diff --git a/checkpolicy-rhat.patch b/checkpolicy-rhat.patch index 7456318..8f66466 100644 --- a/checkpolicy-rhat.patch +++ b/checkpolicy-rhat.patch @@ -1,3 +1,14 @@ +diff --git a/checkpolicy/.gitignore b/checkpolicy/.gitignore +new file mode 100644 +index 0000000..a7bd076 +--- /dev/null ++++ b/checkpolicy/.gitignore +@@ -0,0 +1,5 @@ ++checkmodule ++checkpolicy ++lex.yy.c ++y.tab.c ++y.tab.h diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c index d6ebd78..0946ff6 100644 --- a/checkpolicy/module_compiler.c @@ -352,6 +363,14 @@ index 48128a8..1331c04 100644 #line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); } #line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; } #[^\n]* { /* delete comments */ } +diff --git a/checkpolicy/test/.gitignore b/checkpolicy/test/.gitignore +new file mode 100644 +index 0000000..dbb03b9 +--- /dev/null ++++ b/checkpolicy/test/.gitignore +@@ -0,0 +1,2 @@ ++dismod ++dispol diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c index 33a29e4..66f976f 100644 --- a/checkpolicy/test/dismod.c @@ -529,13 +548,27 @@ index 33a29e4..66f976f 100644 link_module(&policydb, out_fp); break; diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c -index f8c05e6..ee2cf02 100644 +index f8c05e6..2213946 100644 --- a/checkpolicy/test/dispol.c +++ b/checkpolicy/test/dispol.c -@@ -341,6 +341,21 @@ static void display_permissive(policydb_t *p, FILE *fp) +@@ -341,6 +341,35 @@ static void display_permissive(policydb_t *p, FILE *fp) } } ++static void display_role_trans(policydb_t *p, FILE *fp) ++{ ++ role_trans_t *rt; ++ ++ fprintf(fp, "role_trans rules:\n"); ++ for (rt = p->role_tr; rt; rt = rt->next) { ++ display_id(p, fp, SYM_ROLES, rt->role - 1, ""); ++ display_id(p, fp, SYM_TYPES, rt->type - 1, ""); ++ display_id(p, fp, SYM_CLASSES, rt->tclass - 1, ":"); ++ display_id(p, fp, SYM_ROLES, rt->new_role - 1, ""); ++ fprintf(fp, "\n"); ++ } ++} ++ +static void display_filename_trans(policydb_t *p, FILE *fp) +{ + filename_trans_t *ft; @@ -554,7 +587,12 @@ index f8c05e6..ee2cf02 100644 int menu() { printf("\nSelect a command:\n"); -@@ -355,6 +370,8 @@ int menu() +@@ -351,10 +380,13 @@ int menu() + printf("5) display conditional bools\n"); + printf("6) display conditional expressions\n"); + printf("7) change a boolean value\n"); ++ printf("8) display role transitions\n"); + printf("\n"); printf("c) display policy capabilities\n"); printf("p) display the list of permissive types\n"); printf("u) display unknown handling setting\n"); @@ -563,7 +601,17 @@ index f8c05e6..ee2cf02 100644 printf("f) set output file\n"); printf("m) display menu\n"); printf("q) quit\n"); -@@ -492,6 +509,9 @@ int main(int argc, char **argv) +@@ -467,6 +499,9 @@ int main(int argc, char **argv) + change_bool(name, state, &policydb, out_fp); + free(name); + break; ++ case '8': ++ display_role_trans(&policydb, out_fp); ++ break; + case 'c': + display_policycaps(&policydb, out_fp); + break; +@@ -492,6 +527,9 @@ int main(int argc, char **argv) if (out_fp != stdout) printf("\nOutput to file: %s\n", OutfileName); break; diff --git a/checkpolicy.spec b/checkpolicy.spec index 722cdde..20f230d 100644 --- a/checkpolicy.spec +++ b/checkpolicy.spec @@ -1,8 +1,8 @@ -%define libsepolver 2.0.43-3 +%define libsepolver 2.0.44-2 Summary: SELinux policy compiler Name: checkpolicy Version: 2.0.24 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2 Group: Development/System Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz @@ -55,8 +55,11 @@ rm -rf ${RPM_BUILD_ROOT} %{_bindir}/sedispol %changelog +* Thu Apr 21 2011 Dan Walsh - 2.0.24-2 +* Fixes for new role_transition class field by Eric Paris. + * Fri Apr 15 2011 Dan Walsh - 2.0.24-2 -- Add "-" ass a file type +- Add "-" as a file type * Tue Apr 12 2011 Dan Walsh - 2.0.24-1 -Update to upstream