* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9

- Fix polgen.py to not generate udp rules on tcp input
2007-04-03 18:58:42 +00:00 · 2007-04-03 18:58:42 +00:00 · 3001352ed7
commit 3001352ed7
parent 983d80958f
2 changed files with 8 additions and 6 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -2184,8 +2184,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/polgen.py	2007-03-29 12:10:22.000000000 -0400
-@@ -0,0 +1,437 @@
+++ policycoreutils-2.0.7/gui/polgen.py	2007-04-03 14:54:50.000000000 -0400
+@@ -0,0 +1,436 @@
 +#! /usr/bin/python
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -2368,7 +2368,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +                        
 +                for i in self.in_udp:
 +                    rec = self.find_port(int(i))
-+                    print i, rec
 +                    if rec == None:
 +                        self.need_udp_type = True;
 +                    else:
@ -2398,8 +2397,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +	def generate_network_rules(self):
 +		newte = ""
 +		tcp = len(self.in_tcp) + len(self.out_tcp)
-+		udp = len(self.in_udp) + len(self.out_tcp)
-+                
+		udp = len(self.in_udp) + len(self.out_udp)
 +		if tcp >  0 or udp > 0:
 +                    newte = "\n"
 +
@ -2613,6 +2611,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +    mypolicy.add_dir("/var/lib/daemon")
 +    mypolicy.add_dir("/etc/daemon")
 +    mypolicy.add_dir("/etc/daemon/special")
+    mypolicy.set_out_tcp("8000")
 +    print mypolicy.generate()
 +#    mypolicy = policy("inetd", "/usr/sbin/inetd", 1)
 +#    mypolicy.generate()
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
 Version: 2.0.7
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
 fi

 %changelog
+* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
+- Fix polgen.py to not generate udp rules on tcp input
+
 * Fri Mar 30 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-8
 - system-config-selinux should be able to run on a disabled system,
 - at least enough to get it enabled.