auto-import changelog data from iptables-1.2.9-1.2.src.rpm

Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2 - Close File descriptors to prevent SELinux error message Wed Jan 07 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1 - rebuild
2004-09-09 06:25:17 +00:00 · 2004-09-09 06:25:17 +00:00 · c76d6f02d4
commit c76d6f02d4
parent 314b6dc7e4
2 changed files with 52 additions and 2 deletions
--- a/iptables-1.2.9-selinux.patch
+++ b/iptables-1.2.9-selinux.patch
@ -0,0 +1,42 @@
+--- iptables-1.2.9/ip6tables.c.selinux	2004-01-25 13:39:58.652465653 -0500
+++ iptables-1.2.9/ip6tables.c	2004-01-25 13:52:50.291335019 -0500
+@@ -1587,6 +1587,7 @@
+ {
+ 	char *buf = NULL;
+ 	char *argv[3];
+	int i=0;
+ 
+ 	/* If they don't explicitly set it, read out of kernel */
+ 	if (!modprobe) {
+@@ -1598,6 +1599,10 @@
+ 
+ 	switch (fork()) {
+ 	case 0:
+	        /* close open file descriptors */
+	        for (i=0; i< 10; i++) {
+		  close(i);
+		}
+ 		argv[0] = (char *)modprobe;
+ 		argv[1] = (char *)modname;
+ 		argv[2] = NULL;
+--- iptables-1.2.9/iptables.c.selinux	2004-01-25 13:39:58.702460379 -0500
+++ iptables-1.2.9/iptables.c	2004-01-25 13:52:55.940802957 -0500
+@@ -1583,6 +1583,7 @@
+ {
+ 	char *buf = NULL;
+ 	char *argv[3];
+	int i=0;
+ 
+ 	/* If they don't explicitly set it, read out of kernel */
+ 	if (!modprobe) {
+@@ -1594,6 +1595,10 @@
+ 
+ 	switch (fork()) {
+ 	case 0:
+	        /* close open file descriptors */
+	        for (i=0; i< 10; i++) {
+		  close(i);
+		}
+ 		argv[0] = (char *)modprobe;
+ 		argv[1] = (char *)modname;
+ 		argv[2] = NULL;
--- a/iptables.spec
+++ b/iptables.spec
@ -4,7 +4,7 @@
 Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities.
 Version: 1.2.9
-Release: 1.0
+Release: 1.2
 Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
@ -14,6 +14,7 @@ Source3: netfilter-2.4.20.tar.gz
 Patch2: iptables-1.2.8-nolibnsl.patch
 Patch3: iptables-1.2.8-print_type.patch
 Patch4: iptables-1.2.9-netlink.patch
+Patch5: iptables-1.2.9-selinux.patch
 Group: System Environment/Base
 URL: http://www.netfilter.org/
 BuildRoot: %{_tmppath}/%{name}-buildroot
@ -68,6 +69,7 @@ cd ..
 %patch2 -p1 -b .nolibnsl
 %patch3 -p1 -b .print_type
 %patch4 -p1 -b .netlink
+%patch5 -p1 -b .selinux

 # Put it to a reasonable place
 find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \;
@ -142,7 +144,13 @@ fi
 %endif

 %changelog
-* Wed Dec 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.0
+* Sun Jan  25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2
+- Close File descriptors to prevent SELinux error message
+
+* Wed Jan  7 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1
+- rebuild
+
+* Wed Dec 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.9-1
 - vew version 1.2.9
 - new config options in ipXtables-config:
  IPTABLES_MODULES_UNLOAD