- Update to match flask/access_vectors in policy

2007-07-11 14:52:47 +00:00 · 2007-07-11 14:52:47 +00:00 · 8ffc2801ed
parent 8e8fca8665
commit 8ffc2801ed
2 changed files with 74 additions and 1 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -1,3 +1,73 @@
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.23/include/selinux/av_permissions.h
+--- nsalibselinux/include/selinux/av_permissions.h	2006-11-16 17:15:18.000000000 -0500
+++ libselinux-2.0.23/include/selinux/av_permissions.h	2007-07-11 10:06:56.000000000 -0400
+@@ -290,12 +290,16 @@
+ #define NODE__RAWIP_RECV                          0x00000010UL
+ #define NODE__RAWIP_SEND                          0x00000020UL
+ #define NODE__ENFORCE_DEST                        0x00000040UL
+#define NODE__DCCP_RECV                           0x00000080UL
+#define NODE__DCCP_SEND                           0x00000100UL
+ #define NETIF__TCP_RECV                           0x00000001UL
+ #define NETIF__TCP_SEND                           0x00000002UL
+ #define NETIF__UDP_RECV                           0x00000004UL
+ #define NETIF__UDP_SEND                           0x00000008UL
+ #define NETIF__RAWIP_RECV                         0x00000010UL
+ #define NETIF__RAWIP_SEND                         0x00000020UL
+#define NETIF__DCCP_RECV                          0x00000040UL
+#define NETIF__DCCP_SEND                          0x00000080UL
+ #define NETLINK_SOCKET__IOCTL                     0x00000001UL
+ #define NETLINK_SOCKET__READ                      0x00000002UL
+ #define NETLINK_SOCKET__WRITE                     0x00000004UL
+@@ -837,6 +841,8 @@
+ #define NSCD__SHMEMPWD                            0x00000020UL
+ #define NSCD__SHMEMGRP                            0x00000040UL
+ #define NSCD__SHMEMHOST                           0x00000080UL
+#define NSCD__GETSERV                             0x00000100UL
+#define NSCD__SHMEMSERV                           0x00000200UL
+ #define ASSOCIATION__SENDTO                       0x00000001UL
+ #define ASSOCIATION__RECVFROM                     0x00000002UL
+ #define ASSOCIATION__SETCONTEXT                   0x00000004UL
+@@ -897,3 +903,28 @@
+ #define KEY__CREATE                               0x00000040UL
+ #define CONTEXT__TRANSLATE                        0x00000001UL
+ #define CONTEXT__CONTAINS                         0x00000002UL
+#define DCCP_SOCKET__IOCTL                        0x00000001UL
+#define DCCP_SOCKET__READ                         0x00000002UL
+#define DCCP_SOCKET__WRITE                        0x00000004UL
+#define DCCP_SOCKET__CREATE                       0x00000008UL
+#define DCCP_SOCKET__GETATTR                      0x00000010UL
+#define DCCP_SOCKET__SETATTR                      0x00000020UL
+#define DCCP_SOCKET__LOCK                         0x00000040UL
+#define DCCP_SOCKET__RELABELFROM                  0x00000080UL
+#define DCCP_SOCKET__RELABELTO                    0x00000100UL
+#define DCCP_SOCKET__APPEND                       0x00000200UL
+#define DCCP_SOCKET__BIND                         0x00000400UL
+#define DCCP_SOCKET__CONNECT                      0x00000800UL
+#define DCCP_SOCKET__LISTEN                       0x00001000UL
+#define DCCP_SOCKET__ACCEPT                       0x00002000UL
+#define DCCP_SOCKET__GETOPT                       0x00004000UL
+#define DCCP_SOCKET__SETOPT                       0x00008000UL
+#define DCCP_SOCKET__SHUTDOWN                     0x00010000UL
+#define DCCP_SOCKET__RECVFROM                     0x00020000UL
+#define DCCP_SOCKET__SENDTO                       0x00040000UL
+#define DCCP_SOCKET__RECV_MSG                     0x00080000UL
+#define DCCP_SOCKET__SEND_MSG                     0x00100000UL
+#define DCCP_SOCKET__NAME_BIND                    0x00200000UL
+#define DCCP_SOCKET__NODE_BIND                    0x00400000UL
+#define DCCP_SOCKET__NAME_CONNECT                 0x00800000UL
+#define MEMPROTECT__MMAP_ZERO                     0x00000001UL
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/flask.h libselinux-2.0.23/include/selinux/flask.h
+--- nsalibselinux/include/selinux/flask.h	2006-11-16 17:15:18.000000000 -0500
+++ libselinux-2.0.23/include/selinux/flask.h	2007-07-11 10:07:03.000000000 -0400
+@@ -64,6 +64,8 @@
+ #define SECCLASS_PACKET                                  57
+ #define SECCLASS_KEY                                     58
+ #define SECCLASS_CONTEXT                                 59
+#define SECCLASS_DCCP_SOCKET                             60
+#define SECCLASS_MEMPROTECT                              61
+ 
+ /*
+  * Security identifier indices for initial entities
 diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.23/Makefile
 --- nsalibselinux/Makefile	2007-06-01 10:44:08.000000000 -0400
 +++ libselinux-2.0.23/Makefile	2007-06-26 05:11:37.000000000 -0400
--- a/libselinux.spec
+++ b/libselinux.spec
@ -2,7 +2,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.0.23
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@ -123,6 +123,9 @@ exit 0
 %{_libdir}/python*/site-packages/selinux.py*

 %changelog
+* Wed Jul 11 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.23-3
+- Update to match flask/access_vectors in policy
+
 * Tue Jul 10 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.23-2
 - Fix man page markup lanquage for translations