* Only call gen_requires once.
@ 2008-09-11 13:35 Daniel J Walsh
2008-09-12 13:59 ` Joshua Brindle
0 siblings, 1 reply; 2+ messages in thread
From: Daniel J Walsh @ 2008-09-11 13:35 UTC (permalink / raw)
To: SE Linux
[-- Attachment #1: Type: text/plain, Size: 461 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Currently audit2allow/sepolgen will create two identical gen_requires
block if you have allow rules and a role statement.
This patch fixes this problem.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjJHroACgkQrlYvE4MpobPgMQCghgAMBtaQO0BeZX+ug6IwsWB8
bNEAoMkRo4cZa0iJhGoGMmCvy5ncGpj8
=gMFg
-----END PGP SIGNATURE-----
[-- Attachment #2: diffsepol --]
[-- Type: text/plain, Size: 1184 bytes --]
diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.55/sepolgen-1.0.13/src/sepolgen/policygen.py
--- nsasepolgen/src/sepolgen/policygen.py 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.55/sepolgen-1.0.13/src/sepolgen/policygen.py 2008-09-11 09:26:52.000000000 -0400
@@ -134,6 +134,10 @@
m.refpolicy = False
def get_module(self):
+ # Generate the requires
+ if self.gen_requires:
+ gen_requires(self.module)
+
"""Return the generated module"""
return self.module
@@ -163,18 +167,10 @@
# Generate the raw allow rules from the filtered list
self.__add_allow_rules(raw_allow)
- # Generate the requires
- if self.gen_requires:
- gen_requires(self.module)
-
def add_role_types(self, role_type_set):
for role_type in role_type_set:
self.module.children.append(role_type)
- # Generate the requires
- if self.gen_requires:
- gen_requires(self.module)
-
def explain_access(av, ml=None, verbosity=SHORT_EXPLANATION):
"""Explain why a policy statement was generated.
[-- Attachment #3: diffsepol.sig --]
[-- Type: application/octet-stream, Size: 72 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Only call gen_requires once.
2008-09-11 13:35 Only call gen_requires once Daniel J Walsh
@ 2008-09-12 13:59 ` Joshua Brindle
0 siblings, 0 replies; 2+ messages in thread
From: Joshua Brindle @ 2008-09-12 13:59 UTC (permalink / raw)
To: Daniel J Walsh; +Cc: SE Linux
Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Currently audit2allow/sepolgen will create two identical gen_requires
> block if you have allow rules and a role statement.
>
> This patch fixes this problem.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkjJHroACgkQrlYvE4MpobPgMQCghgAMBtaQO0BeZX+ug6IwsWB8
> bNEAoMkRo4cZa0iJhGoGMmCvy5ncGpj8
> =gMFg
> -----END PGP SIGNATURE-----
>
Merged in sepolgen 1.0.14
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-09-12 13:59 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-09-11 13:35 Only call gen_requires once Daniel J Walsh
2008-09-12 13:59 ` Joshua Brindle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.