From patchwork Fri Aug 12 13:57:16 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Miroslav Vadkerti <mvadkert@redhat.com>
X-Patchwork-Id: 9277035
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	76BBE60752 for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 12 Aug 2016 14:05:44 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 664BE28A11
	for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 12 Aug 2016 14:05:44 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 58AD628A14; Fri, 12 Aug 2016 14:05:44 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00 autolearn=ham
	version=3.3.1
Received: from emsm-gh1-uea10.nsa.gov (emsm-gh1-uea10.nsa.gov [8.44.101.8])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3532628A11
	for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 12 Aug 2016 14:05:40 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.28,510,1464652800"; d="scan'208";a="16546606"
IronPort-PHdr: =?us-ascii?q?9a23=3AePrMThwPNU3tZfvXCy+O+j09IxM/srCxBDY+r6Qd?=
	=?us-ascii?q?0e0RIJqq85mqBkHD//Il1AaPBtSCrascwLeK++C4ACpbsM7H6ChDOLV3FDY9wf?=
	=?us-ascii?q?0MmAIhBMPXQWbaF9XNKxIAIcJZSVV+9Gu6O0UGUOz3ZlnVv2HgpWVKQka3CwN5?=
	=?us-ascii?q?K6zPF5LIiIzvjqbpqsSVOl0D2Wb1Iesrak7n9UOJ7oheqLAhA5558gHOrHpMdr?=
	=?us-ascii?q?Ye7kJTDnXXoSzB4Nyt9oVo6SVatqFp3cdBVaLnY/ZwFuQAX3wbKWR92OnH/VmG?=
	=?us-ascii?q?FFPOtTMgVTANnx5JBRXVxA3rVZf29C3hv6xy3zfJE9fxSOURWC6l9KNiVlfWgS?=
	=?us-ascii?q?sEOiQl8SmDj9J5gKFWug6JvRFzw4fIJoqSMawtLevmYdoGSD8ZDY5qXCtbD9b5?=
	=?us-ascii?q?NtMC?=
X-IPAS-Result: =?us-ascii?q?A2FvCgB+1q1X/wHyM5BeHQGDJ1Z8pygBk3MlA4dHTAEBAQE?=
	=?us-ascii?q?BAQICWieCMgQDEYIcAjcUIA4DCQIXKQgIAwEpBBUfCwUYBIgQvzslhiqGF4JIE?=
	=?us-ascii?q?QFohQ8FmTyGHoh3AoI3hzOFVQKQLVSDfGyFdYE2AQEB?=
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea10.nsa.gov with ESMTP; 12 Aug 2016 14:00:02 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7CDvZNZ021505;
	Fri, 12 Aug 2016 09:58:05 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u7CDvVAV140213 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Fri, 12 Aug 2016 09:57:31 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7CDvUcc021503
	for <selinux@tycho.nsa.gov>; Fri, 12 Aug 2016 09:57:30 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A1DZAAAW1a1Xhhy3hNFeL4NsfKYAggMBjxiEDBQIhgGBRkwBAQEBAQETAQEBCgkLCRmGDYEOQ4gxv1yGKoYXg0KFDwWZPIYeiHcCgjeNCAKQLYIVYoFZOjKHKwEBAQ
X-IPAS-Result: 
 A1DZAAAW1a1Xhhy3hNFeL4NsfKYAggMBjxiEDBQIhgGBRkwBAQEBAQETAQEBCgkLCRmGDYEOQ4gxv1yGKoYXg0KFDwWZPIYeiHcCgjeNCAKQLYIVYoFZOjKHKwEBAQ
X-IronPort-AV: E=Sophos;i="5.28,510,1464667200"; d="scan'208";a="5641325"
Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov)
	([10.208.41.36])
	by goalie.tycho.ncsc.mil with ESMTP; 12 Aug 2016 09:57:25 -0400
IronPort-PHdr: =?us-ascii?q?9a23=3ApyvhKBy1ssmZNf/XCy+O+j09IxM/srCxBDY+r6Qd?=
	=?us-ascii?q?0ewUIJqq85mqBkHD//Il1AaPBtSCrascwLeK++C4ACpbsM7H6ChDOLV3FDY9wf?=
	=?us-ascii?q?0MmAIhBMPXQWbaF9XNKxIAIcJZSVV+9Gu6O0UGUOz3ZlnVv2HgpWVKQka3CwN5?=
	=?us-ascii?q?K6zPF5LIiIzvjqbpqsSVOl0D2Wb1Iesrak7n9UOJ7oheqLAhA5558gHOrHpMdr?=
	=?us-ascii?q?Ye7kJTDnXXoSzB4Nyt9oVo6SVatqFp3cdBVaLnY/ZwFuQAX3x1e1wysdbmsRjF?=
	=?us-ascii?q?UBun+moXUmJQlAFBRQfC8kLURJD05w77rO1m3CCEdfP/QbM5Qyijp/NuVhbkiy?=
	=?us-ascii?q?odKxYj/W3Xg9A2h6Ve9kHy7ydjypLZNdnGfMF1ebnQKIsX?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0H7AQBM1a1Xhhy3hNFeLwGDa3ymAIEpW?=
	=?us-ascii?q?gGPGIQMFAiBdoQLgUZMAQEBAQEBAgIPAQEBCgkLCRkvgjIWf1uBPIEOQ4gxv16?=
	=?us-ascii?q?GKoYXg0KFDwWZPIYeiHcCgjeNCAKQLYJ3gVk6MocrAQEB?=
X-IPAS-Result: =?us-ascii?q?A0H7AQBM1a1Xhhy3hNFeLwGDa3ymAIEpWgGPGIQMFAiBdoQ?=
	=?us-ascii?q?LgUZMAQEBAQEBAgIPAQEBCgkLCRkvgjIWf1uBPIEOQ4gxv16GKoYXg0KFDwWZP?=
	=?us-ascii?q?IYeiHcCgjeNCAKQLYJ3gVk6MocrAQEB?=
X-IronPort-AV: E=Sophos;i="5.28,510,1464652800"; d="scan'208";a="16546506"
Received: from mx1.redhat.com ([209.132.183.28])
	by emsm-gh1-uea10.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
	12 Aug 2016 13:57:22 +0000
Received: from int-mx10.intmail.prod.int.phx2.redhat.com
	(int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id AD7DF4E33F
	for <selinux@tycho.nsa.gov>; Fri, 12 Aug 2016 13:57:20 +0000 (UTC)
Received: from crude.brq.redhat.com (crude.brq.redhat.com [10.34.24.82])
	by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id u7CDvJTL005175; Fri, 12 Aug 2016 09:57:20 -0400
From: Miroslav Vadkerti <mvadkert@redhat.com>
To: selinux@tycho.nsa.gov
Subject: [PATCH] semanage: correct fcontext auditing
Date: Fri, 12 Aug 2016 15:57:16 +0200
Message-Id: <1471010236-27524-1-git-send-email-mvadkert@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.38]); Fri, 12 Aug 2016 13:57:20 +0000 (UTC)
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

For modify action actually audit the selinux type, i.e. use setype
variable.

For deleting equal fcontext rules do not audit ftype, as the ftype value
for equal rules makes little sense.

Signed-off-by: Miroslav Vadkerti <mvadkert@redhat.com>
---
 policycoreutils/semanage/seobject.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
index 786ed0e..8d3088c 100644
--- a/policycoreutils/semanage/seobject.py
+++ b/policycoreutils/semanage/seobject.py
@@ -1992,7 +1992,7 @@ class fcontextRecords(semanageRecords):
         if not seuser:
             seuser = "system_u"
 
-        self.mylog.log_change("resrc=fcontext op=modify %s ftype=%s tcontext=%s:%s:%s:%s" % (audit.audit_encode_nv_string("tglob", target, 0), ftype_to_audit[ftype], seuser, "object_r", type, serange))
+        self.mylog.log_change("resrc=fcontext op=modify %s ftype=%s tcontext=%s:%s:%s:%s" % (audit.audit_encode_nv_string("tglob", target, 0), ftype_to_audit[ftype], seuser, "object_r", setype, serange))
 
     def modify(self, target, setype, ftype, serange, seuser):
         self.begin()
@@ -2030,7 +2030,7 @@ class fcontextRecords(semanageRecords):
             self.equiv.pop(target)
             self.equal_ind = True
 
-            self.mylog.log_change("resrc=fcontext op=delete-equal %s ftype=%s" % (audit.audit_encode_nv_string("tglob", target, 0), ftype_to_audit[ftype]))
+            self.mylog.log_change("resrc=fcontext op=delete-equal %s" % (audit.audit_encode_nv_string("tglob", target, 0)))
 
             return