- Add James Antill patch for login verification of MLS Levels

- MLS ragnes need to be checked, Eg. login/cron. This patch adds
    infrastructure.
This commit is contained in:
Daniel J Walsh 2006-11-03 21:59:03 +00:00
parent 9d61c9c320
commit a7aef657f6

View File

@ -1,40 +1,16 @@
diff -rup libselinux-1.30.29-orig/include/selinux/av_permissions.h libselinux-1.30.29/include/selinux/av_permissions.h diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-1.33.1/include/selinux/av_permissions.h
--- libselinux-1.30.29-orig/include/selinux/av_permissions.h 2006-09-29 11:50:24.000000000 -0400 --- nsalibselinux/include/selinux/av_permissions.h 2006-10-24 12:49:23.000000000 -0400
+++ libselinux-1.30.29/include/selinux/av_permissions.h 2006-10-31 11:58:39.000000000 -0500 +++ libselinux-1.33.1/include/selinux/av_permissions.h 2006-11-03 16:56:52.000000000 -0500
@@ -970,3 +970,6 @@ @@ -896,3 +896,4 @@
#define KEY__LINK 0x00000010UL
#define KEY__SETATTR 0x00000020UL #define KEY__SETATTR 0x00000020UL
#define KEY__CREATE 0x00000040UL #define KEY__CREATE 0x00000040UL
+ #define CONTEXT__TRANSLATE 0x00000001UL
+#define CONTEXT__TRANSLATE 0x00000001UL
+#define CONTEXT__CONTAINS 0x00000002UL +#define CONTEXT__CONTAINS 0x00000002UL
Only in libselinux-1.30.29/include/selinux: av_permissions.h~ diff --exclude-from=exclude -N -u -r nsalibselinux/src/av_perm_to_string.h libselinux-1.33.1/src/av_perm_to_string.h
diff -rup libselinux-1.30.29-orig/include/selinux/flask.h libselinux-1.30.29/include/selinux/flask.h --- nsalibselinux/src/av_perm_to_string.h 2006-10-24 12:49:23.000000000 -0400
--- libselinux-1.30.29-orig/include/selinux/flask.h 2006-09-29 11:50:24.000000000 -0400 +++ libselinux-1.33.1/src/av_perm_to_string.h 2006-11-03 16:57:58.000000000 -0500
+++ libselinux-1.30.29/include/selinux/flask.h 2006-10-31 11:57:52.000000000 -0500 @@ -266,3 +266,4 @@
@@ -63,6 +63,7 @@
#define SECCLASS_APPLETALK_SOCKET 56
#define SECCLASS_PACKET 57
#define SECCLASS_KEY 58
+#define SECCLASS_CONTEXT 59
/*
* Security identifier indices for initial entities
diff -rup libselinux-1.30.29-orig/src/av_perm_to_string.h libselinux-1.30.29/src/av_perm_to_string.h
--- libselinux-1.30.29-orig/src/av_perm_to_string.h 2006-09-29 11:50:23.000000000 -0400
+++ libselinux-1.30.29/src/av_perm_to_string.h 2006-10-31 11:58:21.000000000 -0500
@@ -263,3 +263,5 @@ S_(SECCLASS_FILESYSTEM, FILESYSTEM__MOUN
S_(SECCLASS_KEY, KEY__LINK, "link")
S_(SECCLASS_KEY, KEY__SETATTR, "setattr") S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
S_(SECCLASS_KEY, KEY__CREATE, "create") S_(SECCLASS_KEY, KEY__CREATE, "create")
+ S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate") S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains") + S_(SECCLASS_CONTEXT, CONTEXT_CONTAINS, "contains")
Only in libselinux-1.30.29/src: av_perm_to_string.h~
diff -rup libselinux-1.30.29-orig/src/class_to_string.h libselinux-1.30.29/src/class_to_string.h
--- libselinux-1.30.29-orig/src/class_to_string.h 2006-09-29 11:50:23.000000000 -0400
+++ libselinux-1.30.29/src/class_to_string.h 2006-10-31 11:57:52.000000000 -0500
@@ -61,3 +61,4 @@ S_("null")
S_("appletalk_socket")
S_("packet")
S_("key")
+ S_("context")