rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.138, 1.139 policycoreutils.spec, 1.205, 1.206
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jan 2 13:08:06 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv6320
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Tue Dec 27 2005 Dan Walsh <dwalsh at redhat.com> 1.29.2-9
- Fixes for semanage, patch from Ivan and added a test script
policycoreutils-rhat.patch:
scripts/chcat | 119 +++++++-----
scripts/chcat.8 | 6
scripts/fixfiles | 4
scripts/genhomedircon | 238 +++++++++++++-----------
scripts/selisteners | 37 +++
scripts/tests/chcat_test | 43 ++++
scripts/tests/setrans.conf | 23 ++
semanage/semanage | 414 +++++++++++++++++++++++++++++--------------
semanage/tests/semanage_test | 67 ++++++
9 files changed, 671 insertions(+), 280 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.138
retrieving revision 1.139
diff -u -r1.138 -r1.139
--- policycoreutils-rhat.patch 27 Dec 2005 15:08:31 -0000 1.138
+++ policycoreutils-rhat.patch 2 Jan 2006 13:08:02 -0000 1.139
@@ -226,6 +226,20 @@
.SH "SEE ALSO"
.TP
chcon(1), selinux(8)
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.29.2/scripts/fixfiles
+--- nsapolicycoreutils/scripts/fixfiles 2005-10-13 13:51:22.000000000 -0400
++++ policycoreutils-1.29.2/scripts/fixfiles 2005-12-30 08:17:05.000000000 -0500
+@@ -62,8 +62,8 @@
+ TEMPFILE=`mktemp ${FC}.XXXXXXXXXX`
+ test -z "$TEMPFILE" && exit
+ PREFCTEMPFILE=`mktemp ${PREFC}.XXXXXXXXXX`
+- sed -r -e 's,:s0, ,g' $PREFC > ${PREFCTEMPFILE}
+- sed -r -e 's,:s0, ,g' $FC | \
++ sed -r -e 's,:s0, ,g' $PREFC | sort -u > ${PREFCTEMPFILE}
++ sed -r -e 's,:s0, ,g' $FC | sort -u | \
+ /usr/bin/diff -b ${PREFCTEMPFILE} - | \
+ grep '^[<>]'|cut -c3-| grep ^/ | \
+ egrep -v '(^/home|^/root|^/tmp|^/dev)' |\
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.29.2/scripts/genhomedircon
--- nsapolicycoreutils/scripts/genhomedircon 2005-12-07 07:28:00.000000000 -0500
+++ policycoreutils-1.29.2/scripts/genhomedircon 2005-12-27 08:54:19.000000000 -0500
@@ -680,8 +694,8 @@
+s0:c3=NDA_Yoyodyne
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.29.2/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2005-11-29 10:55:01.000000000 -0500
-+++ policycoreutils-1.29.2/semanage/semanage 2005-12-27 10:04:46.000000000 -0500
-@@ -24,22 +24,27 @@
++++ policycoreutils-1.29.2/semanage/semanage 2005-12-27 15:13:34.000000000 -0500
+@@ -24,22 +24,33 @@
from semanage import *;
class loginRecords:
def __init__(self):
@@ -701,6 +715,9 @@
+ sename = "user_u"
+
+ (rc,k) = semanage_seuser_key_create(self.sh, name)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s" % name)
++
+ (rc,exists) = semanage_seuser_exists(self.sh, k)
if exists:
raise ValueError("SELinux User %s mapping already defined" % name)
@@ -712,10 +729,13 @@
- (rc,u)= semanage_seuser_create(self.sh)
+ (rc,u) = semanage_seuser_create(self.sh)
++ if rc != 0:
++ raise ValueError("Could not create seuser for %s" % name)
++
semanage_seuser_set_name(self.sh, u, name)
semanage_seuser_set_mlsrange(self.sh, u, serange)
semanage_seuser_set_sename(self.sh, u, sename)
-@@ -48,12 +53,13 @@
+@@ -48,13 +59,22 @@
if semanage_commit(self.sh) != 0:
raise ValueError("Failed to add SELinux user mapping")
@@ -723,18 +743,28 @@
- (rc,k)=semanage_seuser_key_create(self.sh, name)
- (rc,u)= semanage_seuser_query(self.sh, k)
- if rc !=0 :
+- raise ValueError("SELinux user %s mapping is not defined." % name)
+- if sename == "" and serange=="":
+ def modify(self, name, sename = "", serange = ""):
+ (rc,k) = semanage_seuser_key_create(self.sh, name)
-+ (rc,exists) = semanage_seuser_exists(self.sh, k)
-+ if not exists:
- raise ValueError("SELinux user %s mapping is not defined." % name)
-- if sename == "" and serange=="":
-+ (rc,u) = semanage_seuser_query(self.sh, k)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s" % name)
++
+ if sename == "" and serange == "":
raise ValueError("Requires, seuser or serange")
++
++ (rc,exists) = semanage_seuser_exists(self.sh, k)
++ if exists:
++ (rc,u) = semanage_seuser_query(self.sh, k)
++ if rc != 0:
++ raise ValueError("Could not query seuser for %s" % name)
++ else:
++ raise ValueError("SELinux user %s mapping is not defined." % name)
++
if serange != "":
semanage_seuser_set_mlsrange(self.sh, u, serange)
-@@ -66,9 +72,9 @@
+ if sename != "":
+@@ -66,78 +86,107 @@
def delete(self, name):
@@ -742,20 +772,29 @@
- (rc,exists)= semanage_seuser_exists(self.sh, k)
- if rc !=0 :
+ (rc,k) = semanage_seuser_key_create(self.sh, name)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s" % name)
++
+ (rc,exists) = semanage_seuser_exists(self.sh, k)
+ if not exists:
raise ValueError("SELinux user %s mapping is not defined." % name)
semanage_begin_transaction(self.sh)
semanage_seuser_del(self.sh, k)
-@@ -79,25 +85,29 @@
- print "\n%-25s %-25s %-25s\n" % ("Login Name", "SELinux User", "MLS/MCS Range")
+ if semanage_commit(self.sh) != 0:
+ raise ValueError("SELinux User %s mapping not defined" % name)
+
+- def list(self):
+- print "\n%-25s %-25s %-25s\n" % ("Login Name", "SELinux User", "MLS/MCS Range")
++ def list(self,heading=1):
++ if heading:
++ print "\n%-25s %-25s %-25s\n" % ("Login Name", "SELinux User", "MLS/MCS Range")
(status, self.ulist, self.usize) = semanage_seuser_list(self.sh)
for idx in range(self.usize):
- u=semanage_seuser_by_idx(self.ulist, idx)
- name=semanage_seuser_get_name(u)
+-
+ u = semanage_seuser_by_idx(self.ulist, idx)
+ name = semanage_seuser_get_name(u)
-
print "%-25s %-25s %-25s" % (name, semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u))
class seluserRecords:
@@ -772,20 +811,39 @@
def add(self, name, roles, selevel, serange):
- (rc,k)=semanage_user_key_create(self.sh, name)
- (rc,exists)= semanage_user_exists(self.sh, k)
+- if exists:
+- raise ValueError("Seuser %s already defined" % name)
+- (rc,u)= semanage_user_create(self.sh)
+ if serange == "":
+ serange = "s0"
+ if selevel == "":
+ selevel = "s0"
++
+ (rc,k) = semanage_user_key_create(self.sh, name)
-+ (rc,exists) = semanage_user_exists(self.sh, k)
- if exists:
- raise ValueError("Seuser %s already defined" % name)
-- (rc,u)= semanage_user_create(self.sh)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s" % name)
++
++ (rc,exists) = semanage_user_exists_local(self.sh, k)
++ if not exists:
++ (rc,exists) = semanage_user_exists(self.sh, k)
++ if not exists:
++ raise ValueError("SELinux user %s is already defined." % name)
++
+ (rc,u) = semanage_user_create(self.sh)
++ if rc != 0:
++ raise ValueError("Could not create login mapping for %s" % name)
++
semanage_user_set_name(self.sh, u, name)
for r in roles:
semanage_user_add_role(self.sh, u, r)
-@@ -109,17 +119,13 @@
+ semanage_user_set_mlsrange(self.sh, u, serange)
+ semanage_user_set_mlslevel(self.sh, u, selevel)
+ (rc,key) = semanage_user_key_extract(self.sh,u)
++ if rc != 0:
++ raise ValueError("Could not extract key for %s" % name)
++
+ semanage_begin_transaction(self.sh)
+ semanage_user_add_local(self.sh, k, u)
if semanage_commit(self.sh) != 0:
raise ValueError("Failed to add SELinux user")
@@ -794,21 +852,35 @@
- def modify(self, name, roles=[], selevel="", serange=""):
- (rc,k)=semanage_user_key_create(self.sh, name)
- (rc,exists)= semanage_user_exists(self.sh, k)
-+ def modify(self, name, roles = [], selevel = "", serange = ""):
-+ (rc,k) = semanage_user_key_create(self.sh, name)
-+ (rc,exists) = semanage_user_exists(self.sh, k)
- if not exists:
- raise ValueError("user %s is not defined" % name)
+- if not exists:
+- raise ValueError("user %s is not defined" % name)
- (rc,u)= semanage_user_query(self.sh, k)
- if rc !=0 :
- raise ValueError("User %s is not defined." % name)
- if len(roles) == 0 and serange=="" and selevel=="":
-+ (rc,u) = semanage_user_query(self.sh, k)
++ def modify(self, name, roles = [], selevel = "", serange = ""):
+ if len(roles) == 0 and serange == "" and selevel == "":
raise ValueError("Requires, roles, level or range")
++
++ (rc,k) = semanage_user_key_create(self.sh, name)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s" % name)
++
++ (rc,exists) = semanage_user_exists_local(self.sh, k)
++ if exists:
++ (rc,u) = semanage_user_query_local(self.sh, k)
++ else:
++ (rc,exists) = semanage_user_exists(self.sh, k)
++ if exists:
++ (rc,u) = semanage_user_query(self.sh, k)
++ else:
++ raise ValueError("SELinux user %s mapping is not defined." % name)
++ if rc != 0:
++ raise ValueError("Could not query user for %s" % name)
++
if serange != "":
semanage_user_set_mlsrange(self.sh, u, serange)
-@@ -127,17 +133,15 @@
+ if selevel != "":
semanage_user_set_mlslevel(self.sh, u, selevel)
if len(roles) != 0:
for r in roles:
@@ -824,12 +896,24 @@
- (rc,k)=semanage_user_key_create(self.sh, name)
- (rc,exists)= semanage_user_exists(self.sh, k)
+ (rc,k) = semanage_user_key_create(self.sh, name)
-+ (rc,exists) = semanage_user_exists(self.sh, k)
++ if rc != 0:
++ raise ValueError("Could not crpppeate a key for %s" % name)
++
++ (rc,exists) = semanage_user_exists_local(self.sh, k)
if not exists:
raise ValueError("user %s is not defined" % name)
semanage_begin_transaction(self.sh)
-@@ -150,31 +154,30 @@
- print "%-15s %-10s %-15s %-20s\n" % ("SELinux User", "MCS Level", "MCS Range", "SELinux Roles")
+@@ -145,86 +194,183 @@
+ if semanage_commit(self.sh) != 0:
+ raise ValueError("Login User %s not defined" % name)
+
+- def list(self):
+- print "\n%-15s %-10s %-20s" % ("", "MLS/", "MLS/")
+- print "%-15s %-10s %-15s %-20s\n" % ("SELinux User", "MCS Level", "MCS Range", "SELinux Roles")
++ def list(self, heading=1):
++ if heading:
++ print "\n%-15s %-10s %-20s" % ("", "MLS/", "MLS/")
++ print "%-15s %-10s %-15s %-20s\n" % ("SELinux User", "MCS Level", "MCS Range", "SELinux Roles")
(status, self.ulist, self.usize) = semanage_user_list(self.sh)
for idx in range(self.usize):
- u=semanage_user_by_idx(self.ulist, idx)
@@ -858,52 +942,175 @@
if self.semanaged:
semanage_connect(self.sh)
- def add(self, name, type):
+- def add(self, name, type):
- (rc,k)=semanage_port_key_create(self.sh, name)
- (rc,exists)= semanage_port_exists(self.sh, k)
-+ (rc,k) = semanage_port_key_create(self.sh, name)
++ def __genkey(self, port, proto):
++ if proto == "tcp":
++ proto_d=SEMANAGE_PROTO_TCP
++ else:
++ if proto == "udp":
++ proto_d=SEMANAGE_PROTO_UDP
++ else:
++ raise ValueError("Protocol udp or tcp is required")
++ if port == "":
++ raise ValueError("Port is required")
++
++ ports=port.split("-")
++ if len(ports) == 1:
++ low=string.atoi(ports[0])
++ high=string.atoi(ports[0])
++ else:
++ low=string.atoi(ports[0])
++ high=string.atoi(ports[1])
++
++ (rc,k) = semanage_port_key_create(self.sh, low, high, proto_d)
++ if rc != 0:
++ raise ValueError("Could not create a key for %s/%s" % (proto, port))
++ return ( k, proto_d, low, high )
++
++ def add(self, port, proto, serange, type):
++ if serange == "":
++ serange="s0"
++
++ if type == "":
++ raise ValueError("Type is required")
++
++ ( k, proto_d, low, high ) = self.__genkey(port, proto)
++
+ (rc,exists) = semanage_port_exists(self.sh, k)
++ if exists:
++ raise ValueError("Port %s/%s already defined" % (proto, port))
++
++ (rc,exists) = semanage_port_exists_local(self.sh, k)
if exists:
- raise ValueError("User %s already defined" % name)
+- raise ValueError("User %s already defined" % name)
- (rc,u)= semanage_port_create(self.sh)
-+ (rc,u) = semanage_port_create(self.sh)
- semanage_port_set_name(self.sh, u, name)
- semanage_port_set_mlsrange(self.sh, u, serange)
- semanage_port_set_sename(self.sh, u, sename)
-@@ -184,11 +187,11 @@
+- semanage_port_set_name(self.sh, u, name)
+- semanage_port_set_mlsrange(self.sh, u, serange)
+- semanage_port_set_sename(self.sh, u, sename)
++ raise ValueError("Port %s/%s already defined locally" % (proto, port))
++
++ (rc,p) = semanage_port_create(self.sh)
++ if rc != 0:
++ raise ValueError("Could not create port for %s/%s" % (proto, port))
++
++ semanage_port_set_proto(p, proto_d)
++ semanage_port_set_range(p, low, high)
++ (rc, con) = semanage_context_create(self.sh)
++ if rc != 0:
++ raise ValueError("Could not create context for %s/%s" % (proto, port))
++
++ semanage_context_set_user(self.sh, con, "system_u")
++ semanage_context_set_role(self.sh, con, "object_r")
++ semanage_context_set_type(self.sh, con, type)
++ semanage_context_set_mls(self.sh, con, serange)
++ semanage_port_set_con(p, con)
+ semanage_begin_transaction(self.sh)
+- semanage_port_add(self.sh, k, u)
++ semanage_port_add_local(self.sh, k, p)
+ if semanage_commit(self.sh) != 0:
raise ValueError("Failed to add port")
- def modify(self, name, type):
+- def modify(self, name, type):
- (rc,k)=semanage_port_key_create(self.sh, name)
- (rc,u)= semanage_port_query(self.sh, k)
- if rc !=0 :
-+ (rc,k) = semanage_port_key_create(self.sh, name)
-+ (rc,u) = semanage_port_query(self.sh, k)
-+ if rc != 0 :
- raise ValueError("User %s is not defined." % name)
+- raise ValueError("User %s is not defined." % name)
- if sename == "" and serange=="":
-+ if sename == "" and serange == "":
- raise ValueError("Requires, port or serange")
+- raise ValueError("Requires, port or serange")
++ def modify(self, port, proto, serange, setype):
++ if serange == "" and setype == "":
++ raise ValueError("Requires, setype or serange")
++
++ ( k, proto_d, low, high ) = self.__genkey(port, proto)
++
++ (rc,exists) = semanage_port_exists_local(self.sh, k)
++ if exists:
++ (rc,p) = semanage_port_query_local(self.sh, k)
++ (rc,exists) = semanage_port_exists(self.sh, k)
++ if exists:
++ (rc,p) = semanage_port_query(self.sh, k)
++ else:
++ raise ValueError("port %s/%s is not defined." % (proto,port))
++
++ if rc != 0:
++ raise ValueError("Could not query port for %s/%s" % (proto, port))
++
++ con = semanage_port_get_con(p)
++ semanage_context_set_mls(self.sh, con, serange)
if serange != "":
- semanage_port_set_mlsrange(self.sh, u, serange)
-@@ -200,7 +203,7 @@
+- semanage_port_set_mlsrange(self.sh, u, serange)
+- if sename != "":
+- semanage_port_set_sename(self.sh, u, sename)
++ semanage_context_set_mls(self.sh, con, serange)
++ if setype != "":
++ semanage_context_set_type(self.sh, con, setype)
++ semanage_port_set_con(p, con)
+ semanage_begin_transaction(self.sh)
+- semanage_port_modify(self.sh, k, u)
++ semanage_port_modify_local(self.sh, k, p)
+ if semanage_commit(self.sh) != 0:
raise ValueError("Failed to add port")
- def delete(self, name):
+- def delete(self, name):
- (rc,k)=semanage_port_key_create(self.sh, name)
-+ (rc,k) = semanage_port_key_create(self.sh, name)
++ def delete(self, port, proto):
++ ( k, proto_d, low, high ) = self.__genkey(port, proto)
++ (rc,exists) = semanage_port_exists_local(self.sh, k)
++ if not exists:
++ raise ValueError("port %s/%s is not defined localy." % (proto,port))
++
semanage_begin_transaction(self.sh)
- semanage_port_del(self.sh, k)
+- semanage_port_del(self.sh, k)
++ semanage_port_del_local(self.sh, k)
if semanage_commit(self.sh) != 0:
-@@ -210,13 +213,13 @@
+- raise ValueError("Port %s not defined" % name)
++ raise ValueError("Port %s/%s not defined" % (proto,port))
+
+- def list(self):
++ def list(self, heading=1):
(status, self.plist, self.psize) = semanage_port_list(self.sh)
- print "%-25s %s\n" % ("SELinux Port Name", "Port Number")
+- print "%-25s %s\n" % ("SELinux Port Name", "Port Number")
++ if heading:
++ print "%-30s %-8s %s\n" % ("SELinux Port Name", "Proto", "Port Number")
++ dict={}
++ for idx in range(self.psize):
++ u = semanage_port_by_idx(self.plist, idx)
++ con = semanage_port_get_con(u)
++ name = semanage_context_get_type(con)
++ proto=semanage_port_get_proto_str(u)
++ low=semanage_port_get_low(u)
++ high = semanage_port_get_high(u)
++ if (name, proto) not in dict.keys():
++ dict[(name,proto)]=[]
++ if low == high:
++ dict[(name,proto)].append("%d" % low)
++ else:
++ dict[(name,proto)].append("%d-%d" % (low, high))
++ (status, self.plist, self.psize) = semanage_port_list_local(self.sh)
for idx in range(self.psize):
- u=semanage_port_by_idx(self.plist, idx)
- name=semanage_port_get_name(u)
+- print "%20s %d" % ( name, semanage_port_get_number(u))
+ u = semanage_port_by_idx(self.plist, idx)
-+ name = semanage_port_get_name(u)
- print "%20s %d" % ( name, semanage_port_get_number(u))
++ con = semanage_port_get_con(u)
++ name = semanage_context_get_type(con)
++ proto=semanage_port_get_proto_str(u)
++ low=semanage_port_get_low(u)
++ high = semanage_port_get_high(u)
++ if (name, proto) not in dict.keys():
++ dict[(name,proto)]=[]
++ if low == high:
++ dict[(name,proto)].append("%d" % low)
++ else:
++ dict[(name,proto)].append("%d-%d" % (low, high))
++ for i in dict.keys():
++ rec = "%-30s %-8s " % i
++ rec += "%s" % dict[i][0]
++ for p in dict[i][1:]:
++ rec += ", %s" % p
++ print rec
if __name__ == '__main__':
@@ -912,7 +1119,17 @@
print '\
semanage user [-admsRrh] SELINUX_USER\n\
semanage login [-admsrh] LOGIN_NAME\n\
-@@ -245,26 +248,26 @@
+-semanage port [-admth] SELINUX_PORT_NAME\n\
++semanage port [-admth] PORT | PORTRANGE\n\
+ -a, --add Add a OBJECT record NAME\n\
+ -d, --delete Delete a OBJECT record NAME\n\
+ -h, --help display this message\n\
+ -l, --list List the OBJECTS\n\
++ -n, --noheading Do not print heading when listing OBJECTS\n\
+ -m, --modify Modify a OBJECT record NAME\n\
+ -r, --range MLS/MCS Security Range\n\
+ -R, --roles SELinux Roles (Separate by spaces)\n\
+@@ -245,33 +391,40 @@
#
#
try:
@@ -932,9 +1149,13 @@
+ input = sys.stdin
+ output = sys.stdout
+ serange = ""
++ port = ""
++ proto = ""
+ selevel = ""
++ setype = ""
+ roles = ""
+ seuser = ""
++ heading=1
+
+ add = 0
+ modify = 0
@@ -951,9 +1172,20 @@
- args=sys.argv[2:]
+ args = sys.argv[2:]
gopts, cmds = getopt.getopt(args,
- 'adlhms:R:r:t:v',
+- 'adlhms:R:r:t:v',
++ 'adlhmnp:P:s:R:r:t:v',
['add',
-@@ -282,46 +285,46 @@
+ 'delete',
+ 'help',
+ 'list',
+ 'modify',
++ 'noheading',
++ 'port=',
++ 'proto=',
+ 'seuser=',
+ 'range=',
+ 'roles=',
+@@ -282,88 +435,95 @@
if o == "-a" or o == "--add":
if modify or delete:
usage()
@@ -968,6 +1200,9 @@
if o == "-h" or o == "--help":
usage()
++ if o == "-n" or o == "--nohead":
++ heading=0
++
if o == "-m"or o == "--modify":
if delete or add:
usage()
@@ -977,6 +1212,9 @@
if o == "-r" or o == '--range':
- serange=a
+ serange = a
++
++ if o == "-P" or o == '--proto':
++ proto = a
if o == "-R" or o == '--roles':
- roles=a
@@ -984,7 +1222,7 @@
if o == "-t" or o == "--type":
- type=a
-+ type = a
++ setype = a
if o == "-l" or o == "--list":
- list=1
@@ -1011,53 +1249,68 @@
+ OBJECT = portRecords()
if list:
- OBJECT.list()
-@@ -330,21 +333,22 @@
+- OBJECT.list()
++ OBJECT.list(heading)
+ sys.exit(0);
+
if len(cmds) != 1:
usage()
- name=cmds[0]
-+ name = cmds[0]
++ target = cmds[0]
if add:
if object == "login":
- OBJECT.add(name, seuser, serange)
+- OBJECT.add(name, seuser, serange)
++ OBJECT.add(target, seuser, serange)
if object == "user":
- rlist=roles.split()
- print rlist
+- OBJECT.add(name, rlist, selevel, serange)
+ rlist = roles.split()
+ if len(rlist) == 0:
+ raise ValueError("You must specify a role")
-+
- OBJECT.add(name, rlist, selevel, serange)
++ OBJECT.add(target, rlist, selevel, serange)
if object == "port":
- OBJECT.add(name, type)
+- OBJECT.add(name, type)
++ OBJECT.add(target, proto, serange, setype)
- OBJECT.list()
sys.exit(0);
if modify:
-@@ -352,14 +356,12 @@
- OBJECT.modify(name, seuser, serange)
+ if object == "login":
+- OBJECT.modify(name, seuser, serange)
++ OBJECT.modify(target, seuser, serange)
if object == "user":
- rlist=roles.split()
- print rlist
+- OBJECT.modify(name, rlist, selevel, serange)
+ rlist = roles.split()
- OBJECT.modify(name, rlist, selevel, serange)
++ OBJECT.modify(target, rlist, selevel, serange)
if object == "port":
- OBJECT.modify(name, type)
+- OBJECT.modify(name, type)
++ OBJECT.modify(target, proto, serange, setype)
sys.exit(0);
- OBJECT.list()
sys.exit(0);
if delete:
+- OBJECT.delete(name)
++ if object == "port":
++ OBJECT.delete(target, proto)
++ else:
++ OBJECT.delete(target)
+ sys.exit(0);
+ usage()
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/tests/semanage_test policycoreutils-1.29.2/semanage/tests/semanage_test
--- nsapolicycoreutils/semanage/tests/semanage_test 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.29.2/semanage/tests/semanage_test 2005-12-27 10:07:15.000000000 -0500
++++ policycoreutils-1.29.2/semanage/tests/semanage_test 2005-12-27 14:40:02.000000000 -0500
@@ -0,0 +1,67 @@
+#!/bin/sh -x
+#
@@ -1123,6 +1376,6 @@
+#
+#******************** semanage SELinux ports test ************************
+#"
-+#semanage port -l
-+#semanage port -a httpd_port_t
-+#semanage port -d httpd_port_t
++semanage port -l
++semanage port -a -P tcp 123456
++semanage port -d -P tcp 123456
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.205
retrieving revision 1.206
diff -u -r1.205 -r1.206
--- policycoreutils.spec 27 Dec 2005 15:08:31 -0000 1.205
+++ policycoreutils.spec 2 Jan 2006 13:08:02 -0000 1.206
@@ -1,5 +1,5 @@
-%define libsepolver 1.11.1-1
-%define libsemanagever 1.5.3-1
+%define libsepolver 1.11.1-2
+%define libsemanagever 1.5.3-3
%define libselinuxver 1.29.2-1
Summary: SELinux policy core utilities.
Name: policycoreutils
More information about the fedora-cvs-commits
mailing list