From cfd1d1337dc8659ef6a95d1aee3c3c5c171d1f1f Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 25 Sep 2006 14:19:06 +0000 Subject: [PATCH] - Add sgrubb patch for polmatch --- libselinux-rhat.patch | 50 +++++++++++++++---------------------------- libselinux.spec | 9 ++++++-- 2 files changed, 24 insertions(+), 35 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index f46b556..da227a0 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,35 +1,19 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/src/fgetfilecon.c libselinux-1.30.22/src/fgetfilecon.c ---- nsalibselinux/src/fgetfilecon.c 2006-07-03 07:52:49.000000000 -0400 -+++ libselinux-1.30.22/src/fgetfilecon.c 2006-08-10 11:09:07.000000000 -0400 -@@ -58,5 +58,8 @@ - freecon(rcontext); - } +diff -ur libselinux-1.30.28.orig/include/selinux/av_permissions.h libselinux-1.30.28/include/selinux/av_permissions.h +--- libselinux-1.30.28.orig/include/selinux/av_permissions.h 2006-09-25 09:44:13.000000000 -0400 ++++ libselinux-1.30.28/include/selinux/av_permissions.h 2006-09-25 09:44:47.000000000 -0400 +@@ -468,6 +468,7 @@ + #define PROCESS__EXECSTACK 0x04000000UL + #define PROCESS__EXECHEAP 0x08000000UL + #define PROCESS__SETKEYCREATE 0x10000000UL ++#define PROCESS__SETSOCKCREATE 0x20000000UL -+ if (ret >= 0) -+ return strlen(*context); -+ - return ret; - } -diff --exclude-from=exclude -N -u -r nsalibselinux/src/getfilecon.c libselinux-1.30.22/src/getfilecon.c ---- nsalibselinux/src/getfilecon.c 2006-07-03 07:52:49.000000000 -0400 -+++ libselinux-1.30.22/src/getfilecon.c 2006-08-10 11:09:59.000000000 -0400 -@@ -57,6 +57,8 @@ - ret = selinux_raw_to_trans_context(rcontext, context); - freecon(rcontext); - } -+ if (ret >= 0) -+ return strlen(*context); + #define IPC__CREATE 0x00000001UL + #define IPC__DESTROY 0x00000002UL +@@ -910,6 +911,7 @@ + #define ASSOCIATION__SENDTO 0x00000001UL + #define ASSOCIATION__RECVFROM 0x00000002UL + #define ASSOCIATION__SETCONTEXT 0x00000004UL ++#define ASSOCIATION__POLMATCH 0x00000008UL - return ret; - } -diff --exclude-from=exclude -N -u -r nsalibselinux/src/lgetfilecon.c libselinux-1.30.22/src/lgetfilecon.c ---- nsalibselinux/src/lgetfilecon.c 2006-07-03 07:52:49.000000000 -0400 -+++ libselinux-1.30.22/src/lgetfilecon.c 2006-08-10 11:06:59.000000000 -0400 -@@ -58,5 +58,7 @@ - freecon(rcontext); - } - -+ if (ret >= 0) -+ return strlen(*context); - return ret; - } + #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL + #define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL diff --git a/libselinux.spec b/libselinux.spec index 613dbb2..4ffe88e 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -1,11 +1,12 @@ -%define libsepolver 1.12.25-1 +%define libsepolver 1.12.26-1 Summary: SELinux library and simple utilities Name: libselinux Version: 1.30.28 -Release: 1 +Release: 2 License: Public domain (uncopyrighted) Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz +Patch: libselinux-rhat.patch BuildRequires: libsepol-devel >= %{libsepolver} swig Requires: libsepol >= %{libsepolver} setransd @@ -48,6 +49,7 @@ needed for developing SELinux applications. %prep %setup -q +%patch -p1 -b .rhat %build make clean @@ -117,6 +119,9 @@ exit 0 %{_libdir}/python*/site-packages/selinux.py* %changelog +* Wed Sep 25 2006 Dan Walsh - 1.30.28-2 +- Add sgrubb patch for polmatch + * Wed Sep 13 2006 Dan Walsh - 1.30.28-1 - Upgrade to latest from NSA * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client