policycoreutils/python-semanage-seobject-Fix-listing-boolean-values.patch

From 259ab083fa02aaa9eb385cf6b0de30a1919a817b Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Fri, 1 Feb 2019 17:49:40 +0100
Subject: [PATCH 144/170] python/semanage/seobject: Fix listing boolean values

Fix gathering boolean values by fixing always False if condition
(determining whether the values are listed from local store).

Fix listing boolean values by printing the correct values and not
forcing the use of security_get_boolean_active (which causes
crash when listing booleans that are not present in active policy).

Fixes:
    # dnf install selinux-policy-mls
    # cat > mypolicy.cil
    (boolean xyz false)

    # semodule -i mypolicy.cil -s mls

    # semanage boolean -l -S mls
    ...
    irssi_use_full_network         (off  ,  off)  Allow the Irssi IRC Client to connect to any port, and to bind to any unreserved port.
    mozilla_plugin_use_bluejeans   (off  ,  off)  Allow mozilla plugin to use Bluejeans.
    OSError: No such file or directory

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
 selinux-python-2.8/semanage/seobject.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/selinux-python-2.8/semanage/seobject.py b/selinux-python-2.8/semanage/seobject.py
index 556d3ba5..b31a90c1 100644
--- a/selinux-python-2.8/semanage/seobject.py
+++ b/selinux-python-2.8/semanage/seobject.py
@@ -2807,7 +2807,7 @@ class booleanRecords(semanageRecords):
             value = []
             name = semanage_bool_get_name(boolean)
             value.append(semanage_bool_get_value(boolean))
-            if self.modify_local and boolean in self.current_booleans:
+            if self.modify_local and name in self.current_booleans:
                 value.append(selinux.security_get_boolean_pending(name))
                 value.append(selinux.security_get_boolean_active(name))
             else:
@@ -2849,4 +2849,4 @@ class booleanRecords(semanageRecords):
             print("%-30s %s  %s %s\n" % (_("SELinux boolean"), _("State"), _("Default"), _("Description")))
         for k in sorted(ddict.keys()):
             if ddict[k]:
-                print("%-30s (%-5s,%5s)  %s" % (k, on_off[selinux.security_get_boolean_active(k)], on_off[ddict[k][2]], self.get_desc(k)))
+                print("%-30s (%-5s,%5s)  %s" % (k, on_off[ddict[k][2]], on_off[ddict[k][0]], self.get_desc(k)))
-- 
2.19.1
policycoreutils: clean code 2020-01-15 21:40:51 +08:00			`From 259ab083fa02aaa9eb385cf6b0de30a1919a817b Mon Sep 17 00:00:00 2001`
			`From: Vit Mojzis <vmojzis@redhat.com>`
			`Date: Fri, 1 Feb 2019 17:49:40 +0100`
			`Subject: [PATCH 144/170] python/semanage/seobject: Fix listing boolean values`

			`Fix gathering boolean values by fixing always False if condition`
			`(determining whether the values are listed from local store).`

			`Fix listing boolean values by printing the correct values and not`
			`forcing the use of security_get_boolean_active (which causes`
			`crash when listing booleans that are not present in active policy).`

			`Fixes:`
			`# dnf install selinux-policy-mls`
			`# cat > mypolicy.cil`
			`(boolean xyz false)`

			`# semodule -i mypolicy.cil -s mls`

			`# semanage boolean -l -S mls`
			`...`
			`irssi_use_full_network (off , off) Allow the Irssi IRC Client to connect to any port, and to bind to any unreserved port.`
			`mozilla_plugin_use_bluejeans (off , off) Allow mozilla plugin to use Bluejeans.`
			`OSError: No such file or directory`

			`Signed-off-by: Vit Mojzis <vmojzis@redhat.com>`
			`---`
			`selinux-python-2.8/semanage/seobject.py \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`diff --git a/selinux-python-2.8/semanage/seobject.py b/selinux-python-2.8/semanage/seobject.py`
			`index 556d3ba5..b31a90c1 100644`
			`--- a/selinux-python-2.8/semanage/seobject.py`
			`+++ b/selinux-python-2.8/semanage/seobject.py`
			`@@ -2807,7 +2807,7 @@ class booleanRecords(semanageRecords):`
			`value = []`
			`name = semanage_bool_get_name(boolean)`
			`value.append(semanage_bool_get_value(boolean))`
			`- if self.modify_local and boolean in self.current_booleans:`
			`+ if self.modify_local and name in self.current_booleans:`
			`value.append(selinux.security_get_boolean_pending(name))`
			`value.append(selinux.security_get_boolean_active(name))`
			`else:`
			`@@ -2849,4 +2849,4 @@ class booleanRecords(semanageRecords):`
			`print("%-30s %s %s %s\n" % (_("SELinux boolean"), _("State"), _("Default"), _("Description")))`
			`for k in sorted(ddict.keys()):`
			`if ddict[k]:`
			`- print("%-30s (%-5s,%5s) %s" % (k, on_off[selinux.security_get_boolean_active(k)], on_off[ddict[k][2]], self.get_desc(k)))`
			`+ print("%-30s (%-5s,%5s) %s" % (k, on_off[ddict[k][2]], on_off[ddict[k][0]], self.get_desc(k)))`
			`--`
			`2.19.1`