|
|
b2c4c6f |
From 39a28c23990f667ef1dc50c3fe6d0ca79a7e793d Mon Sep 17 00:00:00 2001
|
|
|
b2c4c6f |
From: Vit Mojzis <vmojzis@redhat.com>
|
|
|
b2c4c6f |
Date: Fri, 29 Jun 2018 10:31:18 +0200
|
|
|
d570700 |
Subject: [PATCH 2/2] Do not export/use setools.InfoFlowAnalysis and
|
|
|
d570700 |
setools.DomainTransitionAnalysis
|
|
|
d570700 |
|
|
|
d570700 |
dta and infoflow modules require networkx which brings lot of dependencies.
|
|
|
d570700 |
These dependencies are not necessary for setools module itself as it's
|
|
|
d570700 |
used in policycoreutils.
|
|
|
d570700 |
|
|
|
d570700 |
Therefore it's better to use setools.infoflow.InfoFlowAnalysis and
|
|
|
d570700 |
setools.dta.DomainTransitionAnalysis and let the package containing
|
|
|
d570700 |
sedta and seinfoflow to require python3-networkx
|
|
|
d570700 |
---
|
|
|
b2c4c6f |
sedta | 4 ++--
|
|
|
d570700 |
seinfoflow | 3 ++-
|
|
|
d570700 |
setools/__init__.py | 4 ++--
|
|
|
d570700 |
setoolsgui/apol/dta.py | 2 +-
|
|
|
d570700 |
setoolsgui/apol/infoflow.py | 2 +-
|
|
|
b2c4c6f |
tests/dta.py | 2 +-
|
|
|
b2c4c6f |
tests/infoflow.py | 2 +-
|
|
|
b2c4c6f |
7 files changed, 10 insertions(+), 9 deletions(-)
|
|
|
d570700 |
|
|
|
d570700 |
diff --git a/sedta b/sedta
|
|
|
b2c4c6f |
index 84820b0..8c380ab 100755
|
|
|
d570700 |
--- a/sedta
|
|
|
d570700 |
+++ b/sedta
|
|
|
b2c4c6f |
@@ -21,7 +21,7 @@ import sys
|
|
|
b2c4c6f |
import argparse
|
|
|
d570700 |
import logging
|
|
|
d570700 |
|
|
|
b2c4c6f |
-import setools
|
|
|
d570700 |
+import setools.dta
|
|
|
d570700 |
|
|
|
d570700 |
|
|
|
d570700 |
def print_transition(trans):
|
|
|
b2c4c6f |
@@ -110,7 +110,7 @@ else:
|
|
|
d570700 |
|
|
|
d570700 |
try:
|
|
|
d570700 |
p = setools.SELinuxPolicy(args.policy)
|
|
|
d570700 |
- g = setools.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
|
|
d570700 |
+ g = setools.dta.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
|
|
d570700 |
|
|
|
d570700 |
if args.shortest_path or args.all_paths:
|
|
|
d570700 |
if args.shortest_path:
|
|
|
d570700 |
diff --git a/seinfoflow b/seinfoflow
|
|
|
b2c4c6f |
index 3ec05ca..89764fe 100755
|
|
|
d570700 |
--- a/seinfoflow
|
|
|
d570700 |
+++ b/seinfoflow
|
|
|
b2c4c6f |
@@ -18,6 +18,7 @@
|
|
|
b2c4c6f |
#
|
|
|
d570700 |
|
|
|
d570700 |
import setools
|
|
|
d570700 |
+import setools.infoflow
|
|
|
d570700 |
import argparse
|
|
|
d570700 |
import sys
|
|
|
d570700 |
import logging
|
|
|
b2c4c6f |
@@ -78,7 +79,7 @@ else:
|
|
|
d570700 |
try:
|
|
|
d570700 |
p = setools.SELinuxPolicy(args.policy)
|
|
|
d570700 |
m = setools.PermissionMap(args.map)
|
|
|
d570700 |
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
|
|
d570700 |
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude)
|
|
|
d570700 |
|
|
|
d570700 |
if args.shortest_path or args.all_paths:
|
|
|
d570700 |
if args.shortest_path:
|
|
|
d570700 |
diff --git a/setools/__init__.py b/setools/__init__.py
|
|
|
b2c4c6f |
index a84c846..cbb2a00 100644
|
|
|
d570700 |
--- a/setools/__init__.py
|
|
|
d570700 |
+++ b/setools/__init__.py
|
|
|
d570700 |
@@ -74,11 +74,11 @@ from .pcideviceconquery import PcideviceconQuery
|
|
|
d570700 |
from .devicetreeconquery import DevicetreeconQuery
|
|
|
d570700 |
|
|
|
d570700 |
# Information Flow Analysis
|
|
|
d570700 |
-from .infoflow import InfoFlowAnalysis
|
|
|
b2c4c6f |
+#from .infoflow import InfoFlowAnalysis
|
|
|
d570700 |
from .permmap import PermissionMap
|
|
|
d570700 |
|
|
|
d570700 |
# Domain Transition Analysis
|
|
|
d570700 |
-from .dta import DomainTransitionAnalysis
|
|
|
b2c4c6f |
+#from .dta import DomainTransitionAnalysis
|
|
|
d570700 |
|
|
|
d570700 |
# Policy difference
|
|
|
d570700 |
from .diff import PolicyDifference
|
|
|
d570700 |
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
|
|
d570700 |
index 0aaf13f..5b1ea20 100644
|
|
|
d570700 |
--- a/setoolsgui/apol/dta.py
|
|
|
d570700 |
+++ b/setoolsgui/apol/dta.py
|
|
|
d570700 |
@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
|
|
d570700 |
from PyQt5.QtGui import QPalette, QTextCursor
|
|
|
d570700 |
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
|
|
d570700 |
QTreeWidgetItem
|
|
|
d570700 |
-from setools import DomainTransitionAnalysis
|
|
|
d570700 |
+from setools.dta import DomainTransitionAnalysis
|
|
|
d570700 |
|
|
|
d570700 |
from ..logtosignal import LogHandlerToSignal
|
|
|
d570700 |
from .analysistab import AnalysisTab
|
|
|
d570700 |
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
|
|
b2c4c6f |
index b272a99..7b05945 100644
|
|
|
d570700 |
--- a/setoolsgui/apol/infoflow.py
|
|
|
d570700 |
+++ b/setoolsgui/apol/infoflow.py
|
|
|
b2c4c6f |
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
|
|
d570700 |
from PyQt5.QtGui import QPalette, QTextCursor
|
|
|
d570700 |
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
|
|
d570700 |
QTreeWidgetItem
|
|
|
d570700 |
-from setools import InfoFlowAnalysis
|
|
|
d570700 |
+from setools.infoflow import InfoFlowAnalysis
|
|
|
d570700 |
from setools.exception import UnmappedClass, UnmappedPermission
|
|
|
d570700 |
|
|
|
d570700 |
from ..logtosignal import LogHandlerToSignal
|
|
|
d570700 |
diff --git a/tests/dta.py b/tests/dta.py
|
|
|
b2c4c6f |
index be04ae4..de4f337 100644
|
|
|
d570700 |
--- a/tests/dta.py
|
|
|
d570700 |
+++ b/tests/dta.py
|
|
|
b2c4c6f |
@@ -18,7 +18,7 @@
|
|
|
b2c4c6f |
import os
|
|
|
d570700 |
import unittest
|
|
|
d570700 |
|
|
|
b2c4c6f |
-from setools import DomainTransitionAnalysis
|
|
|
d570700 |
+from setools.dta import DomainTransitionAnalysis
|
|
|
d570700 |
from setools import TERuletype as TERT
|
|
|
d570700 |
from setools.policyrep.exception import InvalidType
|
|
|
b2c4c6f |
from setools.policyrep.libpolicyrep import Type
|
|
|
d570700 |
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
|
|
b2c4c6f |
index 87bb1b0..dc1e7b9 100644
|
|
|
d570700 |
--- a/tests/infoflow.py
|
|
|
d570700 |
+++ b/tests/infoflow.py
|
|
|
b2c4c6f |
@@ -18,7 +18,7 @@
|
|
|
b2c4c6f |
import os
|
|
|
d570700 |
import unittest
|
|
|
d570700 |
|
|
|
b2c4c6f |
-from setools import InfoFlowAnalysis
|
|
|
d570700 |
+from setools.infoflow import InfoFlowAnalysis
|
|
|
d570700 |
from setools import TERuletype as TERT
|
|
|
d570700 |
from setools.permmap import PermissionMap
|
|
|
d570700 |
from setools.policyrep.exception import InvalidType
|
|
|
d570700 |
--
|
|
|
b2c4c6f |
2.14.3
|
|
|
d570700 |
|