rpms/policycoreutils/devel policycoreutils-gui.patch, 1.40, 1.41 policycoreutils.spec, 1.462, 1.463
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Oct 16 23:47:48 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27798
Modified Files:
policycoreutils-gui.patch policycoreutils.spec
Log Message:
* Mon Oct 15 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-3
- Lots of updates to gui
policycoreutils-gui.patch:
Index: policycoreutils-gui.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-gui.patch,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- policycoreutils-gui.patch 15 Oct 2007 20:59:29 -0000 1.40
+++ policycoreutils-gui.patch 16 Oct 2007 23:47:15 -0000 1.41
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.29/gui/booleansPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.31/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/booleansPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/booleansPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,254 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -256,9 +256,9 @@
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.29/gui/fcontextPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.31/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/fcontextPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/fcontextPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,209 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -469,9 +469,9 @@
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.29/gui/loginsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.31/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/loginsPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/loginsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,179 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -652,9 +652,9 @@
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.29/gui/Makefile
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.31/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/Makefile 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/Makefile 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,34 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -690,9 +690,9 @@
+indent:
+
+relabel:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.29/gui/mappingsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.31/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/mappingsPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/mappingsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -750,9 +750,9 @@
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.29/gui/modulesPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.31/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/modulesPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/modulesPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,181 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -935,9 +935,9 @@
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.29/gui/polgen.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.31/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/polgen.glade 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/polgen.glade 2007-10-16 19:23:01.000000000 -0400
@@ -0,0 +1,2583 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -1146,7 +1146,7 @@
+ <child>
+ <widget class="GtkRadioButton" id="init_radiobutton">
+ <property name="visible">True</property>
-+ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/init.d</property>
++ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/rc.d/init.d</property>
+ <property name="can_focus">True</property>
+ <property name="label" translatable="yes">Standard Init Daemon</property>
+ <property name="use_underline">True</property>
@@ -2856,7 +2856,7 @@
+ </child>
+
+ <child>
-+ <widget class="GtkCheckButton" id="sendmail_checkbutton">
++ <widget class="GtkCheckButton" id="mail_checkbutton">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="label" translatable="yes">Sends email</property>
@@ -3366,7 +3366,7 @@
+ <property name="title" translatable="yes">Generated Policy Files</property>
+ <property name="text" translatable="yes">This tool will generate the following:
+Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh)
-+Execute shell script to compile/install and relabel files/directories.
++Execute shell script as root to compile/install and relabel files/directories.
+Use semanage or useradd to map Linux login users to user roles.
+Put the machine in permissive mode (setenforce 0).
+Login as the user and test this user role.
@@ -3522,10 +3522,10 @@
+</widget>
+
+</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.29/gui/polgengui.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.31/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/polgengui.py 2007-10-15 14:07:20.000000000 -0400
-@@ -0,0 +1,496 @@
++++ policycoreutils-2.0.31/gui/polgengui.py 2007-10-16 19:43:06.000000000 -0400
+@@ -0,0 +1,551 @@
+#!/usr/bin/python
+#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
@@ -3585,6 +3585,32 @@
+sys.path.append('/usr/share/system-config-selinux')
+sys.path.append('.')
+
++def get_all_types():
++ try:
++ all_types = []
++ rc, output=commands.getstatusoutput("seinfo --type")
++ if rc == 0:
++ l = output.split()
++ for i in l:
++ all_types.append(i.split("_t")[0])
++ except:
++ pass
++
++ return all_types
++
++def get_all_modules():
++ try:
++ all_modules = []
++ rc, output=commands.getstatusoutput("semodule -l")
++ if rc == 0:
++ l = output.split("\n")
++ for i in l:
++ all_modules.append(i.split()[0])
++ except:
++ pass
++
++ return all_modules
++
+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
+def foreach(model, path, iter, selected):
+ selected.append(model.get_value(iter, 0))
@@ -3618,6 +3644,9 @@
+
+ def __init__(self):
+ self.xml = xml
++ self.all_types=get_all_types()
++ self.all_modules=get_all_modules()
++ self.name=""
+ xml.signal_connect("on_delete_clicked", self.delete)
+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
+ xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
@@ -3837,6 +3866,11 @@
+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
++
++ my_policy.set_use_dbus(self.dbus_checkbutton.get_active() == 1)
++ my_policy.set_use_audit(self.audit_checkbutton.get_active() == 1)
++ my_policy.set_use_terminal(self.terminal_checkbutton.get_active() == 1)
++ my_policy.set_use_mail(self.mail_checkbutton.get_active() == 1)
+ if self.get_type() is polgen.DAEMON:
+ my_policy.set_init_script(self.init_script_entry.get_text())
+ if self.get_type() == polgen.USER:
@@ -3889,7 +3923,7 @@
+ def exec_select(self, args):
+ self.file_dialog.set_select_multiple(0)
+ self.file_dialog.set_title(_("Select executable file to be confined."))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
+ self.file_dialog.set_current_folder("/usr/sbin")
+ rc = self.file_dialog.run()
+ self.file_dialog.hide()
@@ -3900,8 +3934,8 @@
+ def init_script_select(self, args):
+ self.file_dialog.set_select_multiple(0)
+ self.file_dialog.set_title(_("Select init script file to be confined."))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
-+ self.file_dialog.set_current_folder("/etc/init.d")
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
++ self.file_dialog.set_current_folder("/etc/rc.d/init.d")
+ rc = self.file_dialog.run()
+ self.file_dialog.hide()
+ if rc == gtk.RESPONSE_CANCEL:
@@ -3910,14 +3944,16 @@
+
+ def add(self, args):
+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
-+ self.file_dialog.set_select_multiple(1)
++ self.file_dialog.set_current_folder("/")
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
++ self.file_dialog.set_select_multiple(1)
+ self.__add(FILE)
+
+ def add_dir(self, args):
+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
-+ self.file_dialog.set_select_multiple(0)
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER)
++ self.file_dialog.set_current_folder("/")
++ self.file_dialog.set_select_multiple(1)
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
+ self.__add(DIR)
+
+ def on_about_clicked(self, args):
@@ -3934,6 +3970,7 @@
+ self.druid = self.xml.get_widget("druid")
+ self.type = 0
+ self.name_entry = self.xml.get_widget("name_entry")
++ self.name_entry.connect("focus_out_event",self.on_name_entry_changed)
+ self.exec_entry = self.xml.get_widget("exec_entry")
+ self.exec_button = self.xml.get_widget("exec_button")
+ self.init_script_entry = self.xml.get_widget("init_script_entry")
@@ -3953,6 +3990,10 @@
+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
++ self.dbus_checkbutton = self.xml.get_widget("dbus_checkbutton")
++ self.audit_checkbutton = self.xml.get_widget("audit_checkbutton")
++ self.terminal_checkbutton = self.xml.get_widget("terminal_checkbutton")
++ self.mail_checkbutton = self.xml.get_widget("mail_checkbutton")
+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
+ self.view = self.xml.get_widget("write_treeview")
+ self.file_dialog = self.xml.get_widget("filechooserdialog")
@@ -3974,6 +4015,20 @@
+ return
+ self.output_entry.set_text(self.file_dialog.get_filename())
+
++ def on_name_entry_changed(self, entry, third):
++ name = entry.get_text()
++ if self.name != name:
++ if name in self.all_types:
++ if self.verify(_("Type %s_t already defined in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
++ entry.set_text("")
++ return False
++ if name in self.all_modules:
++ if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
++ entry.set_text("")
++ return False
++ self.name = name
++ return False
++
+ def on_in_net_page_next(self, *args):
+ try:
+ polgen.verify_ports(self.in_tcp_entry.get_text())
@@ -4022,10 +4077,10 @@
+
+ app = childWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.29/gui/polgen.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.31/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/polgen.py 2007-10-15 14:07:20.000000000 -0400
-@@ -0,0 +1,808 @@
++++ policycoreutils-2.0.31/gui/polgen.py 2007-10-16 19:23:12.000000000 -0400
+@@ -0,0 +1,818 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -4050,6 +4105,7 @@
+import os, sys, stat
+import re
+from templates import executable
++from templates import etc_rw
+from templates import var_spool
+from templates import var_lib
+from templates import var_log
@@ -4157,6 +4213,7 @@
+ self.DEFAULT_DIRS = {}
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
+ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
++ self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
@@ -4477,6 +4534,12 @@
+ newte += re.sub("APPLICATION", app, tmp)
+ return newte
+
++ def generate_dbus_if(self):
++ newif =""
++ if self.use_dbus:
++ newif = re.sub("TEMPLATETYPE", self.name, executable.if_dbus_rules)
++ return newif
++
+ def generate_admin_if(self):
+ newif = ""
+ if self.initscript != "":
@@ -4587,6 +4650,7 @@
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
+ break
+ newif += self.generate_user_if()
++ newif += self.generate_dbus_if()
+ newif += self.generate_admin_if()
+ newif += self.generate_terminal_if()
+
@@ -4683,7 +4747,6 @@
+
+ def generate_sh(self):
+ newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
-+ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
+ if self.program != "":
+ newsh += re.sub("FILENAME", self.program, script.restorecon)
+ if self.initscript != "":
@@ -4721,6 +4784,7 @@
+ fd = open(shfile, "w")
+ fd.write(self.generate_sh())
+ fd.close()
++ os.chmod(shfile, 0750)
+ return shfile
+
+ def write_if(self, out_dir):
@@ -4782,6 +4846,7 @@
+ mypolicy = policy("myrwho", DAEMON)
+ mypolicy.set_program("/usr/sbin/myrwhod")
+ mypolicy.set_init_script("/etc/init.d/myrwhod")
++ mypolicy.add_dir("/etc/nasd")
+ mypolicy.set_in_tcp(1, 0, 0, "513")
+ mypolicy.set_use_uid(True)
+ mypolicy.set_use_tmp(True)
@@ -4834,9 +4899,9 @@
+ sys.exit(0)
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.29/gui/portsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.31/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/portsPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/portsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,251 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5089,9 +5154,9 @@
+
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.29/gui/selinux.tbl
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.31/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/selinux.tbl 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/selinux.tbl 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,295 @@
+! allow_console_login _("Login") _("Allow direct login to the console device. Required for System 390")
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
@@ -5388,9 +5453,9 @@
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.29/gui/semanagePage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.31/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/semanagePage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/semanagePage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,147 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5539,9 +5604,9 @@
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.29/gui/statusPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.31/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/statusPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/statusPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,219 @@
+## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5762,9 +5827,9 @@
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.29/gui/system-config-selinux.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.31/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/system-config-selinux.glade 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/system-config-selinux.glade 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,3339 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -9105,9 +9170,9 @@
+</widget>
+
+</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.29/gui/system-config-selinux.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.31/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/system-config-selinux.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/system-config-selinux.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,175 @@
+#!/usr/bin/python
+#
@@ -9284,10 +9349,143 @@
+
+ app = childWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.29/gui/templates/executable.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.31/gui/templates/etc_rw.py
+--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.31/gui/templates/etc_rw.py 2007-10-16 19:23:37.000000000 -0400
+@@ -0,0 +1,129 @@
++# Copyright (C) 2007 Red Hat
++# see file 'COPYING' for use and warranty information
++#
++# policygentool is a tool for the initial generation of SELinux policy
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License as
++# published by the Free Software Foundation; either version 2 of
++# the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
++# 02111-1307 USA
++#
++#
++########################### etc_rw Template File #############################
++
++########################### Type Enforcement File #############################
++te_types="""
++type TEMPLATETYPE_etc_rw_t;
++files_type(TEMPLATETYPE_etc_rw_t)
++"""
++te_rules="""
++allow TEMPLATETYPE_t TEMPLATETYPE_etc_rw_t:file manage_file_perms;
++allow TEMPLATETYPE_t TEMPLATETYPE_etc_rw_t:dir manage_dir_perms;
++files_etc_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_etc_rw_t, { file dir })
++"""
++
++########################### Interface File #############################
++if_rules="""
++########################################
++## <summary>
++## Search TEMPLATETYPE conf directories.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_search_conf',`
++ gen_require(`
++ type TEMPLATETYPE_etc_rw_t;
++ ')
++
++ allow $1 TEMPLATETYPE_etc_rw_t:dir search_dir_perms;
++ files_search_etc($1)
++')
++
++########################################
++## <summary>
++## Read TEMPLATETYPE conf files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_read_conf_files',`
++ gen_require(`
++ type TEMPLATETYPE_etc_rw_t;
++ ')
++
++ allow $1 TEMPLATETYPE_etc_rw_t:file r_file_perms;
++ allow $1 TEMPLATETYPE_etc_rw_t:dir list_dir_perms;
++ files_search_etc($1)
++')
++
++########################################
++## <summary>
++## Create, read, write, and delete
++## TEMPLATETYPE conf files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_manage_conf_files',`
++ gen_require(`
++ type TEMPLATETYPE_etc_rw_t;
++ ')
++
++ manage_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
++ files_search_etc($1)
++')
++
++########################################
++## <summary>
++## Manage TEMPLATETYPE etc_rw files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_manage_conf',`
++ gen_require(`
++ type TEMPLATETYPE_etc_rw_t;
++ ')
++
++ manage_dir_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
++ manage_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
++ manage_lnk_file_perms($1,TEMPLATETYPE_etc_rw_t,TEMPLATETYPE_etc_rw_t)
++')
++
++"""
++
++if_admin_rules="""
++ TEMPLATETYPE_manage_conf($2)
++"""
++
++########################### File Context ##################################
++fc_file="""\
++FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
++"""
++
++fc_dir="""\
++FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
++"""
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.31/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/executable.py 2007-10-15 14:07:20.000000000 -0400
-@@ -0,0 +1,342 @@
++++ policycoreutils-2.0.31/gui/templates/executable.py 2007-10-16 19:24:01.000000000 -0400
+@@ -0,0 +1,365 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -9575,6 +9773,29 @@
+')
+"""
+
++if_dbus_rules="""
++########################################
++## <summary>
++## Send and receive messages from
++## TEMPLATETYPE over dbus.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`TEMPLATETYPE_dbus_chat',`
++ gen_require(`
++ type TEMPLATETYPE_t;
++ class dbus send_msg;
++ ')
++
++ allow $1 TEMPLATETYPE_t:dbus send_msg;
++ allow TEMPLATETYPE_t $1:dbus send_msg;
++')
++"""
++
+if_begin_admin="""
+########################################
+## <summary>
@@ -9630,9 +9851,9 @@
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.29/gui/templates/__init__.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.31/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/__init__.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/__init__.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@@ -9652,9 +9873,9 @@
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.29/gui/templates/network.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.31/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/network.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/network.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@@ -9736,9 +9957,9 @@
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.29/gui/templates/rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.31/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/rw.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/rw.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,128 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -9868,10 +10089,10 @@
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.29/gui/templates/script.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.31/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/script.py 2007-10-15 14:07:20.000000000 -0400
-@@ -0,0 +1,50 @@
++++ policycoreutils-2.0.31/gui/templates/script.py 2007-10-16 19:24:22.000000000 -0400
+@@ -0,0 +1,91 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -9895,15 +10116,56 @@
+#
+
+########################### tmp Template File #############################
-+compile="""
++compile="""\
+#!/bin/sh
++
++DIRNAME=`dirname $0`
++cd $DIRNAME
++USAGE="$0 [ --update ]"
++if [ `id -u` != 0 ]; then
++echo 'You must be root to run this script'
++exit 1
++fi
++
+if [ ! -f /usr/share/selinux/devel/Makefile ]; then
+echo 'selinux-policy-devel not installed, package required for building policy'
+echo '# yum install selinux-policy-devel'
+exit 1
+fi
++
++if [ $# -eq 1 ]; then
++ if [ "$1" = "--update" ] ; then
++ time=`ls -l --time-style="+%x %X" TEMPLATETYPE.te | awk '{ printf "%s %s", $6, $7 }'`
++ rules=`ausearch --start $time -m avc --raw | grep TEMPLATETYPE`
++ if [ x"$rules" != "x" ] ; then
++ echo "Found avc's to update policy with"
++ echo -e "$rules" | audit2allow -R
++ echo "Do you want these changes added to policy [y/n]?"
++ read ANS
++ if [ "$ANS" = "y" -o "$ANS" = "Y" ] ; then
++ echo "Updating policy"
++ echo -e "$rules" | audit2allow -R >> TEMPLATETYPE.te
++ # Fall though and rebuild policy
++ else
++ exit 0
++ fi
++ else
++ echo "No new avcs found"
++ exit 0
++ fi
++ else
++ echo -e $USAGE
++ exit 1
++ fi
++elif [ $# -ge 2 ] ; then
++ echo -e $USAGE
++ exit 1
++fi
++
++echo "Building and Loading Policy"
++set -x
+make -f /usr/share/selinux/devel/Makefile
-+/usr/sbin/semodule -i PACKAGEFILENAME.pp
++/usr/sbin/semodule -i TEMPLATETYPE.pp
+
+"""
+
@@ -9922,9 +10184,9 @@
+users="""\
+/usr/sbin/semanage user -a -P TEMPLATETYPE -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.29/gui/templates/semodule.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.31/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/semodule.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/semodule.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -9967,9 +10229,9 @@
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.29/gui/templates/tmp.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.31/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/tmp.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/tmp.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,97 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10068,9 +10330,9 @@
+ TEMPLATETYPE_manage_tmp($2)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.29/gui/templates/user.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.31/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/user.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/user.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,137 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10209,9 +10471,9 @@
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.29/gui/templates/var_lib.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.31/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/var_lib.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/var_lib.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,162 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10375,9 +10637,9 @@
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.29/gui/templates/var_log.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.31/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/var_log.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/var_log.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,112 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10491,9 +10753,9 @@
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.29/gui/templates/var_run.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.31/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/var_run.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/var_run.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,119 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10614,9 +10876,9 @@
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.29/gui/templates/var_spool.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.31/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/templates/var_spool.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/templates/var_spool.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10749,9 +11011,9 @@
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.29/gui/translationsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.31/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/translationsPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/translationsPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,118 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
@@ -10871,9 +11133,9 @@
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.29/gui/usersPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.31/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.29/gui/usersPage.py 2007-10-15 14:07:20.000000000 -0400
++++ policycoreutils-2.0.31/gui/usersPage.py 2007-10-15 16:55:03.000000000 -0400
@@ -0,0 +1,172 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.462
retrieving revision 1.463
diff -u -r1.462 -r1.463
--- policycoreutils.spec 15 Oct 2007 20:59:29 -0000 1.462
+++ policycoreutils.spec 16 Oct 2007 23:47:15 -0000 1.463
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.31
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -205,6 +205,9 @@
fi
%changelog
+* Mon Oct 15 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-3
+- Lots of updates to gui
+
* Mon Oct 15 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-1
- Remove no.po
- Update to upstream
More information about the fedora-extras-commits
mailing list