From a4d48dae14fe908908e59c18c5115343307ab5e9 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 23 Jul 2018 17:32:43 +0200 Subject: [PATCH 1/6] setools-4.1.1-8.1.fc28 - Rebuild for #1568333 --- setools.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/setools.spec b/setools.spec index e354f60..90eb445 100644 --- a/setools.spec +++ b/setools.spec @@ -11,7 +11,7 @@ Name: setools Version: 4.1.1 -Release: 8%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist} +Release: 8.1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist} Summary: Policy analysis tools for SELinux License: GPLv2 @@ -187,6 +187,9 @@ popd %{_mandir}/man1/apol* %changelog +* Mon Jul 23 2018 Petr Lautrbach - 4.1.1-8.1 +- Rebuild for #1568333 + * Thu Apr 26 2018 Vit Mojzis - 4.1.1-8 - Add support for SCTP protocol (#1568333) From e3f72ce011ae4a1f203b79b45bc18186e7c6d6cc Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 23 Jul 2018 21:28:26 +0200 Subject: [PATCH 2/6] Fix rpmlint errors and warnings setools.spec:95: W: unversioned-explicit-obsoletes setools-libs-tcl setools.spec:170: W: macro-in-comment %doc setools.spec:173: W: macro-in-comment %{python2_sitelib} setools.spec:179: W: macro-in-comment %doc setools.spec:181: W: macro-in-comment %{python3_sitelib} setools.spec: E: specfile-error warning: Macro expanded in comment on line 173: %{python2_sitelib}/* setools.spec: E: specfile-error setools.spec: E: specfile-error warning: Macro expanded in comment on line 181: %{python3_sitelib}/* --- setools.spec | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/setools.spec b/setools.spec index 90eb445..d4e8618 100644 --- a/setools.spec +++ b/setools.spec @@ -92,7 +92,7 @@ Python 2 modules designed to facilitate SELinux policy analysis. %package -n python3-setools Summary: Policy analysis tools for SELinux -Obsoletes: setools-libs < 4.0.0, setools-libs-tcl +Obsoletes: setools-libs < 4.0.0 Recommends: libselinux-python3 %{?python_provide:%python_provide python2-setools} # Remove before F30 @@ -167,19 +167,11 @@ popd %{_mandir}/man1/seinfoflow* %files -n python2-setools -# %doc AUTHORS ChangeLog KNOWN-BUGS NEWS README %license COPYING COPYING.GPL COPYING.LGPL -# For noarch packages: sitelib -# %{python2_sitelib}/* -# For arch-specific packages: sitearch %{python2_sitearch}/* %files -n python3-setools %license COPYING COPYING.GPL COPYING.LGPL -# %doc AUTHORS ChangeLog KNOWN-BUGS NEWS README -# For noarch packages: sitelib -# %{python3_sitelib}/* -# For arch-specific packages: sitearch %{python3_sitearch}/* %files gui From e789767476795f776951afaa1faadc5b70839c50 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 23 Aug 2018 10:46:10 +0200 Subject: [PATCH 3/6] Move gui python files to -gui subpackage --- setools.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/setools.spec b/setools.spec index d4e8618..859d913 100644 --- a/setools.spec +++ b/setools.spec @@ -172,10 +172,12 @@ popd %files -n python3-setools %license COPYING COPYING.GPL COPYING.LGPL -%{python3_sitearch}/* +%{python3_sitearch}/setools +%{python3_sitearch}/setools-* %files gui %{_bindir}/apol +%{python3_sitearch}/setoolsgui %{_mandir}/man1/apol* %changelog From 339414d693c129ba86eeb23f4a2adf0fc7f0369e Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 22 Aug 2018 18:01:19 +0200 Subject: [PATCH 4/6] Fix SCTP patch Fixes: Failed to load default permission map: /usr/lib64/python3.6/site-packages/setools/perm_map:391:Invalid class declaration: ['sendto', 'w', '10'] https://github.com/SELinuxProject/setools/issues/9 --- 0004-Add-support-for-SCTP-protocol.patch | 41 ++++++++++++++++++++---- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/0004-Add-support-for-SCTP-protocol.patch b/0004-Add-support-for-SCTP-protocol.patch index 4223a46..f22a538 100644 --- a/0004-Add-support-for-SCTP-protocol.patch +++ b/0004-Add-support-for-SCTP-protocol.patch @@ -9,9 +9,9 @@ Signed-off-by: Vit Mojzis --- libqpol/include/qpol/linux_types.h | 1 + libqpol/policy_define.c | 5 +++++ - setools/perm_map | 30 ++++++++++++++++++++++++++++++ + setools/perm_map | 36 +++++++++++++++++++++++++++--- setools/policyrep/netcontext.py | 5 +++++ - 4 files changed, 41 insertions(+) + 4 files changed, 44 insertions(+), 3 deletions(-) diff --git a/libqpol/include/qpol/linux_types.h b/libqpol/include/qpol/linux_types.h index c3c056b..0985162 100644 @@ -49,9 +49,27 @@ index dcc69fc..1e623a3 100644 yyerror2("unrecognized protocol %s", id); goto bad; diff --git a/setools/perm_map b/setools/perm_map -index 0a9f91c..25fae09 100644 +index 0a9f91c..8bd34f5 100644 --- a/setools/perm_map +++ b/setools/perm_map +@@ -27,7 +27,7 @@ + # Look to the examples below for further clarification. + # + # Number of object classes. +-95 ++96 + + class netlink_audit_socket 27 + nlmsg_relay w 10 +@@ -376,7 +376,7 @@ class file 22 + quotaon b 1 + swapon b 1 + +-class node 11 ++class node 13 + rawip_recv r 10 + tcp_recv r 10 + udp_recv r 10 @@ -385,6 +385,8 @@ class node 11 udp_send w 10 dccp_recv r 10 @@ -94,6 +112,15 @@ index 0a9f91c..25fae09 100644 class netlink_firewall_socket 24 nlmsg_write w 10 nlmsg_read r 10 +@@ -973,7 +1001,7 @@ class key_socket 22 + relabelto w 10 + listen r 1 + +-class netif 10 ++class netif 12 + rawip_recv r 10 + tcp_recv r 10 + udp_recv r 10 @@ -984,6 +1012,8 @@ class netif 10 udp_send w 10 dccp_recv r 10 @@ -104,10 +131,10 @@ index 0a9f91c..25fae09 100644 class packet_socket 22 append w 10 diff --git a/setools/policyrep/netcontext.py b/setools/policyrep/netcontext.py -index c7076d2..2d890f3 100644 +index 9a01fc5..630b42c 100644 --- a/setools/policyrep/netcontext.py +++ b/setools/policyrep/netcontext.py -@@ -38,6 +38,10 @@ try: +@@ -35,6 +35,10 @@ try: IPPROTO_DCCP = getprotobyname("dccp") except socket.error: IPPROTO_DCCP = 33 @@ -118,7 +145,7 @@ index c7076d2..2d890f3 100644 def netifcon_factory(policy, name): -@@ -196,6 +200,7 @@ class PortconProtocol(int, PolicyEnum): +@@ -161,6 +165,7 @@ class PortconProtocol(int, PolicyEnum): tcp = IPPROTO_TCP udp = IPPROTO_UDP dccp = IPPROTO_DCCP @@ -127,5 +154,5 @@ index c7076d2..2d890f3 100644 class Portcon(NetContext): -- -2.14.3 +2.18.0 From 4db2bcefac430cfbb81d6763a60e4916d12c4432 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 22 Aug 2018 18:08:05 +0200 Subject: [PATCH 5/6] setools-4.1.1-12 - Fix SCTP patch - https://github.com/SELinuxProject/setools/issues/9 - Move gui python files to -gui subpackage - Update URL to SELinuxProject/setools - Require userspace release 2.8 --- setools.spec | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/setools.spec b/setools.spec index 859d913..51d2266 100644 --- a/setools.spec +++ b/setools.spec @@ -6,17 +6,17 @@ # % global setools_pre_ver beta.1.8e09d95 # % global gitver f1e5b20 -%global sepol_ver 2.7-1 -%global selinux_ver 2.7-1 +%global sepol_ver 2.8-1 +%global selinux_ver 2.8-1 Name: setools Version: 4.1.1 -Release: 8.1%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist} +Release: 9%{?setools_pre_ver:.%{setools_pre_ver}}%{?dist} Summary: Policy analysis tools for SELinux License: GPLv2 -URL: https://github.com/TresysTechnology/setools/wiki -Source0: https://github.com/TresysTechnology/setools/archive/%{version}%{?setools_pre_ver:-%{setools_pre_ver}}.tar.gz +URL: https://github.com/SELinuxProject/setools/wiki +Source0: https://github.com/SELinuxProject/setools/archive/%{version}%{?setools_pre_ver:-%{setools_pre_ver}}.tar.gz Source1: setools.pam Source2: apol.desktop Patch1: 0001-Do-not-use-Werror-during-build.patch @@ -181,6 +181,10 @@ popd %{_mandir}/man1/apol* %changelog +* Wed Aug 22 2018 Petr Lautrbach - 4.1.1-12 +- Fix SCTP patch - https://github.com/SELinuxProject/setools/issues/9 +- Move gui python files to -gui subpackage + * Mon Jul 23 2018 Petr Lautrbach - 4.1.1-8.1 - Rebuild for #1568333 From 3fd20d3ca807d650abc18d5843c25474a76c2e9d Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 23 Aug 2018 11:16:34 +0200 Subject: [PATCH 6/6] setools-gui requires python3-setools --- setools.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/setools.spec b/setools.spec index 51d2266..7caba3a 100644 --- a/setools.spec +++ b/setools.spec @@ -107,6 +107,7 @@ Python 3 modules designed to facilitate SELinux policy analysis. %package gui Summary: Policy analysis graphical tools for SELinux +Requires: python3-setools = %{version}-%{release} Requires: python3-qt5 Requires: python3-networkx