Commit Graph

181 Commits

Author SHA1 Message Date
Fernand Lone-Sang
ba1869f658 add tox configuration file
From the project webpage:

"""
Tox is a generic virtualenv management and test command line tool you can use
for:

- checking your package installs correctly with different Python versions and
  interpreters
- running your tests in each of the environments, configuring your test tool of
  choice
- acting as a frontend to Continuous Integration servers, greatly reducing
  boilerplate and merging CI and shell-based testing.
"""
2015-02-16 09:43:21 +01:00
Chris PeBenito
cd3f932f77 Add an enabled field for permissions in permission maps.
Change to regular dictionaries so when a map is paired with a particular
policy, it must be explicitly checked for unmapped permissions, as
permission maps are otherwise policy-agnostic.
2015-02-15 17:21:47 -05:00
Chris PeBenito
5983b87d5f Add Constraint and Validatetrans class docs. 2015-02-15 17:17:58 -05:00
Chris PeBenito
a08873765c Improve readability of Constraint expression rendering.
Fix all four constraint rule classes; (mls)validatetrans statements now
render correctly.
2015-02-14 17:19:58 -05:00
Chris PeBenito
7bacae7596 Improve readability of ConditionalExpression rendering code. 2015-02-14 17:17:52 -05:00
Chris PeBenito
2f44b599ca Reflow lines with new max line length.
Undo past whitespace fixes that are now unnecessary now that the max
line length increased to 100.
2015-02-14 10:40:38 -05:00
Chris PeBenito
f73e1d2850 Fix parameter moving errors in sesearch. 2015-02-14 10:33:18 -05:00
Chris PeBenito
12a778192c PEP8 fix for Symbol.__ne__(). 2015-02-13 15:10:26 -05:00
Chris PeBenito
bdb47c7241 PEP8 fixes for unit test code.
Except max line length of 100.
2015-02-12 14:34:49 -05:00
Chris PeBenito
15a8b2de2c String changes to meet PEP8 standards.
Except max line length of 100.

Also use escaping to fix long lines.
2015-02-12 14:01:44 -05:00
Chris PeBenito
2d1c9184ed Reorder parameters to meet PEP8 standards.
Except max line length of 100.
2015-02-12 13:59:54 -05:00
Chris PeBenito
02c5e72f0a Whitespace changes to meet PEP8 standards.
Except max line length of 100.
2015-02-12 13:52:46 -05:00
Chris PeBenito
dc3c36c747 Syntax fixes for PEP8. 2015-02-11 15:29:03 -05:00
Chris PeBenito
42f226939e Missed updating version for release.
Brown paper bag.
2015-02-11 14:13:11 -05:00
Chris PeBenito
d8f4f7bcd6 Further dependency clarification in the README.
Pip is missing one of NetworkX's dependencies for Python 3.x., so adjust
CI accordingly.
2015-02-11 09:37:59 -05:00
Chris PeBenito
95db5335cc Update build/runtime requirements.
Change CI tests to use minimum NetworkX version.
2015-02-11 09:26:29 -05:00
Chris PeBenito
de8bbb88b0 Implement boolean criteria for TE rule query.
Match rules based on the Booleans in the rule's conditional expression.

closes #4
2015-02-11 09:24:09 -05:00
Chris PeBenito
a9d2717698 Adjust SWIG download link. 2015-02-10 13:17:48 -05:00
Chris PeBenito
b67bd76e0c Move libqpol parser further in line with checkpolicy.
* Especially remove buggy conditional branch verification -- keep the same
  behavior as checkpolicy.
* No-rules-loading logic no longer needed
2015-02-10 11:43:31 -05:00
Chris PeBenito
f66657543f DTA: Improve excluded entrypoints processing efficiency
The common case for DTA is no excluded types. Short circuit any processing
of excluded entrypoints in this case.

Pre-filter the excluded entrypoint types before iterating on them. Use set
logic to find if any excluded types are in the entrypoints of a given edge
2015-02-08 20:06:06 -05:00
Chris PeBenito
79100ae6a2 Rename/move coveragerc.
Enables running coverage as: coverage run setup.py test
2015-02-07 20:56:54 -05:00
Chris PeBenito
da44b3592b DTA: implement excluded types and reverse analysis.
closes #25
closes #26
2015-02-07 15:07:40 -05:00
Chris PeBenito
094dbe3906 Add additional options checking in sedta. 2015-02-07 11:47:07 -05:00
Chris PeBenito
a809d3c557 Change to ternary for MLS enabled/disabled display in seinfo.
For style consistency in seinfo.
2015-02-06 09:11:44 -05:00
Chris PeBenito
7a9915f34a Move seinfo --flat option out of components option group. 2015-02-06 09:10:06 -05:00
Chris PeBenito
d2bc5be9d9 Whitespace fix in seinfo. 2015-02-06 09:08:45 -05:00
Chris PeBenito
50ae7a3cc7 Merge pull request #46 from kamino/seinfo-add-all-switch
adding a --all switch to seinfo
2015-02-06 09:01:43 -05:00
Fernand Lone-Sang
daa53937de add a --flat option to seinfo 2015-02-06 00:22:46 +01:00
Chris PeBenito
61d9790c13 Merge pull request #47 from kamino/fix-install-in-virtualenv
Enable installing setools in virtualenv
2015-02-05 14:19:55 -05:00
Chris PeBenito
0192ff6ddd Restore abort() use.
Otherwise -NDEBUG builds get compile errors.
2015-02-05 13:28:08 -05:00
Fernand Lone-Sang
0583fc7fda Enable installing setools in virtualenv
When installed from virtualenv, setools fails to write into /usr/share/setools.
This fix uses sys.prefix to install data_files either system wide or inside the
virtualenv.
2015-02-05 19:23:27 +01:00
Chris PeBenito
79320ba0cc Update parsers to checkpolicy 2.4.
Start dropping ancient psid support and other unused #ifdefs.
2015-02-05 13:05:55 -05:00
Chris PeBenito
0ff6de188a Restore -Werror
Ubuntu 12.04 LTS's flex (2.5.35) generates a redundant declaration.
2015-02-05 10:52:42 -05:00
Chris PeBenito
44437c4112 Fix travis-ci issues with old SWIG. 2015-02-05 09:59:07 -05:00
Chris PeBenito
bed179851a Fix escaping. 2015-02-04 15:09:21 -05:00
Chris PeBenito
f79bf4c3b8 Point travis build to the compiled instance of sepol.a 2015-02-04 15:03:40 -05:00
Chris PeBenito
3937946900 Update to libsepol 2.4 parser.
There was a struct change internally. Now setools4 requires libsepol 2.4.
2015-02-04 14:34:47 -05:00
Chris PeBenito
17c169d4d4 Temporarily remove -Werror to make sure travis-ci script works. 2015-02-04 12:01:52 -05:00
Chris PeBenito
7edd44d047 Fix userspace link in .travis.yml. 2015-02-04 11:29:41 -05:00
Chris PeBenito
846d4650a4 Add updated SELinux userspace to travis config.
Originally by Nicolas Iooss
https://github.com/fishilico/selinux-refpolicy-patched/blob/travis-upstream/.travis.yml
2015-02-04 10:56:07 -05:00
Chris PeBenito
d43af2bdae Add SWIG to travis-ci config. 2015-02-04 10:40:33 -05:00
Chris PeBenito
79c7c6bf26 Add Travis-ci config 2015-02-04 10:33:12 -05:00
Fernand Lone-Sang
3b324d7f5e adding a --all switch to seinfo
There are 3 major changes in this commit:

1/ Setting the default values to None instead of "". Indeed, when --all is
   passed to the command line, default values are set to "" making the
   'if insinstance(xxx, str)' being True, and thus the script takes the wrong
   branch.
2/ if/elif/else have been replaced by if/else structure, to enable selection of
   multiple switches. Selected component queries are stacked and displayed at
   the end
3/ like the original seinfo, we append some descriptions string (info: count +
   indented results) to the output
2015-02-04 10:25:03 +01:00
Chris PeBenito
0b2782b0a2 Add coverage.py configuration. 2015-02-03 08:08:35 -05:00
Chris PeBenito
2418619e2a Move permissive query into type query
TypeQuery needed the permisive matching support to be complete. This made
PermissiveQuery redundant.

Made the permissive state an option, so enforcing types could be queried.
2015-01-31 12:10:11 -05:00
Chris PeBenito
3ec1cf7d60 Merge pull request #3 from kamino/kamino-fix-build-errors
Fix build errors on ubuntu 14.10
2015-01-26 13:21:03 -05:00
Fernand Lone-Sang
bc081bbccd Fixed -Werror=unused-but-set-variable in libqpol/policy_extend.c 2015-01-23 15:23:38 +01:00
Fernand Lone-Sang
6a8dbe88a5 Fixed -Werror=unused-variable in libqpol/policy_extend.c 2015-01-23 15:23:32 +01:00
Fernand Lone-Sang
43ab9251fd Fixed -Werror=unused-but-set-variable in libqpol/default_object_query.c 2015-01-23 15:23:32 +01:00
Fernand Lone-Sang
322b08b64e Fixed -Werror=unused-label in setools/policyrep/qpol.i
This fix removes "error: label 'fail' defined but not used [-Werror=unused-label]"
compilation errors. Exceptions handlers (fail label) where defined in swig, but no
exceptions where raised in the function, causing the compilation error.
2015-01-23 15:23:23 +01:00