Hello community,
here is the log from the commit of package setools for openSUSE:Factory checked in at 2019-02-06 14:06:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/setools (Old)
and /work/SRC/openSUSE:Factory/.setools.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "setools"
Wed Feb 6 14:06:30 2019 rev:32 rq:671815 version:4.2.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/setools/setools.changes 2018-12-12 17:31:01.066684635 +0100
+++ /work/SRC/openSUSE:Factory/.setools.new.28833/setools.changes 2019-02-06 14:06:36.502658106 +0100
@@ -1,0 +2,13 @@
+Tue Feb 5 08:01:41 UTC 2019 - jsegitz@suse.com
+
+- Update to 4.2.1
+ * Set SIGPIPE handler for CLI tools.
+ * Fixed alias dereferencing in TypeQuery and type, category, and
+ sensitivity lookups.
+ * Fixed sediff bug for rendering modified nodecons.
+ * Fixed devicetreecon count output.
+ * Fixed policy target platform check.
+ * Fixed bug in creating permission set intersection in apol.
+- Provide python-setools
+
+-------------------------------------------------------------------
Old:
----
4.2.0.tar.gz
New:
----
4.2.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ setools.spec ++++++
--- /var/tmp/diff_new_pack.YhlR9n/_old 2019-02-06 14:06:38.214657796 +0100
+++ /var/tmp/diff_new_pack.YhlR9n/_new 2019-02-06 14:06:38.214657796 +0100
@@ -1,7 +1,7 @@
#
# spec file for package setools
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
%define skip_python2 1
Name: setools
-Version: 4.2.0
+Version: 4.2.1
Release: 0
Url: https://github.com/SELinuxProject/setools
Summary: Policy analysis tools for SELinux
@@ -74,6 +74,7 @@
Group: Development/Languages/Python
Requires: python
Obsoletes: python-setools < %{version}
+Provides: python-setools = %{version}-%{release}
%description -n python3-setools
SETools is a collection of graphical tools, command-line tools, and
++++++ 4.2.0.tar.gz -> 4.2.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/ChangeLog new/setools-4.2.1/ChangeLog
--- old/setools-4.2.0/ChangeLog 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/ChangeLog 2019-02-05 01:18:05.000000000 +0100
@@ -1,3 +1,104 @@
+*setools-4.2.1 (4 Feb 2019)
+
+ * Set SIGPIPE handler for CLI tools.
+ * Fixed alias dereferencing in TypeQuery and type, category, and sensitivity
+ lookups.
+ * Fixed sediff bug for rendering modified nodecons.
+ * Fixed devicetreecon count output.
+ * Fixed policy target platform check.
+ * Fixed bug in creating permission set intersection in apol.
+
+
+*setools-4.2.0 (10 Nov 2018)
+
+ This release focused on improving performance and reducing memory usage.
+
+ A Cython-based policy representation replaced the
+ Python/SWIG/static-linked-libsepol implemention. SETools no longer statically
+ links to libsepol, though it is strongly suggested that users rebuild SETools
+ after updating libsepol, in case the policy structure changes.
+
+ Building on the policy representation change, refinements in sediff yielded
+ as much as a 90% reduction in memory use, depending on the policies.
+
+ This release of SETools has different dependencies than previous versions.
+ See README.md for more details. Support for Python 2.7 was dropped because
+ all current SELinux-supporting distributions provide Python 3.
+
+ Other smaller changes included:
+
+ * Added support for SCTP portcons.
+ * Updated permission maps.
+ * Policy symbol names are now available as the name attribute (e.g.
+ Boolean.name, Type.name, etc.)
+ * Revised some apol layouts to increase the size of text entry fields.
+ * Revised package structure to make policyrep a module of the setools
+ package.
+ * Moved constraint expression to its own class.
+ * Made Conditional.evaluate() more useful and added BaseTERule.enabled()
+ method to determine if a rule is enabled.
+
+ Changes since v4.2.0-rc:
+
+ * Restored missing statement() methods in some policyrep classes
+ * Fixed NULL pointer dereference when iterating over type attributes when
+ the policy has none.
+ * Added xdp_socket permission mapping.
+
+
+*setools-4.2.0-rc (29 Sep 2018)
+
+ Changes since v4.2.0-beta:
+
+ * Fixed performance regressions.
+ * Made further memory usage improvements.
+ * Fixed build issues with clean target and runtime_library_dirs.
+ * Revised package structure to make policyrep a module of the setools
+ package.
+ * Symbol names are now available as the name attribute (e.g.
+ Boolean.name, Type.name, etc.)
+ * Fixed some apol layouts to increase the size of text fields.
+ * Move constraint expression to its own class.
+ * Made Conditional.evaluate() more useful and added BaseTERule.enabled()
+ method to determine if a rule is enabled.
+
+
+*setools-4.2.0-beta (10 Jul 2018)
+
+ Changes since v4.1.1:
+
+ * Replaced the Python/SWIG/static-linked-libsepol policyrep module with
+ a Cython implementation. This will have performance and memory-usage
+ improvements and breaks the static linking to libsepol.
+ * Significant memory usage reduction in sediff (approximately 60%,
+ depending on the policies).
+ * Added support for SCTP portcons.
+ * Updated permission maps.
+ * Support for Python 2.7 was dropped.
+
+ This release of SETools has changed dependencies since 4.1.1. See README.md for more details.
+
+
+*setools-4.1.1 (5 Aug 2017)
+
+ This release has three changes since 4.1.0:
+
+ * Update for libsepol 2.7
+ * Update to permission maps
+ * Fixes for apol help files
+
+
+*setools-4.1.0 (23 Jan 2017)
+
+ This release primarily focused on adding features to apol, but has several
+ library enhancements. There is also one important bugfix in sediff. There
+ were no changes since 4.1.0-rc.
+
+ Note This will not compile on the master branch of libsepol (what will
+ be libsepol 2.7). A future release of SETools will have this support
+ (when libsepol 2.7 is released).
+
+
*setools-4.1.0-rc (11 Dec 2016)
Library:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/apol.1 new/setools-4.2.1/man/apol.1
--- old/setools-4.2.0/man/apol.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/apol.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH apol 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH apol 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
apol \- Graphical SELinux policy analysis tool
@@ -34,10 +34,10 @@
Enable debugging output.
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
sediff(1), sedta(1), seinfo(1), seinfoflow(1), sesearch(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sediff.1 new/setools-4.2.1/man/sediff.1
--- old/setools-4.2.0/man/sediff.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/sediff.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH sediff 1 2016-04-19 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH sediff 1 2016-04-19 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
sediff \- SELinux policy difference tool
@@ -148,10 +148,10 @@
.PP
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
apol(1), sedta(1), seinfo(1), seinfoflow(1), sesearch(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sedta.1 new/setools-4.2.1/man/sedta.1
--- old/setools-4.2.0/man/sedta.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/sedta.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH sedta 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH sedta 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
sedta \- Domain transition analysis for SELinux policies
@@ -69,10 +69,10 @@
Enable debugging output.
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
apol(1), sediff(1), seinfo(1), seinfoflow(1), sesearch(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/seinfo.1 new/setools-4.2.1/man/seinfo.1
--- old/setools-4.2.0/man/seinfo.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/seinfo.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH seinfo 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH seinfo 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
seinfo \- SELinux policy information tool
@@ -109,10 +109,10 @@
Enable debugging output.
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
apol(1), sediff(1), sedta(1), seinfoflow(1), sesearch(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/seinfoflow.1 new/setools-4.2.1/man/seinfoflow.1
--- old/setools-4.2.0/man/seinfoflow.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/seinfoflow.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH seinfoflow 1 2016-02-20 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH seinfoflow 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
seinfoflow \- Information flow analysis for SELinux policies
@@ -70,10 +70,10 @@
Enable debugging output.
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
apol(1), sediff(1), sedta(1), seinfo(1), sesearch(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/man/sesearch.1 new/setools-4.2.1/man/sesearch.1
--- old/setools-4.2.0/man/sesearch.1 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/man/sesearch.1 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
.\" Copyright (c) 2016 Tresys Technology, LLC. All rights reserved.
-.TH sesearch 1 2016-04-19 "Tresys Technology, LLC" "SETools: SELinux Policy Analysis Tools"
+.TH sesearch 1 2016-02-20 "SELinux Project" "SETools: SELinux Policy Analysis Tools"
.SH NAME
sesearch \- SELinux policy query tool
@@ -113,10 +113,10 @@
Enable debugging output.
.SH AUTHOR
-Chris PeBenito
+Chris PeBenito
.SH BUGS
-Please report bugs via the SETools bug tracker, https://github.com/TresysTechnology/setools/issues
+Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues
.SH SEE ALSO
apol(1), sediff(1), sedta(1), seinfo(1), seinfoflow(1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/qhc/apol.qhcp new/setools-4.2.1/qhc/apol.qhcp
--- old/setools-4.2.0/qhc/apol.qhcp 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/qhc/apol.qhcp 2019-02-05 01:18:05.000000000 +0100
@@ -3,8 +3,8 @@
<QHelpCollectionProject version="1.0">
<assistant>
<title>Apol Help</title>
- <startPage>qthelp://com.github.tresystechnology.setools/doc/index.html</startPage>
- <homePage>qthelp://com.github.tresystechnology.setools/doc/index.html</homePage>
+ <startPage>qthelp://com.github.selinuxproject.setools/doc/index.html</startPage>
+ <homePage>qthelp://com.github.selinuxproject.setools/doc/index.html</homePage>
</assistant>
<docFiles>
<generate>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/qhc/apol.qhp new/setools-4.2.1/qhc/apol.qhp
--- old/setools-4.2.0/qhc/apol.qhp 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/qhc/apol.qhp 2019-02-05 01:18:05.000000000 +0100
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Copyright (c) 2016 Tresys Technology, LLC. All rights reserved. -->
<QtHelpProject version="1.0">
- <namespace>com.github.tresystechnology.setools</namespace>
+ <namespace>com.github.selinuxproject.setools</namespace>
<virtualFolder>doc</virtualFolder>
<customFilter name="Apol">
<filterAttribute>apol</filterAttribute>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sediff new/setools-4.2.1/sediff
--- old/setools-4.2.0/sediff 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/sediff 2019-02-05 01:18:05.000000000 +0100
@@ -21,9 +21,13 @@
import argparse
import sys
import logging
+import signal
from itertools import chain
from contextlib import suppress
+
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
+
parser = argparse.ArgumentParser(
description="SELinux policy semantic difference tool.",
epilog="If no differences are selected, all differences will be printed.")
@@ -1328,10 +1332,9 @@
print(" - {0}".format(n))
if diff.modified_nodecons and not args.stats:
print(" Modified Nodecons: {0}".format(len(diff.modified_nodecons)))
- for con, added_context, removed_context in sorted(diff.modified_nodecons,
- key=lambda x: x.rule):
- print(" * nodecon {0.address} {0.netmask} +[{1}] -[{2}];".format(
- con, added_context, removed_context))
+ for entry in sorted(diff.modified_nodecons, key=lambda x: x.rule):
+ print(" * nodecon {0} +[{1.added_context}] -[{1.removed_context}];".format(
+ entry.rule.network.with_netmask.replace("/", " "), entry))
print()
del diff.added_nodecons
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sedta new/setools-4.2.1/sedta
--- old/setools-4.2.0/sedta 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/sedta 2019-02-05 01:18:05.000000000 +0100
@@ -20,6 +20,7 @@
import sys
import argparse
import logging
+import signal
import setools
@@ -67,6 +68,8 @@
print()
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
+
parser = argparse.ArgumentParser(
description="SELinux policy domain transition analysis tool.",
epilog="If no analysis is selected, all forward transitions out of the source will be printed.")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/seinfo new/setools-4.2.1/seinfo
--- old/setools-4.2.0/seinfo 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/seinfo 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,6 @@
#!/usr/bin/env python3
# Copyright 2014-2015, Tresys Technology, LLC
+# Copyright 2018-2019, Chris PeBenito
#
# This file is part of SETools.
#
@@ -21,6 +22,7 @@
import argparse
import sys
import logging
+import signal
def expand_attr(attr):
@@ -30,6 +32,8 @@
return "{0}\n\t{1}".format(attr.statement(), contents)
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
+
parser = argparse.ArgumentParser(description="SELinux policy information tool.")
parser.add_argument("--version", action="version", version=setools.__version__)
parser.add_argument("policy", help="Path to the SELinux policy to query.", nargs="?")
@@ -122,7 +126,7 @@
components.append(("Booleans", q, lambda x: x.statement()))
if args.mlscatsquery or args.all:
- q = setools.CategoryQuery(p)
+ q = setools.CategoryQuery(p, alias_deref=True)
if isinstance(args.mlscatsquery, str):
q.name = args.mlscatsquery
@@ -231,7 +235,7 @@
components.append(("Roles", q, lambda x: x.statement()))
if args.mlssensquery or args.all:
- q = setools.SensitivityQuery(p)
+ q = setools.SensitivityQuery(p, alias_deref=True)
if isinstance(args.mlssensquery, str):
q.name = args.mlssensquery
@@ -245,7 +249,7 @@
components.append(("Typebounds", q, lambda x: x.statement()))
if args.typequery or args.all:
- q = setools.TypeQuery(p)
+ q = setools.TypeQuery(p, alias_deref=True)
if isinstance(args.typequery, str):
q.name = args.typequery
@@ -330,7 +334,7 @@
print(" Defaults: {0:7} Typebounds: {1:7}".format(
p.default_count, p.typebounds_count))
- if p.target_platform == "selinux":
+ if p.target_platform == setools.PolicyTarget.selinux:
print(" Allowxperm: {0:7} Neverallowxperm: {1:7}".format(
p.allowxperm_count, p.neverallowxperm_count))
print(" Auditallowxperm: {0:7} Dontauditxperm: {1:7}".format(
@@ -341,8 +345,8 @@
p.genfscon_count, p.portcon_count))
print(" Netifcon: {0:7} Nodecon: {1:7}".format(
p.netifcon_count, p.nodecon_count))
- elif p.target_platform == "xen":
- print(" Initial SIDs: {0:7} Devicetreecon {1:7}".format(
+ elif p.target_platform == setools.PolicyTarget.xen:
+ print(" Initial SIDs: {0:7} Devicetreecon: {1:7}".format(
p.initialsids_count, p.devicetreecon_count))
print(" Iomemcon: {0:7} Ioportcon: {1:7}".format(
p.iomemcon_count, p.ioportcon_count))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/seinfoflow new/setools-4.2.1/seinfoflow
--- old/setools-4.2.0/seinfoflow 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/seinfoflow 2019-02-05 01:18:05.000000000 +0100
@@ -21,6 +21,9 @@
import argparse
import sys
import logging
+import signal
+
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
parser = argparse.ArgumentParser(
description="SELinux policy information flow analysis tool.",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/sesearch new/setools-4.2.1/sesearch
--- old/setools-4.2.0/sesearch 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/sesearch 2019-02-05 01:18:05.000000000 +0100
@@ -21,6 +21,9 @@
import argparse
import sys
import logging
+import signal
+
+signal.signal(signal.SIGPIPE, signal.SIG_DFL)
parser = argparse.ArgumentParser(
description="SELinux policy rule search tool.",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/constraintquery.py new/setools-4.2.1/setools/constraintquery.py
--- old/setools-4.2.0/setools/constraintquery.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setools/constraintquery.py 2019-02-05 01:18:05.000000000 +0100
@@ -122,7 +122,7 @@
if not self._match_perms(c):
continue
except ConstraintUseError:
- continue
+ continue
if self.role and not self._match_expr(
c.expression.roles,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/mixins.py new/setools-4.2.1/setools/mixins.py
--- old/setools-4.2.0/setools/mixins.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setools/mixins.py 2019-02-05 01:18:05.000000000 +0100
@@ -1,4 +1,5 @@
# Copyright 2015, Tresys Technology, LLC
+# Copyright 2019, Chris PeBenito
#
# This file is part of SETools.
#
@@ -137,14 +138,15 @@
class MatchName:
- """Mixin for matching an object's name."""
+ """Mixin for matching an object's name with alias dereferencing."""
name = CriteriaDescriptor("name_regex")
name_regex = False
+ alias_deref = False
def _match_name_debug(self, log):
"""Log debugging messages for name matching."""
- log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
+ log.debug("Name: {0.name!r}, regex: {0.name_regex}, deref: {0.alias_deref}".format(self))
def _match_name(self, obj):
"""Match the object to the name criteria."""
@@ -152,7 +154,11 @@
# if there is no criteria, everything matches.
return True
- return match_regex(obj, self.name, self.name_regex)
+ if self.alias_deref:
+ return match_regex(obj, self.name, self.name_regex) or \
+ match_in_set(obj.aliases(), self.name, self.name_regex)
+ else:
+ return match_regex(obj, self.name, self.name_regex)
class MatchObjClass:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/policyrep/mls.pxi new/setools-4.2.1/setools/policyrep/mls.pxi
--- old/setools-4.2.0/setools/policyrep/mls.pxi 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setools/policyrep/mls.pxi 2019-02-05 01:18:05.000000000 +0100
@@ -83,7 +83,7 @@
def aliases(self):
"""Generator that yields all aliases for this category."""
self._load_aliases()
- return self.policy.category_aliases(self)
+ return iter(self._aliases)
def statement(self):
cdef:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setools/policyrep/selinuxpolicy.pxi new/setools-4.2.1/setools/policyrep/selinuxpolicy.pxi
--- old/setools-4.2.0/setools/policyrep/selinuxpolicy.pxi 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setools/policyrep/selinuxpolicy.pxi 2019-02-05 01:18:05.000000000 +0100
@@ -1,5 +1,5 @@
# Copyright 2014-2016, Tresys Technology, LLC
-# Copyright 2016-2018, Chris PeBenito
+# Copyright 2016-2019, Chris PeBenito
#
# This file is part of SETools.
#
@@ -344,10 +344,10 @@
raise InvalidBoolean("{0} is not a valid Boolean".format(name))
- def lookup_category(self, name):
- """Look up a category."""
+ def lookup_category(self, name, deref=True):
+ """Look up a category, with optional alias dereferencing."""
for c in self.categories():
- if c == name:
+ if c == name or (deref and name in list(c.aliases())):
return c
raise InvalidCategory("{0} is not a valid category".format(name))
@@ -380,10 +380,10 @@
"""Look up a MLS level."""
return Level.factory_from_string(self, level)
- def lookup_sensitivity(self, name):
- """Look up a MLS sensitivity by name."""
+ def lookup_sensitivity(self, name, deref=True):
+ """Look up a MLS sensitivity by name, with optional alias dereferencing."""
for s in self.sensitivities():
- if s == name:
+ if s == name or (deref and name in list(s.aliases())):
return s
raise InvalidSensitivity("{0} is not a valid sensitivity".format(name))
@@ -400,17 +400,21 @@
raise InvalidRole("{0} is not a valid role".format(name))
- def lookup_type(self, name):
- """Look up a type by name."""
+ def lookup_type(self, name, deref=True):
+ """Look up a type by name, with optional alias dereferencing."""
for t in self.types():
- if t == name:
+ if t == name or (deref and name in list(t.aliases())):
return t
raise InvalidType("{0} is not a valid type".format(name))
- def lookup_type_or_attr(self, name):
- """Look up a type or type attribute by name."""
- for t in itertools.chain(self.types(), self.typeattributes()):
+ def lookup_type_or_attr(self, name, deref=True):
+ """Look up a type or type attribute by name, with optional alias dereferencing."""
+ for t in self.types():
+ if t == name or (deref and name in list(t.aliases())):
+ return t
+
+ for t in self.typeattributes():
if t == name:
return t
Binary files old/setools-4.2.0/setoolsgui/apol/apol.qch and new/setools-4.2.1/setoolsgui/apol/apol.qch differ
Binary files old/setools-4.2.0/setoolsgui/apol/apol.qhc and new/setools-4.2.1/setoolsgui/apol/apol.qhc differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setoolsgui/apol/mainwindow.py new/setools-4.2.1/setoolsgui/apol/mainwindow.py
--- old/setools-4.2.0/setoolsgui/apol/mainwindow.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setoolsgui/apol/mainwindow.py 2019-02-05 01:18:05.000000000 +0100
@@ -632,9 +632,11 @@
def about_apol(self):
QMessageBox.about(self, "About Apol", "Version {0}<br>"
"Apol is a graphical SELinux policy analysis tool and part of "
- "https://github.com/TresysTechnology/setools/wiki\">"
+ "https://github.com/SELinuxProject/setools/wiki\">"
"SETools</a>.<p>"
- "Copyright (C) 2015-2016, Tresys Technology.".format(__version__))
+ "Copyright (C) 2015-2016, Tresys Technology<p>"
+ "Copyright (C) 2016, Chris PeBenito ".
+ format(__version__))
def apol_help(self):
"""Open the main help window."""
@@ -647,7 +649,7 @@
self.log.debug("Starting assistant with help file {0}".format(helpfile))
self.help_process.start("assistant",
["-collectionFile", helpfile, "-showUrl",
- "qthelp://com.github.tresystechnology.setools/doc/index.html",
+ "qthelp://com.github.selinuxproject.setools/doc/index.html",
"-show", "contents", "-enableRemoteControl"])
@pyqtSlot(str)
@@ -663,5 +665,5 @@
self.log.warning("Timed out waiting for Qt assistant to start.")
return
- self.help_process.write("setSource qthelp://com.github.tresystechnology.setools/doc/{0}\n".
+ self.help_process.write("setSource qthelp://com.github.selinuxproject.setools/doc/{0}\n".
format(location))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setoolsgui/models.py new/setools-4.2.1/setoolsgui/models.py
--- old/setools-4.2.0/setoolsgui/models.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setoolsgui/models.py 2019-02-05 01:18:05.000000000 +0100
@@ -124,7 +124,7 @@
# create intersection
for cls in classes:
- cls_perms = cls.perms
+ cls_perms = set(cls.perms)
with suppress(NoCommon):
cls_perms.update(cls.common.perms)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/setup.py new/setools-4.2.1/setup.py
--- old/setools-4.2.0/setup.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/setup.py 2019-02-05 01:18:05.000000000 +0100
@@ -128,7 +128,7 @@
'-fno-exceptions'])]
setup(name='setools',
- version='4.2.0',
+ version='4.2.1',
description='SELinux Policy tools.',
author='Chris PeBenito',
author_email='pebenito@ieee.org',
@@ -136,7 +136,7 @@
cmdclass={'build_qhc': QtHelpCommand, 'clean': CleanCommand},
packages=['setools', 'setools.diff', 'setoolsgui', 'setoolsgui.apol'],
scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'],
- data_files=[(join(sys.prefix, 'share/man/man1'), glob.glob("man/*.1"))],
+ data_files=[('share/man/man1', glob.glob("man/*.1"))],
package_data={'': ['*.ui', '*.qhc', '*.qch'], 'setools': ['perm_map']},
ext_modules=cythonize(ext_py_mods, include_path=['setools/policyrep'],
annotate=cython_annotate,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/tests/typequery.conf new/setools-4.2.1/tests/typequery.conf
--- old/setools-4.2.0/tests/typequery.conf 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/tests/typequery.conf 2019-02-05 01:18:05.000000000 +0100
@@ -160,6 +160,13 @@
type test21t2 alias { test21b test21d };
type test21t3 alias { test21e test21f };
+# test 22
+# name: test22alias
+# deref: True
+# attrs: unset
+# alias: unset
+type test22 alias { test22alias test22a };
+
# test 30
# name: test30
# attrs: unset
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/setools-4.2.0/tests/typequery.py new/setools-4.2.1/tests/typequery.py
--- old/setools-4.2.0/tests/typequery.py 2018-11-10 14:45:36.000000000 +0100
+++ new/setools-4.2.1/tests/typequery.py 2019-02-05 01:18:05.000000000 +0100
@@ -1,4 +1,5 @@
# Copyright 2014-2015, Tresys Technology, LLC
+# Copyright 2019, Chris PeBenito
#
# This file is part of SETools.
#
@@ -94,6 +95,13 @@
types = sorted(str(t) for t in q.results())
self.assertListEqual(["test21t1", "test21t2"], types)
+ def test_022_alias_dereference(self):
+ """Type query with alias dereference."""
+ q = TypeQuery(self.p, name="test22alias", alias_deref=True)
+
+ types = sorted(str(t) for t in q.results())
+ self.assertListEqual(["test22"], types)
+
def test_030_permissive(self):
"""Type query with permissive match"""
q = TypeQuery(self.p, permissive=True)