rpms/setools/devel setools-python.patch, NONE, 1.1 setools.spec, 1.91, 1.92
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Aug 11 14:47:51 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/setools/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10649
Modified Files:
setools.spec
Added Files:
setools-python.patch
Log Message:
* Tue Aug 11 2009 Dan Walsh <dwalsh at redhat.com> 3.3.6-4
- Add python bindings for sesearch and seinfo
setools-python.patch:
Makefile.am | 2
Makefile.in | 4
configure.ac | 6
python/Makefile.am | 2
python/Makefile.in | 715 +++++++++++++++++++++++++++++++++++++++++++++
python/setools/Makefile.am | 24 +
python/setools/Makefile.in | 539 +++++++++++++++++++++++++++++++++
python/setools/__init__.py | 49 +++
python/setools/seinfo.c | 649 ++++++++++++++++++++++++++++++++++++++++
python/setools/sesearch.c | 477 ++++++++++++++++++++++++++++++
python/setools/setup.py | 10
11 files changed, 2473 insertions(+), 4 deletions(-)
--- NEW FILE setools-python.patch ---
diff -up setools-3.3.6/configure.ac.python setools-3.3.6/configure.ac
--- setools-3.3.6/configure.ac.python 2009-08-10 15:24:55.000000000 -0400
+++ setools-3.3.6/configure.ac 2009-08-10 15:24:59.000000000 -0400
@@ -216,6 +216,9 @@ if test "x${enable_jswig}" = xyes; then
do_swigify_java=yes
do_swigify=yes
fi
+
+AM_PATH_PYTHON(2.6)
+
AC_ARG_ENABLE(swig-python,
AC_HELP_STRING([--enable-swig-python],
[build SWIG interfaces for Python]),
@@ -224,7 +227,6 @@ if test "x${enable_pyswig}" = xyes; then
if test ${do_swigify} = no; then
AC_PROG_SWIG(1.3.28)
fi
- AM_PATH_PYTHON(2.3)
SWIG_PYTHON
do_swigify_python=yes
do_swigify=yes
@@ -873,6 +875,8 @@ AC_CONFIG_FILES([Makefile VERSION \
sediff/Makefile \
man/Makefile \
debian/Makefile \
+ python/Makefile \
+ python/setools/Makefile \
packages/Makefile packages/rpm/Makefile \
packages/libqpol.pc packages/libapol.pc packages/libpoldiff.pc packages/libseaudit.pc packages/libsefs.pc])
diff -up setools-3.3.6/Makefile.am.python setools-3.3.6/Makefile.am
--- setools-3.3.6/Makefile.am.python 2009-08-10 15:23:45.000000000 -0400
+++ setools-3.3.6/Makefile.am 2009-08-10 15:23:50.000000000 -0400
@@ -10,7 +10,7 @@ if BUILD_GUI
endif
# sediffx is also built conditionally, from sediffx/Makefile.am
-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
diff -up setools-3.3.6/Makefile.in.python setools-3.3.6/Makefile.in
--- setools-3.3.6/Makefile.in.python 2009-08-10 15:24:17.000000000 -0400
+++ setools-3.3.6/Makefile.in 2009-08-10 15:25:59.000000000 -0400
@@ -79,7 +79,7 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGE
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds \
- sechecker sediff man packages debian apol seaudit
+ sechecker sediff man packages debian apol seaudit python
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
@@ -384,7 +384,7 @@ AUTOMAKE_OPTIONS = dist-bzip2
@BUILD_APOL_TRUE at MAYBE_APOL = apol
@BUILD_GUI_TRUE at MAYBE_GUI = seaudit
# sediffx is also built conditionally, from sediffx/Makefile.am
-SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI)
+SUBDIRS = libqpol libapol libsefs libpoldiff libseaudit secmds sechecker sediff man packages debian $(MAYBE_APOL) $(MAYBE_GUI) python
#old indent opts
#INDENT_OPTS = -npro -nbad -bap -sob -ss -l132 -di1 -nbc -br -nbbb -c40 -cd40 -ncdb -ce -cli0 -cp40 -ncs -d0 -nfc1 -nfca -i8 -ts8 -ci8 -lp -ip0 -npcs -npsl -sc
diff -up setools-3.3.6/python/Makefile.am.python setools-3.3.6/python/Makefile.am
--- setools-3.3.6/python/Makefile.am.python 2009-08-11 09:57:16.000000000 -0400
+++ setools-3.3.6/python/Makefile.am 2009-08-10 15:23:25.000000000 -0400
@@ -0,0 +1,2 @@
+SUBDIRS = setools
+
diff -up setools-3.3.6/python/Makefile.in.python setools-3.3.6/python/Makefile.in
--- setools-3.3.6/python/Makefile.in.python 2009-08-11 09:57:20.000000000 -0400
+++ setools-3.3.6/python/Makefile.in 2009-08-10 15:25:58.000000000 -0400
@@ -0,0 +1,715 @@
+# Makefile.in generated by automake 1.11 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
+# Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+ at SET_MAKE@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = python
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/ac_check_classpath.m4 \
+ $(top_srcdir)/m4/ac_java_options.m4 \
+ $(top_srcdir)/m4/ac_pkg_swig.m4 \
+ $(top_srcdir)/m4/ac_prog_jar.m4 \
+ $(top_srcdir)/m4/ac_prog_java.m4 \
+ $(top_srcdir)/m4/ac_prog_java_works.m4 \
+ $(top_srcdir)/m4/ac_prog_javac.m4 \
+ $(top_srcdir)/m4/ac_prog_javac_works.m4 \
+ $(top_srcdir)/m4/ac_python_devel.m4 $(top_srcdir)/m4/c.m4 \
+ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
+ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+ $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/m4/swig_python.m4 $(top_srcdir)/m4/tcl.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-dvi-recursive install-exec-recursive \
+ install-html-recursive install-info-recursive \
+ install-pdf-recursive install-ps-recursive install-recursive \
+ installcheck-recursive installdirs-recursive pdf-recursive \
+ ps-recursive uninstall-recursive
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
+ $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \
+ distdir
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+APOL_CFLAGS = @APOL_CFLAGS@
+APOL_LIB_FLAG = @APOL_LIB_FLAG@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BWIDGET_DESTDIR = @BWIDGET_DESTDIR@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CUNIT_LIB_FLAG = @CUNIT_LIB_FLAG@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH = @CYGPATH@
+CYGPATH_W = @CYGPATH_W@
+DEBUGCFLAGS = @DEBUGCFLAGS@
+DEBUGCXXFLAGS = @DEBUGCXXFLAGS@
+DEBUGJFLAGS = @DEBUGJFLAGS@
[...2161 lines suppressed...]
+
+PyObject* sesearch(bool allow,
+ bool neverallow,
+ bool auditallow,
+ bool dontaudit,
+ const char *src_name,
+ const char *tgt_name,
+ const char *class_name,
+ const char *permlist
+ )
+{
+ options_t cmd_opts;
+ int rt = -1;
+ PyObject *output = NULL;
+
+ apol_policy_t *policy = NULL;
+ apol_vector_t *v = NULL;
+ apol_policy_path_t *pol_path = NULL;
+ apol_vector_t *mod_paths = NULL;
+ apol_policy_path_type_e path_type = APOL_POLICY_PATH_TYPE_MONOLITHIC;
+
+ memset(&cmd_opts, 0, sizeof(cmd_opts));
+ cmd_opts.indirect = true;
+ cmd_opts.allow = allow;
+ cmd_opts.nallow = neverallow;
+ cmd_opts.auditallow = auditallow;
+ cmd_opts.dontaudit = dontaudit;
+ if (src_name)
+ cmd_opts.src_name = strdup(src_name);
+ if (tgt_name)
+ cmd_opts.tgt_name = strdup(tgt_name);
+ if (class_name)
+ cmd_opts.class_name = strdup(class_name);
+ if (permlist){
+ cmd_opts.perm_vector = apol_vector_create(free);
+ cmd_opts.permlist = strdup(permlist);
+ }
+ int pol_opt = 0;
+ if (!(cmd_opts.nallow || cmd_opts.all))
+ pol_opt |= QPOL_POLICY_OPTION_NO_NEVERALLOWS;
+
+
+ rt = qpol_default_policy_find(&policy_file);
+ if (rt) {
+ PyErr_SetString(PyExc_RuntimeError,"No default policy found.");
+ return NULL;
+ }
+ pol_opt |= QPOL_POLICY_OPTION_MATCH_SYSTEM;
+
+ if (apol_file_is_policy_path_list(policy_file) > 0) {
+ pol_path = apol_policy_path_create_from_file(policy_file);
+ if (!pol_path) {
+ free(policy_file);
+ PyErr_SetString(PyExc_RuntimeError,"invalid policy list");
+ return NULL;
+ }
+ }
+
+ if (!pol_path)
+ pol_path = apol_policy_path_create(path_type, policy_file, mod_paths);
+ if (!pol_path) {
+ free(policy_file);
+ PyErr_SetString(PyExc_RuntimeError,strerror(ENOMEM));
+ return NULL;
+ }
+ free(policy_file);
+ apol_vector_destroy(&mod_paths);
+
+ policy = apol_policy_create_from_policy_path(pol_path, pol_opt, NULL, NULL);
+ if (!policy) {
+ apol_policy_path_destroy(&pol_path);
+ PyErr_SetString(PyExc_RuntimeError,strerror(errno));
+ return NULL;
+ }
+ /* handle regex for class name */
+ if (cmd_opts.useregex && cmd_opts.class_name != NULL) {
+ cmd_opts.class_vector = apol_vector_create(NULL);
+ apol_vector_t *qpol_matching_classes = NULL;
+ apol_class_query_t *regex_match_query = apol_class_query_create();
+ apol_class_query_set_regex(policy, regex_match_query, 1);
+ apol_class_query_set_class(policy, regex_match_query, cmd_opts.class_name);
+ if (apol_class_get_by_query(policy, regex_match_query, &qpol_matching_classes)) {
+ apol_class_query_destroy(®ex_match_query);
+ PyErr_SetString(PyExc_RuntimeError,"Query failed");
+ goto cleanup;
+ }
+ const qpol_class_t *class = NULL;
+ size_t i;
+ for (i = 0; i < apol_vector_get_size(qpol_matching_classes); ++i) {
+ const char *class_name;
+ class = apol_vector_get_element(qpol_matching_classes, i);
+ if (!class)
+ break;
+ qpol_class_get_name(apol_policy_get_qpol(policy), class, &class_name);
+ apol_vector_append(cmd_opts.class_vector, (void *)class_name);
+ }
+ if (!apol_vector_get_size(qpol_matching_classes)) {
+ apol_vector_destroy(&qpol_matching_classes);
+ apol_class_query_destroy(®ex_match_query);
+ PyErr_SetString(PyExc_RuntimeError,"No classes match expression");
+ goto cleanup;
+ }
+ apol_vector_destroy(&qpol_matching_classes);
+ apol_class_query_destroy(®ex_match_query);
+ }
+
+ if (!cmd_opts.semantic && qpol_policy_has_capability(apol_policy_get_qpol(policy), QPOL_CAP_SYN_RULES)) {
+ if (qpol_policy_build_syn_rule_table(apol_policy_get_qpol(policy))) {
+ apol_policy_destroy(&policy);
+ PyErr_SetString(PyExc_RuntimeError,"Query failed");
+ goto cleanup;
+ }
+ }
+
+ /* if syntactic rules are not available always do semantic search */
+ if (!qpol_policy_has_capability(apol_policy_get_qpol(policy), QPOL_CAP_SYN_RULES)) {
+ cmd_opts.semantic = 1;
+ }
+
+ /* supress line numbers if doing semantic search or not available */
+ if (cmd_opts.semantic || !qpol_policy_has_capability(apol_policy_get_qpol(policy), QPOL_CAP_LINE_NUMBERS)) {
+ cmd_opts.lineno = 0;
+ }
+ if (perform_av_query(policy, &cmd_opts, &v)) {
+ goto cleanup;
+ }
+ if (v) {
+ output = get_av_results(policy, &cmd_opts, v);
+ }
+ apol_vector_destroy(&v);
+ cleanup:
+ apol_policy_destroy(&policy);
+ apol_policy_path_destroy(&pol_path);
+ free(cmd_opts.src_name);
+ free(cmd_opts.tgt_name);
+ free(cmd_opts.class_name);
+ free(cmd_opts.permlist);
+ free(cmd_opts.bool_name);
+ free(cmd_opts.src_role_name);
+ free(cmd_opts.tgt_role_name);
+ apol_vector_destroy(&cmd_opts.perm_vector);
+ apol_vector_destroy(&cmd_opts.class_vector);
+
+ return output;
+}
+static int Dict_ContainsInt(PyObject *dict, const char *key){
+ PyObject *item = PyDict_GetItemString(dict, key);
+ if (item)
+ return PyInt_AsLong(item);
+ return false;
+}
+
+static const char *Dict_ContainsString(PyObject *dict, const char *key){
+ PyObject *item = PyDict_GetItemString(dict, key);
+ if (item)
+ return PyString_AsString(item);
+ return NULL;
+}
+
+PyObject *wrap_sesearch(PyObject *self, PyObject *args){
+ PyObject *dict;
+ if (!PyArg_ParseTuple(args, "O", &dict))
+ return NULL;
+ int allow = Dict_ContainsInt(dict, "allow");
+ int neverallow = Dict_ContainsInt(dict, "neverallow");
+ int auditallow = Dict_ContainsInt(dict, "auditallow");
+ int dontaudit = Dict_ContainsInt(dict, "dontaudit");
+
+ const char *src_name = Dict_ContainsString(dict, "scontext");
+ const char *tgt_name = Dict_ContainsString(dict, "tcontext");
+ const char *class_name = Dict_ContainsString(dict, "class");
+ const char *permlist = Dict_ContainsString(dict, "permlist");
+
+ return Py_BuildValue("O",sesearch(allow, neverallow, auditallow, dontaudit, src_name, tgt_name, class_name, permlist));
+
+}
+
+static PyMethodDef methods[] = {
+ {"sesearch", (PyCFunction) wrap_sesearch, METH_VARARGS},
+ {NULL, NULL, 0, NULL}
+};
+
+void init_sesearch(){
+ PyObject *m;
+ m = Py_InitModule("_sesearch", methods);
+}
diff -up setools-3.3.6/python/setools/setup.py.python setools-3.3.6/python/setools/setup.py
--- setools-3.3.6/python/setools/setup.py.python 2009-08-11 09:56:15.000000000 -0400
+++ setools-3.3.6/python/setools/setup.py 2009-08-10 15:23:25.000000000 -0400
@@ -0,0 +1,10 @@
+#!/usr/bin/env python
+
+# Author: Thomas Liu <tliu at redhat.com>
+
+from distutils.core import setup, Extension
+extension_sesearch = Extension("setools._sesearch", [ "sesearch.c"], libraries=["apol", "qpol"] )
+extension_seinfo = Extension("setools._seinfo", [ "seinfo.c"], libraries=["apol", "qpol"] )
+
+setup(name = "setools", version="1.0", description="Python setools bindings", author="Thomas Liu", author_email="tliu at redhat.com", ext_modules=[extension_sesearch, extension_seinfo], packages=["setools"])
+
Index: setools.spec
===================================================================
RCS file: /cvs/extras/rpms/setools/devel/setools.spec,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -p -r1.91 -r1.92
--- setools.spec 28 Jul 2009 13:43:02 -0000 1.91
+++ setools.spec 11 Aug 2009 14:47:50 -0000 1.92
@@ -5,7 +5,7 @@
Name: setools
Version: %{setools_maj_ver}.%{setools_min_ver}
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2
URL: http://oss.tresys.com/projects/setools
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -15,6 +15,7 @@ Source2: apol.desktop
Source3: seaudit.desktop
Source4: sediffx.desktop
Patch1: setools-qpol.patch
+Patch2: setools-python.patch
Summary: Policy analysis tools for SELinux
Group: System Environment/Base
Requires: setools-libs = %{version}-%{release} setools-libs-tcl = %{version}-%{release} setools-gui = %{version}-%{release} setools-console = %{version}-%{release}
@@ -187,6 +188,7 @@ This package includes the following grap
%prep
%setup -q
%patch1 -p 1 -b .qpol
+%patch2 -p 1 -b .python
%build
%configure --libdir=%{_libdir} --disable-bwidget-check --disable-selinux-check \
@@ -346,6 +348,9 @@ rm -rf ${RPM_BUILD_ROOT}
%postun libs-tcl -p /sbin/ldconfig
%changelog
+* Tue Aug 11 2009 Dan Walsh <dwalsh at redhat.com> 3.3.6-4
+- Add python bindings for sesearch and seinfo
+
* Tue Jul 28 2009 Dan Walsh <dwalsh at redhat.com> 3.3.6-3
- Fix qpol install of include files
More information about the fedora-extras-commits
mailing list