem of type %s.", type);
+ goto cleanup;
+ }
retval = 0;
cleanup:
@@ -1646,6 +1648,7 @@ cleanup: // close and destroy iterators etc.
int main(int argc, char **argv)
{
+ int rc = 0;
int classes, types, attribs, roles, users, all, expand, stats, rt, optc, isids, bools, sens, cats, fsuse, genfs, netif,
node, port, permissives, polcaps, constrain, linebreaks;
apol_policy_t *policydb = NULL;
@@ -1851,46 +1854,46 @@ int main(int argc, char **argv)
/* display requested info */
if (stats || all)
- print_stats(stdout, policydb);
+ rc = print_stats(stdout, policydb);
if (classes || all)
- print_classes(stdout, class_name, expand, policydb);
+ rc = print_classes(stdout, class_name, expand, policydb);
if (types || all)
- print_types(stdout, type_name, expand, policydb);
+ rc = print_types(stdout, type_name, expand, policydb);
if (attribs || all)
- print_attribs(stdout, attrib_name, expand, policydb);
+ rc = print_attribs(stdout, attrib_name, expand, policydb);
if (roles || all)
- print_roles(stdout, role_name, expand, policydb);
+ rc = print_roles(stdout, role_name, expand, policydb);
if (users || all)
- print_users(stdout, user_name, expand, policydb);
+ rc = print_users(stdout, user_name, expand, policydb);
if (bools || all)
- print_booleans(stdout, bool_name, expand, policydb);
+ rc = print_booleans(stdout, bool_name, expand, policydb);
if (sens || all)
- print_sens(stdout, sens_name, expand, policydb);
+ rc = print_sens(stdout, sens_name, expand, policydb);
if (cats || all)
- print_cats(stdout, cat_name, expand, policydb);
+ rc = print_cats(stdout, cat_name, expand, policydb);
if (fsuse || all)
- print_fsuse(stdout, fsuse_type, policydb);
+ rc = print_fsuse(stdout, fsuse_type, policydb);
if (genfs || all)
- print_genfscon(stdout, genfs_type, policydb);
+ rc = print_genfscon(stdout, genfs_type, policydb);
if (netif || all)
- print_netifcon(stdout, netif_name, policydb);
+ rc = print_netifcon(stdout, netif_name, policydb);
if (node || all)
- print_nodecon(stdout, node_addr, policydb);
+ rc = print_nodecon(stdout, node_addr, policydb);
if (port || all)
- print_portcon(stdout, port_num, protocol, policydb);
+ rc = print_portcon(stdout, port_num, protocol, policydb);
if (isids || all)
- print_isids(stdout, isid_name, expand, policydb);
+ rc = print_isids(stdout, isid_name, expand, policydb);
if (permissives || all)
- print_permissives(stdout, permissive_name, expand, policydb);
+ rc = print_permissives(stdout, permissive_name, expand, policydb);
if (polcaps || all)
- print_polcaps(stdout, polcap_name, expand, policydb);
+ rc = print_polcaps(stdout, polcap_name, expand, policydb);
if (constrain || all)
- print_constraints(stdout, expand, policydb, linebreaks);
+ rc = print_constraints(stdout, expand, policydb, linebreaks);
apol_policy_destroy(&policydb);
apol_policy_path_destroy(&pol_path);
free(policy_file);
- exit(0);
+ exit(rc);
}
/**
--
1.7.6.2

28
0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch
View File

@ -1,28 +0,0 @@
From 252b7c8bf311d615164a20f4f402767e5859d972 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:40:28 -0400
Subject: [PATCH 3/6] Since-we-do-not-ship-neverallow-rules-all-always-fail
---
libqpol/src/avrule_query.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/libqpol/src/avrule_query.c b/libqpol/src/avrule_query.c
index 749565b..76dcaa3 100644
--- a/libqpol/src/avrule_query.c
+++ b/libqpol/src/avrule_query.c
@@ -57,8 +57,9 @@ int qpol_policy_get_avrule_iter(const qpol_policy_t * policy, uint32_t rule_type
if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
- errno = ENOTSUP;
- return STATUS_ERR;
+/* errno = ENOTSUP;
+ return STATUS_ERR; */
+ return STATUS_SUCCESS;
}
db = &policy->p->p;
--
1.7.6.2

596
0003-mgrepl-patch-to-Fix-swig-coding-style-for-structures.patch
View File

@ -1,596 +0,0 @@
From 295cc6c22440038c1b633602c0f1b38ded57e1a0 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 10:47:32 +0200
Subject: [PATCH 03/11] mgrepl patch to Fix swig coding style for structures
related to SWIG changes
---
libqpol/swig/qpol.i | 132 ++++++++++++++++++++++++++--------------------------
1 file changed, 66 insertions(+), 66 deletions(-)
diff --git a/libqpol/swig/qpol.i b/libqpol/swig/qpol.i
index 45a2403..0f937d1 100644
--- a/libqpol/swig/qpol.i
+++ b/libqpol/swig/qpol.i
@@ -228,7 +228,7 @@ SWIGEXPORT int Tqpol_Init(Tcl_Interp *interp) {
#define QPOL_MODULE_OTHER 2
typedef struct qpol_module {} qpol_module_t;
%extend qpol_module_t {
- qpol_module_t(const char *path) {
+ qpol_module(const char *path) {
qpol_module_t *m;
BEGIN_EXCEPTION
if (qpol_module_create_from_file(path, &m)) {
@@ -239,7 +239,7 @@ typedef struct qpol_module {} qpol_module_t;
fail:
return NULL;
};
- ~qpol_module_t() {
+ ~qpol_module() {
qpol_module_destroy(&self);
};
const char *get_path() {
@@ -330,7 +330,7 @@ typedef enum qpol_capability
} qpol_capability_e;
%extend qpol_policy_t {
- qpol_policy_t(const char *path, const int options) {
+ qpol_policy(const char *path, const int options) {
qpol_policy_t *p;
BEGIN_EXCEPTION
if (qpol_policy_open_from_file(path, &p, qpol_swig_message_callback, qpol_swig_message_callback_arg, options) < 0) {
@@ -341,7 +341,7 @@ typedef enum qpol_capability
fail:
return NULL;
}
- ~qpol_policy_t() {
+ ~qpol_policy() {
qpol_policy_destroy(&self);
};
void reevaluate_conds() {
@@ -687,14 +687,14 @@ typedef enum qpol_capability
typedef struct qpol_iterator {} qpol_iterator_t;
%extend qpol_iterator_t {
/* user never directly creates, but SWIG expects a constructor */
- qpol_iterator_t() {
+ qpol_iterator() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_TypeError, "User may not create iterators difectly");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_iterator_t() {
+ ~qpol_iterator() {
qpol_iterator_destroy(&self);
};
void *get_item() {
@@ -736,7 +736,7 @@ typedef struct qpol_iterator {} qpol_iterator_t;
/* qpol type */
typedef struct qpol_type {} qpol_type_t;
%extend qpol_type_t {
- qpol_type_t(qpol_policy_t *p, const char *name) {
+ qpol_type(qpol_policy_t *p, const char *name) {
BEGIN_EXCEPTION
const qpol_type_t *t;
if (qpol_policy_get_type_by_name(p, name, &t)) {
@@ -747,7 +747,7 @@ typedef struct qpol_type {} qpol_type_t;
fail:
return NULL;
};
- ~qpol_type_t() {
+ ~qpol_type() {
/* no op */
return;
};
@@ -851,7 +851,7 @@ typedef struct qpol_type {} qpol_type_t;
/* qpol role */
typedef struct qpol_role {} qpol_role_t;
%extend qpol_role_t {
- qpol_role_t(qpol_policy_t *p, const char *name) {
+ qpol_role(qpol_policy_t *p, const char *name) {
const qpol_role_t *r;
BEGIN_EXCEPTION
if (qpol_policy_get_role_by_name(p, name, &r)) {
@@ -862,7 +862,7 @@ typedef struct qpol_role {} qpol_role_t;
fail:
return NULL;
};
- ~qpol_role_t() {
+ ~qpol_role() {
/* no op */
return;
};
@@ -919,7 +919,7 @@ typedef struct qpol_role {} qpol_role_t;
/* qpol level */
typedef struct qpol_level {} qpol_level_t;
%extend qpol_level_t {
- qpol_level_t(qpol_policy_t *p, const char *name) {
+ qpol_level(qpol_policy_t *p, const char *name) {
const qpol_level_t *l;
BEGIN_EXCEPTION
if (qpol_policy_get_level_by_name(p, name, &l)) {
@@ -930,7 +930,7 @@ typedef struct qpol_level {} qpol_level_t;
fail:
return NULL;
};
- ~qpol_level_t() {
+ ~qpol_level() {
/* no op */
return;
};
@@ -997,7 +997,7 @@ typedef struct qpol_level {} qpol_level_t;
/* qpol cat */
typedef struct qpol_cat {} qpol_cat_t;
%extend qpol_cat_t {
- qpol_cat_t(qpol_policy_t *p, const char *name) {
+ qpol_cat(qpol_policy_t *p, const char *name) {
const qpol_cat_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_cat_by_name(p, name, &c)) {
@@ -1008,7 +1008,7 @@ typedef struct qpol_cat {} qpol_cat_t;
fail:
return NULL;
};
- ~qpol_cat_t() {
+ ~qpol_cat() {
/* no op */
return;
};
@@ -1064,14 +1064,14 @@ typedef struct qpol_cat {} qpol_cat_t;
/* qpol mls range */
typedef struct qpol_mls_range {} qpol_mls_range_t;
%extend qpol_mls_range_t {
- qpol_mls_range_t() {
+ qpol_mls_range() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_range_t objects");
END_EXCEPTION
fail:
return NULL;
}
- ~qpol_mls_range_t() {
+ ~qpol_mls_range() {
/* no op */
return;
};
@@ -1105,14 +1105,14 @@ typedef struct qpol_mls_range {} qpol_mls_range_t;
/* qpol mls level */
typedef struct qpol_mls_level {} qpol_mls_level_t;
%extend qpol_mls_level_t {
- qpol_mls_level_t() {
+ qpol_mls_level() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_level_t objects");
END_EXCEPTION
fail:
return NULL;
}
- ~qpol_mls_level_t() {
+ ~qpol_mls_level() {
/* no op */
return;
};
@@ -1147,7 +1147,7 @@ typedef struct qpol_mls_level {} qpol_mls_level_t;
/* qpol user */
typedef struct qpol_user {} qpol_user_t;
%extend qpol_user_t {
- qpol_user_t(qpol_policy_t *p, const char *name) {
+ qpol_user(qpol_policy_t *p, const char *name) {
const qpol_user_t *u;
BEGIN_EXCEPTION
if (qpol_policy_get_user_by_name(p, name, &u)) {
@@ -1158,7 +1158,7 @@ typedef struct qpol_user {} qpol_user_t;
fail:
return NULL;
};
- ~qpol_user_t() {
+ ~qpol_user() {
/* no op */
return;
};
@@ -1223,7 +1223,7 @@ typedef struct qpol_user {} qpol_user_t;
/* qpol bool */
typedef struct qpol_bool {} qpol_bool_t;
%extend qpol_bool_t {
- qpol_bool_t(qpol_policy_t *p, const char *name) {
+ qpol_bool(qpol_policy_t *p, const char *name) {
qpol_bool_t *b;
BEGIN_EXCEPTION
if (qpol_policy_get_bool_by_name(p, name, &b)) {
@@ -1233,7 +1233,7 @@ typedef struct qpol_bool {} qpol_bool_t;
fail:
return b;
};
- ~qpol_bool_t() {
+ ~qpol_bool() {
/* no op */
return;
};
@@ -1295,14 +1295,14 @@ typedef struct qpol_bool {} qpol_bool_t;
/* qpol context */
typedef struct qpol_context {} qpol_context_t;
%extend qpol_context_t {
- qpol_context_t() {
+ qpol_context() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_context_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_context_t() {
+ ~qpol_context() {
/* no op */
return;
};
@@ -1356,7 +1356,7 @@ typedef struct qpol_context {} qpol_context_t;
/* qpol class */
typedef struct qpol_class {} qpol_class_t;
%extend qpol_class_t {
- qpol_class_t(qpol_policy_t *p, const char *name) {
+ qpol_class(qpol_policy_t *p, const char *name) {
const qpol_class_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_class_by_name(p, name, &c)) {
@@ -1366,7 +1366,7 @@ typedef struct qpol_class {} qpol_class_t;
fail:
return (qpol_class_t*)c;
};
- ~qpol_class_t() {
+ ~qpol_class() {
/* no op */
return;
};
@@ -1443,7 +1443,7 @@ typedef struct qpol_class {} qpol_class_t;
/* qpol common */
typedef struct qpol_common {} qpol_common_t;
%extend qpol_common_t {
- qpol_common_t(qpol_policy_t *p, const char *name) {
+ qpol_common(qpol_policy_t *p, const char *name) {
const qpol_common_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_common_by_name(p, name, &c)) {
@@ -1453,7 +1453,7 @@ typedef struct qpol_common {} qpol_common_t;
fail:
return (qpol_common_t*)c;
};
- ~qpol_common_t() {
+ ~qpol_common() {
/* no op */
return;
};
@@ -1515,7 +1515,7 @@ typedef struct qpol_common {} qpol_common_t;
#define QPOL_FS_USE_PSID 6U
#endif
typedef struct qpol_fs_use {} qpol_fs_use_t;
-%extend qpol_fs_use_t {
+%extend qpol_fs_use {
qpol_fs_use_t(qpol_policy_t *p, const char *name) {
const qpol_fs_use_t *f;
BEGIN_EXCEPTION
@@ -1526,7 +1526,7 @@ typedef struct qpol_fs_use {} qpol_fs_use_t;
fail:
return (qpol_fs_use_t*)f;
};
- ~qpol_fs_use_t() {
+ ~qpol_fs_use() {
/* no op */
return;
};
@@ -1594,7 +1594,7 @@ typedef struct qpol_fs_use {} qpol_fs_use_t;
#endif
typedef struct qpol_genfscon {} qpol_genfscon_t;
%extend qpol_genfscon_t {
- qpol_genfscon_t(qpol_policy_t *p, const char *name, const char *path) {
+ qpol_genfscon(qpol_policy_t *p, const char *name, const char *path) {
qpol_genfscon_t *g;
BEGIN_EXCEPTION
if (qpol_policy_get_genfscon_by_name(p, name, path, &g)) {
@@ -1604,7 +1604,7 @@ typedef struct qpol_genfscon {} qpol_genfscon_t;
fail:
return g;
};
- ~qpol_genfscon_t() {
+ ~qpol_genfscon() {
free(self);
};
const char *get_name(qpol_policy_t *p) {
@@ -1656,7 +1656,7 @@ typedef struct qpol_genfscon {} qpol_genfscon_t;
/* qpol isid */
typedef struct qpol_isid {} qpol_isid_t;
-%extend qpol_isid_t {
+%extend qpol_isid {
qpol_isid_t(qpol_policy_t *p, const char *name) {
const qpol_isid_t *i;
BEGIN_EXCEPTION
@@ -1667,7 +1667,7 @@ typedef struct qpol_isid {} qpol_isid_t;
fail:
return (qpol_isid_t*)i;
};
- ~qpol_isid_t() {
+ ~qpol_isid() {
/* no op */
return;
};
@@ -1701,7 +1701,7 @@ typedef struct qpol_isid {} qpol_isid_t;
/* qpol netifcon */
typedef struct qpol_netifcon {} qpol_netifcon_t;
%extend qpol_netifcon_t {
- qpol_netifcon_t(qpol_policy_t *p, const char *name) {
+ qpol_netifcon(qpol_policy_t *p, const char *name) {
const qpol_netifcon_t *n;
BEGIN_EXCEPTION
if (qpol_policy_get_netifcon_by_name(p, name, &n)) {
@@ -1711,7 +1711,7 @@ typedef struct qpol_netifcon {} qpol_netifcon_t;
fail:
return (qpol_netifcon_t*)n;
};
- ~qpol_netifcon_t() {
+ ~qpol_netifcon() {
/* no op */
return;
};
@@ -1757,7 +1757,7 @@ typedef struct qpol_netifcon {} qpol_netifcon_t;
#define QPOL_IPV6 1
typedef struct qpol_nodecon {} qpol_nodecon_t;
%extend qpol_nodecon_t {
- qpol_nodecon_t(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
+ qpol_nodecon(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
uint32_t a[4], m[4];
qpol_nodecon_t *n;
BEGIN_EXCEPTION
@@ -1772,7 +1772,7 @@ typedef struct qpol_nodecon {} qpol_nodecon_t;
fail:
return n;
}
- ~qpol_nodecon_t() {
+ ~qpol_nodecon() {
free(self);
};
uint32_t *get_addr(qpol_policy_t *p) {
@@ -1830,7 +1830,7 @@ typedef struct qpol_nodecon {} qpol_nodecon_t;
#define IPPROTO_UDP 17
typedef struct qpol_portcon {} qpol_portcon_t;
%extend qpol_portcon_t {
- qpol_portcon_t(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
+ qpol_portcon(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
const qpol_portcon_t *qp;
BEGIN_EXCEPTION
if (qpol_policy_get_portcon_by_port(p, low, high, protocol, &qp)) {
@@ -1840,7 +1840,7 @@ typedef struct qpol_portcon {} qpol_portcon_t;
fail:
return (qpol_portcon_t*)qp;
};
- ~qpol_portcon_t() {
+ ~qpol_portcon() {
/* no op */
return;
};
@@ -1893,7 +1893,7 @@ typedef struct qpol_portcon {} qpol_portcon_t;
/* qpol constraint */
typedef struct qpol_constraint {} qpol_constraint_t;
-%extend qpol_constraint_t {
+%extend qpol_constraint {
qpol_constraint_t() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_t objects");
@@ -1901,7 +1901,7 @@ typedef struct qpol_constraint {} qpol_constraint_t;
fail:
return NULL;
};
- ~qpol_constraint_t() {
+ ~qpol_constraint() {
free(self);
};
const qpol_class_t *get_class(qpol_policy_t *p) {
@@ -1945,7 +1945,7 @@ typedef struct qpol_constraint {} qpol_constraint_t;
/* qpol validatetrans */
typedef struct qpol_validatetrans {} qpol_validatetrans_t;
-%extend qpol_validatetrans_t {
+%extend qpol_validatetrans {
qpol_validatetrans_t() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_validatetrans_t objects");
@@ -1953,7 +1953,7 @@ typedef struct qpol_validatetrans {} qpol_validatetrans_t;
fail:
return NULL;
};
- ~qpol_validatetrans_t() {
+ ~qpol_validatetrans() {
free(self);
};
const qpol_class_t *get_class(qpol_policy_t *p) {
@@ -2011,14 +2011,14 @@ typedef struct qpol_validatetrans {} qpol_validatetrans_t;
#define QPOL_CEXPR_OP_INCOMP 5
typedef struct qpol_constraint_expr_node {} qpol_constraint_expr_node_t;
%extend qpol_constraint_expr_node_t {
- qpol_constraint_expr_node_t() {
+ qpol_constraint_expr_node() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_expr_node_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_constraint_expr_node_t() {
+ ~qpol_constraint_expr_node() {
/* no op */
return;
};
@@ -2073,14 +2073,14 @@ typedef struct qpol_constraint_expr_node {} qpol_constraint_expr_node_t;
/* qpol role allow */
typedef struct qpol_role_allow {} qpol_role_allow_t;
%extend qpol_role_allow_t {
- qpol_role_allow_t() {
+ qpol_role_allow() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_allow_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_role_allow_t() {
+ ~qpol_role_allow() {
/* no op */
return;
};
@@ -2114,14 +2114,14 @@ typedef struct qpol_role_allow {} qpol_role_allow_t;
/* qpol role trans */
typedef struct qpol_role_trans {} qpol_role_trans_t;
%extend qpol_role_trans_t {
- qpol_role_trans_t() {
+ qpol_role_trans() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_trans_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_role_trans_t() {
+ ~qpol_role_trans() {
/* no op */
return;
};
@@ -2165,14 +2165,14 @@ typedef struct qpol_role_trans {} qpol_role_trans_t;
/* qpol range trans */
typedef struct qpol_range_trans {} qpol_range_trans_t;
%extend qpol_range_trans_t {
- qpol_range_trans_t() {
+ qpol_range_trans() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_range_trans_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_range_trans_t() {
+ ~qpol_range_trans() {
/* no op */
return;
};
@@ -2228,14 +2228,14 @@ typedef struct qpol_range_trans {} qpol_range_trans_t;
#define QPOL_RULE_DONTAUDIT 4
typedef struct qpol_avrule {} qpol_avrule_t;
%extend qpol_avrule_t {
- qpol_avrule_t() {
+ qpol_avrule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_avrule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_avrule_t() {
+ ~qpol_avrule() {
/* no op */
return;
};
@@ -2348,14 +2348,14 @@ typedef struct qpol_avrule {} qpol_avrule_t;
#define QPOL_RULE_TYPE_MEMBER 32
typedef struct qpol_terule {} qpol_terule_t;
%extend qpol_terule_t {
- qpol_terule_t() {
+ qpol_terule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_terule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_terule_t() {
+ ~qpol_terule() {
/* no op */
return;
};
@@ -2464,14 +2464,14 @@ typedef struct qpol_terule {} qpol_terule_t;
/* qpol conditional */
typedef struct qpol_cond {} qpol_cond_t;
%extend qpol_cond_t {
- qpol_cond_t() {
+ qpol_cond() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_cond_t() {
+ ~qpol_cond() {
/* no op */
return;
};
@@ -2557,14 +2557,14 @@ typedef struct qpol_cond {} qpol_cond_t;
#define QPOL_COND_EXPR_NEQ 7 /* bool != bool */
typedef struct qpol_cond_expr_node {} qpol_cond_expr_node_t;
%extend qpol_cond_expr_node_t {
- qpol_cond_expr_node_t() {
+ qpol_cond_expr_node() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_expr_node_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_cond_expr_node_t() {
+ ~qpol_cond_expr_node() {
/* no op */
return;
};
@@ -2602,14 +2602,14 @@ typedef struct qpol_cond_expr_node {} qpol_cond_expr_node_t;
/* qpol type set */
typedef struct qpol_type_set {} qpol_type_set_t;
%extend qpol_type_set_t {
- qpol_type_set_t() {
+ qpol_type_set() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_type_set_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_type_set_t() {
+ ~qpol_type_set() {
/* no op */
return;
};
@@ -2665,14 +2665,14 @@ typedef struct qpol_type_set {} qpol_type_set_t;
/* qpol syn av rule */
typedef struct qpol_syn_avrule {} qpol_syn_avrule_t;
%extend qpol_syn_avrule_t {
- qpol_syn_avrule_t() {
+ qpol_syn_avrule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_avrule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_syn_avrule_t() {
+ ~qpol_syn_avrule() {
/* no op */
return;
};
@@ -2778,14 +2778,14 @@ typedef struct qpol_syn_avrule {} qpol_syn_avrule_t;
/* qpol syn te rule */
typedef struct qpol_syn_terule {} qpol_syn_terule_t;
%extend qpol_syn_terule_t {
- qpol_syn_terule_t() {
+ qpol_syn_terule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_terule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_syn_terule_t() {
+ ~qpol_syn_terule() {
/* no op */
return;
};
--
1.8.5.3

97
0004-Apply-selinux_current_policy_path-patch.patch
View File

@ -1,97 +0,0 @@
From 85a12d481d664120865b46cd1c4c325307179471 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 10:53:54 +0200
Subject: [PATCH 04/11] Apply selinux_current_policy_path patch
---
libqpol/src/util.c | 73 ++++--------------------------------------------------
1 file changed, 5 insertions(+), 68 deletions(-)
diff --git a/libqpol/src/util.c b/libqpol/src/util.c
index 7c49876..8f74b2b 100644
--- a/libqpol/src/util.c
+++ b/libqpol/src/util.c
@@ -84,75 +84,12 @@ static int get_binpol_version(const char *policy_fname)
static int search_policy_binary_file(char **path)
{
- const char *binary_path;
- if ((binary_path = selinux_binary_policy_path()) == NULL) {
- return -1;
- }
-
- int expected_version = -1, latest_version = -1;
-#ifdef LIBSELINUX
- /* if the system has SELinux enabled, prefer the policy whose
- name matches the current policy version */
- if ((expected_version = security_policyvers()) < 0) {
- return -1;
- }
-#endif
-
- glob_t glob_buf;
- struct stat fs;
- int rt, error = 0, retval = -1;
- size_t i;
- char *pattern = NULL;
- if (asprintf(&pattern, "%s.*", binary_path) < 0) {
- return -1;
- }
- glob_buf.gl_offs = 1;
- glob_buf.gl_pathc = 0;
- rt = glob(pattern, GLOB_DOOFFS, NULL, &glob_buf);
- if (rt != 0 && rt != GLOB_NOMATCH) {
- errno = EIO;
- return -1;
- }
-
- for (i = 0; i < glob_buf.gl_pathc; i++) {
- char *p = glob_buf.gl_pathv[i + glob_buf.gl_offs];
- if (stat(p, &fs) != 0) {
- error = errno;
- goto cleanup;
- }
- if (S_ISDIR(fs.st_mode))
- continue;
-
- if ((rt = get_binpol_version(p)) < 0) {
- error = errno;
- goto cleanup;
- }
-
- if (rt > latest_version || rt == expected_version) {
- free(*path);
- if ((*path = strdup(p)) == NULL) {
- error = errno;
- goto cleanup;
- }
- if (rt == expected_version) {
- break;
- }
- latest_version = rt;
- }
- }
-
- if (*path == NULL) {
- retval = 1;
- } else {
- retval = 0;
- }
- cleanup:
- free(pattern);
- globfree(&glob_buf);
- if (retval == -1) {
- errno = error;
+ const char *binary_path = selinux_current_policy_path();
+ if (binary_path) {
+ *path = strdup(binary_path);
+ if (*path) return 0;
}
- return retval;
+ return -1;
}
int qpol_default_policy_find(char **path)
--
1.8.5.3

78
0004-Fix-man-pages-and-getoptions.patch
View File

@ -1,78 +0,0 @@
From b3c8ef5822dbf3e3272fc29627ddac7e20e936d5 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:41:12 -0400
Subject: [PATCH 4/6] Fix-man-pages-and-getoptions
---
man/replcon.1 | 2 ++
man/seinfo.1 | 6 +++++-
seaudit/seaudit-report.c | 2 +-
sediff/sediff.c | 2 +-
4 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/man/replcon.1 b/man/replcon.1
index 8aca08a..478dc51 100644
--- a/man/replcon.1
+++ b/man/replcon.1
@@ -44,6 +44,8 @@ Search for files which include PATH.
.IP "-c CLASS, --class=CLASS"
Search only files of object class CLASS.
.SH OPTIONS
+.IP "-R, --regex"
+Enable regular expressions
.IP "-v, --verbose"
Display context info during replacement.
.IP "-h, --help"
diff --git a/man/seinfo.1 b/man/seinfo.1
index 8612119..6bc17db 100644
--- a/man/seinfo.1
+++ b/man/seinfo.1
@@ -76,6 +76,10 @@ There is no expanded information for this component.
.IP "--nodecon[=ADDR]"
Print a list of node contexts or, if ADDR is provided, print the statement for the node with address ADDR.
There is no expanded information for this component.
+.IP "--polcap"
+Print policy capabilities.
+.IP "--permissive"
+Print permissive types.
.IP "--portcon[=PORT]"
Print a list of port contexts or, if PORT is provided, print the statement for port PORT.
There is no expanded information for this component.
@@ -93,7 +97,7 @@ These details include the types assigned to an attribute or role and the permiss
This option is not available for all component types; see the description of each component for the details this option will provide.
.IP "--stats"
Print policy statistics including policy type and version information and counts of all components and rules.
-.IP "-l"
+.IP "-l, --line-breaks"
Print line breaks when displaying constraint statements.
.IP "-h, --help"
Print help information and exit.
diff --git a/seaudit/seaudit-report.c b/seaudit/seaudit-report.c
index af3c6fb..d436c18 100644
--- a/seaudit/seaudit-report.c
+++ b/seaudit/seaudit-report.c
@@ -100,7 +100,7 @@ static void seaudit_report_info_usage(const char *program_name, int brief)
printf(" -s, --stdin read log data from standard input\n");
printf(" -m, --malformed include malformed log messages\n");
printf(" -o FILE, --output=FILE output to FILE\n");
- printf(" --config=FILE read configuration from FILE\n");
+ printf(" -c FILE, --config=FILE read configuration from FILE\n");
printf(" --html set output format to HTML\n");
printf(" --stylesheet=FILE HTML style sheet for formatting HTML report\n");
printf(" (ignored if --html is not given)\n");
diff --git a/sediff/sediff.c b/sediff/sediff.c
index 6022775..341c650 100644
--- a/sediff/sediff.c
+++ b/sediff/sediff.c
@@ -420,7 +420,7 @@ int main(int argc, char **argv)
poldiff_t *diff = NULL;
size_t total = 0;
- while ((optc = getopt_long(argc, argv, "ctarubANDLMCRqhV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ctarubAqhV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
--
1.7.6.2

24
0005-Apply-seaudit-patch-for-progress.c.patch
View File

@ -1,24 +0,0 @@
From ba8e76cd514e8ce92a48931963e97fe79589a71a Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 11:12:37 +0200
Subject: [PATCH 05/11] Apply seaudit patch for progress.c
---
libqpol/swig/java/Makefile.am | 1 -
1 file changed, 1 deletion(-)
diff --git a/libqpol/swig/java/Makefile.am b/libqpol/swig/java/Makefile.am
index a25eacb..533b55a 100644
--- a/libqpol/swig/java/Makefile.am
+++ b/libqpol/swig/java/Makefile.am
@@ -48,7 +48,6 @@ BUILT_SOURCES = qpol_wrap.c \
qpol_type_t.java \
qpol_user_t.java \
qpol_validatetrans_t.java \
- SWIGTYPE_p_int.java \
SWIGTYPE_p_unsigned_int.java \
SWIGTYPE_p_void.java
--
1.8.5.3

34
0005-Fix-sepol-calls-to-work-with-latest-libsepol.patch
View File

@ -1,34 +0,0 @@
From 2b58d92add64b53b16cbb438e7b69e85d046afd1 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 15:46:38 -0400
Subject: [PATCH 5/6] Fix sepol calls to work with latest libsepol
---
configure.ac | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index e837e03..3c11e23 100644
--- a/configure.ac
+++ b/configure.ac
@@ -505,7 +505,7 @@ AC_COMPILE_IFELSE(
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return role_set_expand(NULL, NULL, NULL, NULL);
+ return role_set_expand(NULL, NULL, NULL, NULL, NULL);
}])],
sepol_new_user_role_mapping="yes",
sepol_new_user_role_mapping="no")
@@ -541,7 +541,7 @@ if test ${sepol_check_boolmap} = "yes"; then
[AC_LANG_SOURCE([
#include <sepol/policydb/expand.h>
int main () {
- return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0);
+ return expand_module_avrules(NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 0);
}])],
AC_MSG_RESULT([yes]),
AC_MSG_ERROR([this version of libsepol is incompatible with SETools]))
--
1.7.6.2

39
0006-Add-support-for-boolean-subs.patch
View File

@ -1,39 +0,0 @@
From 61d3d40e791a4ac392930f11785e4057f67a5b09 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 11:14:50 +0200
Subject: [PATCH 06/11] Add support for boolean subs
---
secmds/seinfo.c | 2 +-
secmds/sesearch.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
index a970890..54b2a6a 100644
--- a/secmds/seinfo.c
+++ b/secmds/seinfo.c
@@ -1720,7 +1720,7 @@ int main(int argc, char **argv)
case 'b': /* conditional booleans */
bools = 1;
if (optarg != 0)
- bool_name = optarg;
+ bool_name = selinux_boolean_sub(optarg);
break;
case OPT_INITIALSID:
isids = 1;
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
index 387d526..e1436a7 100644
--- a/secmds/sesearch.c
+++ b/secmds/sesearch.c
@@ -1067,7 +1067,7 @@ int main(int argc, char **argv)
printf("Missing boolean for -b (--bool)\n");
exit(1);
}
- cmd_opts.bool_name = strdup(optarg);
+ cmd_opts.bool_name = strdup(selinux_boolean_sub(optarg));
if (!cmd_opts.bool_name) {
fprintf(stderr, "%s\n", strerror(errno));
exit(1);
--
1.8.5.3

1505
0006-Changes-to-support-named-file_trans-rules.patch
View File

File diff suppressed because it is too large Load Diff

277
0007-Remove-unused-variables.patch
View File

@ -1,277 +0,0 @@
From e30036e358b8f1c3f56048b467e8646fa3bfffb6 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Sep 2011 16:40:26 -0400
Subject: [PATCH 7/7] Remove unused variables
---
libapol/src/ftrule-query.c | 11 ++----
libqpol/src/ftrule_query.c | 2 -
secmds/sesearch.c | 86 +++++++++++++++++++++++++++++++++-----------
3 files changed, 68 insertions(+), 31 deletions(-)
diff --git a/libapol/src/ftrule-query.c b/libapol/src/ftrule-query.c
index dc248de..9c7a23b 100644
--- a/libapol/src/ftrule-query.c
+++ b/libapol/src/ftrule-query.c
@@ -45,14 +45,11 @@ struct apol_filename_trans_query
int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filename_trans_query_t * t, apol_vector_t ** v)
{
apol_vector_t *source_list = NULL, *target_list = NULL, *class_list = NULL, *default_list = NULL;
- int retval = -1, source_as_any = 0, is_regex = 0, append_filename_trans;
- char *bool_name = NULL;
+ int retval = -1, source_as_any = 0, is_regex = 0;
*v = NULL;
- unsigned int flags = 0;
- qpol_iterator_t *iter = NULL, *type_iter = NULL;
+ qpol_iterator_t *iter = NULL;
if (t != NULL) {
- flags = t->flags;
is_regex = t->flags & APOL_QUERY_REGEX;
if (t->source != NULL &&
(source_list =
@@ -104,7 +101,7 @@ int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filenam
if (qpol_iterator_get_item(iter, (void **)&filename_trans) < 0) {
goto cleanup;
}
- int match_source = 0, match_target = 0, match_default = 0, match_bool = 0;
+ int match_source = 0, match_target = 0, match_default = 0;
size_t i;
if (source_list == NULL) {
@@ -265,10 +262,8 @@ char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filena
{
char *tmp = NULL;
const char *tmp_name = NULL;
- const char *filename_trans_type_str;
int error = 0;
size_t tmp_sz = 0;
- uint32_t filename_trans_type = 0;
const qpol_type_t *type = NULL;
const qpol_class_t *obj_class = NULL;
diff --git a/libqpol/src/ftrule_query.c b/libqpol/src/ftrule_query.c
index d6db848..3148d30 100644
--- a/libqpol/src/ftrule_query.c
+++ b/libqpol/src/ftrule_query.c
@@ -254,7 +254,6 @@ int qpol_filename_trans_get_default_type(const qpol_policy_t * policy, const qpo
int qpol_filename_trans_get_filename(const qpol_policy_t * policy, const qpol_filename_trans_t * rule, const char ** name)
{
- policydb_t *db = NULL;
filename_trans_t *ft = NULL;
if (name) {
@@ -267,7 +266,6 @@ int qpol_filename_trans_get_filename(const qpol_policy_t * policy, const qpol_fi
return STATUS_ERR;
}
- db = &policy->p->p;
ft = (filename_trans_t *) rule;
*name = ft->name;
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
index e44b3bc..319ffe7 100644
--- a/secmds/sesearch.c
+++ b/secmds/sesearch.c
@@ -72,6 +72,7 @@ static struct option const longopts[] = {
{"source", required_argument, NULL, 's'},
{"target", required_argument, NULL, 't'},
+ {"default", required_argument, NULL, 'D'},
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
{"class", required_argument, NULL, 'c'},
@@ -92,6 +93,7 @@ typedef struct options
{
char *src_name;
char *tgt_name;
+ char *default_name;
char *src_role_name;
char *tgt_role_name;
char *class_name;
@@ -293,7 +295,8 @@ static void print_syn_av_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -356,7 +359,8 @@ static void print_av_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -488,7 +492,8 @@ static void print_syn_te_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -553,7 +558,8 @@ static void print_te_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- asprintf(&expr, "[ %s ]", tmp);
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
+ goto cleanup;
free(tmp);
tmp = NULL;
if (!expr)
@@ -586,7 +592,7 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
return -1;
}
- if (!opt->type == QPOL_RULE_TYPE_TRANS && !opt->all) {
+ if (!opt->type && !opt->all) {
*v = NULL;
return 0; /* no search to do */
}
@@ -600,17 +606,44 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
apol_filename_trans_query_set_regex(policy, ftq, opt->useregex);
if (opt->src_name) {
- if (apol_filename_trans_query_set_source(policy, ftq, opt->src_name)) {
+ if (apol_filename_trans_query_set_source(policy, ftq, opt->src_name, opt->indirect)) {
error = errno;
goto err;
}
}
+
if (opt->tgt_name) {
if (apol_filename_trans_query_set_target(policy, ftq, opt->tgt_name, opt->indirect)) {
error = errno;
goto err;
}
}
+ if (opt->default_name) {
+ if (apol_filename_trans_query_set_default(policy, ftq, opt->default_name)) {
+ error = errno;
+ goto err;
+ }
+ }
+
+ if (opt->class_name) {
+ if (opt->class_vector == NULL) {
+ if (apol_filename_trans_query_append_class(policy, ftq, opt->class_name)) {
+ error = errno;
+ goto err;
+ }
+ } else {
+ for (size_t i = 0; i < apol_vector_get_size(opt->class_vector); ++i) {
+ char *class_name;
+ class_name = apol_vector_get_element(opt->class_vector, i);
+ if (!class_name)
+ continue;
+ if (apol_filename_trans_query_append_class(policy, ftq, class_name)) {
+ error = errno;
+ goto err;
+ }
+ }
+ }
+ }
if (apol_filename_trans_get_by_query(policy, ftq, v)) {
error = errno;
@@ -630,37 +663,36 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
static void print_ft_results(const apol_policy_t * policy, const options_t * opt, const apol_vector_t * v)
{
- qpol_policy_t *q = apol_policy_get_qpol(policy);
- size_t i, num_rules = 0;
- const qpol_filename_trans_t *rule = NULL;
- char *tmp = NULL, *rule_str = NULL, *expr = NULL;
+ size_t i, num_filename_trans = 0;
+ const qpol_filename_trans_t *filename_trans = NULL;
+ char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
char enable_char = ' ', branch_char = ' ';
qpol_iterator_t *iter = NULL;
const qpol_cond_t *cond = NULL;
uint32_t enabled = 0, list = 0;
- if (!(num_rules = apol_vector_get_size(v)))
+ if (!(num_filename_trans = apol_vector_get_size(v)))
goto cleanup;
- fprintf(stdout, "Found %zd named file transition rules:\n", num_rules);
+ fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
- for (i = 0; i < num_rules; i++) {
+ for (i = 0; i < num_filename_trans; i++) {
enable_char = branch_char = ' ';
- if (!(rule = apol_vector_get_element(v, i)))
+ if (!(filename_trans = apol_vector_get_element(v, i)))
goto cleanup;
- if (!(rule_str = apol_filename_trans_render(policy, rule)))
+ if (!(filename_trans_str = apol_filename_trans_render(policy, filename_trans)))
goto cleanup;
- fprintf(stdout, "%s %s\n", rule_str, expr ? expr : "");
- free(rule_str);
- rule_str = NULL;
+ fprintf(stdout, "%s %s\n", filename_trans_str, expr ? expr : "");
+ free(filename_trans_str);
+ filename_trans_str = NULL;
free(expr);
expr = NULL;
}
cleanup:
free(tmp);
- free(rule_str);
+ free(filename_trans_str);
free(expr);
}
@@ -930,7 +962,7 @@ int main(int argc, char **argv)
memset(&cmd_opts, 0, sizeof(cmd_opts));
cmd_opts.indirect = true;
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dRnSChV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
@@ -946,6 +978,18 @@ int main(int argc, char **argv)
exit(1);
}
break;
+ case 'D': /* source */
+ if (optarg == 0) {
+ usage(argv[0], 1);
+ printf("Missing source default type for -D (--default)\n");
+ exit(1);
+ }
+ cmd_opts.default_name = strdup(optarg);
+ if (!cmd_opts.default_name) {
+
+ exit(1);
+ }
+ break;
case 't': /* target */
if (optarg == 0) {
usage(argv[0], 1);
@@ -1218,7 +1262,7 @@ int main(int argc, char **argv)
fprintf(stdout, "\n");
}
- if (cmd_opts.all || cmd_opts.type == QPOL_RULE_TYPE_TRANS) {
+ if (cmd_opts.all || cmd_opts.type) {
apol_vector_destroy(&v);
if (perform_ft_query(policy, &cmd_opts, &v)) {
rt = 1;
--
1.7.6.2

276
0007-Setools-noship.patch
View File

@ -1,276 +0,0 @@
From a39d0831d654292fb2a1f7b9ee18ecc9239f610f Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 18:38:34 +0200
Subject: [PATCH 07/11] Setools noship
---
Makefile.am | 26 +++-----------------------
configure.ac | 2 +-
man/Makefile.am | 15 +++------------
seaudit/Makefile.am | 31 +++----------------------------
secmds/Makefile.am | 14 +-------------
sediff/Makefile.am | 32 ++------------------------------
6 files changed, 13 insertions(+), 107 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 176c8ea..4cac386 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -10,7 +10,7 @@ if BUILD_GUI
endif
# sediffx is also built conditionally, from sediffx/Makefile.am
-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
@@ -49,12 +49,6 @@ seaudit: libqpol libapol libseaudit
sediff: libqpol libapol libpoldiff
$(MAKE) -C $(top_srcdir)/sediff sediff
-sediffx: libqpol libapol libpoldiff
- $(MAKE) -C $(top_srcdir)/sediff sediffx
-
-sechecker: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/sechecker
-
help:
@echo "Make targets for SETools:"
@echo " all: build everything, but do not install"
@@ -65,8 +59,6 @@ help:
@echo " secmds: build command line tools"
@echo " seaudit: build audit log analysis tools"
@echo " sediff: build semantic policy diff command line tool"
- @echo " sediffx: build semantic policy diff graphical tool"
- @echo " sechecker: build policy checking tool"
@echo ""
@echo " install-logwatch: install LogWatch config files for seaudit-report"
@echo " (requires LogWatch and root privileges)"
@@ -78,9 +70,9 @@ install-logwatch:
$(MAKE) -C $(top_srcdir)/seaudit install-logwatch
.PHONY: libqpol libapol libpoldiff libsefs libseaudit \
- apol secmds seaudit sediff sediffx sechecker \
+ apol secmds seaudit sediff \
install-logwatch help \
- seinfo sesearch indexcon findcon replcon searchcon \
+ seinfo sesearch \
packages
seinfo: libqpol libapol
@@ -89,18 +81,6 @@ seinfo: libqpol libapol
sesearch: libqpol libapol
$(MAKE) -C $(top_srcdir)/secmds sesearch
-indexcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds indexcon
-
-findcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds findcon
-
-replcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds replcon
-
-searchcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds searchcon
-
packages:
$(MAKE) -C $(top_srcdir)/packages
diff --git a/configure.ac b/configure.ac
index 2a5b55b..5b1da5e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -63,7 +63,7 @@ if test ${ac_cv_prog_cc_c99} = "no"; then
fi
AC_PROG_CXX
AC_LANG([C])
-AC_PROG_LIBTOOL
+AC_PROG_RANLIB
AC_PROG_LN_S
AC_PROG_LEX
AC_PROG_YACC
diff --git a/man/Makefile.am b/man/Makefile.am
index 0fafccb..f88e00a 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -1,19 +1,10 @@
if BUILD_GUI
MAYBEMANS = apol.1 \
- seaudit.8 seaudit-report.8 \
- sediffx.1
+ seaudit.8
endif
EXTRA_DIST=$(man_MANS) apol.1 \
- seaudit.8 seaudit-report.8.in \
- sediffx.1
+ seaudit.8
-man_MANS = findcon.1 indexcon.1 replcon.1 \
- sechecker.1 \
- sediff.1 \
+man_MANS = sediff.1 \
seinfo.1 sesearch.1 $(MAYBEMANS)
-
-seaudit-report.8: seaudit-report.8.in Makefile
- sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
-
-CLEANFILES = seaudit-report.8
diff --git a/seaudit/Makefile.am b/seaudit/Makefile.am
index 1987c99..3fa4413 100644
--- a/seaudit/Makefile.am
+++ b/seaudit/Makefile.am
@@ -1,5 +1,4 @@
setoolsdir = @setoolsdir@
-bin_PROGRAMS = seaudit-report
sbin_PROGRAMS = seaudit
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
@@ -20,13 +19,10 @@ LDADD = @SELINUX_LIB_FLAG@ @SEAUDIT_LIB_FLAG@ @APOL_LIB_FLAG@ @QPOL_LIB_FLAG@
dist_setools_DATA = \
seaudit.glade \
seaudit_help.txt \
- seaudit-report.conf \
- seaudit-report.css \
seaudit.png seaudit-small.png
nodist_setools_DATA = \
- dot_seaudit \
- seaudit-report-service
+ dot_seaudit
seaudit_SOURCES = \
filter_view.c filter_view.h \
@@ -50,31 +46,12 @@ seaudit_DEPENDENCIES = $(top_builddir)/libseaudit/src/libseaudit.so \
dot_seaudit: dot_seaudit.in Makefile
sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
-seaudit_report_SOURCES = seaudit-report.c
-seaudit_report_DEPENDENCIES = $(top_builddir)/libseaudit/src/libseaudit.so \
- $(top_builddir)/libapol/src/libapol.so \
- $(top_builddir)/libqpol/src/libqpol.so
-
logwatch = $(DESTDIR)/etc/logwatch
LOGWATCH_GROUP = $(logwatch)/conf/logfiles
LOGWATCH_SERVICE = $(logwatch)/conf/services
LOGWATCH_FILTER = $(logwatch)/scripts/services
-dist_noinst_DATA = dot_seaudit.in \
- seaudit-report-group.conf \
- seaudit-report-service.conf \
- seaudit-report-service.in
-
-seaudit-report-service: seaudit-report-service.in Makefile
- sed -e 's|\@bindir\@|$(bindir)|g' $< > $@
-
-install-logwatch: $(dist_noinst_DATA) seaudit-report-service
- mkdir -p -- $(LOGWATCH_GROUP)
- install -m 644 seaudit-report-group.conf $(LOGWATCH_GROUP)
- mkdir -p -- $(LOGWATCH_SERVICE)
- install -m 644 seaudit-report-service.conf $(LOGWATCH_SERVICE)
- mkdir -p -- $(LOGWATCH_FILTER)
- install -m 755 seaudit-report-service $(LOGWATCH_FILTER)
+dist_noinst_DATA = dot_seaudit.in
$(top_builddir)/libapol/src/libapol.so:
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
@@ -85,6 +62,4 @@ $(top_builddir)/libqpol/src/libqpol.so:
$(top_builddir)/libsefs/src/libsefs.so:
$(MAKE) -C $(top_builddir)/libsefs/src $(notdir $@)
-.PHONY: install-logwatch
-
-CLEANFILES = dot_seaudit seaudit-report-service
+CLEANFILES = dot_seaudit
diff --git a/secmds/Makefile.am b/secmds/Makefile.am
index ddc88b1..7fa4364 100644
--- a/secmds/Makefile.am
+++ b/secmds/Makefile.am
@@ -1,6 +1,6 @@
# various setools command line tools
-bin_PROGRAMS = seinfo sesearch findcon replcon indexcon
+bin_PROGRAMS = seinfo sesearch
# These are for indexcon so that it is usable on machines without setools
STATICLIBS = ../libsefs/src/libsefs.a ../libapol/src/libapol.a ../libqpol/src/libqpol.a -lsqlite3
@@ -18,18 +18,6 @@ seinfo_SOURCES = seinfo.c
sesearch_SOURCES = sesearch.c
-indexcon_SOURCES = indexcon.cc
-indexcon_LDADD = @SELINUX_LIB_FLAG@ $(STATICLIBS)
-indexcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
-findcon_SOURCES = findcon.cc
-findcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
-findcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
-replcon_SOURCES = replcon.cc
-replcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
-replcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
$(top_builddir)/libapol/src/libapol.so:
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
diff --git a/sediff/Makefile.am b/sediff/Makefile.am
index 3f53cd3..2d9ce84 100644
--- a/sediff/Makefile.am
+++ b/sediff/Makefile.am
@@ -1,13 +1,6 @@
setoolsdir = @setoolsdir@
-dist_setools_DATA = sediff_help.txt sediffx.glade \
- sediffx.png sediffx-small.png
-
-if BUILD_GUI
- MAYBE_SEDIFFX = sediffx
-endif
-
-bin_PROGRAMS = sediff $(MAYBE_SEDIFFX)
+bin_PROGRAMS = sediff
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
@QPOL_CFLAGS@ @APOL_CFLAGS@ @POLDIFF_CFLAGS@
@@ -15,14 +8,7 @@ AM_LDFLAGS = @DEBUGLDFLAGS@ @WARNLDFLAGS@ @PROFILELDFLAGS@
LDADD = @SELINUX_LIB_FLAG@ @POLDIFF_LIB_FLAG@ @APOL_LIB_FLAG@ @QPOL_LIB_FLAG@
-sediff_CFLAGS = $(AM_CFLAGS)
-sediffx_CFLAGS = $(AM_CFLAGS) \
- @GTK_CFLAGS@ @PIXBUF_CFLAGS@ @GLADE_CFLAGS@ @GTHREAD_CFLAGS@
-
-# need the -rdynamic flag below - glade uses dlopen() upon sediffx callbacks
-sediffx_LDFLAGS = $(AM_LDFLAGS) \
- @GTK_LIBS@ @PIXBUF_LIBS@ @GLADE_LIBS@ @GTHREAD_LIBS@ @XML_LIBS@ \
- -rdynamic
+sediff_CFLAGS = $(AM_CFLAGS)
DEPENDENCIES = $(top_builddir)/libpoldiff/src/libpoldiff.so \
$(top_builddir)/libapol/src/libapol.so \
@@ -30,20 +16,6 @@ DEPENDENCIES = $(top_builddir)/libpoldiff/src/libpoldiff.so \
sediff_SOURCES = sediff.c
-sediffx_SOURCES = \
- find_dialog.c find_dialog.h \
- open_policies_dialog.c open_policies_dialog.h \
- policy_view.c policy_view.h \
- progress.c progress.h \
- remap_types_dialog.c remap_types_dialog.h \
- result_item.c result_item.h \
- result_item_render.c result_item_render.h \
- results.c results.h \
- select_diff_dialog.c select_diff_dialog.h \
- toplevel.c toplevel.h \
- utilgui.c utilgui.h \
- sediffx.c sediffx.h
-
$(top_builddir)/libpoldiff/src/libpoldiff.so:
$(MAKE) -C $(top_builddir)/libpoldiff/src $(notdir $@)
--
1.8.5.3

92
0008-Add-alias-support-to-seinfo-t.patch
View File

@ -1,92 +0,0 @@
From 1136e61a9839ad3b60eb2da4d624413c02545c7d Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 18:42:27 +0200
Subject: [PATCH 08/11] Add alias support to seinfo -t
---
secmds/seinfo.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 48 insertions(+)
diff --git a/secmds/seinfo.c b/secmds/seinfo.c
index 54b2a6a..1878c49 100644
--- a/secmds/seinfo.c
+++ b/secmds/seinfo.c
@@ -46,6 +46,7 @@
#include <string.h>
#include <assert.h>
#include <getopt.h>
+#include <selinux/selinux.h>
#define COPYRIGHT_INFO "Copyright (C) 2003-2007 Tresys Technology, LLC"
@@ -54,6 +55,7 @@
static char *policy_file = NULL;
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb);
static int print_type_attrs(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
static int print_attr_types(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
static int print_user_roles(FILE * fp, const qpol_user_t * user_datum, const apol_policy_t * policydb, const int expand);
@@ -514,6 +516,7 @@ static int print_types(FILE * fp, const char *name, int expand, const apol_polic
goto cleanup;
if (print_type_attrs(fp, type_datum, policydb, expand))
goto cleanup;
+ print_type_aliases(fp, type_datum, policydb);
} else {
if (qpol_policy_get_type_iter(q, &iter))
goto cleanup;
@@ -1912,6 +1915,51 @@ int main(int argc, char **argv)
}
/**
+ * Prints the alias of a type.
+ *
+ * @param fp Reference to a file to which to print type information
+ * @param type_datum Reference to sepol type_datum
+ * @param policydb Reference to a policy
+ * attributes
+ */
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb)
+{
+ qpol_iterator_t *iter = NULL;
+ size_t alias_size;
+ unsigned char isattr, isalias;
+ const char *type_name = NULL;
+ const char *alias_name;
+ qpol_policy_t *q = apol_policy_get_qpol(policydb);
+
+ if (qpol_type_get_name(q, type_datum, &type_name))
+ goto cleanup;
+ if (qpol_type_get_isattr(q, type_datum, &isattr))
+ goto cleanup;
+ if (qpol_type_get_isalias(q, type_datum, &isalias))
+ goto cleanup;
+
+ if (isalias) {
+ fprintf(fp, " TypeName %s\n", type_name);
+ }
+ if (qpol_type_get_alias_iter(q, type_datum, &iter))
+ goto cleanup;
+ if (qpol_iterator_get_size(iter, &alias_size))
+ goto cleanup;
+ if (alias_size > 0) {
+ fprintf(fp, " Aliases\n");
+ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
+ if (qpol_iterator_get_item(iter, (void **)&alias_name))
+ goto cleanup;
+ fprintf(fp, " %s\n", alias_name);
+ }
+ }
+
+ cleanup:
+ qpol_iterator_destroy(&iter);
+ return;
+}
+
+/**
* Prints a textual representation of a type, and possibly
* all of that type's attributes.
*
--
1.8.5.3

34
0008-Fix-output-to-match-policy-lines.patch
View File

@ -1,34 +0,0 @@
From 2f89d9acc12c0a7b50a94e4247b015242ce712c9 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Wed, 21 Sep 2011 15:15:02 -0400
Subject: [PATCH 8/8] Fix output to match policy lines
---
libapol/src/ftrule-query.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/libapol/src/ftrule-query.c b/libapol/src/ftrule-query.c
index 9c7a23b..1d5f5c8 100644
--- a/libapol/src/ftrule-query.c
+++ b/libapol/src/ftrule-query.c
@@ -282,7 +282,7 @@ char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filena
error = errno;
goto err;
}
- if (apol_str_appendf(&tmp, &tmp_sz, "transition_type %s ", tmp_name)) {
+ if (apol_str_appendf(&tmp, &tmp_sz, "type_transition %s ", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
@@ -338,7 +338,7 @@ char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filena
goto err;
}
- if (apol_str_appendf(&tmp, &tmp_sz, " %s", tmp_name)) {
+ if (apol_str_appendf(&tmp, &tmp_sz, " \"%s\"", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
--
1.7.6.2

258
0009-Fix-help-message-on-sesearch-D.patch
View File

@ -1,258 +0,0 @@
From bbe9f57845101d07eef31a772946437b3245c7d5 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 18:46:24 +0200
Subject: [PATCH 09/11] Fix help message on sesearch -D
---
man/sesearch.1 | 2 +-
secmds/sesearch.c | 77 +++++++++++++++++--------------------------------------
2 files changed, 25 insertions(+), 54 deletions(-)
diff --git a/man/sesearch.1 b/man/sesearch.1
index 573aedd..dc119eb 100644
--- a/man/sesearch.1
+++ b/man/sesearch.1
@@ -43,7 +43,7 @@ Search for allow rules.
Search for neverallow rules.
.IP "--auditallow"
Search for auditallow rules.
-.IP "--dontaudit"
+.IP "-D, --dontaudit"
Search for dontaudit rules.
.IP "-T, --type"
Search for type_transition, type_member, and type_change rules.
diff --git a/secmds/sesearch.c b/secmds/sesearch.c
index e1436a7..f53d670 100644
--- a/secmds/sesearch.c
+++ b/secmds/sesearch.c
@@ -24,6 +24,7 @@
*/
#include <config.h>
+#include <selinux/selinux.h>
/* libapol */
#include <apol/policy.h>
@@ -61,9 +62,8 @@ enum opt_values
static struct option const longopts[] = {
{"allow", no_argument, NULL, 'A'},
{"neverallow", no_argument, NULL, RULE_NEVERALLOW},
- {"audit", no_argument, NULL, RULE_AUDIT},
{"auditallow", no_argument, NULL, RULE_AUDITALLOW},
- {"dontaudit", no_argument, NULL, RULE_DONTAUDIT},
+ {"dontaudit", no_argument, NULL, 'D'},
{"type", no_argument, NULL, 'T'},
{"role_allow", no_argument, NULL, RULE_ROLE_ALLOW},
{"role_trans", no_argument, NULL, RULE_ROLE_TRANS},
@@ -72,7 +72,6 @@ static struct option const longopts[] = {
{"source", required_argument, NULL, 's'},
{"target", required_argument, NULL, 't'},
- {"default", required_argument, NULL, 'D'},
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
{"class", required_argument, NULL, 'c'},
@@ -129,7 +128,7 @@ void usage(const char *program_name, int brief)
printf(" -A, --allow allow rules\n");
printf(" --neverallow neverallow rules\n");
printf(" --auditallow auditallow rules\n");
- printf(" --dontaudit dontaudit rules\n");
+ printf(" -D, --dontaudit dontaudit rules\n");
printf(" -T, --type type_trans, type_member, and type_change\n");
printf(" --role_allow role allow rules\n");
printf(" --role_trans role_transition rules\n");
@@ -138,7 +137,6 @@ void usage(const char *program_name, int brief)
printf("EXPRESSIONS:\n");
printf(" -s NAME, --source=NAME rules with type/attribute NAME as source\n");
printf(" -t NAME, --target=NAME rules with type/attribute NAME as target\n");
- printf(" -D NAME, --default=NAME rules with type NAME as default\n");
printf(" --role_source=NAME rules with role NAME as source\n");
printf(" --role_target=NAME rules with role NAME as target\n");
printf(" -c NAME, --class=NAME rules with class NAME as the object class\n");
@@ -296,10 +294,8 @@ static void print_syn_av_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
- expr = NULL;
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
goto cleanup;
- }
free(tmp);
tmp = NULL;
if (!expr)
@@ -362,10 +358,8 @@ static void print_av_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
- expr = NULL;
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
goto cleanup;
- }
free(tmp);
tmp = NULL;
if (!expr)
@@ -421,8 +415,6 @@ static int perform_te_query(const apol_policy_t * policy, const options_t * opt,
apol_terule_query_set_target(policy, teq, opt->tgt_name, opt->indirect);
if (opt->bool_name)
apol_terule_query_set_bool(policy, teq, opt->bool_name);
- if (opt->default_name)
- apol_terule_query_set_default(policy, teq, opt->default_name);
if (opt->class_name) {
if (opt->class_vector == NULL) {
if (apol_terule_query_append_class(policy, teq, opt->class_name)) {
@@ -499,14 +491,12 @@ static void print_syn_te_results(const apol_policy_t * policy, const options_t *
tmp = apol_cond_expr_render(policy, cond);
enable_char = (enabled ? 'E' : 'D');
branch_char = ((is_true && enabled) || (!is_true && !enabled) ? 'T' : 'F');
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
- expr = NULL;
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
goto cleanup;
- }
free(tmp);
tmp = NULL;
if (!expr)
- goto cleanup;
+ break;
}
}
if (!(rule_str = apol_syn_terule_render(policy, rule)))
@@ -567,10 +557,8 @@ static void print_te_results(const apol_policy_t * policy, const options_t * opt
qpol_iterator_destroy(&iter);
enable_char = (enabled ? 'E' : 'D');
branch_char = (list ? 'T' : 'F');
- if (asprintf(&expr, "[ %s ]", tmp) < 0) {
- expr = NULL;
+ if (asprintf(&expr, "[ %s ]", tmp) < 0)
goto cleanup;
- }
free(tmp);
tmp = NULL;
if (!expr)
@@ -629,7 +617,6 @@ static int perform_ft_query(const apol_policy_t * policy, const options_t * opt,
goto err;
}
}
-
if (opt->default_name) {
if (apol_filename_trans_query_set_default(policy, ftq, opt->default_name)) {
error = errno;
@@ -677,13 +664,12 @@ static void print_ft_results(const apol_policy_t * policy, const options_t * opt
{
size_t i, num_filename_trans = 0;
const qpol_filename_trans_t *filename_trans = NULL;
- char *filename_trans_str = NULL;
- qpol_iterator_t *iter = NULL;
+ char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
if (!(num_filename_trans = apol_vector_get_size(v)))
goto cleanup;
- fprintf(stdout, "Found %zd named file transition rules:\n", num_filename_trans);
+ fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
for (i = 0; i < num_filename_trans; i++) {
if (!(filename_trans = apol_vector_get_element(v, i)))
@@ -691,13 +677,17 @@ static void print_ft_results(const apol_policy_t * policy, const options_t * opt
if (!(filename_trans_str = apol_filename_trans_render(policy, filename_trans)))
goto cleanup;
- fprintf(stdout, "%s\n", filename_trans_str);
+ fprintf(stdout, "%s %s\n", filename_trans_str, expr ? expr : "");
free(filename_trans_str);
filename_trans_str = NULL;
+ free(expr);
+ expr = NULL;
}
cleanup:
+ free(tmp);
free(filename_trans_str);
+ free(expr);
}
static int perform_ra_query(const apol_policy_t * policy, const options_t * opt, apol_vector_t ** v)
@@ -814,13 +804,6 @@ static int perform_rt_query(const apol_policy_t * policy, const options_t * opt,
}
}
- if (opt->default_name) {
- if (apol_role_trans_query_set_default(policy, rtq, opt->default_name)) {
- error = errno;
- goto err;
- }
- }
-
if (apol_role_trans_get_by_query(policy, rtq, v)) {
error = errno;
goto err;
@@ -973,7 +956,7 @@ int main(int argc, char **argv)
memset(&cmd_opts, 0, sizeof(cmd_opts));
cmd_opts.indirect = true;
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dDRnSChV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
@@ -1001,18 +984,6 @@ int main(int argc, char **argv)
exit(1);
}
break;
- case 'D': /* default */
- if (optarg == 0) {
- usage(argv[0], 1);
- printf("Missing default type for -D (--default)\n");
- exit(1);
- }
- cmd_opts.default_name = strdup(optarg);
- if (!cmd_opts.default_name) {
-
- exit(1);
- }
- break;
case EXPR_ROLE_SOURCE:
if (optarg == 0) {
usage(argv[0], 1);
@@ -1093,7 +1064,7 @@ int main(int argc, char **argv)
case RULE_AUDITALLOW:
cmd_opts.auditallow = true;
break;
- case RULE_DONTAUDIT:
+ case 'D':
cmd_opts.dontaudit = true;
break;
case 'T': /* type */
@@ -1273,12 +1244,13 @@ int main(int argc, char **argv)
fprintf(stdout, "\n");
}
- apol_vector_destroy(&v);
- if (perform_ft_query(policy, &cmd_opts, &v)) {
- rt = 1;
- goto cleanup;
- }
- if (v) {
+ if (cmd_opts.all || cmd_opts.type) {
+ apol_vector_destroy(&v);
+ if (perform_ft_query(policy, &cmd_opts, &v)) {
+ rt = 1;
+ goto cleanup;
+ }
+
print_ft_results(policy, &cmd_opts, v);
fprintf(stdout, "\n");
}
@@ -1317,7 +1289,6 @@ int main(int argc, char **argv)
apol_policy_path_destroy(&pol_path);
free(cmd_opts.src_name);
free(cmd_opts.tgt_name);
- free(cmd_opts.default_name);
free(cmd_opts.class_name);
free(cmd_opts.permlist);
free(cmd_opts.bool_name);
--
1.8.5.3

583
0009-Fix-swig-coding-style-for-structures.patch
View File

@ -1,583 +0,0 @@
#diff -Nur old_setools/libqpol/swig/qpol.i setools-3.3.7/libqpol/swig/qpol.i
diff -Nur setools-3.3.7/libqpol/swig/qpol.i.current setools-3.3.7/libqpol/swig/qpol.i
--- old_setools/libqpol/swig/qpol.i 2010-04-30 18:23:28.000000000 +0200
+++ setools-3.3.7/libqpol/swig/qpol.i 2012-07-03 19:20:45.383016553 +0200
@@ -228,7 +228,7 @@
#define QPOL_MODULE_OTHER 2
typedef struct qpol_module {} qpol_module_t;
%extend qpol_module_t {
- qpol_module_t(const char *path) {
+ qpol_module(const char *path) {
qpol_module_t *m;
BEGIN_EXCEPTION
if (qpol_module_create_from_file(path, &m)) {
@@ -239,7 +239,7 @@
fail:
return NULL;
};
- ~qpol_module_t() {
+ ~qpol_module() {
qpol_module_destroy(&self);
};
const char *get_path() {
@@ -330,7 +330,7 @@
} qpol_capability_e;
%extend qpol_policy_t {
- qpol_policy_t(const char *path, const int options) {
+ qpol_policy(const char *path, const int options) {
qpol_policy_t *p;
BEGIN_EXCEPTION
if (qpol_policy_open_from_file(path, &p, qpol_swig_message_callback, qpol_swig_message_callback_arg, options) < 0) {
@@ -341,7 +341,7 @@
fail:
return NULL;
}
- ~qpol_policy_t() {
+ ~qpol_policy() {
qpol_policy_destroy(&self);
};
void reevaluate_conds() {
@@ -687,14 +687,14 @@
typedef struct qpol_iterator {} qpol_iterator_t;
%extend qpol_iterator_t {
/* user never directly creates, but SWIG expects a constructor */
- qpol_iterator_t() {
+ qpol_iterator() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_TypeError, "User may not create iterators difectly");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_iterator_t() {
+ ~qpol_iterator() {
qpol_iterator_destroy(&self);
};
void *get_item() {
@@ -736,7 +736,7 @@
/* qpol type */
typedef struct qpol_type {} qpol_type_t;
%extend qpol_type_t {
- qpol_type_t(qpol_policy_t *p, const char *name) {
+ qpol_type(qpol_policy_t *p, const char *name) {
BEGIN_EXCEPTION
const qpol_type_t *t;
if (qpol_policy_get_type_by_name(p, name, &t)) {
@@ -747,7 +747,7 @@
fail:
return NULL;
};
- ~qpol_type_t() {
+ ~qpol_type() {
/* no op */
return;
};
@@ -851,7 +851,7 @@
/* qpol role */
typedef struct qpol_role {} qpol_role_t;
%extend qpol_role_t {
- qpol_role_t(qpol_policy_t *p, const char *name) {
+ qpol_role(qpol_policy_t *p, const char *name) {
const qpol_role_t *r;
BEGIN_EXCEPTION
if (qpol_policy_get_role_by_name(p, name, &r)) {
@@ -862,7 +862,7 @@
fail:
return NULL;
};
- ~qpol_role_t() {
+ ~qpol_role() {
/* no op */
return;
};
@@ -919,7 +919,7 @@
/* qpol level */
typedef struct qpol_level {} qpol_level_t;
%extend qpol_level_t {
- qpol_level_t(qpol_policy_t *p, const char *name) {
+ qpol_level(qpol_policy_t *p, const char *name) {
const qpol_level_t *l;
BEGIN_EXCEPTION
if (qpol_policy_get_level_by_name(p, name, &l)) {
@@ -930,7 +930,7 @@
fail:
return NULL;
};
- ~qpol_level_t() {
+ ~qpol_level() {
/* no op */
return;
};
@@ -997,7 +997,7 @@
/* qpol cat */
typedef struct qpol_cat {} qpol_cat_t;
%extend qpol_cat_t {
- qpol_cat_t(qpol_policy_t *p, const char *name) {
+ qpol_cat(qpol_policy_t *p, const char *name) {
const qpol_cat_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_cat_by_name(p, name, &c)) {
@@ -1008,7 +1008,7 @@
fail:
return NULL;
};
- ~qpol_cat_t() {
+ ~qpol_cat() {
/* no op */
return;
};
@@ -1064,14 +1064,14 @@
/* qpol mls range */
typedef struct qpol_mls_range {} qpol_mls_range_t;
%extend qpol_mls_range_t {
- qpol_mls_range_t() {
+ qpol_mls_range() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_range_t objects");
END_EXCEPTION
fail:
return NULL;
}
- ~qpol_mls_range_t() {
+ ~qpol_mls_range() {
/* no op */
return;
};
@@ -1105,14 +1105,14 @@
/* qpol mls level */
typedef struct qpol_mls_level {} qpol_mls_level_t;
%extend qpol_mls_level_t {
- qpol_mls_level_t() {
+ qpol_mls_level() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_mls_level_t objects");
END_EXCEPTION
fail:
return NULL;
}
- ~qpol_mls_level_t() {
+ ~qpol_mls_level() {
/* no op */
return;
};
@@ -1147,7 +1147,7 @@
/* qpol user */
typedef struct qpol_user {} qpol_user_t;
%extend qpol_user_t {
- qpol_user_t(qpol_policy_t *p, const char *name) {
+ qpol_user(qpol_policy_t *p, const char *name) {
const qpol_user_t *u;
BEGIN_EXCEPTION
if (qpol_policy_get_user_by_name(p, name, &u)) {
@@ -1158,7 +1158,7 @@
fail:
return NULL;
};
- ~qpol_user_t() {
+ ~qpol_user() {
/* no op */
return;
};
@@ -1223,7 +1223,7 @@
/* qpol bool */
typedef struct qpol_bool {} qpol_bool_t;
%extend qpol_bool_t {
- qpol_bool_t(qpol_policy_t *p, const char *name) {
+ qpol_bool(qpol_policy_t *p, const char *name) {
qpol_bool_t *b;
BEGIN_EXCEPTION
if (qpol_policy_get_bool_by_name(p, name, &b)) {
@@ -1233,7 +1233,7 @@
fail:
return b;
};
- ~qpol_bool_t() {
+ ~qpol_bool() {
/* no op */
return;
};
@@ -1295,14 +1295,14 @@
/* qpol context */
typedef struct qpol_context {} qpol_context_t;
%extend qpol_context_t {
- qpol_context_t() {
+ qpol_context() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_context_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_context_t() {
+ ~qpol_context() {
/* no op */
return;
};
@@ -1356,7 +1356,7 @@
/* qpol class */
typedef struct qpol_class {} qpol_class_t;
%extend qpol_class_t {
- qpol_class_t(qpol_policy_t *p, const char *name) {
+ qpol_class(qpol_policy_t *p, const char *name) {
const qpol_class_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_class_by_name(p, name, &c)) {
@@ -1366,7 +1366,7 @@
fail:
return (qpol_class_t*)c;
};
- ~qpol_class_t() {
+ ~qpol_class() {
/* no op */
return;
};
@@ -1443,7 +1443,7 @@
/* qpol common */
typedef struct qpol_common {} qpol_common_t;
%extend qpol_common_t {
- qpol_common_t(qpol_policy_t *p, const char *name) {
+ qpol_common(qpol_policy_t *p, const char *name) {
const qpol_common_t *c;
BEGIN_EXCEPTION
if (qpol_policy_get_common_by_name(p, name, &c)) {
@@ -1453,7 +1453,7 @@
fail:
return (qpol_common_t*)c;
};
- ~qpol_common_t() {
+ ~qpol_common() {
/* no op */
return;
};
@@ -1515,7 +1515,7 @@
#define QPOL_FS_USE_PSID 6U
#endif
typedef struct qpol_fs_use {} qpol_fs_use_t;
-%extend qpol_fs_use_t {
+%extend qpol_fs_use {
qpol_fs_use_t(qpol_policy_t *p, const char *name) {
const qpol_fs_use_t *f;
BEGIN_EXCEPTION
@@ -1526,7 +1526,7 @@
fail:
return (qpol_fs_use_t*)f;
};
- ~qpol_fs_use_t() {
+ ~qpol_fs_use() {
/* no op */
return;
};
@@ -1594,7 +1594,7 @@
#endif
typedef struct qpol_genfscon {} qpol_genfscon_t;
%extend qpol_genfscon_t {
- qpol_genfscon_t(qpol_policy_t *p, const char *name, const char *path) {
+ qpol_genfscon(qpol_policy_t *p, const char *name, const char *path) {
qpol_genfscon_t *g;
BEGIN_EXCEPTION
if (qpol_policy_get_genfscon_by_name(p, name, path, &g)) {
@@ -1604,7 +1604,7 @@
fail:
return g;
};
- ~qpol_genfscon_t() {
+ ~qpol_genfscon() {
free(self);
};
const char *get_name(qpol_policy_t *p) {
@@ -1656,7 +1656,7 @@
/* qpol isid */
typedef struct qpol_isid {} qpol_isid_t;
-%extend qpol_isid_t {
+%extend qpol_isid {
qpol_isid_t(qpol_policy_t *p, const char *name) {
const qpol_isid_t *i;
BEGIN_EXCEPTION
@@ -1667,7 +1667,7 @@
fail:
return (qpol_isid_t*)i;
};
- ~qpol_isid_t() {
+ ~qpol_isid() {
/* no op */
return;
};
@@ -1701,7 +1701,7 @@
/* qpol netifcon */
typedef struct qpol_netifcon {} qpol_netifcon_t;
%extend qpol_netifcon_t {
- qpol_netifcon_t(qpol_policy_t *p, const char *name) {
+ qpol_netifcon(qpol_policy_t *p, const char *name) {
const qpol_netifcon_t *n;
BEGIN_EXCEPTION
if (qpol_policy_get_netifcon_by_name(p, name, &n)) {
@@ -1711,7 +1711,7 @@
fail:
return (qpol_netifcon_t*)n;
};
- ~qpol_netifcon_t() {
+ ~qpol_netifcon() {
/* no op */
return;
};
@@ -1757,7 +1757,7 @@
#define QPOL_IPV6 1
typedef struct qpol_nodecon {} qpol_nodecon_t;
%extend qpol_nodecon_t {
- qpol_nodecon_t(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
+ qpol_nodecon(qpol_policy_t *p, int addr[4], int mask[4], int protocol) {
uint32_t a[4], m[4];
qpol_nodecon_t *n;
BEGIN_EXCEPTION
@@ -1772,7 +1772,7 @@
fail:
return n;
}
- ~qpol_nodecon_t() {
+ ~qpol_nodecon() {
free(self);
};
uint32_t *get_addr(qpol_policy_t *p) {
@@ -1830,7 +1830,7 @@
#define IPPROTO_UDP 17
typedef struct qpol_portcon {} qpol_portcon_t;
%extend qpol_portcon_t {
- qpol_portcon_t(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
+ qpol_portcon(qpol_policy_t *p, uint16_t low, uint16_t high, uint8_t protocol) {
const qpol_portcon_t *qp;
BEGIN_EXCEPTION
if (qpol_policy_get_portcon_by_port(p, low, high, protocol, &qp)) {
@@ -1840,7 +1840,7 @@
fail:
return (qpol_portcon_t*)qp;
};
- ~qpol_portcon_t() {
+ ~qpol_portcon() {
/* no op */
return;
};
@@ -1893,7 +1893,7 @@
/* qpol constraint */
typedef struct qpol_constraint {} qpol_constraint_t;
-%extend qpol_constraint_t {
+%extend qpol_constraint {
qpol_constraint_t() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_t objects");
@@ -1901,7 +1901,7 @@
fail:
return NULL;
};
- ~qpol_constraint_t() {
+ ~qpol_constraint() {
free(self);
};
const qpol_class_t *get_class(qpol_policy_t *p) {
@@ -1945,7 +1945,7 @@
/* qpol validatetrans */
typedef struct qpol_validatetrans {} qpol_validatetrans_t;
-%extend qpol_validatetrans_t {
+%extend qpol_validatetrans {
qpol_validatetrans_t() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_validatetrans_t objects");
@@ -1953,7 +1953,7 @@
fail:
return NULL;
};
- ~qpol_validatetrans_t() {
+ ~qpol_validatetrans() {
free(self);
};
const qpol_class_t *get_class(qpol_policy_t *p) {
@@ -2011,14 +2011,14 @@
#define QPOL_CEXPR_OP_INCOMP 5
typedef struct qpol_constraint_expr_node {} qpol_constraint_expr_node_t;
%extend qpol_constraint_expr_node_t {
- qpol_constraint_expr_node_t() {
+ qpol_constraint_expr_node() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_constraint_expr_node_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_constraint_expr_node_t() {
+ ~qpol_constraint_expr_node() {
/* no op */
return;
};
@@ -2073,14 +2073,14 @@
/* qpol role allow */
typedef struct qpol_role_allow {} qpol_role_allow_t;
%extend qpol_role_allow_t {
- qpol_role_allow_t() {
+ qpol_role_allow() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_allow_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_role_allow_t() {
+ ~qpol_role_allow() {
/* no op */
return;
};
@@ -2114,14 +2114,14 @@
/* qpol role trans */
typedef struct qpol_role_trans {} qpol_role_trans_t;
%extend qpol_role_trans_t {
- qpol_role_trans_t() {
+ qpol_role_trans() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_role_trans_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_role_trans_t() {
+ ~qpol_role_trans() {
/* no op */
return;
};
@@ -2165,14 +2165,14 @@
/* qpol range trans */
typedef struct qpol_range_trans {} qpol_range_trans_t;
%extend qpol_range_trans_t {
- qpol_range_trans_t() {
+ qpol_range_trans() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_range_trans_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_range_trans_t() {
+ ~qpol_range_trans() {
/* no op */
return;
};
@@ -2228,14 +2228,14 @@
#define QPOL_RULE_DONTAUDIT 4
typedef struct qpol_avrule {} qpol_avrule_t;
%extend qpol_avrule_t {
- qpol_avrule_t() {
+ qpol_avrule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_avrule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_avrule_t() {
+ ~qpol_avrule() {
/* no op */
return;
};
@@ -2348,14 +2348,14 @@
#define QPOL_RULE_TYPE_MEMBER 32
typedef struct qpol_terule {} qpol_terule_t;
%extend qpol_terule_t {
- qpol_terule_t() {
+ qpol_terule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_terule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_terule_t() {
+ ~qpol_terule() {
/* no op */
return;
};
@@ -2464,14 +2464,14 @@
/* qpol conditional */
typedef struct qpol_cond {} qpol_cond_t;
%extend qpol_cond_t {
- qpol_cond_t() {
+ qpol_cond() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_cond_t() {
+ ~qpol_cond() {
/* no op */
return;
};
@@ -2557,14 +2557,14 @@
#define QPOL_COND_EXPR_NEQ 7 /* bool != bool */
typedef struct qpol_cond_expr_node {} qpol_cond_expr_node_t;
%extend qpol_cond_expr_node_t {
- qpol_cond_expr_node_t() {
+ qpol_cond_expr_node() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_cond_expr_node_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_cond_expr_node_t() {
+ ~qpol_cond_expr_node() {
/* no op */
return;
};
@@ -2602,14 +2602,14 @@
/* qpol type set */
typedef struct qpol_type_set {} qpol_type_set_t;
%extend qpol_type_set_t {
- qpol_type_set_t() {
+ qpol_type_set() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_type_set_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_type_set_t() {
+ ~qpol_type_set() {
/* no op */
return;
};
@@ -2665,14 +2665,14 @@
/* qpol syn av rule */
typedef struct qpol_syn_avrule {} qpol_syn_avrule_t;
%extend qpol_syn_avrule_t {
- qpol_syn_avrule_t() {
+ qpol_syn_avrule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_avrule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_syn_avrule_t() {
+ ~qpol_syn_avrule() {
/* no op */
return;
};
@@ -2778,14 +2778,14 @@
/* qpol syn te rule */
typedef struct qpol_syn_terule {} qpol_syn_terule_t;
%extend qpol_syn_terule_t {
- qpol_syn_terule_t() {
+ qpol_syn_terule() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create qpol_syn_terule_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~qpol_syn_terule_t() {
+ ~qpol_syn_terule() {
/* no op */
return;
};

964
0010-Apply-swig-patch-to-make-apol-work-again.patch
View File

@ -1,964 +0,0 @@
From 5d1423e1473bbbcbdd7bba8a57ed7542d1abb285 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 11:13:30 +0200
Subject: [PATCH 10/11] Apply swig patch to make apol work again
---
libapol/swig/apol.i | 218 ++++++++++++++++++++++++++--------------------------
1 file changed, 109 insertions(+), 109 deletions(-)
diff --git a/libapol/swig/apol.i b/libapol/swig/apol.i
index ae1262d..2e9fc55 100644
--- a/libapol/swig/apol.i
+++ b/libapol/swig/apol.i
@@ -256,7 +256,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
}
%}
%extend apol_ip_t {
- apol_ip_t(const char *str) {
+ apol_ip(const char *str) {
apol_ip_t *ip = NULL;
BEGIN_EXCEPTION
ip = calloc(1, sizeof(*ip));
@@ -274,7 +274,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
fail:
return ip;
};
- ~apol_ip_t() {
+ ~apol_ip() {
free(self);
};
int get_protocol() {
@@ -303,16 +303,16 @@ char *apol_file_find_path(const char *file_name);
%}
typedef struct apol_vector {} apol_vector_t;
%extend apol_vector_t {
- apol_vector_t() {
+ apol_vector() {
return apol_vector_create(NULL);
};
- apol_vector_t(qpol_iterator_t *iter) {
+ apol_vector(qpol_iterator_t *iter) {
return apol_vector_create_from_iter(iter, NULL);
};
- apol_vector_t(apol_vector_t *v) {
+ apol_vector(apol_vector_t *v) {
return apol_vector_create_from_vector(v, NULL, NULL, NULL);
};
- apol_vector_t(apol_vector_t *a, apol_vector_t *b) {
+ apol_vector(apol_vector_t *a, apol_vector_t *b) {
return apol_vector_create_from_intersection(a, b, NULL, NULL);
};
size_t get_size() {
@@ -324,7 +324,7 @@ typedef struct apol_vector {} apol_vector_t;
void *get_element(size_t i) {
return apol_vector_get_element(self, i);
};
- ~apol_vector_t() {
+ ~apol_vector() {
apol_vector_destroy(&self);
};
void append(void *x) {
@@ -379,13 +379,13 @@ typedef struct apol_vector {} apol_vector_t;
%}
typedef struct apol_string_vector {} apol_string_vector_t;
%extend apol_string_vector_t {
- apol_string_vector_t() {
+ apol_string_vector() {
return (apol_string_vector_t*)apol_vector_create(free);
};
- apol_string_vector_t(apol_string_vector_t *v) {
+ apol_string_vector(apol_string_vector_t *v) {
return (apol_string_vector_t*)apol_vector_create_from_vector((apol_vector_t*)v, apol_str_strdup, NULL, free);
};
- apol_string_vector_t(apol_string_vector_t *a, apol_string_vector_t *b) {
+ apol_string_vector(apol_string_vector_t *a, apol_string_vector_t *b) {
return (apol_string_vector_t*)apol_vector_create_from_intersection((apol_vector_t*)a, (apol_vector_t*)b, apol_str_strcmp, NULL);
};
size_t get_size() {
@@ -397,7 +397,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
char *get_element(size_t i) {
return (char*)apol_vector_get_element((apol_vector_t*)self, i);
};
- ~apol_string_vector_t() {
+ ~apol_string_vector() {
apol_vector_destroy((apol_vector_t**)&self);
};
size_t get_index(char *str) {
@@ -462,7 +462,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
} apol_policy_path_type_e;
typedef struct apol_policy_path {} apol_policy_path_t;
%extend apol_policy_path_t {
- apol_policy_path_t(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
+ apol_policy_path(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create(type, primary, (apol_vector_t*)modules)) == NULL) {
@@ -472,7 +472,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(char *path) {
+ apol_policy_path(char *path) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_file(path)) == NULL) {
@@ -482,7 +482,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(char *str, int unused) {
+ apol_policy_path(char *str, int unused) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_string(str)) == NULL) {
@@ -492,7 +492,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(apol_policy_path_t *in) {
+ apol_policy_path(apol_policy_path_t *in) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_policy_path(in)) == NULL) {
@@ -502,7 +502,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- ~apol_policy_path_t() {
+ ~apol_policy_path() {
apol_policy_path_destroy(&self);
};
apol_policy_path_type_e get_type() {
@@ -549,7 +549,7 @@ typedef struct apol_policy {} apol_policy_t;
#define APOL_PERMMAP_BOTH (APOL_PERMMAP_READ | APOL_PERMMAP_WRITE)
#define APOL_PERMMAP_NONE 0x10
%extend apol_policy_t {
- apol_policy_t(apol_policy_path_t *path, int options = 0) {
+ apol_policy(apol_policy_path_t *path, int options = 0) {
apol_policy_t *p;
BEGIN_EXCEPTION
p = apol_policy_create_from_policy_path(path, options, apol_swig_message_callback, apol_swig_message_callback_arg);
@@ -564,7 +564,7 @@ typedef struct apol_policy {} apol_policy_t;
fail:
return p;
};
- ~apol_policy_t() {
+ ~apol_policy() {
apol_policy_destroy(&self);
};
int get_policy_type() {
@@ -652,7 +652,7 @@ typedef struct apol_policy {} apol_policy_t;
/* apol type query */
typedef struct apol_type_query {} apol_type_query_t;
%extend apol_type_query_t {
- apol_type_query_t() {
+ apol_type_query() {
apol_type_query_t *tq;
BEGIN_EXCEPTION
tq = apol_type_query_create();
@@ -663,7 +663,7 @@ typedef struct apol_type_query {} apol_type_query_t;
fail:
return tq;
};
- ~apol_type_query_t() {
+ ~apol_type_query() {
apol_type_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -694,7 +694,7 @@ typedef struct apol_type_query {} apol_type_query_t;
/* apol attribute query */
typedef struct apol_attr_query {} apol_attr_query_t;
%extend apol_attr_query_t {
- apol_attr_query_t() {
+ apol_attr_query() {
apol_attr_query_t *aq;
BEGIN_EXCEPTION
aq = apol_attr_query_create();
@@ -705,7 +705,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
fail:
return aq;
};
- ~apol_attr_query_t() {
+ ~apol_attr_query() {
apol_attr_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -736,7 +736,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
/* apol role query */
typedef struct apol_role_query {} apol_role_query_t;
%extend apol_role_query_t {
- apol_role_query_t() {
+ apol_role_query() {
apol_role_query_t *rq;
BEGIN_EXCEPTION
rq = apol_role_query_create();
@@ -747,7 +747,7 @@ typedef struct apol_role_query {} apol_role_query_t;
fail:
return rq;
};
- ~apol_role_query_t() {
+ ~apol_role_query() {
apol_role_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -788,7 +788,7 @@ int apol_role_has_type(apol_policy_t * p, qpol_role_t * r, qpol_type_t * t);
/* apol class query */
typedef struct apol_class_query {} apol_class_query_t;
%extend apol_class_query_t {
- apol_class_query_t() {
+ apol_class_query() {
apol_class_query_t *cq;
BEGIN_EXCEPTION
cq = apol_class_query_create();
@@ -799,7 +799,7 @@ typedef struct apol_class_query {} apol_class_query_t;
fail:
return cq;
};
- ~apol_class_query_t() {
+ ~apol_class_query() {
apol_class_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -839,7 +839,7 @@ typedef struct apol_class_query {} apol_class_query_t;
/* apol common query */
typedef struct apol_common_query {} apol_common_query_t;
%extend apol_common_query_t {
- apol_common_query_t() {
+ apol_common_query() {
apol_common_query_t *cq;
BEGIN_EXCEPTION
cq = apol_common_query_create();
@@ -850,7 +850,7 @@ typedef struct apol_common_query {} apol_common_query_t;
fail:
return cq;
};
- ~apol_common_query_t() {
+ ~apol_common_query() {
apol_common_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -881,7 +881,7 @@ typedef struct apol_common_query {} apol_common_query_t;
/* apol perm query */
typedef struct apol_perm_query {} apol_perm_query_t;
%extend apol_perm_query_t {
- apol_perm_query_t() {
+ apol_perm_query() {
apol_perm_query_t *pq;
BEGIN_EXCEPTION
pq = apol_perm_query_create();
@@ -892,7 +892,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
fail:
return pq;
};
- ~apol_perm_query_t() {
+ ~apol_perm_query() {
apol_perm_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -923,7 +923,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
/* apol bool query */
typedef struct apol_bool_query {} apol_bool_query_t;
%extend apol_bool_query_t {
- apol_bool_query_t() {
+ apol_bool_query() {
apol_bool_query_t *bq;
BEGIN_EXCEPTION
bq = apol_bool_query_create();
@@ -934,7 +934,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
fail:
return bq;
};
- ~apol_bool_query_t() {
+ ~apol_bool_query() {
apol_bool_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -965,7 +965,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
/* apol mls level */
typedef struct apol_mls_level {} apol_mls_level_t;
%extend apol_mls_level_t {
- apol_mls_level_t() {
+ apol_mls_level() {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create();
@@ -976,7 +976,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_mls_level_t *in) {
+ apol_mls_level(apol_mls_level_t *in) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_mls_level(in);
@@ -987,7 +987,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, const char *str) {
+ apol_mls_level(apol_policy_t *p, const char *str) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_string(p, str);
@@ -998,7 +998,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(const char *str) {
+ apol_mls_level(const char *str) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_literal(str);
@@ -1009,7 +1009,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, qpol_mls_level_t *qml) {
+ apol_mls_level(apol_policy_t *p, qpol_mls_level_t *qml) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_qpol_mls_level(p, qml);
@@ -1020,7 +1020,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, qpol_level_t *ql) {
+ apol_mls_level(apol_policy_t *p, qpol_level_t *ql) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_qpol_level_datum(p, ql);
@@ -1031,7 +1031,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- ~apol_mls_level_t() {
+ ~apol_mls_level() {
apol_mls_level_destroy(&self);
};
void set_sens(apol_policy_t *p, char *sens) {
@@ -1128,7 +1128,7 @@ int apol_mls_cats_compare(apol_policy_t * p, const char *cat1, const char *cat2)
#endif
typedef struct apol_mls_range {} apol_mls_range_t;
%extend apol_mls_range_t {
- apol_mls_range_t() {
+ apol_mls_range() {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create();
@@ -1139,7 +1139,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_mls_range_t *in) {
+ apol_mls_range(apol_mls_range_t *in) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_mls_range(in);
@@ -1150,7 +1150,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_policy_t *p, const char *s) {
+ apol_mls_range(apol_policy_t *p, const char *s) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_string(p, s);
@@ -1161,7 +1161,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(const char *s) {
+ apol_mls_range(const char *s) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_literal(s);
@@ -1172,7 +1172,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_policy_t *p, qpol_mls_range_t *in) {
+ apol_mls_range(apol_policy_t *p, qpol_mls_range_t *in) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_qpol_mls_range(p, in);
@@ -1183,7 +1183,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- ~apol_mls_range_t() {
+ ~apol_mls_range() {
apol_mls_range_destroy(&self);
};
void set_low(apol_policy_t *p, apol_mls_level_t *lvl) {
@@ -1278,7 +1278,7 @@ int apol_mls_range_contain_subrange(apol_policy_t * p, const apol_mls_range_t *
/* apol level query */
typedef struct apol_level_query {} apol_level_query_t;
%extend apol_level_query_t {
- apol_level_query_t() {
+ apol_level_query() {
apol_level_query_t * alq;
BEGIN_EXCEPTION
alq = apol_level_query_create();
@@ -1289,7 +1289,7 @@ typedef struct apol_level_query {} apol_level_query_t;
fail:
return alq;
};
- ~apol_level_query_t() {
+ ~apol_level_query() {
apol_level_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1329,7 +1329,7 @@ typedef struct apol_level_query {} apol_level_query_t;
/* apol cat query */
typedef struct apol_cat_query {} apol_cat_query_t;
%extend apol_cat_query_t {
- apol_cat_query_t() {
+ apol_cat_query() {
apol_cat_query_t * acq;
BEGIN_EXCEPTION
acq = apol_cat_query_create();
@@ -1340,7 +1340,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
fail:
return acq;
};
- ~apol_cat_query_t() {
+ ~apol_cat_query() {
apol_cat_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -1379,7 +1379,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
#endif
typedef struct apol_user_query {} apol_user_query_t;
%extend apol_user_query_t {
- apol_user_query_t() {
+ apol_user_query() {
apol_user_query_t *auq;
BEGIN_EXCEPTION
auq = apol_user_query_create();
@@ -1390,7 +1390,7 @@ typedef struct apol_user_query {} apol_user_query_t;
fail:
return auq;
};
- ~apol_user_query_t() {
+ ~apol_user_query() {
apol_user_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1448,7 +1448,7 @@ typedef struct apol_user_query {} apol_user_query_t;
/* apol context */
typedef struct apol_context {} apol_context_t;
%extend apol_context_t {
- apol_context_t() {
+ apol_context() {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create();
@@ -1459,7 +1459,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- apol_context_t(apol_policy_t *p, qpol_context_t *in) {
+ apol_context(apol_policy_t *p, qpol_context_t *in) {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create_from_qpol_context(p, in);
@@ -1470,7 +1470,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- apol_context_t(const char *str) {
+ apol_context(const char *str) {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create_from_literal(str);
@@ -1481,7 +1481,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- ~apol_context_t() {
+ ~apol_context() {
apol_context_destroy(&self);
};
void set_user(apol_policy_t *p, char *name) {
@@ -1583,7 +1583,7 @@ int apol_context_compare(apol_policy_t * p, apol_context_t * target, apol_contex
/* apol constraint query */
typedef struct apol_constraint_query {} apol_constraint_query_t;
%extend apol_constraint_query_t {
- apol_constraint_query_t() {
+ apol_constraint_query() {
apol_constraint_query_t *acq;
BEGIN_EXCEPTION
acq = apol_constraint_query_create();
@@ -1594,7 +1594,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
fail:
return acq;
};
- ~apol_constraint_query_t() {
+ ~apol_constraint_query() {
apol_constraint_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1634,7 +1634,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
/* apol validatetrans query */
typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
%extend apol_validatetrans_query_t {
- apol_validatetrans_query_t() {
+ apol_validatetrans_query() {
apol_validatetrans_query_t *avq;
BEGIN_EXCEPTION
avq = apol_validatetrans_query_create();
@@ -1645,7 +1645,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
fail:
return avq;
};
- ~apol_validatetrans_query_t() {
+ ~apol_validatetrans_query() {
apol_validatetrans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1684,7 +1684,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
#endif
typedef struct apol_genfscon_query {} apol_genfscon_query_t;
%extend apol_genfscon_query_t {
- apol_genfscon_query_t() {
+ apol_genfscon_query() {
apol_genfscon_query_t *agq;
BEGIN_EXCEPTION
agq = apol_genfscon_query_create();
@@ -1695,7 +1695,7 @@ typedef struct apol_genfscon_query {} apol_genfscon_query_t;
fail:
return agq;
};
- ~apol_genfscon_query_t() {
+ ~apol_genfscon_query() {
apol_genfscon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1746,7 +1746,7 @@ char *apol_genfscon_render(apol_policy_t * p, qpol_genfscon_t * genfscon);
/* apol fs_use query */
typedef struct apol_fs_use_query {} apol_fs_use_query_t;
%extend apol_fs_use_query_t {
- apol_fs_use_query_t() {
+ apol_fs_use_query() {
apol_fs_use_query_t *afq;
BEGIN_EXCEPTION
afq = apol_fs_use_query_create();
@@ -1757,7 +1757,7 @@ typedef struct apol_fs_use_query {} apol_fs_use_query_t;
fail:
return afq;
};
- ~apol_fs_use_query_t() {
+ ~apol_fs_use_query() {
apol_fs_use_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1799,7 +1799,7 @@ char *apol_fs_use_render(apol_policy_t * p, qpol_fs_use_t * fsuse);
/* apol initial sid query */
typedef struct apol_isid_query {} apol_isid_query_t;
%extend apol_isid_query_t {
- apol_isid_query_t() {
+ apol_isid_query() {
apol_isid_query_t *aiq;
BEGIN_EXCEPTION
aiq = apol_isid_query_create();
@@ -1810,7 +1810,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
fail:
return aiq;
};
- ~apol_isid_query_t() {
+ ~apol_isid_query() {
apol_isid_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1841,7 +1841,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
/* apol portcon query */
typedef struct apol_portcon_query {} apol_portcon_query_t;
%extend apol_portcon_query_t {
- apol_portcon_query_t() {
+ apol_portcon_query() {
apol_portcon_query_t *apq;
BEGIN_EXCEPTION
apq = apol_portcon_query_create();
@@ -1852,7 +1852,7 @@ typedef struct apol_portcon_query {} apol_portcon_query_t;
fail:
return apq;
};
- ~apol_portcon_query_t() {
+ ~apol_portcon_query() {
apol_portcon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1885,7 +1885,7 @@ char *apol_portcon_render(apol_policy_t * p, qpol_portcon_t * portcon);
/* apol netifcon query */
typedef struct apol_netifcon_query {} apol_netifcon_query_t;
%extend apol_netifcon_query_t {
- apol_netifcon_query_t() {
+ apol_netifcon_query() {
apol_netifcon_query_t *anq;
BEGIN_EXCEPTION
anq = apol_netifcon_query_create();
@@ -1896,7 +1896,7 @@ typedef struct apol_netifcon_query {} apol_netifcon_query_t;
fail:
return anq;
};
- ~apol_netifcon_query_t() {
+ ~apol_netifcon_query() {
apol_netifcon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1932,7 +1932,7 @@ char *apol_netifcon_render(apol_policy_t * p, qpol_netifcon_t * netifcon);
/* apol nodecon query */
typedef struct apol_nodecon_query {} apol_nodecon_query_t;
%extend apol_nodecon_query_t {
- apol_nodecon_query_t() {
+ apol_nodecon_query() {
apol_nodecon_query_t *anq;
BEGIN_EXCEPTION
anq = apol_nodecon_query_create();
@@ -1943,7 +1943,7 @@ typedef struct apol_nodecon_query {} apol_nodecon_query_t;
fail:
return anq;
};
- ~apol_nodecon_query_t() {
+ ~apol_nodecon_query() {
apol_nodecon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2012,7 +2012,7 @@ char *apol_nodecon_render(apol_policy_t * p, qpol_nodecon_t * nodecon);
/* apol avrule query */
typedef struct apol_avrule_query {} apol_avrule_query_t;
%extend apol_avrule_query_t {
- apol_avrule_query_t() {
+ apol_avrule_query() {
apol_avrule_query_t *avq;
BEGIN_EXCEPTION
avq = apol_avrule_query_create();
@@ -2023,7 +2023,7 @@ typedef struct apol_avrule_query {} apol_avrule_query_t;
fail:
return avq;
};
- ~apol_avrule_query_t() {
+ ~apol_avrule_query() {
apol_avrule_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2163,7 +2163,7 @@ char *apol_syn_avrule_render(apol_policy_t * policy, qpol_syn_avrule_t * rule);
/* apol terule query */
typedef struct apol_terule_query {} apol_terule_query_t;
%extend apol_terule_query_t {
- apol_terule_query_t() {
+ apol_terule_query() {
apol_terule_query_t *atq;
BEGIN_EXCEPTION
atq = apol_terule_query_create();
@@ -2174,7 +2174,7 @@ typedef struct apol_terule_query {} apol_terule_query_t;
fail:
return atq;
};
- ~apol_terule_query_t() {
+ ~apol_terule_query() {
apol_terule_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2287,7 +2287,7 @@ apol_vector_t *apol_terule_list_to_syn_terules(apol_policy_t * p, apol_vector_t
/* apol cond rule query */
typedef struct apol_cond_query {} apol_cond_query_t;
%extend apol_cond_query_t {
- apol_cond_query_t() {
+ apol_cond_query() {
apol_cond_query_t *acq;
BEGIN_EXCEPTION
acq = apol_cond_query_create();
@@ -2298,7 +2298,7 @@ typedef struct apol_cond_query {} apol_cond_query_t;
fail:
return acq;
};
- ~apol_cond_query_t() {
+ ~apol_cond_query() {
apol_cond_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2331,7 +2331,7 @@ char *apol_cond_expr_render(apol_policy_t * p, qpol_cond_t * cond);
/* apol role allow query */
typedef struct apol_role_allow_query {} apol_role_allow_query_t;
%extend apol_role_allow_query_t {
- apol_role_allow_query_t() {
+ apol_role_allow_query() {
apol_role_allow_query_t *arq;
BEGIN_EXCEPTION
arq = apol_role_allow_query_create();
@@ -2342,7 +2342,7 @@ typedef struct apol_role_allow_query {} apol_role_allow_query_t;
fail:
return arq;
};
- ~apol_role_allow_query_t() {
+ ~apol_role_allow_query() {
apol_role_allow_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2387,7 +2387,7 @@ char *apol_role_allow_render(apol_policy_t * policy, qpol_role_allow_t * rule);
/* apol role transition rule query */
typedef struct apol_role_trans_query {} apol_role_trans_query_t;
%extend apol_role_trans_query_t {
- apol_role_trans_query_t() {
+ apol_role_trans_query() {
apol_role_trans_query_t *arq;
BEGIN_EXCEPTION
arq = apol_role_trans_query_create();
@@ -2398,7 +2398,7 @@ typedef struct apol_role_trans_query {} apol_role_trans_query_t;
fail:
return arq;
};
- ~apol_role_trans_query_t() {
+ ~apol_role_trans_query() {
apol_role_trans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2452,7 +2452,7 @@ char *apol_role_trans_render(apol_policy_t * policy, qpol_role_trans_t * rule);
/* apol range transition rule query */
typedef struct apol_range_trans_query {} apol_range_trans_query_t;
%extend apol_range_trans_query_t {
- apol_range_trans_query_t() {
+ apol_range_trans_query() {
apol_range_trans_query_t *arq;
BEGIN_EXCEPTION
arq = apol_range_trans_query_create();
@@ -2463,7 +2463,7 @@ typedef struct apol_range_trans_query {} apol_range_trans_query_t;
fail:
return arq;
};
- ~apol_range_trans_query_t() {
+ ~apol_range_trans_query() {
apol_range_trans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2531,7 +2531,7 @@ char *apol_range_trans_render(apol_policy_t * policy, qpol_range_trans_t * rule)
#define APOL_DOMAIN_TRANS_SEARCH_BOTH (APOL_DOMAIN_TRANS_SEARCH_VALID|APOL_DOMAIN_TRANS_SEARCH_INVALID)
typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
%extend apol_domain_trans_analysis_t {
- apol_domain_trans_analysis_t() {
+ apol_domain_trans_analysis() {
apol_domain_trans_analysis_t *dta;
BEGIN_EXCEPTION
dta = apol_domain_trans_analysis_create();
@@ -2542,7 +2542,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
fail:
return dta;
};
- ~apol_domain_trans_analysis_t() {
+ ~apol_domain_trans_analysis() {
apol_domain_trans_analysis_destroy(&self);
};
void set_direction(apol_policy_t *p, int direction) {
@@ -2622,7 +2622,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
};
typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
%extend apol_domain_trans_result_t {
- apol_domain_trans_result_t(apol_domain_trans_result_t *in) {
+ apol_domain_trans_result(apol_domain_trans_result_t *in) {
apol_domain_trans_result_t *dtr;
BEGIN_EXCEPTION
dtr = apol_domain_trans_result_create_from_domain_trans_result(in);
@@ -2633,7 +2633,7 @@ typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
fail:
return dtr;
};
- ~apol_domain_trans_result_t() {
+ ~apol_domain_trans_result() {
apol_domain_trans_result_destroy(&self);
};
const qpol_type_t *get_start_type() {
@@ -2705,14 +2705,14 @@ int apol_domain_trans_table_verify_trans(apol_policy_t * policy, qpol_type_t * s
%}
typedef struct apol_infoflow {} apol_infoflow_t;
%extend apol_infoflow_t {
- apol_infoflow_t() {
+ apol_infoflow() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_t() {
+ ~apol_infoflow() {
apol_infoflow_destroy(&self);
};
%newobject extract_graph();
@@ -2730,7 +2730,7 @@ typedef struct apol_infoflow {} apol_infoflow_t;
};
typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
%extend apol_infoflow_analysis_t {
- apol_infoflow_analysis_t() {
+ apol_infoflow_analysis() {
apol_infoflow_analysis_t *aia;
BEGIN_EXCEPTION
aia = apol_infoflow_analysis_create();
@@ -2741,7 +2741,7 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
fail:
return aia;
};
- ~apol_infoflow_analysis_t() {
+ ~apol_infoflow_analysis() {
apol_infoflow_analysis_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2823,14 +2823,14 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
};
typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
%extend apol_infoflow_graph_t {
- apol_infoflow_graph_t() {
+ apol_infoflow_graph() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_graph_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_graph_t() {
+ ~apol_infoflow_graph() {
apol_infoflow_graph_destroy(&self);
};
%newobject do_more(apol_policy_t*, char*);
@@ -2867,14 +2867,14 @@ typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
};
typedef struct apol_infoflow_result {} apol_infoflow_result_t;
%extend apol_infoflow_result_t {
- apol_infoflow_result_t() {
+ apol_infoflow_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_result_t() {
+ ~apol_infoflow_result() {
/* no op - vector will destroy */
return;
};
@@ -2901,14 +2901,14 @@ typedef struct apol_infoflow_result {} apol_infoflow_result_t;
%}
typedef struct apol_infoflow_step {} apol_infoflow_step_t;
%extend apol_infoflow_step_t {
- apol_infoflow_step_t() {
+ apol_infoflow_step() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_step_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_step_t() {
+ ~apol_infoflow_step() {
/* no op */
return;
};
@@ -2938,7 +2938,7 @@ typedef struct apol_infoflow_step {} apol_infoflow_step_t;
#define APOL_RELABEL_DIR_SUBJECT 0x04
typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
%extend apol_relabel_analysis_t {
- apol_relabel_analysis_t() {
+ apol_relabel_analysis() {
apol_relabel_analysis_t *ara;
BEGIN_EXCEPTION
ara = apol_relabel_analysis_create();
@@ -2949,7 +2949,7 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
fail:
return ara;
};
- ~apol_relabel_analysis_t() {
+ ~apol_relabel_analysis() {
apol_relabel_analysis_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -3011,14 +3011,14 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
};
typedef struct apol_relabel_result {} apol_relabel_result_t;
%extend apol_relabel_result_t {
- apol_relabel_result_t() {
+ apol_relabel_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_relabel_result_t() {
+ ~apol_relabel_result() {
/* no op - vector will destroy */
return;
};
@@ -3042,14 +3042,14 @@ typedef struct apol_relabel_result {} apol_relabel_result_t;
%}
typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
%extend apol_relabel_result_pair_t {
- apol_relabel_result_pair_t() {
+ apol_relabel_result_pair() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_pair_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_relabel_result_pair_t() {
+ ~apol_relabel_result_pair() {
/* no op - owned and free()'d by apol_relabel_result_t */
return;
};
@@ -3084,7 +3084,7 @@ typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
#define APOL_TYPES_RELATION_TRANS_FLOW_BA 0x8000
typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
%extend apol_types_relation_analysis_t {
- apol_types_relation_analysis_t() {
+ apol_types_relation_analysis() {
apol_types_relation_analysis_t *atr;
BEGIN_EXCEPTION
atr = apol_types_relation_analysis_create();
@@ -3095,7 +3095,7 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
fail:
return atr;
};
- ~apol_types_relation_analysis_t() {
+ ~apol_types_relation_analysis() {
apol_types_relation_analysis_destroy(&self);
}
%newobject run(apol_policy_t*);
@@ -3139,14 +3139,14 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
};
typedef struct apol_types_relation_result {} apol_types_relation_result_t;
%extend apol_types_relation_result_t {
- apol_types_relation_result_t() {
+ apol_types_relation_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_types_relation_result_t() {
+ ~apol_types_relation_result() {
apol_types_relation_result_destroy(&self);
};
const apol_vector_t *get_attributes() {
@@ -3194,14 +3194,14 @@ typedef struct apol_types_relation_result {} apol_types_relation_result_t;
};
typedef struct apol_types_relation_access {} apol_types_relation_access_t;
%extend apol_types_relation_access_t {
- apol_types_relation_access_t() {
+ apol_types_relation_access() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_access_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_types_relation_access_t() {
+ ~apol_types_relation_access() {
/* no op - vector will destroy */
return;
};
--
1.8.5.3

84
0010-selinux_current_policy_path.patch
View File

@ -1,84 +0,0 @@
diff -up setools-3.3.7/libqpol/src/util.c.current setools-3.3.7/libqpol/src/util.c
--- setools-3.3.7/libqpol/src/util.c.current 2010-04-23 12:22:08.000000000 -0400
+++ setools-3.3.7/libqpol/src/util.c 2012-02-16 12:01:33.030434514 -0500
@@ -84,75 +84,12 @@ static int get_binpol_version(const char
static int search_policy_binary_file(char **path)
{
- const char *binary_path;
- if ((binary_path = selinux_binary_policy_path()) == NULL) {
- return -1;
+ const char *binary_path = selinux_current_policy_path();
+ if (binary_path) {
+ *path = strdup(binary_path);
+ if (*path) return 0;
}
-
- int expected_version = -1, latest_version = -1;
-#ifdef LIBSELINUX
- /* if the system has SELinux enabled, prefer the policy whose
- name matches the current policy version */
- if ((expected_version = security_policyvers()) < 0) {
- return -1;
- }
-#endif
-
- glob_t glob_buf;
- struct stat fs;
- int rt, error = 0, retval = -1;
- size_t i;
- char *pattern = NULL;
- if (asprintf(&pattern, "%s.*", binary_path) < 0) {
- return -1;
- }
- glob_buf.gl_offs = 1;
- glob_buf.gl_pathc = 0;
- rt = glob(pattern, GLOB_DOOFFS, NULL, &glob_buf);
- if (rt != 0 && rt != GLOB_NOMATCH) {
- errno = EIO;
- return -1;
- }
-
- for (i = 0; i < glob_buf.gl_pathc; i++) {
- char *p = glob_buf.gl_pathv[i + glob_buf.gl_offs];
- if (stat(p, &fs) != 0) {
- error = errno;
- goto cleanup;
- }
- if (S_ISDIR(fs.st_mode))
- continue;
-
- if ((rt = get_binpol_version(p)) < 0) {
- error = errno;
- goto cleanup;
- }
-
- if (rt > latest_version || rt == expected_version) {
- free(*path);
- if ((*path = strdup(p)) == NULL) {
- error = errno;
- goto cleanup;
- }
- if (rt == expected_version) {
- break;
- }
- latest_version = rt;
- }
- }
-
- if (*path == NULL) {
- retval = 1;
- } else {
- retval = 0;
- }
- cleanup:
- free(pattern);
- globfree(&glob_buf);
- if (retval == -1) {
- errno = error;
- }
- return retval;
+ return -1;
}
int qpol_default_policy_find(char **path)

154
0011-Fix-Wformat-security-issues.patch
View File

@ -1,154 +0,0 @@
From 32ede3cc817ee4f6806877a34a6c84ed50c31df7 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Fri, 11 Apr 2014 18:49:33 +0200
Subject: [PATCH 11/11] Fix -Wformat-security issues
---
libseaudit/src/bool_message.c | 4 ++--
libseaudit/src/filter.c | 2 +-
libseaudit/src/model.c | 2 +-
seaudit/progress.c | 4 ++--
seaudit/toplevel.c | 2 +-
seaudit/utilgui.c | 2 +-
sediff/progress.c | 4 ++--
sediff/toplevel.c | 2 +-
sediff/utilgui.c | 2 +-
9 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/libseaudit/src/bool_message.c b/libseaudit/src/bool_message.c
index f105cf0..d5b1e33 100644
--- a/libseaudit/src/bool_message.c
+++ b/libseaudit/src/bool_message.c
@@ -101,7 +101,7 @@ char *bool_message_to_string(const seaudit_message_t * msg, const char *date)
return NULL;
}
if ((misc_string = bool_message_to_misc_string(boolm)) == NULL ||
- apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) {
+ apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) {
free(misc_string);
return NULL;
}
@@ -128,7 +128,7 @@ char *bool_message_to_string_html(const seaudit_message_t * msg, const char *dat
return NULL;
}
if ((misc_string = bool_message_to_misc_string(boolm)) == NULL ||
- apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s<br>", s, close_brace) < 0) {
+ apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s<br>", s, close_brace) < 0) {
free(misc_string);
return NULL;
}
diff --git a/libseaudit/src/filter.c b/libseaudit/src/filter.c
index 298a309..c710ce4 100644
--- a/libseaudit/src/filter.c
+++ b/libseaudit/src/filter.c
@@ -1108,7 +1108,7 @@ int seaudit_filter_save_to_file(const seaudit_filter_t * filter, const char *fil
if ((file = fopen(filename, "w")) == NULL) {
return -1;
}
- fprintf(file, XML_VER);
+ fprintf(file, "%s", XML_VER);
fprintf(file, "<view xmlns=\"http://oss.tresys.com/projects/setools/seaudit-%s/\">\n", FILTER_FILE_FORMAT_VERSION);
filter_append_to_file(filter, file, 1);
fprintf(file, "</view>\n");
diff --git a/libseaudit/src/model.c b/libseaudit/src/model.c
index 1bc4a23..4a130cb 100644
--- a/libseaudit/src/model.c
+++ b/libseaudit/src/model.c
@@ -514,7 +514,7 @@ int seaudit_model_save_to_file(const seaudit_model_t * model, const char *filena
if ((file = fopen(filename, "w")) == NULL) {
return -1;
}
- fprintf(file, XML_VER);
+ fprintf(file, "%s", XML_VER);
fprintf(file, "<view xmlns=\"http://oss.tresys.com/projects/setools/seaudit-%s/\" name=\"%s\" match=\"%s\" show=\"%s\">\n",
FILTER_FILE_FORMAT_VERSION, model->name,
model->match == SEAUDIT_FILTER_MATCH_ALL ? "all" : "any",
diff --git a/seaudit/progress.c b/seaudit/progress.c
index 2e0abeb..f092858 100644
--- a/seaudit/progress.c
+++ b/seaudit/progress.c
@@ -114,10 +114,10 @@ int progress_wait(progress_t * progress)
}
g_mutex_unlock(progress->mutex);
if (progress->done < 0) {
- toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label);
+ toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label);
return progress->done;
} else if (progress->done > 1) {
- toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label);
+ toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label);
return progress->done - 1;
} else {
progress->done = 0;
diff --git a/seaudit/toplevel.c b/seaudit/toplevel.c
index d901a99..27938d5 100644
--- a/seaudit/toplevel.c
+++ b/seaudit/toplevel.c
@@ -902,7 +902,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch
ERR(NULL, "%s", strerror(errno));
return;
}
- dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
+ dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
free(msg);
gtk_dialog_run(GTK_DIALOG(dialog));
gtk_widget_destroy(dialog);
diff --git a/seaudit/utilgui.c b/seaudit/utilgui.c
index 22028e1..78a1a08 100644
--- a/seaudit/utilgui.c
+++ b/seaudit/utilgui.c
@@ -30,7 +30,7 @@
void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg)
{
GtkWidget *dialog;
- dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
+ dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
gtk_dialog_run(GTK_DIALOG(dialog));
gtk_widget_destroy(dialog);
}
diff --git a/sediff/progress.c b/sediff/progress.c
index efaa120..312789e 100644
--- a/sediff/progress.c
+++ b/sediff/progress.c
@@ -115,10 +115,10 @@ int progress_wait(progress_t * progress)
}
g_mutex_unlock(progress->mutex);
if (progress->done < 0) {
- toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label);
+ toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label);
return progress->done;
} else if (progress->done > 1) {
- toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label);
+ toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label);
return progress->done - 1;
} else {
progress->done = 0;
diff --git a/sediff/toplevel.c b/sediff/toplevel.c
index db6d1f5..aabd039 100644
--- a/sediff/toplevel.c
+++ b/sediff/toplevel.c
@@ -453,7 +453,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch
ERR(NULL, "%s", strerror(errno));
return;
}
- dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
+ dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
free(msg);
gtk_dialog_run(GTK_DIALOG(dialog));
gtk_widget_destroy(dialog);
diff --git a/sediff/utilgui.c b/sediff/utilgui.c
index 04e1e05..9e183ba 100644
--- a/sediff/utilgui.c
+++ b/sediff/utilgui.c
@@ -31,7 +31,7 @@
void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg)
{
GtkWidget *dialog;
- dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg);
+ dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg);
gtk_dialog_run(GTK_DIALOG(dialog));
gtk_widget_destroy(dialog);
}
--
1.8.5.3

255
0011-setools-noship.patch
View File

@ -1,255 +0,0 @@
diff -up setools-3.3.7/Makefile.am.noship setools-3.3.7/Makefile.am
--- setools-3.3.7/Makefile.am.noship 2008-02-22 14:06:28.000000000 -0500
+++ setools-3.3.7/Makefile.am 2013-01-30 09:18:59.775157146 -0500
@@ -8,9 +8,8 @@ endif
if BUILD_GUI
MAYBE_GUI = seaudit
endif
-# sediffx is also built conditionally, from sediffx/Makefile.am
-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
@@ -49,12 +48,6 @@ seaudit: libqpol libapol libseaudit
sediff: libqpol libapol libpoldiff
$(MAKE) -C $(top_srcdir)/sediff sediff
-sediffx: libqpol libapol libpoldiff
- $(MAKE) -C $(top_srcdir)/sediff sediffx
-
-sechecker: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/sechecker
-
help:
@echo "Make targets for SETools:"
@echo " all: build everything, but do not install"
@@ -65,8 +58,6 @@ help:
@echo " secmds: build command line tools"
@echo " seaudit: build audit log analysis tools"
@echo " sediff: build semantic policy diff command line tool"
- @echo " sediffx: build semantic policy diff graphical tool"
- @echo " sechecker: build policy checking tool"
@echo ""
@echo " install-logwatch: install LogWatch config files for seaudit-report"
@echo " (requires LogWatch and root privileges)"
@@ -78,9 +69,9 @@ install-logwatch:
$(MAKE) -C $(top_srcdir)/seaudit install-logwatch
.PHONY: libqpol libapol libpoldiff libsefs libseaudit \
- apol secmds seaudit sediff sediffx sechecker \
+ apol secmds seaudit sediff \
install-logwatch help \
- seinfo sesearch indexcon findcon replcon searchcon \
+ seinfo sesearch \
packages
seinfo: libqpol libapol
@@ -89,18 +80,6 @@ seinfo: libqpol libapol
sesearch: libqpol libapol
$(MAKE) -C $(top_srcdir)/secmds sesearch
-indexcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds indexcon
-
-findcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds findcon
-
-replcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds replcon
-
-searchcon: libqpol libapol libsefs
- $(MAKE) -C $(top_srcdir)/secmds searchcon
-
packages:
$(MAKE) -C $(top_srcdir)/packages
diff -up setools-3.3.7/man/Makefile.am.noship setools-3.3.7/man/Makefile.am
--- setools-3.3.7/man/Makefile.am.noship 2007-08-02 17:16:33.000000000 -0400
+++ setools-3.3.7/man/Makefile.am 2013-01-30 09:16:13.696871566 -0500
@@ -1,19 +1,10 @@
if BUILD_GUI
MAYBEMANS = apol.1 \
- seaudit.8 seaudit-report.8 \
- sediffx.1
+ seaudit.8
endif
EXTRA_DIST=$(man_MANS) apol.1 \
- seaudit.8 seaudit-report.8.in \
- sediffx.1
+ seaudit.8
-man_MANS = findcon.1 indexcon.1 replcon.1 \
- sechecker.1 \
- sediff.1 \
+man_MANS = sediff.1 \
seinfo.1 sesearch.1 $(MAYBEMANS)
-
-seaudit-report.8: seaudit-report.8.in Makefile
- sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
-
-CLEANFILES = seaudit-report.8
diff -up setools-3.3.7/seaudit/Makefile.am.noship setools-3.3.7/seaudit/Makefile.am
--- setools-3.3.7/seaudit/Makefile.am.noship 2008-02-22 14:06:28.000000000 -0500
+++ setools-3.3.7/seaudit/Makefile.am 2013-01-30 09:16:13.697871568 -0500
@@ -1,5 +1,4 @@
setoolsdir = @setoolsdir@
-bin_PROGRAMS = seaudit-report
sbin_PROGRAMS = seaudit
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
@@ -20,13 +19,10 @@ LDADD = @SELINUX_LIB_FLAG@ @SEAUDIT_LIB_
dist_setools_DATA = \
seaudit.glade \
seaudit_help.txt \
- seaudit-report.conf \
- seaudit-report.css \
seaudit.png seaudit-small.png
nodist_setools_DATA = \
- dot_seaudit \
- seaudit-report-service
+ dot_seaudit
seaudit_SOURCES = \
filter_view.c filter_view.h \
@@ -50,31 +46,12 @@ seaudit_DEPENDENCIES = $(top_builddir)/l
dot_seaudit: dot_seaudit.in Makefile
sed -e 's|\@setoolsdir\@|$(setoolsdir)|g' $< > $@
-seaudit_report_SOURCES = seaudit-report.c
-seaudit_report_DEPENDENCIES = $(top_builddir)/libseaudit/src/libseaudit.so \
- $(top_builddir)/libapol/src/libapol.so \
- $(top_builddir)/libqpol/src/libqpol.so
-
logwatch = $(DESTDIR)/etc/logwatch
LOGWATCH_GROUP = $(logwatch)/conf/logfiles
LOGWATCH_SERVICE = $(logwatch)/conf/services
LOGWATCH_FILTER = $(logwatch)/scripts/services
-dist_noinst_DATA = dot_seaudit.in \
- seaudit-report-group.conf \
- seaudit-report-service.conf \
- seaudit-report-service.in
-
-seaudit-report-service: seaudit-report-service.in Makefile
- sed -e 's|\@bindir\@|$(bindir)|g' $< > $@
-
-install-logwatch: $(dist_noinst_DATA) seaudit-report-service
- mkdir -p -- $(LOGWATCH_GROUP)
- install -m 644 seaudit-report-group.conf $(LOGWATCH_GROUP)
- mkdir -p -- $(LOGWATCH_SERVICE)
- install -m 644 seaudit-report-service.conf $(LOGWATCH_SERVICE)
- mkdir -p -- $(LOGWATCH_FILTER)
- install -m 755 seaudit-report-service $(LOGWATCH_FILTER)
+dist_noinst_DATA = dot_seaudit.in
$(top_builddir)/libapol/src/libapol.so:
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
@@ -85,6 +62,4 @@ $(top_builddir)/libqpol/src/libqpol.so:
$(top_builddir)/libsefs/src/libsefs.so:
$(MAKE) -C $(top_builddir)/libsefs/src $(notdir $@)
-.PHONY: install-logwatch
-
-CLEANFILES = dot_seaudit seaudit-report-service
+CLEANFILES = dot_seaudit
diff -up setools-3.3.7/secmds/Makefile.am.noship setools-3.3.7/secmds/Makefile.am
--- setools-3.3.7/secmds/Makefile.am.noship 2007-08-02 17:16:33.000000000 -0400
+++ setools-3.3.7/secmds/Makefile.am 2013-01-30 09:16:13.698871569 -0500
@@ -1,6 +1,6 @@
# various setools command line tools
-bin_PROGRAMS = seinfo sesearch findcon replcon indexcon
+bin_PROGRAMS = seinfo sesearch
# These are for indexcon so that it is usable on machines without setools
STATICLIBS = ../libsefs/src/libsefs.a ../libapol/src/libapol.a ../libqpol/src/libqpol.a -lsqlite3
@@ -18,18 +18,6 @@ seinfo_SOURCES = seinfo.c
sesearch_SOURCES = sesearch.c
-indexcon_SOURCES = indexcon.cc
-indexcon_LDADD = @SELINUX_LIB_FLAG@ $(STATICLIBS)
-indexcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
-findcon_SOURCES = findcon.cc
-findcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
-findcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
-replcon_SOURCES = replcon.cc
-replcon_LDADD = @SEFS_LIB_FLAG@ $(LDADD)
-replcon_DEPENDENCIES = $(DEPENDENCIES) $(top_builddir)/libsefs/src/libsefs.so
-
$(top_builddir)/libapol/src/libapol.so:
$(MAKE) -C $(top_builddir)/libapol/src $(notdir $@)
diff -up setools-3.3.7/sediff/Makefile.am.noship setools-3.3.7/sediff/Makefile.am
--- setools-3.3.7/sediff/Makefile.am.noship 2007-04-25 15:20:20.000000000 -0400
+++ setools-3.3.7/sediff/Makefile.am 2013-01-30 09:16:13.698871569 -0500
@@ -1,13 +1,6 @@
setoolsdir = @setoolsdir@
-dist_setools_DATA = sediff_help.txt sediffx.glade \
- sediffx.png sediffx-small.png
-
-if BUILD_GUI
- MAYBE_SEDIFFX = sediffx
-endif
-
-bin_PROGRAMS = sediff $(MAYBE_SEDIFFX)
+bin_PROGRAMS = sediff
AM_CFLAGS = @DEBUGCFLAGS@ @WARNCFLAGS@ @PROFILECFLAGS@ @SELINUX_CFLAGS@ \
@QPOL_CFLAGS@ @APOL_CFLAGS@ @POLDIFF_CFLAGS@
@@ -15,14 +8,7 @@ AM_LDFLAGS = @DEBUGLDFLAGS@ @WARNLDFLAGS
LDADD = @SELINUX_LIB_FLAG@ @POLDIFF_LIB_FLAG@ @APOL_LIB_FLAG@ @QPOL_LIB_FLAG@
-sediff_CFLAGS = $(AM_CFLAGS)
-sediffx_CFLAGS = $(AM_CFLAGS) \
- @GTK_CFLAGS@ @PIXBUF_CFLAGS@ @GLADE_CFLAGS@ @GTHREAD_CFLAGS@
-
-# need the -rdynamic flag below - glade uses dlopen() upon sediffx callbacks
-sediffx_LDFLAGS = $(AM_LDFLAGS) \
- @GTK_LIBS@ @PIXBUF_LIBS@ @GLADE_LIBS@ @GTHREAD_LIBS@ @XML_LIBS@ \
- -rdynamic
+sediff_CFLAGS = $(AM_CFLAGS)
DEPENDENCIES = $(top_builddir)/libpoldiff/src/libpoldiff.so \
$(top_builddir)/libapol/src/libapol.so \
@@ -30,20 +16,6 @@ DEPENDENCIES = $(top_builddir)/libpoldif
sediff_SOURCES = sediff.c
-sediffx_SOURCES = \
- find_dialog.c find_dialog.h \
- open_policies_dialog.c open_policies_dialog.h \
- policy_view.c policy_view.h \
- progress.c progress.h \
- remap_types_dialog.c remap_types_dialog.h \
- result_item.c result_item.h \
- result_item_render.c result_item_render.h \
- results.c results.h \
- select_diff_dialog.c select_diff_dialog.h \
- toplevel.c toplevel.h \
- utilgui.c utilgui.h \
- sediffx.c sediffx.h
-
$(top_builddir)/libpoldiff/src/libpoldiff.so:
$(MAKE) -C $(top_builddir)/libpoldiff/src $(notdir $@)
diff -up setools-3.3.7/configure.ac~ setools-3.3.7/configure.ac
--- setools-3.3.7/configure.ac~ 2013-01-30 09:52:05.689136955 -0500
+++ setools-3.3.7/configure.ac 2013-01-30 09:56:26.853722063 -0500
@@ -63,7 +63,7 @@ if test ${ac_cv_prog_cc_c99} = "no"; the
fi
AC_PROG_CXX
AC_LANG([C])
-AC_PROG_LIBTOOL
+AC_PROG_RANLIB
AC_PROG_LN_S
AC_PROG_LEX
AC_PROG_YACC

51
0012-Fix-configure.ac-to-use-SWIG-3.0.0.patch
View File

@ -1,51 +0,0 @@
From 9fbf625c8606ff4a51d3d797b002bbf698592154 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Sun, 13 Apr 2014 20:58:14 +0200
Subject: [PATCH] Fix configure.ac to use SWIG-3.0.0
---
configure.ac | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/configure.ac b/configure.ac
index 5b1da5e..11c0e3e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -194,7 +194,7 @@ AC_ARG_ENABLE(swig-java,
enable_jswig="$enableval")
if test "x${enable_jswig}" = xyes; then
if test ${do_swigify} = no; then
- AC_PROG_SWIG(2.0.0)
+ AC_PROG_SWIG(3.0.0)
fi
AC_JAVA_OPTIONS
if test "x$JAVAPREFIX" = x; then
@@ -225,14 +225,14 @@ AC_ARG_ENABLE(swig-python,
enable_pyswig="$enableval")
if test "x${enable_pyswig}" = xyes; then
if test ${do_swigify} = no; then
- AC_PROG_SWIG(2.0.0)
+ AC_PROG_SWIG(3.0.0)
fi
SWIG_PYTHON
do_swigify_python=yes
do_swigify=yes
fi
if test ${do_swigify} = "yes"; then
- AC_PROG_SWIG(2.0.0)
+ AC_PROG_SWIG(3.0.0)
fi
build_apol=yes
AC_ARG_ENABLE(swig-tcl,
@@ -241,7 +241,7 @@ AC_ARG_ENABLE(swig-tcl,
enable_tclswig="$enableval", enable_tclswig="yes")
if test "x${enable_tclswig}" = xyes; then
if test ${do_swigify} = no; then
- AC_PROG_SWIG(2.0.0)
+ AC_PROG_SWIG(3.0.0)
fi
TEA_INIT(3.5)
TEA_PATH_TCLCONFIG
--
1.8.5.3

28
0012-seaudit.patch
View File

@ -1,28 +0,0 @@
diff -up setools-3.3.7/libqpol/swig/java/Makefile.am.seaudit setools-3.3.7/libqpol/swig/java/Makefile.am
--- setools-3.3.7/libqpol/swig/java/Makefile.am.seaudit 2010-05-03 12:37:54.000000000 -0400
+++ setools-3.3.7/libqpol/swig/java/Makefile.am 2012-09-28 10:15:56.408912525 -0400
@@ -48,7 +48,6 @@ BUILT_SOURCES = qpol_wrap.c \
qpol_type_t.java \
qpol_user_t.java \
qpol_validatetrans_t.java \
- SWIGTYPE_p_int.java \
SWIGTYPE_p_unsigned_int.java \
SWIGTYPE_p_void.java
diff -up setools-3.3.7/seaudit/progress.c.seaudit setools-3.3.7/seaudit/progress.c
--- setools-3.3.7/seaudit/progress.c.seaudit 2007-08-02 17:16:33.000000000 -0400
+++ setools-3.3.7/seaudit/progress.c 2012-09-28 10:15:56.407912521 -0400
@@ -99,10 +99,11 @@ void progress_hide(progress_t * progress
int progress_wait(progress_t * progress)
{
- GTimeVal wait_time = { 0, 50000 };
+ gint64 end_time;
g_mutex_lock(progress->mutex);
while (!progress->done) {
- g_cond_timed_wait(progress->cond, progress->mutex, &wait_time);
+ end_time = g_get_monotonic_time () + 50000; // need to be set before each wait
+ g_cond_wait_until(progress->cond, progress->mutex,end_time);
if (progress->s != NULL) {
gtk_label_set_text(GTK_LABEL(progress->label2), progress->s);
free(progress->s);

29
0013-libqpol-Skip-types-when-building-type-attribute-map.patch
View File

@ -1,29 +0,0 @@
From f7b31b7e28a4f89bcfcd0d139cfca78777a4333e Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 4 Feb 2016 14:06:49 -0500
Subject: [PATCH] libqpol: Skip types when building type attribute map.
Fix originally from Richard Haines.
Closes #94.
---
libqpol/src/policy_extend.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libqpol/src/policy_extend.c b/libqpol/src/policy_extend.c
index 1417271..416bddb 100644
--- a/libqpol/src/policy_extend.c
+++ b/libqpol/src/policy_extend.c
@@ -201,6 +201,9 @@ static int qpol_policy_build_attrs_from_map(qpol_policy_t * policy)
memset(&buff, 0, 10 * sizeof(char));
for (i = 0; i < db->p_types.nprim; i++) {
+ /* skip types */
+ if (db->type_val_to_struct[i]->flavor == TYPE_TYPE)
+ continue;
count = 0;
ebitmap_for_each_bit(&db->attr_type_map[i], node, bit) {
if (ebitmap_node_get_bit(node, bit))
--
2.5.0

956
0013-swig.patch
View File

@ -1,956 +0,0 @@
@@ -, +, @@
---
libapol/swig/apol.i | 218 ++++++++++++++++++++++++++--------------------------
1 file changed, 109 insertions(+), 109 deletions(-)
--- a/libapol/swig/apol.i
+++ a/libapol/swig/apol.i
@@ -256,7 +256,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
}
%}
%extend apol_ip_t {
- apol_ip_t(const char *str) {
+ apol_ip(const char *str) {
apol_ip_t *ip = NULL;
BEGIN_EXCEPTION
ip = calloc(1, sizeof(*ip));
@@ -274,7 +274,7 @@ uint8_t apol_str_to_protocol(const char *protocol_str);
fail:
return ip;
};
- ~apol_ip_t() {
+ ~apol_ip() {
free(self);
};
int get_protocol() {
@@ -303,16 +303,16 @@ char *apol_file_find_path(const char *file_name);
%}
typedef struct apol_vector {} apol_vector_t;
%extend apol_vector_t {
- apol_vector_t() {
+ apol_vector() {
return apol_vector_create(NULL);
};
- apol_vector_t(qpol_iterator_t *iter) {
+ apol_vector(qpol_iterator_t *iter) {
return apol_vector_create_from_iter(iter, NULL);
};
- apol_vector_t(apol_vector_t *v) {
+ apol_vector(apol_vector_t *v) {
return apol_vector_create_from_vector(v, NULL, NULL, NULL);
};
- apol_vector_t(apol_vector_t *a, apol_vector_t *b) {
+ apol_vector(apol_vector_t *a, apol_vector_t *b) {
return apol_vector_create_from_intersection(a, b, NULL, NULL);
};
size_t get_size() {
@@ -324,7 +324,7 @@ typedef struct apol_vector {} apol_vector_t;
void *get_element(size_t i) {
return apol_vector_get_element(self, i);
};
- ~apol_vector_t() {
+ ~apol_vector() {
apol_vector_destroy(&self);
};
void append(void *x) {
@@ -379,13 +379,13 @@ typedef struct apol_vector {} apol_vector_t;
%}
typedef struct apol_string_vector {} apol_string_vector_t;
%extend apol_string_vector_t {
- apol_string_vector_t() {
+ apol_string_vector() {
return (apol_string_vector_t*)apol_vector_create(free);
};
- apol_string_vector_t(apol_string_vector_t *v) {
+ apol_string_vector(apol_string_vector_t *v) {
return (apol_string_vector_t*)apol_vector_create_from_vector((apol_vector_t*)v, apol_str_strdup, NULL, free);
};
- apol_string_vector_t(apol_string_vector_t *a, apol_string_vector_t *b) {
+ apol_string_vector(apol_string_vector_t *a, apol_string_vector_t *b) {
return (apol_string_vector_t*)apol_vector_create_from_intersection((apol_vector_t*)a, (apol_vector_t*)b, apol_str_strcmp, NULL);
};
size_t get_size() {
@@ -397,7 +397,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
char *get_element(size_t i) {
return (char*)apol_vector_get_element((apol_vector_t*)self, i);
};
- ~apol_string_vector_t() {
+ ~apol_string_vector() {
apol_vector_destroy((apol_vector_t**)&self);
};
size_t get_index(char *str) {
@@ -462,7 +462,7 @@ typedef struct apol_string_vector {} apol_string_vector_t;
} apol_policy_path_type_e;
typedef struct apol_policy_path {} apol_policy_path_t;
%extend apol_policy_path_t {
- apol_policy_path_t(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
+ apol_policy_path(apol_policy_path_type_e type, char * primary, apol_string_vector_t *modules = NULL) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create(type, primary, (apol_vector_t*)modules)) == NULL) {
@@ -472,7 +472,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(char *path) {
+ apol_policy_path(char *path) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_file(path)) == NULL) {
@@ -482,7 +482,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(char *str, int unused) {
+ apol_policy_path(char *str, int unused) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_string(str)) == NULL) {
@@ -492,7 +492,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- apol_policy_path_t(apol_policy_path_t *in) {
+ apol_policy_path(apol_policy_path_t *in) {
apol_policy_path_t *p;
BEGIN_EXCEPTION
if ((p = apol_policy_path_create_from_policy_path(in)) == NULL) {
@@ -502,7 +502,7 @@ typedef struct apol_policy_path {} apol_policy_path_t;
fail:
return p;
};
- ~apol_policy_path_t() {
+ ~apol_policy_path() {
apol_policy_path_destroy(&self);
};
apol_policy_path_type_e get_type() {
@@ -549,7 +549,7 @@ typedef struct apol_policy {} apol_policy_t;
#define APOL_PERMMAP_BOTH (APOL_PERMMAP_READ | APOL_PERMMAP_WRITE)
#define APOL_PERMMAP_NONE 0x10
%extend apol_policy_t {
- apol_policy_t(apol_policy_path_t *path, int options = 0) {
+ apol_policy(apol_policy_path_t *path, int options = 0) {
apol_policy_t *p;
BEGIN_EXCEPTION
p = apol_policy_create_from_policy_path(path, options, apol_swig_message_callback, apol_swig_message_callback_arg);
@@ -564,7 +564,7 @@ typedef struct apol_policy {} apol_policy_t;
fail:
return p;
};
- ~apol_policy_t() {
+ ~apol_policy() {
apol_policy_destroy(&self);
};
int get_policy_type() {
@@ -652,7 +652,7 @@ typedef struct apol_policy {} apol_policy_t;
/* apol type query */
typedef struct apol_type_query {} apol_type_query_t;
%extend apol_type_query_t {
- apol_type_query_t() {
+ apol_type_query() {
apol_type_query_t *tq;
BEGIN_EXCEPTION
tq = apol_type_query_create();
@@ -663,7 +663,7 @@ typedef struct apol_type_query {} apol_type_query_t;
fail:
return tq;
};
- ~apol_type_query_t() {
+ ~apol_type_query() {
apol_type_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -694,7 +694,7 @@ typedef struct apol_type_query {} apol_type_query_t;
/* apol attribute query */
typedef struct apol_attr_query {} apol_attr_query_t;
%extend apol_attr_query_t {
- apol_attr_query_t() {
+ apol_attr_query() {
apol_attr_query_t *aq;
BEGIN_EXCEPTION
aq = apol_attr_query_create();
@@ -705,7 +705,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
fail:
return aq;
};
- ~apol_attr_query_t() {
+ ~apol_attr_query() {
apol_attr_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -736,7 +736,7 @@ typedef struct apol_attr_query {} apol_attr_query_t;
/* apol role query */
typedef struct apol_role_query {} apol_role_query_t;
%extend apol_role_query_t {
- apol_role_query_t() {
+ apol_role_query() {
apol_role_query_t *rq;
BEGIN_EXCEPTION
rq = apol_role_query_create();
@@ -747,7 +747,7 @@ typedef struct apol_role_query {} apol_role_query_t;
fail:
return rq;
};
- ~apol_role_query_t() {
+ ~apol_role_query() {
apol_role_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -788,7 +788,7 @@ int apol_role_has_type(apol_policy_t * p, qpol_role_t * r, qpol_type_t * t);
/* apol class query */
typedef struct apol_class_query {} apol_class_query_t;
%extend apol_class_query_t {
- apol_class_query_t() {
+ apol_class_query() {
apol_class_query_t *cq;
BEGIN_EXCEPTION
cq = apol_class_query_create();
@@ -799,7 +799,7 @@ typedef struct apol_class_query {} apol_class_query_t;
fail:
return cq;
};
- ~apol_class_query_t() {
+ ~apol_class_query() {
apol_class_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -839,7 +839,7 @@ typedef struct apol_class_query {} apol_class_query_t;
/* apol common query */
typedef struct apol_common_query {} apol_common_query_t;
%extend apol_common_query_t {
- apol_common_query_t() {
+ apol_common_query() {
apol_common_query_t *cq;
BEGIN_EXCEPTION
cq = apol_common_query_create();
@@ -850,7 +850,7 @@ typedef struct apol_common_query {} apol_common_query_t;
fail:
return cq;
};
- ~apol_common_query_t() {
+ ~apol_common_query() {
apol_common_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -881,7 +881,7 @@ typedef struct apol_common_query {} apol_common_query_t;
/* apol perm query */
typedef struct apol_perm_query {} apol_perm_query_t;
%extend apol_perm_query_t {
- apol_perm_query_t() {
+ apol_perm_query() {
apol_perm_query_t *pq;
BEGIN_EXCEPTION
pq = apol_perm_query_create();
@@ -892,7 +892,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
fail:
return pq;
};
- ~apol_perm_query_t() {
+ ~apol_perm_query() {
apol_perm_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -923,7 +923,7 @@ typedef struct apol_perm_query {} apol_perm_query_t;
/* apol bool query */
typedef struct apol_bool_query {} apol_bool_query_t;
%extend apol_bool_query_t {
- apol_bool_query_t() {
+ apol_bool_query() {
apol_bool_query_t *bq;
BEGIN_EXCEPTION
bq = apol_bool_query_create();
@@ -934,7 +934,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
fail:
return bq;
};
- ~apol_bool_query_t() {
+ ~apol_bool_query() {
apol_bool_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -965,7 +965,7 @@ typedef struct apol_bool_query {} apol_bool_query_t;
/* apol mls level */
typedef struct apol_mls_level {} apol_mls_level_t;
%extend apol_mls_level_t {
- apol_mls_level_t() {
+ apol_mls_level() {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create();
@@ -976,7 +976,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_mls_level_t *in) {
+ apol_mls_level(apol_mls_level_t *in) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_mls_level(in);
@@ -987,7 +987,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, const char *str) {
+ apol_mls_level(apol_policy_t *p, const char *str) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_string(p, str);
@@ -998,7 +998,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(const char *str) {
+ apol_mls_level(const char *str) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_literal(str);
@@ -1009,7 +1009,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, qpol_mls_level_t *qml) {
+ apol_mls_level(apol_policy_t *p, qpol_mls_level_t *qml) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_qpol_mls_level(p, qml);
@@ -1020,7 +1020,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- apol_mls_level_t(apol_policy_t *p, qpol_level_t *ql) {
+ apol_mls_level(apol_policy_t *p, qpol_level_t *ql) {
apol_mls_level_t *aml;
BEGIN_EXCEPTION
aml = apol_mls_level_create_from_qpol_level_datum(p, ql);
@@ -1031,7 +1031,7 @@ typedef struct apol_mls_level {} apol_mls_level_t;
fail:
return aml;
};
- ~apol_mls_level_t() {
+ ~apol_mls_level() {
apol_mls_level_destroy(&self);
};
void set_sens(apol_policy_t *p, char *sens) {
@@ -1128,7 +1128,7 @@ int apol_mls_cats_compare(apol_policy_t * p, const char *cat1, const char *cat2)
#endif
typedef struct apol_mls_range {} apol_mls_range_t;
%extend apol_mls_range_t {
- apol_mls_range_t() {
+ apol_mls_range() {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create();
@@ -1139,7 +1139,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_mls_range_t *in) {
+ apol_mls_range(apol_mls_range_t *in) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_mls_range(in);
@@ -1150,7 +1150,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_policy_t *p, const char *s) {
+ apol_mls_range(apol_policy_t *p, const char *s) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_string(p, s);
@@ -1161,7 +1161,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(const char *s) {
+ apol_mls_range(const char *s) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_literal(s);
@@ -1172,7 +1172,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- apol_mls_range_t(apol_policy_t *p, qpol_mls_range_t *in) {
+ apol_mls_range(apol_policy_t *p, qpol_mls_range_t *in) {
apol_mls_range_t *amr;
BEGIN_EXCEPTION
amr = apol_mls_range_create_from_qpol_mls_range(p, in);
@@ -1183,7 +1183,7 @@ typedef struct apol_mls_range {} apol_mls_range_t;
fail:
return amr;
};
- ~apol_mls_range_t() {
+ ~apol_mls_range() {
apol_mls_range_destroy(&self);
};
void set_low(apol_policy_t *p, apol_mls_level_t *lvl) {
@@ -1278,7 +1278,7 @@ int apol_mls_range_contain_subrange(apol_policy_t * p, const apol_mls_range_t *
/* apol level query */
typedef struct apol_level_query {} apol_level_query_t;
%extend apol_level_query_t {
- apol_level_query_t() {
+ apol_level_query() {
apol_level_query_t * alq;
BEGIN_EXCEPTION
alq = apol_level_query_create();
@@ -1289,7 +1289,7 @@ typedef struct apol_level_query {} apol_level_query_t;
fail:
return alq;
};
- ~apol_level_query_t() {
+ ~apol_level_query() {
apol_level_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1329,7 +1329,7 @@ typedef struct apol_level_query {} apol_level_query_t;
/* apol cat query */
typedef struct apol_cat_query {} apol_cat_query_t;
%extend apol_cat_query_t {
- apol_cat_query_t() {
+ apol_cat_query() {
apol_cat_query_t * acq;
BEGIN_EXCEPTION
acq = apol_cat_query_create();
@@ -1340,7 +1340,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
fail:
return acq;
};
- ~apol_cat_query_t() {
+ ~apol_cat_query() {
apol_cat_query_destroy(&self);
};
%newobject run(apol_policy_t *);
@@ -1379,7 +1379,7 @@ typedef struct apol_cat_query {} apol_cat_query_t;
#endif
typedef struct apol_user_query {} apol_user_query_t;
%extend apol_user_query_t {
- apol_user_query_t() {
+ apol_user_query() {
apol_user_query_t *auq;
BEGIN_EXCEPTION
auq = apol_user_query_create();
@@ -1390,7 +1390,7 @@ typedef struct apol_user_query {} apol_user_query_t;
fail:
return auq;
};
- ~apol_user_query_t() {
+ ~apol_user_query() {
apol_user_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1448,7 +1448,7 @@ typedef struct apol_user_query {} apol_user_query_t;
/* apol context */
typedef struct apol_context {} apol_context_t;
%extend apol_context_t {
- apol_context_t() {
+ apol_context() {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create();
@@ -1459,7 +1459,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- apol_context_t(apol_policy_t *p, qpol_context_t *in) {
+ apol_context(apol_policy_t *p, qpol_context_t *in) {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create_from_qpol_context(p, in);
@@ -1470,7 +1470,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- apol_context_t(const char *str) {
+ apol_context(const char *str) {
apol_context_t *ctx;
BEGIN_EXCEPTION
ctx = apol_context_create_from_literal(str);
@@ -1481,7 +1481,7 @@ typedef struct apol_context {} apol_context_t;
fail:
return ctx;
};
- ~apol_context_t() {
+ ~apol_context() {
apol_context_destroy(&self);
};
void set_user(apol_policy_t *p, char *name) {
@@ -1583,7 +1583,7 @@ int apol_context_compare(apol_policy_t * p, apol_context_t * target, apol_contex
/* apol constraint query */
typedef struct apol_constraint_query {} apol_constraint_query_t;
%extend apol_constraint_query_t {
- apol_constraint_query_t() {
+ apol_constraint_query() {
apol_constraint_query_t *acq;
BEGIN_EXCEPTION
acq = apol_constraint_query_create();
@@ -1594,7 +1594,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
fail:
return acq;
};
- ~apol_constraint_query_t() {
+ ~apol_constraint_query() {
apol_constraint_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1634,7 +1634,7 @@ typedef struct apol_constraint_query {} apol_constraint_query_t;
/* apol validatetrans query */
typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
%extend apol_validatetrans_query_t {
- apol_validatetrans_query_t() {
+ apol_validatetrans_query() {
apol_validatetrans_query_t *avq;
BEGIN_EXCEPTION
avq = apol_validatetrans_query_create();
@@ -1645,7 +1645,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
fail:
return avq;
};
- ~apol_validatetrans_query_t() {
+ ~apol_validatetrans_query() {
apol_validatetrans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1684,7 +1684,7 @@ typedef struct apol_validatetrans_query {} apol_validatetrans_query_t;
#endif
typedef struct apol_genfscon_query {} apol_genfscon_query_t;
%extend apol_genfscon_query_t {
- apol_genfscon_query_t() {
+ apol_genfscon_query() {
apol_genfscon_query_t *agq;
BEGIN_EXCEPTION
agq = apol_genfscon_query_create();
@@ -1695,7 +1695,7 @@ typedef struct apol_genfscon_query {} apol_genfscon_query_t;
fail:
return agq;
};
- ~apol_genfscon_query_t() {
+ ~apol_genfscon_query() {
apol_genfscon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1746,7 +1746,7 @@ char *apol_genfscon_render(apol_policy_t * p, qpol_genfscon_t * genfscon);
/* apol fs_use query */
typedef struct apol_fs_use_query {} apol_fs_use_query_t;
%extend apol_fs_use_query_t {
- apol_fs_use_query_t() {
+ apol_fs_use_query() {
apol_fs_use_query_t *afq;
BEGIN_EXCEPTION
afq = apol_fs_use_query_create();
@@ -1757,7 +1757,7 @@ typedef struct apol_fs_use_query {} apol_fs_use_query_t;
fail:
return afq;
};
- ~apol_fs_use_query_t() {
+ ~apol_fs_use_query() {
apol_fs_use_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1799,7 +1799,7 @@ char *apol_fs_use_render(apol_policy_t * p, qpol_fs_use_t * fsuse);
/* apol initial sid query */
typedef struct apol_isid_query {} apol_isid_query_t;
%extend apol_isid_query_t {
- apol_isid_query_t() {
+ apol_isid_query() {
apol_isid_query_t *aiq;
BEGIN_EXCEPTION
aiq = apol_isid_query_create();
@@ -1810,7 +1810,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
fail:
return aiq;
};
- ~apol_isid_query_t() {
+ ~apol_isid_query() {
apol_isid_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1841,7 +1841,7 @@ typedef struct apol_isid_query {} apol_isid_query_t;
/* apol portcon query */
typedef struct apol_portcon_query {} apol_portcon_query_t;
%extend apol_portcon_query_t {
- apol_portcon_query_t() {
+ apol_portcon_query() {
apol_portcon_query_t *apq;
BEGIN_EXCEPTION
apq = apol_portcon_query_create();
@@ -1852,7 +1852,7 @@ typedef struct apol_portcon_query {} apol_portcon_query_t;
fail:
return apq;
};
- ~apol_portcon_query_t() {
+ ~apol_portcon_query() {
apol_portcon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1885,7 +1885,7 @@ char *apol_portcon_render(apol_policy_t * p, qpol_portcon_t * portcon);
/* apol netifcon query */
typedef struct apol_netifcon_query {} apol_netifcon_query_t;
%extend apol_netifcon_query_t {
- apol_netifcon_query_t() {
+ apol_netifcon_query() {
apol_netifcon_query_t *anq;
BEGIN_EXCEPTION
anq = apol_netifcon_query_create();
@@ -1896,7 +1896,7 @@ typedef struct apol_netifcon_query {} apol_netifcon_query_t;
fail:
return anq;
};
- ~apol_netifcon_query_t() {
+ ~apol_netifcon_query() {
apol_netifcon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -1932,7 +1932,7 @@ char *apol_netifcon_render(apol_policy_t * p, qpol_netifcon_t * netifcon);
/* apol nodecon query */
typedef struct apol_nodecon_query {} apol_nodecon_query_t;
%extend apol_nodecon_query_t {
- apol_nodecon_query_t() {
+ apol_nodecon_query() {
apol_nodecon_query_t *anq;
BEGIN_EXCEPTION
anq = apol_nodecon_query_create();
@@ -1943,7 +1943,7 @@ typedef struct apol_nodecon_query {} apol_nodecon_query_t;
fail:
return anq;
};
- ~apol_nodecon_query_t() {
+ ~apol_nodecon_query() {
apol_nodecon_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2012,7 +2012,7 @@ char *apol_nodecon_render(apol_policy_t * p, qpol_nodecon_t * nodecon);
/* apol avrule query */
typedef struct apol_avrule_query {} apol_avrule_query_t;
%extend apol_avrule_query_t {
- apol_avrule_query_t() {
+ apol_avrule_query() {
apol_avrule_query_t *avq;
BEGIN_EXCEPTION
avq = apol_avrule_query_create();
@@ -2023,7 +2023,7 @@ typedef struct apol_avrule_query {} apol_avrule_query_t;
fail:
return avq;
};
- ~apol_avrule_query_t() {
+ ~apol_avrule_query() {
apol_avrule_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2163,7 +2163,7 @@ char *apol_syn_avrule_render(apol_policy_t * policy, qpol_syn_avrule_t * rule);
/* apol terule query */
typedef struct apol_terule_query {} apol_terule_query_t;
%extend apol_terule_query_t {
- apol_terule_query_t() {
+ apol_terule_query() {
apol_terule_query_t *atq;
BEGIN_EXCEPTION
atq = apol_terule_query_create();
@@ -2174,7 +2174,7 @@ typedef struct apol_terule_query {} apol_terule_query_t;
fail:
return atq;
};
- ~apol_terule_query_t() {
+ ~apol_terule_query() {
apol_terule_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2287,7 +2287,7 @@ apol_vector_t *apol_terule_list_to_syn_terules(apol_policy_t * p, apol_vector_t
/* apol cond rule query */
typedef struct apol_cond_query {} apol_cond_query_t;
%extend apol_cond_query_t {
- apol_cond_query_t() {
+ apol_cond_query() {
apol_cond_query_t *acq;
BEGIN_EXCEPTION
acq = apol_cond_query_create();
@@ -2298,7 +2298,7 @@ typedef struct apol_cond_query {} apol_cond_query_t;
fail:
return acq;
};
- ~apol_cond_query_t() {
+ ~apol_cond_query() {
apol_cond_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2331,7 +2331,7 @@ char *apol_cond_expr_render(apol_policy_t * p, qpol_cond_t * cond);
/* apol role allow query */
typedef struct apol_role_allow_query {} apol_role_allow_query_t;
%extend apol_role_allow_query_t {
- apol_role_allow_query_t() {
+ apol_role_allow_query() {
apol_role_allow_query_t *arq;
BEGIN_EXCEPTION
arq = apol_role_allow_query_create();
@@ -2342,7 +2342,7 @@ typedef struct apol_role_allow_query {} apol_role_allow_query_t;
fail:
return arq;
};
- ~apol_role_allow_query_t() {
+ ~apol_role_allow_query() {
apol_role_allow_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2387,7 +2387,7 @@ char *apol_role_allow_render(apol_policy_t * policy, qpol_role_allow_t * rule);
/* apol role transition rule query */
typedef struct apol_role_trans_query {} apol_role_trans_query_t;
%extend apol_role_trans_query_t {
- apol_role_trans_query_t() {
+ apol_role_trans_query() {
apol_role_trans_query_t *arq;
BEGIN_EXCEPTION
arq = apol_role_trans_query_create();
@@ -2398,7 +2398,7 @@ typedef struct apol_role_trans_query {} apol_role_trans_query_t;
fail:
return arq;
};
- ~apol_role_trans_query_t() {
+ ~apol_role_trans_query() {
apol_role_trans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2452,7 +2452,7 @@ char *apol_role_trans_render(apol_policy_t * policy, qpol_role_trans_t * rule);
/* apol range transition rule query */
typedef struct apol_range_trans_query {} apol_range_trans_query_t;
%extend apol_range_trans_query_t {
- apol_range_trans_query_t() {
+ apol_range_trans_query() {
apol_range_trans_query_t *arq;
BEGIN_EXCEPTION
arq = apol_range_trans_query_create();
@@ -2463,7 +2463,7 @@ typedef struct apol_range_trans_query {} apol_range_trans_query_t;
fail:
return arq;
};
- ~apol_range_trans_query_t() {
+ ~apol_range_trans_query() {
apol_range_trans_query_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2531,7 +2531,7 @@ char *apol_range_trans_render(apol_policy_t * policy, qpol_range_trans_t * rule)
#define APOL_DOMAIN_TRANS_SEARCH_BOTH (APOL_DOMAIN_TRANS_SEARCH_VALID|APOL_DOMAIN_TRANS_SEARCH_INVALID)
typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
%extend apol_domain_trans_analysis_t {
- apol_domain_trans_analysis_t() {
+ apol_domain_trans_analysis() {
apol_domain_trans_analysis_t *dta;
BEGIN_EXCEPTION
dta = apol_domain_trans_analysis_create();
@@ -2542,7 +2542,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
fail:
return dta;
};
- ~apol_domain_trans_analysis_t() {
+ ~apol_domain_trans_analysis() {
apol_domain_trans_analysis_destroy(&self);
};
void set_direction(apol_policy_t *p, int direction) {
@@ -2622,7 +2622,7 @@ typedef struct apol_domain_trans_analysis {} apol_domain_trans_analysis_t;
};
typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
%extend apol_domain_trans_result_t {
- apol_domain_trans_result_t(apol_domain_trans_result_t *in) {
+ apol_domain_trans_result(apol_domain_trans_result_t *in) {
apol_domain_trans_result_t *dtr;
BEGIN_EXCEPTION
dtr = apol_domain_trans_result_create_from_domain_trans_result(in);
@@ -2633,7 +2633,7 @@ typedef struct apol_domain_trans_result {} apol_domain_trans_result_t;
fail:
return dtr;
};
- ~apol_domain_trans_result_t() {
+ ~apol_domain_trans_result() {
apol_domain_trans_result_destroy(&self);
};
const qpol_type_t *get_start_type() {
@@ -2705,14 +2705,14 @@ int apol_domain_trans_table_verify_trans(apol_policy_t * policy, qpol_type_t * s
%}
typedef struct apol_infoflow {} apol_infoflow_t;
%extend apol_infoflow_t {
- apol_infoflow_t() {
+ apol_infoflow() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_t() {
+ ~apol_infoflow() {
apol_infoflow_destroy(&self);
};
%newobject extract_graph();
@@ -2730,7 +2730,7 @@ typedef struct apol_infoflow {} apol_infoflow_t;
};
typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
%extend apol_infoflow_analysis_t {
- apol_infoflow_analysis_t() {
+ apol_infoflow_analysis() {
apol_infoflow_analysis_t *aia;
BEGIN_EXCEPTION
aia = apol_infoflow_analysis_create();
@@ -2741,7 +2741,7 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
fail:
return aia;
};
- ~apol_infoflow_analysis_t() {
+ ~apol_infoflow_analysis() {
apol_infoflow_analysis_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -2823,14 +2823,14 @@ typedef struct apol_infoflow_analysis {} apol_infoflow_analysis_t;
};
typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
%extend apol_infoflow_graph_t {
- apol_infoflow_graph_t() {
+ apol_infoflow_graph() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_graph_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_graph_t() {
+ ~apol_infoflow_graph() {
apol_infoflow_graph_destroy(&self);
};
%newobject do_more(apol_policy_t*, char*);
@@ -2867,14 +2867,14 @@ typedef struct apol_infoflow_graph {} apol_infoflow_graph_t;
};
typedef struct apol_infoflow_result {} apol_infoflow_result_t;
%extend apol_infoflow_result_t {
- apol_infoflow_result_t() {
+ apol_infoflow_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_result_t() {
+ ~apol_infoflow_result() {
/* no op - vector will destroy */
return;
};
@@ -2901,14 +2901,14 @@ typedef struct apol_infoflow_result {} apol_infoflow_result_t;
%}
typedef struct apol_infoflow_step {} apol_infoflow_step_t;
%extend apol_infoflow_step_t {
- apol_infoflow_step_t() {
+ apol_infoflow_step() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_infoflow_step_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_infoflow_step_t() {
+ ~apol_infoflow_step() {
/* no op */
return;
};
@@ -2938,7 +2938,7 @@ typedef struct apol_infoflow_step {} apol_infoflow_step_t;
#define APOL_RELABEL_DIR_SUBJECT 0x04
typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
%extend apol_relabel_analysis_t {
- apol_relabel_analysis_t() {
+ apol_relabel_analysis() {
apol_relabel_analysis_t *ara;
BEGIN_EXCEPTION
ara = apol_relabel_analysis_create();
@@ -2949,7 +2949,7 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
fail:
return ara;
};
- ~apol_relabel_analysis_t() {
+ ~apol_relabel_analysis() {
apol_relabel_analysis_destroy(&self);
};
%newobject run(apol_policy_t*);
@@ -3011,14 +3011,14 @@ typedef struct apol_relabel_analysis {} apol_relabel_analysis_t;
};
typedef struct apol_relabel_result {} apol_relabel_result_t;
%extend apol_relabel_result_t {
- apol_relabel_result_t() {
+ apol_relabel_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_relabel_result_t() {
+ ~apol_relabel_result() {
/* no op - vector will destroy */
return;
};
@@ -3042,14 +3042,14 @@ typedef struct apol_relabel_result {} apol_relabel_result_t;
%}
typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
%extend apol_relabel_result_pair_t {
- apol_relabel_result_pair_t() {
+ apol_relabel_result_pair() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_relabel_result_pair_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_relabel_result_pair_t() {
+ ~apol_relabel_result_pair() {
/* no op - owned and free()'d by apol_relabel_result_t */
return;
};
@@ -3084,7 +3084,7 @@ typedef struct apol_relabel_result_pair {} apol_relabel_result_pair_t;
#define APOL_TYPES_RELATION_TRANS_FLOW_BA 0x8000
typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
%extend apol_types_relation_analysis_t {
- apol_types_relation_analysis_t() {
+ apol_types_relation_analysis() {
apol_types_relation_analysis_t *atr;
BEGIN_EXCEPTION
atr = apol_types_relation_analysis_create();
@@ -3095,7 +3095,7 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
fail:
return atr;
};
- ~apol_types_relation_analysis_t() {
+ ~apol_types_relation_analysis() {
apol_types_relation_analysis_destroy(&self);
}
%newobject run(apol_policy_t*);
@@ -3139,14 +3139,14 @@ typedef struct apol_types_relation_analysis {} apol_types_relation_analysis_t;
};
typedef struct apol_types_relation_result {} apol_types_relation_result_t;
%extend apol_types_relation_result_t {
- apol_types_relation_result_t() {
+ apol_types_relation_result() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_result_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_types_relation_result_t() {
+ ~apol_types_relation_result() {
apol_types_relation_result_destroy(&self);
};
const apol_vector_t *get_attributes() {
@@ -3194,14 +3194,14 @@ typedef struct apol_types_relation_result {} apol_types_relation_result_t;
};
typedef struct apol_types_relation_access {} apol_types_relation_access_t;
%extend apol_types_relation_access_t {
- apol_types_relation_access_t() {
+ apol_types_relation_access() {
BEGIN_EXCEPTION
SWIG_exception(SWIG_RuntimeError, "Cannot directly create apol_types_relation_access_t objects");
END_EXCEPTION
fail:
return NULL;
};
- ~apol_types_relation_access_t() {
+ ~apol_types_relation_access() {
/* no op - vector will destroy */
return;
};
--

24
0014-boolsub.patch
View File

@ -1,24 +0,0 @@
diff -up ./setools-3.3.7/secmds/seinfo.c~ ./setools-3.3.7/secmds/seinfo.c
--- ./setools-3.3.7/secmds/seinfo.c~ 2013-03-14 15:26:31.467121596 -0400
+++ ./setools-3.3.7/secmds/seinfo.c 2013-03-14 15:35:20.154650517 -0400
@@ -1705,7 +1705,7 @@ int main(int argc, char **argv)
case 'b': /* conditional booleans */
bools = 1;
if (optarg != 0)
- bool_name = optarg;
+ bool_name = selinux_boolean_sub(optarg);
break;
case OPT_INITIALSID:
isids = 1;
diff -up ./setools-3.3.7/secmds/sesearch.c~ ./setools-3.3.7/secmds/sesearch.c
--- ./setools-3.3.7/secmds/sesearch.c~ 2013-03-14 15:26:31.539121944 -0400
+++ ./setools-3.3.7/secmds/sesearch.c 2013-03-14 15:34:36.615445562 -0400
@@ -1056,7 +1056,7 @@ int main(int argc, char **argv)
printf("Missing boolean for -b (--bool)\n");
exit(1);
}
- cmd_opts.bool_name = strdup(optarg);
+ cmd_opts.bool_name = strdup(selinux_boolean_sub(optarg));
if (!cmd_opts.bool_name) {
fprintf(stderr, "%s\n", strerror(errno));
exit(1);

82
0015-aliases.patch
View File

@ -1,82 +0,0 @@
diff -up setools-3.3.7/libapol/src/policy-query.c~ setools-3.3.7/libapol/src/policy-query.c
diff -up setools-3.3.7/libqpol/include/qpol/type_query.h~ setools-3.3.7/libqpol/include/qpol/type_query.h
diff -up setools-3.3.7/libqpol/tests/iterators-tests.c~ setools-3.3.7/libqpol/tests/iterators-tests.c
diff -up setools-3.3.7/secmds/seinfo.c~ setools-3.3.7/secmds/seinfo.c
--- setools-3.3.7/secmds/seinfo.c~ 2013-03-25 11:30:23.161633059 -0400
+++ setools-3.3.7/secmds/seinfo.c 2013-03-28 13:08:07.281751011 -0400
@@ -46,6 +46,7 @@
#include <string.h>
#include <assert.h>
#include <getopt.h>
+#include <selinux/selinux.h>
#define COPYRIGHT_INFO "Copyright (C) 2003-2007 Tresys Technology, LLC"
@@ -54,6 +55,7 @@
static char *policy_file = NULL;
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb);
static void print_type_attrs(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
static void print_attr_types(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb, const int expand);
static void print_user_roles(FILE * fp, const qpol_user_t * user_datum, const apol_policy_t * policydb, const int expand);
@@ -511,6 +513,7 @@ static int print_types(FILE * fp, const
if (qpol_policy_get_type_by_name(q, name, &type_datum))
goto cleanup;
print_type_attrs(fp, type_datum, policydb, expand);
+ print_type_aliases(fp, type_datum, policydb);
} else {
if (qpol_policy_get_type_iter(q, &iter))
goto cleanup;
@@ -1897,6 +1900,51 @@ int main(int argc, char **argv)
}
/**
+ * Prints the alias of a type.
+ *
+ * @param fp Reference to a file to which to print type information
+ * @param type_datum Reference to sepol type_datum
+ * @param policydb Reference to a policy
+ * attributes
+ */
+static void print_type_aliases(FILE * fp, const qpol_type_t * type_datum, const apol_policy_t * policydb)
+{
+ qpol_iterator_t *iter = NULL;
+ size_t alias_size;
+ unsigned char isattr, isalias;
+ const char *type_name = NULL;
+ const char *alias_name;
+ qpol_policy_t *q = apol_policy_get_qpol(policydb);
+
+ if (qpol_type_get_name(q, type_datum, &type_name))
+ goto cleanup;
+ if (qpol_type_get_isattr(q, type_datum, &isattr))
+ goto cleanup;
+ if (qpol_type_get_isalias(q, type_datum, &isalias))
+ goto cleanup;
+
+ if (isalias) {
+ fprintf(fp, " TypeName %s\n", type_name);
+ }
+ if (qpol_type_get_alias_iter(q, type_datum, &iter))
+ goto cleanup;
+ if (qpol_iterator_get_size(iter, &alias_size))
+ goto cleanup;
+ if (alias_size > 0) {
+ fprintf(fp, " Aliases\n");
+ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
+ if (qpol_iterator_get_item(iter, (void **)&alias_name))
+ goto cleanup;
+ fprintf(fp, " %s\n", alias_name);
+ }
+ }
+
+ cleanup:
+ qpol_iterator_destroy(&iter);
+ return;
+}
+
+/**
* Prints a textual representation of a type, and possibly
* all of that type's attributes.
*

107
0016-cmdline.patch
View File

@ -1,107 +0,0 @@
diff -up setools-3.3.7/man/sesearch.1.cmdline setools-3.3.7/man/sesearch.1
--- setools-3.3.7/man/sesearch.1.cmdline 2008-02-22 14:06:28.000000000 -0500
+++ setools-3.3.7/man/sesearch.1 2013-07-19 06:46:21.314068667 -0400
@@ -43,7 +43,7 @@ Search for allow rules.
Search for neverallow rules.
.IP "--auditallow"
Search for auditallow rules.
-.IP "--dontaudit"
+.IP "-D, --dontaudit"
Search for dontaudit rules.
.IP "-T, --type"
Search for type_transition, type_member, and type_change rules.
diff -up setools-3.3.7/secmds/sesearch.c.cmdline setools-3.3.7/secmds/sesearch.c
--- setools-3.3.7/secmds/sesearch.c.cmdline 2013-07-19 06:46:21.291068510 -0400
+++ setools-3.3.7/secmds/sesearch.c 2013-07-19 06:48:12.962830868 -0400
@@ -24,6 +24,7 @@
*/
#include <config.h>
+#include <selinux/selinux.h>
/* libapol */
#include <apol/policy.h>
@@ -61,9 +62,8 @@ enum opt_values
static struct option const longopts[] = {
{"allow", no_argument, NULL, 'A'},
{"neverallow", no_argument, NULL, RULE_NEVERALLOW},
- {"audit", no_argument, NULL, RULE_AUDIT},
{"auditallow", no_argument, NULL, RULE_AUDITALLOW},
- {"dontaudit", no_argument, NULL, RULE_DONTAUDIT},
+ {"dontaudit", no_argument, NULL, 'D'},
{"type", no_argument, NULL, 'T'},
{"role_allow", no_argument, NULL, RULE_ROLE_ALLOW},
{"role_trans", no_argument, NULL, RULE_ROLE_TRANS},
@@ -72,7 +72,6 @@ static struct option const longopts[] =
{"source", required_argument, NULL, 's'},
{"target", required_argument, NULL, 't'},
- {"default", required_argument, NULL, 'D'},
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
{"class", required_argument, NULL, 'c'},
@@ -129,7 +128,7 @@ void usage(const char *program_name, int
printf(" -A, --allow allow rules\n");
printf(" --neverallow neverallow rules\n");
printf(" --auditallow auditallow rules\n");
- printf(" --dontaudit dontaudit rules\n");
+ printf(" -D, --dontaudit dontaudit rules\n");
printf(" -T, --type type_trans, type_member, and type_change\n");
printf(" --role_allow role allow rules\n");
printf(" --role_trans role_transition rules\n");
@@ -666,10 +665,6 @@ static void print_ft_results(const apol_
size_t i, num_filename_trans = 0;
const qpol_filename_trans_t *filename_trans = NULL;
char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
- char enable_char = ' ', branch_char = ' ';
- qpol_iterator_t *iter = NULL;
- const qpol_cond_t *cond = NULL;
- uint32_t enabled = 0, list = 0;
if (!(num_filename_trans = apol_vector_get_size(v)))
goto cleanup;
@@ -677,7 +672,6 @@ static void print_ft_results(const apol_
fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
for (i = 0; i < num_filename_trans; i++) {
- enable_char = branch_char = ' ';
if (!(filename_trans = apol_vector_get_element(v, i)))
goto cleanup;
@@ -962,7 +956,7 @@ int main(int argc, char **argv)
memset(&cmd_opts, 0, sizeof(cmd_opts));
cmd_opts.indirect = true;
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dDRnSChV", longopts, NULL)) != -1) {
switch (optc) {
case 0:
break;
@@ -978,18 +972,6 @@ int main(int argc, char **argv)
exit(1);
}
break;
- case 'D': /* source */
- if (optarg == 0) {
- usage(argv[0], 1);
- printf("Missing source default type for -D (--default)\n");
- exit(1);
- }
- cmd_opts.default_name = strdup(optarg);
- if (!cmd_opts.default_name) {
-
- exit(1);
- }
- break;
case 't': /* target */
if (optarg == 0) {
usage(argv[0], 1);
@@ -1082,7 +1064,7 @@ int main(int argc, char **argv)
case RULE_AUDITALLOW:
cmd_opts.auditallow = true;
break;
- case RULE_DONTAUDIT:
+ case 'D':
cmd_opts.dontaudit = true;
break;
case 'T': /* type */

101
0017-update-to-libsepool-2.4-parser.patch
View File

@ -1,101 +0,0 @@
From 0e41755e0364df7666f286a3b6f8d663933c3149 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 4 Feb 2015 14:34:47 -0500
Subject: [PATCH] Update to libsepol 2.4 parser.
There was a struct change internally. Now setools requires libsepol 2.4.
---
README | 4 ++--
libqpol/src/policy_define.c | 4 ++--
libqpol/src/policy_extend.c | 4 ++--
libqpol/src/syn_rule_query.c | 6 +++---
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/README b/README
index 04b159b..c08d786 100644
--- a/README
+++ b/README
@@ -71,8 +71,8 @@ compilation:
bison
pkg-config 0.23 or greater
libselinux 2.0.87 or greater
- libsepol 2.0.38 or greater
- libsepol-static 2.0.38 or greater
+ libsepol 2.4 or greater
+ libsepol-static 2.4 or greater
libxml2
sqlite 3.6.20 or greater
diff --git a/libqpol/src/policy_define.c b/libqpol/src/policy_define.c
index fad6b60..231962f 100644
--- a/libqpol/src/policy_define.c
+++ b/libqpol/src/policy_define.c
@@ -1449,7 +1449,7 @@ int define_compute_type_helper(int which, avrule_t ** rule)
return -1;
}
class_perm_node_init(perm);
- perm->class = i + 1;
+ perm->tclass = i + 1;
perm->data = datum->s.value;
perm->next = avrule->perms;
avrule->perms = perm;
@@ -1699,7 +1699,7 @@ int define_te_avtab_helper(int which, avrule_t ** rule)
goto out;
}
class_perm_node_init(cur_perms);
- cur_perms->class = i + 1;
+ cur_perms->tclass = i + 1;
if (!perms)
perms = cur_perms;
if (tail)
diff --git a/libqpol/src/policy_extend.c b/libqpol/src/policy_extend.c
index 5325a87..1417271 100644
--- a/libqpol/src/policy_extend.c
+++ b/libqpol/src/policy_extend.c
@@ -843,7 +843,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_
for (class_node = rule->perms; class_node; class_node = class_node->next) {
key.rule_type = rule->specified;
key.source_val = key.target_val = i + 1;
- key.class_val = class_node->class;
+ key.class_val = class_node->tclass;
key.cond = cond;
if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
goto err;
@@ -856,7 +856,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_
key.rule_type = rule->specified;
key.source_val = i + 1;
key.target_val = j + 1;
- key.class_val = class_node->class;
+ key.class_val = class_node->tclass;
key.cond = cond;
if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
goto err;
diff --git a/libqpol/src/syn_rule_query.c b/libqpol/src/syn_rule_query.c
index 3e63204..d7578f1 100644
--- a/libqpol/src/syn_rule_query.c
+++ b/libqpol/src/syn_rule_query.c
@@ -67,7 +67,7 @@ static void *syn_rule_class_state_get_cur(const qpol_iterator_t * iter)
return NULL;
}
- return db->class_val_to_struct[srcs->cur->class - 1];
+ return db->class_val_to_struct[srcs->cur->tclass - 1];
}
static int syn_rule_class_state_next(qpol_iterator_t * iter)
@@ -465,10 +465,10 @@ int qpol_syn_avrule_get_perm_iter(const qpol_policy_t * policy, const qpol_syn_a
}
for (node = internal_rule->perms; node; node = node->next) {
- for (i = 0; i < db->class_val_to_struct[node->class - 1]->permissions.nprim; i++) {
+ for (i = 0; i < db->class_val_to_struct[node->tclass - 1]->permissions.nprim; i++) {
if (!(node->data & (1 << i)))
continue;
- tmp = sepol_av_to_string(db, node->class, (sepol_access_vector_t) (1 << i));
+ tmp = sepol_av_to_string(db, node->tclass, (sepol_access_vector_t) (1 << i));
if (tmp) {
tmp++; /* remove prepended space */
for (cur = 0; cur < perm_list_sz; cur++)
--
1.8.3.1

119
setools-exitstatus.patch
View File

@ -1,119 +0,0 @@
diff -up setools-3.3.7/secmds/seinfo.c.exitstatus setools-3.3.7/secmds/seinfo.c
--- setools-3.3.7/secmds/seinfo.c.exitstatus 2010-05-03 12:39:02.000000000 -0400
+++ setools-3.3.7/secmds/seinfo.c 2010-11-05 09:54:39.000000000 -0400
@@ -827,7 +827,7 @@ static int print_sens(FILE * fp, const c
*/
static int print_cats(FILE * fp, const char *name, int expand, const apol_policy_t * policydb)
{
- int retval = 0;
+ int retval = -1;
apol_cat_query_t *query = NULL;
apol_vector_t *v = NULL;
const qpol_cat_t *cat_datum = NULL;
@@ -911,9 +911,10 @@ static int print_fsuse(FILE * fp, const
fprintf(fp, " %s\n", tmp);
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No fs_use statement for filesystem of type %s.", type);
-
+ goto cleanup;
+ }
retval = 0;
cleanup:
apol_fs_use_query_destroy(&query);
@@ -949,7 +950,6 @@ static int print_genfscon(FILE * fp, con
ERR(policydb, "%s", strerror(ENOMEM));
goto cleanup;
}
-
if (apol_genfscon_query_set_filesystem(policydb, query, type))
goto cleanup;
if (apol_genfscon_get_by_query(policydb, query, &v))
@@ -967,8 +967,10 @@ static int print_genfscon(FILE * fp, con
free(tmp);
}
- if (type && !apol_vector_get_size(v))
+ if (type && !apol_vector_get_size(v)) {
ERR(policydb, "No genfscon statement for filesystem of type %s.", type);
+ goto cleanup;
+ }
retval = 0;
cleanup:
@@ -1646,6 +1648,7 @@ cleanup: // close and destroy iterators
int main(int argc, char **argv)
{
+ int rc = 0;
int classes, types, attribs, roles, users, all, expand, stats, rt, optc, isids, bools, sens, cats, fsuse, genfs, netif,
node, port, permissives, polcaps, constrain, linebreaks;
apol_policy_t *policydb = NULL;
@@ -1851,46 +1854,46 @@ int main(int argc, char **argv)
/* display requested info */
if (stats || all)
- print_stats(stdout, policydb);
+ rc = print_stats(stdout, policydb);
if (classes || all)
- print_classes(stdout, class_name, expand, policydb);
+ rc = print_classes(stdout, class_name, expand, policydb);
if (types || all)
- print_types(stdout, type_name, expand, policydb);
+ rc = print_types(stdout, type_name, expand, policydb);
if (attribs || all)
- print_attribs(stdout, attrib_name, expand, policydb);
+ rc = print_attribs(stdout, attrib_name, expand, policydb);
if (roles || all)
- print_roles(stdout, role_name, expand, policydb);
+ rc = print_roles(stdout, role_name, expand, policydb);
if (users || all)
- print_users(stdout, user_name, expand, policydb);
+ rc = print_users(stdout, user_name, expand, policydb);
if (bools || all)
- print_booleans(stdout, bool_name, expand, policydb);
+ rc = print_booleans(stdout, bool_name, expand, policydb);
if (sens || all)
- print_sens(stdout, sens_name, expand, policydb);
+ rc = print_sens(stdout, sens_name, expand, policydb);
if (cats || all)
- print_cats(stdout, cat_name, expand, policydb);
+ rc = print_cats(stdout, cat_name, expand, policydb);
if (fsuse || all)
- print_fsuse(stdout, fsuse_type, policydb);
+ rc = print_fsuse(stdout, fsuse_type, policydb);
if (genfs || all)
- print_genfscon(stdout, genfs_type, policydb);
+ rc = print_genfscon(stdout, genfs_type, policydb);
if (netif || all)
- print_netifcon(stdout, netif_name, policydb);
+ rc = print_netifcon(stdout, netif_name, policydb);
if (node || all)
- print_nodecon(stdout, node_addr, policydb);
+ rc = print_nodecon(stdout, node_addr, policydb);
if (port || all)
- print_portcon(stdout, port_num, protocol, policydb);
+ rc = print_portcon(stdout, port_num, protocol, policydb);
if (isids || all)
- print_isids(stdout, isid_name, expand, policydb);
+ rc = print_isids(stdout, isid_name, expand, policydb);
if (permissives || all)
- print_permissives(stdout, permissive_name, expand, policydb);
+ rc = print_permissives(stdout, permissive_name, expand, policydb);
if (polcaps || all)
- print_polcaps(stdout, polcap_name, expand, policydb);
+ rc = print_polcaps(stdout, polcap_name, expand, policydb);
if (constrain || all)
- print_constraints(stdout, expand, policydb, linebreaks);
+ rc = print_constraints(stdout, expand, policydb, linebreaks);
apol_policy_destroy(&policydb);
apol_policy_path_destroy(&pol_path);
free(policy_file);
- exit(0);
+ exit(rc);
}
/**

15
setools-neverallow.patch
View File

@ -1,15 +0,0 @@
diff -up setools-3.3.7/libqpol/src/avrule_query.c~ setools-3.3.7/libqpol/src/avrule_query.c
--- setools-3.3.7/libqpol/src/avrule_query.c~ 2010-04-23 12:22:08.000000000 -0400
+++ setools-3.3.7/libqpol/src/avrule_query.c 2011-01-06 10:42:50.000000000 -0500
@@ -57,8 +57,9 @@ int qpol_policy_get_avrule_iter(const qp
if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
- errno = ENOTSUP;
- return STATUS_ERR;
+/* errno = ENOTSUP;
+ return STATUS_ERR; */
+ return STATUS_SUCCESS;
}
db = &policy->p->p;

2747
setools-python.patch
View File

File diff suppressed because it is too large Load Diff