-%{version}/foo.pp
+%semodule -n bar -t mls,targeted poltest-policy-%{version}/bar.pp
+
+%files policy
+
+%changelog
+* Wed Jul 1 2009 Steve Lawrence slawre...@tresys.com
+- create
--
1.6.2.5
___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org
This replaces the old matchpathcon interfaces with the new selabel
interfaces for relabeling files, storing an selabel handle in the
transaction set.
With this change, also comes an added distinction between --nocontexts
being specified and a failure to read the load file contexts.
Previously,
This moves most of the plugin logic to a new rpmplugins file with a
struct and functions for managing plugins, allowing for plugins to carry
state. This also adds init and cleanup hooks for plugins to initialize
and cleanup their state, and a new 'open te' hook allowing plugins to
read and save
This adds a new plugin specifically for a collection to load SELinux
policy. This implements the post_add and pre_remove plugin hooks. The
only time anything happens during the pre_remove hook is if post_add was
not called (i.e. if the transaction only removes policies).
This plugin extracts all
On Mon, 2010-07-26 at 14:19 +0300, Panu Matilainen wrote:
On Wed, 14 Jul 2010, Steve Lawrence wrote:
This replaces the old matchpathcon interfaces with the new selabel
interfaces for relabeling files, storing an selabel handle in the
transaction set.
With this change, also comes
/rpm-maint/2010-June/002784.html
Steve Lawrence (6):
Remove the existing %policy directive
Add new %sepolicy section to the spec file format
Use selabel interfaces instead of matchpathcon
Create a new publicly accessible function, rpmteHeaderOpen
Add SELinux policy plugin
Add files
When the SELinux policy collection plugin is executed, the transaction
element has already been closed, and the header cannot be accessed.
However, access to the header is needed to extract policy data. The new
rpmteHeaderOpen function allows accessing the header of a closed
transaction element by
This replaces the old matchpathcon interfaces with the new selabel
interfaces for relabeling files, storing an selabel handle in the
transaction set.
With this change, also comes an added distinction between --nocontexts
being specified and a failure to read the load file contexts.
Previously,
On Wed, 2010-06-23 at 14:40 +0300, Panu Matilainen wrote:
On Fri, 18 Jun 2010, Panu Matilainen wrote:
+rpmRC COLLHOOK_POST_ANY_FUNC(rpmts ts, const char * collname, const char
*
options)
+{
+ int rc = RPMRC_FAIL;
+
+ if (rpmChrootSet(rpmtsRootDir(ts)) || rpmChrootIn()) {
On Wed, 2010-06-23 at 11:13 +0300, Panu Matilainen wrote:
On Tue, 22 Jun 2010, Steve Lawrence wrote:
On Tue, 2010-06-22 at 12:12 +0300, Panu Matilainen wrote:
On Mon, 21 Jun 2010, Steve Lawrence wrote:
This patch adds the install-time feature that if a package requires a
package
On Tue, 2010-06-22 at 12:45 +0300, Panu Matilainen wrote:
On Mon, 21 Jun 2010, Steve Lawrence wrote:
On Mon, 2010-06-21 at 15:15 +0300, Panu Matilainen wrote:
Oh, another thing wrt chroots: do you have some specific reason to leave
the chroot handling for the plugins to handle
On Tue, 2010-06-22 at 12:12 +0300, Panu Matilainen wrote:
On Mon, 21 Jun 2010, Steve Lawrence wrote:
This patch adds the install-time feature that if a package requires a
package in a collection, then it also requires all other packages in
that collection. This has the effect
On Mon, 2010-06-21 at 15:15 +0300, Panu Matilainen wrote:
On Fri, 18 Jun 2010, Panu Matilainen wrote:
+rpmRC COLLHOOK_POST_ANY_FUNC(rpmts ts, const char * collname, const char
*
options)
+{
+ int rc = RPMRC_FAIL;
+
+ if (rpmChrootSet(rpmtsRootDir(ts)) || rpmChrootIn()) {
On Fri, 2010-06-18 at 17:00 +0300, Panu Matilainen wrote:
On Thu, 17 Jun 2010, Steve Lawrence wrote:
This patch adds a generic plugin, exec.so, that should be sufficient for the
majority of Collection actions. After all packages in a Collection have been
installed/removed, this plugin
at various stages of the RPM transaction to allow for
a wide range of control and flexibility. Included in this patchset is a generic
plugin that can be used to easily execute scripts, which should be sufficient
for the majority of collection actions.
Steve Lawrence (5):
Add new Collections
This patch adds the install-time feature that if a package requires a package
in a collection, then it also requires all other packages in that collection.
This has the effect that collections will be roughly grouped together during a
transaction.
Although this is not absolutely necessary for the
This adds a new Collections preamble tag, which contains a space separated list
of collection names that the package belongs to.
---
build/parsePreamble.c |4
lib/rpmtag.h |1 +
tests/rpmgeneral.at |1 +
3 files changed, 6 insertions(+), 0 deletions(-)
diff --git
This patch adds a simple plugin system that makes simple problems easy to
solve, and difficult problems, such as SELinux, possible.
When the transaction gets to the point where a collection action should occur,
it expands a macro of the form %__collection_collection name to get the path
to a
execute scripts, which should be sufficient
for the majority of collection actions.
Steve Lawrence (5):
Add new Collections preamble tag
Determine when to perform Collection actions
Add common Collection requirements
Add plugin calling support
Add a generic plugin for use by simple
This adds a new Collections preamble tag, which contains a space separated list
of collection names that the package belongs to.
---
build/parsePreamble.c |4
lib/rpmtag.h |1 +
tests/rpmgeneral.at |1 +
3 files changed, 6 insertions(+), 0 deletions(-)
diff --git
There are three times during a transaction when Collection actions can be
performed:
1) After the last time a member of a collection is either installed or removed
2) After the last time a member of a collection is installed only
3) Before the first time a member of a collection is removed only
After digging into the design of our new Collection idea [1] a bit more,
we've realized there are potential ordering problems with the SELinux
part of collections, specifically with upgrades and obsoletes. For
example, assume we already have foo-1.rpm and foo-policy-1.rpm installed
and we are
Based on our previous discussions, we plan to rewrite SELinux support
for RPM by moving policy into separate packages, out of the associated
application packages. By doing this, we can leverage the existing PRCO
for policy installation. However, this design change leads to some
problems that must
As discussed, we have decided to rewrite SELinux support in RPM to move
policy into their own 'policy packages', separate from the associated
application packages. With this change, we need to take another look at
the different ways policy can be packaged separately, and the pros and
cons of each
On Thu, 2010-03-04 at 10:52 +0200, Panu Matilainen wrote:
On Tue, 2 Feb 2010, Steve Lawrence wrote:
If the --root option is given and matchpathcon_init is called outside of
the chroot, it will read the host policy configuration and file context
rather than those in the chroot. This leads
On Thu, 2010-03-04 at 12:56 +0200, Panu Matilainen wrote:
On Tue, 2 Feb 2010, Steve Lawrence wrote:
After a policy set has been prepared (rpmpolsPrepare), a call to
rpmpolsCheckDeps will determine if PolicyReuqires: dependencies are met.
This function only checks against packages
On Thu, 2010-03-04 at 14:52 +0200, Panu Matilainen wrote:
On Tue, 16 Feb 2010, Chad Sellers wrote:
On 2/13/10 1:20 AM, James Antill ja...@fedoraproject.org wrote:
On Fri, 2010-02-12 at 15:34 -0500, Steve Lawrence wrote:
, or installs something which obsoletes/conflicts with it
etc
On Thu, 2010-03-04 at 14:59 +0200, Panu Matilainen wrote:
On Tue, 2 Feb 2010, Steve Lawrence wrote:
Policy modules should be ignored during policy conflict detection if a
package was installed with --nopolicy. This patch remembers if a package
was installed with --nopolicy by added a new
On Fri, 2010-02-05 at 12:26 -0500, James Antill wrote:
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
rpmpolsSaveStave
Save the policies changes to the rpm database. Due to security reasons,
policy is not removed when the package that installed it is removed.
Because
On Fri, 2010-02-12 at 15:20 -0500, Steve Lawrence wrote:
On Fri, 2010-02-05 at 12:26 -0500, James Antill wrote:
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
+ case 0:
+ if (!rpmIsDebug
On Fri, 2010-02-05 at 12:31 -0500, James Antill wrote:
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
There are cases where duplicates are expected, and we must be able to
removed the older version of a duplicate. Unfortunately, policies are not
versioned, so we must use
On Fri, 2010-02-05 at 12:54 -0500, James Antill wrote:
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
+ if (rstreq(headerGetString(h, RPMTAG_NAME), RPMPOL_PKG_NAME))
{
+ pol-source = headerGetAsString(h, RPMTAG_SOURCERPM);
+ } else
On Fri, 2010-02-05 at 13:11 -0500, James Antill wrote:
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
Policy modules should be ignored during policy conflict detection if a
package was installed with --nopolicy. This patch remembers if a package
was installed with --nopolicy
Remove existing %policy directive, to be replaced with a new %policy
section with more configurable options
---
build/files.c | 14 ++
lib/rpmfi.h |1 -
2 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/build/files.c b/build/files.c
index 6fbeddc..c215b55 100644
+ Obsoletes: bar baz
+%module poltest-policy-%{version}/bar.pp
+ Name: bar
+ Types: mls targeted
+ Obsoletes: baz qux
+
+%changelog
+* Wed Jul 1 2009 Steve Lawrence slawre...@tresys.com
+- create
--
1.6.2.5
___
Rpm-maint mailing list
Rpm
After a policy set has been prepared (rpmpolsPrepare), a call to
rpmpolsCheckDeps will determine if PolicyReuqires: dependencies are met.
This function only checks against packages currently installed.
Also, PolicyRequires are merged into Requires, so if normal dependency
checks pass, we know the
The rpmpol struct is essentially a list of policies extracted from a
single package. It contains an iterator and getters to get the necessary
information.
---
lib/Makefile.am |2 +-
lib/rpmpol.c| 394 +++
lib/rpmpol.h| 161
The state of SELinux on a system changes how we install policy during
the rpm transaction. For example, if the /etc/selinux directory structure
hasn't been created, we can't install policy until a package creates the
directory. This patch adds a function (rpmtsInitSELinux) which performs
The PolicyRequires tag is used to specify which versions of packages are
required by policies installed in the module. The PolicyRequires tag has
the same syntax as the Requires tag.
Assume libselinux-1.2 is installed on the system. Package foo-1.0 has a
policy module that 'Requires: libselinux =
The rpmpoltrans struct maintains the state of a policy transaction,
abstracting away the policy installation method (either semodule or
libsemanage). If the semodule binary does not exist or cannot be executed
(the path specified in the new %{__semodule} macro), the policy transaction
falls back
Policy modules should be ignored during policy conflict detection if a
package was installed with --nopolicy. This patch remembers if a package
was installed with --nopolicy by added a new tag, RPMTAG_NOPOLICIES,
and setting its value to the time the package was installed. When doing
conflict
The policy set structure stores information about all the policies and is
used to perform various checks and preparations for the policy installation.
The order in which the functions should be called (and their purpose) is as
follows:
rpmpolsNew
Create an empty rpmpols structure
rpmpolsAdd
There are cases where duplicates are expected, and we must be able to
removed the older version of a duplicate. Unfortunately, policies are not
versioned, so we must use the install time of a policy to determine which
which is newer. Policies that have not yet been installed get a time of
UINT_MAX
Currently, it is possible for two different packages to install policy
modules with the same name. This patch adds detection for these conflicts
by iterating over all to-be-installed packages and all currently installed
packages and making sure no two packages own the same policies. This patch
Because policy installation and file system relabeling can take a while to
complete, it can look like rpm is hanging. This patch adds callback types
for policy installation and filesystem relabel start/stop. This also updates
rpm to display a notification for the new callbacks.
---
If policy installation is postponed due to missing dependencies, it is
possible that file contexts have changed after files have been put on the
system. In this case, relabel all files using restorecon.
If restorecon fails, let the user know that files may be mislabeled.
Additionally, restorecon
In the current state, there is no verification that a file specified with
the %module tag is actually a policy module. This patch adds an rpmbuild
hook that can be used to perform module verification. A %__check_policies
macro has been added which can point to a script/executable that performs
Rather than using the old matchpathcon for relabeling files, use the new
selinux interfaces and store an selabel handle in the rpmts.
With this change, also comes an added distinction between --nocontexts being
specified and a failure to read the file_contexts file. Previously, there
was no
If the --root option is given and matchpathcon_init is called outside of
the chroot, it will read the host policy configuration and file context
rather than those in the chroot. This leads to potentially mislabeled
files (if host and root policies differ) and wrong data from libselinux
(e.g.
+ Obsoletes: bar baz
+%module poltest-policy-%{version}/bar.pp
+ Name: bar
+ Types: mls targeted
+ Obsoletes: baz qux
+
+%changelog
+* Wed Jul 1 2009 Steve Lawrence slawre...@tresys.com
+- create
--
1.6.0.6
___
Rpm-maint mailing list
Rpm
://userspace.selinuxproject.org/
[1] http://lists.rpm.org/pipermail/rpm-maint/2009-October/002561.html
Steve Lawrence (18):
Execute matchpathcon_init in a chroot
Add test sources and spec file for %policy
Remove existing %policy directive
Add new %policy section to the spec file format
Add rpmpol struct and helper
Remove existing %policy directive, to be replaced with a new %policy
section with more configurable options
---
build/files.c | 14 ++
lib/rpmfi.h |1 -
2 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/build/files.c b/build/files.c
index 7db729a..05a1d17 100644
The rpmpol struct is essentially a list of policies extracted from a
single package. It contains an iterator and getters to get the necessary
information.
---
lib/Makefile.am |2 +-
lib/rpmpol.c| 390 +++
lib/rpmpol.h| 158
The %policy section is similar to other sections (%files, %pre, %post,
etc.) in that you can provide a string and -n after the declaration to
specify policy should be added to a subpackage.
For example:
%policy
# policy in this section will be added to the main package
%policy foo
# policy in
After a policy set has been prepared (rpmpolsPrepare), a call to
rpmpolsCheckDeps will determine if PolicyReuqires: dependencies are met.
This function only checks against packages currently installed.
Also, PolicyRequires are merged into Requires, so if normal dependency
checks pass, we know the
The rpmpoltrans struct maintains the state of a policy transaction,
abstracting away the policy installation method (either semodule or
libsemanage). If the semodule binary does not exist or cannot be executed
(the path specified in the new %{__semodule} macro), the policy transaction
falls back
If policy installation is postponed due to missing dependencies, it is
possible that file contexts have changed after files have been put on the
system. In this case, relabel all files using restorecon.
If restorecon fails, let the user know that files may be mislabeled.
Additionally, restorecon
Policy modules should be ignored during policy conflict detection if a
package was installed with --nopolicy. This patch remembers if a package
was installed with --nopolicy by added a new tag, RPMTAG_NOPOLICIES,
and setting its value to the time the package was installed. When doing
conflict
The policy set structure stores information about all the policies and is
used to perform various checks and preparations for the policy installation.
The order in which the functions should be called (and their purpose) is as
follows:
rpmpolsNew
Create an empty rpmpols structure
rpmpolsAdd
The previous %policy section parsing assumed %module would be the only
tag in in the section. This is limiting as we may need to add more tags
in the future. This patch generalizes %policy section parsing and makes
it much easier to add new tags.
To add a tag, all that must be done is add a new
The PolicyRequires tag is used to specify which versions of packages are
required by policies installed in the module. The PolicyRequires tag has
the same syntax as the Requires tag.
Assume libselinux-1.2 is installed on the system. Package foo-1.0 has a
policy module that 'Requires: libselinux =
In the current state, there is no verification that a file specified with
the %module tag is actually a policy module. This patch adds an rpmbuild
hook that can be used to perform module verification. A %__check_policies
macro has been added which can point to a script/executable that performs
The state of SELinux on a system changes how we install policy during
the rpm transaction. For example, if the /etc/selinux directory structure
hasn't been created, we can't install policy until a package creates the
directory. This patch adds a function (rpmtsInitSELinux) which performs
Currently, it is possible for two different packages to install policy
modules with the same name. This patch adds detection for these conflicts
by iterating over all to-be-installed packages and all currently installed
packages and making sure no two packages own the same policies. This patch
Currently, RPMTRANS_FLAG_NOCONTEXTS is used to signify that --nocontexts
is specified or that matchpathcon_init fails. With the policy changes made
in previous patches, it is necessary to make a distinction. This is because
matchpathcon_init may fail at one point, but succeed at another. This
On Mon, 2009-10-26 at 16:26 -0400, Bill Nottingham wrote:
Steve Lawrence (slawre...@tresys.com) said:
Base: Whether or not the module is a base module. Values can be
yes/1 or no/0. Defaults to no/0 if not given.
Name: The name of the module. If not given, we
On Fri, 2009-10-23 at 13:13 -0400, Bill Nottingham wrote:
Steve Lawrence (slawre...@tresys.com) said:
After each %module directive can be zero or more options, specified in
the same format as Preamble tags. The current options are:
Base: Whether or not the module is a base module
The %policy section is similar to other sections (%files, %pre, %post,
etc.) in that you can provide a string and -n after the declaration to
specify policy should be added to a subpackage.
For example:
%policy
# policy in this section will be added to the main package
%policy foo
# policy in
The rpmpoltrans struct maintains the state of a policy transaction,
abstracting away the policy installation method (either semodule or
libsemanage). If the semodule binary does not exist or cannot be executed
(the path specified in the new %{__semodule} macro), the policy transaction
falls back
After a policy set has been prepared (rpmpolsPrepare), a call to
rpmpolsCheckDeps will determine if PolicyReuqires: dependencies are met.
This function only checks against packages currently installed.
Also, PolicyRequires are merged into Requires, so if normal dependency
checks pass, we know the
If policy installation is postponed due to missing dependencies, it is
possible that file contexts have changed after files have been put on
the system. In this case, relabel files using fixfiles.
Fixfiles is too complicated to re-implement in C/rpm, so we can't easily
create a fallback ala
The policy set structure stores information about all the policies and is
used to perform various checks and preparations for the policy installation.
The order in which the functions should be called (and their purpose) is as
follows:
rpmpolsNew
Create an empty rpmpols structure
rpmpolsAdd
- Steve
Steve Lawrence (3):
Remove existing %policy directive
Add test sources and spec file for %policy
Add new %policy section to the spec file format
build/Makefile.am |4 +-
build/build.c |4 +
build/files.c
Remove the existing %policy directive
---
build/files.c | 14 ++
lib/rpmfi.h |1 -
2 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/build/files.c b/build/files.c
index b5c5437..d483b1e 100644
--- a/build/files.c
+++ b/build/files.c
@@ -841,7 +841,6 @@ static
: default
+ Obsoletes: bar baz
+%module poltest-policy-%{version}/bar.pp
+ Name: bar
+ Types: mls targeted
+ Obsoletes: baz qux
+
+%changelog
+* Wed Jul 1 2009 Steve Lawrence slawre...@tresys.com
+- create
--
1.6.0.6
___
Rpm-maint mailing
}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make DESTDIR=%{buildroot} prefix=%{_prefix} install
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root)
+%{_bindir}/poltest
+%policy poltest-policy-%{version}/poltest.pp
+
+%changelog
+* Wed Jul 1 2009 Steve Lawrence slawre...@tresys.com
+- create
Steve Lawrence (3):
Add test sources and spec file for %policy
Add new structures/functions for managing policy information
Install policy during an rpm transaction using the new
rpmpol/rpmpoltrans
Makefile.am |1 +
configure.ac
Rather than using the PSM to extract policy from headers, as we did in
previous patchsets, we now call rpmtsPreparePolicy which performs the
necessary preparations. Currently this only includes creating rpmpol
structures for each transaction element. In later patchsets, this
will include logic to
Two new structures are added: rpmpol and rpmpoltrans
rpmpol is essentially a list of policies extracted from a single package.
It contains an iterator and getters to get the necessary information.
As more policy information is added to rpm headers (based on a new
%policy directive) this struct
to libsemanage whenever we're
installing to a chroot.
- Steve
--Mark
Steve Lawrence wrote:
On Wed, 2009-08-26 at 10:55 +0300, Panu Matilainen wrote:
Finally getting back to this after vacations and all, apologies for the
lenghty delay...
On Tue, 7 Jul 2009, Joshua Brindle wrote:
Panu
On Wed, 2009-08-26 at 10:55 +0300, Panu Matilainen wrote:
Finally getting back to this after vacations and all, apologies for the
lenghty delay...
On Tue, 7 Jul 2009, Joshua Brindle wrote:
Panu Matilainen wrote:
Hi,
On Mon, 6 Jul 2009, Stephen Lawrence wrote:
snip
81 matches
Mail list logo