diff --git a/0001-Do-not-use-Werror-during-build.patch b/0001-Do-not-use-Werror-during-build.patch deleted file mode 100644 index 60f11e24c7a640d7162fe5ec60921d2ce88badda..0000000000000000000000000000000000000000 --- a/0001-Do-not-use-Werror-during-build.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 4b3dc6b38abbd32cda557d5ef9ea1383ac5fdcf2 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Thu, 23 Feb 2017 08:17:07 +0100 -Subject: [PATCH 2/3] Do not use -Werror during build -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -There are new warnings when setools are built with gcc 7 therefore we -want to suppress -Werror for now - -Fixes: -libqpol/policy_extend.c: In function ‘policy_extend’: -libqpol/policy_extend.c:161:27: error: ‘%04zd’ directive output may be truncated writing between 4 and 10 bytes into a region of size 5 [-Werror=format-truncation=] - snprintf(buff, 9, "@ttr%04zd", i + 1); - ^~~~~ -libqpol/policy_extend.c:161:22: note: directive argument in the range [1, 4294967295] - snprintf(buff, 9, "@ttr%04zd", i + 1); - ^~~~~~~~~~~ -In file included from /usr/include/stdio.h:939:0, - from /usr/include/sepol/policydb/policydb.h:53, - from libqpol/policy_extend.c:29: -/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 9 and 15 bytes into a destination of size 9 - return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - __bos (__s), __fmt, __va_arg_pack ()); - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -cc1: all warnings being treated as errors -error: command 'gcc' failed with exit status 1 ---- - setup.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/setup.py b/setup.py -index c94daf1..a7442ac 100644 ---- a/setup.py -+++ b/setup.py -@@ -105,7 +105,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'], - libraries=['selinux', 'sepol'], - library_dirs=lib_dirs, - define_macros=macros, -- extra_compile_args=['-Werror', '-Wextra', -+ extra_compile_args=['-Wextra', - '-Waggregate-return', - '-Wfloat-equal', - '-Wformat', '-Wformat=2', --- -2.17.2 - diff --git a/4.3.0.tar.gz b/4.3.0.tar.gz deleted file mode 100644 index 219a3dfdfc997002146aa03fee9155e3cbcb6758..0000000000000000000000000000000000000000 Binary files a/4.3.0.tar.gz and /dev/null differ diff --git a/4.4.0.tar.gz b/4.4.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..c34148688f1232148cdfd6a626e0fe04723f3b0e Binary files /dev/null and b/4.4.0.tar.gz differ diff --git a/0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch b/Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch similarity index 78% rename from 0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch rename to Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch index a9960691e8fce75efa044d5711edfc751db675d8..699e05c42c3495a261348c1e3bb96afad344d10f 100644 --- a/0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch +++ b/Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch @@ -1,4 +1,4 @@ -From 0575455a0abda5ee63c442433384268a959c4fbc Mon Sep 17 00:00:00 2001 +From e47d19f4985098ca316eea4a383510d419ec6055 Mon Sep 17 00:00:00 2001 From: Vit Mojzis Date: Fri, 26 Apr 2019 15:27:25 +0200 Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and @@ -12,29 +12,32 @@ Therefore it's better to use setools.infoflow.InfoFlowAnalysis and setools.dta.DomainTransitionAnalysis and let the package containing sedta and seinfoflow to require python3-networkx --- - sedta | 4 ++-- + sedta | 5 +++-- seinfoflow | 4 ++-- setools/__init__.py | 4 ---- setoolsgui/apol/dta.py | 2 +- setoolsgui/apol/infoflow.py | 2 +- tests/dta.py | 2 +- tests/infoflow.py | 2 +- - 7 files changed, 8 insertions(+), 12 deletions(-) + 7 files changed, 9 insertions(+), 12 deletions(-) diff --git a/sedta b/sedta -index 60861ca630a5..41e38a237b42 100755 +index 57070098fe10..51890ea8ea73 100755 --- a/sedta +++ b/sedta -@@ -22,7 +22,7 @@ import argparse - import logging +@@ -23,9 +23,10 @@ import logging import signal --import setools + import setools +import setools.dta - def print_transition(trans): -@@ -114,7 +114,7 @@ else: +-def print_transition(trans: setools.DomainTransition) -> None: ++def print_transition(trans: setools.dta.DomainTransition) -> None: + if trans.transition: + print("Domain transition rule(s):") + for t in trans.transition: +@@ -114,7 +115,7 @@ else: try: p = setools.SELinuxPolicy(args.policy) @@ -44,7 +47,7 @@ index 60861ca630a5..41e38a237b42 100755 if args.shortest_path or args.all_paths: if args.shortest_path: diff --git a/seinfoflow b/seinfoflow -index f10c39de4d8e..fee749a83bb5 100755 +index 0ddcfdc7c1fb..8321718b2640 100755 --- a/seinfoflow +++ b/seinfoflow @@ -17,7 +17,7 @@ @@ -56,7 +59,7 @@ index f10c39de4d8e..fee749a83bb5 100755 import argparse import sys import logging -@@ -101,7 +101,7 @@ elif args.booleans is not None: +@@ -102,7 +102,7 @@ elif args.booleans is not None: try: p = setools.SELinuxPolicy(args.policy) m = setools.PermissionMap(args.map) @@ -66,27 +69,27 @@ index f10c39de4d8e..fee749a83bb5 100755 if args.shortest_path or args.all_paths: diff --git a/setools/__init__.py b/setools/__init__.py -index 26fa5aa34a19..b7e51c43c4bb 100644 +index d72d343e7e79..642485b9018d 100644 --- a/setools/__init__.py +++ b/setools/__init__.py -@@ -75,12 +75,8 @@ from .pcideviceconquery import PcideviceconQuery +@@ -91,12 +91,8 @@ from .pcideviceconquery import PcideviceconQuery from .devicetreeconquery import DevicetreeconQuery # Information Flow Analysis -from .infoflow import InfoFlowAnalysis - from .permmap import PermissionMap + from .permmap import PermissionMap, RuleWeight, Mapping -# Domain Transition Analysis --from .dta import DomainTransitionAnalysis +-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition - # Policy difference from .diff import PolicyDifference diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py -index 4608b9dbf34e..2cde44c142e9 100644 +index 62dbf04d9a5e..0ea000e790f0 100644 --- a/setoolsgui/apol/dta.py +++ b/setoolsgui/apol/dta.py -@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread +@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread from PyQt5.QtGui import QPalette, QTextCursor from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \ QTreeWidgetItem @@ -94,9 +97,9 @@ index 4608b9dbf34e..2cde44c142e9 100644 +from setools.dta import DomainTransitionAnalysis from ..logtosignal import LogHandlerToSignal - from .analysistab import AnalysisTab + from .analysistab import AnalysisSection, AnalysisTab diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py -index 7bca299d23fc..7fee2778f35f 100644 +index 28009aa2329c..92d350bf727c 100644 --- a/setoolsgui/apol/infoflow.py +++ b/setoolsgui/apol/infoflow.py @@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread @@ -135,5 +138,5 @@ index aa0e44a7e4f8..fca2848aeca5 100644 from setools.exception import InvalidType from setools.permmap import PermissionMap -- -2.26.0.rc2 +2.30.0 diff --git a/0003-Require-networkx-on-package-level.patch b/Require-networkx-on-package-level.patch similarity index 100% rename from 0003-Require-networkx-on-package-level.patch rename to Require-networkx-on-package-level.patch diff --git a/setools.spec b/setools.spec index 7c0e0f5c4b9e94b84a537d07cf2fb74c47e94af1..d750523fc4b69119233291e1e2071b4fccf9f63d 100644 --- a/setools.spec +++ b/setools.spec @@ -1,6 +1,6 @@ Name: setools -Version: 4.3.0 -Release: 5 +Version: 4.4.0 +Release: 1 Summary: Policy Analysis Tools for SELinux License: GPLv2 URL: https://github.com/SELinuxProject/setools/wiki @@ -8,13 +8,12 @@ Source0: https://github.com/SELinuxProject/setools/archive/%{version}.tar.gz Source1: setools.pam Source2: apol.desktop -Patch0: 0001-Do-not-use-Werror-during-build.patch -Patch1: 0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch -Patch2: 0003-Require-networkx-on-package-level.patch +Patch0: Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch +Patch1: Require-networkx-on-package-level.patch BuildRequires: flex bison glibc-devel gcc swig git python3-setuptools BuildRequires: qt5-qtbase-devel python3-devel -BuildRequires: libsepol-devel >= 3.1 libsepol-static >= 3.1 +BuildRequires: libsepol-devel >= 3.2 libsepol-static >= 3.2 BuildRequires: python3-Cython BuildRequires: python3-setuptools Obsoletes: setools < 4.0.0, setools-devel < 4.0.0 @@ -26,7 +25,7 @@ and command line. %package console Summary: Console packages for setools License: GPLv2 -Requires: python3-setools = %{version}-%{release} libselinux >= 3.1 +Requires: python3-setools = %{version}-%{release} libselinux >= 3.2 %description console Console packages for setools. @@ -35,7 +34,7 @@ Console packages for setools. Summary: Analyses files for setools-console License: GPLv2 Requires: python3-setools = %{version}-%{release} -Requires: libselinux >= 3.1 +Requires: libselinux >= 3.2 %description console-analyses Analyses files for setools-console. @@ -80,6 +79,7 @@ Gui packages for setools. %files console %defattr(-,root,root) +%{_bindir}/sechecker %{_bindir}/sediff %{_bindir}/seinfo %{_bindir}/sesearch @@ -108,7 +108,10 @@ Gui packages for setools. %{_mandir}/ru/man1/* %changelog -* Wed Mar 23 2021 panxiaohe - 4.3.0-5 +* Tue Dec 14 2021 panxiaohe - 4.4.0-1 +- update setools to 4.4.0 + +* Tue Mar 23 2021 panxiaohe - 4.3.0-5 - add debuginfo package and make ELF files stripped * Tue Dec 1 2020 Liquor - 4.3.0-4