Update to upstream

* checkpolicy: fix spacing in output message

.gitignore

@@ -80,3 +80,4 @@ checkpolicy-2.0.22.tgz
 /checkpolicy-2.1.0.tgz
 /checkpolicy-2.1.1.tgz
 /checkpolicy-2.1.3.tgz
+/checkpolicy-2.1.4.tgz

checkpolicy-rhat.patch

@@ -1,13 +1,149 @@
-diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
+diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
-index fdf2d92..0e08965 100644
+index 1c1d1d5..81ccb00 100644
---- a/checkpolicy/test/dispol.c
+--- a/checkpolicy/module_compiler.c
-+++ b/checkpolicy/test/dispol.c
++++ b/checkpolicy/module_compiler.c
-@@ -365,7 +365,7 @@ static void display_filename_trans(policydb_t *p, FILE *fp)
+@@ -1045,7 +1045,7 @@ int require_user(int pass)
- 		display_id(p, fp, SYM_TYPES, ft->ttype - 1, "");
- 		display_id(p, fp, SYM_CLASSES, ft->tclass - 1, ":");
- 		display_id(p, fp, SYM_TYPES, ft->otype - 1, "");
--		fprintf(fp, "%s\n", ft->name);
-+		fprintf(fp, " %s\n", ft->name);
  	}
  }
  
+-int require_bool(int pass)
++static int require_bool_tunable(int pass, int is_tunable)
+ {
+ 	char *id = queue_remove(id_queue);
+ 	cond_bool_datum_t *booldatum = NULL;
+@@ -1063,6 +1063,8 @@ int require_bool(int pass)
+ 		yyerror("Out of memory!");
+ 		return -1;
+ 	}
++	if (is_tunable)
++		booldatum->flags |= COND_BOOL_FLAGS_TUNABLE;
+ 	retval =
+ 	    require_symbol(SYM_BOOLS, id, (hashtab_datum_t *) booldatum,
+ 			   &booldatum->s.value, &booldatum->s.value);
+@@ -1094,6 +1096,16 @@ int require_bool(int pass)
+ 	}
+ }
+ 
++int require_bool(int pass)
++{
++	return require_bool_tunable(pass, 0);
++}
++
++int require_tunable(int pass)
++{
++	return require_bool_tunable(pass, 1);
++}
++
+ int require_sens(int pass)
+ {
+ 	char *id = queue_remove(id_queue);
+@@ -1328,6 +1340,8 @@ void append_cond_list(cond_list_t * cond)
+ 		     tmp = tmp->next) ;
+ 		tmp->next = cond->avfalse_list;
+ 	}
++
++	old_cond->flags |= (cond->flags & COND_NODE_FLAGS_TUNABLE);
+ }
+ 
+ void append_avrule(avrule_t * avrule)
+diff --git a/checkpolicy/module_compiler.h b/checkpolicy/module_compiler.h
+index 45a21cd..72c2d9b 100644
+--- a/checkpolicy/module_compiler.h
++++ b/checkpolicy/module_compiler.h
+@@ -58,6 +58,7 @@ int require_attribute(int pass);
+ int require_attribute_role(int pass);
+ int require_user(int pass);
+ int require_bool(int pass);
++int require_tunable(int pass);
+ int require_sens(int pass);
+ int require_cat(int pass);
+ 
+diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
+index ded27f7..1bf669c 100644
+--- a/checkpolicy/policy_define.c
++++ b/checkpolicy/policy_define.c
+@@ -1494,7 +1494,7 @@ avrule_t *define_cond_compute_type(int which)
+ 	return avrule;
+ }
+ 
+-int define_bool(void)
++int define_bool_tunable(int is_tunable)
+ {
+ 	char *id, *bool_value;
+ 	cond_bool_datum_t *datum;
+@@ -1524,6 +1524,8 @@ int define_bool(void)
+ 		return -1;
+ 	}
+ 	memset(datum, 0, sizeof(cond_bool_datum_t));
++	if (is_tunable)
++		datum->flags |= COND_BOOL_FLAGS_TUNABLE;
+ 	ret = declare_symbol(SYM_BOOLS, id, datum, &value, &value);
+ 	switch (ret) {
+ 	case -3:{
+diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h
+index fc8cd4d..92a9be7 100644
+--- a/checkpolicy/policy_define.h
++++ b/checkpolicy/policy_define.h
+@@ -21,7 +21,7 @@ cond_expr_t *define_cond_expr(uint32_t expr_type, void *arg1, void* arg2);
+ int define_attrib(void);
+ int define_attrib_role(void);
+ int define_av_perms(int inherits);
+-int define_bool(void);
++int define_bool_tunable(int is_tunable);
+ int define_category(void);
+ int define_class(void);
+ int define_common_perms(void);
+diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y
+index 0a17bdc..49ac15f 100644
+--- a/checkpolicy/policy_parse.y
++++ b/checkpolicy/policy_parse.y
+@@ -101,6 +101,7 @@ typedef int (* require_func_t)();
+ %token ALIAS
+ %token ATTRIBUTE
+ %token BOOL
++%token TUNABLE
+ %token IF
+ %token ELSE
+ %token TYPE_TRANSITION
+@@ -269,6 +270,7 @@ te_decl			: attribute_def
+                         | typeattribute_def
+                         | typebounds_def
+                         | bool_def
++			| tunable_def
+                         | transition_def
+                         | range_trans_def
+                         | te_avtab_def
+@@ -295,8 +297,11 @@ opt_attr_list           : ',' id_comma_list
+ 			| 
+ 			;
+ bool_def                : BOOL identifier bool_val ';'
+-                        {if (define_bool()) return -1;}
++                        { if (define_bool_tunable(0)) return -1; }
+                         ;
++tunable_def		: TUNABLE identifier bool_val ';'
++			{ if (define_bool_tunable(1)) return -1; }
++			;
+ bool_val                : CTRUE
+  			{ if (insert_id("T",0)) return -1; }
+                         | CFALSE
+@@ -820,6 +825,7 @@ require_decl_def        : ROLE        { $$ = require_role; }
+                         | ATTRIBUTE_ROLE   { $$ = require_attribute_role; }
+                         | USER        { $$ = require_user; }
+                         | BOOL        { $$ = require_bool; }
++			| TUNABLE     { $$ = require_tunable; }
+                         | SENSITIVITY { $$ = require_sens; }
+                         | CATEGORY    { $$ = require_cat; }
+                         ;
+diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
+index ed27bbe..a61e0db 100644
+--- a/checkpolicy/policy_scan.l
++++ b/checkpolicy/policy_scan.l
+@@ -92,6 +92,8 @@ TYPE |
+ type				{ return(TYPE); }
+ BOOL |
+ bool                            { return(BOOL); }
++TUNABLE |
++tunable				{ return(TUNABLE); }
+ IF |
+ if				{ return(IF); }
+ ELSE |

checkpolicy.spec

@@ -1,7 +1,7 @@
-%define libsepolver 2.1.0-1
+%define libsepolver 2.1.2-1
 Summary: SELinux policy compiler
 Name: checkpolicy
-Version: 2.1.3
+Version: 2.1.4
 Release: 1%{?dist}
 License: GPLv2
 Group: Development/System
@@ -53,6 +53,10 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_bindir}/sedispol
 
 %changelog
+* Tue Aug 30 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.4-0
+-Update to upstream
+	* checkpolicy: fix spacing in output message
+
 * Thu Aug 18 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.3-0
 	* add missing ; to attribute_role_def
 	*Redo filename/filesystem syntax to support filename trans

sources

@@ -1 +1 @@
-5b025df9f12bd873b3bb815c50fb9172  checkpolicy-2.1.3.tgz
+1b6184a442ce788f00652f45ab6464e8  checkpolicy-2.1.4.tgz