rpms/policycoreutils/devel .cvsignore, 1.185, 1.186 policycoreutils-rhat.patch, 1.379, 1.380 policycoreutils.spec, 1.543, 1.544 sources, 1.190, 1.191
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Aug 5 14:19:04 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv828
Modified Files:
.cvsignore policycoreutils-rhat.patch policycoreutils.spec
sources
Log Message:
* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> 2.0.54-1
- Update to upstream
* Add support for boolean files and group support for seusers from Dan Walsh.
* Ensure that setfiles -p output is newline terminated from Russell Coker.
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/.cvsignore,v
retrieving revision 1.185
retrieving revision 1.186
diff -u -r1.185 -r1.186
--- .cvsignore 29 Jul 2008 18:06:14 -0000 1.185
+++ .cvsignore 5 Aug 2008 14:18:33 -0000 1.186
@@ -185,3 +185,4 @@
policycoreutils-2.0.52.tgz
sepolgen-1.0.13.tgz
policycoreutils-2.0.53.tgz
+policycoreutils-2.0.54.tgz
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.379
retrieving revision 1.380
diff -u -r1.379 -r1.380
--- policycoreutils-rhat.patch 29 Jul 2008 18:06:14 -0000 1.379
+++ policycoreutils-rhat.patch 5 Aug 2008 14:18:33 -0000 1.380
@@ -1,49 +1,28 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.52/Makefile
---- nsapolicycoreutils/Makefile 2008-06-12 23:25:24.000000000 -0400
-+++ policycoreutils-2.0.52/Makefile 2008-07-29 10:39:48.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.53/Makefile
+--- nsapolicycoreutils/Makefile 2008-08-05 09:58:35.000000000 -0400
++++ policycoreutils-2.0.53/Makefile 2008-08-01 07:34:03.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.52/restorecond/restorecond.c
---- nsapolicycoreutils/restorecond/restorecond.c 2008-06-12 23:25:21.000000000 -0400
-+++ policycoreutils-2.0.52/restorecond/restorecond.c 2008-07-29 10:39:48.000000000 -0400
-@@ -210,9 +210,10 @@
- }
-
- if (fsetfilecon(fd, scontext) < 0) {
-- syslog(LOG_ERR,
-- "set context %s->%s failed:'%s'\n",
-- filename, scontext, strerror(errno));
-+ if (errno != EOPNOTSUPP)
-+ syslog(LOG_ERR,
-+ "set context %s->%s failed:'%s'\n",
-+ filename, scontext, strerror(errno));
- if (retcontext >= 0)
- free(prev_context);
- free(scontext);
-@@ -225,8 +226,9 @@
- if (retcontext >= 0)
- free(prev_context);
- } else {
-- syslog(LOG_ERR, "get context on %s failed: '%s'\n",
-- filename, strerror(errno));
-+ if (errno != EOPNOTSUPP)
-+ syslog(LOG_ERR, "get context on %s failed: '%s'\n",
-+ filename, strerror(errno));
- }
- free(scontext);
- close(fd);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.52/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2008-07-02 17:19:15.000000000 -0400
-+++ policycoreutils-2.0.52/semanage/semanage 2008-07-29 10:39:48.000000000 -0400
-@@ -45,13 +45,13 @@
+diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.53/restorecond/restorecond.conf
+--- nsapolicycoreutils/restorecond/restorecond.conf 2008-08-05 09:58:27.000000000 -0400
++++ policycoreutils-2.0.53/restorecond/restorecond.conf 2008-08-01 10:54:17.000000000 -0400
+@@ -1,3 +1,4 @@
++/etc/services
+ /etc/resolv.conf
+ /etc/samba/secrets.tdb
+ /etc/mtab
+diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.53/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage 2008-08-05 09:58:26.000000000 -0400
++++ policycoreutils-2.0.53/semanage/semanage 2008-08-05 10:13:48.000000000 -0400
+@@ -45,11 +45,11 @@
def usage(message = ""):
print _("""
semanage {boolean|login|user|port|interface|fcontext|translation} -{l|D} [-n]
--semanage login -{a|d|m} [-sr] login_name
+-semanage login -{a|d|m} [-sr] login_name | %groupname
-semanage user -{a|d|m} [-LrRP] selinux_name
+semanage login -{a|d|m} [-srF] login_name | login_file
+semanage user -{a|d|m} [-LrRPF] selinux_name | user_file
@@ -52,20 +31,9 @@
-semanage fcontext -{a|d|m} [-frst] file_spec
+semanage fcontext -{a|d|m} [-frstF] file_spec | fcontext_file
semanage translation -{a|d|m} [-T] level
--semanage boolean -{d|m} boolean
-+semanage boolean -{d|m} [-F] boolean | boolean_file
+ semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
semanage permissive -{d|a} type
-
- Primary Options:
-@@ -79,6 +79,7 @@
- -l (symbolic link)
- -p (named pipe)
-
-+ -F, --file Treat target as an input file for command, change multiple settings
- -p, --proto Port protocol (tcp or udp)
- -P, --prefix Prefix for home directory labeling
- -L, --level Default SELinux Level (MLS/MCS Systems only)
-@@ -102,19 +103,19 @@
+@@ -103,15 +103,15 @@
valid_option={}
valid_everyone=[ '-a', '--add', '-d', '--delete', '-m', '--modify', '-l', '--list', '-h', '--help', '-n', '--noheading', '-C', '--locallist', '-D', '--deleteall', '-S', '--store' ]
valid_option["login"] = []
@@ -84,333 +52,31 @@
valid_option["translation"] = []
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = []
-- valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0" ]
-+ valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
- valid_option["permissive"] = []
- valid_option["permissive"] += [ '-a', '--add', '-d', '--delete', '-l', '--list', '-h', '--help', '-n', '--noheading', '-D', '--deleteall' ]
- return valid_option
-@@ -134,15 +135,16 @@
- setrans = ""
+@@ -136,15 +136,15 @@
roles = ""
seuser = ""
-- prefix = ""
-+ prefix = "user"
- heading=1
-- value=0
-- add = 0
-- modify = 0
-- delete = 0
-- deleteall = 0
-- list = 0
-- locallist = 0
+ prefix = "user"
+- heading = True
+- value = None
++ heading=1
+ value = None
-+ add = False
-+ modify = False
-+ delete = False
-+ deleteall = False
-+ list = False
-+ locallist = False
+ add = False
+ modify = False
+ delete = False
+ deleteall = False
+ list = False
+ locallist = False
+- use_file = False
+ use_file = False
store = ""
if len(sys.argv) < 3:
usage(_("Requires 2 or more arguments"))
-@@ -155,11 +157,12 @@
- args = sys.argv[2:]
-
- gopts, cmds = getopt.getopt(args,
-- '01adf:lhmnp:s:CDR:L:r:t:T:P:S:',
-+ '01adf:lhmnp:s:FCDR:L:r:t:T:P:S:',
- ['add',
- 'delete',
- 'deleteall',
- 'ftype=',
-+ 'file',
- 'help',
- 'list',
- 'modify',
-@@ -185,18 +188,22 @@
- if o == "-a" or o == "--add":
- if modify or delete:
- usage()
-- add = 1
-+ add = True
-
- if o == "-d" or o == "--delete":
- if modify or add:
- usage()
-- delete = 1
-+ delete = True
- if o == "-D" or o == "--deleteall":
- if modify:
- usage()
-- deleteall = 1
-+ deleteall = True
- if o == "-f" or o == "--ftype":
- ftype=a
-+
-+ if o == "-F" or o == "--file":
-+ use_file = True
-+
- if o == "-h" or o == "--help":
+@@ -208,7 +208,7 @@
usage()
-@@ -204,12 +211,12 @@
- heading=0
+ if o == "-n" or o == "--noheading":
+- heading = False
++ heading=0
if o == "-C" or o == "--locallist":
-- locallist=1
-+ locallist = True
-
- if o == "-m"or o == "--modify":
- if delete or add:
- usage()
-- modify = 1
-+ modify = True
-
- if o == "-S" or o == '--store':
- store = a
-@@ -220,7 +227,7 @@
- serange = a
-
- if o == "-l" or o == "--list":
-- list = 1
-+ list = True
-
- if o == "-L" or o == '--level':
- if is_mls_enabled == 0:
-@@ -246,9 +253,9 @@
- setrans = a
-
- if o == "--on" or o == "-1":
-- value = 1
-- if o == "-off" or o == "-0":
-- value = 0
-+ value = "on"
-+ if o == "--off" or o == "-0":
-+ value = "off"
-
- if object == "login":
- OBJECT = seobject.loginRecords(store)
-@@ -275,7 +282,10 @@
- OBJECT = seobject.permissiveRecords(store)
-
- if list:
-- OBJECT.list(heading, locallist)
-+ if object == "boolean":
-+ OBJECT.list(heading, locallist, use_file)
-+ else:
-+ OBJECT.list(heading, locallist)
- sys.exit(0);
-
- if deleteall:
-@@ -295,11 +305,9 @@
- OBJECT.add(target, setrans)
-
- if object == "user":
-- rlist = roles.split()
-- if len(rlist) == 0:
-- raise ValueError(_("You must specify a role"))
-- if prefix == "":
-- raise ValueError(_("You must specify a prefix"))
-+ rlist = []
-+ if not use_file:
-+ rlist = roles.split()
- OBJECT.add(target, rlist, selevel, serange, prefix)
-
- if object == "port":
-@@ -317,7 +325,7 @@
-
- if modify:
- if object == "boolean":
-- OBJECT.modify(target, value)
-+ OBJECT.modify(target, value, use_file)
-
- if object == "login":
- OBJECT.modify(target, seuser, serange)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.52/semanage/semanage.8
---- nsapolicycoreutils/semanage/semanage.8 2008-07-02 17:19:15.000000000 -0400
-+++ policycoreutils-2.0.52/semanage/semanage.8 2008-07-29 10:39:48.000000000 -0400
-@@ -3,9 +3,9 @@
- semanage \- SELinux Policy Management tool
-
- .SH "SYNOPSIS"
--.B semanage {boolean|login|user|port|interface|fcontext|translation} \-{l|lC|D} [\-n]
-+.B semanage {boolean|login|user|port|interface|fcontext|translation} \-{l|D} [\-n] [\-S store]
- .br
--.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] boolean
-+.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] -F boolean | boolean_file
- .br
- .B semanage login \-{a|d|m} [\-sr] login_name
- .br
-@@ -54,6 +54,11 @@
- File Type. This is used with fcontext.
- Requires a file type as shown in the mode field by ls, e.g. use -d to match only directories or -- to match only regular files.
- .TP
-+.I \-F, \-\-file
-+Set multiple records from the input file. When used with the \-l \-\-list, it will output the current settings to stdout in the proper format.
-+
-+Currently booleans only.
-+.TP
- .I \-h, \-\-help
- display this message
- .TP
-@@ -87,6 +92,9 @@
- .I \-s, \-\-seuser
- SELinux user name
- .TP
-+.I \-S, \-\-store
-+Select and alternate SELinux store to manage
-+.TP
- .I \-t, \-\-type
- SELinux Type for the object
- .TP
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.52/semanage/seobject.py
---- nsapolicycoreutils/semanage/seobject.py 2008-07-29 09:15:39.000000000 -0400
-+++ policycoreutils-2.0.52/semanage/seobject.py 2008-07-29 10:39:48.000000000 -0400
-@@ -330,20 +330,15 @@
- for name in dirs:
- os.rmdir(os.path.join(root, name))
-
-- if rc != 0:
-- raise ValueError(out)
--
--
- def delete(self, name):
- for n in name.split():
- rc = semanage_module_remove(self.sh, "permissive_%s" % n)
- if rc < 0:
- raise ValueError(_("Could not remove permissive domain %s (remove failed)") % name)
-- rc = semanage_commit(self.sh)
-- if rc < 0:
-+ rc = semanage_commit(self.sh)
-+ if rc < 0:
- raise ValueError(_("Could not remove permissive domain %s (commit failed)") % name)
-
--
- def deleteall(self):
- l = self.get_all()
- if len(l) > 0:
-@@ -1447,54 +1442,72 @@
- class booleanRecords(semanageRecords):
- def __init__(self, store = ""):
- semanageRecords.__init__(self, store)
-+ self.dict={}
-+ self.dict["TRUE"] = 1
-+ self.dict["FALSE"] = 0
-+ self.dict["ON"] = 1
-+ self.dict["OFF"] = 0
-+ self.dict["1"] = 1
-+ self.dict["0"] = 0
-
-- def modify(self, name, value = ""):
-- if value == "":
-- raise ValueError(_("Requires value"))
--
-- (rc,k) = semanage_bool_key_create(self.sh, name)
-- if rc < 0:
-- raise ValueError(_("Could not create a key for %s") % name)
--
-- (rc,exists) = semanage_bool_exists(self.sh, k)
-- if rc < 0:
-- raise ValueError(_("Could not check if boolean %s is defined") % name)
-- if not exists:
-- raise ValueError(_("Boolean %s is not defined") % name)
--
-- (rc,b) = semanage_bool_query(self.sh, k)
-- if rc < 0:
-- raise ValueError(_("Could not query file context %s") % name)
-+ def __mod(self, name, value):
-+ (rc,k) = semanage_bool_key_create(self.sh, name)
-+ if rc < 0:
-+ raise ValueError(_("Could not create a key for %s") % name)
-+ (rc,exists) = semanage_bool_exists(self.sh, k)
-+ if rc < 0:
-+ raise ValueError(_("Could not check if boolean %s is defined") % name)
-+ if not exists:
-+ raise ValueError(_("Boolean %s is not defined") % name)
-+
-+ (rc,b) = semanage_bool_query(self.sh, k)
-+ if rc < 0:
-+ raise ValueError(_("Could not query file context %s") % name)
-
-- if value != "":
-- nvalue = int(value)
-- semanage_bool_set_value(b, nvalue)
-+ if value.upper() in self.dict:
-+ semanage_bool_set_value(b, self.dict[value.upper()])
- else:
-- raise ValueError(_("You must specify a value"))
-+ raise ValueError(_("You must specify one of the following values: %s") % ", ".join(self.dict.keys()) )
-+
-+ rc = semanage_bool_set_active(self.sh, k, b)
-+ if rc < 0:
-+ raise ValueError(_("Could not set active value of boolean %s") % name)
-+ rc = semanage_bool_modify_local(self.sh, k, b)
-+ if rc < 0:
-+ raise ValueError(_("Could not modify boolean %s") % name)
-+ semanage_bool_key_free(k)
-+ semanage_bool_free(b)
-
-+ def modify(self, name, value=None, use_file=False):
-+
- rc = semanage_begin_transaction(self.sh)
- if rc < 0:
- raise ValueError(_("Could not start semanage transaction"))
--
-- rc = semanage_bool_set_active(self.sh, k, b)
-- if rc < 0:
-- raise ValueError(_("Could not set active value of boolean %s") % name)
-- rc = semanage_bool_modify_local(self.sh, k, b)
-- if rc < 0:
-- raise ValueError(_("Could not modify boolean %s") % name)
-+ if use_file:
-+ fd = open(name)
-+ for b in fd.read().split("\n"):
-+ b = b.strip()
-+ if len(b) == 0:
-+ continue
-+
-+ try:
-+ boolname, val = b.split("=")
-+ except ValueError, e:
-+ raise ValueError(_("Bad format %s: Record %s" % ( name, b) ))
-+ self.__mod(boolname.strip(), val.strip())
-+ fd.close()
-+ else:
-+ self.__mod(name, value)
-
- rc = semanage_commit(self.sh)
- if rc < 0:
- raise ValueError(_("Could not modify boolean %s") % name)
-
-- semanage_bool_key_free(k)
-- semanage_bool_free(b)
--
- def delete(self, name):
-- (rc,k) = semanage_bool_key_create(self.sh, name)
-- if rc < 0:
-- raise ValueError(_("Could not create a key for %s") % name)
-
-+ (rc,k) = semanage_bool_key_create(self.sh, name)
-+ if rc < 0:
-+ raise ValueError(_("Could not create a key for %s") % name)
- (rc,exists) = semanage_bool_exists(self.sh, k)
- if rc < 0:
- raise ValueError(_("Could not check if boolean %s is defined") % name)
-@@ -1571,8 +1584,15 @@
- else:
- return _("unknown")
-
-- def list(self, heading = 1, locallist = 0):
-+ def list(self, heading = True, locallist = False, use_file = False):
- on_off = (_("off"),_("on"))
-+ if use_file:
-+ ddict = self.get_all(locallist)
-+ keys = ddict.keys()
-+ for k in keys:
-+ if ddict[k]:
-+ print "%s=%s" % (k, ddict[k][2])
-+ return
- if heading:
- print "%-40s %s\n" % (_("SELinux boolean"), _("Description"))
- ddict = self.get_all(locallist)
+ locallist = True
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.543
retrieving revision 1.544
diff -u -r1.543 -r1.544
--- policycoreutils.spec 29 Jul 2008 18:06:14 -0000 1.543
+++ policycoreutils.spec 5 Aug 2008 14:18:33 -0000 1.544
@@ -5,7 +5,7 @@
%define sepolgenver 1.0.13
Summary: SELinux policy core utilities
Name: policycoreutils
-Version: 2.0.53
+Version: 2.0.54
Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
@@ -192,6 +192,17 @@
fi
%changelog
+* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> 2.0.54-1
+- Update to upstream
+ * Add support for boolean files and group support for seusers from Dan Walsh.
+ * Ensure that setfiles -p output is newline terminated from Russell Coker.
+
+* Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> 2.0.53-3
+- Allow semanage user to add group lists %groupname
+
+* Tue Jul 29 2008 Dan Walsh <dwalsh at redhat.com> 2.0.53-2
+- Fix help
+
* Tue Jul 29 2008 Dan Walsh <dwalsh at redhat.com> 2.0.53-1
- Update to upstream
* Change setfiles to validate all file_contexts files when using -c from Stephen Smalley.
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/sources,v
retrieving revision 1.190
retrieving revision 1.191
diff -u -r1.190 -r1.191
--- sources 29 Jul 2008 18:06:14 -0000 1.190
+++ sources 5 Aug 2008 14:18:33 -0000 1.191
@@ -1,2 +1,2 @@
b6756a012c26f414e4a5f8f438ce2188 sepolgen-1.0.13.tgz
-8fe5f8b78e156f770e990fe107577d2c policycoreutils-2.0.53.tgz
+b1d1bc767b4806a17d0986ab4016cf9b policycoreutils-2.0.54.tgz
More information about the fedora-extras-commits
mailing list