rpms/policycoreutils/devel policycoreutils-gui.patch, 1.37, 1.38 policycoreutils.spec, 1.454, 1.455
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Mon Oct 1 21:46:10 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22710
Modified Files:
policycoreutils-gui.patch policycoreutils.spec
Log Message:
* Fri Sep 28 2007 Dan Walsh <dwalsh at redhat.com> 2.0.27-4
- Allow policy writer to select user types to transition to there users
policycoreutils-gui.patch:
Index: policycoreutils-gui.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-gui.patch,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- policycoreutils-gui.patch 27 Sep 2007 19:05:27 -0000 1.37
+++ policycoreutils-gui.patch 1 Oct 2007 21:45:35 -0000 1.38
@@ -1,7 +1,7 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.27/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/booleansPage.py 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,236 @@
++++ policycoreutils-2.0.27/gui/booleansPage.py 2007-10-01 17:22:52.000000000 -0400
+@@ -0,0 +1,254 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -175,6 +175,8 @@
+ self.typeLabel = xml.get_widget("typeLabel")
+ self.modifySeparator = xml.get_widget("modifySeparator")
+
++ self.revertButton = xml.get_widget("booleanRevertButton")
++ self.revertButton.set_sensitive(self.local)
+ listStore = gtk.ListStore(gobject.TYPE_STRING)
+ cell = gtk.CellRendererText()
+
@@ -194,6 +196,20 @@
+ self.filter=""
+ self.load(self.filter)
+
++ def deleteDialog(self):
++ store, iter = self.booleansView.get_selection().get_selected()
++ boolean = store.get_value(iter, 2)
++ if boolean == None:
++ return
++ try:
++ (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean)
++
++ if rc != 0:
++ return self.error(out)
++ self.load(self.filter)
++ except ValueError, e:
++ self.error(e.args[0])
++
+ def filter_changed(self, *arg):
+ filter = arg[0].get_text()
+ if filter != self.filter:
@@ -230,6 +246,8 @@
+
+ def on_local_clicked(self, button):
+ self.local = not self.local
++ self.revertButton.set_sensitive(self.local)
++
+ if self.local:
+ button.set_label(_("all"))
+ else:
@@ -919,8 +937,8 @@
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.27/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/polgen.glade 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,2386 @@
++++ policycoreutils-2.0.27/gui/polgen.glade 2007-09-28 15:35:53.000000000 -0400
+@@ -0,0 +1,2461 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
@@ -1726,6 +1744,80 @@
+ </child>
+
+ <child>
++ <widget class="GnomeDruidPageStandard" id="user_transition_page">
++ <property name="visible">True</property>
++ <property name="title" translatable="yes">Select user types that will transition to this domain</property>
++
++ <child internal-child="vbox">
++ <widget class="GtkVBox" id="vbox13">
++ <property name="border_width">16</property>
++ <property name="visible">True</property>
++ <property name="homogeneous">False</property>
++ <property name="spacing">6</property>
++
++ <child>
++ <widget class="GtkScrolledWindow" id="scrolledwindow4">
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
++ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
++ <property name="shadow_type">GTK_SHADOW_IN</property>
++ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
++
++ <child>
++ <widget class="GtkTreeView" id="user_transition_treeview">
++ <property name="visible">True</property>
++ <property name="tooltip" translatable="yes">Select the user types that will transiton to this applications domains.</property>
++ <property name="can_focus">True</property>
++ <property name="headers_visible">False</property>
++ <property name="rules_hint">False</property>
++ <property name="reorderable">False</property>
++ <property name="enable_search">True</property>
++ <property name="fixed_height_mode">False</property>
++ <property name="hover_selection">False</property>
++ <property name="hover_expand">False</property>
++ </widget>
++ </child>
++ </widget>
++ <packing>
++ <property name="padding">0</property>
++ <property name="expand">True</property>
++ <property name="fill">True</property>
++ </packing>
++ </child>
++ </widget>
++ </child>
++ </widget>
++ <packing>
++ <property name="tab_expand">False</property>
++ <property name="tab_fill">True</property>
++ </packing>
++ </child>
++
++ <child>
++ <widget class="GtkLabel" id="label30">
++ <property name="visible">True</property>
++ <property name="label" translatable="yes">label30</property>
++ <property name="use_underline">False</property>
++ <property name="use_markup">False</property>
++ <property name="justify">GTK_JUSTIFY_LEFT</property>
++ <property name="wrap">False</property>
++ <property name="selectable">False</property>
++ <property name="xalign">0.5</property>
++ <property name="yalign">0.5</property>
++ <property name="xpad">0</property>
++ <property name="ypad">0</property>
++ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
++ <property name="width_chars">-1</property>
++ <property name="single_line_mode">False</property>
++ <property name="angle">0</property>
++ </widget>
++ <packing>
++ <property name="type">tab</property>
++ </packing>
++ </child>
++
++ <child>
+ <widget class="GnomeDruidPageStandard" id="admin_page">
+ <property name="visible">True</property>
+ <property name="title" translatable="yes">Select additional domains that this user will administer</property>
@@ -1777,9 +1869,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label30">
++ <widget class="GtkLabel" id="label31">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label30</property>
++ <property name="label" translatable="yes">label31</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -1802,7 +1894,7 @@
+ <child>
+ <widget class="GnomeDruidPageStandard" id="roles_page">
+ <property name="visible">True</property>
-+ <property name="title" translatable="yes">Select additioanl roles for this user</property>
++ <property name="title" translatable="yes">Select additional roles for this user</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vbox13">
@@ -1851,9 +1943,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label31">
++ <widget class="GtkLabel" id="label32">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label31</property>
++ <property name="label" translatable="yes">label32</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -2274,9 +2366,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label32">
++ <widget class="GtkLabel" id="label33">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label32</property>
++ <property name="label" translatable="yes">label33</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -2300,6 +2392,8 @@
+ <widget class="GnomeDruidPageStandard" id="out_net_page">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports that application/user connects to. </property>
++ <property name="title" translatable="yes"></property>
++
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="druid-vbox7">
+ <property name="border_width">16</property>
@@ -2398,7 +2492,6 @@
+ <widget class="GtkEntry" id="out_tcp_entry">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports or ranges of ports that application/user connects to. Example: 612, 650-660</property>
-+
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
@@ -2530,7 +2623,7 @@
+ <child>
+ <widget class="GtkEntry" id="out_udp_entry">
+ <property name="visible">True</property>
-+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that application/user connects to. Example: 612, 650-660</property>
++ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that application/user connects to. Example: 612, 650-660</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
@@ -2590,9 +2683,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label33">
++ <widget class="GtkLabel" id="label34">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label33</property>
++ <property name="label" translatable="yes">label34</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -2722,9 +2815,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label34">
++ <widget class="GtkLabel" id="label35">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label34</property>
++ <property name="label" translatable="yes">label35</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -3052,9 +3145,9 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label35">
++ <widget class="GtkLabel" id="label43">
+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">label35</property>
++ <property name="label" translatable="yes"></property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -3168,7 +3261,7 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label43">
++ <widget class="GtkLabel" id="label44">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"></property>
+ <property name="use_underline">False</property>
@@ -3195,7 +3288,7 @@
+ <property name="visible">True</property>
+ <property name="position">GNOME_EDGE_FINISH</property>
+ <property name="title" translatable="yes">Generated Policy Files</property>
-+ <property name="text" translatable="yes">This tool will generate the following: Type Enforcment(te), File Context(fc), Interface(if), Shell Script(sh).
++ <property name="text" translatable="yes">This tool will generate the following: Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh).
+Execute shell script to compile/install and relabel files/directories. Now you can put the machine in permissive mode (setenforce 0).
+Run/restart the application to generate avc messages.
+Use audit2allow -R to generate additional rules for the te file.
@@ -3208,7 +3301,7 @@
+ </child>
+
+ <child>
-+ <widget class="GtkLabel" id="label44">
++ <widget class="GtkLabel" id="label45">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes"></property>
+ <property name="use_underline">False</property>
@@ -3309,8 +3402,8 @@
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.27/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/polgengui.py 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,476 @@
++++ policycoreutils-2.0.27/gui/polgengui.py 2007-09-28 15:36:01.000000000 -0400
+@@ -0,0 +1,495 @@
+#!/usr/bin/python
+#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
@@ -3390,14 +3483,15 @@
+ SELECT_TYPE_PAGE = 1
+ APP_PAGE = 2
+ TRANSITION_PAGE = 3
-+ ADMIN_PAGE = 4
-+ ROLE_PAGE = 5
-+ IN_NET_PAGE = 6
-+ OUT_NET_PAGE = 7
-+ COMMON_APPS_PAGE = 8
-+ FILES_PAGE = 9
-+ GEN_POLICY_PAGE = 10
-+ FINISH_PAGE = 11
++ USER_TRANSITION_PAGE = 4
++ ADMIN_PAGE = 5
++ ROLE_PAGE = 6
++ IN_NET_PAGE = 7
++ OUT_NET_PAGE = 8
++ COMMON_APPS_PAGE = 9
++ FILES_PAGE = 10
++ GEN_POLICY_PAGE = 11
++ FINISH_PAGE = 12
+
+ def __init__(self):
+ self.xml = xml
@@ -3420,6 +3514,7 @@
+ self.pages[polgen.RUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_POLICY_PAGE, self.FINISH_PAGE]
+ for i in polgen.APPLICATIONS:
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE,self.GEN_POLICY_PAGE, self.FINISH_PAGE ]
++ self.pages[polgen.USER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE,self.GEN_POLICY_PAGE, self.FINISH_PAGE ]
+
+ self.current_page = 0
+ self.back_button.set_sensitive(0)
@@ -3468,6 +3563,7 @@
+ self.role_store.set_value(iter, 0, i[:-2])
+
+ self.types = commands.getoutput("/usr/bin/seinfo -t").split()[2:]
++
+ self.transition_treeview = self.xml.get_widget("transition_treeview")
+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
+ self.transition_treeview.set_model(self.transition_store)
@@ -3476,6 +3572,18 @@
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
+ self.transition_treeview.append_column(col)
+
++ self.user_transition_treeview = self.xml.get_widget("user_transition_treeview")
++ self.user_transition_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.user_transition_treeview.set_model(self.user_transition_store)
++ self.user_transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
++ self.user_transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
++ self.user_transition_treeview.append_column(col)
++
++ for i in polgen.get_users():
++ iter = self.user_transition_store.append()
++ self.user_transition_store.set_value(iter, 0, i)
++
+ self.admin_treeview = self.xml.get_widget("admin_treeview")
+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
+ self.admin_treeview.set_model(self.admin_store)
@@ -3608,6 +3716,10 @@
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
+ if self.get_type() is polgen.DAEMON:
+ my_policy.set_init_script(self.init_script_entry.get_text())
++ if self.get_type() == polgen.USER:
++ selected = []
++ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_transition_users(selected)
+ else:
+ if self.get_type() == polgen.RUSER:
+ selected = []
@@ -3789,8 +3901,8 @@
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.27/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/polgen.py 2007-09-27 15:04:11.000000000 -0400
-@@ -0,0 +1,740 @@
++++ policycoreutils-2.0.27/gui/polgen.py 2007-09-28 15:36:04.000000000 -0400
+@@ -0,0 +1,759 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -3858,6 +3970,15 @@
+ sys.stderr.write("could not open interface info [%s]\n" % fn)
+ sys.exit(1)
+
++def get_users():
++ users = []
++ userdict = seobject.seluserRecords().get_all()
++ for i in userdict.keys():
++ if userdict[i][0] not in users:
++ users.append(userdict[i][0])
++ users.sort()
++ return users
++
+
+ALL = 0
+RESERVED = 1
@@ -3908,8 +4029,8 @@
+
+ def __init__(self, name, type):
+ ports = seobject.portRecords()
-+ self.dict = ports.get_all()
-+
++ self.ports = ports.get_all()
++
+ self.DEFAULT_DIRS = {}
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
+ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
@@ -3960,6 +4081,9 @@
+ def set_transition_domains(self, transition_domains):
+ self.transition_domains = transition_domains
+
++ def set_transition_users(self, transition_users):
++ self.transition_users = transition_users
++
+ def use_in_udp(self):
+ return self.__isnetset(self.in_udp)
+
@@ -3982,9 +4106,9 @@
+ return self.use_tcp() or self.use_udp()
+
+ def find_port(self, port):
-+ for begin,end in self.dict.keys():
++ for begin,end in self.ports.keys():
+ if port >= begin and port <= end:
-+ return self.dict[begin,end]
++ return self.ports[begin,end]
+ return None
+
+ def set_program(self, program):
@@ -4178,6 +4302,12 @@
+ for app in self.transition_domains:
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_transition_rules)
+ newte += re.sub("APPLICATION", app, tmp)
++
++ if self.type == USER:
++ for u in self.transition_users:
++ temp = re.sub("TEMPLATETYPE", self.name, executable.te_userapp_trans_rules)
++ newte += re.sub("USER", u, temp)
++
+ return newte
+
+ def generate_admin_rules(self):
@@ -4477,6 +4607,7 @@
+ mypolicy.set_use_pam(True)
+ mypolicy.add_file("/var/lib/myuser/myuser.sock")
+ mypolicy.set_out_tcp(0,"8000")
++ mypolicy.set_transition_users(["unconfined", "staff"])
+ print mypolicy.generate("/var/tmp")
+
+
@@ -4533,8 +4664,8 @@
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.27/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/portsPage.py 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,247 @@
++++ policycoreutils-2.0.27/gui/portsPage.py 2007-10-01 17:44:08.000000000 -0400
+@@ -0,0 +1,251 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -4586,6 +4717,8 @@
+class portsPage(semanagePage):
+ def __init__(self, xml):
+ semanagePage.__init__(self, xml, "ports", "Network Port")
++ xml.signal_connect("on_group_clicked", self.on_group_clicked)
++ self.group = False
+ self.ports_filter = xml.get_widget("portsFilterEntry")
+ self.ports_filter.connect("focus_out_event", self.filter_changed)
+ self.ports_filter.connect("activate", self.filter_changed)
@@ -4596,8 +4729,6 @@
+ self.ports_add_button = xml.get_widget("portsAddButton")
+ self.ports_properties_button = xml.get_widget("portsPropertiesButton")
+ self.ports_delete_button = xml.get_widget("portsDeleteButton")
-+ self.ports_group_togglebutton = xml.get_widget("portsGroupTogglebutton")
-+ self.ports_group_togglebutton.connect("toggled", self.group_toggle)
+ liststore = self.ports_protocol_combo.get_model()
+ iter = liststore.get_iter_first()
+ self.ports_protocol_combo.set_active_iter(iter)
@@ -4640,17 +4771,6 @@
+ self.view.append_column(col)
+ self.store.set_sort_func(PORT_COL,self.sort_int, "")
+
-+ def group_toggle(self, button):
-+ self.edit = not button.get_active()
-+ self.ports_add_button.set_sensitive(self.edit)
-+ self.ports_properties_button.set_sensitive(self.edit)
-+ self.ports_delete_button.set_sensitive(self.edit)
-+ self.mls_col.set_visible(self.edit)
-+ if self.edit:
-+ self.load(self.filter)
-+ else:
-+ self.group_load(self.filter)
-+
+ def sort_int(self, treemodel, iter1, iter2, user_data):
+ try:
+ p1 = int(treemodel.get_value(iter1,2))
@@ -4666,7 +4786,7 @@
+ def load(self,filter = ""):
+ self.filter=filter
+ self.port = seobject.portRecords()
-+ dict = self.port.get_all()
++ dict = self.port.get_all(self.local)
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
@@ -4687,7 +4807,7 @@
+ def group_load(self, filter = ""):
+ self.filter=filter
+ self.port = seobject.portRecords()
-+ dict = self.port.get_all_by_type()
++ dict = self.port.get_all_by_type(self.local)
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
@@ -4781,7 +4901,22 @@
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
+ self.store.set_value(iter, MLS_COL, mls)
+
++ def on_group_clicked(self, button):
++ self.ports_add_button.set_sensitive(self.group)
++ self.ports_properties_button.set_sensitive(self.group)
++ self.ports_delete_button.set_sensitive(self.group)
++ self.mls_col.set_visible(self.group)
++
++ self.group = not self.group
++ if self.group:
++ button.set_label(_("List View"))
++ self.group_load(self.filter)
++ else:
++ button.set_label(_("Group View"))
++ self.load(self.filter)
+
++ return True
++
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.27/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.27/gui/selinux.tbl 2007-09-27 11:20:32.000000000 -0400
@@ -5457,8 +5592,8 @@
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.27/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/system-config-selinux.glade 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,3393 @@
++++ policycoreutils-2.0.27/gui/system-config-selinux.glade 2007-10-01 17:44:01.000000000 -0400
+@@ -0,0 +1,3339 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
@@ -7345,9 +7480,9 @@
+ <property name="show_arrow">True</property>
+
+ <child>
-+ <widget class="GtkToolButton" id="toolbutton33">
++ <widget class="GtkToolButton" id="booleanRevertButton">
+ <property name="visible">True</property>
-+ <property name="tooltip" translatable="yes">Revert boolean setting to default</property>
++ <property name="tooltip" translatable="yes">Revert boolean setting to system default</property>
+ <property name="stock_id">gtk-revert-to-saved</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
@@ -8367,92 +8502,38 @@
+ </child>
+
+ <child>
-+ <widget class="GtkToolItem" id="toolitem1">
++ <widget class="GtkToolButton" id="listViewButton">
+ <property name="visible">True</property>
++ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
++ <property name="label" translatable="yes">Group View</property>
++ <property name="use_underline">True</property>
++ <property name="stock_id">gtk-indent</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
++ <signal name="clicked" handler="on_group_clicked" last_modification_time="Mon, 01 Oct 2007 21:31:19 GMT"/>
++ </widget>
++ <packing>
++ <property name="expand">False</property>
++ <property name="homogeneous">True</property>
++ </packing>
++ </child>
+
-+ <child>
-+ <widget class="GtkToggleButton" id="portsGroupTogglebutton">
-+ <property name="visible">True</property>
-+ <property name="tooltip" translatable="yes">Group/ungroup network ports by SELinux type.</property>
-+ <property name="can_focus">True</property>
-+ <property name="relief">GTK_RELIEF_NORMAL</property>
-+ <property name="focus_on_click">True</property>
-+ <property name="active">False</property>
-+ <property name="inconsistent">False</property>
-+ <signal name="toggled" handler="on_groupview_toggled" last_modification_time="Wed, 15 Nov 2006 16:55:38 GMT"/>
-+
-+ <child>
-+ <widget class="GtkAlignment" id="alignment3">
-+ <property name="visible">True</property>
-+ <property name="xalign">0.5</property>
-+ <property name="yalign">0.5</property>
-+ <property name="xscale">0</property>
-+ <property name="yscale">0</property>
-+ <property name="top_padding">0</property>
-+ <property name="bottom_padding">0</property>
-+ <property name="left_padding">0</property>
-+ <property name="right_padding">0</property>
-+
-+ <child>
-+ <widget class="GtkHBox" id="hbox5">
-+ <property name="visible">True</property>
-+ <property name="homogeneous">False</property>
-+ <property name="spacing">2</property>
-+
-+ <child>
-+ <widget class="GtkImage" id="image1">
-+ <property name="visible">True</property>
-+ <property name="stock">gtk-indent</property>
-+ <property name="icon_size">4</property>
-+ <property name="xalign">0.5</property>
-+ <property name="yalign">0.5</property>
-+ <property name="xpad">0</property>
-+ <property name="ypad">0</property>
-+ </widget>
-+ <packing>
-+ <property name="padding">0</property>
-+ <property name="expand">False</property>
-+ <property name="fill">False</property>
-+ </packing>
-+ </child>
-+
-+ <child>
-+ <widget class="GtkLabel" id="label46">
-+ <property name="visible">True</property>
-+ <property name="label" translatable="yes">Group View</property>
-+ <property name="use_underline">True</property>
-+ <property name="use_markup">False</property>
-+ <property name="justify">GTK_JUSTIFY_LEFT</property>
-+ <property name="wrap">False</property>
-+ <property name="selectable">False</property>
-+ <property name="xalign">0.5</property>
-+ <property name="yalign">0.5</property>
-+ <property name="xpad">0</property>
-+ <property name="ypad">0</property>
-+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
-+ <property name="width_chars">-1</property>
-+ <property name="single_line_mode">False</property>
-+ <property name="angle">0</property>
-+ </widget>
-+ <packing>
-+ <property name="padding">0</property>
-+ <property name="expand">False</property>
-+ <property name="fill">False</property>
-+ </packing>
-+ </child>
-+ </widget>
-+ </child>
-+ </widget>
-+ </child>
-+ </widget>
-+ </child>
++ <child>
++ <widget class="GtkToolButton" id="toolbutton35">
++ <property name="visible">True</property>
++ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
++ <property name="label" translatable="yes">Customized</property>
++ <property name="use_underline">True</property>
++ <property name="stock_id">gtk-find</property>
++ <property name="visible_horizontal">True</property>
++ <property name="visible_vertical">True</property>
++ <property name="is_important">False</property>
++ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
-+ <property name="homogeneous">False</property>
++ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
@@ -9033,8 +9114,8 @@
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.27/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.27/gui/templates/executable.py 2007-09-27 11:20:32.000000000 -0400
-@@ -0,0 +1,278 @@
++++ policycoreutils-2.0.27/gui/templates/executable.py 2007-09-28 15:36:45.000000000 -0400
+@@ -0,0 +1,291 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -9179,6 +9260,19 @@
+auth_domtrans_chk_passwd(TEMPLATETYPE_t)
+"""
+
++te_userapp_trans_rules="""
++optional_policy(`
++ gen_require(`
++ type USER_t;
++ type USER_devpts_t;
++ type USER_tty_device_t;
++ role USER_r;
++ ')
++
++ TEMPLATETYPE_run(USER_t, USER_r, { USER_tty_device_t USER_devpts_t })
++')
++"""
++
+########################### Interface File #############################
+if_program_rules="""
+## <summary>policy for TEMPLATETYPE</summary>
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.454
retrieving revision 1.455
diff -u -r1.454 -r1.455
--- policycoreutils.spec 27 Sep 2007 19:05:27 -0000 1.454
+++ policycoreutils.spec 1 Oct 2007 21:45:35 -0000 1.455
@@ -1,4 +1,4 @@
-%define libauditver 1.4.2-1
+ %define libauditver 1.4.2-1
%define libsepolver 2.0.10-1
%define libsemanagever 2.0.5-1
%define libselinuxver 2.0.34-1
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.27
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -199,6 +199,9 @@
fi
%changelog
+* Fri Sep 28 2007 Dan Walsh <dwalsh at redhat.com> 2.0.27-4
+- Allow policy writer to select user types to transition to there users
+
* Thu Sep 27 2007 Dan Walsh <dwalsh at redhat.com> 2.0.27-3
- Fix bug in building policy with polgengui
- Creating ports correctly
More information about the fedora-extras-commits
mailing list