When building libselinux, clang reports the following warning:
selinux_check_access.c:8:1: error: function 'usage' could be
declared with attribute 'noreturn' [-Werror,-Wmissing-noreturn]
While at it, make progname const.
Signed-off-by: Nicolas Iooss
---
When compiling with -Wwrite-strings, the compiler complains about
calling strs_add with a const char* value for a char* parameter
(DEFAULT_OBJECT is defined to "object_r"). Silence this warning by
casting the literal string to char*.
Signed-off-by: Nicolas Iooss
---
On 5/3/2017 9:41 AM, Paul Moore wrote:
> On Wed, Nov 23, 2016 at 9:17 AM, Dan Jurgens wrote:
>> From: Daniel Jurgens
>>
>> Infiniband applications access HW from user-space -- traffic is generated
>> directly by HW, bypassing the kernel. Consequently,
On 05/03/2017 12:14 PM, Stephen Smalley wrote:
Looking at adding a map permission for mmap [1], and thinking about
whether it needs to be wrapped by a policy capability. On the one
hand, we made the open permission depend on a policy capability, but on
the other hand, we haven't done that for
On Wed, 2017-05-03 at 15:14 -0400, Stephen Smalley wrote:
> On Wed, 2017-05-03 at 13:36 -0400, Arnold, Paul C CTR USARMY PEO STRI
> (US) wrote:
> > I have been having problems mapping logins since removing
> > __default__
> > from the policy. Is the __default__ login map required in order
> >
On Wed, 2017-05-03 at 13:36 -0400, Arnold, Paul C CTR USARMY PEO STRI
(US) wrote:
> I have been having problems mapping logins since removing
> __default__
> from the policy. Is the __default__ login map required in order for
> semanage to set a new mapping?
>
> The error, specifically:
>
> $
I have been having problems mapping logins since removing __default__
from the policy. Is the __default__ login map required in order for
semanage to set a new mapping?
The error, specifically:
$ sudo semanage login -a -s existing_u existing_login
libsemanage.dbase_llist_query: could not
On Wed, 2017-05-03 at 18:51 +0200, Dominick Grift wrote:
> On Wed, May 03, 2017 at 12:14:16PM -0400, Stephen Smalley wrote:
> > Looking at adding a map permission for mmap [1], and thinking about
> > whether it needs to be wrapped by a policy capability. On the one
> > hand, we made the open
On Wed, May 03, 2017 at 12:14:16PM -0400, Stephen Smalley wrote:
> Looking at adding a map permission for mmap [1], and thinking about
> whether it needs to be wrapped by a policy capability. On the one
> hand, we made the open permission depend on a policy capability, but on
> the other hand, we
Looking at adding a map permission for mmap [1], and thinking about
whether it needs to be wrapped by a policy capability. On the one
hand, we made the open permission depend on a policy capability, but on
the other hand, we haven't done that for other cases where we simply
added a check of a new
On Wed, Nov 23, 2016 at 9:17 AM, Dan Jurgens wrote:
> From: Daniel Jurgens
>
> Infiniband applications access HW from user-space -- traffic is generated
> directly by HW, bypassing the kernel. Consequently, Infiniband Partitions,
> which are associated
Good evening sir,
- I am working on CENTOS7 and has enabled mls on it, I want to make it
in enforcing mood but I am getting 'SELinux is preventing ' logs in
/var/log/directory at initial they were 262 and when I try to solve them
denial logs are getting much as system is in running
subprocess.Popen called without universal_newlines=True opens stdin,
stout and stderr as binary stream which cause problems with Python 3.
Fixes:
Traceback (most recent call last):
File "/usr/lib64/python3.4/site-packages/sepolicy/gui.py", line 2773, in
unconfined_toggle
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/gui.py | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/python/sepolicy/sepolicy/gui.py b/python/sepolicy/sepolicy/gui.py
index 7f84b6f9..007c94a7 100644
---
This fixes a problem introduced in 18410c86 where ruletype is specified
as a string not a list.
Fixes:
>>> sepolicy.get_all_role_allows()
Traceback (most recent call last):
File "/usr/lib64/python3.6/site-packages/setools/policyrep/util.py", line 60,
in lookup
return cls(value)
File
filter() changed it's behavior among python 2 and python 3
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/__init__.py | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/python/sepolicy/sepolicy/__init__.py
From: Dan Walsh
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/templates/executable.py | 21 -
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/python/sepolicy/sepolicy/templates/executable.py
From: Miroslav Grepl
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/templates/executable.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/sepolicy/sepolicy/templates/executable.py
Fixes:
$ sepolicy manpage -a
Traceback (most recent call last):
File "/usr/bin/sepolicy", line 699, in
args.func(args)
File "/usr/bin/sepolicy", line 359, in manpage
m = ManPage(domain, path, args.root, args.source_files, args.web)
File
From: Miroslav Grepl
Signed-off-by: Dan Walsh
---
python/sepolicy/sepolicy/templates/executable.py | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/python/sepolicy/sepolicy/templates/executable.py
From: Dan Walsh
Signed-off-by: Dan Walsh
---
python/sepolicy/sepolicy-generate.8 | 2 +-
python/sepolicy/sepolicy/templates/executable.py | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/python/sepolicy/sepolicy-generate.8
"attributes" used to be there when sepolicy.info() used setools3
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/__init__.py | 1 +
python/sepolicy/sepolicy/manpage.py | 4 ++--
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git
semodule in policycoreutils-2.4 changed the list format. With this
patch, org.selinux.semodule_list uses 'semodule --list=full' and the
code using this was adapted to the new format.
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1281309
Fixes:
File
Fixes:
(sepolicy:2183): Gtk-WARNING **: Could not load image 'images/booleans.png':
Failed to open file
'/usr/lib64/python3.4/site-packages/sepolicy/images/booleans.png': No such file
or directory
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/sepolicy.glade
Fixes:
Traceback (most recent call last):
File "/usr/lib/python3.5/site-packages/sepolicy/gui.py", line 1447, in
stripsort
return cmp(val1, val2)
NameError: name 'cmp' is not defined
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/gui.py | 10 --
1
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/manpage.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/python/sepolicy/sepolicy/manpage.py
b/python/sepolicy/sepolicy/manpage.py
index 3ebdfeb7..bd5a64ac 100755
---
From: Dan Walsh
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/manpage.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/sepolicy/sepolicy/manpage.py
b/python/sepolicy/sepolicy/manpage.py
index b268680a..4cebb299
From: Dan Walsh
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/manpage.py | 13 +
1 file changed, 13 insertions(+)
diff --git a/python/sepolicy/sepolicy/manpage.py
b/python/sepolicy/sepolicy/manpage.py
index 1af4295c..3ebdfeb7
From: Dan Walsh
Signed-off-by: Petr Lautrbach
---
python/sepolicy/sepolicy/manpage.py | 45 +
1 file changed, 45 insertions(+)
diff --git a/python/sepolicy/sepolicy/manpage.py
b/python/sepolicy/sepolicy/manpage.py
Hi,
this is set of sepolicy fixes we use in Fedora.
There are basically 2 groups of patches:
1. fixes which was pushed to Fedora few years ago and probably have not been
sent upstream
[PATCH 01/19] policycoreutils/sepolicy: Add documentation for MCS
[PATCH 02/19] sepolicy: Fix spelling
30 matches
Mail list logo