rpms/policycoreutils/devel policycoreutils-gui.patch, 1.4, 1.5 policycoreutils.spec, 1.383, 1.384
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Mar 19 14:48:18 UTC 2007
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv29602
Modified Files:
policycoreutils-gui.patch policycoreutils.spec
Log Message:
* Mon Mar 19 2007 Dan Walsh <dwalsh at redhat.com> 2.0.7-4
- Add polgen gui
- Many fixes to system-config-selinux
policycoreutils-gui.patch:
Makefile | 30
booleansPage.py | 202 +++
fcontextPage.py | 185 ++
loginsPage.py | 173 ++
mappingsPage.py | 54
modulesPage.py | 170 ++
polgen.glade | 1107 ++++++++++++++++
polgen.py | 410 ++++++
polgengui.py | 207 +++
portsPage.py | 227 +++
selinux.tbl | 265 ++++
semanagePage.py | 115 +
statusPage.py | 219 +++
system-config-selinux.glade | 2885 ++++++++++++++++++++++++++++++++++++++++++++
system-config-selinux.png |binary
system-config-selinux.py | 167 ++
templates/__init__.py | 18
templates/executable.py | 150 ++
templates/general.py | 195 ++
templates/network.py | 46
templates/rw.py | 106 +
templates/script.py | 42
templates/semodule.py | 41
templates/tmp.py | 74 +
templates/var_lib.py | 107 +
templates/var_log.py | 91 +
templates/var_run.py | 93 +
templates/var_spool.py | 107 +
translationsPage.py | 111 +
usersPage.py | 166 ++
30 files changed, 7763 insertions(+)
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.4 -r 1.5 policycoreutils-gui.patch
Index: policycoreutils-gui.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-gui.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- policycoreutils-gui.patch 13 Mar 2007 00:48:19 -0000 1.4
+++ policycoreutils-gui.patch 19 Mar 2007 14:48:15 -0000 1.5
@@ -1,7 +1,7 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.7/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,199 @@
++++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,202 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -175,6 +175,9 @@
+ self.booleansView.append_column(col)
+ self.refreshBooleans()
+
++ def use_menus(self):
++ return False
++
+ def get_description(self):
+ return _("Boolean")
+
@@ -203,8 +206,8 @@
+ commands.getstatusoutput(setsebool)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.7/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,172 @@
++++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,185 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -229,8 +232,13 @@
+import libxml2
+import gobject
+import seobject
++import commands
+from semanagePage import *;
+
++SPEC_COL = 0
++TYPE_COL = 1
++FTYPE_COL = 2
++
+class context:
+ def __init__(self, scontext):
+ self.scontext = scontext
@@ -268,22 +276,22 @@
+ self.view.set_model(self.store)
+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+
-+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=0)
++ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL)
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
+
-+ col.set_sort_column_id(0)
++ col.set_sort_column_id(SPEC_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
-+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=1)
++ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=TYPE_COL)
+
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
-+ col.set_sort_column_id(1)
++ col.set_sort_column_id(TYPE_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
-+ col.set_sort_column_id(2)
++ col.set_sort_column_id(FTYPE_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.load()
@@ -305,8 +313,8 @@
+ self.store.clear()
+ for fcon in fcon_list:
+ iter=self.store.append()
-+ self.store.set_value(iter, 0, fcon[0])
-+ self.store.set_value(iter, 2, fcon[1])
++ self.store.set_value(iter, SPEC_COL, fcon[0])
++ self.store.set_value(iter, FTYPE_COL, fcon[1])
+ if len(fcon) > 3:
+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False))
+ else:
@@ -316,13 +324,13 @@
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
-+ self.fcontextEntry.set_text(store.get_value(iter, 0))
++ self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
+ self.fcontextEntry.set_sensitive(False)
-+ scontext = store.get_value(iter, 1)
++ scontext = store.get_value(iter, TYPE_COL)
+ scon=context(scontext)
+ self.fcontextTypeEntry.set_text(scon.type)
+ self.fcontextMLSEntry.set_text(scon.mls)
-+ type=store.get_value(iter, 2)
++ type=store.get_value(iter, FTYPE_COL)
+ liststore=self.fcontextFileTypeCombo.get_model()
+ iter = liststore.get_iter_first()
+ while iter != None and liststore.get_value(iter,0) != type:
@@ -341,9 +349,12 @@
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
-+ fspec=store.get_value(iter, 0)
-+ type=store.get_value(iter, 1)
-+ self.fcontext.delete(fspec, type)
++ fspec=store.get_value(iter, SPEC_COL)
++ ftype=store.get_value(iter, FTYPE_COL)
++ (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' %s" % (ftype, fspec))
++
++ if rc != 0:
++ return self.error(out)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
@@ -356,13 +367,15 @@
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
-+
-+ self.fcontext.add(fspec, type, ftype, mls)
-+
++ (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
++ if rc != 0:
++ self.error(out)
++ return False
++
+ iter=self.store.append()
-+ self.store.set_value(iter, 0, fspec)
-+ self.store.set_value(iter, 2, ftype)
-+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
++ self.store.set_value(iter, SPEC_COL, fspec)
++ self.store.set_value(iter, FTYPE_COL, ftype)
++ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
+
+ def modify(self):
+ fspec=self.fcontextEntry.get_text().strip()
@@ -371,16 +384,19 @@
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
-+ self.fcontext.modify(fspec, type, ftype, mls, "")
++ (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
++ if rc != 0:
++ self.error(out)
++ return False
+
+ store, iter = self.view.get_selection().get_selected()
-+ self.store.set_value(iter, 0, fspec)
-+ self.store.set_value(iter, 2, ftype)
-+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
++ self.store.set_value(iter, SPEC_COL, fspec)
++ self.store.set_value(iter, FTYPE_COL, ftype)
++ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.7/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,161 @@
++++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,173 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -406,6 +422,7 @@
+import libxml2
+import gobject
+import sys
++import commands
+import seobject
+from semanagePage import *;
+
@@ -508,7 +525,10 @@
+ if login == "root" or login == "__default__":
+ raise ValueError(_("Login '%s' is required") % login)
+
-+ self.login.delete(login)
++ (rc, out) = commands.getstatusoutput("semanage login -d %s" % login)
++ if rc != 0:
++ self.error(out)
++ return False
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
@@ -522,7 +542,11 @@
+ list_model=self.loginsSelinuxUserCombo.get_model()
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
+ seuser = list_model.get_value(iter,0)
-+ self.login.add(target, seuser, serange)
++ (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
++ if rc != 0:
[...3203 lines suppressed...]
++ files_search_pids($1)
++ allow $1 TEMPLATETYPE_var_run_t:sock_file write;
++ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
++')
++"""
++
++fc_file="""\
++FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
++"""
++
++fc_dir="""\
++FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
++"""
++
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.7/gui/templates/var_spool.py
+--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.7/gui/templates/var_spool.py 2007-03-17 12:13:32.000000000 -0400
+@@ -0,0 +1,107 @@
++# Copyright (C) 2007 Red Hat
++# see file 'COPYING' for use and warranty information
++#
++# policygentool is a tool for the initial generation of SELinux policy
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License as
++# published by the Free Software Foundation; either version 2 of
++# the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
++# 02111-1307 USA
++#
++#
++########################### var_spool Template File #############################
++
++########################### Type Enforcement File #############################
++te_types="""
++# var/spool files
++type TEMPLATETYPE_spool_t;
++files_type(TEMPLATETYPE_spool_t)
++"""
++te_rules="""
++# var/spool files for TEMPLATETYPE
++allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:dir manage_dir_perms;
++allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:file manage_file_perms;
++allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:sock_file create_file_perms;
++files_spool_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_spool_t, { file dir sock_file })
++"""
++
++########################### Interface File #############################
++if_rules="""
++########################################
++## <summary>
++## Search TEMPLATETYPE spool directories.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_search_spool',`
++ gen_require(`
++ type TEMPLATETYPE_spool_t;
++ ')
++
++ allow $1 TEMPLATETYPE_spool_t:dir search_dir_perms;
++ files_search_spool($1)
++')
++
++########################################
++## <summary>
++## Read TEMPLATETYPE spool files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_read_spool_files',`
++ gen_require(`
++ type TEMPLATETYPE_spool_t;
++ ')
++
++ allow $1 TEMPLATETYPE_spool_t:file r_file_perms;
++ allow $1 TEMPLATETYPE_spool_t:dir list_dir_perms;
++ files_search_spool($1)
++')
++
++########################################
++## <summary>
++## Create, read, write, and delete
++## TEMPLATETYPE spool files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_manage_spool_files',`
++ gen_require(`
++ type TEMPLATETYPE_spool_t;
++ ')
++
++ allow $1 TEMPLATETYPE_spool_t:file manage_file_perms;
++ allow $1 TEMPLATETYPE_spool_t:dir rw_dir_perms;
++ files_search_spool($1)
++')
++"""
++########################### File Context ##################################
++fc_file="""\
++FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
++"""
++
++fc_dir="""\
++FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
++"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.7/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/translationsPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,109 @@
++++ policycoreutils-2.0.7/gui/translationsPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,111 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -4637,7 +7647,9 @@
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0)
+ col.set_sort_column_id(0)
++ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_resizable(True)
++ col.set_fixed_width(250)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1)
+ col.set_sort_column_id(1)
@@ -4698,8 +7710,8 @@
+ self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.7/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/usersPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,155 @@
++++ policycoreutils-2.0.7/gui/usersPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,166 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -4725,6 +7737,7 @@
+import libxml2
+import gobject
+import sys
++import commands
+import seobject
+from semanagePage import *;
+
@@ -4818,7 +7831,10 @@
+ range = self.mlsRangeEntry.get_text()
+ roles = self.selinuxRolesEntry.get_text()
+
-+ self.user.add(user, roles.split(), level, range, prefix)
++ (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
++ if rc != 0:
++ self.error(out)
++ return False
+ iter = self.store.append()
+ self.store.set_value(iter, 0, user)
+ self.store.set_value(iter, 1, prefix)
@@ -4833,7 +7849,11 @@
+ range = self.mlsRangeEntry.get_text()
+ roles = self.selinuxRolesEntry.get_text()
+
-+ self.user.modify(user, roles.split(), level, range, prefix)
++ (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
++
++ if rc != 0:
++ self.error(out)
++ return False
+ store, iter = self.view.get_selection().get_selected()
+ iter = self.store.append()
+ self.store.set_value(iter, 0, user)
@@ -4849,7 +7869,10 @@
+ if user == "root" or user == "user_u":
+ raise ValueError(_("SELinux user '%s' is required") % user)
+
-+ self.user.delete(user)
++ (rc, out) = commands.getstatusoutput("semanage user -d %s" % user)
++ if rc != 0:
++ self.error(out)
++ return False
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.383
retrieving revision 1.384
diff -u -r1.383 -r1.384
--- policycoreutils.spec 14 Mar 2007 15:09:33 -0000 1.383
+++ policycoreutils.spec 19 Mar 2007 14:48:16 -0000 1.384
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 2.0.7
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -186,6 +186,10 @@
fi
%changelog
+* Mon Mar 19 2007 Dan Walsh <dwalsh at redhat.com> 2.0.7-4
+- Add polgen gui
+- Many fixes to system-config-selinux
+
* Mon Mar 12 2007 Dan Walsh <dwalsh at redhat.com> 2.0.7-3
- service restorecond status needs to set exit value correctly
More information about the fedora-cvs-commits
mailing list