rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.144, 1.145 policycoreutils.spec, 1.214, 1.215
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sat Jan 14 06:50:39 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv26704
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Sat Jan 14 2006 Dan Walsh <dwalsh at redhat.com> 1.29.7-2
- Add ivans patch
policycoreutils-rhat.patch:
semanage | 6
seobject.py | 676 ++++++++++++++++++++++++++++++++++++------------------------
2 files changed, 420 insertions(+), 262 deletions(-)
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.144 -r 1.145 policycoreutils-rhat.patch
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.144
retrieving revision 1.145
diff -u -r1.144 -r1.145
--- policycoreutils-rhat.patch 10 Jan 2006 19:13:15 -0000 1.144
+++ policycoreutils-rhat.patch 14 Jan 2006 06:50:34 -0000 1.145
@@ -1,88 +1,47 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.29.5/scripts/genhomedircon
---- nsapolicycoreutils/scripts/genhomedircon 2006-01-05 10:35:49.000000000 -0500
-+++ policycoreutils-1.29.5/scripts/genhomedircon 2006-01-10 14:10:21.000000000 -0500
-@@ -144,7 +144,7 @@
- for i in fd.read().split('\n'):
- if i.find("HOME_ROOT") == 0:
- i=i.replace("HOME_ROOT", homedir)
-- ret = i+"\n"
-+ ret += i+"\n"
- fd.close()
- if ret=="":
- errorExit("No Home Root Context Found")
-@@ -162,9 +162,10 @@
- for idx in range(self.usize):
- user = semanage_user_by_idx(self.ulist, idx)
- if semanage_user_get_name(user) == name:
-- #role=semanage_user_get_defrole(user)
-- #return role
-- return "user_r"
-+ if name == "staff_u" or name == "root" and self.type != "targeted":
-+ return "staff_r"
-+ else:
-+ return "user_r"
- return name
- def getOldRole(self, role):
- rc=findval(self.selinuxdir+self.type+"/users/system.users", 'grep "^user %s"' % role, "=")
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/Makefile policycoreutils-1.29.5/semanage/Makefile
---- nsapolicycoreutils/semanage/Makefile 2005-11-29 10:55:01.000000000 -0500
-+++ policycoreutils-1.29.5/semanage/Makefile 2006-01-06 14:34:47.000000000 -0500
-@@ -2,6 +2,8 @@
- PREFIX ?= ${DESTDIR}/usr
- SBINDIR ?= $(PREFIX)/sbin
- MANDIR = $(PREFIX)/share/man
-+PYLIBVER ?= python2.4
-+PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-
- TARGETS=semanage
-
-@@ -12,6 +14,8 @@
- -mkdir -p $(SBINDIR)
- install -m 755 semanage $(SBINDIR)
- install -m 644 semanage.8 $(MANDIR)/man8
-+ test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages
-+ install -m 755 seobject.py $(PYTHONLIBDIR)/site-packages
-
- clean:
-
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.29.5/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2006-01-05 10:35:49.000000000 -0500
-+++ policycoreutils-1.29.5/semanage/semanage 2006-01-06 14:41:04.000000000 -0500
-@@ -20,345 +20,9 @@
- # 02111-1307 USA
- #
- #
--import commands, sys, os, pwd, string, getopt, pwd
--from semanage import *;
--class loginRecords:
-- def __init__(self):
-- self.sh = semanage_handle_create()
-- self.semanaged = semanage_is_managed(self.sh)
-- if self.semanaged:
-- semanage_connect(self.sh)
--
-- def add(self, name, sename, serange):
-- if serange == "":
-- serange = "s0"
-- if sename == "":
-- sename = "user_u"
--
-- (rc,k) = semanage_seuser_key_create(self.sh, name)
-- if rc < 0:
-- raise ValueError("Could not create a key for %s" % name)
--
-- (rc,exists) = semanage_seuser_exists(self.sh, k)
-- if exists:
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.29.7/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage 2006-01-13 09:47:40.000000000 -0500
++++ policycoreutils-1.29.7/semanage/semanage 2006-01-14 01:50:09.000000000 -0500
+@@ -186,6 +186,7 @@
+
+ if object == "fcontext":
+ OBJECT.add(target, setype, ftype, serange, seuser)
++
+ sys.exit(0);
+
+ if modify:
+@@ -210,8 +211,13 @@
+ if delete:
+ if object == "port":
+ OBJECT.delete(target, proto)
++
++ if object == "fcontext":
++ OBJECT.delete(target, ftype)
++
+ else:
+ OBJECT.delete(target)
++
+ sys.exit(0);
+ usage()
+
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.29.7/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py 2006-01-13 08:39:11.000000000 -0500
++++ policycoreutils-1.29.7/semanage/seobject.py 2006-01-14 01:50:09.000000000 -0500
+@@ -46,7 +46,7 @@
+
+ (rc,exists) = semanage_seuser_exists(self.sh, k)
+ if exists:
- raise ValueError("SELinux User %s mapping already defined" % name)
-- try:
-- pwd.getpwnam(name)
-- except:
-- raise ValueError("Linux User %s does not exist" % name)
--
-- (rc,u) = semanage_seuser_create(self.sh)
-- if rc < 0:
++ raise ValueError("Login mapping for %s is already defined" % name)
+ try:
+ pwd.getpwnam(name)
+ except:
+@@ -54,40 +54,65 @@
+
+ (rc,u) = semanage_seuser_create(self.sh)
+ if rc < 0:
- raise ValueError("Could not create seuser for %s" % name)
--
++ raise ValueError("Could not create login mapping for %s" % name)
+
- semanage_seuser_set_name(self.sh, u, name)
- semanage_seuser_set_mlsrange(self.sh, u, serange)
- semanage_seuser_set_sename(self.sh, u, sename)
@@ -90,1135 +49,884 @@
- semanage_seuser_add(self.sh, k, u)
- if semanage_commit(self.sh) < 0:
- raise ValueError("Failed to add SELinux user mapping")
--
-- def modify(self, name, sename = "", serange = ""):
-- (rc,k) = semanage_seuser_key_create(self.sh, name)
-- if rc < 0:
-- raise ValueError("Could not create a key for %s" % name)
--
++ rc = semanage_seuser_set_name(self.sh, u, name)
++ if rc < 0:
++ raise ValueError("Could not set name for %s" % name)
++
++ rc = semanage_seuser_set_mlsrange(self.sh, u, serange)
++ if rc < 0:
++ raise ValueError("Could not set MLS range for %s" % name)
++
++ rc = semanage_seuser_set_sename(self.sh, u, sename)
++ if rc < 0:
++ raise ValueError("Could not set SELinux user for %s" % name)
++
++ rc = semanage_begin_transaction(self.sh)
++ if rc < 0:
++ raise ValueError("Could not start semanage transaction")
++
++ rc = semanage_seuser_modify(self.sh, k, u)
++ if rc < 0:
++ raise ValueError("Failed to add login mapping for %s" % name)
++
++ rc = semanage_commit(self.sh)
++ if rc < 0:
++ raise ValueError("Failed to add login mapping for %s" % name)
+
+ def modify(self, name, sename = "", serange = ""):
++ if sename == "" and serange == "":
++ raise ValueError("Requires seuser or serange")
++
+ (rc,k) = semanage_seuser_key_create(self.sh, name)
+ if rc < 0:
+ raise ValueError("Could not create a key for %s" % name)
+
- if sename == "" and serange == "":
- raise ValueError("Requires, seuser or serange")
-
-- (rc,exists) = semanage_seuser_exists(self.sh, k)
+ (rc,exists) = semanage_seuser_exists(self.sh, k)
- if exists:
- (rc,u) = semanage_seuser_query(self.sh, k)
- if rc < 0:
- raise ValueError("Could not query seuser for %s" % name)
- else:
- raise ValueError("SELinux user %s mapping is not defined." % name)
--
-- if serange != "":
-- semanage_seuser_set_mlsrange(self.sh, u, serange)
-- if sename != "":
-- semanage_seuser_set_sename(self.sh, u, sename)
++ if not exists:
++ raise ValueError("Login mapping for %s is not defined" % name)
++
[...1630 lines suppressed...]
+- (rc,exists) = semanage_fcontext_exists(self.sh, k)
+- if exists:
+- (rc,p) = semanage_fcontext_query(self.sh, k)
+- else:
+- raise ValueError("fcontext %s is not defined." % target)
++ raise ValueError("Could not query file context %s" % name)
++
++ if value != "":
++ nvalue = string.atoi(value)
++ semanage_bool_set_value(b, nvalue)
++
++ rc = semanage_begin_transaction(self.sh)
+ if rc < 0:
+- raise ValueError("Could not query fcontext for %s" % target)
+- con = semanage_fcontext_get_con(p)
++ raise ValueError("Could not start semanage transaction")
++
++ rc = semanage_bool_modify_local(self.sh, k, b)
+ if rc < 0:
+- raise ValueError("Could not get fcontext context for %s" % target)
+-
+- if serange != "":
+- semanage_context_set_mls(self.sh, con, serange)
+- if seuser != "":
+- semanage_context_set_user(self.sh, con, seuser)
+- if setype != "":
+- semanage_context_set_type(self.sh, con, setype)
++ raise ValueError("Failed to modify boolean %s" % name)
+
+- semanage_begin_transaction(self.sh)
+- semanage_fcontext_modify_local(self.sh, k, p)
+- if semanage_commit(self.sh) < 0:
+- raise ValueError("Failed to add fcontext")
++ rc = semanage_commit(self.sh)
+ if rc < 0:
-+ raise ValueError("Could not create context for %s" % target)
++ raise ValueError("Failed to modify boolean %s" % name)
+
+- def delete(self, target):
+- (rc,k) = semanage_fcontext_key_create(self.sh, target, self.file_types[ftype])
++ def delete(self, name):
++ (rc,k) = semanage_bool_key_create(self.sh, name)
+ if rc < 0:
+- raise ValueError("Can't create key for %s" % target)
+- (rc,exists) = semanage_fcontext_exists(self.sh, k)
++ raise ValueError("Could not create a key for %s" % name)
+
-+ semanage_context_set_user(self.sh, con, seuser)
-+ semanage_context_set_role(self.sh, con, "object_r")
-+ semanage_context_set_type(self.sh, con, type)
-+ semanage_context_set_mls(self.sh, con, serange)
-+ semanage_fcontext_set_type(fcontext, self.file_types[ftype])
-+ semanage_begin_transaction(self.sh)
-+ semanage_fcontext_set_con(fcontext, con)
-+ semanage_fcontext_add_local(self.sh, k, fcontext)
-+ if semanage_commit(self.sh) < 0:
-+ raise ValueError("Failed to add fcontext")
-+
-+ def modify(self, target, setype, ftype, serange, seuser):
-+ if serange == "" and setype == "" and seuser == "":
-+ raise ValueError("Requires, setype, serange or seuser")
++ (rc,exists) = semanage_bool_exists(self.sh, k)
+ if not exists:
+- raise ValueError("fcontext %s is not defined." % target)
+- else:
+- (rc,exists) = semanage_fcontext_exists_local(self.sh, k)
+- if not exists:
+- raise ValueError("fcontext %s is not defined localy, can not be deleted." % target)
+-
+- semanage_begin_transaction(self.sh)
+- semanage_fcontext_del_local(self.sh, k)
+- if semanage_commit(self.sh) < 0:
+- raise ValueError("fcontext %s not defined" % target)
++ raise ValueError("Boolean %s is not defined" % name)
++
++ (rc,exists) = semanage_bool_exists_local(self.sh, k)
++ if not exists:
++ raise ValueError("Boolean %s is defined in policy, cannot be deleted" % name)
+
-+ (rc,k) = semanage_fcontext_key_create(self.sh, target, self.file_types[ftype])
++ rc = semanage_begin_transaction(self.sh)
+ if rc < 0:
-+ raise ValueError("Can't creater key for %s" % target)
-+ (rc,exists) = semanage_fcontext_exists(self.sh, k)
-+ if exists:
-+ (rc,p) = semanage_fcontext_query(self.sh, k)
-+ else:
-+ raise ValueError("fcontext %s is not defined." % target)
++ raise ValueError("Could not start semanage transaction")
++
++ rc = semanage_fcontext_del_local(self.sh, k)
+ if rc < 0:
-+ raise ValueError("Could not query fcontext for %s" % target)
-+ con = semanage_fcontext_get_con(p)
++ raise ValueError("Failed to delete boolean %s" % name)
++
++ rc = semanage_commit(self.sh)
+ if rc < 0:
-+ raise ValueError("Could not get fcontext context for %s" % target)
-+
-+ if serange != "":
-+ semanage_context_set_mls(self.sh, con, serange)
-+ if seuser != "":
-+ semanage_context_set_user(self.sh, con, seuser)
-+ if setype != "":
-+ semanage_context_set_type(self.sh, con, setype)
-+
-+ semanage_begin_transaction(self.sh)
-+ semanage_fcontext_modify_local(self.sh, k, p)
-+ if semanage_commit(self.sh) < 0:
-+ raise ValueError("Failed to add fcontext")
-+
-+ def delete(self, target):
-+ (rc,k) = semanage_fcontext_key_create(self.sh, target, self.file_types[ftype])
++ raise ValueError("Failed to delete boolean %s" % name)
+
+ def get_all(self):
+ dict={}
+- (status, self.plist, self.psize) = semanage_fcontext_list(self.sh)
+- if status < 0:
+- raise ValueError("Unable to list fcontexts")
++ (rc, self.blist, self.bsize) = semanage_bool_list(self.sh)
+ if rc < 0:
-+ raise ValueError("Can't create key for %s" % target)
-+ (rc,exists) = semanage_fcontext_exists(self.sh, k)
-+ if not exists:
-+ raise ValueError("fcontext %s is not defined." % target)
-+ else:
-+ (rc,exists) = semanage_fcontext_exists_local(self.sh, k)
-+ if not exists:
-+ raise ValueError("fcontext %s is not defined localy, can not be deleted." % target)
-+
-+ semanage_begin_transaction(self.sh)
-+ semanage_fcontext_del_local(self.sh, k)
-+ if semanage_commit(self.sh) < 0:
-+ raise ValueError("fcontext %s not defined" % target)
-+
-+ def get_all(self):
-+ dict={}
-+ (status, self.plist, self.psize) = semanage_fcontext_list(self.sh)
-+ if status < 0:
-+ raise ValueError("Unable to list fcontexts")
-+
-+ for idx in range(self.psize):
-+ fcontext = semanage_fcontext_by_idx(self.plist, idx)
-+ expr=semanage_fcontext_get_expr(fcontext)
-+ ftype=semanage_fcontext_get_type_str(fcontext)
-+ con = semanage_fcontext_get_con(fcontext)
-+ if con:
-+ dict[expr, ftype]=(semanage_context_get_user(con), semanage_context_get_role(con), semanage_context_get_type(con), semanage_context_get_mls(con))
-+ else:
-+ dict[expr, ftype]=con
-+
-+ return dict
-+
-+ def list(self, heading=1):
-+ if heading:
-+ print "%-50s %-18s %s\n" % ("SELinux fcontext", "type", "Context")
-+ dict=self.get_all()
-+ keys=dict.keys()
-+ for k in keys:
-+ if dict[k]:
-+ print "%-50s %-18s %s:%s:%s:%s " % (k[0], k[1], dict[k][0], dict[k][1],dict[k][2], dict[k][3])
-+ else:
-+ print "%-50s %-18s <<None>>" % (k[0], k[1])
-+
-+
++ raise ValueError("Could not list booleans")
+
+- for idx in range(self.psize):
+- fcontext = semanage_fcontext_by_idx(self.plist, idx)
+- expr=semanage_fcontext_get_expr(fcontext)
+- ftype=semanage_fcontext_get_type_str(fcontext)
+- con = semanage_fcontext_get_con(fcontext)
+- if con:
+- dict[expr, ftype]=(semanage_context_get_user(con), semanage_context_get_role(con), semanage_context_get_type(con), semanage_context_get_mls(con))
+- else:
+- dict[expr, ftype]=con
++ for idx in range(self.bsize):
++ boolean = semanage_bool_by_idx(self.blist, idx)
++ name = semanage_bool_get_name(boolean)
++ value = semanage_bool_get_value(boolean)
++ dict[name] = value
+
+ return dict
+
+ def list(self, heading=1):
+ if heading:
+- print "%-50s %-18s %s\n" % ("SELinux fcontext", "type", "Context")
++ print "%-50s %-18s\n" % ("SELinux boolean", "value")
+ dict=self.get_all()
+ keys=dict.keys()
+ for k in keys:
+ if dict[k]:
+- print "%-50s %-18s %s:%s:%s:%s " % (k[0], k[1], dict[k][0], dict[k][1],dict[k][2], dict[k][3])
+- else:
+- print "%-50s %-18s <<None>>" % (k[0], k[1])
+-
+-
++ print "%-50s %-18s " % (k[0], dict[k][0])
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.214
retrieving revision 1.215
diff -u -r1.214 -r1.215
--- policycoreutils.spec 14 Jan 2006 03:51:29 -0000 1.214
+++ policycoreutils.spec 14 Jan 2006 06:50:35 -0000 1.215
@@ -4,11 +4,11 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.29.7
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
-#Patch: policycoreutils-rhat.patch
+Patch: policycoreutils-rhat.patch
BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver}
PreReq: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
@@ -34,7 +34,7 @@
%prep
%setup -q
-#%patch -p1 -b .rhat
+%patch -p2 -b .rhat
%build
make LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all
@@ -97,6 +97,9 @@
%{_libdir}/python2.4/site-packages/seobject.py*
%changelog
+* Sat Jan 14 2006 Dan Walsh <dwalsh at redhat.com> 1.29.7-2
+- Add ivans patch
+
* Fri Jan 13 2006 Dan Walsh <dwalsh at redhat.com> 1.29.7-1
- Update to match NSA
* Merged newrole cleanup patch from Steve Grubb.
More information about the fedora-cvs-commits
mailing list