rpms
/
setroubleshoot
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

setroubleshoot-3.3.26 

- Fix plugin exception reporting
- Update translations
- Stop SetroubleshootFixit after 10 seconds of inactivity
- Do not use Python slip package
This commit is contained in:
Petr Lautrbach 2021-04-15 11:46:34 +02:00
parent e538407cbb
commit 9eb5fb83b3
5 changed files with 161 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -210,3 +210,4 @@ setroubleshoot-2.2.93.tar.gz
/setroubleshoot-3.3.23.tar.gz
/setroubleshoot-3.3.24.tar.gz
/setroubleshoot-3.3.25.tar.gz
/setroubleshoot-3.3.26.tar.gz

45
0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch Normal file
View File

@ -0,0 +1,45 @@
From 56cf1525b5ebeb3591d4a3ded5299fe82d0f9208 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 14 Apr 2021 17:03:39 +0200
Subject: [PATCH] Stop SetroubleshootFixit after 10 seconds of inactivity
---
framework/src/SetroubleshootFixit.py | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
index 15c6cab1cda4..f7cbf95f182f 100644
--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
@@ -7,6 +7,7 @@ from gi.repository import GLib
import slip.dbus.service
from slip.dbus import polkit
import os
+import signal
class RunFix(slip.dbus.service.Object):
@@ -14,12 +15,20 @@ class RunFix(slip.dbus.service.Object):
def __init__(self, *p, **k):
super(RunFix, self).__init__(*p, **k)
+ self.timeout = 10
+ self.alarm(self.timeout)
+
+ def alarm(self, timeout=10):
+ signal.alarm(timeout)
+
@dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
def run_fix(self, local_id, analysis_id):
import subprocess
+ self.alarm(0)
command = ["sealert", "-f", local_id, "-P", analysis_id]
return subprocess.check_output(command, universal_newlines=True)
+ self.alarm(self.timeout)
if __name__ == "__main__":
mainloop = GLib.MainLoop()
--
2.31.1

103
0002-Do-not-use-Python-slip-package.patch Normal file
View File

@ -0,0 +1,103 @@
From 65145c512908badc45fbab8f3b329e9923b42fb1 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 14 Apr 2021 17:04:59 +0200
Subject: [PATCH] Do not use Python slip package
It's not maintained anymore and it allows us to drop dependency on
Python slip package
Use DBUS polkit interface instead -
https://www.freedesktop.org/software/polkit/docs/latest/eggdbus-interface-org.freedesktop.PolicyKit1.Authority.html
---
framework/src/SetroubleshootFixit.py | 35 ++++++++++++++++++-------
framework/src/setroubleshoot/browser.py | 3 ---
2 files changed, 25 insertions(+), 13 deletions(-)
diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
index f7cbf95f182f..ab0ad2bf632c 100644
--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
@@ -4,13 +4,11 @@ import dbus
import dbus.service
import dbus.mainloop.glib
from gi.repository import GLib
-import slip.dbus.service
-from slip.dbus import polkit
import os
import signal
+import subprocess
-
-class RunFix(slip.dbus.service.Object):
+class RunFix(dbus.service.Object):
default_polkit_auth_required = "org.fedoraproject.setroubleshootfixit.write"
def __init__(self, *p, **k):
@@ -21,14 +19,32 @@ class RunFix(slip.dbus.service.Object):
def alarm(self, timeout=10):
signal.alarm(timeout)
-
- @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
- def run_fix(self, local_id, analysis_id):
- import subprocess
+ def is_authorized(self, sender):
+ bus = dbus.SystemBus()
+
+ proxy = bus.get_object('org.freedesktop.PolicyKit1', '/org/freedesktop/PolicyKit1/Authority')
+ authority = dbus.Interface(proxy, dbus_interface='org.freedesktop.PolicyKit1.Authority')
+ subject = ('system-bus-name', {'name' : sender})
+ action_id = 'org.fedoraproject.setroubleshootfixit.write'
+ details = {}
+ flags = 1 # AllowUserInteraction flag
+ cancellation_id = '' # No cancellation id
+ result = authority.CheckAuthorization(subject, action_id, details, flags, cancellation_id)
+ return result[0]
+
+ @dbus.service.method("org.fedoraproject.SetroubleshootFixit", sender_keyword="sender", in_signature='ss', out_signature='s')
+ def run_fix(self, local_id, analysis_id, sender):
self.alarm(0)
command = ["sealert", "-f", local_id, "-P", analysis_id]
- return subprocess.check_output(command, universal_newlines=True)
+
+ if self.is_authorized(sender):
+ result = subprocess.check_output(command, universal_newlines=True)
+ else:
+ result = "Authorization failed"
+
self.alarm(self.timeout)
+ return result
+
if __name__ == "__main__":
mainloop = GLib.MainLoop()
@@ -36,5 +52,4 @@ if __name__ == "__main__":
system_bus = dbus.SystemBus()
name = dbus.service.BusName("org.fedoraproject.SetroubleshootFixit", system_bus)
object = RunFix(system_bus, "/org/fedoraproject/SetroubleshootFixit/object")
- slip.dbus.service.set_mainloop(mainloop)
mainloop.run()
diff --git a/framework/src/setroubleshoot/browser.py b/framework/src/setroubleshoot/browser.py
index 2d37bb43df02..3203f75e0c17 100644
--- a/framework/src/setroubleshoot/browser.py
+++ b/framework/src/setroubleshoot/browser.py
@@ -65,8 +65,6 @@ from setroubleshoot.util import *
from setroubleshoot.html_util import html_to_text
import re
import dbus
-import slip.dbus.service
-from slip.dbus import polkit
import report
import report.io
import report.io.GTKIO
@@ -933,7 +931,6 @@ class DBusProxy (object):
self.bus = dbus.SystemBus()
self.dbus_object = self.bus.get_object("org.fedoraproject.SetroubleshootFixit", "/org/fedoraproject/SetroubleshootFixit/object")
- @polkit.enable_proxy
def run_fix(self, local_id, plugin_name):
return self.dbus_object.run_fix(local_id, plugin_name, dbus_interface="org.fedoraproject.SetroubleshootFixit")
--
2.31.1

14
setroubleshoot.spec
View File

@ -3,14 +3,16 @@
Summary: Helps troubleshoot SELinux problems
Name: setroubleshoot
Version: 3.3.25
Version: 3.3.26
Release: 1%{?dist}
License: GPLv2+
URL: https://pagure.io/setroubleshoot
Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
Source1: %{name}.tmpfiles
# git format-patch -N setroubleshoot-3.3.24 -- framework
# git format-patch -N setroubleshoot-3.3.26 -- framework
# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
Patch0001: 0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
Patch0002: 0002-Do-not-use-Python-slip-package.patch
BuildRequires: gcc
BuildRequires: make
BuildRequires: libcap-ng-devel
@ -95,7 +97,7 @@ Requires: libselinux-python3 >= 2.1.5-1
Requires: policycoreutils-python-utils
BuildRequires: intltool gettext python3
BuildRequires: python3-devel
Requires: python3-slip-dbus systemd-python3 >= 206-1
Requires: systemd-python3 >= 206-1
Requires: python3-gobject-base >= 3.11
Requires: dbus
Requires: python3-dbus python3-dasbus
@ -188,6 +190,12 @@ chown -R setroubleshoot:setroubleshoot %{pkgvardatadir}
%doc AUTHORS COPYING ChangeLog DBUS.md NEWS README TODO
%changelog
* Thu Apr 15 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.26-1
- Fix plugin exception reporting
- Update translations
- Stop SetroubleshootFixit after 10 seconds of inactivity
- Do not use Python slip package
* Wed Mar 10 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.25-1
- Use Python dasbus instead of pydbus
- Optimize get_rpm_nvr_by_type by adding a cache

2
sources
View File

@ -1 +1 @@
SHA512 (setroubleshoot-3.3.25.tar.gz) = cbac9ef9ccbc192e8043a606366bda7c26989e2b144b619d78dd2cf8ed9a22844e509cd8666392f6cca5c6e37421d04745a731a34e073a54c2e857932c9e93e0
SHA512 (setroubleshoot-3.3.26.tar.gz) = e081a07303635e555923956541b6099fdf07c35d352f8f16ce9c131aa7155aaa5cb295919959af2088823400b074d4098a8a59741b09d25ef9ba0c86e45c62be