rpms/policycoreutils/devel .cvsignore, 1.204, 1.205 policycoreutils-rhat.patch, 1.455, 1.456 policycoreutils.spec, 1.659, 1.660 sources, 1.214, 1.215
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Nov 18 22:20:44 UTC 2009
- Previous message (by thread): rpms/libsemanage/devel .cvsignore, 1.107, 1.108 libsemanage-rhat.patch, 1.58, 1.59 libsemanage.spec, 1.189, 1.190 sources, 1.110, 1.111
- Next message (by thread): rpms/selinux-policy/F-12 policy-F12.patch, 1.135, 1.136 selinux-policy.spec, 1.967, 1.968
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24095
Modified Files:
.cvsignore policycoreutils-rhat.patch policycoreutils.spec
sources
Log Message:
* Wed Nov 18 2009 Dan Walsh <dwalsh at redhat.com> 2.0.76-1
- Update to upstream
* Remove setrans management from semanage, as it does not work
from Dan Walsh.
* Move load_policy from /usr/sbin to /sbin from Dan Walsh.
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/.cvsignore,v
retrieving revision 1.204
retrieving revision 1.205
diff -u -p -r1.204 -r1.205
--- .cvsignore 9 Nov 2009 21:12:58 -0000 1.204
+++ .cvsignore 18 Nov 2009 22:20:42 -0000 1.205
@@ -209,3 +209,4 @@ sepolgen-1.0.17.tgz
policycoreutils-2.0.73.tgz
policycoreutils-2.0.74.tgz
policycoreutils-2.0.75.tgz
+policycoreutils-2.0.76.tgz
policycoreutils-rhat.patch:
Makefile | 2
VERSION | 2
audit2allow/audit2allow | 14
load_policy/Makefile | 2
restorecond/Makefile | 24 +
restorecond/org.selinux.Restorecond.service | 3
restorecond/restorecond.8 | 15
restorecond/restorecond.c | 427 +++++-----------------------
restorecond/restorecond.conf | 5
restorecond/restorecond.desktop | 7
restorecond/restorecond.h | 18 +
restorecond/restorecond.init | 5
restorecond/restorecond_user.conf | 2
restorecond/user.c | 237 +++++++++++++++
restorecond/watch.c | 253 ++++++++++++++++
sandbox/Makefile | 31 ++
sandbox/deliverables/README | 32 ++
sandbox/deliverables/basicwrapper | 4
sandbox/deliverables/run-in-sandbox.py | 49 +++
sandbox/deliverables/sandbox | 216 ++++++++++++++
sandbox/sandbox | 242 +++++++++++++++
sandbox/sandbox.8 | 26 +
sandbox/sandboxX.sh | 16 +
sandbox/seunshare |binary
sandbox/seunshare.c | 265 +++++++++++++++++
sandbox/seunshare.o |binary
scripts/Makefile | 2
scripts/chcat | 2
scripts/fixfiles | 28 -
scripts/fixfiles.8 | 17 -
semanage/semanage | 120 ++++++-
semanage/semanage.8 | 7
semanage/seobject.py | 393 ++++++++++++++++++++-----
semodule/semodule.8 | 6
semodule/semodule.c | 53 +++
setfiles/restore.c | 6
setfiles/restorecon.8 | 7
setfiles/setfiles.8 | 3
setfiles/setfiles.c | 6
39 files changed, 2042 insertions(+), 505 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.455
retrieving revision 1.456
diff -u -p -r1.455 -r1.456
--- policycoreutils-rhat.patch 16 Nov 2009 21:54:45 -0000 1.455
+++ policycoreutils-rhat.patch 18 Nov 2009 22:20:42 -0000 1.456
@@ -39,22 +39,13 @@ diff --exclude-from=exclude --exclude=se
# This is the default if no input is specified
f = sys.stdin
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.75/load_policy/Makefile
---- nsapolicycoreutils/load_policy/Makefile 2008-08-28 09:34:24.000000000 -0400
+--- nsapolicycoreutils/load_policy/Makefile 2009-11-18 17:06:03.000000000 -0500
+++ policycoreutils-2.0.75/load_policy/Makefile 2009-11-03 09:44:56.000000000 -0500
-@@ -1,6 +1,7 @@
- # Installation directories.
- PREFIX ?= ${DESTDIR}/usr
--SBINDIR ?= $(PREFIX)/sbin
-+SBINDIR ?= $(DESTDIR)/sbin
-+USRSBINDIR ?= $(PREFIX)/sbin
- MANDIR ?= $(PREFIX)/share/man
- LOCALEDIR ?= /usr/share/locale
-
-@@ -17,6 +18,8 @@
- install -m 755 $(TARGETS) $(SBINDIR)
+@@ -19,7 +19,7 @@
test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
install -m 644 load_policy.8 $(MANDIR)/man8/
-+ -mkdir -p $(USRSBINDIR)
+ -mkdir -p $(USRSBINDIR)
+- ln -sf /sbin/load_policy $(USRSBINDIR)/load_policy
+ ln -s /sbin/load_policy $(USRSBINDIR)/load_policy
clean:
@@ -2303,9 +2294,9 @@ diff --exclude-from=exclude --exclude=se
install: all
-mkdir -p $(BINDIR)
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.75/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2009-09-08 09:03:10.000000000 -0400
+--- nsapolicycoreutils/semanage/semanage 2009-11-18 17:06:03.000000000 -0500
+++ policycoreutils-2.0.75/semanage/semanage 2009-11-03 09:44:56.000000000 -0500
-@@ -39,19 +39,27 @@
+@@ -39,16 +39,25 @@
__builtin__.__dict__['_'] = unicode
if __name__ == '__main__':
@@ -2323,7 +2314,7 @@ diff --exclude-from=exclude --exclude=se
semanage [ -S store ] -i [ input_file | - ]
+semanage [ -S store ] -o [ output_file | - ]
--semanage {boolean|login|user|port|interface|node|fcontext|translation} -{l|D} [-n]
+-semanage {boolean|login|user|port|interface|node|fcontext} -{l|D} [-n]
+semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n]
semanage login -{a|d|m} [-sr] login_name | %groupname
semanage user -{a|d|m} [-LrRP] selinux_name
@@ -2332,11 +2323,8 @@ diff --exclude-from=exclude --exclude=se
+semanage module -{a|d|m} [--enable|--disable] module
semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
semanage fcontext -{a|d|m} [-frst] file_spec
--semanage translation -{a|d|m} [-T] level
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
- semanage permissive -{d|a} type
- semanage dontaudit [ on | off ]
-@@ -62,7 +70,9 @@
+@@ -61,7 +70,9 @@
-d, --delete Delete a OBJECT record NAME
-m, --modify Modify a OBJECT record NAME
-i, --input Input multiple semange commands in a transaction
@@ -2346,7 +2334,7 @@ diff --exclude-from=exclude --exclude=se
-C, --locallist List OBJECTS local customizations
-D, --deleteall Remove all OBJECTS local customizations
-@@ -85,14 +95,15 @@
+@@ -84,12 +95,15 @@
-F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
-M, --mask Netmask
@@ -2354,8 +2342,6 @@ diff --exclude-from=exclude --exclude=se
-P, --prefix Prefix for home directory labeling
-L, --level Default SELinux Level (MLS/MCS Systems only)
-R, --roles SELinux Roles (ex: "sysadm_r staff_r")
-- -T, --trans SELinux Level Translation (MLS/MCS Systems only)
--
-s, --seuser SELinux User Name
-t, --type SELinux Type for the object
-r, --range MLS/MCS Security Range (MLS/MCS Systems only)
@@ -2364,7 +2350,7 @@ diff --exclude-from=exclude --exclude=se
""")
raise ValueError("%s\n%s" % (text, message))
-@@ -104,7 +115,7 @@
+@@ -101,7 +115,7 @@
def get_options():
valid_option={}
@@ -2373,7 +2359,7 @@ diff --exclude-from=exclude --exclude=se
valid_option["login"] = []
valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
valid_option["user"] = []
-@@ -115,11 +126,11 @@
+@@ -112,8 +126,10 @@
valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
valid_option["node"] = []
valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
@@ -2383,12 +2369,9 @@ diff --exclude-from=exclude --exclude=se
- valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
valid_option["dontaudit"] = [ '-S', '--store' ]
-- valid_option["translation"] = []
-- valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = []
valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
- valid_option["permissive"] = []
-@@ -173,6 +184,8 @@
+@@ -168,6 +184,8 @@
return ret
def process_args(argv):
@@ -2397,15 +2380,7 @@ diff --exclude-from=exclude --exclude=se
serange = ""
port = ""
proto = ""
-@@ -180,7 +193,6 @@
- selevel = ""
- setype = ""
- ftype = ""
-- setrans = ""
- roles = ""
- seuser = ""
- prefix = "user"
-@@ -190,10 +202,14 @@
+@@ -184,10 +202,14 @@
modify = False
delete = False
deleteall = False
@@ -2420,11 +2395,11 @@ diff --exclude-from=exclude --exclude=se
object = argv[0]
option_dict=get_options()
-@@ -203,10 +219,14 @@
+@@ -197,10 +219,14 @@
args = argv[1:]
gopts, cmds = getopt.getopt(args,
-- '01adf:i:lhmnp:s:FCDR:L:r:t:T:P:S:M:',
+- '01adf:i:lhmnp:s:FCDR:L:r:t:P:S:M:',
+ '01adEe:f:i:lhmnp:s:FCDR:L:r:t:P:S:M:',
['add',
'delete',
@@ -2436,15 +2411,7 @@ diff --exclude-from=exclude --exclude=se
'ftype=',
'file',
'help',
-@@ -225,7 +245,6 @@
- 'level=',
- 'roles=',
- 'type=',
-- 'trans=',
- 'prefix=',
- 'mask='
- ])
-@@ -235,26 +254,42 @@
+@@ -228,26 +254,42 @@
for o,a in gopts:
if o == "-a" or o == "--add":
@@ -2494,7 +2461,7 @@ diff --exclude-from=exclude --exclude=se
if o == "-n" or o == "--noheading":
heading = False
-@@ -263,8 +298,7 @@
+@@ -256,8 +298,7 @@
locallist = True
if o == "-m"or o == "--modify":
@@ -2504,15 +2471,7 @@ diff --exclude-from=exclude --exclude=se
modify = True
if o == "-S" or o == '--store':
-@@ -297,14 +331,12 @@
- if o == "-t" or o == "--type":
- setype = a
-
-- if o == "-T" or o == "--trans":
-- setrans = a
--
- if o == "--on" or o == "-1":
- value = "on"
+@@ -295,6 +336,7 @@
if o == "--off" or o == "-0":
value = "off"
@@ -2520,20 +2479,18 @@ diff --exclude-from=exclude --exclude=se
if object == "login":
OBJECT = seobject.loginRecords(store)
-@@ -325,9 +357,10 @@
+@@ -315,6 +357,10 @@
if object == "boolean":
OBJECT = seobject.booleanRecords(store)
+ modify = True
-
-- if object == "translation":
-- OBJECT = seobject.setransRecords()
++
+ if object == "module":
+ OBJECT = seobject.moduleRecords(store)
if object == "permissive":
OBJECT = seobject.permissiveRecords(store)
-@@ -343,8 +376,13 @@
+@@ -330,8 +376,13 @@
OBJECT.deleteall()
return
@@ -2548,17 +2505,7 @@ diff --exclude-from=exclude --exclude=se
target = cmds[0]
-@@ -358,9 +396,6 @@
- if object == "login":
- OBJECT.add(target, seuser, serange)
-
-- if object == "translation":
-- OBJECT.add(target, setrans)
--
- if object == "user":
- OBJECT.add(target, roles.split(), selevel, serange, prefix)
-
-@@ -370,11 +405,17 @@
+@@ -354,11 +405,17 @@
if object == "interface":
OBJECT.add(target, serange, setype)
@@ -2577,14 +2524,7 @@ diff --exclude-from=exclude --exclude=se
if object == "permissive":
OBJECT.add(target)
-@@ -387,13 +428,18 @@
- if object == "login":
- OBJECT.modify(target, seuser, serange)
-
-- if object == "translation":
-- OBJECT.modify(target, setrans)
--
- if object == "user":
+@@ -375,6 +432,14 @@
rlist = roles.split()
OBJECT.modify(target, rlist, selevel, serange, prefix)
@@ -2599,7 +2539,7 @@ diff --exclude-from=exclude --exclude=se
if object == "port":
OBJECT.modify(target, proto, serange, setype)
-@@ -404,7 +450,10 @@
+@@ -385,7 +450,10 @@
OBJECT.modify(target, mask, proto, serange, setype)
if object == "fcontext":
@@ -2611,7 +2551,7 @@ diff --exclude-from=exclude --exclude=se
return
-@@ -423,12 +472,13 @@
+@@ -404,12 +472,13 @@
return
@@ -2626,7 +2566,7 @@ diff --exclude-from=exclude --exclude=se
input = None
store = ""
-@@ -436,7 +486,7 @@
+@@ -417,7 +486,7 @@
usage(_("Requires 2 or more arguments"))
gopts, cmds = getopt.getopt(sys.argv[1:],
@@ -2635,7 +2575,7 @@ diff --exclude-from=exclude --exclude=se
['add',
'delete',
'deleteall',
-@@ -450,6 +500,7 @@
+@@ -431,6 +500,7 @@
'localist',
'off',
'on',
@@ -2643,7 +2583,15 @@ diff --exclude-from=exclude --exclude=se
'proto=',
'seuser=',
'store=',
-@@ -465,6 +516,16 @@
+@@ -438,6 +508,7 @@
+ 'level=',
+ 'roles=',
+ 'type=',
++ 'trans=',
+ 'prefix='
+ ])
+ for o, a in gopts:
+@@ -445,6 +516,16 @@
store = a
if o == "-i" or o == '--input':
input = a
@@ -2660,7 +2608,7 @@ diff --exclude-from=exclude --exclude=se
if input != None:
if input == "-":
-@@ -474,6 +535,7 @@
+@@ -454,6 +535,7 @@
trans = seobject.semanageRecords(store)
trans.start()
for l in fd.readlines():
@@ -2668,8 +2616,39 @@ diff --exclude-from=exclude --exclude=se
process_args(mkargv(l))
trans.finish()
else:
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.75/semanage/semanage.8
+--- nsapolicycoreutils/semanage/semanage.8 2009-11-18 17:06:03.000000000 -0500
++++ policycoreutils-2.0.75/semanage/semanage.8 2009-11-03 09:21:41.000000000 -0500
+@@ -3,7 +3,7 @@
+ semanage \- SELinux Policy Management tool
+
+ .SH "SYNOPSIS"
+-.B semanage {boolean|login|user|port|interface|node|fcontext} \-{l|D} [\-n] [\-S store]
++.B semanage {boolean|login|user|port|interface|node|fcontext|translation} \-{l|D} [\-n] [\-S store]
+ .br
+ .B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] -F boolean | boolean_file
+ .br
+@@ -22,6 +22,8 @@
+ .B semanage permissive \-{a|d} type
+ .br
+ .B semanage dontaudit [ on | off ]
++.br
++.B semanage translation \-{a|d|m} [\-T] level
+ .P
+
+ .SH "DESCRIPTION"
+@@ -99,6 +101,9 @@
+ .TP
+ .I \-t, \-\-type
+ SELinux Type for the object
++.TP
++.I \-T, \-\-trans
++SELinux Translation
+
+ .SH EXAMPLE
+ .nf
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.75/semanage/seobject.py
---- nsapolicycoreutils/semanage/seobject.py 2009-09-08 09:03:10.000000000 -0400
+--- nsapolicycoreutils/semanage/seobject.py 2009-11-18 17:06:03.000000000 -0500
+++ policycoreutils-2.0.75/semanage/seobject.py 2009-11-16 16:52:53.000000000 -0500
@@ -37,40 +37,6 @@
@@ -2712,119 +2691,40 @@ diff --exclude-from=exclude --exclude=se
file_types = {}
file_types[""] = SEMANAGE_FCONTEXT_ALL;
file_types["all files"] = SEMANAGE_FCONTEXT_ALL;
-@@ -194,127 +160,152 @@
+@@ -194,44 +160,151 @@
return trans
else:
return raw
-
--class setransRecords:
-- def __init__(self):
-- self.filename = selinux.selinux_translations_path()
-- try:
-- fd = open(self.filename, "r")
-- translations = fd.readlines()
-- fd.close()
-- except IOError, e:
-- raise ValueError(_("Unable to open %s: translations not supported on non-MLS machines: %s") % (self.filename, e) )
--
-- self.ddict = {}
-- self.comments = []
-- for r in translations:
-- if len(r) == 0:
-- continue
-- i = r.strip()
-- if i == "" or i[0] == "#":
-- self.comments.append(r)
-- continue
-- i = i.split("=")
-- if len(i) != 2:
-- self.comments.append(r)
-- continue
-- if self.ddict.has_key(i[0]) == 0:
-- self.ddict[i[0]] = i[1]
-
-- def get_all(self):
-- return self.ddict
-+class semanageRecords:
++
+ class semanageRecords:
+- def __init__(self, store):
+ transaction = False
+ handle = None
-
-- def out(self):
-- rec = ""
-- for c in self.comments:
-- rec += c
-- keys = self.ddict.keys()
-- keys.sort()
-- for k in keys:
-- rec += "%s=%s\n" % (k, self.ddict[k])
-- return rec
--
-- def list(self, heading = 1, locallist = 0):
-- if heading:
-- print "\n%-25s %s\n" % (_("Level"), _("Translation"))
-- keys = self.ddict.keys()
-- keys.sort()
-- for k in keys:
-- print "%-25s %s" % (k, self.ddict[k])
--
-- def add(self, raw, trans):
-- if trans.find(" ") >= 0:
-- raise ValueError(_("Translations can not contain spaces '%s' ") % trans)
++
+ def __init__(self, store):
-+ global handle
-+
+ global handle
+
+- if handle != None:
+- self.sh = handle
+- else:
+- self.sh = get_handle(store)
+- self.transaction = False
+ self.sh = self.get_handle(store)
-
-- if validate_level(raw) == None:
-- raise ValueError(_("Invalid Level '%s' ") % raw)
--
-- if self.ddict.has_key(raw):
-- raise ValueError(_("%s already defined in translations") % raw)
-- else:
-- self.ddict[raw] = trans
-- self.save()
--
-- def modify(self, raw, trans):
-- if trans.find(" ") >= 0:
++
+ def get_handle(self, store):
+ global is_mls_enabled
-
-- raise ValueError(_("Translations can not contain spaces '%s' ") % trans)
-- if self.ddict.has_key(raw):
-- self.ddict[raw] = trans
-- else:
-- raise ValueError(_("%s not defined in translations") % raw)
-- self.save()
--
-- def delete(self, raw):
-- self.ddict.pop(raw)
-- self.save()
--
-- def save(self):
-- (fd, newfilename) = tempfile.mkstemp('', self.filename)
-- os.write(fd, self.out())
-- os.close(fd)
-- os.chmod(newfilename, os.stat(self.filename)[stat.ST_MODE])
-- os.rename(newfilename, self.filename)
-- os.system("/sbin/service mcstrans reload > /dev/null")
++
+ if semanageRecords.handle:
+ return semanageRecords.handle
-
--class semanageRecords:
-- def __init__(self, store):
-- global handle
++
+ handle = semanage_handle_create()
+ if not handle:
+ raise ValueError(_("Could not create semanage handle"))
+
+ if store != "":
+ semanage_select_store(handle, store, SEMANAGE_CON_DIRECT);
-
-- if handle != None:
-- self.sh = handle
-- else:
-- self.sh = get_handle(store)
-- self.transaction = False
++
+ if not semanage_is_managed(handle):
+ semanage_handle_destroy(handle)
+ raise ValueError(_("SELinux policy is not managed or store cannot be accessed."))
@@ -2882,8 +2782,8 @@ diff --exclude-from=exclude --exclude=se
raise ValueError(_("Semanage transaction not in progress"))
- self.transaction = False
+ semanageRecords.transaction = False
- self.commit()
-
++ self.commit()
++
+class moduleRecords(semanageRecords):
+ def __init__(self, store):
+ semanageRecords.__init__(self, store)
@@ -2947,18 +2847,17 @@ diff --exclude-from=exclude --exclude=se
+ if rc < 0 and rc != -2:
+ raise ValueError(_("Could not remove module %s (remove failed)") % m)
+
-+ self.commit()
+ self.commit()
+
+ def deleteall(self):
+ l = self.get_all()
+ if len(l) > 0:
+ all = " ".join(l[0])
+ self.delete(all)
-+
+
class dontauditClass(semanageRecords):
def __init__(self, store):
- semanageRecords.__init__(self, store)
-@@ -341,6 +332,7 @@
+@@ -259,6 +332,7 @@
name = semanage_module_get_name(mod)
if name and name.startswith("permissive_"):
l.append(name.split("permissive_")[1])
@@ -2966,7 +2865,7 @@ diff --exclude-from=exclude --exclude=se
return l
def list(self, heading = 1, locallist = 0):
-@@ -425,7 +417,9 @@
+@@ -343,7 +417,9 @@
if rc < 0:
raise ValueError(_("Could not check if login mapping for %s is defined") % name)
if exists:
@@ -2977,7 +2876,7 @@ diff --exclude-from=exclude --exclude=se
if name[0] == '%':
try:
grp.getgrnam(name[1:])
-@@ -557,6 +551,16 @@
+@@ -475,6 +551,16 @@
mylog.log(1, "delete SELinux user mapping", name);
@@ -2994,7 +2893,7 @@ diff --exclude-from=exclude --exclude=se
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -571,6 +575,15 @@
+@@ -489,6 +575,15 @@
ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u))
return ddict
@@ -3010,7 +2909,7 @@ diff --exclude-from=exclude --exclude=se
def list(self,heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -613,7 +626,8 @@
+@@ -531,7 +626,8 @@
if rc < 0:
raise ValueError(_("Could not check if SELinux user %s is defined") % name)
if exists:
@@ -3020,7 +2919,7 @@ diff --exclude-from=exclude --exclude=se
(rc, u) = semanage_user_create(self.sh)
if rc < 0:
-@@ -764,6 +778,16 @@
+@@ -682,6 +778,16 @@
mylog.log(1,"delete SELinux user record", name)
@@ -3037,7 +2936,7 @@ diff --exclude-from=exclude --exclude=se
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -784,6 +808,15 @@
+@@ -702,6 +808,15 @@
return ddict
@@ -3053,7 +2952,7 @@ diff --exclude-from=exclude --exclude=se
def list(self, heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -822,12 +855,16 @@
+@@ -740,12 +855,16 @@
low = int(ports[0])
high = int(ports[1])
@@ -3070,7 +2969,7 @@ diff --exclude-from=exclude --exclude=se
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -890,6 +927,7 @@
+@@ -808,6 +927,7 @@
self.commit()
def __modify(self, port, proto, serange, setype):
@@ -3078,7 +2977,7 @@ diff --exclude-from=exclude --exclude=se
if serange == "" and setype == "":
if is_mls_enabled == 1:
raise ValueError(_("Requires setype or serange"))
-@@ -1024,6 +1062,18 @@
+@@ -942,6 +1062,18 @@
ddict[(ctype,proto_str)].append("%d-%d" % (low, high))
return ddict
@@ -3097,7 +2996,7 @@ diff --exclude-from=exclude --exclude=se
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
-@@ -1040,7 +1090,8 @@
+@@ -958,7 +1090,8 @@
class nodeRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self,store)
@@ -3107,7 +3006,7 @@ diff --exclude-from=exclude --exclude=se
def __add(self, addr, mask, proto, serange, ctype):
if addr == "":
raise ValueError(_("Node Address is required"))
-@@ -1048,14 +1099,11 @@
+@@ -966,14 +1099,11 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3125,7 +3024,7 @@ diff --exclude-from=exclude --exclude=se
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -1073,7 +1121,8 @@
+@@ -991,7 +1121,8 @@
(rc, exists) = semanage_node_exists(self.sh, k)
if exists:
@@ -3135,7 +3034,7 @@ diff --exclude-from=exclude --exclude=se
(rc, node) = semanage_node_create(self.sh)
if rc < 0:
-@@ -1120,7 +1169,7 @@
+@@ -1038,7 +1169,7 @@
def add(self, addr, mask, proto, serange, ctype):
self.begin()
@@ -3144,7 +3043,7 @@ diff --exclude-from=exclude --exclude=se
self.commit()
def __modify(self, addr, mask, proto, serange, setype):
-@@ -1129,13 +1178,10 @@
+@@ -1047,13 +1178,10 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3162,7 +3061,7 @@ diff --exclude-from=exclude --exclude=se
if serange == "" and setype == "":
raise ValueError(_("Requires setype or serange"))
-@@ -1180,11 +1226,9 @@
+@@ -1098,11 +1226,9 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3177,7 +3076,7 @@ diff --exclude-from=exclude --exclude=se
raise ValueError(_("Unknown or missing protocol"))
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
-@@ -1214,6 +1258,16 @@
+@@ -1132,6 +1258,16 @@
self.__delete(addr, mask, proto)
self.commit()
@@ -3194,7 +3093,7 @@ diff --exclude-from=exclude --exclude=se
def get_all(self, locallist = 0):
ddict = {}
if locallist :
-@@ -1227,15 +1281,20 @@
+@@ -1145,15 +1281,20 @@
con = semanage_node_get_con(node)
addr = semanage_node_get_addr(self.sh, node)
mask = semanage_node_get_mask(self.sh, node)
@@ -3220,7 +3119,7 @@ diff --exclude-from=exclude --exclude=se
def list(self, heading = 1, locallist = 0):
if heading:
print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
-@@ -1275,7 +1334,8 @@
+@@ -1193,7 +1334,8 @@
if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface)
if exists:
@@ -3230,7 +3129,7 @@ diff --exclude-from=exclude --exclude=se
(rc, iface) = semanage_iface_create(self.sh)
if rc < 0:
-@@ -1389,6 +1449,16 @@
+@@ -1307,6 +1449,16 @@
self.__delete(interface)
self.commit()
@@ -3247,7 +3146,7 @@ diff --exclude-from=exclude --exclude=se
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -1404,6 +1474,15 @@
+@@ -1322,6 +1474,15 @@
return ddict
@@ -3263,7 +3162,7 @@ diff --exclude-from=exclude --exclude=se
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
-@@ -1420,6 +1499,48 @@
+@@ -1338,6 +1499,48 @@
class fcontextRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@@ -3312,7 +3211,7 @@ diff --exclude-from=exclude --exclude=se
def createcon(self, target, seuser = "system_u"):
(rc, con) = semanage_context_create(self.sh)
-@@ -1446,6 +1567,8 @@
+@@ -1364,6 +1567,8 @@
def validate(self, target):
if target == "" or target.find("\n") >= 0:
raise ValueError(_("Invalid file specification"))
@@ -3321,7 +3220,7 @@ diff --exclude-from=exclude --exclude=se
def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
self.validate(target)
-@@ -1470,7 +1593,8 @@
+@@ -1388,7 +1593,8 @@
raise ValueError(_("Could not check if file context for %s is defined") % target)
if exists:
@@ -3331,7 +3230,7 @@ diff --exclude-from=exclude --exclude=se
(rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0:
-@@ -1586,9 +1710,16 @@
+@@ -1504,9 +1710,16 @@
raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k)
@@ -3348,7 +3247,7 @@ diff --exclude-from=exclude --exclude=se
(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
if rc < 0:
raise ValueError(_("Could not create a key for %s") % target)
-@@ -1643,12 +1774,22 @@
+@@ -1561,12 +1774,22 @@
return ddict
@@ -3373,7 +3272,7 @@ diff --exclude-from=exclude --exclude=se
for k in keys:
if fcon_dict[k]:
if is_mls_enabled:
-@@ -1794,6 +1935,16 @@
+@@ -1712,6 +1935,16 @@
else:
return _("unknown")
@@ -3609,3 +3508,9 @@ diff --exclude-from=exclude --exclude=se
argv[0]);
exit(1);
}
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/VERSION policycoreutils-2.0.75/VERSION
+--- nsapolicycoreutils/VERSION 2009-11-18 17:06:03.000000000 -0500
++++ policycoreutils-2.0.75/VERSION 2009-11-03 09:21:41.000000000 -0500
+@@ -1 +1 @@
+-2.0.76
++2.0.75
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.659
retrieving revision 1.660
diff -u -p -r1.659 -r1.660
--- policycoreutils.spec 16 Nov 2009 21:54:45 -0000 1.659
+++ policycoreutils.spec 18 Nov 2009 22:20:43 -0000 1.660
@@ -5,8 +5,8 @@
%define sepolgenver 1.0.17
Summary: SELinux policy core utilities
Name: policycoreutils
-Version: 2.0.75
-Release: 3%{?dist}
+Version: 2.0.76
+Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -296,6 +296,12 @@ fi
exit 0
%changelog
+* Wed Nov 18 2009 Dan Walsh <dwalsh at redhat.com> 2.0.76-1
+- Update to upstream
+ * Remove setrans management from semanage, as it does not work
+ from Dan Walsh.
+ * Move load_policy from /usr/sbin to /sbin from Dan Walsh.
+
* Mon Nov 16 2009 Dan Walsh <dwalsh at redhat.com> 2.0.75-3
- Raise exception if user tries to add file context with an embedded space
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/sources,v
retrieving revision 1.214
retrieving revision 1.215
diff -u -p -r1.214 -r1.215
--- sources 16 Nov 2009 22:00:15 -0000 1.214
+++ sources 18 Nov 2009 22:20:44 -0000 1.215
@@ -1,3 +1,2 @@
480cc64a050735fa1163a87dc89c4f49 sepolgen-1.0.17.tgz
-3798f448cdc084e535507f0eee209fc7 policycoreutils-2.0.75.tgz
-59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
+0762f1174561dacad12bc9b30aa12307 policycoreutils-2.0.76.tgz
- Previous message (by thread): rpms/libsemanage/devel .cvsignore, 1.107, 1.108 libsemanage-rhat.patch, 1.58, 1.59 libsemanage.spec, 1.189, 1.190 sources, 1.110, 1.111
- Next message (by thread): rpms/selinux-policy/F-12 policy-F12.patch, 1.135, 1.136 selinux-policy.spec, 1.967, 1.968
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list