initial buildroot for linux 5.15
This commit is contained in:
@@ -0,0 +1,145 @@
|
||||
From ae84e5ef59bb24d5b8fd17e6756952f42c2d5c36 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 23 Feb 2017 08:17:07 +0100
|
||||
Subject: [PATCH] Do not export/use setools.InfoFlowAnalysis and
|
||||
setools.DomainTransitionAnalysis
|
||||
|
||||
dta and infoflow modules require networkx which brings lot of dependencies.
|
||||
These dependencies are not necessary for setools module itself as it's
|
||||
used in policycoreutils.
|
||||
|
||||
Therefore it's better to use setools.infoflow.InfoFlowAnalysis and
|
||||
setools.dta.DomainTransitionAnalysis and let the package containing
|
||||
sedta and seinfoflow to require python3-networkx
|
||||
|
||||
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
|
||||
[Refreshed for 4.3.0]
|
||||
Signed-off-by: Adam Duskett <aduskett@gmail.com>
|
||||
[Refreshed for 4.4.0]
|
||||
---
|
||||
sedta | 3 ++-
|
||||
seinfoflow | 5 +++--
|
||||
setools/__init__.py | 4 ++--
|
||||
setoolsgui/apol/dta.py | 2 +-
|
||||
setoolsgui/apol/infoflow.py | 2 +-
|
||||
tests/dta.py | 2 +-
|
||||
tests/infoflow.py | 2 +-
|
||||
7 files changed, 11 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/sedta b/sedta
|
||||
index 60861ca630a5..0056172a55e5 100755
|
||||
--- a/sedta
|
||||
+++ b/sedta
|
||||
@@ -23,6 +23,7 @@ import logging
|
||||
import signal
|
||||
|
||||
import setools
|
||||
+import setools.dta
|
||||
|
||||
|
||||
def print_transition(trans: setools.DomainTransition) -> None:
|
||||
@@ -114,7 +115,7 @@ else:
|
||||
|
||||
try:
|
||||
p = setools.SELinuxPolicy(args.policy)
|
||||
- g = setools.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
||||
+ g = setools.dta.DomainTransitionAnalysis(p, reverse=args.reverse, exclude=args.exclude)
|
||||
|
||||
if args.shortest_path or args.all_paths:
|
||||
if args.shortest_path:
|
||||
diff --git a/seinfoflow b/seinfoflow
|
||||
index f10c39de4d8e..fe733bbd0787 100755
|
||||
--- a/seinfoflow
|
||||
+++ b/seinfoflow
|
||||
@@ -18,6 +18,7 @@
|
||||
#
|
||||
|
||||
import setools
|
||||
+import setools.infoflow
|
||||
import argparse
|
||||
import sys
|
||||
import logging
|
||||
@@ -102,8 +103,8 @@ elif args.booleans is not None:
|
||||
try:
|
||||
p = setools.SELinuxPolicy(args.policy)
|
||||
m = setools.PermissionMap(args.map)
|
||||
- g = setools.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||
- booleans=booleans)
|
||||
+ g = setools.infoflow.InfoFlowAnalysis(p, m, min_weight=args.min_weight, exclude=args.exclude,
|
||||
+ booleans=booleans)
|
||||
|
||||
if args.shortest_path or args.all_paths:
|
||||
if args.shortest_path:
|
||||
diff --git a/setools/__init__.py b/setools/__init__.py
|
||||
index d72d343..4d5aaaa 100644
|
||||
--- a/setools/__init__.py
|
||||
+++ b/setools/__init__.py
|
||||
@@ -91,11 +91,11 @@ from .pcideviceconquery import PcideviceconQuery
|
||||
from .devicetreeconquery import DevicetreeconQuery
|
||||
|
||||
# Information Flow Analysis
|
||||
-from .infoflow import InfoFlowAnalysis
|
||||
+# from .infoflow import InfoFlowAnalysis
|
||||
from .permmap import PermissionMap, RuleWeight, Mapping
|
||||
|
||||
# Domain Transition Analysis
|
||||
-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
|
||||
+# from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
|
||||
|
||||
# Policy difference
|
||||
from .diff import PolicyDifference
|
||||
diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
|
||||
index 4608b9dbf34e..2cde44c142e9 100644
|
||||
--- a/setoolsgui/apol/dta.py
|
||||
+++ b/setoolsgui/apol/dta.py
|
||||
@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||
from PyQt5.QtGui import QPalette, QTextCursor
|
||||
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
||||
QTreeWidgetItem
|
||||
-from setools import DomainTransitionAnalysis
|
||||
+from setools.dta import DomainTransitionAnalysis
|
||||
|
||||
from ..logtosignal import LogHandlerToSignal
|
||||
from .analysistab import AnalysisSection, AnalysisTab
|
||||
diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
|
||||
index 7bca299d23fc..7fee2778f35f 100644
|
||||
--- a/setoolsgui/apol/infoflow.py
|
||||
+++ b/setoolsgui/apol/infoflow.py
|
||||
@@ -26,7 +26,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
|
||||
from PyQt5.QtGui import QPalette, QTextCursor
|
||||
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
|
||||
QTreeWidgetItem
|
||||
-from setools import InfoFlowAnalysis
|
||||
+from setools.infoflow import InfoFlowAnalysis
|
||||
from setools.exception import UnmappedClass, UnmappedPermission
|
||||
|
||||
from ..logtosignal import LogHandlerToSignal
|
||||
diff --git a/tests/dta.py b/tests/dta.py
|
||||
index a0cc9381469c..177e6fb0b961 100644
|
||||
--- a/tests/dta.py
|
||||
+++ b/tests/dta.py
|
||||
@@ -18,7 +18,7 @@
|
||||
import os
|
||||
import unittest
|
||||
|
||||
-from setools import DomainTransitionAnalysis
|
||||
+from setools.dta import DomainTransitionAnalysis
|
||||
from setools import TERuletype as TERT
|
||||
from setools.exception import InvalidType
|
||||
from setools.policyrep import Type
|
||||
diff --git a/tests/infoflow.py b/tests/infoflow.py
|
||||
index aa0e44a7e4f8..fca2848aeca5 100644
|
||||
--- a/tests/infoflow.py
|
||||
+++ b/tests/infoflow.py
|
||||
@@ -18,7 +18,7 @@
|
||||
import os
|
||||
import unittest
|
||||
|
||||
-from setools import InfoFlowAnalysis
|
||||
+from setools.infoflow import InfoFlowAnalysis
|
||||
from setools import TERuletype as TERT
|
||||
from setools.exception import InvalidType
|
||||
from setools.permmap import PermissionMap
|
||||
--
|
||||
2.26.2
|
||||
|
||||
@@ -0,0 +1,29 @@
|
||||
config BR2_PACKAGE_SETOOLS
|
||||
bool "setools"
|
||||
depends on !BR2_STATIC_LIBS
|
||||
depends on BR2_TOOLCHAIN_HAS_THREADS
|
||||
depends on BR2_USE_WCHAR
|
||||
depends on BR2_USE_MMU
|
||||
depends on BR2_PACKAGE_PYTHON3
|
||||
select BR2_PACKAGE_PYTHON_NETWORKX # runtime
|
||||
select BR2_PACKAGE_PYTHON_SETUPTOOLS
|
||||
select BR2_PACKAGE_LIBSELINUX
|
||||
help
|
||||
SETools is an open source project designed to facilitate
|
||||
SELinux policy analysis. The primary tools are:
|
||||
* apol - analyze a SELinux policy. (requires python-qt5)
|
||||
* sediff - semantic policy difference tool for SELinux.
|
||||
* sedta - Perform domain transition analyses
|
||||
* seinfoflow - information flow analysis for SELinux
|
||||
* sesearch - Search rules (allow, type_transition, etc.)
|
||||
|
||||
https://github.com/SELinuxProject/setools/
|
||||
|
||||
comment "setools needs a toolchain w/ threads, wchar, dynamic library"
|
||||
depends on BR2_USE_MMU
|
||||
depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || \
|
||||
!BR2_USE_WCHAR
|
||||
|
||||
comment "setools needs python3"
|
||||
depends on BR2_USE_MMU
|
||||
depends on !BR2_PACKAGE_PYTHON3
|
||||
@@ -0,0 +1,5 @@
|
||||
# Locally computed
|
||||
sha256 202eac5f857475937bee8136cff278aa2b4a4b94a0dec63fbbbe18c9eb644a4e setools-4.4.0.tar.gz
|
||||
sha256 2f7547e10f76a382c24c053595f38a5cc6dda9347f508f254ca490e0046a9624 COPYING
|
||||
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING.GPL
|
||||
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
|
||||
@@ -0,0 +1,52 @@
|
||||
################################################################################
|
||||
#
|
||||
# setools
|
||||
#
|
||||
################################################################################
|
||||
|
||||
SETOOLS_VERSION = 4.4.0
|
||||
SETOOLS_SITE = $(call github,SELinuxProject,setools,$(SETOOLS_VERSION))
|
||||
SETOOLS_DEPENDENCIES = libselinux libsepol python-setuptools host-bison host-flex host-python-cython host-swig
|
||||
SETOOLS_INSTALL_STAGING = YES
|
||||
SETOOLS_LICENSE = GPL-2.0+, LGPL-2.1+
|
||||
SETOOLS_LICENSE_FILES = COPYING COPYING.GPL COPYING.LGPL
|
||||
SETOOLS_CPE_ID_VENDOR = selinuxproject
|
||||
SETOOLS_SETUP_TYPE = setuptools
|
||||
HOST_SETOOLS_DEPENDENCIES = host-python3-cython host-libselinux host-libsepol host-python-networkx
|
||||
HOST_SETOOLS_NEEDS_HOST_PYTHON = python3
|
||||
|
||||
define SETOOLS_FIX_SETUP
|
||||
# By default, setup.py will look for libsepol.a in the host machines
|
||||
# /usr/lib directory. This needs to be changed to the staging directory.
|
||||
$(SED) "s@lib_dirs =.*@lib_dirs = ['$(STAGING_DIR)/usr/lib']@g" \
|
||||
$(@D)/setup.py
|
||||
endef
|
||||
SETOOLS_POST_PATCH_HOOKS += SETOOLS_FIX_SETUP
|
||||
|
||||
define HOST_SETOOLS_FIX_SETUP
|
||||
# By default, setup.py will look for libsepol.a in the host machines
|
||||
# /usr/lib directory. This needs to be changed to the host directory.
|
||||
$(SED) "s@lib_dirs =.*@lib_dirs = ['$(HOST_DIR)/lib']@g" \
|
||||
$(@D)/setup.py
|
||||
endef
|
||||
HOST_SETOOLS_POST_PATCH_HOOKS += HOST_SETOOLS_FIX_SETUP
|
||||
|
||||
# apol requires pyqt5. However, the setools installation
|
||||
# process will install apol even if pyqt5 is missing.
|
||||
# Remove these scripts from the target it pyqt5 is not selected.
|
||||
ifeq ($(BR2_PACKAGE_PYTHON_PYQT5),)
|
||||
define SETOOLS_REMOVE_QT_SCRIPTS
|
||||
$(RM) $(TARGET_DIR)/usr/bin/apol
|
||||
$(RM) -r $(TARGET_DIR)/lib/python$(PYTHON3_VERSION_MAJOR)/site-packages/setoolsgui/
|
||||
endef
|
||||
SETOOLS_POST_INSTALL_TARGET_HOOKS += SETOOLS_REMOVE_QT_SCRIPTS
|
||||
endif
|
||||
|
||||
# pyqt5 is not a host-package, remove apol from the host directory.
|
||||
define HOST_SETOOLS_REMOVE_BROKEN_SCRIPTS
|
||||
$(RM) $(HOST_DIR)/bin/apol
|
||||
endef
|
||||
HOST_SETOOLS_POST_INSTALL_HOOKS += HOST_SETOOLS_REMOVE_BROKEN_SCRIPTS
|
||||
|
||||
$(eval $(python-package))
|
||||
$(eval $(host-python-package))
|
||||
Reference in New Issue
Block a user