RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-30 15:26:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
420 Commits 8 Branches 22 Tags 3.8 MiB
eae9ff97d5
Commit Graph

107 Commits

Author SHA1 Message Date
Chris PeBenito
eae9ff97d5 setools: add PolicyDifference class 
Begin diff functions by implementing type difference function.

Closes #32
 2015-12-17 11:08:35 -05:00
Chris PeBenito
d66467f3b3 MatchPermission: implement subset permission criteria 
Useful for matches where a matching rule has all of the permission criteria
but may have more.

Closes #57
 2015-10-04 11:03:41 -04:00
Chris PeBenito
4bea20b522 Misc docstring cleanups. 2015-05-16 22:01:03 -04:00
Chris PeBenito
e6f59d04e5 Refactor SETools queries/analyses to use descriptors instead of get/setters 
This is Pythonic.
 2015-05-16 21:59:10 -04:00
Chris PeBenito
da8b151d5c InfoFlowAnalysis: convert output to namedtuples 2015-04-26 10:41:03 -04:00
Chris PeBenito
d23bdd4895 DomainTransitionAnalysis: convert to named tuples for output 
Makes output compact and easier to use for callers. Also it is backwards
compatible.
 2015-04-26 10:19:42 -04:00
Chris PeBenito
1406eb30c3 Implement InitialSIDTest. 2015-04-24 08:56:56 -04:00
Chris PeBenito
6de35b81f7 Implement CommonTest and ObjClassTest. 
Also fix bugs uncovered by testing.
 2015-04-23 11:04:37 -04:00
Chris PeBenito
7cb5762b4f TypeAttribute: add __contains__ 2015-04-23 09:00:07 -04:00
Chris PeBenito
970a905867 PolCapTest: add lookup test. 2015-04-23 08:53:19 -04:00
Chris PeBenito
df493bbb4a Fix PolCapTest. 2015-04-23 08:38:39 -04:00
Chris PeBenito
ae0e116567 Implement PolCapTest. 2015-04-22 18:01:22 -04:00
Chris PeBenito
f8a2023391 DomainTransitionAnalysis: implement Edge class and descriptors for graph access 
Includes policyrep changes to handle the deepcopy needed by NetworkX. The
SWIG objects are treated as immutable, since they are proxies of C pointers
to immutable objects (raw policydb).

Also fixes PolicySymbol.__hash__(), as returning NotImplemented would
raise a TypeError.
 2015-04-22 09:55:21 -04:00
Chris PeBenito
43b8fb5214 InfoFlowAnalysis: undo API change. 2015-04-22 08:54:59 -04:00
Chris PeBenito
6904619197 InfoFlowAnalysis: implement Edge class and descriptors for graph access 2015-04-21 09:49:42 -04:00
Chris PeBenito
b1c2901e4f tests: fix iter() use in Mock objects 
By using return_value, there was only one instance of the iterator, which
would cause problems if it needed to be used again but had already been
consumed. Switch to lambdas that return a new instance of the iter().
 2015-04-18 10:47:42 -04:00
Chris PeBenito
cc7ee08f03 policyrep factories: short circuit if provided a constructed object. 
Change factory functions that support lookups to short circuit if they are
being provided an instance of the object they are meant to create.
 2015-04-16 14:07:18 -04:00
Chris PeBenito
d82a28262c setools __init__: import query/analysis classes 
Makes use simpler. The setools submodules map 1:1 to classes anyway;
the separate modules are simply to ease organization.

Change seinfo to use conditional setter use rather than conditional
instantiation of queries.  Note: pylint disable is added because pylint
gets confused by the reuse of the q variable and thinks that q is always
BoolQuery, so it incorrectly reports missing member functions.
 2015-04-15 12:00:59 -04:00
Chris PeBenito
55b290a77d NodeconQuery: Sync __init__ named parameters to setters 
This is to match up __init__ named parameters to the corresponding
setter names, so it is simpler to switch from using the named parameters
over to separate setter calls.
 2015-04-15 11:24:41 -04:00
Chris PeBenito
05da568b15 Clean up unused imports in RBAC and TE rule tests. 2015-04-13 10:08:15 -04:00
Chris PeBenito
961680ee1e Implement MLSRuleTest 2015-04-13 10:06:04 -04:00
Chris PeBenito
f2064f7eac Implement RoleAllowTest and RoleTransitionTest. 2015-04-12 17:20:55 -04:00
Chris PeBenito
25a5c1adab Implement AVRuleTest and TERuleTest. 2015-04-12 10:51:58 -04:00
Chris PeBenito
09a5f5dca4 Implement TypeTest and TypeAttributeTest 2015-04-11 10:54:22 -04:00
Chris PeBenito
9c9d908754 Implement RoleTest. 2015-04-11 09:01:26 -04:00
Chris PeBenito
415a91d9a0 UserTest: fix copy/paste error in docstring 2015-04-11 08:37:54 -04:00
Chris PeBenito
26e0396290 Implement User unit tests. 2015-04-10 14:53:07 -04:00
Chris PeBenito
4e0b7d853b Thoroughly test MLS representations. 
Implement category and level decl. lookups along the way.
 2015-04-09 14:27:51 -04:00
Chris PeBenito
448b8ebeae PermissionMapTest: add additional unit tests for error cases 
Fix the exposed bugs in PermissionMap.  Add an exception for parse errors
in the permission map file parser, as SyntaxError is not the correct
exception.
 2015-04-07 14:40:04 -04:00
Chris PeBenito
f3ca479a27 Address remaining pylint errors. 
Also implement some suggested changes.
 2015-04-06 09:51:32 -04:00
Chris PeBenito
0397706313 PermissionMapTest: implement helper function for verifying map contents 2015-04-03 15:07:04 -04:00
Chris PeBenito
816fc94e3b MLSRuleQueryTest: PEP8 fix 2015-04-03 14:59:07 -04:00
Chris PeBenito
cfbedfb9f3 tests: implement ValidateRule mixin 
Simplifies testing and uncovered a couple minor bugs in unit tests.
 2015-04-03 14:48:25 -04:00
Chris PeBenito
9d51dcc7e3 Misc cleanups suggested by pylint 
* unnecessary parentheses on return
* variable shadowing
* unused variables
* classmethod variable naming
 2015-04-02 14:50:21 -04:00
Chris PeBenito
94376a145f Remove unused imports. 
Uncovered with pylint.
 2015-04-02 10:58:26 -04:00
Chris PeBenito
0745f8011c SELinuxPolicyTest: clean up temp binary policy in case of setUpClass error 
This should never be hit since the source policy already was complied
by checkpolicy.
 2015-04-01 13:26:48 -04:00
Chris PeBenito
c146f0ab47 Restructure exceptions across the entire project. 
Group all exception classes into a module for each package.  This is the
first step towards having all exceptions raised by setools libs be a child of
SEToolsException.
 2015-04-01 12:10:45 -04:00
Chris PeBenito
bb1734e9e5 RangeFactoryTest: add test for high end of range being invalid 2015-03-29 09:40:15 -04:00
Chris PeBenito
4f73368b7e DTA/InfoFlow: add unit tests for analysis functions 
The purpose is not to verify graph algorithm correctness. The purpose is to
verify everything is yielded correctly.
 2015-03-28 11:50:44 -04:00
Chris PeBenito
3e6a509ecb NodeconQueryTest: fix typo in messages 2015-03-27 13:22:12 -04:00
Chris PeBenito
2ea074e563 InfoFlowAnalysisTest: improve efficiency 
The main graph is never rebuilt since the perm map never changes.  This
mirrors how a user might interact. If in the future perm map changes
are introduced, the code should still cope.

Also one minor efficiency tweak in InfoFlowAnalysis. Don't bother removing
edges due to weight if it is set to 1 since that includes everything.
 2015-03-27 12:30:43 -04:00
Chris PeBenito
c9c995e7f3 NodeconQueryTest: Change IP criteria to skip on Python < 3.3 2015-03-27 09:38:00 -04:00
Chris PeBenito
c6f11ca80e DTA: add error testing on the interface. 2015-03-27 09:15:15 -04:00
Chris PeBenito
758865e3a9 InfoFlow tests: fix disconnected node tests 
The no_flow type wasn't ever in the graph.
 2015-03-27 09:07:48 -04:00
Chris PeBenito
ec9de08ac6 InfoFlowAnalysis: Add interface error tests. 
Unconvered 2 minor NetworkX error path bugs:
networkx/networkx#1430
networkx/networkx#1433
 2015-03-26 14:48:29 -04:00
Chris PeBenito
f2d334c691 LevelFactoryTest: add extra test for category range parse error. 
Such as: s0:c0.c2.c4
 2015-03-20 12:03:09 -04:00
Chris PeBenito
712138178f PermissionMap: implement policy mapping function. 
Also add unit tests for parsing functions.

closes #23
 2015-03-18 10:16:15 -04:00
Chris PeBenito
ed35d206d9 Change unit tests to use setUpClass for opening policies. 2015-03-18 09:44:16 -04:00
Chris PeBenito
4ecd6d00a5 Implement TypeAttributeQuery. 
closes #13
closes #14
 2015-03-16 10:46:33 -04:00
Chris PeBenito
f4b1b68195 Rename type attribute interfaces. 
Make sure they reflect that they are for type rather than role attributes.
 2015-03-16 10:38:43 -04:00