Fix SCTP patch
Fixes: Failed to load default permission map: /usr/lib64/python3.6/site-packages/setools/perm_map:391:Invalid class declaration: ['sendto', 'w', '10'] https://github.com/SELinuxProject/setools/issues/9
This commit is contained in:
parent
950d0d171f
commit
56ba584672
|
@ -9,9 +9,9 @@ Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
||||||
---
|
---
|
||||||
libqpol/include/qpol/linux_types.h | 1 +
|
libqpol/include/qpol/linux_types.h | 1 +
|
||||||
libqpol/policy_define.c | 5 +++++
|
libqpol/policy_define.c | 5 +++++
|
||||||
setools/perm_map | 30 ++++++++++++++++++++++++++++++
|
setools/perm_map | 36 +++++++++++++++++++++++++++---
|
||||||
setools/policyrep/netcontext.py | 5 +++++
|
setools/policyrep/netcontext.py | 5 +++++
|
||||||
4 files changed, 41 insertions(+)
|
4 files changed, 44 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
diff --git a/libqpol/include/qpol/linux_types.h b/libqpol/include/qpol/linux_types.h
|
diff --git a/libqpol/include/qpol/linux_types.h b/libqpol/include/qpol/linux_types.h
|
||||||
index c3c056b..0985162 100644
|
index c3c056b..0985162 100644
|
||||||
|
@ -49,9 +49,27 @@ index dcc69fc..1e623a3 100644
|
||||||
yyerror2("unrecognized protocol %s", id);
|
yyerror2("unrecognized protocol %s", id);
|
||||||
goto bad;
|
goto bad;
|
||||||
diff --git a/setools/perm_map b/setools/perm_map
|
diff --git a/setools/perm_map b/setools/perm_map
|
||||||
index 0a9f91c..25fae09 100644
|
index 0a9f91c..8bd34f5 100644
|
||||||
--- a/setools/perm_map
|
--- a/setools/perm_map
|
||||||
+++ b/setools/perm_map
|
+++ b/setools/perm_map
|
||||||
|
@@ -27,7 +27,7 @@
|
||||||
|
# Look to the examples below for further clarification.
|
||||||
|
#
|
||||||
|
# Number of object classes.
|
||||||
|
-95
|
||||||
|
+96
|
||||||
|
|
||||||
|
class netlink_audit_socket 27
|
||||||
|
nlmsg_relay w 10
|
||||||
|
@@ -376,7 +376,7 @@ class file 22
|
||||||
|
quotaon b 1
|
||||||
|
swapon b 1
|
||||||
|
|
||||||
|
-class node 11
|
||||||
|
+class node 13
|
||||||
|
rawip_recv r 10
|
||||||
|
tcp_recv r 10
|
||||||
|
udp_recv r 10
|
||||||
@@ -385,6 +385,8 @@ class node 11
|
@@ -385,6 +385,8 @@ class node 11
|
||||||
udp_send w 10
|
udp_send w 10
|
||||||
dccp_recv r 10
|
dccp_recv r 10
|
||||||
|
@ -94,6 +112,15 @@ index 0a9f91c..25fae09 100644
|
||||||
class netlink_firewall_socket 24
|
class netlink_firewall_socket 24
|
||||||
nlmsg_write w 10
|
nlmsg_write w 10
|
||||||
nlmsg_read r 10
|
nlmsg_read r 10
|
||||||
|
@@ -973,7 +1001,7 @@ class key_socket 22
|
||||||
|
relabelto w 10
|
||||||
|
listen r 1
|
||||||
|
|
||||||
|
-class netif 10
|
||||||
|
+class netif 12
|
||||||
|
rawip_recv r 10
|
||||||
|
tcp_recv r 10
|
||||||
|
udp_recv r 10
|
||||||
@@ -984,6 +1012,8 @@ class netif 10
|
@@ -984,6 +1012,8 @@ class netif 10
|
||||||
udp_send w 10
|
udp_send w 10
|
||||||
dccp_recv r 10
|
dccp_recv r 10
|
||||||
|
@ -104,10 +131,10 @@ index 0a9f91c..25fae09 100644
|
||||||
class packet_socket 22
|
class packet_socket 22
|
||||||
append w 10
|
append w 10
|
||||||
diff --git a/setools/policyrep/netcontext.py b/setools/policyrep/netcontext.py
|
diff --git a/setools/policyrep/netcontext.py b/setools/policyrep/netcontext.py
|
||||||
index c7076d2..2d890f3 100644
|
index 9a01fc5..630b42c 100644
|
||||||
--- a/setools/policyrep/netcontext.py
|
--- a/setools/policyrep/netcontext.py
|
||||||
+++ b/setools/policyrep/netcontext.py
|
+++ b/setools/policyrep/netcontext.py
|
||||||
@@ -38,6 +38,10 @@ try:
|
@@ -35,6 +35,10 @@ try:
|
||||||
IPPROTO_DCCP = getprotobyname("dccp")
|
IPPROTO_DCCP = getprotobyname("dccp")
|
||||||
except socket.error:
|
except socket.error:
|
||||||
IPPROTO_DCCP = 33
|
IPPROTO_DCCP = 33
|
||||||
|
@ -118,7 +145,7 @@ index c7076d2..2d890f3 100644
|
||||||
|
|
||||||
|
|
||||||
def netifcon_factory(policy, name):
|
def netifcon_factory(policy, name):
|
||||||
@@ -196,6 +200,7 @@ class PortconProtocol(int, PolicyEnum):
|
@@ -161,6 +165,7 @@ class PortconProtocol(int, PolicyEnum):
|
||||||
tcp = IPPROTO_TCP
|
tcp = IPPROTO_TCP
|
||||||
udp = IPPROTO_UDP
|
udp = IPPROTO_UDP
|
||||||
dccp = IPPROTO_DCCP
|
dccp = IPPROTO_DCCP
|
||||||
|
@ -127,5 +154,5 @@ index c7076d2..2d890f3 100644
|
||||||
|
|
||||||
class Portcon(NetContext):
|
class Portcon(NetContext):
|
||||||
--
|
--
|
||||||
2.14.3
|
2.18.0
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue