Please unblock setools/3.3.5.ds-5
Hi,
This upload fixes an important bug, and enhances a diagnostic
message. The full diff is included below, this is a trivial
change. The package has been uploaded with a low priority, and
shall spend a full 10 days in unstable.
manoj
--- setools-3.3.5.ds/debian/local.mk
+++ setools-3.3.5.ds/debian/local.mk
@@ -182,7 +182,9 @@
chmod 0755 $(SHAREDIR)/setools/3.3/seaudit-report-service
# Make sure the copyright file is not compressed
$(install_file) debian/copyright $(DOCDIR)/copyright
- $(install_file) debian/menuentry $(MENUDIR)/$(package)
+ $(install_script) debian/example_apol_usage_with_modular_policy.sh \
+ $(DOCDIR)/
+ $(install_file) debian/menuentry $(MENUDIR)/$(package)
gzip -9fqr $(MANDIR)/
chmod 0644 $(LIBDIR)/setools/*/pkgIndex.tcl
ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
diff -u setools-3.3.5.ds/debian/changelog setools-3.3.5.ds/debian/changelog
--- setools-3.3.5.ds/debian/changelog
+++ setools-3.3.5.ds/debian/changelog
@@ -1,3 +1,23 @@
+setools (3.3.5.ds-5) unstable; urgency=low
+
+ * [a636aeb] Unpack the path object before using in string.
+
+ -- Manoj Srivastava <srivasta@debian.org> Wed, 15 Oct 2008 00:56:40 -0500
+
+setools (3.3.5.ds-4) unstable; urgency=low
+
+ * [a4eef03] Name the file that fails to load in the "Open Policy" error dialog
+ Bug fix: "Could not open policy error is not specific", thanks to
+ Russell Coker. This is a documentation/diagnostic fix, only change
+ happens in the diagnostic string. (Closes: #499967).
+ * [debian-dir 9f1e6da] Add an example script to show how to use apol
+ with modular policy
+ Bug fix: "needs a script to run apol with the current list of
+ modules", thanks to Russell Coker. This is an important bugfix.
+ (Closes: #499968).
+
+ -- Manoj Srivastava <srivasta@debian.org> Tue, 14 Oct 2008 18:07:53 -0500
+
--- setools-3.3.5.ds.orig/debian/example_apol_usage_with_modular_policy.sh
+++ setools-3.3.5.ds/debian/example_apol_usage_with_modular_policy.sh
@@ -0,0 +1,23 @@
+#! /bin/sh
+
+# When apol is run on the installed policy (such as
+# /etc/selinux/*/policy/policy.*) then it misses out on a lot of
+# symbolic information (such as the types that are in attributes) and
+# thus makes it impossible to determine the reason why some access is
+# permitted.
+
+
+set -e
+
+. /etc/selinux/config
+
+# Allow the user to override the SELINUXTYPE as a first argument
+if [ "$1" = "-s" ]; then
+ shift
+ SELINUXTYPE=$2
+ shift
+fi
+
+cd /etc/selinux/$SELINUXTYPE/modules/active
+
+exec apol base.pp modules/*.pp $*
only in patch2:
unchanged:
--- setools-3.3.5.ds.orig/apol/top.tcl
+++ setools-3.3.5.ds/apol/top.tcl
@@ -128,7 +128,7 @@
} \
} p] || $p == "NULL"} {
tk_messageBox -icon error -type ok -title "Open Policy" \
- -message "The selected file does not appear to be a valid SELinux Policy.\n\n[apol_tcl_get_error_string]"
+ -message "The selected file ([policy_path_to_list $ppath]) does not appear to be a valid SELinux Policy.\nError: [apol_tcl_get_error_string]"
return -1 ;# indicates failed to open policy
}
--
The idea of male and female are universal constants. Kirk,
"Metamorphosis", stardate 3219.8
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: