Hello community,
here is the log from the commit of package policycoreutils for openSUSE:Factory
checked in at 2020-03-11 18:33:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/policycoreutils (Old)
and /work/SRC/openSUSE:Factory/.policycoreutils.new.3160 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "policycoreutils"
Wed Mar 11 18:33:33 2020 rev:54 rq:782826 version:3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/policycoreutils/policycoreutils.changes
2019-12-24 14:29:17.690556343 +0100
+++
/work/SRC/openSUSE:Factory/.policycoreutils.new.3160/policycoreutils.changes
2020-03-11 18:34:21.942973009 +0100
@@ -1,0 +2,32 @@
+Mon Mar 9 08:31:11 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Dropped Recommends: for %{name}-lang and %{name}-devel. Not
+ allowed by openSUSE guidelines
+
+-------------------------------------------------------------------
+Tue Mar 3 12:30:55 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Update to version 3.0
+ * fixfiles: Fix "verify" option
+ * fixfiles: Fix [-B] [-F] onboot
+ * fixfiles: Force full relabel when SELinux is disabled
+ * semodule: Enable CIL logging
+ * semanage: Add support for DCCP and SCTP protocols
+ * semanage: Do not use default s0 range in "semanage login -a"
+ * semanage: Document DCCP and SCTP support
+ * semanage: Improve handling of "permissive" statements
+ * semanage: fix moduleRecords.customized()
+ Refreshed chcat_join.patch
+
+-------------------------------------------------------------------
+Thu Feb 27 16:03:36 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Ship working pam config for newrole (bsc#1163020)
+- Recommend policycoreutils-devel to have perm_map file available
+
+-------------------------------------------------------------------
+Wed Feb 19 14:31:39 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Package perm_map as it's used by audit2* tools
+
+-------------------------------------------------------------------
Old:
----
policycoreutils-2.9.tar.gz
selinux-python-2.9.tar.gz
semodule-utils-2.9.tar.gz
New:
----
newrole.pam
policycoreutils-3.0.tar.gz
selinux-python-3.0.tar.gz
semodule-utils-3.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ policycoreutils.spec ++++++
--- /var/tmp/diff_new_pack.U20k7w/_old 2020-03-11 18:34:24.370974499 +0100
+++ /var/tmp/diff_new_pack.U20k7w/_new 2020-03-11 18:34:24.370974499 +0100
@@ -1,7 +1,7 @@
#
# spec file for package policycoreutils
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,13 +17,13 @@
%define libaudit_ver 2.2
-%define libsepol_ver 2.9
-%define libsemanage_ver 2.9
-%define libselinux_ver 2.9
+%define libsepol_ver 3.0
+%define libsemanage_ver 3.0
+%define libselinux_ver 3.0
%define setools_ver 4.1.1
-%define tstamp 20190315
+%define tstamp 20191204
Name: policycoreutils
-Version: 2.9
+Version: 3.0
Release: 0
Summary: SELinux policy core utilities
License: GPL-2.0-or-later
@@ -38,6 +38,7 @@
Source6: selinux-polgengui.desktop
Source7: selinux-polgengui.console
Source8:
https://github.com/SELinuxProject/selinux/releases/download/%{tstamp}/semodule-utils-%{version}.tar.gz
+Source9: newrole.pam
Patch0: make_targets.patch
Patch1: run_init_use_pam_keyinit.patch
Patch2: chcat_join.patch
@@ -59,6 +60,7 @@
BuildRequires: polkit
BuildRequires: python-rpm-macros
BuildRequires: python3
+BuildRequires: python3-setools >= %{setools_ver}
BuildRequires: systemd-rpm-macros
BuildRequires: update-desktop-files
BuildRequires: xmlto
@@ -76,7 +78,6 @@
Requires(post): selinux-tools
Requires(pre): %fillup_prereq
Requires(pre): permissions
-Recommends: %{name}-lang
Obsoletes: policycoreutils-python
%{?systemd_requires}
@@ -190,6 +191,7 @@
mkdir -p %{buildroot}%{_fillupdir}/
mkdir -p %{buildroot}%{_libexecdir}/selinux/hll/
mkdir -p %{buildroot}%{_localstatedir}/lib/sepolgen
+cp %{python3_sitearch}/setools/perm_map
%{buildroot}%{_localstatedir}/lib/sepolgen
mv %{buildroot}%{_prefix}/libexec/selinux/hll/pp
%{buildroot}%{_libexecdir}/selinux/hll/pp
%suse_update_desktop_file -i system-config-selinux System Security Settings
%suse_update_desktop_file -i selinux-polgengui System Security Settings
@@ -207,6 +209,7 @@
%{buildroot}%{_datadir}/applications/system-config-selinux.desktop \
%{buildroot}%{_datadir}/pixmaps/system-config-selinux.png
%endif
+cp -f %{SOURCE9} %{buildroot}%{_sysconfdir}/pam.d/newrole
%post -n python3-%{name}
selinuxenabled && [ -f %{_datadir}/selinux/devel/include/build.conf ] &&
%{_bindir}/sepolgen-ifgen 2>/dev/null
++++++ chcat_join.patch ++++++
--- /var/tmp/diff_new_pack.U20k7w/_old 2020-03-11 18:34:24.398974516 +0100
+++ /var/tmp/diff_new_pack.U20k7w/_new 2020-03-11 18:34:24.398974516 +0100
@@ -1,8 +1,8 @@
-Index: policycoreutils-2.9/selinux-python-2.9/chcat/chcat
+Index: policycoreutils-3.0/selinux-python-3.0/chcat/chcat
===================================================================
---- policycoreutils-2.9.orig/selinux-python-2.9/chcat/chcat 2019-03-15
10:32:30.000000000 +0000
-+++ policycoreutils-2.9/selinux-python-2.9/chcat/chcat 2019-12-17
10:31:24.683910599 +0000
-@@ -246,7 +246,10 @@ def chcat_user_replace(newcat, users):
+--- policycoreutils-3.0.orig/selinux-python-3.0/chcat/chcat
++++ policycoreutils-3.0/selinux-python-3.0/chcat/chcat
+@@ -245,7 +245,10 @@ def chcat_user_replace(newcat, users):
add_ind = 1
user = seusers["__default__"]
serange = user[1].split("-")
++++++ newrole.pam ++++++
auth include common-auth
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
++++++ policycoreutils-2.9.tar.gz -> policycoreutils-3.0.tar.gz ++++++
++++ 5826 lines of diff (skipped)
++++++ selinux-python-2.9.tar.gz -> selinux-python-3.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/VERSION
new/selinux-python-3.0/VERSION
--- old/selinux-python-2.9/VERSION 2019-03-15 11:32:30.000000000 +0100
+++ new/selinux-python-3.0/VERSION 2019-11-28 13:46:48.000000000 +0100
@@ -1 +1 @@
-2.9
+3.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/audit2allow/sepolgen-ifgen
new/selinux-python-3.0/audit2allow/sepolgen-ifgen
--- old/selinux-python-2.9/audit2allow/sepolgen-ifgen 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/audit2allow/sepolgen-ifgen 2019-11-28
13:46:48.000000000 +0100
@@ -53,7 +53,7 @@
parser.add_option("-a", "--attribute_info", dest="attribute_info")
parser.add_option("-p", "--policy", dest="policy_path")
parser.add_option("-v", "--verbose", action="store_true", default=False,
- help="print debuging output")
+ help="print debugging output")
parser.add_option("-d", "--debug", action="store_true", default=False,
help="extra debugging output")
parser.add_option("--attr-helper", default=ATTR_HELPER,
@@ -126,7 +126,7 @@
else:
log = None
- # Get the attibutes from the binary
+ # Get the attributes from the binary
attrs = None
if not options.no_attrs:
attrs = get_attrs(options.policy_path, options.attr_helper)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/chcat/chcat
new/selinux-python-3.0/chcat/chcat
--- old/selinux-python-2.9/chcat/chcat 2019-03-15 11:32:30.000000000 +0100
+++ new/selinux-python-3.0/chcat/chcat 2019-11-28 13:46:48.000000000 +0100
@@ -115,7 +115,6 @@
errors = 0
sensitivity = newcat[0]
cat = newcat[1]
- cmd = 'chcon -l %s' % sensitivity
for f in objects:
(rc, c) = selinux.getfilecon(f)
con = c.split(":")[3:]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/ru/semanage.8
new/selinux-python-3.0/semanage/ru/semanage.8
--- old/selinux-python-2.9/semanage/ru/semanage.8 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/semanage/ru/semanage.8 2019-11-28
13:46:48.000000000 +0100
@@ -50,7 +50,7 @@
Управлять определениями типов конечных портов infiniband
.SH "ОПИСАНИЕ"
-semanage используется для настройки определённых элементов политики SELinux
без необходимости изменения или перекомпиляции исходного текста политики. Это
включает сопоставление имён пользователей Linux с пользователями SELinux (что
управляет исходным контекстом безопасности, который присваивается пользователям
Linux при их входе в систему, и ограничивает доступный им набор ролей). Также
это включает сопоставление контекстов безопасности для различных видов
объектов, таких как сетевые порты, интерфейсы, ключи разделов (pkeys) и
конечные порты (endports) infiniband, сетевые узлы (хосты), а также
сопоставление контекстов файлов. В разделе ПРИМЕРЫ приведены примеры обычного
использования этой утилиты. Обратите внимание, что при вызове команды semanage
login пользователи Linux (logins) сопоставляются с пользователями SELinux, а
при вызове команды semanage user пользователи SELinux сопоставляются с
доступными наборами ролей. В большинстве случаев администратору требуется
настроить только первый тип сопоставлений; второй тип сопоставлений
определяется базовой политикой и обычно не требует изменения.
+semanage используется для настройки определённых элементов политики SELinux
без необходимости изменения или перекомпиляции исходного текста политики. Это
включает сопоставление имён пользователей Linux с пользователями SELinux (что
управляет исходным контекстом безопасности, который присваивается пользователям
Linux при их входе в систему, и ограничивает доступный им набор ролей). Также
это включает сопоставление контекстов безопасности для различных видов
объектов, таких как сетевые порты, интерфейсы, ключи разделов (pkeys) и
конечные порты (endports) infiniband, сетевые узлы (хосты), а также
сопоставление контекстов файлов. Обратите внимание, что при вызове команды
semanage login пользователи Linux (logins) сопоставляются с пользователями
SELinux, а при вызове команды semanage user пользователи SELinux сопоставляются
с доступными наборами ролей. В большинстве случаев администратору требуется
настроить только первый тип сопоставлений; второй тип сопоставлений
определяется базовой политикой и обычно не требует изменения.
.SH "ПАРАМЕТРЫ"
.TP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/semanage
new/selinux-python-3.0/semanage/semanage
--- old/selinux-python-2.9/semanage/semanage 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/semanage/semanage 2019-11-28 13:46:48.000000000
+0100
@@ -73,9 +73,6 @@
usage_boolean = "semanage boolean [-h] [-n] [-N] [-S STORE] ["
usage_boolean_dict = {' --modify': ('(', '--on', '|', '--off', ')',
'boolean'), ' --list': ('-C',), ' --extract': ('',), ' --deleteall': ('',)}
-
-
-
class CheckRole(argparse.Action):
def __call__(self, parser, namespace, value, option_string=None):
@@ -237,7 +234,7 @@
def parser_add_range(parser, name):
- parser.add_argument('-r', '--range', default="s0",
+ parser.add_argument('-r', '--range', default='',
help=_('''
MLS/MCS Security Range (MLS/MCS Systems only)
SELinux Range for SELinux login mapping
@@ -248,7 +245,7 @@
def parser_add_proto(parser, name):
parser.add_argument('-p', '--proto', help=_('''
- Protocol for the specified port (tcp|udp) or internet protocol
+ Protocol for the specified port (tcp|udp|dccp|sctp) or internet protocol
version for the specified node (ipv4|ipv6).
'''))
@@ -737,6 +734,11 @@
if args.action == "list":
OBJECT.list(args.noheading)
+ elif args.action == "deleteall":
+ OBJECT.deleteall()
+ elif args.action == "extract":
+ for i in OBJECT.customized():
+ print("permissive %s" % str(i))
elif args.type is not None:
if args.action == "add":
OBJECT.add(args.type)
@@ -752,9 +754,9 @@
pgroup = permissiveParser.add_mutually_exclusive_group(required=True)
parser_add_add(pgroup, "permissive")
parser_add_delete(pgroup, "permissive")
+ parser_add_deleteall(pgroup, "permissive")
+ parser_add_extract(pgroup, "permissive")
parser_add_list(pgroup, "permissive")
- #TODO: probably should be also added => need to implement own option
handling
- #parser_add_deleteall(pgroup)
parser_add_noheading(permissiveParser, "permissive")
parser_add_noreload(permissiveParser, "permissive")
@@ -778,7 +780,7 @@
def handleExport(args):
- manageditems = ["boolean", "login", "interface", "user", "port", "node",
"fcontext", "module", "ibendport", "ibpkey"]
+ manageditems = ["boolean", "login", "interface", "user", "port", "node",
"fcontext", "module", "ibendport", "ibpkey", "permissive"]
for i in manageditems:
print("%s -D" % i)
for i in manageditems:
@@ -906,7 +908,7 @@
def make_io_args(args):
- # import/export backward compability
+ # import/export backward compatibility
args_origin = ["-S", "-o", "-i", "targeted", "minimum", "mls"]
args_file = []
args_ie = []
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/semanage-boolean.8
new/selinux-python-3.0/semanage/semanage-boolean.8
--- old/selinux-python-2.9/semanage/semanage-boolean.8 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/semanage/semanage-boolean.8 2019-11-28
13:46:48.000000000 +0100
@@ -45,7 +45,7 @@
.SH EXAMPLE
.nf
-Turn on the apache can send mail boolan
+Turn on the apache can send mail boolean
# semanage boolean \-m \-\-on httpd_can_sendmail
List customized booleans
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/semanage-permissive.8
new/selinux-python-3.0/semanage/semanage-permissive.8
--- old/selinux-python-2.9/semanage/semanage-permissive.8 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/semanage/semanage-permissive.8 2019-11-28
13:46:48.000000000 +0100
@@ -2,7 +2,7 @@
.SH "NAME"
.B semanage\-permissive \- SELinux Policy Management permissive mapping tool
.SH "SYNOPSIS"
-.B semanage permissive [\-h] (\-a | \-d | \-l) [\-n] [\-N] [\-S STORE] [type]
+.B semanage permissive [\-h] [\-n] [\-N] [\-S STORE] (\-\-add TYPE |
\-\-delete TYPE | \-\-deleteall | \-\-extract | \-\-list)
.SH "DESCRIPTION"
semanage is used to configure certain elements of SELinux policy without
requiring modification to or recompilation from policy sources. semanage
permissive adds or removes a SELinux Policy permissive module.
@@ -18,9 +18,15 @@
.I \-d, \-\-delete
Delete a record of the specified object type
.TP
+.I \-D, \-\-deleteall
+Remove all local customizations of permissive domains
+.TP
.I \-l, \-\-list
List records of the specified object type
.TP
+.I \-E, \-\-extract
+Extract customizable commands, for use within a transaction
+.TP
.I \-n, \-\-noheading
Do not print heading when listing the specified object type
.TP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/semanage-port.8
new/selinux-python-3.0/semanage/semanage-port.8
--- old/selinux-python-2.9/semanage/semanage-port.8 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/semanage/semanage-port.8 2019-11-28
13:46:48.000000000 +0100
@@ -49,7 +49,7 @@
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login
mapping defaults to the SELinux user record range. SELinux Range for SELinux
user defaults to s0.
.TP
.I \-p PROTO, \-\-proto PROTO
-Protocol for the specified port (tcp|udp) or internet protocol version for the
specified node (ipv4|ipv6).
+Protocol for the specified port (tcp|udp|dccp|sctp) or internet protocol
version for the specified node (ipv4|ipv6).
.SH EXAMPLE
.nf
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/semanage/seobject.py
new/selinux-python-3.0/semanage/seobject.py
--- old/selinux-python-2.9/semanage/seobject.py 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/semanage/seobject.py 2019-11-28 13:46:48.000000000
+0100
@@ -380,7 +380,7 @@
def customized(self):
all = self.get_all()
if len(all) == 0:
- return
+ return []
return ["-d %s" % x[0] for x in [t for t in all if t[1] == 0]]
def list(self, heading=1, locallist=0):
@@ -478,6 +478,9 @@
l.append(name.split("permissive_")[1])
return l
+ def customized(self):
+ return ["-a %s" % x for x in sorted(self.get_all())]
+
def list(self, heading=1, locallist=0):
all = [y["name"] for y in [x for x in sepolicy.info(sepolicy.TYPE) if
x["permissive"]]]
if len(all) == 0:
@@ -1055,13 +1058,15 @@
pass
def __genkey(self, port, proto):
- if proto == "tcp":
- proto_d = SEMANAGE_PROTO_TCP
+ protocols = {"tcp": SEMANAGE_PROTO_TCP,
+ "udp": SEMANAGE_PROTO_UDP,
+ "sctp": SEMANAGE_PROTO_SCTP,
+ "dccp": SEMANAGE_PROTO_DCCP}
+
+ if proto in protocols.keys():
+ proto_d = protocols[proto]
else:
- if proto == "udp":
- proto_d = SEMANAGE_PROTO_UDP
- else:
- raise ValueError(_("Protocol udp or tcp is required"))
+ raise ValueError(_("Protocol has to be one of udp, tcp, dccp or
sctp"))
if port == "":
raise ValueError(_("Port is required"))
@@ -1849,7 +1854,7 @@
if addr == "":
raise ValueError(_("Node Address is required"))
- # verify valid comination
+ # verify valid combination
if len(mask) == 0 or mask[0] == "/":
i = IP(addr + mask)
newaddr = i.strNormal(0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/HACKING
new/selinux-python-3.0/sepolgen/HACKING
--- old/selinux-python-2.9/sepolgen/HACKING 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/sepolgen/HACKING 2019-11-28 13:46:48.000000000
+0100
@@ -24,7 +24,7 @@
This representation can be used as output from the parser to represent
the reference policy interfaces. It can also be used to generate
-policy by building up the relevent data structures and then outputting
+policy by building up the relevant data structures and then outputting
them. See sepolgen.policygen and sepolgen.output for information on how
this can be done.
@@ -75,5 +75,3 @@
information about the object classes - including information flow. It
is separated to keep the core from being concerned about the details
of the object classes.
-
-[selist]: http://www.nsa.gov/research/selinux/info/list.cfm
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/VERSION
new/selinux-python-3.0/sepolgen/VERSION
--- old/selinux-python-2.9/sepolgen/VERSION 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/sepolgen/VERSION 2019-11-28 13:46:48.000000000
+0100
@@ -1 +1 @@
-2.9
+3.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/src/sepolgen/access.py
new/selinux-python-3.0/sepolgen/src/sepolgen/access.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/access.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/access.py 2019-11-28
13:46:48.000000000 +0100
@@ -23,7 +23,7 @@
SELinux - at the most basic level - represents access as
the 4-tuple subject (type or context), target (type or context),
object class, permission. The policy language elaborates this basic
-access to faciliate more concise rules (e.g., allow rules can have multiple
+access to facilitate more concise rules (e.g., allow rules can have multiple
source or target types - see refpolicy for more information).
This module has objects for representing the most basic access (AccessVector)
@@ -37,12 +37,12 @@
from selinux import audit2why
def is_idparam(id):
- """Determine if an id is a paramater in the form $N, where N is
+ """Determine if an id is a parameter in the form $N, where N is
an integer.
Returns:
- True if the id is a paramater
- False if the id is not a paramater
+ True if the id is a parameter
+ False if the id is not a parameter
"""
if len(id) > 1 and id[0] == '$':
try:
@@ -167,7 +167,7 @@
def avrule_to_access_vectors(avrule):
"""Convert an avrule into a list of access vectors.
- AccessVectors and AVRules are similary, but differ in that
+ AccessVectors and AVRules are similarly, but differ in that
an AVRule can more than one source type, target type, and
object class. This function expands a single avrule into a
list of one or more AccessVectors representing the access
@@ -223,7 +223,7 @@
def __len__(self):
"""Return the number of unique access vectors in the set.
- Because of the inernal representation of the access vector set,
+ Because of the internal representation of the access vector set,
__len__ is not a constant time operation. Worst case is O(N)
where N is the number of unique access vectors, but the common
case is probably better.
@@ -317,7 +317,7 @@
class RoleTypeSet:
"""A non-overlapping set of role type statements.
- This clas allows the incremental addition of role type statements and
+ This class allows the incremental addition of role type statements and
maintains a non-overlapping list of statements.
"""
def __init__(self):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-python-2.9/sepolgen/src/sepolgen/interfaces.py
new/selinux-python-3.0/sepolgen/src/sepolgen/interfaces.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/interfaces.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/interfaces.py 2019-11-28
13:46:48.000000000 +0100
@@ -33,7 +33,7 @@
class Param:
"""
- Object representing a paramater for an interface.
+ Object representing a parameter for an interface.
"""
def __init__(self):
self.__name = ""
@@ -66,7 +66,7 @@
# The entries are identical - we're done
if type == p.type:
return
- # Hanldle implicitly typed objects (like process)
+ # Handle implicitly typed objects (like process)
if (type == refpolicy.SRC_TYPE or type == refpolicy.TGT_TYPE) and \
(p.type == refpolicy.TGT_TYPE or p.type == refpolicy.SRC_TYPE):
#print name, refpolicy.field_to_str[p.type]
@@ -104,9 +104,9 @@
def av_extract_params(av, params):
- """Extract the paramaters from an access vector.
+ """Extract the parameters from an access vector.
- Extract the paramaters (in the form $N) from an access
+ Extract the parameters (in the form $N) from an access
vector, storing them as Param objects in a dictionary.
Some attempt is made at resolving conflicts with other
entries in the dict, but if an unresolvable conflict is
@@ -132,7 +132,7 @@
allow fingerd_t $1:process sigchld;
')
- Here the usage seems ambigious, but it is not. $1 is still domain
+ Here the usage seems ambiguous, but it is not. $1 is still domain
and therefore should be returned as a SRC_TYPE.
Returns:
@@ -245,7 +245,7 @@
# this will include indirect access from typeattribute
# statements.
self.access = access.AccessVectorSet()
- # Paramaters are stored in a dictionary (key: param name
+ # Parameters are stored in a dictionary (key: param name
# value: Param object).
self.params = { }
if interface:
@@ -284,13 +284,13 @@
self.add_av(av)
- # Extract paramaters from roles
+ # Extract parameters from roles
for role in interface.roles():
if role_extract_params(role, self.params):
pass
#print "found conflicting role param %s for interface %s" % \
# (role.name, interface.name)
- # Extract paramaters from type rules
+ # Extract parameters from type rules
for rule in interface.typerules():
if type_rule_extract_params(rule, self.params):
pass
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/src/sepolgen/matching.py
new/selinux-python-3.0/sepolgen/src/sepolgen/matching.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/matching.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/matching.py 2019-11-28
13:46:48.000000000 +0100
@@ -149,7 +149,7 @@
prov - [AccessVector] The access provided. This is the potential
match that is being evaluated for req.
Returns:
- 0 : Exact match between the acess vectors.
+ 0 : Exact match between the access vectors.
< 0 : The prov av does not provide all of the access in req.
A smaller value indicates that the access is further.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/src/sepolgen/module.py
new/selinux-python-3.0/sepolgen/src/sepolgen/module.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/module.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/module.py 2019-11-28
13:46:48.000000000 +0100
@@ -95,7 +95,7 @@
module compiler (checkmodule) and module packager (semodule_package).
You are likely interested in the create_module_package method.
- Several options are controlled via paramaters (only effects the
+ Several options are controlled via parameters (only effects the
non-refpol builds):
.mls [boolean] Generate an MLS module (by passed -M to
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-python-2.9/sepolgen/src/sepolgen/objectmodel.py
new/selinux-python-3.0/sepolgen/src/sepolgen/objectmodel.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/objectmodel.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/objectmodel.py 2019-11-28
13:46:48.000000000 +0100
@@ -47,7 +47,7 @@
# All of the permissions in SELinux can be described in terms of
# information flow. For example, a read of a file is a flow of
# information from that file to the process reading. Viewing
-# permissions in these terms can be used to model a varity of
+# permissions in these terms can be used to model a variety of
# security properties.
#
# Here we have some infrastructure for understanding permissions
@@ -70,7 +70,7 @@
FLOW_WRITE = 2
FLOW_BOTH = FLOW_READ | FLOW_WRITE
-# These are used by the parser and for nice disply of the directions
+# These are used by the parser and for nice display of the directions
str_to_dir = { "n" : FLOW_NONE, "r" : FLOW_READ, "w" : FLOW_WRITE, "b" :
FLOW_BOTH }
dir_to_str = { FLOW_NONE : "n", FLOW_READ : "r", FLOW_WRITE : "w", FLOW_BOTH :
"b" }
@@ -106,7 +106,7 @@
"""Read the permission mappings from a file. This reads the format used
by Apol in the setools suite.
"""
- # This parsing is deliberitely picky and bails at the least error. It
+ # This parsing is deliberately picky and bails at the least error. It
# is assumed that the permission map file will be shipped as part
# of sepolgen and not user modified, so this is a reasonable design
# choice. If user supplied permission mappings are needed the parser
@@ -124,7 +124,7 @@
cur = self.classes[c]
else:
if len(fields) != 3:
- raise ValueError("error in object classs permissions")
+ raise ValueError("error in object class permissions")
if cur is None:
raise ValueError("permission outside of class")
pm = PermMap(fields[0], str_to_dir[fields[1]], int(fields[2]))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-python-2.9/sepolgen/src/sepolgen/policygen.py
new/selinux-python-3.0/sepolgen/src/sepolgen/policygen.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/policygen.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/policygen.py 2019-11-28
13:46:48.000000000 +0100
@@ -54,7 +54,7 @@
permission access vector rules. By default only allow rules
are generated. The methods .set_gen_refpol, .set_gen_requires
and .set_gen_xperms turns on interface generation,
- requires generation, and xperms rules genration respectively.
+ requires generation, and xperms rules generation respectively.
PolicyGenerator can also optionally add comments explaining
why a particular access was allowed based on the audit
@@ -70,7 +70,7 @@
"""Initialize a PolicyGenerator with an optional
existing module.
- If the module paramater is not None then access
+ If the module parameter is not None then access
will be added to the passed in module. Otherwise
a new reference policy module will be created.
"""
@@ -339,7 +339,7 @@
def hack_check_ifs(self, ifs):
# FIXME: Disable interfaces we can't call - this is a hack.
- # Because we don't handle roles, multiple paramaters, etc.,
+ # Because we don't handle roles, multiple parameters, etc.,
# etc., we must make certain we can actually use a returned
# interface.
for x in ifs.interfaces.values():
@@ -347,7 +347,7 @@
params.extend(x.params.values())
params.sort(key=lambda param: param.num, reverse=True)
for i in range(len(params)):
- # Check that the paramater position matches
+ # Check that the parameter position matches
# the number (e.g., $1 is the first arg). This
# will fail if the parser missed something.
if (i + 1) != params[i].num:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-python-2.9/sepolgen/src/sepolgen/refparser.py
new/selinux-python-3.0/sepolgen/src/sepolgen/refparser.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/refparser.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/refparser.py 2019-11-28
13:46:48.000000000 +0100
@@ -207,7 +207,7 @@
t_SQUOTE = r'\''
t_OBRACE = r'\{'
t_CBRACE = r'\}'
-# This will handle spurios extra ';' via the +
+# This will handle spurious extra ';' via the +
t_SEMI = r'\;+'
t_COLON = r'\:'
t_OPAREN = r'\('
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-python-2.9/sepolgen/src/sepolgen/refpolicy.py
new/selinux-python-3.0/sepolgen/src/sepolgen/refpolicy.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/refpolicy.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/refpolicy.py 2019-11-28
13:46:48.000000000 +0100
@@ -177,7 +177,7 @@
The walktree function iterates over a tree containing Nodes and
leaf objects. The iteration can perform a depth first or a breadth
first traversal of the tree (controlled by the depthfirst
- paramater. The passed in node will be returned.
+ parameter. The passed in node will be returned.
This function will only work correctly for trees - arbitrary graphs
will likely cause infinite looping.
@@ -242,7 +242,7 @@
def list_to_comma_str(s):
l = len(s)
if l < 1:
- raise ValueError("cannot conver 0 len set to comma string")
+ raise ValueError("cannot convert 0 len set to comma string")
return ", ".join(s)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/src/sepolgen/util.py
new/selinux-python-3.0/sepolgen/src/sepolgen/util.py
--- old/selinux-python-2.9/sepolgen/src/sepolgen/util.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/src/sepolgen/util.py 2019-11-28
13:46:48.000000000 +0100
@@ -79,8 +79,8 @@
Otherwise a random element will be returned (as sets are not ordered).
"""
if not len(s):
- raise IndexError("empty containter")
-
+ raise IndexError("empty container")
+
if sorted:
l = set_to_list(s)
l.sort()
@@ -119,7 +119,7 @@
"""Class used when implementing rich comparison.
Inherit from this class if you want to have a rich
- comparison withing the class, afterwards implement
+ comparison within the class, afterwards implement
_compare function within your class."""
def _compare(self, other, method):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolgen/tests/test_refpolicy.py
new/selinux-python-3.0/sepolgen/tests/test_refpolicy.py
--- old/selinux-python-2.9/sepolgen/tests/test_refpolicy.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolgen/tests/test_refpolicy.py 2019-11-28
13:46:48.000000000 +0100
@@ -36,7 +36,7 @@
class TestXpermSet(unittest.TestCase):
def test_init(self):
- """ Test that all atttributes are correctly initialized. """
+ """ Test that all attributes are correctly initialized. """
s1 = refpolicy.XpermSet()
self.assertEqual(s1.complement, False)
self.assertEqual(s1.ranges, [])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/__init__.py
new/selinux-python-3.0/sepolicy/sepolicy/__init__.py
--- old/selinux-python-2.9/sepolicy/sepolicy/__init__.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/__init__.py 2019-11-28
13:46:48.000000000 +0100
@@ -539,7 +539,6 @@
path += "/"
except IndexError:
print("try failed got an IndexError")
- pass
try:
pat = re.compile(r"%s$" % reg)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/booleans.py
new/selinux-python-3.0/sepolicy/sepolicy/booleans.py
--- old/selinux-python-2.9/sepolicy/sepolicy/booleans.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/booleans.py 2019-11-28
13:46:48.000000000 +0100
@@ -1,7 +1,7 @@
# Copyright (C) 2012 Red Hat
# see file 'COPYING' for use and warranty information
#
-# setrans is a tool for analyzing process transistions in SELinux policy
+# setrans is a tool for analyzing process transitions in SELinux policy
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/communicate.py
new/selinux-python-3.0/sepolicy/sepolicy/communicate.py
--- old/selinux-python-2.9/sepolicy/sepolicy/communicate.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/communicate.py 2019-11-28
13:46:48.000000000 +0100
@@ -1,7 +1,7 @@
# Copyright (C) 2012 Red Hat
# see file 'COPYING' for use and warranty information
#
-# setrans is a tool for analyzing process transistions in SELinux policy
+# setrans is a tool for analyzing process transitions in SELinux policy
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/generate.py
new/selinux-python-3.0/sepolicy/sepolicy/generate.py
--- old/selinux-python-2.9/sepolicy/sepolicy/generate.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/generate.py 2019-11-28
13:46:48.000000000 +0100
@@ -26,7 +26,6 @@
import sepolicy
from sepolicy import get_all_types, get_all_attributes, get_all_roles
import time
-import platform
from .templates import executable
from .templates import boolean
@@ -341,7 +340,7 @@
(self.generate_root_user_types, self.generate_root_user_rules),
(self.generate_new_types, self.generate_new_rules))
if not re.match(r"^[a-zA-Z0-9-_]+$", name):
- raise ValueError(_("Name must be alpha numberic with no spaces.
Consider using option \"-n MODULENAME\""))
+ raise ValueError(_("Name must be alpha numeric with no spaces.
Consider using option \"-n MODULENAME\""))
if type == CGI:
self.name = "httpd_%s_script" % name
@@ -1178,8 +1177,7 @@
newsh += re.sub("TEMPLATETYPE", self.name, t1)
newsh += self.generate_user_sh()
- if (platform.linux_distribution(full_distribution_name=0)[0] in
("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
- newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
+ newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
return newsh
@@ -1379,7 +1377,6 @@
out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
if self.type != NEWTYPE:
- if (platform.linux_distribution(full_distribution_name=0)[0] in
("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
- out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
+ out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
return out
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/gui.py
new/selinux-python-3.0/sepolicy/sepolicy/gui.py
--- old/selinux-python-2.9/sepolicy/sepolicy/gui.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/gui.py 2019-11-28
13:46:48.000000000 +0100
@@ -1023,7 +1023,7 @@
self.delete_button.set_sensitive(True)
# Clear the tree to prepare for a new selection otherwise
self.executable_files_liststore.clear()
- # data will pile up everytime the user selects a new item from the
drop down menu
+ # data will pile up every time the user selects a new item from the
drop down menu
self.network_in_liststore.clear()
self.network_out_liststore.clear()
self.boolean_liststore.clear()
@@ -1894,7 +1894,7 @@
tree.set_value(iter, 2, fclass)
def restore_to_default(self, *args):
- print("restore to defualt clicked...")
+ print("restore to default clicked...")
def invalid_entry_retry(self, *args):
self.closewindow(self.error_check_window)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/interface.py
new/selinux-python-3.0/sepolicy/sepolicy/interface.py
--- old/selinux-python-2.9/sepolicy/sepolicy/interface.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/interface.py 2019-11-28
13:46:48.000000000 +0100
@@ -196,7 +196,7 @@
from subprocess import getstatusoutput
basedir = os.path.dirname(if_file) + "/"
filename = os.path.basename(if_file).split(".")[0]
- rc, output = getstatusoutput("python
/usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir +
filename)
+ rc, output = getstatusoutput("/usr/bin/python3
/usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % (basedir +
filename))
if rc != 0:
sys.stderr.write("\n Could not proceed selected interface file.\n")
sys.stderr.write("\n%s" % output)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/manpage.py
new/selinux-python-3.0/sepolicy/sepolicy/manpage.py
--- old/selinux-python-2.9/sepolicy/sepolicy/manpage.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/manpage.py 2019-11-28
13:46:48.000000000 +0100
@@ -782,7 +782,7 @@
for e in equiv:
self.fd.write(r"""
.PP
-%(domainname)s policy stores data with multiple different file context types
under the %(equiv)s directory. If you would like to store the data in a
different directory you can use the semanage command to create an equivalence
mapping. If you wanted to store this data under the /srv dirctory you would
execute the following command:
+%(domainname)s policy stores data with multiple different file context types
under the %(equiv)s directory. If you would like to store the data in a
different directory you can use the semanage command to create an equivalence
mapping. If you wanted to store this data under the /srv directory you would
execute the following command:
.PP
.B semanage fcontext -a -e %(equiv)s /srv/%(alt)s
.br
@@ -962,7 +962,7 @@
if "bin_t" in entrypoints:
entrypoints.remove("bin_t")
self.fd.write("""
-All executeables with the default executable label, usually stored in /usr/bin
and /usr/sbin.""")
+All executables with the default executable label, usually stored in /usr/bin
and /usr/sbin.""")
paths = []
for entrypoint in entrypoints:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/network.py
new/selinux-python-3.0/sepolicy/sepolicy/network.py
--- old/selinux-python-2.9/sepolicy/sepolicy/network.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/network.py 2019-11-28
13:46:48.000000000 +0100
@@ -1,7 +1,7 @@
# Copyright (C) 2012 Red Hat
# see file 'COPYING' for use and warranty information
#
-# setrans is a tool for analyzing process transistions in SELinux policy
+# setrans is a tool for analyzing process transitions in SELinux policy
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy/transition.py
new/selinux-python-3.0/sepolicy/sepolicy/transition.py
--- old/selinux-python-2.9/sepolicy/sepolicy/transition.py 2019-03-15
11:32:30.000000000 +0100
+++ new/selinux-python-3.0/sepolicy/sepolicy/transition.py 2019-11-28
13:46:48.000000000 +0100
@@ -1,7 +1,7 @@
# Copyright (C) 2011 Red Hat
# see file 'COPYING' for use and warranty information
#
-# setrans is a tool for analyzing process transistions in SELinux policy
+# setrans is a tool for analyzing process transitions in SELinux policy
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/sepolicy.py
new/selinux-python-3.0/sepolicy/sepolicy.py
--- old/selinux-python-2.9/sepolicy/sepolicy.py 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/sepolicy/sepolicy.py 2019-11-28 13:46:48.000000000
+0100
@@ -25,6 +25,7 @@
import sys
import selinux
import sepolicy
+from multiprocessing import Pool
from sepolicy import get_os_version, get_conditionals,
get_conditionals_format_text
import argparse
PROGNAME = "policycoreutils"
@@ -326,8 +327,13 @@
gui.set_defaults(func=gui_run)
+def manpage_work(domain, path, root, source_files, web):
+ from sepolicy.manpage import ManPage
+ m = ManPage(domain, path, root, source_files, web)
+ print(m.get_man_page_path())
+
def manpage(args):
- from sepolicy.manpage import ManPage, HTMLManPages, manpage_domains,
manpage_roles, gen_domains
+ from sepolicy.manpage import HTMLManPages, manpage_domains, manpage_roles,
gen_domains
path = args.path
if not args.policy and args.root != "/":
@@ -340,9 +346,11 @@
else:
test_domains = args.domain
+ p = Pool()
for domain in test_domains:
- m = ManPage(domain, path, args.root, args.source_files, args.web)
- print(m.get_man_page_path())
+ p.apply_async(manpage_work, [domain, path, args.root,
args.source_files, args.web])
+ p.close()
+ p.join()
if args.web:
HTMLManPages(manpage_roles, manpage_domains, path, args.os)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/selinux-python-2.9/sepolicy/setup.py
new/selinux-python-3.0/sepolicy/setup.py
--- old/selinux-python-2.9/sepolicy/setup.py 2019-03-15 11:32:30.000000000
+0100
+++ new/selinux-python-3.0/sepolicy/setup.py 2019-11-28 13:46:48.000000000
+0100
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python3
# Author: Thomas Liu <[email protected]>
# Author: Dan Walsh <[email protected]>
@@ -6,7 +6,7 @@
setup(
name="sepolicy",
- version="1.1",
+ version="3.0",
description="Python SELinux Policy Analyses bindings",
author="Daniel Walsh",
author_email="[email protected]",
++++++ semodule-utils-2.9.tar.gz -> semodule-utils-3.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/semodule-utils-2.9/VERSION
new/semodule-utils-3.0/VERSION
--- old/semodule-utils-2.9/VERSION 2019-03-15 11:32:30.000000000 +0100
+++ new/semodule-utils-3.0/VERSION 2019-11-28 13:46:48.000000000 +0100
@@ -1 +1 @@
-2.9
+3.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/semodule-utils-2.9/semodule_package/semodule_unpackage.c
new/semodule-utils-3.0/semodule_package/semodule_unpackage.c
--- old/semodule-utils-2.9/semodule_package/semodule_unpackage.c
2019-03-15 11:32:30.000000000 +0100
+++ new/semodule-utils-3.0/semodule_package/semodule_unpackage.c
2019-11-28 13:46:48.000000000 +0100
@@ -55,7 +55,7 @@
ppfile = argv[1];
modfile = argv[2];
- if (argc >= 3)
+ if (argc >= 4)
fcfile = argv[3];
if (file_to_policy_file(ppfile, &in, "r"))
