rpms/policycoreutils/devel .cvsignore, 1.107, 1.108 policycoreutils-rhat.patch, 1.182, 1.183 policycoreutils.spec, 1.259, 1.260 sources, 1.111, 1.112
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Apr 14 19:47:07 UTC 2006
- Previous message (by thread): rpms/kernel/devel linux-2.6-xen.patch,1.7,1.8
- Next message (by thread): rpms/selinux-policy/devel .cvsignore, 1.55, 1.56 policy-20060411.patch, 1.3, 1.4 selinux-policy.spec, 1.173, 1.174 sources, 1.59, 1.60
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv2878
Modified Files:
.cvsignore policycoreutils-rhat.patch policycoreutils.spec
sources
Log Message:
* Fri Apr 14 2006 Dan Walsh <dwalsh at redhat.com> 1.30.6-1
- Add /etc/samba/secrets.tdb to restorecond.conf
- Update from upstream
* Merged semanage prefix support from Russell Coker.
* Added a test to setfiles to check that the spec file is
a regular file.
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/.cvsignore,v
retrieving revision 1.107
retrieving revision 1.108
diff -u -r1.107 -r1.108
--- .cvsignore 14 Apr 2006 11:51:02 -0000 1.107
+++ .cvsignore 14 Apr 2006 19:47:03 -0000 1.108
@@ -97,3 +97,4 @@
policycoreutils-1.30.1.tgz
policycoreutils-1.30.4.tgz
policycoreutils-1.30.5.tgz
+policycoreutils-1.30.6.tgz
policycoreutils-rhat.patch:
audit2allow/audit2allow | 472 ++-------------------------------------
audit2allow/audit2allow.1 | 5
audit2allow/avc.py | 518 +++++++++++++++++++++++++++++++++++++++++++
restorecond/restorecond.conf | 2
semanage/semanage | 2
semanage/seobject.py | 14 -
setsebool/setsebool.8 | 2
7 files changed, 572 insertions(+), 443 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.182
retrieving revision 1.183
diff -u -r1.182 -r1.183
--- policycoreutils-rhat.patch 14 Apr 2006 13:41:33 -0000 1.182
+++ policycoreutils-rhat.patch 14 Apr 2006 19:47:04 -0000 1.183
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.30.5/audit2allow/audit2allow
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.30.6/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2006-03-29 15:35:22.000000000 -0500
-+++ policycoreutils-1.30.5/audit2allow/audit2allow 2006-04-14 07:44:00.000000000 -0400
++++ policycoreutils-1.30.6/audit2allow/audit2allow 2006-04-14 15:07:36.000000000 -0400
@@ -24,431 +24,8 @@
# 02111-1307 USA
#
@@ -495,7 +495,7 @@
if o == "-R" or o == "--reference":
ref_ind=True
-@@ -565,25 +144,37 @@
+@@ -565,25 +144,38 @@
if o == "-v" or o == "--verbose":
verbose=1
@@ -524,6 +524,7 @@
+
+ if analyze:
+ serules.analyze()
++ sys.exit(0)
- if auditlogs:
+ if auditlogs and os.path.exists("/var/log/audit/audit.log"):
@@ -538,9 +539,9 @@
output.flush()
if buildPP:
cmd="checkmodule %s -m -o %s.mod %s.te" % (get_mls_flag(), module, module)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-1.30.5/audit2allow/audit2allow.1
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-1.30.6/audit2allow/audit2allow.1
--- nsapolicycoreutils/audit2allow/audit2allow.1 2006-03-10 09:48:04.000000000 -0500
-+++ policycoreutils-1.30.5/audit2allow/audit2allow.1 2006-04-14 07:44:00.000000000 -0400
++++ policycoreutils-1.30.6/audit2allow/audit2allow.1 2006-04-14 13:50:16.000000000 -0400
@@ -98,6 +98,11 @@
.PP
.SH EXAMPLE
@@ -553,9 +554,9 @@
.B Using audit2allow to generate monolithic (non-module) policy
$ cd /etc/selinux/$SELINUXTYPE/src/policy
$ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.30.5/audit2allow/avc.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.30.6/audit2allow/avc.py
--- nsapolicycoreutils/audit2allow/avc.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30.5/audit2allow/avc.py 2006-04-14 07:44:00.000000000 -0400
++++ policycoreutils-1.30.6/audit2allow/avc.py 2006-04-14 15:46:22.000000000 -0400
@@ -0,0 +1,518 @@
+#! /usr/bin/env python
+# Copyright (C) 2006 Red Hat
@@ -989,6 +990,8 @@
+ self.seRules[key]=serule(key)
+ if "name" not in AVC.keys():
+ AVC["name"]=""
++ if "comm" not in AVC.keys():
++ AVC["comm"]=""
+
+ self.add_avc(AVC)
+ self.seRules[key].add((AVC["access"], AVC["msg"], AVC["comm"], AVC["name"]))
@@ -1049,11 +1052,9 @@
+
+ def analyze(self):
+ a=Analyze()
-+ analysys=a.process(self.AVCS)
-+ for i in analysys:
++ for i in a.process(self.AVCS):
+ print i[0][0]
+ print ""
-+ sys.exit(0)
+
+ def out(self, require=0, module=""):
+ rec=""
@@ -1075,9 +1076,9 @@
+ rec += self.seRules[i].out(self.verbose)+"\n"
+ return rec
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.30.5/restorecond/restorecond.conf
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.30.6/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-03-29 11:08:21.000000000 -0500
-+++ policycoreutils-1.30.5/restorecond/restorecond.conf 2006-04-14 09:40:32.000000000 -0400
++++ policycoreutils-1.30.6/restorecond/restorecond.conf 2006-04-14 13:50:16.000000000 -0400
@@ -1,4 +1,6 @@
/etc/resolv.conf
+/etc/samba/secrets.tdb
@@ -1085,82 +1086,10 @@
/var/run/utmp
~/public_html
+~/.mozilla/plugins/libflashplayer.so
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.30.5/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2006-03-29 15:35:22.000000000 -0500
-+++ policycoreutils-1.30.5/semanage/semanage 2006-04-14 07:45:07.000000000 -0400
-@@ -32,7 +32,7 @@
- print '\
- semanage {login|user|port|interface|fcontext|translation} -l [-n] \n\
- semanage login -{a|d|m} [-sr] login_name\n\
--semanage user -{a|d|m} [-LrR] selinux_name\n\
-+semanage user -{a|d|m} [-LrRP] selinux_name\n\
- semanage port -{a|d|m} [-tr] [ -p protocol ] port | port_range\n\
- semanage interface -{a|d|m} [-tr] interface_spec\n\
- semanage fcontext -{a|d|m} [-frst] file_spec\n\
-@@ -60,6 +60,7 @@
- -p (named pipe) \n\n\
- \
- -p, --proto Port protocol (tcp or udp)\n\
-+ -P, --prefix Prefix for home directory labeling\n\
- -L, --level Default SELinux Level (MLS/MCS Systems only)\n\
- -R, --roles SELinux Roles (ex: "sysadm_r staff_r")\n\
- -T, --trans SELinux Level Translation (MLS/MCS Systems only)\n\n\
-@@ -83,7 +84,7 @@
- valid_option["login"] = []
- valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
- valid_option["user"] = []
-- valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles' ]
-+ valid_option["user"] += valid_everyone + [ '-L', '--level', '-r', '--range', '-R', '--roles', '-P', '--prefix' ]
- valid_option["port"] = []
- valid_option["port"] += valid_everyone + [ '-t', '--type', '-r', '--range', '-p', '--protocol' ]
- valid_option["interface"] = []
-@@ -109,6 +110,7 @@
- setrans = ""
- roles = ""
- seuser = ""
-+ prefix = ""
- heading=1
-
- add = 0
-@@ -126,7 +128,7 @@
- args = sys.argv[2:]
-
- gopts, cmds = getopt.getopt(args,
-- 'adf:lhmnp:s:R:L:r:t:T:',
-+ 'adf:lhmnp:s:R:L:r:t:T:P:',
- ['add',
- 'delete',
- 'ftype=',
-@@ -140,7 +142,8 @@
- 'level=',
- 'roles=',
- 'type=',
-- 'trans='
-+ 'trans=',
-+ 'prefix='
- ])
- for o, a in gopts:
- if o not in option_dict[object]:
-@@ -185,6 +188,9 @@
- if o == "-p" or o == '--proto':
- proto = a
-
-+ if o == "-P" or o == '--prefix':
-+ prefix = a
-+
- if o == "-R" or o == '--roles':
- roles = roles + " " + a
-
-@@ -235,7 +241,7 @@
- rlist = roles.split()
- if len(rlist) == 0:
- raise ValueError("You must specify a role")
-- OBJECT.add(target, rlist, selevel, serange)
-+ OBJECT.add(target, rlist, selevel, serange, prefix)
-
- if object == "port":
- OBJECT.add(target, proto, serange, setype)
-@@ -286,6 +292,8 @@
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.30.6/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage 2006-04-14 13:10:51.000000000 -0400
++++ policycoreutils-1.30.6/semanage/semanage 2006-04-14 13:50:16.000000000 -0400
+@@ -292,6 +292,8 @@
errorExit("Options Error " + error.msg)
except ValueError, error:
errorExit(error.args[0])
@@ -1169,49 +1098,19 @@
except IOError, error:
errorExit(error.args[1])
except KeyboardInterrupt, error:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30.5/semanage/seobject.py
---- nsapolicycoreutils/semanage/seobject.py 2006-03-29 15:35:22.000000000 -0500
-+++ policycoreutils-1.30.5/semanage/seobject.py 2006-04-14 07:47:13.000000000 -0400
-@@ -381,7 +381,7 @@
- def __init__(self):
- semanageRecords.__init__(self)
-
-- def add(self, name, roles, selevel, serange):
-+ def add(self, name, roles, selevel, serange, prefix):
- if is_mls_enabled == 1:
- if serange == "":
- serange = "s0"
-@@ -427,6 +427,9 @@
- if rc < 0:
- raise ValueError("Could not set MLS level for %s" % name)
-
-+ rc = semanage_user_set_prefix(self.sh, u, prefix)
-+ if rc < 0:
-+ raise ValueError("Could not add prefix %s for %s" % (r, prefix))
- (rc,key) = semanage_user_key_extract(self.sh,u)
- if rc < 0:
- raise ValueError("Could not extract key for %s" % name)
-@@ -451,13 +454,15 @@
- semanage_user_key_free(k)
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30.6/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py 2006-04-14 13:10:51.000000000 -0400
++++ policycoreutils-1.30.6/semanage/seobject.py 2006-04-14 13:52:19.000000000 -0400
+@@ -455,6 +455,8 @@
semanage_user_free(u)
-- def modify(self, name, roles = [], selevel = "", serange = ""):
-+ def modify(self, name, roles = [], selevel = "", serange = "", prefix = ""):
+ def modify(self, name, roles = [], selevel = "", serange = "", prefix = ""):
+ oldroles=""
+ newroles = string.join(roles, ' ');
try:
-- if len(roles) == 0 and serange == "" and selevel == "":
-+ if prefix == "" and len(roles) == 0 and serange == "" and selevel == "":
+ if prefix == "" and len(roles) == 0 and serange == "" and selevel == "":
if is_mls_enabled == 1:
-- raise ValueError("Requires roles, level or range")
-+ raise ValueError("Requires prefix, roles, level or range")
- else:
-- raise ValueError("Requires roles")
-+ raise ValueError("Requires prefix or roles")
-
- (rc,k) = semanage_user_key_create(self.sh, name)
- if rc < 0:
-@@ -473,11 +478,21 @@
+@@ -476,6 +478,13 @@
if rc < 0:
raise ValueError("Could not query user for %s" % name)
@@ -1225,15 +1124,7 @@
if serange != "":
semanage_user_set_mlsrange(self.sh, u, untranslate(serange))
if selevel != "":
- semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
-
-+ if prefix != "":
-+ semanage_user_set_prefix(self.sh, u, prefix)
-+
- if len(roles) != 0:
- for r in roles:
- semanage_user_add_role(self.sh, u, r)
-@@ -495,10 +510,11 @@
+@@ -501,10 +510,11 @@
raise ValueError("Could not modify SELinux user %s" % name)
except ValueError, error:
@@ -1247,9 +1138,9 @@
semanage_user_key_free(k)
semanage_user_free(u)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setsebool/setsebool.8 policycoreutils-1.30.5/setsebool/setsebool.8
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setsebool/setsebool.8 policycoreutils-1.30.6/setsebool/setsebool.8
--- nsapolicycoreutils/setsebool/setsebool.8 2005-11-04 15:37:49.000000000 -0500
-+++ policycoreutils-1.30.5/setsebool/setsebool.8 2006-04-14 07:44:00.000000000 -0400
++++ policycoreutils-1.30.6/setsebool/setsebool.8 2006-04-14 13:50:16.000000000 -0400
@@ -17,7 +17,7 @@
are not changed.
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.259
retrieving revision 1.260
diff -u -r1.259 -r1.260
--- policycoreutils.spec 14 Apr 2006 13:41:33 -0000 1.259
+++ policycoreutils.spec 14 Apr 2006 19:47:04 -0000 1.260
@@ -4,8 +4,8 @@
%define libselinuxver 1.30.3-1
Summary: SELinux policy core utilities.
Name: policycoreutils
-Version: 1.30.5
-Release: 2
+Version: 1.30.6
+Release: 1
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -108,11 +108,10 @@
/sbin/service restorecond condrestart
%changelog
-* Fri Apr 14 2006 Dan Walsh <dwalsh at redhat.com> 1.30.5-2
+* Fri Apr 14 2006 Dan Walsh <dwalsh at redhat.com> 1.30.6-1
- Add /etc/samba/secrets.tdb to restorecond.conf
-
-* Fri Apr 14 2006 Dan Walsh <dwalsh at redhat.com> 1.30.5-1
- Update from upstream
+ * Merged semanage prefix support from Russell Coker.
* Added a test to setfiles to check that the spec file is
a regular file.
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/sources,v
retrieving revision 1.111
retrieving revision 1.112
diff -u -r1.111 -r1.112
--- sources 14 Apr 2006 11:51:02 -0000 1.111
+++ sources 14 Apr 2006 19:47:04 -0000 1.112
@@ -1 +1 @@
-b3eba7a93507ee2e576c184854d01610 policycoreutils-1.30.5.tgz
+8debed023798b5de5252be47d5fd1b1b policycoreutils-1.30.6.tgz
- Previous message (by thread): rpms/kernel/devel linux-2.6-xen.patch,1.7,1.8
- Next message (by thread): rpms/selinux-policy/devel .cvsignore, 1.55, 1.56 policy-20060411.patch, 1.3, 1.4 selinux-policy.spec, 1.173, 1.174 sources, 1.59, 1.60
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list