rpms
/
policycoreutils
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9 

- Fix polgen.py to not generate udp rules on tcp input
This commit is contained in:
Daniel J Walsh 2007-04-03 18:58:42 +00:00
parent e734abd20f
commit 7621ed828f
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
policycoreutils-gui.patch
View File

@ -2184,8 +2184,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ app.stand_alone() + app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/polgen.py 2007-03-29 12:10:22.000000000 -0400 +++ policycoreutils-2.0.7/gui/polgen.py 2007-04-03 14:54:50.000000000 -0400
@@ -0,0 +1,437 @@ @@ -0,0 +1,436 @@
+#! /usr/bin/python +#! /usr/bin/python
+# Copyright (C) 2007 Red Hat +# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information +# see file 'COPYING' for use and warranty information
@ -2368,7 +2368,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ +
+ for i in self.in_udp: + for i in self.in_udp:
+ rec = self.find_port(int(i)) + rec = self.find_port(int(i))
+ print i, rec
+ if rec == None: + if rec == None:
+ self.need_udp_type = True; + self.need_udp_type = True;
+ else: + else:
@ -2398,8 +2397,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ def generate_network_rules(self): + def generate_network_rules(self):
+ newte = "" + newte = ""
+ tcp = len(self.in_tcp) + len(self.out_tcp) + tcp = len(self.in_tcp) + len(self.out_tcp)
+ udp = len(self.in_udp) + len(self.out_tcp) + udp = len(self.in_udp) + len(self.out_udp)
+
+ if tcp > 0 or udp > 0: + if tcp > 0 or udp > 0:
+ newte = "\n" + newte = "\n"
+ +
@ -2613,6 +2611,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.add_dir("/var/lib/daemon") + mypolicy.add_dir("/var/lib/daemon")
+ mypolicy.add_dir("/etc/daemon") + mypolicy.add_dir("/etc/daemon")
+ mypolicy.add_dir("/etc/daemon/special") + mypolicy.add_dir("/etc/daemon/special")
+ mypolicy.set_out_tcp("8000")
+ print mypolicy.generate() + print mypolicy.generate()
+# mypolicy = policy("inetd", "/usr/sbin/inetd", 1) +# mypolicy = policy("inetd", "/usr/sbin/inetd", 1)
+# mypolicy.generate() +# mypolicy.generate()

5
policycoreutils.spec
View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 2.0.7 Version: 2.0.7
Release: 8%{?dist} Release: 9%{?dist}
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
fi fi
%changelog %changelog
* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
- Fix polgen.py to not generate udp rules on tcp input
* Fri Mar 30 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-8 * Fri Mar 30 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-8
- system-config-selinux should be able to run on a disabled system, - system-config-selinux should be able to run on a disabled system,
- at least enough to get it enabled. - at least enough to get it enabled.