Signed-off-by: Vit Mojzis
---
policycoreutils/setfiles/restorecon.8 | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/setfiles/restorecon.8
b/policycoreutils/setfiles/restorecon.8
index fdb468b..b00bf4e 100644
--- a/policycoreutils/setfiles
Decrease loglevel of termination message
(eg. "restorecond[709]: terminated") to LOG_INFO because it is printed
upon normal shutdown of the daemon.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1264505
Signed-off-by: Vit Mojzis
---
restorecond/watch.c | 2 +-
1 file changed, 1
Policy module structure created by libsepol out of base module
contains NULL in module name, which results in segfault in "pp"
compiler. Add NULL check.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1350806
Signed-off-by: Vit Mojzis
---
policycoreutils/hll/pp/pp.c | 2 +-
1 fi
there any
way to determine if a SELinux user has been defined only locally (as
opposed to being defined in policy) after some local changes have been made?
Best regards,
Vit Mojzis
___
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send
?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/conf-parse.y | 7 ---
libsemanage/src/semanage_store.c | 18 +-
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
index b527e89..d72a0c2
Strip the following characters
\x1cFile Separator
\x1dGroup Separator
\x1eRecord Separator
\x85Next Line (C1 Control Code)
from audit message fields to make sure they are not evaluated
as part of some identifier (eg. ausearch used insert \x1d into
--raw output resulting in "unrecogn
HTMLManPages got domain name by splitting name of selinux manpage
on "_selinux" which doesn't work properly when domain name contains
"_selinux".
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/manpage.py | 8
1 file changed, 4 insertions(+), 4 deletion
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Following patches remove redundant access checks (where the access check was
followed by open, write,etc. call and the return value is checked), and replace
necessary "access(, F_OK)" checks by "
F_OK access checks only work properly as long as all directories along
the path are accessible to real user running the program.
Replace F_OK access checks by testing return value of open, write, etc.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
---
libsemanage/src/direct_api.c | 40
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 36
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs (except for F_OK which works
properly). fopen() return values are always checked, which makes
access() checks redundant.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
---
libsemanage
On 5.5.2017 22:32, Stephen Smalley wrote:
On Fri, 2017-05-05 at 14:49 +0200, Vit Mojzis wrote:
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
Fixes: https
://bugzilla.redhat.com/show_bug.cgi?id=1458831
Signed-off-by: Vit Mojzis
---
policycoreutils/scripts/fixfiles | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
index 0a4..1aa330f 100755
--- a/policycoreutils/scripts
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs. Remove redundant access() checks
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
---
libsemanage/src/direct_api.c | 7 ---
libsemanage/src/semanage_store.c | 17 -
F_OK access checks only work properly as long as all directories along
the path are accessible to real user running the program.
Replace F_OK access checks by testing return value of open, write, etc.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
---
libsemanage/src/direct_api.c | 36
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 50
"semanage fcontext -l" so far ignored content of file_contexts.homedirs
file which is confusing to users (more specific rules may be ignored in
favor of rules unseen to the user since file_contexts.homedirs has
higher priority than file_contexts).
These patches introduce the content of file_contex
Include entries from fcontexts.homedirs when listing file contexts
via "semanage fcontext -l"
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
python/semanage/seobject.py | 5 +
1 file changed, 5 insertions(+)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
libsemanage/include/semanage/fcontexts_policy.h | 4
libsemanage/src/direct_api.c| 6 ++
libsemanage/src/fcontexts_policy.c | 8
libsemanage/src/handle.h| 19
On 27.9.2017 19:04, William Roberts wrote:
2017-09-27 1:16 GMT-07:00 Vit Mojzis :
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
libsemanage/include/semanage/fcontexts_policy.h | 4
libsemanage/src/direct_api.c| 6 ++
libsemanage/src
This will allow listing the correct file_contexts.homedirs
using libsemanage regardless of selected policy store.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
libsemanage/src/direct_api.c | 19 ++-
libsemanage/src/genhomedircon.c | 4 ++--
libsemanage/src/s
Include entries from file_contexts.homedirs when listing file contexts
via "semanage fcontext -l"
"semanage fcontext -l" so far ignored content of file_contexts.homedirs
file, which is confusing for users (more specific rules may be ignored in
favor of rules unseen to the user since file_contexts.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
libsemanage/include/semanage/fcontexts_policy.h | 4
libsemanage/src/direct_api.c| 6 ++
libsemanage/src/fcontexts_policy.c | 8
libsemanage/src/handle.h| 19
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
libsemanage/include/semanage/fcontexts_policy.h | 4
libsemanage/src/direct_api.c| 7 +++
libsemanage/src/fcontexts_policy.c | 8
libsemanage/src/handle.h| 1
On 4.10.2017 16:07, Stephen Smalley wrote:
On Tue, 2017-10-03 at 11:57 +0200, Vit Mojzis wrote:
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
These all look good to me now. Could you please re-post them all with
Signed-off-by: lines, and then we'll merge them in a coup
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
Signed-off-by: Vit Mojzis
---
libsemanage/include/semanage/fcontexts_policy.h | 4
libsemanage/src/direct_api.c| 7 +++
libsemanage/src/fcontexts_policy.c | 8
libsemanage/src
en to the user since file_contexts.homedirs has
higher priority than file_contexts).
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 5 +
1 file changed, 5 insertions(+)
diff --git a/python/semanage/seobject.py b/python/semanage/seobj
This will allow listing the correct file_contexts.homedirs
using libsemanage regardless of selected policy store.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 19 ++-
libsemanage/src/genhomedircon.c
%s" % (ddict[k][0], k[2], k[0]))
IndexError: tuple index out of range
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index 228c8ae..380256b 100644
--- a/py
Update Infiniband "port" and "key" listing and export to work on
python3.
{}.keys() does not support .sort() operation on Py3.
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 16 ++--
1 file changed, 6 insertions(+), 10 deletions(-)
diff --g
using the removable_context
Which one would you prefer?
In case of the latter, would adding the content of removable_context
file to saved_data->spec_arr[nspec + 1] (label_media.c) and returning it
in case lookup fails be a reasonable solution?
Thank you.
Vit Mojzis
moduleRecords.modify() calls nonexistent function
semanage_module_update_file (maybe it should have been
semanage_module_upgrade_file which is now obsolete and calls
semanage_module_install_file) and the job of updating a module is done
by moduleRecords.add().
Signed-off-by: Vit Mojzis
"Edit" and "add" dialogues weren't closed after successful transaction
("add" and "edit" methods return "None" if successful).
Signed-off-by: Vit Mojzis
---
gui/semanagePage.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Fix command line arguments and description in man page.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1334834
Signed-off-by: Vit Mojzis
---
semodule-utils/semodule_package/semodule_unpackage.8 | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/semodule-utils
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs. Remove redundant access() checks
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 7 ---
libsemanage/src
F_OK access checks only work properly as long as all directories along
the path are accessible to real user running the program.
Replace F_OK access checks by testing return value of open, write, etc.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
And access(,R_OK) by fopen(,"r")
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by:
Resolves: rhbz#1337199
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index 88873c43..9c305c75 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage
From: Yuli Khodorkovskiy
Since Darwin systems do not have GNU sed installed, the Darwin sed is
missing the "regexp-extended" flag needed to modify the secilc markdown
files before processing with pandoc.
A quick fix for Mac users is to `brew install gnu-sed` and to use gsed.
Signed-off-by: Yuli
The traceback was caused by leaving the object class combo box blank (therefore
is not directly connected to this patch).
But I agree that is's undesirable behavior. I can either add a check that would
notify the user that they left the option blank, or set a default value.
This ensures that user cannot leave the object class selection blank.
Signed-off-by: Vit Mojzis
---
gui/fcontextPage.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/gui/fcontextPage.py b/gui/fcontextPage.py
index a6577ef7..370bbee4 100644
--- a/gui/fcontextPage.py
+++ b/gui
Sorry, wrong patch, please ignore this.
On 1.3.2018 11:59, Vit Mojzis wrote:
From: Yuli Khodorkovskiy
Since Darwin systems do not have GNU sed installed, the Darwin sed is
missing the "regexp-extended" flag needed to modify the secilc markdown
files before processing with pandoc
Changes:
- replace semanage_copy_file by copy_file_if_exists to make sure "retval" is
0 if the file does not exist
- restructure if statements to be more clear ("fail" is last part of the
statement)
- replace read test (attempt to open the file) by stat() call
F_OK access checks only work properly as long as all directories along
the path are accessible to real user running the program.
Replace F_OK access checks by testing return value of open, write, etc.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs. Remove redundant access() checks
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 7 ---
libsemanage/src
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
And access(,R_OK) by fopen(,"r")
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by:
On 7.3.2018 15:59, Stephen Smalley wrote:
On 03/06/2018 06:58 AM, Vit Mojzis wrote:
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access(,F_OK) (i.e. tests for file existence) by stat().
And access(,R_OK) by fopen(,"r&quo
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access() calls (mostly tests for file existence) by stat().
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access() calls (mostly tests for file existence) by stat().
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c
Unify the way parameters are described in man pages and --help message.
Explain special syntax allowing the user to specify multiple modules when using
-i/u/r/E mods.
Point out that priority has to be specified in order to remove module at
different priority than 400 and that "-d" disables all inst
sables all instances of
given module across priorities.
Resolves: rhbz#1320565, rhbz#1337192
Signed-off-by: Vit Mojzis
---
policycoreutils/semodule/semodule.8 | 34 --
policycoreutils/semodule/semodule.c | 8
2 files changed, 24 insertions(+), 18 deletion
From: Vit Mojzis
Unify behaviour for all module actions.
The same behavoiour is already present for -i/-u/-r/-e switches.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1545218
Signed-off-by: Vit Mojzis
---
policycoreutils/semodule/semodule.c | 33 +
1
From: Vit Mojzis
Unify behaviour for all module actions.
The same behaviour is already present for -i/-u/-r/-e switches.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1545218
Signed-off-by: Vit Mojzis
---
policycoreutils/semodule/semodule.c | 33 +
1 file
Please ignore the last two attempts at this patch.
Sorry for the noise.
From: Vit Mojzis
Unify behaviour for all module actions.
The same behaviour is already present for -i/-u/-r/-e switches.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1545218
Signed-off-by: Vit Mojzis
---
policycoreutils/semodule/semodule.c | 33 +
1 file
Fix sizeof calculation in array iteration introduced by commit
6bb8282c4cf66e93daa9684dbe9c75bb6b1e09a7
"libsemanage: replace access() checks to make setuid programs work"
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletio
ux_policyver = get_rpm_nvr_list("selinux-policy")[1]
TypeError: 'NoneType' object has no attribute '__getitem__'
Signed-off-by: Vit Mojzis
---
policycoreutils/sepolicy/sepolicy/generate.py | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/
for pid=8442 comm="smtp" capability=36
scontext=system_u:system_r:postfix_smtp_t:s0
tcontext=system_u:system_r:postfix_smtp_t:s0 tclass=capability2
SELinux is preventing smtp from block_suspend access on the capability2 Unknown.
Signed-off-by: Vit Mojzis
---
framework/src/setroubleshoot/sign
Please disregard this patch. I accidentally sent it to the wrong address.
- Original Message -
From: "Vit Mojzis"
To: selinux@tycho.nsa.gov
Cc: plaut...@redhat.com, "Vit Mojzis"
Sent: Monday, August 8, 2016 10:13:26 AM
Subject: [PATCH] setroubleshoot: Fix sealert mes
When given invalid regexp, semanage reports error, but adds the invalid
context to "/etc/selinux/targeted/contexts/files/file_contexts.local",
which breaks the system (won't boot in enforcing mode). The new context
doesn't show up on "#semanage fcontext -l -C" and cannot be removed by
"semanage
Return column definitions to portsPage (gui fails to load otherwise).
fcontextPage:
"ftype" dropdown was filled from 2 sources (system-config-selinux.glade
and fcontextPage - from seobject module) which resulted in duplicate
and invalid options. When given to "semanage fcontext -f", ftype ha
From: vmojzis
Loop designed for stripping leading "//" was changing
the only pointer referencing block of memory allocated
by "strdup", resulting in "free()" failure. The loop
had no effect because "realpath" is used later on.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1376598
Signed-of
Radiobutton was always set to "Permissive" and couldn't be switched.
Update radiobutton together with status text in bottom left corner.
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/gui.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/python/se
options.
Some "required argument" check were performed outside of "handle_opts"
obscuring the code.
Fix: Add required arguments to {fcontext boolean}_args and remove the
checks from handle{Fcontext Boolean}.
Remove unpaired parentheses from "semanage fcontext" usage m
This is caused by recent changes in sepolicy that were not reflected in
gui. I'm working on the issue, but it's probably gonna take some time.
Thanks for the feedback.
On 30.11.2016 14:52, Stephen Smalley wrote:
On 11/30/2016 08:44 AM, Vit Mojzis wrote:
The glade file is installe
de runs in
separate thread and backtrace is therefore useless. Has anyone
encountered something similar? Any pointers would be appreciated.
I'm using Fedora 25 with python 2.7.
Thanks.
Regards,
Vit Mojzis
___
Selinux mailing list
Selinux@tycho.n
Aside from typos, change the way markup is applied to a tooltip
in sepolicy/gui so that the text can be translated.
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 6 +++---
python/sepolicy/sepolicy/gui.py | 12 ++--
python/sepolicy/sepolicy
This patch should get sepolicy gui working again, however it's still unusable
due to SETools-4 speed (initial policy analysis takes a few hours at this
point, but can be significantly optimised).
___
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubsc
sepolicy.get_init_entrypoint() now returns list of Type objects
instead of single string, which caused sepolicy gui to crash.
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/gui.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/python/sepolicy/sepolicy/gui.py b
Based on 77589dd354218f1f56d1c83747799606fa1b4899 by Dan Walsh.
Speed up gui loading.
Some minor bug fixes.
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/gui.py | 134 ++--
python/sepolicy/sepolicy/network.py | 8 +-
python/sepolicy/sepolicy
Significantly speed up sepolicy gui loading by aggregating setools
queries.
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/__init__.py | 17 +
python/sepolicy/sepolicy/gui.py | 5 +++--
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/python/sepolicy
The type generated by apache_content_template macro for cgi scripts
changed from httpd_$1_script_t to $1_script_t.
Update sepolicy accordingly.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1271324
Signed-off-by: Vit Mojzis
---
python/sepolicy/sepolicy/generate.py | 2
This allows sepolgen to generate policy from AVC messages that contain
contexts translated by mcstrans.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1356149
Signed-off-by: Vit Mojzis
---
python/sepolgen/src/sepolgen/refpolicy.py | 5 +
1 file changed, 5 insertions(+)
diff --git a
.sepol_context_to_sid: could not convert
system_u:system_r:systemd_logind_t:SystemLow-SystemHigh to sid
Signed-off-by: Vit Mojzis
---
python/sepolgen/src/sepolgen/refpolicy.py | 5 +
1 file changed, 5 insertions(+)
diff --git a/python/sepolgen/src/sepolgen/refpolicy.py
b/python/sepolgen/
selinux-policy-targeted
.M.T./var/lib/selinux/targeted/active/seusers
.M.T./var/lib/selinux/targeted/active/users_extra
Signed-off-by: Vit Mojzis
---
libsemanage/src/direct_api.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libsemanage/src/direct_api.c b
when the specified username is not found.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1294663
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 8
1 file changed, 8 deletions(-)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index c76dce85
Test if audit module is enabled so that logger class is defined
correctly.
Fixes:
"semanage fcontext -l" fails with "OSError: Protocol not supported" when
booting with audit=0
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 2 ++
1 file changed, 2 insertions(+)
The corresponding except clause should only be used for
exceptions caused by audit module error or unavailability.
Signed-off-by: Vit Mojzis
---
python/semanage/seobject.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/semanage/seobject.py b/python/semanage
Restrictive umask may cause creating directories with with unintended
access mode. Reset umask before creating directories to avoid this
issue.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186422
Signed-off-by: Vit Mojzis
---
libsemanage/src/semanage_store.c | 31
Restrictive umask may cause creating directories with with unintended
access mode. Reset umask before creating directories to avoid this
issue.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186422
Signed-off-by: Vit Mojzis
---
libsemanage/src/semanage_store.c | 31
Use "previous" user name when no new user is available in
semanage_seuser_audit. Otherwise "id=0" is logged instead of
"acct=user_name" ("id=0" is hard coded value).
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1622045
---
libsemanage/src/seusers_local.c | 11 ++-
1 file changed, 6
On 19/09/2018 22:51, Nicolas Iooss wrote:
When testing sepolicy gui with setools 4.2.0-beta, the following error
happened:
File "python/sepolicy/sepolicy/__init__.py", line 277, in
_setools_rule_to_dict
if isinstance(rule, setools.policyrep.terule.AVRule):
AttributeError:
27; has no attribute 'terule'
See https://github.com/SELinuxProject/setools/issues/8 for more details.
Stop using internal setools API:
- use AttributeError instead of setools specific exceptions
- evaluate conditional expressions using conditional.evaluate() instead
of qpol_symbol.is_enable
Sepolicy and semanage do not work with aliases properly (aliases are
mostly treated as invalid types). Fix this by determining corresponding
type when an alias is used and working with the type instead.
python/semanage/seobject.py | 21 ++---
python/sepolicy/sepolicy.py
Fix CheckDomain and CheckPortType classes to properly deal with aliases.
Resolves: rhbz#169
---
python/sepolicy/sepolicy.py | 8 +++-
python/sepolicy/sepolicy/__init__.py | 10 +-
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/python/sepolicy/sepolicy.py
Resolves: rhbz#1544793
---
python/semanage/seobject.py | 21 ++---
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index c1467185..5d34cdbe 100644
--- a/python/semanage/seobject.py
+++ b/python/semanage/seobj
Restore previous behaviour of "sepolicy.info()".
---
python/sepolicy/sepolicy/__init__.py | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/python/sepolicy/sepolicy/__init__.py
b/python/sepolicy/sepolicy/__init__.py
index 5d0535b9..8484b28c 100644
--- a/python/sepol
Please ignore this patch set. I sent a new version (including sign-off
and proper "Resolves") to vger.kernel.org.
Sorry for the noise.
On 16. 10. 18 10:25, Vit Mojzis wrote:
Sepolicy and semanage do not work with aliases properly (aliases are
mostly treated as invalid types). F
88 matches
Mail list logo