SETools 4.3.0 release

- Revised sediff method for TE rules. This drastically reduced memory and run time.
- Added infiniband context support to seinfo, sediff, and apol.
- Added apol configuration for location of Qt assistant.
- Fixed sediff issue where properties header would display when not requested.
- Fixed sediff issue with type_transition file name comparison.
- Fixed permission map socket sendto information flow direction.
- Added methods to TypeAttribute class to make it a complete Python collection.
- Genfscon now will look up classes rather than using fixed values which
    were dropped from libsepol.

.gitignore

@@ -8,3 +8,4 @@ setools-3.3.8-f1e5b20.tar.bz2
 /4.2.0.tar.gz
 /4.2.1.tar.gz
 /4.2.2.tar.gz
+/4.3.0.tar.gz

1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch

@@ -1,7 +1,7 @@
-From b960869bcbcb58f2ce9af598484f209935c096b0 Mon Sep 17 00:00:00 2001
+From 0575455a0abda5ee63c442433384268a959c4fbc Mon Sep 17 00:00:00 2001
 From: Vit Mojzis <vmojzis@redhat.com>
 Date: Fri, 26 Apr 2019 15:27:25 +0200
-Subject: [PATCH 3/3] Do not export/use setools.InfoFlowAnalysis and
+Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and
  setools.DomainTransitionAnalysis
 
 dta and infoflow modules require networkx which brings lot of dependencies.
@@ -22,7 +22,7 @@ sedta and seinfoflow to require python3-networkx
  7 files changed, 8 insertions(+), 12 deletions(-)
 
 diff --git a/sedta b/sedta
-index 60861ca..41e38a2 100755
+index 60861ca630a5..41e38a237b42 100755
 --- a/sedta
 +++ b/sedta
 @@ -22,7 +22,7 @@ import argparse
@@ -44,7 +44,7 @@ index 60861ca..41e38a2 100755
      if args.shortest_path or args.all_paths:
          if args.shortest_path:
 diff --git a/seinfoflow b/seinfoflow
-index 97b14ba..e7f965d 100755
+index f10c39de4d8e..fee749a83bb5 100755
 --- a/seinfoflow
 +++ b/seinfoflow
 @@ -17,7 +17,7 @@
@@ -56,20 +56,20 @@ index 97b14ba..e7f965d 100755
  import argparse
  import sys
  import logging
-@@ -81,7 +81,7 @@ else:
+@@ -101,7 +101,7 @@ elif args.booleans is not None:
  try:
      p = setools.SELinuxPolicy(args.policy)
      m = setools.PermissionMap(args.map)
--    g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
-+    g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
+-    g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
++    g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
+                                  booleans=booleans)
  
      if args.shortest_path or args.all_paths:
-         if args.shortest_path:
 diff --git a/setools/__init__.py b/setools/__init__.py
-index 7b70f5e..5a5f7fe 100644
+index 26fa5aa34a19..b7e51c43c4bb 100644
 --- a/setools/__init__.py
 +++ b/setools/__init__.py
-@@ -73,12 +73,8 @@ from .pcideviceconquery import PcideviceconQuery
+@@ -75,12 +75,8 @@ from .pcideviceconquery import PcideviceconQuery
  from .devicetreeconquery import DevicetreeconQuery
  
  # Information Flow Analysis
@@ -83,7 +83,7 @@ index 7b70f5e..5a5f7fe 100644
  from .diff import PolicyDifference
  
 diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
-index 4608b9d..2cde44c 100644
+index 4608b9dbf34e..2cde44c142e9 100644
 --- a/setoolsgui/apol/dta.py
 +++ b/setoolsgui/apol/dta.py
 @@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
@@ -96,7 +96,7 @@ index 4608b9d..2cde44c 100644
  from ..logtosignal import LogHandlerToSignal
  from .analysistab import AnalysisTab
 diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
-index 7bca299..7fee277 100644
+index 7bca299d23fc..7fee2778f35f 100644
 --- a/setoolsgui/apol/infoflow.py
 +++ b/setoolsgui/apol/infoflow.py
 @@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
@@ -109,7 +109,7 @@ index 7bca299..7fee277 100644
  
  from ..logtosignal import LogHandlerToSignal
 diff --git a/tests/dta.py b/tests/dta.py
-index a0cc938..177e6fb 100644
+index a0cc9381469c..177e6fb0b961 100644
 --- a/tests/dta.py
 +++ b/tests/dta.py
 @@ -18,7 +18,7 @@
@@ -122,7 +122,7 @@ index a0cc938..177e6fb 100644
  from setools.exception import InvalidType
  from setools.policyrep import Type
 diff --git a/tests/infoflow.py b/tests/infoflow.py
-index aa0e44a..fca2848 100644
+index aa0e44a7e4f8..fca2848aeca5 100644
 --- a/tests/infoflow.py
 +++ b/tests/infoflow.py
 @@ -18,7 +18,7 @@
@@ -135,5 +135,5 @@ index aa0e44a..fca2848 100644
  from setools.exception import InvalidType
  from setools.permmap import PermissionMap
 -- 
-2.17.2
+2.26.0.rc2
 

1003-Require-networkx-on-package-level.patch

@@ -0,0 +1,24 @@
+From a2faa263c9dd8bcf51465861046e0406a84975c0 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Thu, 2 Apr 2020 16:06:14 +0200
+Subject: [PATCH] Require networkx on package level
+
+It allows us to ship python3-setools without dependency on python3-networkx
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 457c83049ca5..4bfd438002bb 100644
+--- a/setup.py
++++ b/setup.py
+@@ -170,5 +170,5 @@ setup(name='setools',
+       # setup also requires libsepol and libselinux
+       # C libraries and headers to compile.
+       setup_requires=['setuptools', 'Cython>=0.27'],
+-      install_requires=['setuptools', 'networkx>=2.0']
++      install_requires=['setuptools']
+       )
+-- 
+2.26.0.rc2
+

setools.spec

@@ -6,8 +6,8 @@
 
 
 Name:           setools
-Version:        4.2.2
-Release:        5%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
+Version:        4.3.0
+Release:        1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
 Summary:        Policy analysis tools for SELinux
 
 License:        GPLv2
@@ -17,7 +17,7 @@ Source1:        setools.pam
 Source2:        apol.desktop
 Patch1001:      1001-Do-not-use-Werror-during-build.patch
 Patch1002:      1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
-
+Patch1003:      1003-Require-networkx-on-package-level.patch
 Obsoletes:      setools < 4.0.0, setools-devel < 4.0.0
 BuildRequires:  flex,  bison
 BuildRequires:  glibc-devel, gcc, git
@@ -120,12 +120,17 @@ Python modules designed to facilitate SELinux policy analysis.
 %{_mandir}/man1/sediff*
 %{_mandir}/man1/seinfo*
 %{_mandir}/man1/sesearch*
+%{_mandir}/ru/man1/sediff*
+%{_mandir}/ru/man1/seinfo*
+%{_mandir}/ru/man1/sesearch*
 
 %files console-analyses
 %{_bindir}/sedta
 %{_bindir}/seinfoflow
 %{_mandir}/man1/sedta*
 %{_mandir}/man1/seinfoflow*
+%{_mandir}/ru/man1/sedta*
+%{_mandir}/ru/man1/seinfoflow*
 
 %files -n python3-setools
 %license COPYING COPYING.GPL COPYING.LGPL
@@ -136,8 +141,21 @@ Python modules designed to facilitate SELinux policy analysis.
 %{_bindir}/apol
 %{python3_sitearch}/setoolsgui
 %{_mandir}/man1/apol*
+%{_mandir}/ru/man1/apol*
 
 %changelog
+* Thu Apr  2 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-1
+- SETools 4.3.0 release
+- Revised sediff method for TE rules. This drastically reduced memory and run time.
+- Added infiniband context support to seinfo, sediff, and apol.
+- Added apol configuration for location of Qt assistant.
+- Fixed sediff issue where properties header would display when not requested.
+- Fixed sediff issue with type_transition file name comparison.
+- Fixed permission map socket sendto information flow direction.
+- Added methods to TypeAttribute class to make it a complete Python collection.
+- Genfscon now will look up classes rather than using fixed values which
+    were dropped from libsepol.
+
 * Mon Mar 23 2020 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-5
 - setools requires -console, -console-analyses and -gui packages (#1794314)
 

sources

@@ -1 +1 @@
-SHA512 (4.2.2.tar.gz) = 5044b04d0895ffe31557b3b71bb277ab49710a6066485c8f204ce7858abab259f973000f1fcfde0149ed4e33a50103984939dcc68ce322d70e9e927e81d4f798
+SHA512 (4.3.0.tar.gz) = 93da43c4b577ff944f1c19ef40cfc51f6d1cb1efef582e467834300540a7af440b6ae9106f29d810963c74b0fb5953003304790a9143a7318e477d17fa7d536a