diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index 8b4067d..0bc65fc 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.62/gui/booleansPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.63/gui/booleansPage.py --- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/booleansPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/booleansPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,247 @@ +# +# booleansPage.py - GUI for Booleans page in system-config-securitylevel @@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli + self.load(self.filter) + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.62/gui/domainsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.63/gui/domainsPage.py --- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/domainsPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/domainsPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,154 @@ +## domainsPage.py - show selinux domains +## Copyright (C) 2009 Red Hat, Inc. @@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic + + except ValueError, e: + self.error(e.args[0]) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.62/gui/fcontextPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.63/gui/fcontextPage.py --- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/fcontextPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/fcontextPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,223 @@ +## fcontextPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli + self.store.set_value(iter, SPEC_COL, fspec) + self.store.set_value(iter, FTYPE_COL, ftype) + self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.62/gui/html_util.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.63/gui/html_util.py --- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/html_util.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/html_util.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,164 @@ +# Authors: John Dennis +# @@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc + doc += tail + return doc + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.62/gui/lockdown.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.63/gui/lockdown.glade --- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/lockdown.glade 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/lockdown.glade 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,771 @@ + + @@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.62/gui/lockdown.gladep +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.63/gui/lockdown.gladep --- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/lockdown.gladep 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/lockdown.gladep 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -1588,9 +1588,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.62/gui/lockdown.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.63/gui/lockdown.py --- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/lockdown.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/lockdown.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,382 @@ +#!/usr/bin/python +# @@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco + + app = booleanWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.62/gui/loginsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.63/gui/loginsPage.py --- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/loginsPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/loginsPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,185 @@ +## loginsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy + self.store.set_value(iter, 1, seuser) + self.store.set_value(iter, 2, seobject.translate(serange)) + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.62/gui/Makefile +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.63/gui/Makefile --- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/Makefile 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/Makefile 2009-05-22 17:07:21.000000000 -0400 @@ -0,0 +1,38 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -2179,7 +2179,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +loginsPage.py \ +mappingsPage.py \ +modulesPage.py \ -+polgen.py \ +polgen.glade \ +portsPage.py \ +lockdown.glade \ @@ -2190,12 +2189,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +usersPage.py \ +selinux.tbl + -+all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py ++all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py polgen.py + +install: all + -mkdir -p $(SHAREDIR)/templates + install -m 755 system-config-selinux.py $(SHAREDIR) + install -m 755 polgengui.py $(SHAREDIR) ++ install -m 755 polgen.py $(SHAREDIR) + install -m 755 lockdown.py $(SHAREDIR) + install -m 644 $(TARGETS) $(SHAREDIR) + install -m 644 templates/*.py $(SHAREDIR)/templates/ @@ -2205,9 +2205,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu +indent: + +relabel: -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.62/gui/mappingsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.63/gui/mappingsPage.py --- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/mappingsPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/mappingsPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,56 @@ +## mappingsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -2265,9 +2265,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli + for k in keys: + print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.62/gui/modulesPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.63/gui/modulesPage.py --- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/modulesPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/modulesPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,190 @@ +## modulesPage.py - show selinux mappings +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -2459,9 +2459,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic + + except ValueError, e: + self.error(e.args[0]) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.62/gui/polgen.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.63/gui/polgen.glade --- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/polgen.glade 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/polgen.glade 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,3305 @@ + + @@ -5768,9 +5768,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.62/gui/polgen.gladep +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.63/gui/polgen.gladep --- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/polgen.gladep 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/polgen.gladep 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,7 @@ + + @@ -5779,9 +5779,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.62/gui/polgengui.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.63/gui/polgengui.py --- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/polgengui.py 2009-05-12 13:20:15.000000000 -0400 ++++ policycoreutils-2.0.63/gui/polgengui.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,627 @@ +#!/usr/bin/python -E +# @@ -6410,10 +6410,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + + app = childWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.62/gui/polgen.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.63/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/polgen.py 2009-05-04 13:40:26.000000000 -0400 -@@ -0,0 +1,954 @@ ++++ policycoreutils-2.0.63/gui/polgen.py 2009-05-22 17:02:43.000000000 -0400 +@@ -0,0 +1,1152 @@ +#!/usr/bin/python +# +# Copyright (C) 2007, 2008, 2009 Red Hat @@ -6558,6 +6558,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore +EUSER = 9 +RUSER = 10 + ++poltype={} ++poltype[DAEMON] = _("Standard Init Daemon") ++poltype[DBUS] = _("DBUS System Daemon") ++poltype[INETD] = _("Internet Services Daemon") ++poltype[CGI] = _("Web Application/Script (CGI)") ++poltype[USER] = _("User Application") ++poltype[TUSER] = _("Minimal Terminal User Role") ++poltype[XUSER] = _("Minimal X Windows User Role") ++poltype[LUSER] = _("User Role") ++poltype[AUSER] = _("Admin User Role") ++poltype[RUSER] = _("Root Admin User Role") ++ ++ +APPLICATIONS = [ DAEMON, DBUS, INETD, USER, CGI ] +USERS = [ XUSER, TUSER, LUSER, AUSER, EUSER, RUSER] + @@ -6590,10 +6603,82 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + raise ValueError(_("Ports must be numbers or ranges of numbers from 1 to %d " % max_port )) + +class policy: -+ ++ + def __init__(self, name, type): + ports = seobject.portRecords() + self.ports = ports.get_all() ++ ++ self.symbols = {} ++ self.symbols["__syslog_chk"] = "set_use_syslog(True)" ++ self.symbols["getpwnam"] = "set_use_uid(True)" ++ self.symbols["getpwuid"] = "set_use_uid(True)" ++ self.symbols["dbus_"] = "set_use_dbus(True)" ++ self.symbols["pam_"] = "set_use_pam(True)" ++ self.symbols["pam_"] = "set_use_audit(True)" ++ ++ self.symbols["fork"] = "add_process('fork')" ++ self.symbols["transition"] = "add_process('transition')" ++ self.symbols["sigchld"] = "add_process('sigchld')" ++ self.symbols["sigkill"] = "add_process('sigkill')" ++ self.symbols["sigstop"] = "add_process('sigstop')" ++ self.symbols["signull"] = "add_process('signull')" ++ self.symbols["signal"] = "add_process('signal')" ++ self.symbols["ptrace"] = "add_process('ptrace')" ++ self.symbols["getsched"] = "add_process('getsched')" ++ self.symbols["setsched"] = "add_process('setsched')" ++ self.symbols["getsession"] = "add_process('getsession')" ++ self.symbols["getpgid"] = "add_process('getpgid')" ++ self.symbols["setpgid"] = "add_process('setpgid')" ++ self.symbols["getcap"] = "add_process('getcap')" ++ self.symbols["setcap"] = "add_process('setcap')" ++ self.symbols["share"] = "add_process('share')" ++ self.symbols["getattr"] = "add_process('getattr')" ++ self.symbols["setexec"] = "add_process('setexec')" ++ self.symbols["setfscreate"] = "add_process('setfscreate')" ++ self.symbols["noatsecure"] = "add_process('noatsecure')" ++ self.symbols["siginh"] = "add_process('siginh')" ++ self.symbols["setrlimit"] = "add_process('setrlimit')" ++ self.symbols["rlimitinh"] = "add_process('rlimitinh')" ++ self.symbols["dyntransition"] = "add_process('dyntransition')" ++ self.symbols["setcurrent"] = "add_process('setcurrent')" ++ self.symbols["execmem"] = "add_process('execmem')" ++ self.symbols["execstack"] = "add_process('execstack')" ++ self.symbols["execheap"] = "add_process('execheap')" ++ self.symbols["setkeycreate"] = "add_process('setkeycreate')" ++ self.symbols["setsockcreate"] = "add_process('setsockcreate')" ++ ++ self.symbols["chown"] = "add_capability('chown')" ++ self.symbols["dac_override"] = "add_capability('dac_override')" ++ self.symbols["dac_read_search"] = "add_capability('dac_read_search')" ++ self.symbols["fowner"] = "add_capability('fowner')" ++ self.symbols["fsetid"] = "add_capability('fsetid')" ++ self.symbols["kill"] = "add_capability('kill')" ++ self.symbols["setgid"] = "add_capability('setgid')" ++ self.symbols["setuid"] = "add_capability('setuid')" ++ self.symbols["setpcap"] = "add_capability('setpcap')" ++ self.symbols["linux_immutable"] = "add_capability('linux_immutable')" ++ self.symbols["net_bind_service"] = "add_capability('net_bind_service')" ++ self.symbols["net_broadcast"] = "add_capability('net_broadcast')" ++ self.symbols["net_admin"] = "add_capability('net_admin')" ++ self.symbols["net_raw"] = "add_capability('net_raw')" ++ self.symbols["ipc_lock"] = "add_capability('ipc_lock')" ++ self.symbols["ipc_owner"] = "add_capability('ipc_owner')" ++ self.symbols["sys_module"] = "add_capability('sys_module')" ++ self.symbols["sys_rawio"] = "add_capability('sys_rawio')" ++ self.symbols["sys_chroot"] = "add_capability('sys_chroot')" ++ self.symbols["sys_ptrace"] = "add_capability('sys_ptrace')" ++ self.symbols["sys_pacct"] = "add_capability('sys_pacct')" ++ self.symbols["sys_admin"] = "add_capability('sys_admin')" ++ self.symbols["sys_boot"] = "add_capability('sys_boot')" ++ self.symbols["sys_nice"] = "add_capability('sys_nice')" ++ self.symbols["sys_resource"] = "add_capability('sys_resource')" ++ self.symbols["sys_time"] = "add_capability('sys_time')" ++ self.symbols["sys_tty_config"] = "add_capability('sys_tty_config')" ++ self.symbols["mknod"] = "add_capability('mknod')" ++ self.symbols["lease"] = "add_capability('lease')" ++ self.symbols["audit_write"] = "add_capability('audit_write')" ++ self.symbols["audit_control"] = "add_capability('audit_control')" ++ self.symbols["setfcap"] = "add_capability('setfcap')" + + self.DEFAULT_DIRS = {} + self.DEFAULT_DIRS["rw"] = ["rw", [], rw]; @@ -6624,6 +6709,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.name = name + self.file_name = name + ++ self.capabilities = [] ++ self.processes = [] + self.type = type + self.initscript = "" + self.program = "" @@ -6846,6 +6933,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + self.DEFAULT_DIRS["rw"][1].append(file) + return self.DEFAULT_DIRS["rw"] + ++ def add_capability(self, capability): ++ self.capabilities.append(capability) ++ ++ def add_process(self, process): ++ self.processes.append(process) ++ + def add_boolean(self, name, description): + self.booleans[name] = description + @@ -6855,6 +6948,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + def add_dir(self, file): + self.dirs[file] = self.__find_path(file) + ++ def generate_capabilities(self): ++ newte = "" ++ if len(self.capabilities) > 0: ++ newte = "allow %s self:capability { %s };\n" % (self.name, " ".join(self.capabilities)) ++ return newte ++ ++ def generate_process(self): ++ newte = "" ++ if len(self.processes) > 0: ++ newte = "allow %s self:process { %s };\n" % (self.name, " ".join(self.processes)) ++ return newte ++ ++ + def generate_network_rules(self): + newte = "" + if self.use_network(): @@ -7112,6 +7218,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + if self.type != CGI or d != "rw": + newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types) + ++ newte +=""" ++######################################## ++# ++# %s local policy ++# ++ ++""" % self.name ++ newte += self.generate_capabilities() ++ newte += self.generate_process() + newte += self.generate_network_types() + newte += self.generate_tmp_types() + newte += self.generate_booleans() @@ -7273,8 +7388,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + sys.stderr.flush() + sys.exit(1) + -+ -+if __name__ == '__main__': ++def test(): + mypolicy = policy("mycgi", CGI) + mypolicy.set_program("/var/www/cgi-bin/cgi") + mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000") @@ -7365,12 +7479,96 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + mypolicy.set_admin_domains(["postgresql", "mysql"]) + print mypolicy.generate("/var/tmp") + -+ sys.exit(0) ++ ++import os, sys, getopt, socket, random, fcntl + -+ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.62/gui/portsPage.py ++def gen_writeable(cmd): ++ fd = os.popen("rpm -qlf %s" % cmd) ++ rec = fd.read().split() ++ fd.close() ++ return rec ++ ++def gen_symbols(cmd): ++ fd = os.popen("nm /usr/lib/debug%s.debug | grep U" % cmd) ++ rec = fd.read().split() ++ fd.close() ++ return rec ++ ++def usage(msg): ++ print _(""" ++%s ++ ++polgen [ -m ] [ -t type ] command ++valid Types: ++""") % msg ++ keys=poltype.keys() ++ for i in keys: ++ print "\t%s\t%s" % (i, poltype[i]) ++ sys.exit(-1) ++ ++if __name__ == '__main__': ++ setype = DAEMON ++ gopts, cmds = getopt.getopt(sys.argv[1:], "t:m", ++ ["type=", ++ "mount"]) ++ for o, a in gopts: ++ if o == "-t" or o == "--type": ++ try: ++ if int(a) not in poltype: ++ usage ("invalid type %s" % a ) ++ except: ++ usage ("invalid type %s" % a ) ++ ++ setype = int(a) ++ ++ if o == "-m" or o == "--mount": ++ mount_ind = True ++ ++ ++ if len(cmds) == 0: ++ usage(_("Executable required")) ++ ++ name = os.path.basename(cmds[0]) ++ cmd = cmds[0] ++ mypolicy = policy(name, setype) ++ mypolicy.set_program(cmd) ++ for f in gen_writeable(cmd): ++ for b in mypolicy.DEFAULT_DIRS: ++ if b == "/etc": ++ continue ++ if f.startswith(b): ++ if os.path.isfile(f): ++ mypolicy.add_file(f) ++ else: ++ mypolicy.add_dir(f) ++ ++ if os.path.isfile("/var/run/%s.pid" % name): ++ mypolicy.add_file("/var/run/%s.pid" % name) ++ ++ if os.path.isfile("/etc/rc.d/init.d/%s" % name): ++ mypolicy.set_init_script("/etc/rc\.d/init\.d/%s" % name) ++ ++ symbols = gen_symbols(cmd) ++ if len(symbols) == 0: ++ print """ ++%s attempts to scan the debuginfo file for symbols to generate ++additional policy rules, which is missing for %s ++ ++debuginfo-install RPMPACKAGE ++ ++Will install %s with symbols. Then rerun this tool tool generate additional ++rules. ++""" % (sys.argv[0], cmd, cmd) ++ for s in symbols: ++ for b in mypolicy.symbols: ++ if s.startswith(b): ++ exec "mypolicy.%s" % mypolicy.symbols[b] ++ ++ print mypolicy.generate() ++ sys.exit(0) +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.63/gui/portsPage.py --- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/portsPage.py 2009-05-12 13:20:08.000000000 -0400 ++++ policycoreutils-2.0.63/gui/portsPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,259 @@ +## portsPage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -7631,9 +7829,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc + + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.62/gui/selinux.tbl +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.63/gui/selinux.tbl --- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/selinux.tbl 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/selinux.tbl 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,234 @@ +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /") @@ -7869,9 +8067,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories") +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories") + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.62/gui/semanagePage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.63/gui/semanagePage.py --- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/semanagePage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/semanagePage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,168 @@ +## semanagePage.py - show selinux mappings +## Copyright (C) 2006 Red Hat, Inc. @@ -8041,9 +8239,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli + self.load(self.filter) + return True + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.62/gui/statusPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.63/gui/statusPage.py --- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/statusPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/statusPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,190 @@ +# statusPage.py - show selinux status +## Copyright (C) 2006-2009 Red Hat, Inc. @@ -8235,9 +8433,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy + return self.types[self.selinuxTypeOptionMenu.get_active()] + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.62/gui/system-config-selinux.glade +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.63/gui/system-config-selinux.glade --- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/system-config-selinux.glade 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/system-config-selinux.glade 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,3403 @@ + + @@ -11642,9 +11840,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.62/gui/system-config-selinux.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.63/gui/system-config-selinux.py --- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/system-config-selinux.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/system-config-selinux.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,189 @@ +#!/usr/bin/python +# @@ -11835,9 +12033,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu + + app = childWindow() + app.stand_alone() -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.62/gui/templates/boolean.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.63/gui/templates/boolean.py --- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/boolean.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/boolean.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,40 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -11879,9 +12077,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py +') +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.62/gui/templates/etc_rw.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.63/gui/templates/etc_rw.py --- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/etc_rw.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/etc_rw.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,129 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12012,10 +12210,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.62/gui/templates/executable.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.63/gui/templates/executable.py --- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/executable.py 2009-05-12 13:20:40.000000000 -0400 -@@ -0,0 +1,368 @@ ++++ policycoreutils-2.0.63/gui/templates/executable.py 2009-05-22 16:56:01.000000000 -0400 +@@ -0,0 +1,363 @@ +# Copyright (C) 2007-2009 Red Hat +# see file 'COPYING' for use and warranty information +# @@ -12118,11 +12316,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +""" + +te_daemon_rules=""" -+######################################## -+# -+# TEMPLATETYPE local policy -+# -+ +# Init script handling +domain_use_interactive_fds(TEMPLATETYPE_t) + @@ -12384,9 +12577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable +EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.62/gui/templates/__init__.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.63/gui/templates/__init__.py --- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/__init__.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/__init__.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,18 @@ +# +# Copyright (C) 2007 Red Hat, Inc. @@ -12406,9 +12599,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +# + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.62/gui/templates/network.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.63/gui/templates/network.py --- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/network.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/network.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,80 @@ +te_port_types=""" +type TEMPLATETYPE_port_t; @@ -12490,9 +12683,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.62/gui/templates/rw.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.63/gui/templates/rw.py --- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/rw.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/rw.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,128 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12622,9 +12815,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli +fc_dir=""" +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.62/gui/templates/script.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.63/gui/templates/script.py --- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/script.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/script.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,99 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12725,9 +12918,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py +# Adding roles to SELinux user USER +/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.62/gui/templates/semodule.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.63/gui/templates/semodule.py --- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/semodule.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/semodule.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,41 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12770,9 +12963,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.62/gui/templates/tmp.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.63/gui/templates/tmp.py --- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/tmp.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/tmp.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,97 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -12871,9 +13064,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol + TEMPLATETYPE_manage_tmp($1) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.62/gui/templates/user.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.63/gui/templates/user.py --- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/user.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/user.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,182 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13057,9 +13250,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po +te_newrole_rules=""" +seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t }) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.62/gui/templates/var_lib.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.63/gui/templates/var_lib.py --- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/var_lib.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/var_lib.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,158 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13219,9 +13412,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.62/gui/templates/var_log.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.63/gui/templates/var_log.py --- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/var_log.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/var_log.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,110 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13333,9 +13526,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.62/gui/templates/var_run.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.63/gui/templates/var_run.py --- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/var_run.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/var_run.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,118 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13455,9 +13648,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0) +""" + -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.62/gui/templates/var_spool.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.63/gui/templates/var_spool.py --- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/templates/var_spool.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/templates/var_spool.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,129 @@ +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -13588,9 +13781,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool. +fc_dir="""\ +FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0) +""" -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.62/gui/translationsPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.63/gui/translationsPage.py --- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/translationsPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/translationsPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,118 @@ +## translationsPage.py - show selinux translations +## Copyright (C) 2006 Red Hat, Inc. @@ -13710,9 +13903,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py + store, iter = self.view.get_selection().get_selected() + self.store.set_value(iter, 0, level) + self.store.set_value(iter, 1, translation) -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.62/gui/usersPage.py +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.63/gui/usersPage.py --- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.62/gui/usersPage.py 2009-05-04 13:40:26.000000000 -0400 ++++ policycoreutils-2.0.63/gui/usersPage.py 2009-05-22 13:40:04.000000000 -0400 @@ -0,0 +1,150 @@ +## usersPage.py - show selinux mappings +## Copyright (C) 2006,2007,2008 Red Hat, Inc. diff --git a/policycoreutils.spec b/policycoreutils.spec index fc4b68b..2de4cd4 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.63 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -226,6 +226,9 @@ else fi %changelog +* Fri May 22 2009 Dan Walsh 2.0.63-2 +- Change polgen.py to be able to generate policy + * Wed May 20 2009 Dan Walsh 2.0.63-1 - Update to upstream * Fix transaction checking from Dan Walsh.