Commit Graph

2441 Commits

Author SHA1 Message Date
Stephen Smalley
c41633b90e libselinux: audit2why: fix build warnings
Fix the following build warnings.

audit2why.c: In function ‘__policy_init’:
audit2why.c:207:22: warning: ‘%s’ directive output may be truncated writing up to 4095 bytes into a region of size 4081 [-Wformat-truncation=]
      "unable to open %s:  %s\n",
                      ^~
      path, strerror(errno));
      ~~~~
audit2why.c:206:4: note: ‘snprintf’ output 20 or more bytes (assuming 4115) into a destination of size 4096
    snprintf(errormsg, sizeof(errormsg),
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      "unable to open %s:  %s\n",
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~
      path, strerror(errno));
      ~~~~~~~~~~~~~~~~~~~~~~
audit2why.c:253:28: warning: ‘%s’ directive output may be truncated writing up to 4095 bytes into a region of size 4074 [-Wformat-truncation=]
     "invalid binary policy %s\n", path);
                            ^~     ~~~~
audit2why.c:252:3: note: ‘snprintf’ output between 24 and 4119 bytes into a destination of size 4096
   snprintf(errormsg, sizeof(errormsg),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     "invalid binary policy %s\n", path);
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-05-08 08:11:58 -04:00
Stephen Smalley
e76569f863 libselinux: avcstat: fix build warning
Fix the following build warning.

avcstat.c: In function ‘main’:
avcstat.c:113:4: error: ‘strncpy’ specified bound 4096 equals destination size [-Werror=stringop-truncation]
    strncpy(avcstatfile, optarg, sizeof avcstatfile);
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-05-08 08:11:58 -04:00
Stephen Smalley
8467979d41 libselinux: fix build warning in save_booleans()
Fix the following warning in save_booleans().  We could likely drop
the function altogether, either ignoring or returning EINVAL if
a non-zero permanent argument is passed to security_set_boolean_list(),
since setting persistent booleans is now handled via libsemanage.  This
code and the corresponding security_load_booleans() code is legacy from
RHEL4 days and could be removed although we would need to keep the ABI
for compatibility.

booleans.c: In function ‘save_booleans’:
booleans.c:441:13: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size between 0 and 8191 [-Werror=format-truncation=]
         "%s=%d\n", boolname,
             ^~
booleans.c:440:7: note: ‘snprintf’ output between 4 and 8205 bytes into a destination of size 8192
       snprintf(outbuf, sizeof(outbuf),
       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         "%s=%d\n", boolname,
         ~~~~~~~~~~~~~~~~~~~~
         boollist[i].value);
         ~~~~~~~~~~~~~~~~~~
booleans.c:454:12: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size between 0 and 8191 [-Werror=format-truncation=]
        "%s=%d\n", boolname, val);
            ^~
booleans.c:453:6: note: ‘snprintf’ output between 4 and 8205 bytes into a destination of size 8192
      snprintf(outbuf, sizeof(outbuf),
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        "%s=%d\n", boolname, val);
        ~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-05-08 08:11:58 -04:00
Stephen Smalley
38e49c7187 libsepol: remove unused function and type
Fix the following build warning:
policydb.c: In function ‘get_symtab_destroy_func’:
policydb.c:1581:9: error: cast between incompatible function types from ‘int (*)(char *, void *, void *)’ to ‘void (*)(char *, void *, void *)’ [-Werror=cast-function-type]
  return (hashtab_destroy_func_t) destroy_f[sym_num];
         ^

It turns out that this function and type are long unused in libsepol
and are not exported APIs for the shared library, so just remove them.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-05-08 08:11:58 -04:00
Stephen Smalley
dc03bae194 Update VERSION files to 2.8-rc2.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-04-26 13:20:40 -04:00
Nicolas Iooss
531fc3d8a7 libsemanage: always check append_arg return value
When split_args() calls append_arg(), the returned value needs to be
checked in order to detect memory allocation failure. Checks were
missing in two places, which are spotted by clang's static analyzer:

    semanage_store.c:1352:7: warning: Value stored to 'rc' is never
    read
            rc = append_arg(&argv, &num_args, arg);
            ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    semanage_store.c:1368:3: warning: Value stored to 'rc' is never read
            rc = append_arg(&argv, &num_args, arg);
            ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-25 10:09:13 -07:00
Nicolas Iooss
20a324b591 sestatus: free process and file contexts which are checked
clang's static analyzer reports a potential memory leak because the
buffers allocated in pc and fc are not freed in main(), in sestatus.c.
Free these buffers properly.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-25 10:09:13 -07:00
Nicolas Iooss
0f99a3126c sestatus: resolve symlinks in path when looking for a process
"sestatus -v" uses /proc/$PID/exe symbolic link in order to find the
context of processes present in /etc/sestatus.conf. For example, this
file includes "/usr/sbin/sshd".

On Arch Linux, /bin, /sbin and /usr/sbin are symbolic links to /usr/bin,
so sshd process is seen as "/usr/bin/sshd" instead of "/usr/sbin/sshd".
This causes "sestatus -v" to show nothing in "Process contexts:" for
sshd, agetty, etc.

Use realpath() to resolve any symlink components in program paths
defined in /etc/sestatus.conf. This makes "sestatus -v" show the
expected result:

    Process contexts:
    Current context:                sysadm_u:sysadm_r:sysadm_t
    Init context:                   system_u:system_r:init_t
    /sbin/agetty                    system_u:system_r:getty_t
    /usr/sbin/sshd                  system_u:system_r:sshd_t

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-25 10:09:13 -07:00
Stephen Smalley
87a58b6b4e Revert "libselinux: verify file_contexts when using restorecon"
This reverts commit 814631d3ae.
As reported by Petr Lautrbach, this commit changed the behavior
of selabel_open() when SELABEL_OPT_VALIDATE is 0, and this would
be an API change.

Reported-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-04-20 10:12:57 -04:00
Stephen Smalley
f04d64012a Update VERSION files to 2.8-rc1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-04-19 10:40:16 -04:00
Nicolas Iooss
efc77aa209 libselinux: remove unused variable usercon
In getconlist.c, main() does not use usercon. Remove this variable.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-17 13:55:57 -07:00
Nicolas Iooss
5f76f6b8fb libselinux: fix memory leak in getconlist
In getconlist.c's main(), "level" is duplicated from an optional
argument without being ever freed. clang's static analyzer warns about
this memory leak.

Free the allocated memory properly in order to remove a warning reported
by clang's static analyzer.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-17 13:55:57 -07:00
Nicolas Iooss
c56bb631c4 libselinux: label_file: fix memory management in store_stem()
If store_stem() fails to expand the memory allocated on data->stem_arr,
some things go wrong:
* the memory referenced by "buf" is leaked,
* data->alloc_stems has been increased without data->stem_arr having
  been expanded. So the next time store_stem() is called, the function
  will behave as if the buffer holds enough space, and will write data
  after the end of data->stem_arr.

The first issue is being spotted by clang's static analyzer, which warns
about leaking variable "stem" in find_stem_from_spec() (this function
calls store_stem()).

This both issues by freeing buf when realloc(data->stem_arr) fails, and
by not increasing data->alloc_stems when this happens.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-17 13:55:57 -07:00
Nicolas Iooss
3dd5dd8a07 libsepol: ensure the level context is not empty
When load_users() parses an invalid line with an empty level context
(ie. nothing between "level" and "range" keywords), it allocates memory
with malloc(0) and uses it. The behavior of malloc() in this case is
an unspecified behavior: it might return NULL, which would lead to a
segmentation fault.

Fix this issue by reporting the invalid entry instead. While at it,
ensure that the character before "range" is a space, and change the
logic slightly in order to avoid using "--p; ... p++;".

This issue is reported by clang's static analyzer with the following
message:

    genusers.c:222:11: warning: Use of zero-allocated memory
                                            *r++ = *s;
                                                 ^
    genusers.c:225:7: warning: Use of zero-allocated memory
                            *r = 0;
                               ^

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-17 13:55:57 -07:00
Nicolas Iooss
9fc2301047 libsepol: do not dereference NULL if stack_init fails
In cond_expr_to_cil(), when stack_init() fails to allocate a stack, the
function calls stack_pop() with stack = NULL. Then stack_pop()
dereferences the pointer ("if (stack->pos == -1) {"), which is NULL.

Fix this by moving the stack cleaning loop in a "if (stack != NULL)"
block.

This issue is reported by clang's static analyzer with the following
message:

    module_to_cil.c:463:6: warning: Access to field 'pos' results in a
    dereference of a null pointer (loaded from variable 'stack')
        if (stack->pos == -1) {
            ^~~~~~~~~~

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-04-17 13:55:57 -07:00
Vit Mojzis
10bb459add libsemanage: do not change file mode of seusers and users_extra
Commit 8702a865e0 causes file mode of
seusers and users_extra to change based on the value defined in config
file whenever direct_commit is called and policy is not rebuilt.
(e.g. when setting a boolean).

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1512639

$ ll /var/lib/selinux/targeted/active/users_extra
-rw-------. 1 root root 101 11. dub 17.31 /var/lib/selinux/targeted/active/users_extra
$ ll /var/lib/selinux/targeted/active/seusers
-rw-------. 1 root root 73 11. dub 17.31 /var/lib/selinux/targeted/active/seusers
$ semanage boolean -m --on httpd_can_network_connect
$ ll /var/lib/selinux/targeted/active/seusers
-rw-r--r--. 1 root root 73 23. bře 16.59 /var/lib/selinux/targeted/active/seusers
$ ll /var/lib/selinux/targeted/active/users_extra
-rw-r--r--. 1 root root 101 23. bře 16.59 /var/lib/selinux/targeted/active/users_extra
$ rpm -Vq selinux-policy-targeted
.M.....T.    /var/lib/selinux/targeted/active/seusers
.M.....T.    /var/lib/selinux/targeted/active/users_extra

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-04-13 16:21:26 -04:00
Vit Mojzis
1ac7716df4 python/sepolgen: Try to translate SELinux contexts to raw
This allows sepolgen to generate policy from AVC messages that contain
contexts translated by mcstrans.

Fixes:

\# echo "type=USER_AVC msg=audit(1468415802.940:2199604): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0-s15:c0.c1023 msg='avc:  denied  { status } for auid=n/a uid=0 gid=0 cmdline="/usr/lib/systemd/systemd-logind" scontext=system_u:system_r:systemd_logind_t:SystemLow-SystemHigh tcontext=system_u:system_r:init_t:s0-s15:c0.c1023 tclass=system  exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'" | audit2allow

libsepol.mls_from_string: invalid MLS context SystemLow-SystemHigh
libsepol.mls_from_string: could not construct mls context structure
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert
system_u:system_r:systemd_logind_t:SystemLow-SystemHigh to sid

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-04-13 13:41:46 -04:00
Yuli Khodorkovskiy
3e47c239ec libselinux: echo line number of bad label in selabel_fini()
Keep track of line numbers for each file context in
selabel_handle. If an error occurs in selabel_fini(), the
line number of an invalid file context is echoed to the user.

Signed-off-by: Yuli Khodorkovskiy <ykhodo@gmail.com>
2018-04-04 11:09:11 -05:00
Yuli Khodorkovskiy
814631d3ae libselinux: verify file_contexts when using restorecon
In permissive mode, calling restorecon with a bad label in file_contexts
does not verify the label's existence in the loaded policy. This
results in any label successfully applying to a file, as long as the
file exists.

This issue has two assumptions:

1) file_contexts must be manually updated with the invalid label.
Running `semanage fcontext` will error when attempting to add
an invalid label to file_contexts.
2) the system must be in permissive. Although applying an invalid label
in enforcing gives an error and fails, successfully labeling a file with a
bad label could cause issues during policy development in permissive.

Instead, as each context is used, verify it is valid before blindly
applying the label. If an error with validation occurs in restorecon,
application of remaining valid labels will be uninterrupted as before.

Signed-off-by: Yuli Khodorkovskiy <ykhodo@gmail.com>
2018-04-04 11:09:11 -05:00
James Carter
4ba19b541d libsepol/cil: Improve processing of context rules
Improve the processing of netifcon, genfscon, ibpkeycon, ibendportcon,
portcon, nodecon, fsuse, filecon, iomemcon, ioportcon, pcidevicecon,
and devicetreecon rules.

If the multiple-decls option is not used then report errors if duplicate
context rules are found. If it is used then remove duplicate context rules
and report errors when two rules are identical except for the context.

This also changes the ordering of portcon and filecon rules. The protocol
of portcon rules will be compared if the port numbers are the same and the
path strings of filecon rules will be compared if the number of meta
characters, the stem length, string length and file types are the same.

Based on an initial patch by Pierre-Hugues Husson (phh@phh.me)

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2018-03-29 15:53:18 -04:00
Tri Vo
ea8d689b53 Resolve conflicts in expandattribute.
This commit resolves conflicts in values of expandattribute statements
in policy language and expandtypeattribute in CIL.

For example, these statements resolve to false in policy language:
 expandattribute hal_audio true;
 expandattribute hal_audio false;

Similarly, in CIL these also resolve to false.
 (expandtypeattribute (hal_audio) true)
 (expandtypeattribute (hal_audio) false)

A warning will be issued on this conflict.

Motivation
When Android combines multiple .cil files from system.img and vendor.img
it's possible to have conflicting expandattribute statements.

This change deals with this scenario by resolving the value of the
corresponding expandtypeattribute to false. The rationale behind this
override is that true is used for reduce run-time lookups, while
false is used for tests which must pass.

Signed-off-by: Tri Vo <trong@android.com>
Acked-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: William Roberts <william.c.roberts@intel.com>
Acked-by: James Carter <jwcart2@tycho.nsa.gov>
2018-03-26 12:29:37 -07:00
Vit Mojzis
0d1fad884a policycoreutils/semodule: Allow enabling/disabling multiple modules at once
Unify behaviour for all module actions.
The same behaviour is already present for -i/-u/-r/-e switches.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1545218

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-26 10:19:51 -04:00
Vit Mojzis
a0c4e64238 policycoreutils/semodule: Improve man page and unify it with --help
Unify the way parameters are described in man pages and --help message.
Explain special syntax allowing the user to specify multiple modules when using
-i/u/r/E mods.
Point out that priority has to be specified in order to remove module at
different priority than 400 and that "-d" disables all instances of
given module across priorities.

Resolves: rhbz#1320565, rhbz#1337192

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-26 10:19:51 -04:00
James Carter
c99739a6aa libsepol: Prevent freeing unitialized value in ibendport handling
Nicolas Iooss reports:
In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name()
fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is
called to free the memory associated with tmp_key, which results in
free() being called on uninitialized tmp_key->ibdev_name.

This issue is reported by clang's static analyzer with the following
message:

    ibendport_record.c:115:2: warning: 1st function call argument is an
    uninitialized value
            free(key->ibdev_name);
            ^~~~~~~~~~~~~~~~~~~~~

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2018-03-19 12:39:20 -04:00
Richard Haines via Selinux
cf0ab12414 selinux: Add support for the SCTP portcon keyword
Update libsepol, checkpolicy and the CIL compiler to support the SCTP
portcon keyword.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2018-03-19 12:34:29 -04:00
Vit Mojzis
721ccb3318 libsemanage/direct_api.c: Fix iterating over array
Fix sizeof calculation in array iteration introduced by commit
6bb8282c4c
"libsemanage: replace access() checks to make setuid programs work"

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-19 09:18:28 -07:00
Nicolas Iooss
07629c0a9f
libselinux,libsemanage: Replace PYSITEDIR with PYTHONLIBDIR
libselinux and libsemanage Makefiles invoke site.getsitepackages() in
order to get the path to the directory /usr/lib/pythonX.Y/site-packages
that matches the Python interpreter chosen with $(PYTHON). This method
is incompatible with Python virtual environments, as described in
https://github.com/pypa/virtualenv/issues/355#issuecomment-10250452 .
This issue has been opened for more than 5 years.

On the contrary python/semanage/ and python/sepolgen/ Makefiles use
distutils.sysconfig.get_python_lib() in order to get the site-packages
path into a variable named PYTHONLIBDIR. This way of computing
PYTHONLIBDIR is compatible with virtual environments and gives the same
result as PYSITEDIR.

As PYTHONLIBDIR works in more cases than PYSITEDIR, make libselinux and
libsemanage Makefiles use it. And as native code is installed (as part
of the SWIG wrapper), use "plat_specific=1" in order to use /usr/lib64
on systems which distinguish /usr/lib64 from /usr/lib.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
2018-03-17 09:03:33 +01:00
Stephen Smalley
5576912170 libsepol: Export sepol_polcap_getnum/name functions
Export the sepol_polcap_getnum/name() functions to users of
the shared library.  This will enable SETools to stop depending
on the static library.

Note that we may want to move polcaps.h up one level since
the convention is that headers directly under include/sepol are
shared library APIs while headers under include/sepol/policydb
are limited to static users.  However, this will unnecessarily
break the build for existing static users so it is deferred.

Suggested-by: Chris PeBenito <pebenito@ieee.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2018-03-15 13:52:55 -07:00
Vit Mojzis
6bb8282c4c libsemanage: replace access() checks to make setuid programs work
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs.
Replace access() calls (mostly tests for file existence) by stat().

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-13 10:57:04 +00:00
Jan Zarsky
29d84c6280 python/sepolgen: fix typo in PolicyGenerator 2018-03-08 14:56:19 -05:00
Vit Mojzis
4efa673bc0 libsemanage: remove access() check to make setuid programs work
F_OK access checks only work properly as long as all directories along
the path are accessible to real user running the program.
Replace F_OK access checks by testing return value of open, write, etc.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-08 14:48:11 -05:00
Vit Mojzis
88f4710617 libsemanage: remove access() check to make setuid programs work
access() uses real UID instead of effective UID which causes false
negative checks in setuid programs. Remove redundant access() checks

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-08 14:48:07 -05:00
Nicolas Iooss
2784addb14 libsemanage: silence clang static analyzer report
clang's static analyzer reports an out-of-bound array access in
semanage_user_roles() when num_roles is zero, with the following
statement:

    strcpy(roles,roles_arr[0]);

When num_roles is zero, roles_arr[0] is not uninitialized and roles is
the result of malloc(0) so this strcpy is dangerous. Make
semanage_user_roles() return an empty string instead.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-03-08 14:43:50 -05:00
Nicolas Iooss
2bd82070ef libsepol: cil: show an error when cil_expr_to_string() fails
cil_tree_print_expr() calls cil_expr_to_string() in order to compute a
string expression into expr_str. If this function fails, expr_str is
left unitialized but its value is dereferenced with:

    cil_log(CIL_INFO, "%s)", expr_str);

Prevent such an issue by checking cil_expr_to_string()'s return value
before using expr_str.

This issue has been found with clang's static analyzer.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-03-08 14:36:32 -05:00
Vit Mojzis
3217d717c8 gui/fcontextPage: Set default object class in addDialog
This ensures that user cannot leave the object class selection blank.

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-01 09:42:18 -05:00
Vit Mojzis
6f4b1bbdea gui/semanagePage: Close "edit" and "add" dialogues when successfull
"Edit" and "add" dialogues weren't closed after successful transaction
("add" and "edit" methods return "None" if successful).

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-03-01 09:41:54 -05:00
Vit Mojzis
8caec179c3 libsemanage: Improve warning for installing disabled module
Resolves: rhbz#1337199

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-02-28 11:37:31 -08:00
Yuli Khodorkovskiy
733b8005d8 secilc: Fix documentation build for OS X systems
Since Darwin systems do not have GNU sed installed, the Darwin sed is
missing the "regexp-extended" flag needed to modify the secilc markdown
files before processing with pandoc.

A quick fix for Mac users is to `brew install gnu-sed` and to use gsed.

Signed-off-by: Yuli Khodorkovskiy <ykhodo@gmail.com>
2018-02-26 09:55:27 -05:00
Vit Mojzis
fd43043ba2 semodule-utils/semodule_package: fix semodule_unpackage man page
Fix command line arguments and description in man page.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1334834

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-02-26 09:52:02 -05:00
Lee Stubbs
e4348941ee Minor update for bash completion. Bash completion for ports is missing '-' for type. Based on documentation, it should be --type, not -type. 2018-02-26 09:33:19 -05:00
Petr Lautrbach
bb6b4c661b gui/polgengui.py: Use stop_emission_by_name instead of emit_stop_by_name
Fixes:
/usr/share/system-config-selinux/polgengui.py:679: PyGIDeprecationWarning: Deprecated, please use stop_emission_by_name.
  entry.emit_stop_by_name("insert_text")

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00
Nicolas Iooss
df135b07a7 python/sepolicy: Initialize policy.ports as a dict in generate.py
in class policy, ports is usually initialized with the result of
get_all_ports(), which is a dict. If this function failed, the error was
not fatal but ports was left initialized as a list, which would trigger
other errors when accessing it.

Initialize ports as an empty dict in order to fix this issue.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Nicolas Iooss
8059ad7ad1 python/sepolicy: Support non-MLS policy
When using sepolgen GUI on a system with a non-MLS policy,
sepolicy.info(sepolicy.PORT) does not define "range" attributes (since
commit 908340e8e7 ("sepolicy: support non-MLS policy in manpage")).
Replace them with None in get_all_ports() result.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Nicolas Iooss
b8296872fe python/sepolicy: Fix translated strings with parameters
When a translated string takes parameters with %, the % and the
parameters need to be after the call to the underline function in order
to work properly.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Petr Lautrbach
41f1882724 python/sepolicy: Do not use types.BooleanType
It was removed from Python 3

Fixes:
File "polgengui.py", line 390, in forward
  self.generate_policy()
File "polgengui.py", line 491, in generate_policy
  my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
File "/home/plautrba/devel/github/bachradsusi/SELinuxProject-selinux/python/sepolicy/sepolicy/generate.py",  line 468, in set_use_syslog
  if not isinstance(val, types.BooleanType):
AttributeError: module 'types' has no attribute 'BooleanType'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00
Petr Lautrbach
7281132977 python/sepolicy: Use list instead of map
map() returns an iterator in python3, list in python2

Fixes:
File "/usr/lib/python3.6/site-packages/sepolicy/generate.py", line 114, in get_all_users
  users.remove("system_u")
AttributeError: 'map' object has no attribute 'remove'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00
Petr Lautrbach
aeef83ca16 gui/polgengui.py: Convert polgen.glade to Builder format polgen.ui
- $ gtk-builder-convert polgen.glade polgen.ui
- use get_object instead of get_widget
- use connect_signals instead of signal_connect

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00
Petr Lautrbach
5333152934 gui/polgengui.py: Fix sepolicy.generate import in polgengui.py
b43991f9 added direct import of sepolicy but it forgot to import
sepolicy.generate and didn't change use of generate to sepolicy.generate

Fixes:

Traceback (most recent call last):
  File "/usr/bin/selinux-polgengui", line 778, in <module>
    app = childWindow()
  File "/usr/bin/selinux-polgengui", line 205, in __init__
    self.all_types = sepolicy.generate.get_all_types()
AttributeError: 'module' object has no attribute 'generate'

Traceback (most recent call last):
  File "/usr/share/system-config-selinux/polgengui.py", line 365, in forward
    if self.on_in_net_page_next():
  File "/usr/share/system-config-selinux/polgengui.py", line 701, in on_in_net_page_next
    generate.verify_ports(self.in_tcp_entry.get_text())
NameError: global name 'generate' is not defined

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00
Dominick Grift
4b27d5a365 Describe multiple-decls in secilc.8.xml
Signed-off-by: Dominick Grift <dac.override@gmail.com>
2018-02-21 23:06:19 +01:00
Nicolas Iooss
fdd306711a
Travis-CI: do not duplicate $DESTDIR in $PYSITEDIR
Recent commits removed $DESTDIR from $PYSITEDIR in libselinux and
libsemanage:

    -PYSITEDIR ?= $(DESTDIR)$(shell $(PYTHON) -c 'import site;
    print(site.getsitepackages()[0])')
    +PYSITEDIR ?= $(shell $(PYTHON) -c 'import site;
    print(site.getsitepackages()[0])')

As "site.getsitepackages()" does not work within virtualenvs,
.travis.yml defines PYSITEDIR's value in it and this definition needs to
be updated too.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-21 22:42:47 +01:00