Compare commits
9 Commits
Author | SHA1 | Date |
---|---|---|
Vit Mojzis | d32d57d01b | |
Vit Mojzis | f24e682780 | |
Vit Mojzis | 46caac3298 | |
Vit Mojzis | d0560d2da2 | |
Vit Mojzis | 522fb13c60 | |
Vit Mojzis | c6b3f2cce1 | |
Vit Mojzis | 56e46874bd | |
Vit Mojzis | bb7caed6f5 | |
Vit Mojzis | b2c4c6ff83 |
|
@ -8,7 +8,3 @@ setools-3.3.8-f1e5b20.tar.bz2
|
|||
/4.2.0.tar.gz
|
||||
/4.2.1.tar.gz
|
||||
/4.2.2.tar.gz
|
||||
/4.3.0.tar.gz
|
||||
/05e90ee.tar.gz
|
||||
/16c0696.tar.gz
|
||||
/4.4.0.tar.gz
|
||||
|
|
|
@ -1,90 +0,0 @@
|
|||
From 8ed316d6bfb65e5e9b57f3761ea8490022ab3a05 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Lautrbach <plautrba@redhat.com>
|
||||
Date: Thu, 18 Nov 2021 13:59:08 +0100
|
||||
Subject: [PATCH] Make seinfo output predictable
|
||||
|
||||
There are few places where frozenset is used. Given that frozenset is an unordered
|
||||
collection the output generated from this is unpredictable.
|
||||
|
||||
The following command outputs are fixed using sorted() on frozensets:
|
||||
|
||||
seinfo --constrain
|
||||
seinfo --common
|
||||
seinfo -c -x
|
||||
seinfo -r -x
|
||||
seinfo -u -x
|
||||
|
||||
Fixes: https://github.com/SELinuxProject/setools/issues/65
|
||||
|
||||
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
||||
---
|
||||
setools/policyrep/constraint.pxi | 2 +-
|
||||
setools/policyrep/objclass.pxi | 4 ++--
|
||||
setools/policyrep/role.pxi | 2 +-
|
||||
setools/policyrep/user.pxi | 2 +-
|
||||
4 files changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/setools/policyrep/constraint.pxi b/setools/policyrep/constraint.pxi
|
||||
index 01c63d87425b..0b4c5b9bcf6a 100644
|
||||
--- a/setools/policyrep/constraint.pxi
|
||||
+++ b/setools/policyrep/constraint.pxi
|
||||
@@ -72,7 +72,7 @@ cdef class Constraint(BaseConstraint):
|
||||
|
||||
def statement(self):
|
||||
if len(self.perms) > 1:
|
||||
- perms = "{{ {0} }}".format(' '.join(self.perms))
|
||||
+ perms = "{{ {0} }}".format(' '.join(sorted(self.perms)))
|
||||
else:
|
||||
# convert to list since sets cannot be indexed
|
||||
perms = list(self.perms)[0]
|
||||
diff --git a/setools/policyrep/objclass.pxi b/setools/policyrep/objclass.pxi
|
||||
index b7ec7b7de5c3..8ed2be5a9bed 100644
|
||||
--- a/setools/policyrep/objclass.pxi
|
||||
+++ b/setools/policyrep/objclass.pxi
|
||||
@@ -75,7 +75,7 @@ cdef class Common(PolicySymbol):
|
||||
return other in self.perms
|
||||
|
||||
def statement(self):
|
||||
- return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(self.perms))
|
||||
+ return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(sorted(self.perms)))
|
||||
|
||||
|
||||
cdef class ObjClass(PolicySymbol):
|
||||
@@ -204,7 +204,7 @@ cdef class ObjClass(PolicySymbol):
|
||||
|
||||
# a class that inherits may not have additional permissions
|
||||
if len(self.perms) > 0:
|
||||
- stmt += "{{\n\t{0}\n}}".format('\n\t'.join(self.perms))
|
||||
+ stmt += "{{\n\t{0}\n}}".format('\n\t'.join(sorted(self.perms)))
|
||||
|
||||
return stmt
|
||||
|
||||
diff --git a/setools/policyrep/role.pxi b/setools/policyrep/role.pxi
|
||||
index 9a0dd39f27d9..3af8a3f72a1f 100644
|
||||
--- a/setools/policyrep/role.pxi
|
||||
+++ b/setools/policyrep/role.pxi
|
||||
@@ -58,7 +58,7 @@ cdef class Role(PolicySymbol):
|
||||
if count == 1:
|
||||
stmt += " types {0}".format(types[0])
|
||||
else:
|
||||
- stmt += " types {{ {0} }}".format(' '.join(types))
|
||||
+ stmt += " types {{ {0} }}".format(' '.join(sorted(types)))
|
||||
|
||||
stmt += ";"
|
||||
return stmt
|
||||
diff --git a/setools/policyrep/user.pxi b/setools/policyrep/user.pxi
|
||||
index 9c82aa92eb72..e37af2939820 100644
|
||||
--- a/setools/policyrep/user.pxi
|
||||
+++ b/setools/policyrep/user.pxi
|
||||
@@ -81,7 +81,7 @@ cdef class User(PolicySymbol):
|
||||
if count == 1:
|
||||
stmt += roles[0]
|
||||
else:
|
||||
- stmt += "{{ {0} }}".format(' '.join(roles))
|
||||
+ stmt += "{{ {0} }}".format(' '.join(sorted(roles)))
|
||||
|
||||
if self._level:
|
||||
stmt += " level {0.mls_level} range {0.mls_range};".format(self)
|
||||
--
|
||||
2.33.1
|
||||
|
|
@ -0,0 +1,479 @@
|
|||
From 2fad2d1b1df43ea0d85e25e2ebad88ad02997d7c Mon Sep 17 00:00:00 2001
|
||||
From: Chris PeBenito <pebenito@ieee.org>
|
||||
Date: Mon, 29 Apr 2019 07:57:16 -0400
|
||||
Subject: [PATCH 1/3] SELinuxPolicy: Create a map of aliases on policy load.
|
||||
|
||||
Addresses a performance regression after the alias fixes in #17.
|
||||
|
||||
Closes #20
|
||||
---
|
||||
setools/policyrep/mls.pxi | 138 +---------------------------
|
||||
setools/policyrep/selinuxpolicy.pxi | 107 +++++++++++++++++----
|
||||
setools/policyrep/typeattr.pxi | 70 +-------------
|
||||
3 files changed, 95 insertions(+), 220 deletions(-)
|
||||
|
||||
diff --git a/setools/policyrep/mls.pxi b/setools/policyrep/mls.pxi
|
||||
index c40d032..30464b7 100644
|
||||
--- a/setools/policyrep/mls.pxi
|
||||
+++ b/setools/policyrep/mls.pxi
|
||||
@@ -1,5 +1,5 @@
|
||||
# Copyright 2014-2016, Tresys Technology, LLC
|
||||
-# Copyright 2017-2018, Chris PeBenito <pebenito@ieee.org>
|
||||
+# Copyright 2017-2019, Chris PeBenito <pebenito@ieee.org>
|
||||
#
|
||||
# This file is part of SETools.
|
||||
#
|
||||
@@ -65,6 +65,7 @@ cdef class Category(PolicySymbol):
|
||||
c.key = <uintptr_t>symbol
|
||||
c.name = policy.category_value_to_name(symbol.s.value - 1)
|
||||
c._value = symbol.s.value
|
||||
+ c._aliases = policy.category_alias_map[symbol.s.value]
|
||||
_cat_cache[policy][<uintptr_t>symbol] = c
|
||||
return c
|
||||
|
||||
@@ -75,14 +76,8 @@ cdef class Category(PolicySymbol):
|
||||
# Comparison based on their index instead of their names.
|
||||
return self._value < other._value
|
||||
|
||||
- cdef inline void _load_aliases(self):
|
||||
- """Helper method to load aliases."""
|
||||
- if self._aliases is None:
|
||||
- self._aliases = list(self.policy.category_aliases(self))
|
||||
-
|
||||
def aliases(self):
|
||||
"""Generator that yields all aliases for this category."""
|
||||
- self._load_aliases()
|
||||
return iter(self._aliases)
|
||||
|
||||
def statement(self):
|
||||
@@ -90,7 +85,6 @@ cdef class Category(PolicySymbol):
|
||||
str stmt
|
||||
size_t count
|
||||
|
||||
- self._load_aliases()
|
||||
count = len(self._aliases)
|
||||
|
||||
stmt = "category {0}".format(self.name)
|
||||
@@ -127,6 +121,7 @@ cdef class Sensitivity(PolicySymbol):
|
||||
s.key = <uintptr_t>symbol
|
||||
s.name = policy.level_value_to_name(symbol.level.sens - 1)
|
||||
s._value = symbol.level.sens
|
||||
+ s._aliases = policy.sensitivity_alias_map[symbol.level.sens]
|
||||
return s
|
||||
|
||||
def __hash__(self):
|
||||
@@ -144,14 +139,8 @@ cdef class Sensitivity(PolicySymbol):
|
||||
def __lt__(self, other):
|
||||
return self._value < other._value
|
||||
|
||||
- cdef inline void _load_aliases(self):
|
||||
- """Helper method to load aliases."""
|
||||
- if self._aliases is None:
|
||||
- self._aliases = list(self.policy.sensitivity_aliases(self))
|
||||
-
|
||||
def aliases(self):
|
||||
"""Generator that yields all aliases for this sensitivity."""
|
||||
- self._load_aliases()
|
||||
return iter(self._aliases)
|
||||
|
||||
def level_decl(self):
|
||||
@@ -167,7 +156,6 @@ cdef class Sensitivity(PolicySymbol):
|
||||
str stmt
|
||||
size_t count
|
||||
|
||||
- self._load_aliases()
|
||||
count = len(self._aliases)
|
||||
|
||||
stmt = "sensitivity {0}".format(self.name)
|
||||
@@ -540,66 +528,6 @@ cdef class CategoryHashtabIterator(HashtabIterator):
|
||||
datum = <sepol.cat_datum_t *> self.node.datum if self.node else NULL
|
||||
|
||||
|
||||
-cdef class CategoryAliasHashtabIterator(HashtabIterator):
|
||||
-
|
||||
- """Iterate over category aliases in the policy."""
|
||||
-
|
||||
- cdef uint32_t primary
|
||||
-
|
||||
- @staticmethod
|
||||
- cdef factory(SELinuxPolicy policy, sepol.hashtab_t *table, Category primary):
|
||||
- """Factory function for creating category alias iterators."""
|
||||
- i = CategoryAliasHashtabIterator()
|
||||
- i.policy = policy
|
||||
- i.table = table
|
||||
- i.primary = primary._value
|
||||
- i.reset()
|
||||
- return i
|
||||
-
|
||||
- def __next__(self):
|
||||
- super().__next__()
|
||||
- datum = <sepol.cat_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- while datum != NULL and (not datum.isalias or datum.s.value != self.primary):
|
||||
- super().__next__()
|
||||
- datum = <sepol.cat_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- return intern(self.curr.key)
|
||||
-
|
||||
- def __len__(self):
|
||||
- cdef sepol.cat_datum_t *datum
|
||||
- cdef sepol.hashtab_node_t *node
|
||||
- cdef uint32_t bucket = 0
|
||||
- cdef size_t count = 0
|
||||
-
|
||||
- while bucket < self.table[0].size:
|
||||
- node = self.table[0].htable[bucket]
|
||||
- while node != NULL:
|
||||
- datum = <sepol.cat_datum_t *>node.datum if node else NULL
|
||||
- if datum != NULL and self.primary == datum.s.value and datum.isalias:
|
||||
- count += 1
|
||||
-
|
||||
- node = node.next
|
||||
-
|
||||
- bucket += 1
|
||||
-
|
||||
- return count
|
||||
-
|
||||
- def reset(self):
|
||||
- super().reset()
|
||||
-
|
||||
- cdef sepol.cat_datum_t *datum = <sepol.cat_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
- # advance over any attributes or aliases
|
||||
- while datum != NULL and (not datum.isalias and self.primary != datum.s.value):
|
||||
- self._next_node()
|
||||
-
|
||||
- if self.node == NULL or self.bucket >= self.table[0].size:
|
||||
- break
|
||||
-
|
||||
- datum = <sepol.cat_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
-
|
||||
cdef class SensitivityHashtabIterator(HashtabIterator):
|
||||
|
||||
"""Iterate over sensitivity in the policy."""
|
||||
@@ -657,66 +585,6 @@ cdef class SensitivityHashtabIterator(HashtabIterator):
|
||||
datum = <sepol.level_datum_t *> self.node.datum if self.node else NULL
|
||||
|
||||
|
||||
-cdef class SensitivityAliasHashtabIterator(HashtabIterator):
|
||||
-
|
||||
- """Iterate over sensitivity aliases in the policy."""
|
||||
-
|
||||
- cdef uint32_t primary
|
||||
-
|
||||
- @staticmethod
|
||||
- cdef factory(SELinuxPolicy policy, sepol.hashtab_t *table, Sensitivity primary):
|
||||
- """Factory function for creating Sensitivity alias iterators."""
|
||||
- i = SensitivityAliasHashtabIterator()
|
||||
- i.policy = policy
|
||||
- i.table = table
|
||||
- i.primary = primary._value
|
||||
- i.reset()
|
||||
- return i
|
||||
-
|
||||
- def __next__(self):
|
||||
- super().__next__()
|
||||
- datum = <sepol.level_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- while datum != NULL and (not datum.isalias or datum.level.sens != self.primary):
|
||||
- super().__next__()
|
||||
- datum = <sepol.level_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- return intern(self.curr.key)
|
||||
-
|
||||
- def __len__(self):
|
||||
- cdef sepol.level_datum_t *datum
|
||||
- cdef sepol.hashtab_node_t *node
|
||||
- cdef uint32_t bucket = 0
|
||||
- cdef size_t count = 0
|
||||
-
|
||||
- while bucket < self.table[0].size:
|
||||
- node = self.table[0].htable[bucket]
|
||||
- while node != NULL:
|
||||
- datum = <sepol.level_datum_t *>node.datum if node else NULL
|
||||
- if datum != NULL and self.primary == datum.level.sens and datum.isalias:
|
||||
- count += 1
|
||||
-
|
||||
- node = node.next
|
||||
-
|
||||
- bucket += 1
|
||||
-
|
||||
- return count
|
||||
-
|
||||
- def reset(self):
|
||||
- super().reset()
|
||||
-
|
||||
- cdef sepol.level_datum_t *datum = <sepol.level_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
- # advance over any attributes or aliases
|
||||
- while datum != NULL and (not datum.isalias and self.primary != datum.level.sens):
|
||||
- self._next_node()
|
||||
-
|
||||
- if self.node == NULL or self.bucket >= self.table[0].size:
|
||||
- break
|
||||
-
|
||||
- datum = <sepol.level_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
-
|
||||
cdef class LevelDeclHashtabIterator(HashtabIterator):
|
||||
|
||||
"""Iterate over level declarations in the policy."""
|
||||
diff --git a/setools/policyrep/selinuxpolicy.pxi b/setools/policyrep/selinuxpolicy.pxi
|
||||
index 1a3eb5c..1541549 100644
|
||||
--- a/setools/policyrep/selinuxpolicy.pxi
|
||||
+++ b/setools/policyrep/selinuxpolicy.pxi
|
||||
@@ -46,6 +46,9 @@ cdef class SELinuxPolicy:
|
||||
object log
|
||||
object constraint_counts
|
||||
object terule_counts
|
||||
+ dict type_alias_map
|
||||
+ dict category_alias_map
|
||||
+ dict sensitivity_alias_map
|
||||
object __weakref__
|
||||
|
||||
# Public attributes:
|
||||
@@ -598,12 +601,6 @@ cdef class SELinuxPolicy:
|
||||
"""Return the category datum for the specified category value."""
|
||||
return self.cat_val_to_struct[value]
|
||||
|
||||
- cdef inline category_aliases(self, Category primary):
|
||||
- """Return an interator for the aliases for the specified category."""
|
||||
- return CategoryAliasHashtabIterator.factory(self,
|
||||
- &self.handle.p.symtab[sepol.SYM_CATS].table,
|
||||
- primary)
|
||||
-
|
||||
cdef inline str category_value_to_name(self, size_t value):
|
||||
"""Return the name of the category by its value."""
|
||||
return intern(self.handle.p.sym_val_to_name[sepol.SYM_CATS][value])
|
||||
@@ -636,17 +633,6 @@ cdef class SELinuxPolicy:
|
||||
"""Return the name of the role by its value."""
|
||||
return intern(self.handle.p.sym_val_to_name[sepol.SYM_ROLES][value])
|
||||
|
||||
- cdef inline sensitivity_aliases(self, Sensitivity primary):
|
||||
- """Return an interator for the aliases for the specified sensitivity."""
|
||||
- return SensitivityAliasHashtabIterator.factory(self,
|
||||
- &self.handle.p.symtab[sepol.SYM_LEVELS].table, primary)
|
||||
-
|
||||
- cdef inline type_aliases(self, Type primary):
|
||||
- """Return an iterator for the aliases for the specified type."""
|
||||
- return TypeAliasHashtabIterator.factory(self,
|
||||
- &self.handle.p.symtab[sepol.SYM_TYPES].table,
|
||||
- primary)
|
||||
-
|
||||
cdef inline sepol.type_datum_t* type_value_to_datum(self, size_t value):
|
||||
"""Return the type datum for the specified type value."""
|
||||
return self.handle.p.type_val_to_struct[value]
|
||||
@@ -725,6 +711,15 @@ cdef class SELinuxPolicy:
|
||||
if self.mls:
|
||||
self._create_mls_val_to_struct()
|
||||
|
||||
+ #
|
||||
+ # Create value to alias mappings
|
||||
+ #
|
||||
+ self._load_type_aliases()
|
||||
+
|
||||
+ if self.mls:
|
||||
+ self._load_sensitivity_aliases()
|
||||
+ self._load_category_aliases()
|
||||
+
|
||||
self.log.info("Successfully opened SELinux policy \"{0}\"".format(filename))
|
||||
self.path = filename
|
||||
|
||||
@@ -846,6 +841,84 @@ cdef class SELinuxPolicy:
|
||||
|
||||
bucket += 1
|
||||
|
||||
+ cdef _load_category_aliases(self):
|
||||
+ """Build map of aliases to categories"""
|
||||
+ cdef:
|
||||
+ sepol.hashtab_t *table = &self.handle.p.symtab[sepol.SYM_CATS].table
|
||||
+ sepol.cat_datum_t *datum
|
||||
+ sepol.hashtab_node_t *node
|
||||
+ uint32_t bucket = 0
|
||||
+ list entry
|
||||
+
|
||||
+ self.category_alias_map = dict()
|
||||
+
|
||||
+ while bucket < table[0].size:
|
||||
+ node = table[0].htable[bucket]
|
||||
+ while node != NULL:
|
||||
+ datum = <sepol.cat_datum_t *>node.datum if node else NULL
|
||||
+ if datum == NULL:
|
||||
+ continue
|
||||
+
|
||||
+ entry = self.category_alias_map.setdefault(datum.s.value, list())
|
||||
+ if datum.isalias:
|
||||
+ entry.append(intern(node.key))
|
||||
+
|
||||
+ node = node.next
|
||||
+
|
||||
+ bucket += 1
|
||||
+
|
||||
+ cdef _load_sensitivity_aliases(self):
|
||||
+ """Build map of aliases to sensitivities"""
|
||||
+ cdef:
|
||||
+ sepol.hashtab_t *table = &self.handle.p.symtab[sepol.SYM_LEVELS].table
|
||||
+ sepol.level_datum_t *datum
|
||||
+ sepol.hashtab_node_t *node
|
||||
+ uint32_t bucket = 0
|
||||
+ list entry
|
||||
+
|
||||
+ self.sensitivity_alias_map = dict()
|
||||
+
|
||||
+ while bucket < table[0].size:
|
||||
+ node = table[0].htable[bucket]
|
||||
+ while node != NULL:
|
||||
+ datum = <sepol.level_datum_t *>node.datum if node else NULL
|
||||
+ if datum == NULL:
|
||||
+ continue
|
||||
+
|
||||
+ entry = self.sensitivity_alias_map.setdefault(datum.level.sens, list())
|
||||
+ if datum.isalias:
|
||||
+ entry.append(intern(node.key))
|
||||
+
|
||||
+ node = node.next
|
||||
+
|
||||
+ bucket += 1
|
||||
+
|
||||
+ cdef _load_type_aliases(self):
|
||||
+ """Build map of aliases to types"""
|
||||
+ cdef:
|
||||
+ sepol.hashtab_t *table = &self.handle.p.symtab[sepol.SYM_TYPES].table
|
||||
+ sepol.type_datum_t *datum
|
||||
+ sepol.hashtab_node_t *node
|
||||
+ uint32_t bucket = 0
|
||||
+ list entry
|
||||
+
|
||||
+ self.type_alias_map = dict()
|
||||
+
|
||||
+ while bucket < table[0].size:
|
||||
+ node = table[0].htable[bucket]
|
||||
+ while node != NULL:
|
||||
+ datum = <sepol.type_datum_t *>node.datum if node else NULL
|
||||
+ if datum == NULL:
|
||||
+ continue
|
||||
+
|
||||
+ entry = self.type_alias_map.setdefault(datum.s.value, list())
|
||||
+ if type_is_alias(datum):
|
||||
+ entry.append(intern(node.key))
|
||||
+
|
||||
+ node = node.next
|
||||
+
|
||||
+ bucket += 1
|
||||
+
|
||||
cdef _rebuild_attrs_from_map(self):
|
||||
"""
|
||||
Rebuilds data for the attributes and inserts them into the policydb.
|
||||
diff --git a/setools/policyrep/typeattr.pxi b/setools/policyrep/typeattr.pxi
|
||||
index d989ca9..1d8901e 100644
|
||||
--- a/setools/policyrep/typeattr.pxi
|
||||
+++ b/setools/policyrep/typeattr.pxi
|
||||
@@ -1,5 +1,5 @@
|
||||
# Copyright 2014, Tresys Technology, LLC
|
||||
-# Copyright 2017-2018, Chris PeBenito <pebenito@ieee.org>
|
||||
+# Copyright 2017-2019, Chris PeBenito <pebenito@ieee.org>
|
||||
#
|
||||
# This file is part of SETools.
|
||||
#
|
||||
@@ -86,13 +86,9 @@ cdef class Type(BaseType):
|
||||
t.value = symbol.s.value
|
||||
t.name = policy.type_value_to_name(symbol.s.value - 1)
|
||||
t.ispermissive = <bint>symbol.flags & sepol.TYPE_FLAGS_PERMISSIVE
|
||||
+ t._aliases = policy.type_alias_map[symbol.s.value]
|
||||
return t
|
||||
|
||||
- cdef inline void _load_aliases(self):
|
||||
- """Helper method to load aliases."""
|
||||
- if self._aliases is None:
|
||||
- self._aliases = list(self.policy.type_aliases(self))
|
||||
-
|
||||
cdef inline void _load_attributes(self):
|
||||
"""Helper method to load attributes."""
|
||||
cdef sepol.type_datum_t *symbol = <sepol.type_datum_t *>self.key
|
||||
@@ -110,7 +106,6 @@ cdef class Type(BaseType):
|
||||
|
||||
def aliases(self):
|
||||
"""Generator that yields all aliases for this type."""
|
||||
- self._load_aliases()
|
||||
return iter(self._aliases)
|
||||
|
||||
def statement(self):
|
||||
@@ -119,7 +114,6 @@ cdef class Type(BaseType):
|
||||
str stmt
|
||||
|
||||
self._load_attributes()
|
||||
- self._load_aliases()
|
||||
count = len(self._aliases)
|
||||
|
||||
stmt = "type {0}".format(self.name)
|
||||
@@ -297,66 +291,6 @@ cdef class TypeAttributeHashtabIterator(HashtabIterator):
|
||||
self._next_node()
|
||||
|
||||
|
||||
-cdef class TypeAliasHashtabIterator(HashtabIterator):
|
||||
-
|
||||
- """Iterate over type aliases in the policy."""
|
||||
-
|
||||
- cdef uint32_t primary
|
||||
-
|
||||
- @staticmethod
|
||||
- cdef factory(SELinuxPolicy policy, sepol.hashtab_t *table, Type primary):
|
||||
- """Factory function for creating type alias iterators."""
|
||||
- i = TypeAliasHashtabIterator()
|
||||
- i.policy = policy
|
||||
- i.table = table
|
||||
- i.primary = primary.value
|
||||
- i.reset()
|
||||
- return i
|
||||
-
|
||||
- def __next__(self):
|
||||
- super().__next__()
|
||||
- datum = <sepol.type_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- while datum != NULL and (not type_is_alias(datum) or datum.s.value != self.primary):
|
||||
- super().__next__()
|
||||
- datum = <sepol.type_datum_t *> self.curr.datum if self.curr else NULL
|
||||
-
|
||||
- return intern(self.curr.key)
|
||||
-
|
||||
- def __len__(self):
|
||||
- cdef sepol.type_datum_t *datum
|
||||
- cdef sepol.hashtab_node_t *node
|
||||
- cdef uint32_t bucket = 0
|
||||
- cdef size_t count = 0
|
||||
-
|
||||
- while bucket < self.table[0].size:
|
||||
- node = self.table[0].htable[bucket]
|
||||
- while node != NULL:
|
||||
- datum = <sepol.type_datum_t *>node.datum if node else NULL
|
||||
- if datum != NULL and self.primary == datum.s.value and type_is_alias(datum):
|
||||
- count += 1
|
||||
-
|
||||
- node = node.next
|
||||
-
|
||||
- bucket += 1
|
||||
-
|
||||
- return count
|
||||
-
|
||||
- def reset(self):
|
||||
- super().reset()
|
||||
-
|
||||
- cdef sepol.type_datum_t *datum = <sepol.type_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
- # advance over any attributes or aliases
|
||||
- while datum != NULL and (not type_is_alias(datum) and self.primary != datum.s.value):
|
||||
- self._next_node()
|
||||
-
|
||||
- if self.node == NULL or self.bucket >= self.table[0].size:
|
||||
- break
|
||||
-
|
||||
- datum = <sepol.type_datum_t *> self.node.datum if self.node else NULL
|
||||
-
|
||||
-
|
||||
#
|
||||
# Ebitmap Iterator Classes
|
||||
#
|
||||
--
|
||||
2.17.2
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
From 4b3dc6b38abbd32cda557d5ef9ea1383ac5fdcf2 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 23 Feb 2017 08:17:07 +0100
|
||||
Subject: [PATCH 2/3] Do not use -Werror during build
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
There are new warnings when setools are built with gcc 7 therefore we
|
||||
want to suppress -Werror for now
|
||||
|
||||
Fixes:
|
||||
libqpol/policy_extend.c: In function ‘policy_extend’:
|
||||
libqpol/policy_extend.c:161:27: error: ‘%04zd’ directive output may be truncated writing between 4 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
|
||||
snprintf(buff, 9, "@ttr%04zd", i + 1);
|
||||
^~~~~
|
||||
libqpol/policy_extend.c:161:22: note: directive argument in the range [1, 4294967295]
|
||||
snprintf(buff, 9, "@ttr%04zd", i + 1);
|
||||
^~~~~~~~~~~
|
||||
In file included from /usr/include/stdio.h:939:0,
|
||||
from /usr/include/sepol/policydb/policydb.h:53,
|
||||
from libqpol/policy_extend.c:29:
|
||||
/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 9 and 15 bytes into a destination of size 9
|
||||
return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
|
||||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
__bos (__s), __fmt, __va_arg_pack ());
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
cc1: all warnings being treated as errors
|
||||
error: command 'gcc' failed with exit status 1
|
||||
---
|
||||
setup.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/setup.py b/setup.py
|
||||
index c94daf1..a7442ac 100644
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -105,7 +105,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
|
||||
libraries=['selinux', 'sepol'],
|
||||
library_dirs=lib_dirs,
|
||||
define_macros=macros,
|
||||
- extra_compile_args=['-Werror', '-Wextra',
|
||||
+ extra_compile_args=['-Wextra',
|
||||
'-Waggregate-return',
|
||||
'-Wfloat-equal',
|
||||
'-Wformat', '-Wformat=2',
|
||||
--
|
||||
2.17.2
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From e47d19f4985098ca316eea4a383510d419ec6055 Mon Sep 17 00:00:00 2001
|
||||
From b960869bcbcb58f2ce9af598484f209935c096b0 Mon Sep 17 00:00:00 2001
|
||||
From: Vit Mojzis <vmojzis@redhat.com>
|
||||
Date: Fri, 26 Apr 2019 15:27:25 +0200
|
||||
Subject: [PATCH 1/2] Do not export/use setools.InfoFlowAnalysis and
|
||||
Subject: [PATCH 3/3] Do not export/use setools.InfoFlowAnalysis and
|
||||
setools.DomainTransitionAnalysis
|
||||
|
||||
dta and infoflow modules require networkx which brings lot of dependencies.
|
||||
|
@ -12,32 +12,29 @@ Therefore it's better to use setools.infoflow.InfoFlowAnalysis and
|
|||
setools.dta.DomainTransitionAnalysis and let the package containing
|
||||
sedta and seinfoflow to require python3-networkx
|
||||
---
|
||||
sedta | 5 +++--
|
||||
sedta | 4 ++--
|
||||
seinfoflow | 4 ++--
|
||||
setools/__init__.py | 4 ----
|
||||
setoolsgui/apol/dta.py | 2 +-
|
||||
setoolsgui/apol/infoflow.py | 2 +-
|
||||
tests/dta.py | 2 +-
|
||||
tests/infoflow.py | 2 +-
|
||||
7 files changed, 9 insertions(+), 12 deletions(-)
|
||||
7 files changed, 8 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/sedta b/sedta
|
||||
index 57070098fe10..51890ea8ea73 100755
|
||||
index 60861ca..41e38a2 100755
|
||||
--- a/sedta
|
||||
+++ b/sedta
|
||||
@@ -23,9 +23,10 @@ import logging
|
||||
@@ -22,7 +22,7 @@ import argparse
|
||||
import logging
|
||||
import signal
|
||||
|
||||
import setools
|
||||
-import setools
|
||||
+import setools.dta
|
||||
|
||||
|
||||
-def print_transition(trans: setools.DomainTransition) -> None:
|
||||
+def print_transition(trans: setools.dta.DomainTransition) -> None:
|
||||
if trans.transition:
|
||||
print("Domain transition rule(s):")
|
||||
for t in trans.transition:
|
||||
@@ -114,7 +115,7 @@ else:
|
||||
def print_transition(trans):
|
||||
@@ -114,7 +114,7 @@ else:
|
||||
|
||||
try:
|
||||
p = setools.SELinuxPolicy(args.policy)
|
||||
|
@ -47,7 +44,7 @@ index 57070098fe10..51890ea8ea73 100755
|
|||
if args.shortest_path or args.all_paths:
|
||||
if args.shortest_path:
|
||||
diff --git a/seinfoflow b/seinfoflow
|
||||
index 0ddcfdc7c1fb..8321718b2640 100755
|
||||
index 97b14ba..e7f965d 100755
|
||||
--- a/seinfoflow
|
||||
+++ b/seinfoflow
|
||||
@@ -17,7 +17,7 @@
|
||||
|
@ -59,37 +56,37 @@ index 0ddcfdc7c1fb..8321718b2640 100755
|
|||
import argparse
|
||||
import sys
|
||||
import logging
|
||||
@@ -102,7 +102,7 @@ elif args.booleans is not None:
|
||||
@@ -81,7 +81,7 @@ else:
|
||||
try:
|
||||
p = setools.SELinuxPolicy(args.policy)
|
||||
m = setools.PermissionMap(args.map)
|
||||
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||
booleans=booleans)
|
||||
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
||||
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
||||
|
||||
if args.shortest_path or args.all_paths:
|
||||
if args.shortest_path:
|
||||
diff --git a/setools/__init__.py b/setools/__init__.py
|
||||
index d72d343e7e79..642485b9018d 100644
|
||||
index 7b70f5e..5a5f7fe 100644
|
||||
--- a/setools/__init__.py
|
||||
+++ b/setools/__init__.py
|
||||
@@ -91,12 +91,8 @@ from .pcideviceconquery import PcideviceconQuery
|
||||
@@ -73,12 +73,8 @@ from .pcideviceconquery import PcideviceconQuery
|
||||
from .devicetreeconquery import DevicetreeconQuery
|
||||
|
||||
# Information Flow Analysis
|
||||
-from .infoflow import InfoFlowAnalysis
|
||||
from .permmap import PermissionMap, RuleWeight, Mapping
|
||||
from .permmap import PermissionMap
|
||||
|
||||
-# Domain Transition Analysis
|
||||
-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
|
||||
-from .dta import DomainTransitionAnalysis
|
||||
-
|
||||
# Policy difference
|
||||
from .diff import PolicyDifference
|
||||
|
||||
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
||||
index 62dbf04d9a5e..0ea000e790f0 100644
|
||||
index 4608b9d..2cde44c 100644
|
||||
--- a/setoolsgui/apol/dta.py
|
||||
+++ b/setoolsgui/apol/dta.py
|
||||
@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||
@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||
from PyQt5.QtGui import QPalette, QTextCursor
|
||||
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
||||
QTreeWidgetItem
|
||||
|
@ -97,9 +94,9 @@ index 62dbf04d9a5e..0ea000e790f0 100644
|
|||
+from setools.dta import DomainTransitionAnalysis
|
||||
|
||||
from ..logtosignal import LogHandlerToSignal
|
||||
from .analysistab import AnalysisSection, AnalysisTab
|
||||
from .analysistab import AnalysisTab
|
||||
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
||||
index 28009aa2329c..92d350bf727c 100644
|
||||
index 7bca299..7fee277 100644
|
||||
--- a/setoolsgui/apol/infoflow.py
|
||||
+++ b/setoolsgui/apol/infoflow.py
|
||||
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||
|
@ -112,7 +109,7 @@ index 28009aa2329c..92d350bf727c 100644
|
|||
|
||||
from ..logtosignal import LogHandlerToSignal
|
||||
diff --git a/tests/dta.py b/tests/dta.py
|
||||
index a0cc9381469c..177e6fb0b961 100644
|
||||
index a0cc938..177e6fb 100644
|
||||
--- a/tests/dta.py
|
||||
+++ b/tests/dta.py
|
||||
@@ -18,7 +18,7 @@
|
||||
|
@ -125,7 +122,7 @@ index a0cc9381469c..177e6fb0b961 100644
|
|||
from setools.exception import InvalidType
|
||||
from setools.policyrep import Type
|
||||
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
||||
index aa0e44a7e4f8..fca2848aeca5 100644
|
||||
index aa0e44a..fca2848 100644
|
||||
--- a/tests/infoflow.py
|
||||
+++ b/tests/infoflow.py
|
||||
@@ -18,7 +18,7 @@
|
||||
|
@ -138,5 +135,5 @@ index aa0e44a7e4f8..fca2848aeca5 100644
|
|||
from setools.exception import InvalidType
|
||||
from setools.permmap import PermissionMap
|
||||
--
|
||||
2.30.0
|
||||
2.17.2
|
||||
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
From 7b73bdeda54b9c944774452bfa3b3c1f2733b3f0 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Lautrbach <plautrba@redhat.com>
|
||||
Date: Thu, 2 Apr 2020 16:06:14 +0200
|
||||
Subject: [PATCH 2/2] Require networkx on package level
|
||||
|
||||
It allows us to ship python3-setools without dependency on python3-networkx
|
||||
---
|
||||
setup.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/setup.py b/setup.py
|
||||
index c593b786cc61..0551811e3fd1 100644
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -163,5 +163,5 @@ setup(name='setools',
|
||||
# setup also requires libsepol and libselinux
|
||||
# C libraries and headers to compile.
|
||||
setup_requires=['setuptools', 'Cython>=0.27'],
|
||||
- install_requires=['setuptools', 'networkx>=2.0']
|
||||
+ install_requires=['setuptools']
|
||||
)
|
||||
--
|
||||
2.30.0
|
||||
|
16
gating.yaml
16
gating.yaml
|
@ -1,16 +0,0 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_testing
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
emptyrpm:
|
||||
expected_empty:
|
||||
- setools
|
139
setools.spec
139
setools.spec
|
@ -1,22 +1,26 @@
|
|||
%global sepol_ver 3.4-1
|
||||
%global selinux_ver 3.4-1
|
||||
# % global setools_pre_ver rc
|
||||
# % global gitver f1e5b20
|
||||
|
||||
%global sepol_ver 2.9-1
|
||||
%global selinux_ver 2.9-1
|
||||
|
||||
|
||||
Name: setools
|
||||
Version: 4.4.0
|
||||
Release: 9%{?dist}
|
||||
Version: 4.2.2
|
||||
Release: 1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist}
|
||||
Summary: Policy analysis tools for SELinux
|
||||
|
||||
License: GPLv2
|
||||
URL: https://github.com/SELinuxProject/setools/wiki
|
||||
Source0: https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz
|
||||
Source0: https://github.com/SELinuxProject/setools/archive/%{version}%{?setools_pre_ver:-%{setools_pre_ver}}.tar.gz
|
||||
Source1: setools.pam
|
||||
Source2: apol.desktop
|
||||
Patch0001: 0001-Make-seinfo-output-predictable.patch
|
||||
Patch1001: 1001-Do-not-use-Werror-during-build.patch
|
||||
Patch1002: 1002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
|
||||
Patch1003: 1003-Require-networkx-on-package-level.patch
|
||||
|
||||
Obsoletes: setools < 4.0.0, setools-devel < 4.0.0
|
||||
BuildRequires: flex, bison
|
||||
BuildRequires: glibc-devel, gcc, git-core
|
||||
BuildRequires: glibc-devel, gcc, git
|
||||
BuildRequires: libsepol-devel >= %{sepol_ver}, libsepol-static >= %{sepol_ver}
|
||||
BuildRequires: qt5-qtbase-devel
|
||||
BuildRequires: swig
|
||||
|
@ -25,9 +29,8 @@ BuildRequires: python3-devel
|
|||
BuildRequires: python3-setuptools
|
||||
BuildRequires: libselinux-devel
|
||||
|
||||
Requires: %{name}-console = %{version}-%{release}
|
||||
Requires: %{name}-console-analyses = %{version}-%{release}
|
||||
Requires: %{name}-gui = %{version}-%{release}
|
||||
# BuildArch:
|
||||
Requires: python3-%{name} = %{version}-%{release}
|
||||
|
||||
%description
|
||||
SETools is a collection of graphical tools, command-line tools, and
|
||||
|
@ -70,7 +73,11 @@ This package includes the following console tools:
|
|||
%package -n python3-setools
|
||||
Summary: Policy analysis tools for SELinux
|
||||
Obsoletes: setools-libs < 4.0.0
|
||||
%{?python_provide:%python_provide python3-setools}
|
||||
Recommends: libselinux-python3
|
||||
# Remove before F30
|
||||
Provides: %{name}-python3 = %{version}-%{release}
|
||||
Provides: %{name}-python3%{?_isa} = %{version}-%{release}
|
||||
Obsoletes: %{name}-python3 < %{version}-%{release}
|
||||
Requires: python3-setuptools
|
||||
|
||||
%description -n python3-setools
|
||||
|
@ -90,15 +97,17 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||
|
||||
|
||||
%prep
|
||||
%autosetup -p 1 -S git -n setools-%{version}
|
||||
%autosetup -p 1 -S git -n setools-%{version}%{?setools_pre_ver:-%{setools_pre_ver}}
|
||||
|
||||
|
||||
%build
|
||||
%py3_build
|
||||
# Remove CFLAGS=... for noarch packages (unneeded)
|
||||
%set_build_flags
|
||||
%{__python3} setup.py build
|
||||
|
||||
|
||||
%install
|
||||
%py3_install
|
||||
%{__python3} setup.py install --root %{buildroot}
|
||||
|
||||
%check
|
||||
%if %{?_with_check:1}%{!?_with_check:0}
|
||||
|
@ -109,25 +118,18 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||
%files
|
||||
|
||||
%files console
|
||||
%{_bindir}/sechecker
|
||||
%{_bindir}/sediff
|
||||
%{_bindir}/seinfo
|
||||
%{_bindir}/sesearch
|
||||
%{_mandir}/man1/sechecker*
|
||||
%{_mandir}/man1/sediff*
|
||||
%{_mandir}/man1/seinfo*
|
||||
%{_mandir}/man1/sesearch*
|
||||
%{_mandir}/ru/man1/sediff*
|
||||
%{_mandir}/ru/man1/seinfo*
|
||||
%{_mandir}/ru/man1/sesearch*
|
||||
|
||||
%files console-analyses
|
||||
%{_bindir}/sedta
|
||||
%{_bindir}/seinfoflow
|
||||
%{_mandir}/man1/sedta*
|
||||
%{_mandir}/man1/seinfoflow*
|
||||
%{_mandir}/ru/man1/sedta*
|
||||
%{_mandir}/ru/man1/seinfoflow*
|
||||
|
||||
%files -n python3-setools
|
||||
%license COPYING COPYING.GPL COPYING.LGPL
|
||||
|
@ -138,91 +140,8 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||
%{_bindir}/apol
|
||||
%{python3_sitearch}/setoolsgui
|
||||
%{_mandir}/man1/apol*
|
||||
%{_mandir}/ru/man1/apol*
|
||||
|
||||
%changelog
|
||||
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.4.0-9
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
* Thu Jun 16 2022 Python Maint <python-maint@redhat.com> - 4.4.0-8
|
||||
- Rebuilt for Python 3.11
|
||||
|
||||
* Mon Jun 13 2022 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-7
|
||||
- Update required userspace versions to 3.4
|
||||
- Drop unnecessary Recommends
|
||||
|
||||
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 4.4.0-6
|
||||
- Rebuilt for Python 3.11
|
||||
|
||||
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.4.0-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Fri Nov 19 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-4
|
||||
- Make seinfo output predictable
|
||||
https://github.com/SELinuxProject/setools/issues/65
|
||||
|
||||
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.4.0-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 4.4.0-2
|
||||
- Rebuilt for Python 3.10
|
||||
|
||||
* Mon Mar 8 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-1
|
||||
- SETools 4.4.0 release
|
||||
|
||||
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.4.0-0.3.20210121git16c0696
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Thu Jan 21 2021 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20210121git16c0696
|
||||
- Rebuild with SELinux userspace 3.2-rc1
|
||||
- Update to 16c0696
|
||||
|
||||
* Thu Dec 10 2020 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.2.20201102git05e90ee
|
||||
- Fix imports in /usr/bin/sedta
|
||||
|
||||
* Tue Nov 3 2020 Petr Lautrbach <plautrba@redhat.com> - 4.4.0-0.1.20201102git05e90ee
|
||||
- Update to 05e90ee
|
||||
- Add /usr/bin/sechecker
|
||||
- Adapt to new libsepol filename transition structures
|
||||
- Rebuild with libsepol.so.2
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.3.0-5
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.3.0-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Thu Jul 16 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-3
|
||||
- rebuild with SELinux userspace 3.1 release
|
||||
|
||||
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 4.3.0-2
|
||||
- Rebuilt for Python 3.9
|
||||
|
||||
* Thu Apr 2 2020 Petr Lautrbach <plautrba@redhat.com> - 4.3.0-1
|
||||
- SETools 4.3.0 release
|
||||
- Revised sediff method for TE rules. This drastically reduced memory and run time.
|
||||
- Added infiniband context support to seinfo, sediff, and apol.
|
||||
- Added apol configuration for location of Qt assistant.
|
||||
- Fixed sediff issue where properties header would display when not requested.
|
||||
- Fixed sediff issue with type_transition file name comparison.
|
||||
- Fixed permission map socket sendto information flow direction.
|
||||
- Added methods to TypeAttribute class to make it a complete Python collection.
|
||||
- Genfscon now will look up classes rather than using fixed values which
|
||||
were dropped from libsepol.
|
||||
|
||||
* Mon Mar 23 2020 Petr Lautrbach <plautrba@redhat.com> - 4.2.2-5
|
||||
- setools requires -console, -console-analyses and -gui packages (#1794314)
|
||||
|
||||
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 4.2.2-3
|
||||
- Rebuilt for Python 3.8.0rc1 (#1748018)
|
||||
|
||||
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 4.2.2-2
|
||||
- Rebuilt for Python 3.8
|
||||
|
||||
* Mon Jul 08 2019 Vit Mojzis <vmojzis@redhat.com> - 4.2.2-1}
|
||||
- SETools 4.2.2 release
|
||||
|
||||
|
@ -245,15 +164,11 @@ Python modules designed to facilitate SELinux policy analysis.
|
|||
- Require userspace release 2.8
|
||||
- setools-gui requires python3-setools
|
||||
- Add Requires for python[23]-setuptools - no longer required (just recommended) by python[23] (#1623371)
|
||||
|
||||
* Thu Aug 09 2018 Vit Mojzis <vmojzis@redhat.com> - 4.2.0-0.1.beta
|
||||
- New upstream release
|
||||
- Drop python2 subpackage (4.2.0 no longer supports python2)
|
||||
|
||||
* Wed Aug 29 2018 Vit Mojzis <vmojzis@redhat.com> - 4.1.1-13
|
||||
- Add Requires for python[23]-setuptools - no longer required (just recommended)
|
||||
by python[23] (#1623371)
|
||||
|
||||
* Wed Aug 22 2018 Petr Lautrbach <plautrba@redhat.com> - 4.1.1-12.1
|
||||
- Fix SCTP patch - https://github.com/SELinuxProject/setools/issues/9
|
||||
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.1.1-11
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
|
|
3
sources
3
sources
|
@ -1 +1,2 @@
|
|||
SHA512 (4.4.0.tar.gz) = 4033ce54213e47e3afd1bdb03b99b0ee3d977f085310d746b34dcfcfe48ac3a562ae0aa2f730d629a298b56dbf295ad219669d13f82578521866b465f8c976e8
|
||||
SHA512 (4.2.1.tar.gz) = 7d00295fe7ff16e96e15266807f8e0a67cc2978f9051cd85afb9ee71ca7fad16ccf7421a4a163bb793950bc20a44f3cbb8409b4e0642d0f96cf7a3df7bc59c31
|
||||
SHA512 (4.2.2.tar.gz) = 5044b04d0895ffe31557b3b71bb277ab49710a6066485c8f204ce7858abab259f973000f1fcfde0149ed4e33a50103984939dcc68ce322d70e9e927e81d4f798
|
||||
|
|
|
@ -1,63 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /CoreOS/setools/Regression/The-setools-package-doesn-t-install-any-tools
|
||||
# Description: Make sure setools requires setools-console and setools-gui
|
||||
# Author: Vit Mojzis <vmojzis@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2020 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/CoreOS/setools/Regression/The-setools-package-doesn-t-install-any-tools
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: Make sure setools requires setools-console and setools-gui" >> $(METADATA)
|
||||
@echo "Type: Regression" >> $(METADATA)
|
||||
@echo "TestTime: 5m" >> $(METADATA)
|
||||
@echo "RunFor: setools" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 1820078" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,54 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /CoreOS/setools/Regression/bz1820078-The-setools-package-doesn-t-install-any-tools
|
||||
# Description: Make sure setools requires setools-console and setools-gui
|
||||
# Author: Vit Mojzis <vmojzis@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2020 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/bin/rhts-environment.sh || exit 1
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="setools"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartSetup
|
||||
rlRun "dnf -y remove ${PACKAGE} ${PACKAGE}-gui ${PACKAGE}-console"
|
||||
OUTPUT_FILE=`mktemp`
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "bz#1820078"
|
||||
rlRun "dnf -y install ${PACKAGE}" 0
|
||||
rlAssertRpm "${PACKAGE}-gui"
|
||||
rlAssertRpm "${PACKAGE}-console"
|
||||
# make sure that setools-* packages do not require setools
|
||||
rlRun "rpm -q --whatrequires ${PACKAGE} >& ${OUTPUT_FILE}" 0,1
|
||||
rlRun "grep -i \"${PACKAGE}-\" ${OUTPUT_FILE}" 1
|
||||
if [ $? -ne 1 ]; then rlRun "cat \"${OUTPUT_FILE}\""; fi
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartCleanup
|
||||
rm -f ${OUTPUT_FILE}
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,63 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /CoreOS/setools/Sanity/sedta
|
||||
# Description: Does sedta work as expected? Does it support all features?
|
||||
# Author: Milos Malik <mmalik@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/CoreOS/setools/Sanity/sedta
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE testpolicy.cil
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Milos Malik <mmalik@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: Does sedta work as expected? Does it support all features?" >> $(METADATA)
|
||||
@echo "Type: Sanity" >> $(METADATA)
|
||||
@echo "TestTime: 1h" >> $(METADATA)
|
||||
@echo "RunFor: setools" >> $(METADATA)
|
||||
@echo "Requires: policycoreutils setools-console-analyses" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHEL6 -RHEL7 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
PURPOSE of /CoreOS/setools/Sanity/sedta
|
||||
Description: Does sedta work as expected? Does it support all features?
|
||||
Author: Milos Malik <mmalik@redhat.com>
|
|
@ -1,88 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of /CoreOS/setools/Sanity/sedta
|
||||
# Description: Does sedta work as expected? Does it support all features?
|
||||
# Author: Milos Malik <mmalik@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/bin/rhts-environment.sh || exit 1
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="setools"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartSetup
|
||||
rlAssertRpm ${PACKAGE}-console-analyses
|
||||
OUTPUT_FILE=`mktemp`
|
||||
rlRun "semodule -i testpolicy.cil"
|
||||
rlRun "semodule -l | grep testpolicy"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "invalid values"
|
||||
rlRun "sedta -s unknown_t >& ${OUTPUT_FILE}" 1
|
||||
rlRun "grep -i 'not a valid type' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s apmd_t -t unknown_t -S >& ${OUTPUT_FILE}" 1
|
||||
rlRun "grep -i 'not a valid type' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s unknown_t -p /etc/selinux/unknown/policy/policy.31 >& ${OUTPUT_FILE}" 1
|
||||
rlRun "grep -i 'no such file or directory' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s apmd_t -t var_lib_t -A -1 >& ${OUTPUT_FILE}" 1
|
||||
rlRun "grep -i 'must be positive' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s xyz_t >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^0.*transition.*found' ${OUTPUT_FILE}"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "valid values"
|
||||
# transitivity
|
||||
rlRun "sedta -s first_t -t second_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s second_t -t third_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s first_t -t third_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
# reflexivity
|
||||
rlRun "sedta -s first_t -t first_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s second_t -t second_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
rlRun "sedta -s third_t -t third_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^1 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
# path is longer than limit
|
||||
rlRun "sedta -s first_t -t third_t -A 1 >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^0 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
# non-existent relation
|
||||
rlRun "sedta -s first_t -t third_t -S -r >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^0 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
# non-existent relation
|
||||
rlRun "sedta -s third_t -t first_t -S >& ${OUTPUT_FILE}"
|
||||
rlRun "grep -i '^0 domain transition path.*found' ${OUTPUT_FILE}"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartCleanup
|
||||
rlRun "semodule -r testpolicy"
|
||||
rlRun "semodule -l | grep testpolicy" 1
|
||||
rm -f ${OUTPUT_FILE}
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
( type xyz_t )
|
||||
|
||||
( type first_t )
|
||||
( type first_exec_t )
|
||||
( type second_t )
|
||||
( type second_exec_t )
|
||||
( type third_t )
|
||||
( type third_exec_t )
|
||||
|
||||
( typetransition first_t second_exec_t process second_t )
|
||||
( typetransition second_t third_exec_t process third_t )
|
||||
|
||||
( allow first_t second_exec_t ( file ( getattr open read execute )))
|
||||
( allow first_t second_t ( process ( transition )))
|
||||
( allow second_t third_exec_t ( file ( getattr open read execute )))
|
||||
( allow second_t third_t ( process ( transition )))
|
||||
|
||||
( allow first_t first_exec_t ( file ( entrypoint )))
|
||||
( allow second_t second_exec_t ( file ( entrypoint )))
|
||||
( allow third_t third_exec_t ( file ( entrypoint )))
|
||||
|
|
@ -1,64 +0,0 @@
|
|||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of Sanity/seinfo-consistent-output
|
||||
# Description: Check whether different 2 or more runs of same seinfo commands produce same output
|
||||
# Author: Petr Lautrbach <plautrba@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2021 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=Sanity/seinfo-consistent-output
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Petr Lautrbach <plautrba@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: Check whether different 2 or more runs of same seinfo commands produce same output" >> $(METADATA)
|
||||
@echo "Type: Sanity" >> $(METADATA)
|
||||
@echo "TestTime: 5m" >> $(METADATA)
|
||||
@echo "RunFor: setools" >> $(METADATA)
|
||||
@echo "Requires: setools-console" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2+" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Bug: 2019962" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
|
@ -1,3 +0,0 @@
|
|||
PURPOSE of Sanity/seinfo-consistent-output
|
||||
Description: Check whether different 2 or more runs of same seinfo commands produce same output
|
||||
Author: Petr Lautrbach <plautrba@redhat.com>
|
|
@ -1,64 +0,0 @@
|
|||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of Sanity/seinfo-consistent-output
|
||||
# Description: Check whether different 2 or more runs of same seinfo commands produce same output
|
||||
# Author: Petr Lautrbach <plautrba@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2021 Red Hat, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation, either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/bin/rhts-environment.sh || exit 1
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="setools-console"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartSetup
|
||||
rlAssertRpm $PACKAGE
|
||||
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||
rlRun "pushd $TmpDir"
|
||||
rlPhaseEnd
|
||||
|
||||
commands=(
|
||||
"seinfo --all -x"
|
||||
"seinfo --constrain"
|
||||
"seinfo --common"
|
||||
"seinfo -c -x"
|
||||
"seinfo -r -x"
|
||||
"seinfo -u -x"
|
||||
)
|
||||
|
||||
for c in "${commands[@]}"; do
|
||||
|
||||
rlPhaseStartTest "$c"
|
||||
rlRun "$c > 1.out"
|
||||
rlRun "$c > 2.out"
|
||||
rlRun "cmp 1.out 2.out" 0
|
||||
rlPhaseEnd
|
||||
done
|
||||
|
||||
rlPhaseStartCleanup
|
||||
rlRun "popd"
|
||||
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
|
@ -1,22 +0,0 @@
|
|||
---
|
||||
# Test to run in classic context
|
||||
- hosts: localhost
|
||||
roles:
|
||||
- role: standard-test-beakerlib
|
||||
tags:
|
||||
- classic
|
||||
repositories:
|
||||
- repo: "https://src.fedoraproject.org/tests/selinux.git"
|
||||
dest: "selinux"
|
||||
fmf_filter: "tier: 1 | component: policycoreutils | component: checkpolicy"
|
||||
|
||||
# Test to run in classic context
|
||||
- hosts: localhost
|
||||
roles:
|
||||
- role: standard-test-beakerlib
|
||||
tags:
|
||||
- classic
|
||||
tests:
|
||||
- Sanity/sedta
|
||||
- Regression/The-setools-package-doesn-t-install-any-tools
|
||||
- Sanity/seinfo-consistent-output
|
Loading…
Reference in New Issue