rpms/checkpolicy/devel .cvsignore, 1.51, 1.52 checkpolicy-rhat.patch, 1.5, 1.6 checkpolicy.spec, 1.78, 1.79 sources, 1.52, 1.53
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Dec 1 20:02:50 UTC 2005
- Previous message (by thread): rpms/shared-mime-info/devel .cvsignore, 1.6, 1.7 shared-mime-info.spec, 1.26, 1.27 sources, 1.6, 1.7
- Next message (by thread): rpms/anaconda/devel .cvsignore, 1.183, 1.184 anaconda.spec, 1.301, 1.302 sources, 1.301, 1.302
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/checkpolicy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv5210
Modified Files:
.cvsignore checkpolicy-rhat.patch checkpolicy.spec sources
Log Message:
* Thu Dec 1 2005 Dan Walsh <dwalsh at redhat.com> 1.27.19-1
- Latest upgrade from NSA
* Added error checking of all ebitmap_set_bit calls for out of
memory conditions.
* Merged removal of compatibility handling of netlink classes
(requirement that policies with newer versions include the
netlink class definitions, remapping of fine-grained netlink
classes in newer source policies to single netlink class when
generating older policies) from George Coker.
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/checkpolicy/devel/.cvsignore,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- .cvsignore 25 Oct 2005 19:18:26 -0000 1.51
+++ .cvsignore 1 Dec 2005 20:02:47 -0000 1.52
@@ -34,3 +34,4 @@
checkpolicy-1.27.11.tgz
checkpolicy-1.27.16.tgz
checkpolicy-1.27.17.tgz
+checkpolicy-1.27.19.tgz
checkpolicy-rhat.patch:
Makefile | 1 +
checkmodule.8 | 45 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 46 insertions(+)
Index: checkpolicy-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/checkpolicy/devel/checkpolicy-rhat.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- checkpolicy-rhat.patch 22 Aug 2005 18:13:47 -0000 1.5
+++ checkpolicy-rhat.patch 1 Dec 2005 20:02:47 -0000 1.6
@@ -1,29 +1,60 @@
-Index: checkpolicy/policy_parse.y
-===================================================================
-RCS file: /nfshome/pal/CVS/selinux-usr/checkpolicy/policy_parse.y,v
-retrieving revision 1.41
-diff -u -p -r1.41 policy_parse.y
---- checkpolicy/policy_parse.y 15 Aug 2005 16:10:56 -0000 1.41
-+++ checkpolicy/policy_parse.y 22 Aug 2005 17:49:36 -0000
-@@ -2965,6 +2965,7 @@ static int define_validatetrans(constrai
- ebitmap_t classmap;
- constraint_expr_t *e;
- int depth;
-+ unsigned char useexpr = 1;
+diff --exclude-from=exclude -N -u -r nsacheckpolicy/checkmodule.8 checkpolicy-1.27.19/checkmodule.8
+--- nsacheckpolicy/checkmodule.8 1969-12-31 19:00:00.000000000 -0500
++++ checkpolicy-1.27.19/checkmodule.8 2005-12-01 15:00:22.000000000 -0500
+@@ -0,0 +1,45 @@
++.TH CHECKMODULE 8
++.SH NAME
++checkmodule \- SELinux policy module compiler
++.SH SYNOPSIS
++.B checkmodule
++.I "[-b] [-d] [-M] [-c policyvers] [-o output_file] [input_file]"
++ .br
++.SH "DESCRIPTION"
++This manual page describes the
++.BR checkmodule
++command.
++.PP
++.B checkmodule
++is a program that checks and compiles a SELinux security policy module
++into a binary representation. Use semodule_package to combine this module with
++its optional file context to create a policy package that can be loaded into the kernel.
++
++.SH OPTIONS
++.TP
++.B \-b
++Read an existing binary policy file rather than a source policy.conf file.
++.TP
++.B \-d
++Enter debug mode after loading the policy.
++.TP
++.B \-M
++Enable the MLS policy when checking and compiling the policy.
++.TP
++.B \-o filename
++Write a binary policy file to the specified filename.
++.TP
++.B \-c policyvers
++Specify the policy version, defaults to the latest.
++
++.SH "SEE ALSO"
++.B load_policy(8), semodule(8), semodule_package(8), semodule_expand(8), semodule_link(8)
++SELinux documentation at http://www.nsa.gov/selinux/docs.html,
++especially "Configuring the SELinux Policy".
++
++
++.SH AUTHOR
++This manual page was copied from the checkpolicy man page
++written by Arpad Magosanyi <mag at bunuel.tii.matav.hu>,
++and edited by Dan Walsh <dwalsh at redhat.com>.
++The program was written by Stephen Smalley <sds at epoch.ncsc.mil>.
+diff --exclude-from=exclude -N -u -r nsacheckpolicy/Makefile checkpolicy-1.27.19/Makefile
+--- nsacheckpolicy/Makefile 2005-09-12 16:30:34.000000000 -0400
++++ checkpolicy-1.27.19/Makefile 2005-12-01 15:00:34.000000000 -0500
+@@ -45,6 +45,7 @@
+ -mkdir -p $(MANDIR)/man8
+ install -m 755 $(TARGETS) $(BINDIR)
+ install -m 644 checkpolicy.8 $(MANDIR)/man8
++ install -m 644 checkmodule.8 $(MANDIR)/man8
- if (pass == 1) {
- while ((id = queue_remove(id_queue)))
-@@ -3035,7 +3036,12 @@ static int define_validatetrans(constrai
- return -1;
- }
- memset(node, 0, sizeof(constraint_node_t));
-- node->expr = expr;
-+ if (useexpr) {
-+ node->expr = expr;
-+ useexpr = 0;
-+ } else {
-+ node->expr = constraint_expr_clone(expr);
-+ }
- node->permissions = 0;
-
- node->next = cladatum->validatetrans;
+ relabel: install
+ /sbin/restorecon $(BINDIR)/checkpolicy
Index: checkpolicy.spec
===================================================================
RCS file: /cvs/dist/rpms/checkpolicy/devel/checkpolicy.spec,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -r1.78 -r1.79
--- checkpolicy.spec 10 Nov 2005 02:44:34 -0000 1.78
+++ checkpolicy.spec 1 Dec 2005 20:02:47 -0000 1.79
@@ -1,11 +1,13 @@
-%define libsepolver 1.9.39-1
+%define libsepolver 1.9.41-1
Summary: SELinux policy compiler
Name: checkpolicy
-Version: 1.27.17
-Release: 7
+Version: 1.27.19
+Release: 1
License: GPL
Group: Development/System
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: checkpolicy-rhat.patch
+
BuildRoot: %{_tmppath}/%{name}-buildroot
BuildRequires: byacc flex libsepol-devel >= %{libsepolver} libselinux-devel
@@ -25,6 +27,7 @@
%prep
%setup -q
+%patch -p1 -b .rhat
%build
make LIBDIR="%{_libdir}" CFLAGS="%{optflags}"
@@ -42,8 +45,19 @@
%{_bindir}/checkpolicy
%{_bindir}/checkmodule
%{_mandir}/man8/checkpolicy.8.gz
+%{_mandir}/man8/checkmodule.8.gz
%changelog
+* Thu Dec 1 2005 Dan Walsh <dwalsh at redhat.com> 1.27.19-1
+- Latest upgrade from NSA
+ * Added error checking of all ebitmap_set_bit calls for out of
+ memory conditions.
+ * Merged removal of compatibility handling of netlink classes
+ (requirement that policies with newer versions include the
+ netlink class definitions, remapping of fine-grained netlink
+ classes in newer source policies to single netlink class when
+ generating older policies) from George Coker.
+
* Tue Nov 8 2005 Dan Walsh <dwalsh at redhat.com> 1.27.17-7
- Rebuild to get latest libsepol
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/checkpolicy/devel/sources,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- sources 25 Oct 2005 19:18:26 -0000 1.52
+++ sources 1 Dec 2005 20:02:47 -0000 1.53
@@ -1 +1 @@
-c1233892de26b1935142aacbca84b042 checkpolicy-1.27.17.tgz
+37c62ce4447586c8e5311133e9ffa489 checkpolicy-1.27.19.tgz
- Previous message (by thread): rpms/shared-mime-info/devel .cvsignore, 1.6, 1.7 shared-mime-info.spec, 1.26, 1.27 sources, 1.6, 1.7
- Next message (by thread): rpms/anaconda/devel .cvsignore, 1.183, 1.184 anaconda.spec, 1.301, 1.302 sources, 1.301, 1.302
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list