Fixes for filename transition code

checkpolicy-rhat.patch

@@ -1,3 +1,14 @@
+diff --git a/checkpolicy/.gitignore b/checkpolicy/.gitignore
+new file mode 100644
+index 0000000..a7bd076
+--- /dev/null
++++ b/checkpolicy/.gitignore
+@@ -0,0 +1,5 @@
++checkmodule
++checkpolicy
++lex.yy.c
++y.tab.c
++y.tab.h
 diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
 index d6ebd78..0946ff6 100644
 --- a/checkpolicy/module_compiler.c
@@ -352,6 +363,14 @@ index 48128a8..1331c04 100644
  #line[ ]1[ ]\"[^\n]*\"		{ set_source_file(yytext+9); }
  #line[ ]{digit}+	        { source_lineno = atoi(yytext+6)-1; }
  #[^\n]*                         { /* delete comments */ }
+diff --git a/checkpolicy/test/.gitignore b/checkpolicy/test/.gitignore
+new file mode 100644
+index 0000000..dbb03b9
+--- /dev/null
++++ b/checkpolicy/test/.gitignore
+@@ -0,0 +1,2 @@
++dismod
++dispol
 diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
 index 33a29e4..66f976f 100644
 --- a/checkpolicy/test/dismod.c
@@ -529,13 +548,27 @@ index 33a29e4..66f976f 100644
  			link_module(&policydb, out_fp);
  			break;
 diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
-index f8c05e6..ee2cf02 100644
+index f8c05e6..2213946 100644
 --- a/checkpolicy/test/dispol.c
 +++ b/checkpolicy/test/dispol.c
-@@ -341,6 +341,21 @@ static void display_permissive(policydb_t *p, FILE *fp)
+@@ -341,6 +341,35 @@ static void display_permissive(policydb_t *p, FILE *fp)
  	}
  }
  
++static void display_role_trans(policydb_t *p, FILE *fp)
++{
++	role_trans_t *rt;
++
++	fprintf(fp, "role_trans rules:\n");
++	for (rt = p->role_tr; rt; rt = rt->next) {
++		display_id(p, fp, SYM_ROLES, rt->role - 1, "");
++		display_id(p, fp, SYM_TYPES, rt->type - 1, "");
++		display_id(p, fp, SYM_CLASSES, rt->tclass - 1, ":");
++		display_id(p, fp, SYM_ROLES, rt->new_role - 1, "");
++		fprintf(fp, "\n");
++	}
++}
++
 +static void display_filename_trans(policydb_t *p, FILE *fp)
 +{
 +	filename_trans_t *ft;
@@ -554,7 +587,12 @@ index f8c05e6..ee2cf02 100644
  int menu()
  {
  	printf("\nSelect a command:\n");
-@@ -355,6 +370,8 @@ int menu()
+@@ -351,10 +380,13 @@ int menu()
+ 	printf("5)  display conditional bools\n");
+ 	printf("6)  display conditional expressions\n");
+ 	printf("7)  change a boolean value\n");
++	printf("8)  display role transitions\n");
+ 	printf("\n");
  	printf("c)  display policy capabilities\n");
  	printf("p)  display the list of permissive types\n");
  	printf("u)  display unknown handling setting\n");
@@ -563,7 +601,17 @@ index f8c05e6..ee2cf02 100644
  	printf("f)  set output file\n");
  	printf("m)  display menu\n");
  	printf("q)  quit\n");
-@@ -492,6 +509,9 @@ int main(int argc, char **argv)
+@@ -467,6 +499,9 @@ int main(int argc, char **argv)
+ 			change_bool(name, state, &policydb, out_fp);
+ 			free(name);
+ 			break;
++		case '8':
++			display_role_trans(&policydb, out_fp);
++			break;
+ 		case 'c':
+ 			display_policycaps(&policydb, out_fp);
+ 			break;
+@@ -492,6 +527,9 @@ int main(int argc, char **argv)
  			if (out_fp != stdout)
  				printf("\nOutput to file: %s\n", OutfileName);
  			break;

checkpolicy.spec

@@ -1,8 +1,8 @@
-%define libsepolver 2.0.43-3
+%define libsepolver 2.0.44-2
 Summary: SELinux policy compiler
 Name: checkpolicy
 Version: 2.0.24
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 Group: Development/System
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -55,8 +55,11 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_bindir}/sedispol
 
 %changelog
+* Thu Apr 21 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-2
+* Fixes for new role_transition class field by Eric Paris.
+
 * Fri Apr 15 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-2
-- Add "-" ass a file type
+- Add "-" as a file type
 
 * Tue Apr 12 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-1
 -Update to upstream