update to latest upstream
This commit is contained in:
John Dennis
parent
d6778f1502
commit
b512ba990e
|
|
@ -1 +1 @@
|
|||
setroubleshoot-1.9.7.tar.gz
|
||||
setroubleshoot-1.10.3.tar.gz
|
||||
|
|
|
|||
|
|
@ -9,22 +9,50 @@
|
|||
# config: /etc/setroubleshoot/setroubleshoot.cfg
|
||||
# pidfile: /var/run/setroubleshoot.pid
|
||||
#
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: lsb-setroubleshootd
|
||||
# Required-Start: $local_fs $syslog $network $named
|
||||
# Required-Stop: $local_fs $syslog $network $named
|
||||
# Default-Start: 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: start and stop SELinux Troubleshooting Daemon
|
||||
# Description: controls operation of the SELinux Troubleshooting Daemon
|
||||
# (setroubleshootd) which listens for SELinux AVC denial messages
|
||||
# analyzes it and provides a friendly interpretation.
|
||||
### END INIT INFO
|
||||
|
||||
# Return values according to LSB for all commands but status:
|
||||
# 0 - success
|
||||
# 1 - generic or unspecified error
|
||||
# 2 - invalid or excess argument(s)
|
||||
# 3 - unimplemented feature (e.g. "reload")
|
||||
# 4 - insufficient privilege
|
||||
# 5 - program is not installed
|
||||
# 6 - program is not configured
|
||||
# 7 - program is not running
|
||||
# 0 success
|
||||
# 1 generic or unspecified error (current practice)
|
||||
# 2 invalid or excess argument(s)
|
||||
# 3 unimplemented feature (for example, "reload")
|
||||
# 4 user had insufficient privilege
|
||||
# 5 program is not installed
|
||||
# 6 program is not configured
|
||||
# 7 program is not running
|
||||
|
||||
# Command argument
|
||||
# start start the service
|
||||
# stop stop the service
|
||||
# restart stop and restart the service if the service is already running, otherwise start the service
|
||||
# try-restart restart the service if the service is already running
|
||||
# reload cause the configuration of the service to be reloaded without actually stopping and restarting the service
|
||||
# force-reload cause the configuration to be reloaded if the service supports this, otherwise restart the service if it is running
|
||||
# status print the current status of the service
|
||||
|
||||
# start, stop, restart, force-reload, and status actions must be supported
|
||||
# reload and the try-restart actions are optional.
|
||||
# the init script.
|
||||
|
||||
|
||||
|
||||
PATH=/sbin:/bin:/usr/bin:/usr/sbin
|
||||
|
||||
# Source function library.
|
||||
# /lib/lsb/init-functions
|
||||
. /etc/init.d/functions
|
||||
|
||||
|
||||
# Silently exit is SELinux is not enabled
|
||||
[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 1
|
||||
|
||||
|
|
@ -99,17 +127,17 @@ case "$1" in
|
|||
restart)
|
||||
restart
|
||||
;;
|
||||
reload)
|
||||
force-reload|reload)
|
||||
reload
|
||||
;;
|
||||
condrestart)
|
||||
try-restart|condrestart)
|
||||
condrestart
|
||||
;;
|
||||
cleardb)
|
||||
cleardb
|
||||
;;
|
||||
*)
|
||||
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|cleardb}"
|
||||
echo $"Usage: $0 {start|stop|status|restart|try-restart|condrestart|reload|force-reload|cleardb}"
|
||||
RETVAL=3
|
||||
esac
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
Summary: Helps troubleshoot SELinux problems
|
||||
Name: setroubleshoot
|
||||
Version: 1.9.7
|
||||
Version: 1.10.3
|
||||
Release: 1%{?dist}
|
||||
License: GPL
|
||||
License: GPLv2+
|
||||
Group: Applications/System
|
||||
URL: http://www.redhat.com/
|
||||
URL: https://hosted.fedoraproject.org/projects/setroubleshoot
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
Source1: setroubleshoot.init
|
||||
Source2: setroubleshoot.logrotate
|
||||
|
|
@ -12,25 +12,32 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|||
BuildArch: noarch
|
||||
BuildRequires: perl-XML-Parser
|
||||
Requires: %{name}-server = %{version}-%{release}
|
||||
Requires: %{name}-plugins
|
||||
Requires: pygtk2 >= 2.9.2
|
||||
Requires: gnome-python2, gnome-python2-canvas
|
||||
Requires: usermode, rhpl
|
||||
BuildRequires: desktop-file-utils
|
||||
Requires: gnome-python2-gtkhtml2
|
||||
Requires: dbus
|
||||
Requires: dbus-python
|
||||
Requires: libxml2-python
|
||||
Requires(post): /usr/bin/update-desktop-database
|
||||
Requires(post): dbus
|
||||
Requires(postun): /usr/bin/update-desktop-database
|
||||
Requires(postun): dbus
|
||||
Requires: notify-python
|
||||
|
||||
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
|
||||
|
||||
%define pkgpythondir %{python_sitelib}/%{name}
|
||||
%define pkgdocdir %{_datadir}/doc/%{name}-%{version}
|
||||
%define pkgguidir %{_datadir}/%{name}/gui
|
||||
%define pkgdatadir %{_datadir}/%{name}
|
||||
%define pkglibexecdir %{_prefix}/libexec/%{name}
|
||||
%define pkgvardatadir %{_localstatedir}/lib/%{name}
|
||||
%define pkgrundir %{_localstatedir}/run/%{name}
|
||||
%define pkgconfigdir %{_sysconfdir}/%{name}
|
||||
%define pkglogdir %{_localstatedir}/log/%{name}
|
||||
%define pkgdatabase %{pkgvardatadir}/audit_listener_database.xml
|
||||
|
||||
%description
|
||||
setroubleshoot gui. Application that allows you to view setroubleshoot-server
|
||||
|
|
@ -41,19 +48,21 @@ about the problem and help track its resolution. Alerts can be configured
|
|||
to user preference. The same tools can be run on existing log files.
|
||||
|
||||
%files
|
||||
%{pkgguidir}
|
||||
%{_sysconfdir}/xdg/autostart/*
|
||||
%{_datadir}/applications/*.desktop
|
||||
%{_datadir}/dbus-1/services/sealert.service
|
||||
%{_datadir}/icons/hicolor
|
||||
%dir %attr(0755,root,root) %{pkgpythondir}
|
||||
%{pkgpythondir}/browser.py*
|
||||
%{pkgpythondir}/gui_utils.py*
|
||||
%{pkgpythondir}/email_dialog.py*
|
||||
%{pkgpythondir}/gui_utils.py*
|
||||
|
||||
%post
|
||||
/usr/bin/update-desktop-database %{_datadir}/applications
|
||||
touch --no-create %{_datadir}/icons/hicolor || :
|
||||
%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
|
||||
dbus-send --system /com/redhat/setroubleshootd com.redhat.SEtroubleshootdIface.restart string:'rpm install' >/dev/null 2>&1 || :
|
||||
|
||||
%postun
|
||||
/usr/bin/update-desktop-database %{_datadir}/applications
|
||||
|
|
@ -72,7 +81,8 @@ rm -rf %{buildroot}
|
|||
make DESTDIR=%{buildroot} install
|
||||
%{__install} -D -m755 %{SOURCE1} %{buildroot}/etc/rc.d/init.d/%{name}
|
||||
%{__install} -D -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
|
||||
touch %{buildroot}%{pkgvardatadir}/audit_listener_database.xml
|
||||
desktop-file-install --vendor="" --dir=%{buildroot}%{_datadir}/applications %{buildroot}/%{_datadir}/applications/%{name}.desktop
|
||||
touch %{buildroot}%{pkgdatabase}
|
||||
touch %{buildroot}%{pkgvardatadir}/email_alert_recipients
|
||||
%find_lang %{name}
|
||||
|
||||
|
|
@ -80,9 +90,16 @@ touch %{buildroot}%{pkgvardatadir}/email_alert_recipients
|
|||
Summary: SELinux troubleshoot server
|
||||
Group: Applications/System
|
||||
|
||||
Requires: %{name}-plugins
|
||||
Requires: audit >= 1.2.6-3
|
||||
Requires: audit-libs-python >= 1.2.6-3
|
||||
Requires: libselinux >= 1.30.15-1
|
||||
Requires: pygobject2
|
||||
Requires: dbus-python
|
||||
Requires: libxml2-python
|
||||
Requires: libselinux-python
|
||||
Requires: audit-libs-python
|
||||
Requires: libuser
|
||||
|
||||
BuildRequires: intltool gettext python
|
||||
|
||||
|
|
@ -99,7 +116,10 @@ about the problem and help track its resolution. Alerts can be configured
|
|||
to user preference. The same tools can be run on existing log files.
|
||||
|
||||
%post server
|
||||
[ -f %{pkgvardatadir}/database.xml ] && chmod 644 %{pkgvardatadir}/database.xml
|
||||
if [ -f %{pkgdatabase} ]; then
|
||||
chown root:root %{pkgdatabase} >/dev/null 2>&1 || :
|
||||
chmod 600 %{pkgdatabase} >/dev/null 2>&1 || :
|
||||
fi
|
||||
/sbin/chkconfig --add %{name}
|
||||
/sbin/service %{name} condrestart >/dev/null 2>&1 || :
|
||||
|
||||
|
|
@ -126,8 +146,8 @@ rm -rf %{buildroot}
|
|||
%{pkgpythondir}/__init__.py*
|
||||
%{pkgpythondir}/access_control.py*
|
||||
%{pkgpythondir}/analyze.py*
|
||||
%{pkgpythondir}/audit_data.py*
|
||||
%{pkgpythondir}/avc_audit.py*
|
||||
%{pkgpythondir}/avc_auparse.py*
|
||||
%{pkgpythondir}/config.py*
|
||||
%{pkgpythondir}/email_alert.py*
|
||||
%{pkgpythondir}/errcode.py*
|
||||
|
|
@ -142,15 +162,93 @@ rm -rf %{buildroot}
|
|||
%config %{pkgconfigdir}/%{name}.cfg
|
||||
%dir %{pkglogdir}
|
||||
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
|
||||
%config %{_sysconfdir}/dbus-1/system.d/setroubleshootd.conf
|
||||
%dir %{pkgrundir}
|
||||
%dir %{pkgvardatadir}
|
||||
%ghost %attr(0644,root,root) %{pkgvardatadir}/audit_listener_database.xml
|
||||
%ghost %attr(0600,root,root) %{pkgdatabase}
|
||||
%ghost %attr(0644,root,root) %{pkgvardatadir}/email_alert_recipients
|
||||
%{_mandir}/man8/sealert.8.gz
|
||||
|
||||
/etc/rc.d/init.d/%{name}
|
||||
%attr(0755,root,root) /etc/rc.d/init.d/%{name}
|
||||
|
||||
%changelog
|
||||
* Sat Sep 8 2007 John Dennis <jdennis@redhat.com> - 1.10.3-1
|
||||
- modify avc_audit.py to use new audit_data.py implementation
|
||||
|
||||
- can listen for audit events on either /var/run/audit_events
|
||||
in bindary protocol mode or /var/run/audisp_events in
|
||||
text protocol mode
|
||||
|
||||
* Thu Sep 6 2007 John Dennis <jdennis@redhat.com> - 1.10.2-1
|
||||
- remove all copied code from test_setroubleshootd, now we import
|
||||
from setroubleshoot
|
||||
|
||||
- export ClientConnectionHandler from rpc.py as a base class.
|
||||
Derive SetroubleshootdClientConnectionHandler and
|
||||
AuditClientConnectionHandler from ClientConnectionHandler.
|
||||
|
||||
- add audisp_listen as test program
|
||||
|
||||
- create setroubleshoot sym link in top devel directory pointing
|
||||
to src so import setroubleshoot.foo if PYTHONPATH=topdir
|
||||
|
||||
- add get_option, convert_cfg_type to config.py.in so that one
|
||||
can pass optional dict to override config file settings
|
||||
|
||||
- rewrite log_init() so it's easier for other programs to use it,
|
||||
fix the import logic concering log & config
|
||||
|
||||
- remove log code from test_setroubleshoot, now just does import
|
||||
from setroubleshoot.
|
||||
|
||||
- test_setroubleshootd can now handle audit records in both text
|
||||
and binary formats, can be selected by command line arg. It can now
|
||||
either output to clients connecting on a socket or to stdout. Can
|
||||
now optionally exit after N socket client connections.
|
||||
|
||||
- remove non audit record lines from test data
|
||||
|
||||
- remove config_init() and log_init() from package __init__.py
|
||||
It was the wrong place to call them, now call them when the
|
||||
process initializes before the first setroubleshoot imports
|
||||
|
||||
- add parse_config_setting() and set_config() to config module
|
||||
- setroubleshootd now accepts -c --config command line arg
|
||||
- test_sectroubleshoot: add err defines & program_error exception
|
||||
add is_valid() tests to assure we read a valid audit record
|
||||
log the unrecognized line if not valid, clean up socket close()
|
||||
|
||||
- Relates Bug #247056, update initscript to LSB standards
|
||||
Note: LSB initscripts in Fedora is not yet a resolved issue,
|
||||
the changes implemented were to add an LSB block and support
|
||||
the new LSB try-restart and force-reload commands. However
|
||||
the new /lib/lsb/init-functions are NOT currently used as this
|
||||
is the unstable part.
|
||||
|
||||
* Thu Aug 23 2007 John Dennis <jdennis@redhat.com> - 1.10.1-1
|
||||
- add BuildRequires perl-XML-Parser
|
||||
|
||||
* Thu Aug 23 2007 John Dennis <jdennis@redhat.com> - 1.10.0-1
|
||||
|
||||
- move all plugins and their translations to independent package
|
||||
- wrap XML generation inside try/except
|
||||
- correct how access list is obtained in avc_auparse.py
|
||||
- add try/except around top level of AnalyzeThread.run so exceptions
|
||||
in the thread get reported and the analysis thread does not just die.
|
||||
- also add try/except around LogfileThread.process_logfile
|
||||
- add new function assure_file_ownership_permissions()
|
||||
- server now forces it's database file permissions/ownership to be 0600 root:root
|
||||
- rpm now forces the server's database file permissions/ownership to be 0600 root:root
|
||||
- Resolves Bug #251545: Review Request: setroubleshoot-plugins - analysis plugins for setroubleshoot
|
||||
- clean up some other rpmlint warnings in setroubleshoot.spec
|
||||
- fix missing install of setroubleshoot icon and sym link to it
|
||||
- Resolves Bug #251551, setroubleshoot shows up in in wrong desktop menu
|
||||
also run desktop-file-install in rpm install
|
||||
- add /etc/dbus-1/system.d/setroubleshootd.conf dbus configuration file
|
||||
- Resolves Bug #250979, Bug #250932 Missing dependencies
|
||||
- Restore plugins/Makefile.am which got nuked somehow
|
||||
- remove dus.dbus_bindings.bus_name_has_owner(), deprecated as of F7
|
||||
- wrap rpm transactions in try/except
|
||||
|
||||
* Tue Jun 12 2007 John Dennis <jdennis@redhat.com> - 1.9.7-1
|
||||
- Resolves Bug# 241739, this bug is the lead bug for several bug reports,
|
||||
all consequences of the same problem, setroubleshootd/sealert when run
|
||||
|
|
@ -709,7 +807,7 @@ it has already been seen
|
|||
- fix allow_execmod plugin to report better data.
|
||||
|
||||
* Mon Jun 26 2006 John Dennis <jdennis@redhat.com> - 0.3-1
|
||||
- add missing /var/log directory %files section in spec file,
|
||||
- add missing /var/log directory files section in spec file,
|
||||
and add logrotate script
|
||||
|
||||
* Mon Jun 26 2006 John Dennis <jdennis@redhat.com> - 0.2-1
|
||||
|
|
|
|||
Loading…
Reference in New Issue