From 9ae288d38d0afffe4cb373c98d73a0aee2593f85531008f52590fb1a5c528ced Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Wed, 26 Apr 2023 11:36:22 +0000
Subject: [PATCH] Accepting request 1082976 from
 home:fbonazzi:branches:security:SELinux

- Update to version 4.4.2:
  * Make NetworkX optional. sedta and seinfoflow tools, along with the
    equivalent analyses in apol require NetworkX.
  * Remove neverallow options in sesearch and apol. These are not usable
    since they are removed in the final binary policy.
- Drop make_networkx_optional.patch, now merged upstream

OBS-URL: https://build.opensuse.org/request/show/1082976
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/setools?expand=0&rev=91
---
 _service                     |  7 +++
 make_networkx_optional.patch | 87 ------------------------------------
 setools-4.4.1.tar.bz2        |  3 --
 setools-4.4.2.tar.bz2        |  3 ++
 setools.changes              | 10 +++++
 setools.spec                 |  4 +-
 6 files changed, 21 insertions(+), 93 deletions(-)
 create mode 100644 _service
 delete mode 100644 make_networkx_optional.patch
 delete mode 100644 setools-4.4.1.tar.bz2
 create mode 100644 setools-4.4.2.tar.bz2

diff --git a/_service b/_service
new file mode 100644
index 0000000..5e7ba79
--- /dev/null
+++ b/_service
@@ -0,0 +1,7 @@
+<services>
+  <service name="download_files" mode="manual">
+    <param name="changesgenerate">enable</param>
+  </service>
+  <service name="format_spec_file" mode="manual">
+  </service>
+</services>
diff --git a/make_networkx_optional.patch b/make_networkx_optional.patch
deleted file mode 100644
index de1116b..0000000
--- a/make_networkx_optional.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 716a1d9e1db6701c0b310dd7e10dc4a10656da0f Mon Sep 17 00:00:00 2001
-From: Chris PeBenito <chpebeni@linux.microsoft.com>
-Date: Tue, 14 Dec 2021 14:24:20 -0500
-Subject: [PATCH] Make NetworkX optional.
-
-The CLI tools get installed to most distros, but sedta and seinfoflow are
-not typically used or separated into a different package. This will allow
-seinfo, sesearch, and sediff to function if NetworkX is missing, since they
-don't require it.
-
-Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
----
- setools/dta.py      | 18 ++++++++++++++----
- setools/infoflow.py | 17 +++++++++++++----
- 2 files changed, 27 insertions(+), 8 deletions(-)
-
-Index: setools/setools/dta.py
-===================================================================
---- setools.orig/setools/dta.py
-+++ setools/setools/dta.py
-@@ -24,8 +24,11 @@ from collections import defaultdict
- from contextlib import suppress
- from typing import DefaultDict, Iterable, List, NamedTuple, Optional, Union
- 
--import networkx as nx
--from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
-+try:
-+    import networkx as nx
-+    from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
-+except ImportError:
-+    logging.getLogger(__name__).debug("NetworkX failed to import.")
- 
- from .descriptors import EdgeAttrDict, EdgeAttrList
- from .policyrep import AnyTERule, SELinuxPolicy, TERuletype, Type
-@@ -87,8 +90,15 @@ class DomainTransitionAnalysis:
-         self.reverse = reverse
-         self.rebuildgraph = True
-         self.rebuildsubgraph = True
--        self.G = nx.DiGraph()
--        self.subG = self.G.copy()
-+
-+        try:
-+            self.G = nx.DiGraph()
-+            self.subG = self.G.copy()
-+        except NameError:
-+            self.log.critical("NetworkX is not available.  This is "
-+                              "requried for Domain Transition Analysis.")
-+            self.log.critical("This is typically in the python3-networkx package.")
-+            raise
- 
-     @property
-     def reverse(self) -> bool:
-Index: setools/setools/infoflow.py
-===================================================================
---- setools.orig/setools/infoflow.py
-+++ setools/setools/infoflow.py
-@@ -21,8 +21,11 @@ import logging
- from contextlib import suppress
- from typing import cast, Iterable, List, Mapping, Optional, Union
- 
--import networkx as nx
--from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
-+try:
-+    import networkx as nx
-+    from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
-+except ImportError:
-+    logging.getLogger(__name__).debug("NetworkX failed to import.")
- 
- from .descriptors import EdgeAttrIntMax, EdgeAttrList
- from .permmap import PermissionMap
-@@ -68,8 +71,14 @@ class InfoFlowAnalysis:
-         self.rebuildgraph = True
-         self.rebuildsubgraph = True
- 
--        self.G = nx.DiGraph()
--        self.subG = self.G.copy()
-+        try:
-+            self.G = nx.DiGraph()
-+            self.subG = self.G.copy()
-+        except NameError:
-+            self.log.critical("NetworkX is not available.  This is "
-+                              "requried for Information Flow Analysis.")
-+            self.log.critical("This is typically in the python3-networkx package.")
-+            raise
- 
-     @property
-     def min_weight(self) -> int:
diff --git a/setools-4.4.1.tar.bz2 b/setools-4.4.1.tar.bz2
deleted file mode 100644
index 12e790a..0000000
--- a/setools-4.4.1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fcd161e55504aa4c361921833bf9d4cd58475c98746cfdacadd192a68788ae45
-size 262328
diff --git a/setools-4.4.2.tar.bz2 b/setools-4.4.2.tar.bz2
new file mode 100644
index 0000000..52dfa73
--- /dev/null
+++ b/setools-4.4.2.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f23e3c8635aa289096ca0218ca6f4568a4346e088bc46f374cb0917b7fb66f05
+size 261962
diff --git a/setools.changes b/setools.changes
index fed3329..a4e8c02 100644
--- a/setools.changes
+++ b/setools.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Wed Apr 26 11:17:30 UTC 2023 - Filippo Bonazzi <filippo.bonazzi@suse.com>
+
+- Update to version 4.4.2:
+  * Make NetworkX optional. sedta and seinfoflow tools, along with the
+    equivalent analyses in apol require NetworkX.
+  * Remove neverallow options in sesearch and apol. These are not usable
+    since they are removed in the final binary policy.
+- Drop make_networkx_optional.patch, now merged upstream
+
 -------------------------------------------------------------------
 Mon Feb  6 16:08:00 UTC 2023 - Filippo Bonazzi <filippo.bonazzi@suse.com>
 
diff --git a/setools.spec b/setools.spec
index c5d918c..e51d380 100644
--- a/setools.spec
+++ b/setools.spec
@@ -26,7 +26,7 @@ print(rpm.expand("%{?" .. flavor .. "_prefix}%{!?" .. flavor .. "_prefix:python3
 %define pythons %python3_primary_provider
 
 Name:           setools
-Version:        4.4.1
+Version:        4.4.2
 Release:        0
 URL:            https://github.com/SELinuxProject/setools
 Summary:        Policy analysis tools for SELinux
@@ -34,8 +34,6 @@ License:        GPL-2.0-only
 Group:          System/Management
 Source:         https://github.com/SELinuxProject/setools/releases/download/%{version}/%{name}-%{version}.tar.bz2
 Source2:        README.SUSE
-# PATCH-FIX-UPSTREAM https://github.com/SELinuxProject/setools/pull/68
-Patch1:         make_networkx_optional.patch
 BuildRequires:  fdupes
 BuildRequires:  libselinux-devel
 BuildRequires:  libsepol-devel