rpms
/
checkpolicy
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

checkpolicy-2.5-2 

- Add support for portcon dccp protocol
This commit is contained in:
Petr Lautrbach 2016-04-08 21:02:57 +02:00
parent ce5393bbac
commit 65b44362fe
2 changed files with 44 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
checkpolicy-fedora.patch Normal file
View File

@ -0,0 +1,35 @@
diff --git checkpolicy-2.5/ChangeLog checkpolicy-2.5/ChangeLog
index dfe4908..51b99cd 100644
--- checkpolicy-2.5/ChangeLog
+++ checkpolicy-2.5/ChangeLog
@@ -1,3 +1,4 @@
+ * Add support for portcon dccp protocol, from Richard Haines
2.5 2016-02-23
* Add neverallow support for ioctl extended permissions, from Jeff Vander Stoep.
* fix double free on name-based type transitions, from Stephen Smalley.
diff --git checkpolicy-2.5/checkpolicy.c checkpolicy-2.5/checkpolicy.c
index 9da661e..ea9ee00 100644
--- checkpolicy-2.5/checkpolicy.c
+++ checkpolicy-2.5/checkpolicy.c
@@ -919,6 +919,8 @@ int main(int argc, char **argv)
protocol = IPPROTO_TCP;
else if (!strcmp(ans, "udp") || !strcmp(ans, "UDP"))
protocol = IPPROTO_UDP;
+ else if (!strcmp(ans, "dccp") || !strcmp(ans, "DCCP"))
+ protocol = IPPROTO_DCCP;
else {
printf("unknown protocol\n");
break;
diff --git checkpolicy-2.5/policy_define.c checkpolicy-2.5/policy_define.c
index ee20fea..7a4d2f1 100644
--- checkpolicy-2.5/policy_define.c
+++ checkpolicy-2.5/policy_define.c
@@ -4876,6 +4876,8 @@ int define_port_context(unsigned int low, unsigned int high)
protocol = IPPROTO_TCP;
} else if ((strcmp(id, "udp") == 0) || (strcmp(id, "UDP") == 0)) {
protocol = IPPROTO_UDP;
+ } else if ((strcmp(id, "dccp") == 0) || (strcmp(id, "DCCP") == 0)) {
+ protocol = IPPROTO_DCCP;
} else {
yyerror2("unrecognized protocol %s", id);
free(newc);

11
checkpolicy.spec
View File

@ -3,11 +3,15 @@
Summary: SELinux policy compiler
Name: checkpolicy
Version: 2.5
Release: 1%{?dist}
Release: 2%{?dist}
License: GPLv2
Group: Development/System
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223/checkpolicy-2.5.tar.gz
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
# run:
# $ VERSION=2.5 ./make-fedora-selinux-patch.sh checkpolicy
# HEAD https://github.com/fedora-selinux/selinux/commit/4bfb84c7ff7b33cf06b9a6b2317d24054b9db562
Patch1: checkpolicy-fedora.patch
Conflicts: selinux-policy-base < 3.13.1-138
BuildRoot: %{_tmppath}/%{name}-buildroot
BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel >= %{libselinuxver}
@ -57,6 +61,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_bindir}/sedispol
%changelog
* Fri Apr 08 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-2
- Add support for portcon dccp protocol
* Tue Feb 23 2016 Petr Lautrbach <plautrba@redhat.com> 2.5-1
- Update to upstream release 2016-02-23