* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
- Fix polgen.py to not generate udp rules on tcp input
This commit is contained in:
Daniel J Walsh
parent
983d80958f
commit
3001352ed7
|
|
@ -2184,8 +2184,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
|
|||
+ app.stand_alone()
|
||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py
|
||||
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.7/gui/polgen.py 2007-03-29 12:10:22.000000000 -0400
|
||||
@@ -0,0 +1,437 @@
|
||||
+++ policycoreutils-2.0.7/gui/polgen.py 2007-04-03 14:54:50.000000000 -0400
|
||||
@@ -0,0 +1,436 @@
|
||||
+#! /usr/bin/python
|
||||
+# Copyright (C) 2007 Red Hat
|
||||
+# see file 'COPYING' for use and warranty information
|
||||
|
|
@ -2368,7 +2368,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
|||
+
|
||||
+ for i in self.in_udp:
|
||||
+ rec = self.find_port(int(i))
|
||||
+ print i, rec
|
||||
+ if rec == None:
|
||||
+ self.need_udp_type = True;
|
||||
+ else:
|
||||
|
|
@ -2398,8 +2397,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
|||
+ def generate_network_rules(self):
|
||||
+ newte = ""
|
||||
+ tcp = len(self.in_tcp) + len(self.out_tcp)
|
||||
+ udp = len(self.in_udp) + len(self.out_tcp)
|
||||
+
|
||||
+ udp = len(self.in_udp) + len(self.out_udp)
|
||||
+ if tcp > 0 or udp > 0:
|
||||
+ newte = "\n"
|
||||
+
|
||||
|
|
@ -2613,6 +2611,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
|
|||
+ mypolicy.add_dir("/var/lib/daemon")
|
||||
+ mypolicy.add_dir("/etc/daemon")
|
||||
+ mypolicy.add_dir("/etc/daemon/special")
|
||||
+ mypolicy.set_out_tcp("8000")
|
||||
+ print mypolicy.generate()
|
||||
+# mypolicy = policy("inetd", "/usr/sbin/inetd", 1)
|
||||
+# mypolicy.generate()
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
Summary: SELinux policy core utilities.
|
||||
Name: policycoreutils
|
||||
Version: 2.0.7
|
||||
Release: 8%{?dist}
|
||||
Release: 9%{?dist}
|
||||
License: GPL
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
|
|
@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
|
|||
fi
|
||||
|
||||
%changelog
|
||||
* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
|
||||
- Fix polgen.py to not generate udp rules on tcp input
|
||||
|
||||
* Fri Mar 30 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-8
|
||||
- system-config-selinux should be able to run on a disabled system,
|
||||
- at least enough to get it enabled.
|
||||
|
|
|
|||
Loading…
Reference in New Issue