Rebuild with SELinux userspace release 3.2-rc1

And update to 16c0696

.gitignore

@@ -10,3 +10,4 @@ setools-3.3.8-f1e5b20.tar.bz2
 /4.2.2.tar.gz
 /4.3.0.tar.gz
 /05e90ee.tar.gz
+/16c0696.tar.gz

0001-Adapt-to-new-libsepol-filename-transition-structures.patch

@@ -1,120 +0,0 @@
-From f63a3690e3e3f02ab67ad1165be54ce25bac2de7 Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@redhat.com>
-Date: Fri, 17 Jul 2020 11:28:08 +0200
-Subject: [PATCH] Adapt to new libsepol filename transition structures
-
-Adapt setools to the new libsepol internal API for filename transitions
-which allows for more efficient filename trans rule representation in
-memory and binary policy.
-
-Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
----
- setools/policyrep/sepol.pxd  |  9 ++++----
- setools/policyrep/terule.pxi | 41 ++++++++++++++++++++++++++++++------
- 2 files changed, 39 insertions(+), 11 deletions(-)
-
-diff --git a/setools/policyrep/sepol.pxd b/setools/policyrep/sepol.pxd
-index 60bc58c28ebf..b07ddb78350f 100644
---- a/setools/policyrep/sepol.pxd
-+++ b/setools/policyrep/sepol.pxd
-@@ -544,21 +544,22 @@ cdef extern from "<sepol/policydb/policydb.h>":
-     ctypedef cond_bool_datum cond_bool_datum_t
- 
-     #
--    # filename_trans_t
-+    # filename_trans_key_t
-     #
--    cdef struct filename_trans:
--        uint32_t stype
-+    cdef struct filename_trans_key:
-         uint32_t ttype
-         uint32_t tclass
-         char *name
- 
--    ctypedef filename_trans filename_trans_t
-+    ctypedef filename_trans_key filename_trans_key_t
- 
-     #
-     # filename_trans_datum_t
-     #
-     cdef struct filename_trans_datum:
-+        ebitmap_t stypes
-         uint32_t otype
-+        filename_trans_datum *next
- 
-     ctypedef filename_trans_datum filename_trans_datum_t
- 
-diff --git a/setools/policyrep/terule.pxi b/setools/policyrep/terule.pxi
-index 3976586b7985..760c366f6c39 100644
---- a/setools/policyrep/terule.pxi
-+++ b/setools/policyrep/terule.pxi
-@@ -470,17 +470,18 @@ cdef class FileNameTERule(BaseTERule):
-         readonly str filename
- 
-     @staticmethod
--    cdef inline FileNameTERule factory(SELinuxPolicy policy, sepol.filename_trans_t *key,
--                                       sepol.filename_trans_datum_t *datum):
-+    cdef inline FileNameTERule factory(SELinuxPolicy policy,
-+                                       sepol.filename_trans_key_t *key,
-+                                       Type stype, size_t otype):
-         """Factory function for creating FileNameTERule objects."""
-         cdef FileNameTERule r = FileNameTERule.__new__(FileNameTERule)
-         r.policy = policy
-         r.key = <uintptr_t>key
-         r.ruletype = TERuletype.type_transition
--        r.source = type_or_attr_factory(policy, policy.type_value_to_datum(key.stype - 1))
-+        r.source = stype
-         r.target = type_or_attr_factory(policy, policy.type_value_to_datum(key.ttype - 1))
-         r.tclass = ObjClass.factory(policy, policy.class_value_to_datum(key.tclass - 1))
--        r.dft = Type.factory(policy, policy.type_value_to_datum(datum.otype - 1))
-+        r.dft = Type.factory(policy, policy.type_value_to_datum(otype - 1))
-         r.filename = intern(key.name)
-         r.origin = None
-         return r
-@@ -708,6 +709,10 @@ cdef class FileNameTERuleIterator(HashtabIterator):
- 
-     """Iterate over FileNameTERules in the policy."""
- 
-+    cdef:
-+        sepol.filename_trans_datum_t *datum
-+        TypeEbitmapIterator stypei
-+
-     @staticmethod
-     cdef factory(SELinuxPolicy policy, sepol.hashtab_t *table):
-         """Factory function for creating FileNameTERule iterators."""
-@@ -717,7 +722,29 @@ cdef class FileNameTERuleIterator(HashtabIterator):
-         i.reset()
-         return i
- 
-+    def _next_stype(self):
-+        while True:
-+            if self.datum == NULL:
-+                super().__next__()
-+                self.datum = <sepol.filename_trans_datum_t *>self.curr.datum
-+                self.stypei = TypeEbitmapIterator.factory(self.policy, &self.datum.stypes)
-+            try:
-+                return next(self.stypei)
-+            except StopIteration:
-+                pass
-+            self.datum = self.datum.next
-+            if self.datum != NULL:
-+                self.stypei = TypeEbitmapIterator.factory(self.policy, &self.datum.stypes)
-+
-     def __next__(self):
--        super().__next__()
--        return FileNameTERule.factory(self.policy, <sepol.filename_trans_t *>self.curr.key,
--                                      <sepol.filename_trans_datum_t *>self.curr.datum)
-+        stype = self._next_stype()
-+        return FileNameTERule.factory(self.policy,
-+                                      <sepol.filename_trans_key_t *>self.curr.key,
-+                                      stype, self.datum.otype)
-+
-+    def __len__(self):
-+        return sum(1 for r in FileNameTERuleIterator.factory(self.policy, self.table))
-+
-+    def reset(self):
-+        super().reset()
-+        self.datum = NULL
--- 
-2.29.0
-

1001-Do-not-use-Werror-during-build.patch

@@ -1,49 +0,0 @@
-From 4b3dc6b38abbd32cda557d5ef9ea1383ac5fdcf2 Mon Sep 17 00:00:00 2001
-From: rpm-build <rpm-build>
-Date: Thu, 23 Feb 2017 08:17:07 +0100
-Subject: [PATCH 2/3] Do not use -Werror during build
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-There are new warnings when setools are built with gcc 7 therefore we
-want to suppress -Werror for now
-
-Fixes:
-libqpol/policy_extend.c: In function ‘policy_extend’:
-libqpol/policy_extend.c:161:27: error: ‘%04zd’ directive output may be truncated writing between 4 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
-    snprintf(buff, 9, "@ttr%04zd", i + 1);
-                           ^~~~~
-libqpol/policy_extend.c:161:22: note: directive argument in the range [1, 4294967295]
-    snprintf(buff, 9, "@ttr%04zd", i + 1);
-                      ^~~~~~~~~~~
-In file included from /usr/include/stdio.h:939:0,
-                 from /usr/include/sepol/policydb/policydb.h:53,
-                 from libqpol/policy_extend.c:29:
-/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 9 and 15 bytes into a destination of size 9
-   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
-          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-        __bos (__s), __fmt, __va_arg_pack ());
-        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-cc1: all warnings being treated as errors
-error: command 'gcc' failed with exit status 1
----
- setup.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/setup.py b/setup.py
-index c94daf1..a7442ac 100644
---- a/setup.py
-+++ b/setup.py
-@@ -105,7 +105,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
-                          libraries=['selinux', 'sepol'],
-                          library_dirs=lib_dirs,
-                          define_macros=macros,
--                         extra_compile_args=['-Werror', '-Wextra',
-+                         extra_compile_args=['-Wextra',
-                                              '-Waggregate-return',
-                                              '-Wfloat-equal',
-                                              '-Wformat', '-Wformat=2',
--- 
-2.17.2
-

1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch

@@ -1,7 +1,7 @@
-From fa776e6abd019a7bdaca37486d714d307cbd332f Mon Sep 17 00:00:00 2001
+From e47d19f4985098ca316eea4a383510d419ec6055 Mon Sep 17 00:00:00 2001
 From: Vit Mojzis <vmojzis@redhat.com>
 Date: Fri, 26 Apr 2019 15:27:25 +0200
-Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and
+Subject: [PATCH 1/2] Do not export/use setools.InfoFlowAnalysis and
  setools.DomainTransitionAnalysis
 
 dta and infoflow modules require networkx which brings lot of dependencies.
@@ -86,10 +86,10 @@ index d72d343e7e79..642485b9018d 100644
  from .diff import PolicyDifference
  
 diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
-index 4608b9dbf34e..2cde44c142e9 100644
+index 62dbf04d9a5e..0ea000e790f0 100644
 --- a/setoolsgui/apol/dta.py
 +++ b/setoolsgui/apol/dta.py
-@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
+@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
  from PyQt5.QtGui import QPalette, QTextCursor
  from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
      QTreeWidgetItem
@@ -97,9 +97,9 @@ index 4608b9dbf34e..2cde44c142e9 100644
 +from setools.dta import DomainTransitionAnalysis
  
  from ..logtosignal import LogHandlerToSignal
- from .analysistab import AnalysisTab
+ from .analysistab import AnalysisSection, AnalysisTab
 diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
-index 7bca299d23fc..7fee2778f35f 100644
+index 28009aa2329c..92d350bf727c 100644
 --- a/setoolsgui/apol/infoflow.py
 +++ b/setoolsgui/apol/infoflow.py
 @@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
@@ -138,5 +138,5 @@ index aa0e44a7e4f8..fca2848aeca5 100644
  from setools.exception import InvalidType
  from setools.permmap import PermissionMap
 -- 
-2.26.0.rc2
+2.30.0
 

1003-Require-networkx-on-package-level.patch

@@ -1,7 +1,7 @@
-From a2faa263c9dd8bcf51465861046e0406a84975c0 Mon Sep 17 00:00:00 2001
+From 7b73bdeda54b9c944774452bfa3b3c1f2733b3f0 Mon Sep 17 00:00:00 2001
 From: Petr Lautrbach <plautrba@redhat.com>
 Date: Thu, 2 Apr 2020 16:06:14 +0200
-Subject: [PATCH] Require networkx on package level
+Subject: [PATCH 2/2] Require networkx on package level
 
 It allows us to ship python3-setools without dependency on python3-networkx
 ---
@@ -9,10 +9,10 @@ It allows us to ship python3-setools without dependency on python3-networkx
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/setup.py b/setup.py
-index 457c83049ca5..4bfd438002bb 100644
+index c593b786cc61..0551811e3fd1 100644
 --- a/setup.py
 +++ b/setup.py
-@@ -170,5 +170,5 @@ setup(name='setools',
+@@ -163,5 +163,5 @@ setup(name='setools',
        # setup also requires libsepol and libselinux
        # C libraries and headers to compile.
        setup_requires=['setuptools', 'Cython>=0.27'],
@@ -20,5 +20,5 @@ index 457c83049ca5..4bfd438002bb 100644
 +      install_requires=['setuptools']
        )
 -- 
-2.26.0.rc2
+2.30.0
 

setools.spec

@@ -1,13 +1,13 @@
-%global setools_pre_ver 05e90ee
-%global gitver 05e90ee241af05665f3394e9bed0073e1bb2e17d
+%global setools_pre_ver 16c0696
+%global gitver 16c069631e1652801b1a6c41c6607b7326fc15f0
 
-%global sepol_ver 3.1-4
-%global selinux_ver 3.1-4
+%global sepol_ver 3.2-0.rc1
+%global selinux_ver 3.2-0.rc1
 
 
 Name:           setools
 Version:        4.4.0
-Release:        0.2.20201102git%{setools_pre_ver}%{?dist}
+Release:        0.2.20210121git%{setools_pre_ver}%{?dist}
 Summary:        Policy analysis tools for SELinux
 
 License:        GPLv2
@@ -15,8 +15,6 @@ URL:            https://github.com/SELinuxProject/setools/wiki
 Source0:        https://github.com/SELinuxProject/setools/archive/%{setools_pre_ver}.tar.gz
 Source1:        setools.pam
 Source2:        apol.desktop
-Patch0001:      0001-Adapt-to-new-libsepol-filename-transition-structures.patch
-Patch1001:      1001-Do-not-use-Werror-during-build.patch
 Patch1002:      1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
 Patch1003:      1003-Require-networkx-on-package-level.patch
 Obsoletes:      setools < 4.0.0, setools-devel < 4.0.0
@@ -147,6 +145,10 @@ Python modules designed to facilitate SELinux policy analysis.
 %{_mandir}/ru/man1/apol*
 
 %changelog
+* Thu Jan 21 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20210121git16c0696
+- Rebuild with SELinux userspace 3.2-rc1
+- Update to 16c0696
+
 * Thu Dec 10 2020 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20201102git05e90ee
 - Fix imports in /usr/bin/sedta
 

sources

@@ -1 +1 @@
-SHA512 (05e90ee.tar.gz) = 32f60e9a40ca5791a1e63986377e90ca728c7e205d8ae7ce446830ca7f96b51496d9753fd70077f5b6547050d23c41a1d10b20e0af9e4066355e29781d5e3686
+SHA512 (16c0696.tar.gz) = 1c9a2e8daf6e131bfe2e2e1cea1ed2caa190486af152048e3b79ab88fcd0a20c030b08986d1dd6ee4079841985b47c366435177bb206e68ea567ecee32037358