Fix SCTP patch

Fixes: Failed to load default permission map: /usr/lib64/python3.6/site-packages/setools/perm_map:391:Invalid class declaration: ['sendto', 'w', '10'] https://github.com/SELinuxProject/setools/issues/9
2018-08-22 18:01:19 +02:00 · 2018-08-22 18:01:19 +02:00 · 56ba584672
parent 950d0d171f
commit 56ba584672
1 changed files with 34 additions and 7 deletions
--- a/0004-Add-support-for-SCTP-protocol.patch
+++ b/0004-Add-support-for-SCTP-protocol.patch
@ -9,9 +9,9 @@ Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
 ---
 libqpol/include/qpol/linux_types.h |  1 +
 libqpol/policy_define.c            |  5 +++++
- setools/perm_map                   | 30 ++++++++++++++++++++++++++++++
+ setools/perm_map                   | 36 +++++++++++++++++++++++++++---
 setools/policyrep/netcontext.py    |  5 +++++
- 4 files changed, 41 insertions(+)
+ 4 files changed, 44 insertions(+), 3 deletions(-)

 diff --git a/libqpol/include/qpol/linux_types.h b/libqpol/include/qpol/linux_types.h
 index c3c056b..0985162 100644
@ -49,9 +49,27 @@ index dcc69fc..1e623a3 100644
 		yyerror2("unrecognized protocol %s", id);
 		goto bad;
 diff --git a/setools/perm_map b/setools/perm_map
-index 0a9f91c..25fae09 100644
+index 0a9f91c..8bd34f5 100644
 --- a/setools/perm_map
 +++ b/setools/perm_map
+@@ -27,7 +27,7 @@
+ # Look to the examples below for further clarification.
+ #
+ # Number of object classes.
+-95
+96
+ 
+ class netlink_audit_socket 27
+          nlmsg_relay         w        10
+@@ -376,7 +376,7 @@ class file 22
+              quotaon         b         1
+               swapon         b         1
+ 
+-class node 11
+class node 13
+           rawip_recv         r        10
+             tcp_recv         r        10
+             udp_recv         r        10
@@ -385,6 +385,8 @@ class node 11
             udp_send         w        10
            dccp_recv         r        10
@ -94,6 +112,15 @@ index 0a9f91c..25fae09 100644
 class netlink_firewall_socket 24
          nlmsg_write         w        10
           nlmsg_read         r        10
+@@ -973,7 +1001,7 @@ class key_socket 22
+            relabelto         w        10
+               listen         r         1
+ 
+-class netif 10
+class netif 12
+           rawip_recv         r        10
+             tcp_recv         r        10
+             udp_recv         r        10
@@ -984,6 +1012,8 @@ class netif 10
             udp_send         w        10
            dccp_recv         r        10
@ -104,10 +131,10 @@ index 0a9f91c..25fae09 100644
 class packet_socket 22
               append         w        10
 diff --git a/setools/policyrep/netcontext.py b/setools/policyrep/netcontext.py
-index c7076d2..2d890f3 100644
+index 9a01fc5..630b42c 100644
 --- a/setools/policyrep/netcontext.py
 +++ b/setools/policyrep/netcontext.py
-@@ -38,6 +38,10 @@ try:
+@@ -35,6 +35,10 @@ try:
     IPPROTO_DCCP = getprotobyname("dccp")
 except socket.error:
     IPPROTO_DCCP = 33
@ -118,7 +145,7 @@ index c7076d2..2d890f3 100644
 
 
 def netifcon_factory(policy, name):
-@@ -196,6 +200,7 @@ class PortconProtocol(int, PolicyEnum):
+@@ -161,6 +165,7 @@ class PortconProtocol(int, PolicyEnum):
     tcp = IPPROTO_TCP
     udp = IPPROTO_UDP
     dccp = IPPROTO_DCCP
@ -127,5 +154,5 @@ index c7076d2..2d890f3 100644
 
 class Portcon(NetContext):
 -- 
-2.14.3
+2.18.0