Hello community, here is the log from the commit of package setools for openSUSE:Factory checked in at 2019-02-06 14:06:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/setools (Old) and /work/SRC/openSUSE:Factory/.setools.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "setools" Wed Feb 6 14:06:30 2019 rev:32 rq:671815 version:4.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/setools/setools.changes 2018-12-12 17:31:01.066684635 +0100 +++ /work/SRC/openSUSE:Factory/.setools.new.28833/setools.changes 2019-02-06 14:06:36.502658106 +0100 @@ -1,0 +2,13 @@ +Tue Feb 5 08:01:41 UTC 2019 - [email protected] + +- Update to 4.2.1 + * Set SIGPIPE handler for CLI tools. + * Fixed alias dereferencing in TypeQuery and type, category, and + sensitivity lookups. + * Fixed sediff bug for rendering modified nodecons. + * Fixed devicetreecon count output. + * Fixed policy target platform check. + * Fixed bug in creating permission set intersection in apol. +- Provide python-setools + +------------------------------------------------------------------- Old: ---- 4.2.0.tar.gz New: ---- 4.2.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ setools.spec ++++++ --- /var/tmp/diff_new_pack.YhlR9n/_old 2019-02-06 14:06:38.214657796 +0100 +++ /var/tmp/diff_new_pack.YhlR9n/_new 2019-02-06 14:06:38.214657796 +0100 @@ -1,7 +1,7 @@ # # spec file for package setools # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ %define skip_python2 1 Name: setools -Version: 4.2.0 +Version: 4.2.1 Release: 0 Url: https://github.com/SELinuxProject/setools Summary: Policy analysis tools for SELinux @@ -74,6 +74,7 @@ Group: Development/Languages/Python Requires: python Obsoletes: python-setools < %{version} +Provides: python-setools = %{version}-%{release} %description -n python3-setools SETools is a collection of graphical tools, command-line tools, and ++++++ 4.2.0.tar.gz -> 4.2.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/ChangeLog new/setools-4.2.1/ChangeLog --- old/setools-4.2.0/ChangeLog 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/ChangeLog 2019-02-05 01:18:05.000000000 +0100 @@ -1,3 +1,104 @@ +*setools-4.2.1 (4 Feb 2019) + + * Set SIGPIPE handler for CLI tools. + * Fixed alias dereferencing in TypeQuery and type, category, and sensitivity + lookups. + * Fixed sediff bug for rendering modified nodecons. + * Fixed devicetreecon count output. + * Fixed policy target platform check. + * Fixed bug in creating permission set intersection in apol. + + +*setools-4.2.0 (10 Nov 2018) + + This release focused on improving performance and reducing memory usage. + + A Cython-based policy representation replaced the + Python/SWIG/static-linked-libsepol implemention. SETools no longer statically + links to libsepol, though it is strongly suggested that users rebuild SETools + after updating libsepol, in case the policy structure changes. + + Building on the policy representation change, refinements in sediff yielded + as much as a 90% reduction in memory use, depending on the policies. + + This release of SETools has different dependencies than previous versions. + See README.md for more details. Support for Python 2.7 was dropped because + all current SELinux-supporting distributions provide Python 3. + + Other smaller changes included: + + * Added support for SCTP portcons. + * Updated permission maps. + * Policy symbol names are now available as the name attribute (e.g. + Boolean.name, Type.name, etc.) + * Revised some apol layouts to increase the size of text entry fields. + * Revised package structure to make policyrep a module of the setools + package. + * Moved constraint expression to its own class. + * Made Conditional.evaluate() more useful and added BaseTERule.enabled() + method to determine if a rule is enabled. + + Changes since v4.2.0-rc: + + * Restored missing statement() methods in some policyrep classes + * Fixed NULL pointer dereference when iterating over type attributes when + the policy has none. + * Added xdp_socket permission mapping. + + +*setools-4.2.0-rc (29 Sep 2018) + + Changes since v4.2.0-beta: + + * Fixed performance regressions. + * Made further memory usage improvements. + * Fixed build issues with clean target and runtime_library_dirs. + * Revised package structure to make policyrep a module of the setools + package. + * Symbol names are now available as the name attribute (e.g. + Boolean.name, Type.name, etc.) + * Fixed some apol layouts to increase the size of text fields. + * Move constraint expression to its own class. + * Made Conditional.evaluate() more useful and added BaseTERule.enabled() + method to determine if a rule is enabled. + + +*setools-4.2.0-beta (10 Jul 2018) + + Changes since v4.1.1: + + * Replaced the Python/SWIG/static-linked-libsepol policyrep module with + a Cython implementation. This will have performance and memory-usage + improvements and breaks the static linking to libsepol. + * Significant memory usage reduction in sediff (approximately 60%, + depending on the policies). + * Added support for SCTP portcons. + * Updated permission maps. + * Support for Python 2.7 was dropped. + + This release of SETools has changed dependencies since 4.1.1. See README.md for more details. + + +*setools-4.1.1 (5 Aug 2017) + + This release has three changes since 4.1.0: + + * Update for libsepol 2.7 + * Update to permission maps + * Fixes for apol help files + + +*setools-4.1.0 (23 Jan 2017) + + This release primarily focused on adding features to apol, but has several + library enhancements. There is also one important bugfix in sediff. There + were no changes since 4.1.0-rc. + + Note This will not compile on the master branch of libsepol (what will + be libsepol 2.7). A future release of SETools will have this support + (when libsepol 2.7 is released). + + *setools-4.1.0-rc (11 Dec 2016) Library: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/apol.1 new/setools-4.2.1/man/apol.1 --- old/setools-4.2.0/man/apol.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/apol.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH apol 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH apol 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME apol \- Graphical SELinux policy analysis tool @@ -34,10 +34,10 @@ Enable debugging output. .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO sediff(1), sedta(1), seinfo(1), seinfoflow(1), sesearch(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sediff.1 new/setools-4.2.1/man/sediff.1 --- old/setools-4.2.0/man/sediff.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/sediff.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH sediff 1 2016-04-19 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH sediff 1 2016-04-19 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME sediff \- SELinux policy difference tool @@ -148,10 +148,10 @@ .PP .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO apol(1), sedta(1), seinfo(1), seinfoflow(1), sesearch(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sedta.1 new/setools-4.2.1/man/sedta.1 --- old/setools-4.2.0/man/sedta.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/sedta.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH sedta 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH sedta 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME sedta \- Domain transition analysis for SELinux policies @@ -69,10 +69,10 @@ Enable debugging output. .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO apol(1), sediff(1), seinfo(1), seinfoflow(1), sesearch(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/seinfo.1 new/setools-4.2.1/man/seinfo.1 --- old/setools-4.2.0/man/seinfo.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/seinfo.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH seinfo 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH seinfo 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME seinfo \- SELinux policy information tool @@ -109,10 +109,10 @@ Enable debugging output. .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO apol(1), sediff(1), sedta(1), seinfoflow(1), sesearch(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/seinfoflow.1 new/setools-4.2.1/man/seinfoflow.1 --- old/setools-4.2.0/man/seinfoflow.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/seinfoflow.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH seinfoflow 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH seinfoflow 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME seinfoflow \- Information flow analysis for SELinux policies @@ -70,10 +70,10 @@ Enable debugging output. .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO apol(1), sediff(1), sedta(1), seinfo(1), sesearch(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sesearch.1 new/setools-4.2.1/man/sesearch.1 --- old/setools-4.2.0/man/sesearch.1 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/man/sesearch.1 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -.TH sesearch 1 2016-04-19 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools" +.TH sesearch 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools" .SH NAME sesearch \- SELinux policy query tool @@ -113,10 +113,10 @@ Enable debugging output. .SH AUTHOR -Chris PeBenito <[email protected]> +Chris PeBenito <[email protected]> .SH BUGS -Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues +Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues .SH SEE ALSO apol(1), sediff(1), sedta(1), seinfo(1), seinfoflow(1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/qhc/apol.qhcp new/setools-4.2.1/qhc/apol.qhcp --- old/setools-4.2.0/qhc/apol.qhcp 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/qhc/apol.qhcp 2019-02-05 01:18:05.000000000 +0100 @@ -3,8 +3,8 @@ <QHelpCollectionProject version="1.0"> <assistant> <title>Apol Help</title> - <startPage>qthelp://com.github.tresystechnology.setools/doc/index.html</startPage> - <homePage>qthelp://com.github.tresystechnology.setools/doc/index.html</homePage> + <startPage>qthelp://com.github.selinuxproject.setools/doc/index.html</startPage> + <homePage>qthelp://com.github.selinuxproject.setools/doc/index.html</homePage> </assistant> <docFiles> <generate> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/qhc/apol.qhp new/setools-4.2.1/qhc/apol.qhp --- old/setools-4.2.0/qhc/apol.qhp 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/qhc/apol.qhp 2019-02-05 01:18:05.000000000 +0100 @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. --> <QtHelpProject version="1.0"> - <namespace>com.github.tresystechnology.setools</namespace> + <namespace>com.github.selinuxproject.setools</namespace> <virtualFolder>doc</virtualFolder> <customFilter name="Apol"> <filterAttribute>apol</filterAttribute> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sediff new/setools-4.2.1/sediff --- old/setools-4.2.0/sediff 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/sediff 2019-02-05 01:18:05.000000000 +0100 @@ -21,9 +21,13 @@ import argparse import sys import logging +import signal from itertools import chain from contextlib import suppress + +signal.signal(signal.SIGPIPE, signal.SIG_DFL) + parser = argparse.ArgumentParser( description="SELinux policy semantic difference tool.", epilog="If no differences are selected, all differences will be printed.") @@ -1328,10 +1332,9 @@ print(" - {0}".format(n)) if diff.modified_nodecons and not args.stats: print(" Modified Nodecons: {0}".format(len(diff.modified_nodecons))) - for con, added_context, removed_context in sorted(diff.modified_nodecons, - key=lambda x: x.rule): - print(" * nodecon {0.address} {0.netmask} +[{1}] -[{2}];".format( - con, added_context, removed_context)) + for entry in sorted(diff.modified_nodecons, key=lambda x: x.rule): + print(" * nodecon {0} +[{1.added_context}] -[{1.removed_context}];".format( + entry.rule.network.with_netmask.replace("/", " "), entry)) print() del diff.added_nodecons diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sedta new/setools-4.2.1/sedta --- old/setools-4.2.0/sedta 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/sedta 2019-02-05 01:18:05.000000000 +0100 @@ -20,6 +20,7 @@ import sys import argparse import logging +import signal import setools @@ -67,6 +68,8 @@ print() +signal.signal(signal.SIGPIPE, signal.SIG_DFL) + parser = argparse.ArgumentParser( description="SELinux policy domain transition analysis tool.", epilog="If no analysis is selected, all forward transitions out of the source will be printed.") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/seinfo new/setools-4.2.1/seinfo --- old/setools-4.2.0/seinfo 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/seinfo 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,6 @@ #!/usr/bin/env python3 # Copyright 2014-2015, Tresys Technology, LLC +# Copyright 2018-2019, Chris PeBenito <[email protected]> # # This file is part of SETools. # @@ -21,6 +22,7 @@ import argparse import sys import logging +import signal def expand_attr(attr): @@ -30,6 +32,8 @@ return "{0}\n\t{1}".format(attr.statement(), contents) +signal.signal(signal.SIGPIPE, signal.SIG_DFL) + parser = argparse.ArgumentParser(description="SELinux policy information tool.") parser.add_argument("--version", action="version", version=setools.__version__) parser.add_argument("policy", help="Path to the SELinux policy to query.", nargs="?") @@ -122,7 +126,7 @@ components.append(("Booleans", q, lambda x: x.statement())) if args.mlscatsquery or args.all: - q = setools.CategoryQuery(p) + q = setools.CategoryQuery(p, alias_deref=True) if isinstance(args.mlscatsquery, str): q.name = args.mlscatsquery @@ -231,7 +235,7 @@ components.append(("Roles", q, lambda x: x.statement())) if args.mlssensquery or args.all: - q = setools.SensitivityQuery(p) + q = setools.SensitivityQuery(p, alias_deref=True) if isinstance(args.mlssensquery, str): q.name = args.mlssensquery @@ -245,7 +249,7 @@ components.append(("Typebounds", q, lambda x: x.statement())) if args.typequery or args.all: - q = setools.TypeQuery(p) + q = setools.TypeQuery(p, alias_deref=True) if isinstance(args.typequery, str): q.name = args.typequery @@ -330,7 +334,7 @@ print(" Defaults: {0:7} Typebounds: {1:7}".format( p.default_count, p.typebounds_count)) - if p.target_platform == "selinux": + if p.target_platform == setools.PolicyTarget.selinux: print(" Allowxperm: {0:7} Neverallowxperm: {1:7}".format( p.allowxperm_count, p.neverallowxperm_count)) print(" Auditallowxperm: {0:7} Dontauditxperm: {1:7}".format( @@ -341,8 +345,8 @@ p.genfscon_count, p.portcon_count)) print(" Netifcon: {0:7} Nodecon: {1:7}".format( p.netifcon_count, p.nodecon_count)) - elif p.target_platform == "xen": - print(" Initial SIDs: {0:7} Devicetreecon {1:7}".format( + elif p.target_platform == setools.PolicyTarget.xen: + print(" Initial SIDs: {0:7} Devicetreecon: {1:7}".format( p.initialsids_count, p.devicetreecon_count)) print(" Iomemcon: {0:7} Ioportcon: {1:7}".format( p.iomemcon_count, p.ioportcon_count)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/seinfoflow new/setools-4.2.1/seinfoflow --- old/setools-4.2.0/seinfoflow 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/seinfoflow 2019-02-05 01:18:05.000000000 +0100 @@ -21,6 +21,9 @@ import argparse import sys import logging +import signal + +signal.signal(signal.SIGPIPE, signal.SIG_DFL) parser = argparse.ArgumentParser( description="SELinux policy information flow analysis tool.", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sesearch new/setools-4.2.1/sesearch --- old/setools-4.2.0/sesearch 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/sesearch 2019-02-05 01:18:05.000000000 +0100 @@ -21,6 +21,9 @@ import argparse import sys import logging +import signal + +signal.signal(signal.SIGPIPE, signal.SIG_DFL) parser = argparse.ArgumentParser( description="SELinux policy rule search tool.", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/constraintquery.py new/setools-4.2.1/setools/constraintquery.py --- old/setools-4.2.0/setools/constraintquery.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setools/constraintquery.py 2019-02-05 01:18:05.000000000 +0100 @@ -122,7 +122,7 @@ if not self._match_perms(c): continue except ConstraintUseError: - continue + continue if self.role and not self._match_expr( c.expression.roles, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/mixins.py new/setools-4.2.1/setools/mixins.py --- old/setools-4.2.0/setools/mixins.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setools/mixins.py 2019-02-05 01:18:05.000000000 +0100 @@ -1,4 +1,5 @@ # Copyright 2015, Tresys Technology, LLC +# Copyright 2019, Chris PeBenito <[email protected]> # # This file is part of SETools. # @@ -137,14 +138,15 @@ class MatchName: - """Mixin for matching an object's name.""" + """Mixin for matching an object's name with alias dereferencing.""" name = CriteriaDescriptor("name_regex") name_regex = False + alias_deref = False def _match_name_debug(self, log): """Log debugging messages for name matching.""" - log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) + log.debug("Name: {0.name!r}, regex: {0.name_regex}, deref: {0.alias_deref}".format(self)) def _match_name(self, obj): """Match the object to the name criteria.""" @@ -152,7 +154,11 @@ # if there is no criteria, everything matches. return True - return match_regex(obj, self.name, self.name_regex) + if self.alias_deref: + return match_regex(obj, self.name, self.name_regex) or \ + match_in_set(obj.aliases(), self.name, self.name_regex) + else: + return match_regex(obj, self.name, self.name_regex) class MatchObjClass: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/policyrep/mls.pxi new/setools-4.2.1/setools/policyrep/mls.pxi --- old/setools-4.2.0/setools/policyrep/mls.pxi 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setools/policyrep/mls.pxi 2019-02-05 01:18:05.000000000 +0100 @@ -83,7 +83,7 @@ def aliases(self): """Generator that yields all aliases for this category.""" self._load_aliases() - return self.policy.category_aliases(self) + return iter(self._aliases) def statement(self): cdef: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/policyrep/selinuxpolicy.pxi new/setools-4.2.1/setools/policyrep/selinuxpolicy.pxi --- old/setools-4.2.0/setools/policyrep/selinuxpolicy.pxi 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setools/policyrep/selinuxpolicy.pxi 2019-02-05 01:18:05.000000000 +0100 @@ -1,5 +1,5 @@ # Copyright 2014-2016, Tresys Technology, LLC -# Copyright 2016-2018, Chris PeBenito <[email protected]> +# Copyright 2016-2019, Chris PeBenito <[email protected]> # # This file is part of SETools. # @@ -344,10 +344,10 @@ raise InvalidBoolean("{0} is not a valid Boolean".format(name)) - def lookup_category(self, name): - """Look up a category.""" + def lookup_category(self, name, deref=True): + """Look up a category, with optional alias dereferencing.""" for c in self.categories(): - if c == name: + if c == name or (deref and name in list(c.aliases())): return c raise InvalidCategory("{0} is not a valid category".format(name)) @@ -380,10 +380,10 @@ """Look up a MLS level.""" return Level.factory_from_string(self, level) - def lookup_sensitivity(self, name): - """Look up a MLS sensitivity by name.""" + def lookup_sensitivity(self, name, deref=True): + """Look up a MLS sensitivity by name, with optional alias dereferencing.""" for s in self.sensitivities(): - if s == name: + if s == name or (deref and name in list(s.aliases())): return s raise InvalidSensitivity("{0} is not a valid sensitivity".format(name)) @@ -400,17 +400,21 @@ raise InvalidRole("{0} is not a valid role".format(name)) - def lookup_type(self, name): - """Look up a type by name.""" + def lookup_type(self, name, deref=True): + """Look up a type by name, with optional alias dereferencing.""" for t in self.types(): - if t == name: + if t == name or (deref and name in list(t.aliases())): return t raise InvalidType("{0} is not a valid type".format(name)) - def lookup_type_or_attr(self, name): - """Look up a type or type attribute by name.""" - for t in itertools.chain(self.types(), self.typeattributes()): + def lookup_type_or_attr(self, name, deref=True): + """Look up a type or type attribute by name, with optional alias dereferencing.""" + for t in self.types(): + if t == name or (deref and name in list(t.aliases())): + return t + + for t in self.typeattributes(): if t == name: return t Binary files old/setools-4.2.0/setoolsgui/apol/apol.qch and new/setools-4.2.1/setoolsgui/apol/apol.qch differ Binary files old/setools-4.2.0/setoolsgui/apol/apol.qhc and new/setools-4.2.1/setoolsgui/apol/apol.qhc differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setoolsgui/apol/mainwindow.py new/setools-4.2.1/setoolsgui/apol/mainwindow.py --- old/setools-4.2.0/setoolsgui/apol/mainwindow.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setoolsgui/apol/mainwindow.py 2019-02-05 01:18:05.000000000 +0100 @@ -632,9 +632,11 @@ def about_apol(self): QMessageBox.about(self, "About Apol", "Version {0}<br>" "Apol is a graphical SELinux policy analysis tool and part of " - "<a href=\"https://github.com/TresysTechnology/setools/wiki\";>" + "<a href=\"https://github.com/SELinuxProject/setools/wiki\";>" "SETools</a>.<p>" - "Copyright (C) 2015-2016, Tresys Technology.".format(__version__)) + "Copyright (C) 2015-2016, Tresys Technology<p>" + "Copyright (C) 2016, Chris PeBenito <[email protected]>". + format(__version__)) def apol_help(self): """Open the main help window.""" @@ -647,7 +649,7 @@ self.log.debug("Starting assistant with help file {0}".format(helpfile)) self.help_process.start("assistant", ["-collectionFile", helpfile, "-showUrl", - "qthelp://com.github.tresystechnology.setools/doc/index.html", + "qthelp://com.github.selinuxproject.setools/doc/index.html", "-show", "contents", "-enableRemoteControl"]) @pyqtSlot(str) @@ -663,5 +665,5 @@ self.log.warning("Timed out waiting for Qt assistant to start.") return - self.help_process.write("setSource qthelp://com.github.tresystechnology.setools/doc/{0}\n". + self.help_process.write("setSource qthelp://com.github.selinuxproject.setools/doc/{0}\n". format(location)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setoolsgui/models.py new/setools-4.2.1/setoolsgui/models.py --- old/setools-4.2.0/setoolsgui/models.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setoolsgui/models.py 2019-02-05 01:18:05.000000000 +0100 @@ -124,7 +124,7 @@ # create intersection for cls in classes: - cls_perms = cls.perms + cls_perms = set(cls.perms) with suppress(NoCommon): cls_perms.update(cls.common.perms) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setup.py new/setools-4.2.1/setup.py --- old/setools-4.2.0/setup.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/setup.py 2019-02-05 01:18:05.000000000 +0100 @@ -128,7 +128,7 @@ '-fno-exceptions'])] setup(name='setools', - version='4.2.0', + version='4.2.1', description='SELinux Policy tools.', author='Chris PeBenito', author_email='[email protected]', @@ -136,7 +136,7 @@ cmdclass={'build_qhc': QtHelpCommand, 'clean': CleanCommand}, packages=['setools', 'setools.diff', 'setoolsgui', 'setoolsgui.apol'], scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], - data_files=[(join(sys.prefix, 'share/man/man1'), glob.glob("man/*.1"))], + data_files=[('share/man/man1', glob.glob("man/*.1"))], package_data={'': ['*.ui', '*.qhc', '*.qch'], 'setools': ['perm_map']}, ext_modules=cythonize(ext_py_mods, include_path=['setools/policyrep'], annotate=cython_annotate, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/tests/typequery.conf new/setools-4.2.1/tests/typequery.conf --- old/setools-4.2.0/tests/typequery.conf 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/tests/typequery.conf 2019-02-05 01:18:05.000000000 +0100 @@ -160,6 +160,13 @@ type test21t2 alias { test21b test21d }; type test21t3 alias { test21e test21f }; +# test 22 +# name: test22alias +# deref: True +# attrs: unset +# alias: unset +type test22 alias { test22alias test22a }; + # test 30 # name: test30 # attrs: unset diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/tests/typequery.py new/setools-4.2.1/tests/typequery.py --- old/setools-4.2.0/tests/typequery.py 2018-11-10 14:45:36.000000000 +0100 +++ new/setools-4.2.1/tests/typequery.py 2019-02-05 01:18:05.000000000 +0100 @@ -1,4 +1,5 @@ # Copyright 2014-2015, Tresys Technology, LLC +# Copyright 2019, Chris PeBenito <[email protected]> # # This file is part of SETools. # @@ -94,6 +95,13 @@ types = sorted(str(t) for t in q.results()) self.assertListEqual(["test21t1", "test21t2"], types) + def test_022_alias_dereference(self): + """Type query with alias dereference.""" + q = TypeQuery(self.p, name="test22alias", alias_deref=True) + + types = sorted(str(t) for t in q.results()) + self.assertListEqual(["test22"], types) + def test_030_permissive(self): """Type query with permissive match""" q = TypeQuery(self.p, permissive=True)
