RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-04-01 22:58:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
649 Commits 8 Branches 22 Tags 3.8 MiB
243e94e740
Commit Graph

649 Commits

Author SHA1 Message Date
Chris PeBenito
d274954237 diff: add MLS level and range wrappers. 2016-01-07 09:35:22 -05:00
Chris PeBenito
6e7d1646d1 MLSRule: add expand method. 
This doesn't actually do anything since libqpol expands all of the rules
before it ever gets to Python classes.  Should this ever change, this
function will handle it.

Also add expand function to PolicyRule since all rules should be expandable
due to role and type attributes.
 2016-01-07 09:31:07 -05:00
Chris PeBenito
dc0f25a04e TERuleWrapper: fix missed inheritance of Wrapper class. 2016-01-07 09:31:07 -05:00
Chris PeBenito
9ad7cd0f1c TERulesDifference: use wrapper to compare default types 2016-01-07 09:31:07 -05:00
Chris PeBenito
c00733e3e8 TERulesDifference: rename internal rule list method 
Make sure it doesn't conflict with another diff class, since PolicyDifference
is composed of all of the diff classes.
 2016-01-07 09:30:39 -05:00
Chris PeBenito
808cd5f535 TERulesDifference: move _expand_generator to Difference 
Other rule types can be expanded.
 2016-01-07 08:53:34 -05:00
Chris PeBenito
0c81b6244c policyrep: inherit AttributeError in exceptions raised by properites. 2016-01-05 15:31:14 -05:00
Chris PeBenito
a30b57bf29 AVRule/TERule: cache the string representation 
This yields nearly an order of magnitude of performance improvement in
sediff when there are large amounts of rule differences.
 2016-01-05 13:48:16 -05:00
Chris PeBenito
9287eef972 Difference: move hash out of sorting function to TE rule wrapper __lt__ 2016-01-04 11:18:46 -05:00
Chris PeBenito
2461d15234 Difference: sort by hash in _set_diff for better results 2016-01-03 16:40:21 -05:00
Chris PeBenito
4b9078aba4 diff: add Wrapper base class. 2016-01-03 16:03:48 -05:00
Chris PeBenito
d9752bc1c2 sediff: add TE rules output 2016-01-02 18:20:09 -05:00
Chris PeBenito
c913989f8c PolicyDifference: implement TE rule difference 
Closes
2016-01-02 18:17:39 -05:00
Chris PeBenito
c1ebfeb3e7 diff: add wrapper for comparing conditional expressions by truth table. 2016-01-02 18:14:10 -05:00
Chris PeBenito
274393f108 PolicyDifference: add wrapper for objects. 
Wrap policy objects so they can be compared specially for the diff use case
without overriding the __eq__ functions.  This also results in the policy
objects being returned instead of only strs.

Also update _set_diff to unwrap objects after doing all set operations.

All future wrapper classes should specify a origin attribute which is a
reference to the wrapped object.
 2016-01-02 18:10:33 -05:00
Chris PeBenito
574aea8452 BaseTERule: add function for expanding rules. 
Also add new classes ExpandedAVRule and ExpandedTERule correspondingly.
 2016-01-02 17:59:10 -05:00
Chris PeBenito
16756d21d6 sediff: implement command-line options for partial diffs. 2016-01-02 17:54:40 -05:00
Chris PeBenito
12b40d5e75 PolicyRule/BaseTERule/AVRule/TERule: add conditional block 
Returns True/False based on which conditional block/branch the rule is in.
Also updates rendering accordingly.
 2016-01-02 17:47:41 -05:00
Chris PeBenito
786b6f50f9 RoleAllow, PolicyRule, PolicySymbol, TERule: add/update __hash__() 2016-01-02 17:38:20 -05:00
Chris PeBenito
cce24d080a ConditionalExpr: add evaluation and truth table functions. 2016-01-02 17:33:48 -05:00
Chris PeBenito
be44f016b5 PolicyDifference: Decompose into a submodule. 2015-12-26 16:09:08 -05:00
Chris PeBenito
92134725c1 PolicyDifference: add object class diff 
Closes
2015-12-21 11:01:30 -05:00
Chris PeBenito
b3dbe6a8b3 PolicyDifference: implement common permission set diff 
Closes
2015-12-18 19:39:02 -05:00
Chris PeBenito
36546e76ac sediff: sort output 2015-12-18 19:03:34 -05:00
Chris PeBenito
e5bca0c409 sediff: add initial role and type output 2015-12-18 16:00:01 -05:00
Chris PeBenito
7330b7894a sediff: add skeleton. 
Implement the CLI parser and diff creation.
 2015-12-18 11:21:13 -05:00
Chris PeBenito
12b13406f1 PolicyDifference: add role difference 
Closes
2015-12-18 11:07:37 -05:00
Chris PeBenito
7a13a9136a PolicyDifferenceTest: drop test numbers 2015-12-18 09:35:52 -05:00
Chris PeBenito
070eb683f7 tox.ini: restore recreate option 
Ensure a consistent virtualenv.
 2015-12-17 11:08:35 -05:00
Chris PeBenito
eae9ff97d5 setools: add PolicyDifference class 
Begin diff functions by implementing type difference function.

Closes
2015-12-17 11:08:35 -05:00
Chris PeBenito
3f7b428b70 Merge pull request from bigon/master 
Fix build when SEPOL environment variable is set
 2015-12-16 09:53:40 -05:00
Laurent Bigonville
5d04579d13 Fix build when SEPOL environment variable is set 
Closes:
2015-12-16 15:40:49 +01:00
Chris PeBenito
a93682f5f7 Bump version for release. 2015-12-15 13:02:06 -05:00
Chris PeBenito
fe970680af RuleListModel: restore parent class for rule list models 2015-12-15 10:10:28 -05:00
Chris PeBenito
f89f875a62 ChooseAnalysis: Sort analysis options 2015-12-15 09:17:07 -05:00
Chris PeBenito
5e3da8f6bb rbacrulequery.ui: fix class 2015-12-15 08:55:47 -05:00
Chris PeBenito
cf7b0789ba apol: add MLS rule query 2015-12-15 08:51:14 -05:00
Chris PeBenito
6c702179c4 apol: add RBAC rule query 
RuleResultModel: give up trying to have a parent class. Remove.
 2015-12-15 08:04:01 -05:00
Chris PeBenito
cff5de89e6 apol: add domain transition analysis tab 2015-12-14 09:53:59 -05:00
Chris PeBenito
05c8cdd732 InfoFlowAnalsysTab: set raw to default result 
Not yet resolved on how to do graphical representation yet.
 2015-12-14 09:53:59 -05:00
Chris PeBenito
fd5151a4bd Merge pull request from kamino/master 
policyrep: sort categories using their index
 2015-12-07 08:09:07 -05:00
Fernand Lone-Sang
9b3b230889 policyrep: sort categories using their index 2015-12-05 11:05:08 +01:00
Chris PeBenito
0ad3155ac0 Build C extension for lint tox target. 
Fix pylint import issues on TravisCI.
 2015-12-02 12:44:45 -05:00
Chris PeBenito
8ab5498ba7 Misc fixes for pylint 1.5. 2015-12-01 09:38:08 -05:00
Chris PeBenito
4b9111c2af FSUseQuery: add rule type descriptor 
Add a corresponding validator funtion in policyrep.

Also addresses pylint 1.5 issues.
 2015-12-01 09:30:30 -05:00
Chris PeBenito
a2cb67c811 Update .pylintrc for pylint 1.5. 2015-12-01 09:22:38 -05:00
Chris PeBenito
7a7d49d93f Display unknown permissions setting in general seinfo output. 2015-11-30 11:49:58 -05:00
Chris PeBenito
b38aa9af6f seinfo: clarify empty attribute expansion 
Use "empty attribute" instead of "empty set".
 2015-10-15 16:00:13 -04:00
Chris PeBenito
f3aaeb5ce5 SELinuxPolicy: use selinux_current_policy_path() for the running policy first 2015-10-14 16:21:56 -04:00
Chris PeBenito
d66467f3b3 MatchPermission: implement subset permission criteria 
Useful for matches where a matching rule has all of the permission criteria
but may have more.

Closes
2015-10-04 11:03:41 -04:00