From 5b8c007d5a1553d2a585ec38bbafec0279d1aeb9 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mar 29 2007 16:16:45 +0000 Subject: * Thu Mar 29 2007 Dan Walsh 2.0.7-7 - Many fixes to polgengui --- diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index 66c64b7..ff981b7 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.7/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,202 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -206,7 +206,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli + commands.getstatusoutput(setsebool) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.7/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,185 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -395,7 +395,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli + self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls)) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.7/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,173 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -572,7 +572,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.7/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/Makefile 2007-03-01 17:37:41.000000000 -0500 ++++ policycoreutils-2.0.7/gui/Makefile 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,30 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -606,7 +606,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +relabel: diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.7/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/mappingsPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/mappingsPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,54 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -664,7 +664,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.7/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/modulesPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/modulesPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,170 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -838,8 +838,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.7/gui/polgen.glade --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/polgen.glade 2007-03-19 10:45:44.000000000 -0400 -@@ -0,0 +1,1107 @@ ++++ policycoreutils-2.0.7/gui/polgen.glade 2007-03-29 12:10:32.000000000 -0400 +@@ -0,0 +1,1127 @@ + + + @@ -1387,11 +1387,31 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + 0 + + ++ ++ True ++ Application generates temporary files in /tmp or /var/tmp. ++ True ++ Uses syslog ++ True ++ GTK_RELIEF_NORMAL ++ True ++ False ++ False ++ True ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ + + True -+ Generates temporary files in /tmp or /var/tmp. ++ Application generates temporary files in /tmp or /var/tmp. + True -+ Uses Tmp Files ++ Uses /tmp + True + GTK_RELIEF_NORMAL + True @@ -1407,11 +1427,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + + + -+ ++ + True -+ Check this box if your application uses UIDs or GIDs. ++ Application uses pam for authentication. + True -+ Translates UIDs/GIDs ++ Uses Pam + True + GTK_RELIEF_NORMAL + True @@ -1427,11 +1447,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + + + -+ ++ + True -+ Check this box it your application uses pam for authentication. ++ Application uses/translates UIDs or GIDs. + True -+ Supports Pam ++ Translates UIDs/GIDs + True + GTK_RELIEF_NORMAL + True @@ -1949,8 +1969,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.7/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/polgengui.py 2007-03-17 12:13:24.000000000 -0400 -@@ -0,0 +1,207 @@ ++++ policycoreutils-2.0.7/gui/polgengui.py 2007-03-29 12:10:27.000000000 -0400 +@@ -0,0 +1,211 @@ +#!/usr/bin/python +# +# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux @@ -2062,8 +2082,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + my_policy.set_in_udp(self.in_udp_entry.get_text()) + my_policy.set_out_tcp(self.out_tcp_entry.get_text()) + my_policy.set_out_udp(self.out_udp_entry.get_text()) ++ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1) + my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1) + my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1) ++ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1) + + iter= self.store.get_iter_first() + while(iter): @@ -2135,6 +2157,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + self.out_udp_entry = self.xml.get_widget("out_udp_entry") + self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton") + self.uid_checkbutton = self.xml.get_widget("uid_checkbutton") ++ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton") ++ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton") + self.view = self.xml.get_widget("write_treeview") + self.file_dialog = self.xml.get_widget("filechooserdialog") + self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT) @@ -2160,8 +2184,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/polgen.py 2007-03-17 12:13:24.000000000 -0400 -@@ -0,0 +1,410 @@ ++++ policycoreutils-2.0.7/gui/polgen.py 2007-03-29 12:10:22.000000000 -0400 +@@ -0,0 +1,437 @@ +#! /usr/bin/python +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -2247,6 +2271,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.out_udp = [] + self.use_tmp = False + self.use_uid = False ++ self.use_pam = False ++ self.use_syslog = False + self.files = {} + self.dirs = {} + self.found_tcp_ports=[] @@ -2287,9 +2313,21 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + def set_out_udp(self, ports): + self.out_udp = self.__verify_ports(ports) + ++ def set_use_syslog(self, val): ++ if val != True and val != False: ++ raise ValueError(_("use_syslog must be a boolean value ")) ++ ++ self.use_syslog = val ++ ++ def set_use_pam(self, val): ++ if val != True and val != False: ++ raise ValueError(_("use_pam must be a boolean value ")) ++ ++ self.use_pam = val ++ + def set_use_tmp(self, val): + if val != True and val != False: -+ raise ValueError(_("use_uid must be a boolean value ")) ++ raise ValueError(_("use_tmp must be a boolean value ")) + + self.DEFAULT_DIRS["tmp"][1] = val; + @@ -2300,7 +2338,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.use_uid = val + + def generate_uid_rules(self): -+ return re.sub("TEMPLATETYPE", self.name, executbale.te_uid_rules) ++ return re.sub("TEMPLATETYPE", self.name, executable.te_uid_rules) ++ def generate_syslog_rules(self): ++ return re.sub("TEMPLATETYPE", self.name, executable.te_syslog_rules) ++ ++ def generate_pam_rules(self): ++ return re.sub("TEMPLATETYPE", self.name, executable.te_pam_rules) ++ + def generate_network_types(self): + for i in self.in_tcp: + rec = self.find_port(int(i)) @@ -2354,7 +2398,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + def generate_network_rules(self): + newte = "" + tcp = len(self.in_tcp) + len(self.out_tcp) -+ udp = len(self.in_tcp) + len(self.out_tcp) ++ udp = len(self.in_udp) + len(self.out_tcp) + + if tcp > 0 or udp > 0: + newte = "\n" @@ -2363,9 +2407,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + + if tcp > 0: + newte += "\n" -+ if self.need_tcp_type: -+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp) + newte += re.sub("TEMPLATETYPE", self.name, network.te_tcp) ++ if self.need_tcp_type and len(self.out_tcp) > 0: ++ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_need_port_tcp) ++ if self.need_tcp_type and len(self.in_tcp) > 0: ++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp) + if len(self.in_tcp) > 0: + newte += re.sub("TEMPLATETYPE", self.name, network.te_in_tcp) + for i in self.found_tcp_ports: @@ -2373,11 +2419,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + + if udp > 0: + newte += "\n" -+ if self.need_udp_type: -+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp) + newte += re.sub("TEMPLATETYPE", self.name, network.te_udp) -+ if len(self.in_udp) > 0: ++ if self.need_udp_type and len(self.in_udp) > 0: + newte += re.sub("TEMPLATETYPE", self.name, network.te_in_udp) ++ if len(self.in_udp) > 0: ++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp) + for i in self.found_udp_ports: + newte += i + return newte @@ -2435,9 +2481,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules) + + return newif -+ if self.use_uid: -+ newte += self.generate_uid_rules() -+ newte += re.sub("TEMPLATETYPE", self.name, executbale.te_daemon_rules) + + def generate_default_types(self): + return self.DEFAULT_TYPES[self.type][0]() @@ -2466,6 +2509,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + if self.use_tmp: + newte += self.generate_tmp_rules() + ++ if self.use_uid: ++ newte += self.generate_uid_rules() ++ ++ if self.use_syslog: ++ newte += self.generate_syslog_rules() ++ ++ if self.use_pam: ++ newte += self.generate_pam_rules() ++ + return newte + + def generate_fc(self): @@ -2550,12 +2602,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + +if __name__ == '__main__': + mypolicy = policy("cgi", "/var/www/cgi-bin/cgi", 3) -+ mypolicy.set_out_udp("80") -+ mypolicy.set_in_udp("80, 81") -+ mypolicy.set_out_tcp("881") + mypolicy.set_in_tcp("8810") + mypolicy.set_use_uid(True) + mypolicy.set_use_tmp(True) ++ mypolicy.set_use_syslog(True) ++ mypolicy.set_use_pam(True) + mypolicy.add_file("/var/run/daemon.pid") + mypolicy.add_file("/var/run/daemon.pub") + mypolicy.add_file("/var/log/daemon.log") @@ -2574,7 +2625,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.7/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/portsPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/portsPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,227 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2805,7 +2856,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.7/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/selinux.tbl 2007-03-12 20:35:38.000000000 -0400 ++++ policycoreutils-2.0.7/gui/selinux.tbl 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,265 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow") @@ -3074,7 +3125,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon") diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.7/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/semanagePage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/semanagePage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,115 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -3193,7 +3244,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.7/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/statusPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/statusPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,219 @@ +## statusPage.py - show selinux status +## Copyright (C) 2006 Red Hat, Inc. @@ -3416,7 +3467,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.7/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-03-17 12:12:49.000000000 -0400 ++++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,2885 @@ + + @@ -6303,10 +6354,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + + -Binary files nsapolicycoreutils/gui/system-config-selinux.png and policycoreutils-2.0.7/gui/system-config-selinux.png differ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.7/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/system-config-selinux.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/system-config-selinux.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,167 @@ +#!/usr/bin/python +# @@ -6477,8 +6527,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.7/gui/templates/executable.py --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/executable.py 2007-03-17 12:13:32.000000000 -0400 -@@ -0,0 +1,150 @@ ++++ policycoreutils-2.0.7/gui/templates/executable.py 2007-03-29 12:11:05.000000000 -0400 +@@ -0,0 +1,156 @@ +#! /usr/bin/env python +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -6557,7 +6607,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +# +# TEMPLATETYPE local policy +# -+# Check in /usr/share/selinux/devel/include for macros to use instead of allow rules. + +# Init script handling +init_use_fds(TEMPLATETYPE_t) @@ -6568,7 +6617,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +allow TEMPLATETYPE_t self:fifo_file rw_file_perms; +allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms; + -+# Some common macros (you might be able to remove some) +files_read_etc_files(TEMPLATETYPE_t) + +libs_use_ld_so(TEMPLATETYPE_t) @@ -6596,67 +6644,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +auth_use_nsswitch(TEMPLATETYPE_t) +""" + -+########################### Interface File ############################# -+if_rules=""" -+## policy for TEMPLATETYPE -+ -+######################################## -+## -+## Execute a domain transition to run TEMPLATETYPE. -+## -+## -+## -+## Domain allowed to transition. -+## -+## -+# -+interface(`TEMPLATETYPE_domtrans',` -+ gen_require(` -+ type TEMPLATETYPE_t, TEMPLATETYPE_exec_t; -+ ') -+ -+ domain_auto_trans($1,TEMPLATETYPE_exec_t,TEMPLATETYPE_t) -+ -+ allow TEMPLATETYPE_t $1:fd use; -+ allow TEMPLATETYPE_t $1:fifo_file rw_file_perms; -+ allow TEMPLATETYPE_t $1:process sigchld; -+') ++te_syslog_rules=""" ++logging_send_syslog_msg(TEMPLATETYPE_t) +""" + -+########################### File Context ################################## -+fc_file="""\ -+ -+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0) ++te_pam_rules=""" ++auth_domtrans_chk_passwd(TEMPLATETYPE_t) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/general.py policycoreutils-2.0.7/gui/templates/general.py ---- nsapolicycoreutils/gui/templates/general.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/general.py 2007-03-17 12:13:32.000000000 -0400 -@@ -0,0 +1,195 @@ -+#! /usr/bin/env python -+# Copyright (C) 2007 Red Hat -+# see file 'COPYING' for use and warranty information -+# -+# policygentool is a tool for the initial generation of SELinux policy -+# -+# This program is free software; you can redistribute it and/or -+# modify it under the terms of the GNU General Public License as -+# published by the Free Software Foundation; either version 2 of -+# the License, or (at your option) any later version. -+# -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+# 02111-1307 USA -+# -+# +########################### Interface File ############################# -+interface="""\ ++if_rules=""" +## policy for TEMPLATETYPE + +######################################## @@ -6682,155 +6679,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/general.py +') +""" + -+########################### Type Enforcement File ############################# -+te_daemon_types="""\ -+policy_module(TEMPLATETYPE,1.0.0) -+ -+######################################## -+# -+# Declarations -+# -+ -+type TEMPLATETYPE_t; -+type TEMPLATETYPE_exec_t; -+domain_type(TEMPLATETYPE_t) -+init_daemon_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t) -+""" -+te_var_log_types=""" -+# log files -+type TEMPLATETYPE_var_log_t; -+logging_log_file(TEMPLATETYPE_var_log_t) -+""" -+ -+te_tmp_types=""" -+# log files -+type TEMPLATETYPE_tmp_t; -+logging_log_file(TEMPLATETYPE_tmp_t) -+""" -+ -+te_var_run_types=""" -+# pid files -+type TEMPLATETYPE_var_run_t; -+files_pid_file(TEMPLATETYPE_var_run_t) -+""" -+te_var_lib_types=""" -+# var/lib files -+type TEMPLATETYPE_var_lib_t; -+files_type(TEMPLATETYPE_var_lib_t) -+""" -+te_sep=""" -+######################################## -+# -+# TEMPLATETYPE local policy -+# -+# Check in /usr/share/selinux/devel/include for macros to use instead of allow rules. -+ -+## internal communication is often done using fifo and unix sockets. -+allow TEMPLATETYPE_t self:fifo_file rw_file_perms; -+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms; -+ -+# Some common macros (you might be able to remove some) -+files_read_etc_files(TEMPLATETYPE_t) -+ -+libs_use_ld_so(TEMPLATETYPE_t) -+libs_use_shared_libs(TEMPLATETYPE_t) -+ -+miscfiles_read_localization(TEMPLATETYPE_t) -+ -+""" -+ -+te_var_run_rules=""" -+# pid file -+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:file manage_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir rw_dir_perms; -+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, { file sock_file }) -+""" -+ -+te_tmp_rules=""" -+# tmp files -+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:file manage_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:dir create_dir_perms; -+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_tmp_t, { file dir }) -+""" -+ -+te_var_log_rules=""" -+# log files -+allow TEMPLATETYPE_t TEMPLATETYPE_var_log_t:file create_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_var_log_t:dir { rw_dir_perms setattr }; -+logging_log_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_log_t,{ file dir }) -+""" -+ -+te_var_lib_rules=""" -+# var/lib files for TEMPLATETYPE -+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file create_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file create_file_perms; -+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir create_dir_perms; -+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir sock_file }) -+""" -+ -+te_network=""" -+# Default Networking -+sysnet_dns_name_resolve(TEMPLATETYPE_t) -+corenet_non_ipsec_sendrecv(TEMPLATETYPE_t) -+""" -+ -+te_tcp=""" -+corenet_tcp_sendrecv_all_if(TEMPLATETYPE_t) -+corenet_tcp_sendrecv_all_nodes(TEMPLATETYPE_t) -+corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t) -+""" -+ -+te_in_tcp=""" -+## Networking basics (adjust to your needs!) -+corenet_tcp_bind_all_nodes(TEMPLATETYPE_t) -+allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms; -+""" -+ -+te_out_tcp=""" -+""" -+ -+te_udp=""" -+corenet_udp_sendrecv_all_if(TEMPLATETYPE_t) -+corenet_udp_sendrecv_all_nodes(TEMPLATETYPE_t) -+corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t) -+""" -+ -+te_in_udp=""" -+corenet_udp_bind_all_ports(TEMPLATETYPE_t) -+allow TEMPLATETYPE_t self:udp_socket create_socket_perms; -+""" -+ -+te_out_udp=""" -+""" -+ -+te_daemon_rules=""" -+# Init script handling -+init_use_fds(TEMPLATETYPE_t) -+init_use_script_ptys(TEMPLATETYPE_t) -+domain_use_interactive_fds(TEMPLATETYPE_t) -+""" -+ -+te_uid_rules=""" -+auth_use_nsswitch(TEMPLATETYPE_t) -+""" -+ +########################### File Context ################################## -+fc_program="""\ ++fc_file="""\ + +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0) +""" + -+fc_file="""\ -+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_FILETYPE_t,s0) -+""" -+ -+fc_dir="""\ -+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_FILETYPE_t,s0) -+""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.7/gui/templates/__init__.py --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/__init__.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/__init__.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,18 @@ +# +# Copyright (C) 2007 Red Hat, Inc. @@ -6852,7 +6709,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.7/gui/templates/network.py --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/network.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/network.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,46 @@ +te_port_types="""\ +# Default Networking @@ -6902,7 +6759,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.7/gui/templates/rw.py --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/rw.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/rw.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,106 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7012,7 +6869,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.7/gui/templates/script.py --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/script.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/script.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,42 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7045,7 +6902,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py +""" + +restorecon="""\ -+restorecon -R -v FILENAME ++restorecon -F -R -v FILENAME +""" + +tcp_ports="""\ @@ -7058,7 +6915,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.7/gui/templates/semodule.py --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/semodule.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/semodule.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,41 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7103,7 +6960,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.7/gui/templates/tmp.py --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/tmp.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/tmp.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,74 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7181,7 +7038,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.7/gui/templates/var_lib.py --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/var_lib.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/var_lib.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,107 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7292,7 +7149,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.7/gui/templates/var_log.py --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/var_log.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/var_log.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,91 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7387,7 +7244,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.7/gui/templates/var_run.py --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/var_run.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/var_run.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,93 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7484,7 +7341,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py + diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.7/gui/templates/var_spool.py --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/templates/var_spool.py 2007-03-17 12:13:32.000000000 -0400 ++++ policycoreutils-2.0.7/gui/templates/var_spool.py 2007-03-29 12:11:05.000000000 -0400 @@ -0,0 +1,107 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -7595,7 +7452,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +""" diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.7/gui/translationsPage.py --- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/translationsPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/translationsPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,111 @@ +## translationsPage.py - show selinux translations +## Copyright (C) 2006 Red Hat, Inc. @@ -7710,7 +7567,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py + self.store.set_value(iter, 1, translation) diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.7/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/usersPage.py 2007-03-17 12:13:24.000000000 -0400 ++++ policycoreutils-2.0.7/gui/usersPage.py 2007-03-23 09:03:56.000000000 -0400 @@ -0,0 +1,166 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 4295155..7a593d0 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-2.0.7/audit2allow/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/Makefile policycoreutils-2.0.7/audit2allow/Makefile --- nsapolicycoreutils/audit2allow/Makefile 2007-02-07 12:11:49.000000000 -0500 -+++ policycoreutils-2.0.7/audit2allow/Makefile 2007-03-22 16:55:49.000000000 -0400 ++++ policycoreutils-2.0.7/audit2allow/Makefile 2007-03-23 09:03:56.000000000 -0400 @@ -1,6 +1,6 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -9,19 +9,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po LIBDIR ?= $(PREFIX)/lib MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.7/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.7/Makefile --- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500 -+++ policycoreutils-2.0.7/Makefile 2007-03-01 17:37:41.000000000 -0500 ++++ policycoreutils-2.0.7/Makefile 2007-03-23 09:03:56.000000000 -0400 @@ -1,4 +1,4 @@ -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui all install relabel clean indent: @for subdir in $(SUBDIRS); do \ -Binary files nsapolicycoreutils/restorecon/restorecon and policycoreutils-2.0.7/restorecon/restorecon differ -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-2.0.7/restorecon/restorecon.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-2.0.7/restorecon/restorecon.c --- nsapolicycoreutils/restorecon/restorecon.c 2006-11-16 17:14:26.000000000 -0500 -+++ policycoreutils-2.0.7/restorecon/restorecon.c 2007-03-22 17:33:57.000000000 -0400 ++++ policycoreutils-2.0.7/restorecon/restorecon.c 2007-03-23 09:03:56.000000000 -0400 @@ -336,8 +336,8 @@ if (!file_exist && errno == ENOENT) return; @@ -33,10 +32,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po errors++; } } -Binary files nsapolicycoreutils/restorecon/restorecon.o and policycoreutils-2.0.7/restorecon/restorecon.o differ -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.7/restorecond/restorecond.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.7/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2007-02-22 08:53:22.000000000 -0500 -+++ policycoreutils-2.0.7/restorecond/restorecond.c 2007-03-01 17:37:41.000000000 -0500 ++++ policycoreutils-2.0.7/restorecond/restorecond.c 2007-03-23 09:03:56.000000000 -0400 @@ -210,9 +210,10 @@ } @@ -63,9 +61,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po } free(scontext); close(fd); -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.7/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.7/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500 -+++ policycoreutils-2.0.7/restorecond/restorecond.conf 2007-03-01 17:37:41.000000000 -0500 ++++ policycoreutils-2.0.7/restorecond/restorecond.conf 2007-03-23 09:03:56.000000000 -0400 @@ -1,7 +1,10 @@ /etc/resolv.conf +/etc/localtime @@ -77,9 +75,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po +/etc/lvm/.cache ~/public_html ~/.mozilla/plugins/libflashplayer.so -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.7/restorecond/restorecond.init +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.7/restorecond/restorecond.init --- nsapolicycoreutils/restorecond/restorecond.init 2007-03-01 17:23:40.000000000 -0500 -+++ policycoreutils-2.0.7/restorecond/restorecond.init 2007-03-14 11:07:15.000000000 -0400 ++++ policycoreutils-2.0.7/restorecond/restorecond.init 2007-03-23 09:03:56.000000000 -0400 @@ -73,6 +73,7 @@ ;; status) @@ -88,9 +86,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po ;; restart|reload) restart -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.7/scripts/chcat +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.7/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2007-02-22 08:53:22.000000000 -0500 -+++ policycoreutils-2.0.7/scripts/chcat 2007-03-01 17:37:41.000000000 -0500 ++++ policycoreutils-2.0.7/scripts/chcat 2007-03-23 09:03:56.000000000 -0400 @@ -74,9 +74,11 @@ if i not in cats: cats.append(i) @@ -122,9 +120,21 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po if add_ind: cmd = "semanage login -a -r %s -s %s %s" % (new_serange, user[0], u) else: -diff --exclude-from=exclude --exclude=sepolgen-1.0.4 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.7/semanage/seobject.py +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.7/scripts/fixfiles +--- nsapolicycoreutils/scripts/fixfiles 2007-01-11 08:56:30.000000000 -0500 ++++ policycoreutils-2.0.7/scripts/fixfiles 2007-03-23 14:24:15.000000000 -0400 +@@ -138,7 +138,7 @@ + exit $? + fi + LogReadOnly +-${SETFILES} ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE ++${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE + exit $? + } + +diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.7/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2007-02-22 08:53:22.000000000 -0500 -+++ policycoreutils-2.0.7/semanage/seobject.py 2007-03-12 20:44:29.000000000 -0400 ++++ policycoreutils-2.0.7/semanage/seobject.py 2007-03-23 09:03:56.000000000 -0400 @@ -209,6 +209,7 @@ os.write(fd, self.out()) os.close(fd) diff --git a/policycoreutils.spec b/policycoreutils.spec index cb0c716..4ff277c 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities. Name: policycoreutils Version: 2.0.7 -Release: 6%{?dist} +Release: 7%{?dist} License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then fi %changelog +* Thu Mar 29 2007 Dan Walsh 2.0.7-7 +- Many fixes to polgengui + * Fri Mar 23 2007 Dan Walsh 2.0.7-6 - Updated version of sepolgen * Merged patch to discard self from types when generating requires from Karl MacMillan.