rpms/policycoreutils/devel policycoreutils-sepolgen.patch, 1.8, 1.9 policycoreutils.spec, 1.500, 1.501
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Wed Jan 23 20:23:32 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13351
Modified Files:
policycoreutils-sepolgen.patch policycoreutils.spec
Log Message:
* Wed Jan 23 2008 Dan Walsh <dwalsh at redhat.com> 2.0.36-1
- Update to upstream
* Merged update to chcat, fixfiles, and semanage scripts from Dan Walsh.
* Merged sepolgen fixes from Dan Walsh.
policycoreutils-sepolgen.patch:
Index: policycoreutils-sepolgen.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-sepolgen.patch,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- policycoreutils-sepolgen.patch 21 Dec 2007 07:14:11 -0000 1.8
+++ policycoreutils-sepolgen.patch 23 Jan 2008 20:23:24 -0000 1.9
@@ -1,140 +1,7 @@
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/audit.py policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/audit.py
---- nsasepolgen/src/sepolgen/audit.py 2007-09-13 08:21:11.000000000 -0400
-+++ policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/audit.py 2007-12-21 02:10:43.000000000 -0500
-@@ -32,7 +32,7 @@
- string contain all of the audit messages returned by ausearch.
- """
- import subprocess
-- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START"],
-+ output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
- stdout=subprocess.PIPE).communicate()[0]
- return output
-
-@@ -251,7 +251,9 @@
- self.type = refpolicy.SecurityContext(dict["tcontext"]).type
- except:
- raise ValueError("Split string does not represent a valid compute sid message")
--
-+ def output(self):
-+ return "role %s types %s;\n" % (self.role, self.type)
-+
- # Parser for audit messages
-
- class AuditParser:
-@@ -402,6 +404,26 @@
- self.__parse(l)
- self.__post_process()
-
-+ def to_role(self, role_filter=None):
-+ """Return list of SELINUX_ERR messages matching the specified filter
-+
-+ Filter out types that match the filer, or all roles
-+
-+ Params:
-+ role_filter - [optional] Filter object used to filter the
-+ output.
-+ Returns:
-+ Access vector set representing the denied access in the
-+ audit logs parsed by this object.
-+ """
-+ roles = []
-+ if role_filter:
-+ for selinux_err in self.compute_sid_msgs:
-+ if role_filter.filter(selinux_err):
-+ roles.append(selinux_err)
-+ return roles
-+ return self.compute_sid_msgs
-+
- def to_access(self, avc_filter=None, only_denials=True):
- """Convert the audit logs access into a an access vector set.
-
-diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/refparser.py
---- nsasepolgen/src/sepolgen/refparser.py 2007-09-13 08:21:11.000000000 -0400
-+++ policycoreutils-2.0.34/sepolgen-1.0.10/src/sepolgen/refparser.py 2007-12-20 14:20:49.000000000 -0500
-@@ -118,6 +118,7 @@
- 'TEMPLATE',
- 'GEN_CONTEXT',
- # m4
-+ 'IFELSE',
- 'IFDEF',
- 'IFNDEF',
- 'DEFINE'
-@@ -174,6 +175,7 @@
- 'template' : 'TEMPLATE',
- 'gen_context' : 'GEN_CONTEXT',
- # M4
-+ 'ifelse' : 'IFELSE',
- 'ifndef' : 'IFNDEF',
- 'ifdef' : 'IFDEF',
- 'define' : 'DEFINE'
-@@ -220,6 +222,12 @@
- # Ignore all comments
- t.lexer.lineno += 1
-
-+def t_refpolicywarn1(t):
-+ r'define.*refpolicywarn\(.*\n'
-+ # Ignore refpolicywarn statements - they sometimes
-+ # contain text that we can't parse.
-+ t.skip(1)
-+
- def t_refpolicywarn(t):
- r'refpolicywarn\(.*\n'
- # Ignore refpolicywarn statements - they sometimes
-@@ -258,10 +266,12 @@
- m = None
- # error is either None (indicating no error) or a string error message.
- error = None
-+parse_file = ""
- # spt is the support macros (e.g., obj/perm sets) - it is an instance of
- # refpolicy.SupportMacros and should always be present during parsing
- # though it may not contain any macros.
- spt = None
-+success=True
-
- # utilities
- def collect(stmts, parent, val=None):
-@@ -382,6 +392,19 @@
- collect(p[12], x, val=False)
- p[0] = [x]
-
-+def p_ifelse(p):
-+ '''ifelse : IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
-+ | IFELSE OPAREN TICK IDENTIFIER SQUOTE COMMA TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
-+ '''
-+# x = refpolicy.IfDef(p[4])
-+# v = True
-+# collect(p[8], x, val=v)
-+# if len(p) > 12:
-+# collect(p[12], x, val=False)
-+# p[0] = [x]
-+ pass
-+
-+
- def p_ifdef(p):
- '''ifdef : IFDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
- | IFNDEF OPAREN TICK IDENTIFIER SQUOTE COMMA TICK interface_stmts SQUOTE CPAREN optional_semi
-@@ -446,6 +469,7 @@
- | optional_policy
- | tunable_policy
- | ifdef
-+ | ifelse
- | conditional
- '''
- p[0] = p[1]
-@@ -844,8 +868,11 @@
-
- def p_error(tok):
- global error
-- error = "Syntax error on line %d %s [type=%s]" % (tok.lineno, tok.value, tok.type)
-+ global parse_file
-+ global success
-+ error = "%s: Syntax error on line %d %s [type=%s]" % (parse_file, tok.lineno, tok.value, tok.type)
- print error
-+ success = False
-
- def prep_spt(spt):
- if not spt:
-@@ -892,7 +919,7 @@
+diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/refparser.py policycoreutils-2.0.35/sepolgen-1.0.10/src/sepolgen/refparser.py
+--- nsasepolgen/src/sepolgen/refparser.py 2008-01-23 14:36:29.000000000 -0500
++++ policycoreutils-2.0.35/sepolgen-1.0.10/src/sepolgen/refparser.py 2008-01-11 11:17:50.000000000 -0500
+@@ -919,7 +919,7 @@
def list_headers(root):
modules = []
support_macros = None
@@ -143,18 +10,3 @@
for dirpath, dirnames, filenames in os.walk(root):
for name in filenames:
-@@ -941,12 +968,14 @@
- output.write(msg)
-
- def parse_file(f, module, spt=None):
-+ global parse_file
- if debug:
- o("parsing file %s\n" % f)
- try:
- fd = open(f)
- txt = fd.read()
- fd.close()
-+ parse_file = f
- parse(txt, module, spt, debug)
- except IOError, e:
- return
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.500
retrieving revision 1.501
diff -u -r1.500 -r1.501
--- policycoreutils.spec 23 Jan 2008 19:44:15 -0000 1.500
+++ policycoreutils.spec 23 Jan 2008 20:23:24 -0000 1.501
@@ -25,7 +25,7 @@
Patch3: policycoreutils-gui.patch
Patch4: policycoreutils-sepolgen.patch
-BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
+BuildRequires: pam-devel libsepol-static >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
Requires: libselinux >= %{libselinuxver} libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} coreutils audit-libs-python >= %{libauditver} checkpolicy libselinux-python
Requires(post): /sbin/service /sbin/chkconfig
@@ -196,6 +196,7 @@
* Wed Jan 23 2008 Dan Walsh <dwalsh at redhat.com> 2.0.36-1
- Update to upstream
* Merged update to chcat, fixfiles, and semanage scripts from Dan Walsh.
+ * Merged sepolgen fixes from Dan Walsh.
* Tue Jan 22 2008 Dan Walsh <dwalsh at redhat.com> 2.0.35-5
- handle files with spaces on upgrades
More information about the fedora-extras-commits
mailing list