[checkpolicy/f16] Allow ~ in FILENAMEs
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Nov 14 16:42:23 UTC 2011
commit 79788149dd5e9f77c526a3456736acc039cdcc5a
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Nov 14 11:42:20 2011 -0500
Allow ~ in FILENAMEs
checkpolicy-rhat.patch | 58 +++++++++++++++++++++++++----------------------
checkpolicy.spec | 5 +++-
2 files changed, 35 insertions(+), 28 deletions(-)
---
diff --git a/checkpolicy-rhat.patch b/checkpolicy-rhat.patch
index 0e33433..57a9153 100644
--- a/checkpolicy-rhat.patch
+++ b/checkpolicy-rhat.patch
@@ -1,21 +1,7 @@
-diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
-index fdf2d92..0e08965 100644
---- a/checkpolicy/test/dispol.c
-+++ b/checkpolicy/test/dispol.c
-@@ -365,7 +365,7 @@ static void display_filename_trans(policydb_t *p, FILE *fp)
- display_id(p, fp, SYM_TYPES, ft->ttype - 1, "");
- display_id(p, fp, SYM_CLASSES, ft->tclass - 1, ":");
- display_id(p, fp, SYM_TYPES, ft->otype - 1, "");
-- fprintf(fp, "%s\n", ft->name);
-+ fprintf(fp, " %s\n", ft->name);
- }
- }
-
-diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y
-index 49ac15f..1e3ef6f 100644
---- a/checkpolicy/policy_parse.y
-+++ b/checkpolicy/policy_parse.y
-@@ -353,7 +353,7 @@ cond_rule_def : cond_transition_def
+diff -up checkpolicy-2.1.3/policy_parse.y.rhat checkpolicy-2.1.3/policy_parse.y
+--- checkpolicy-2.1.3/policy_parse.y.rhat 2011-08-18 06:47:32.000000000 -0400
++++ checkpolicy-2.1.3/policy_parse.y 2011-11-14 11:37:40.727277673 -0500
+@@ -348,7 +348,7 @@ cond_rule_def : cond_transitio
| require_block
{ $$ = NULL; }
;
@@ -24,7 +10,7 @@ index 49ac15f..1e3ef6f 100644
{ $$ = define_cond_filename_trans() ;
if ($$ == COND_ERR) return -1;}
| TYPE_TRANSITION names names ':' names identifier ';'
-@@ -391,7 +391,7 @@ cond_dontaudit_def : DONTAUDIT names names ':' names names ';'
+@@ -386,7 +386,7 @@ cond_dontaudit_def : DONTAUDIT names nam
{ $$ = define_cond_te_avtab(AVRULE_DONTAUDIT);
if ($$ == COND_ERR) return -1; }
;
@@ -33,19 +19,25 @@ index 49ac15f..1e3ef6f 100644
{if (define_filename_trans()) return -1; }
| TYPE_TRANSITION names names ':' names identifier ';'
{if (define_compute_type(AVRULE_TRANSITION)) return -1;}
-diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
-index a61e0db..2ba5971 100644
---- a/checkpolicy/policy_scan.l
-+++ b/checkpolicy/policy_scan.l
-@@ -227,7 +227,6 @@ PERMISSIVE { return(PERMISSIVE); }
+diff -up checkpolicy-2.1.3/policy_scan.l.rhat checkpolicy-2.1.3/policy_scan.l
+--- checkpolicy-2.1.3/policy_scan.l.rhat 2011-08-18 06:47:32.000000000 -0400
++++ checkpolicy-2.1.3/policy_scan.l 2011-11-14 11:39:07.764330673 -0500
+@@ -225,11 +225,10 @@ PERMISSIVE { return(PERMISSIVE); }
{digit}{1,3}(\.{digit}{1,3}){3} { return(IPV4_ADDR); }
{hexval}{0,4}":"{hexval}{0,4}":"({hexval}|[:.])* { return(IPV6_ADDR); }
{digit}+(\.({alnum}|[_.])*)? { return(VERSION_IDENTIFIER); }
-\"({alnum}|[_\.\-])+\" { return(FILENAME); }
{alnum}* { return(FILENAME); }
- \.({alnum}|[_\.\-])* { return(FILENAME); }
- {letter}+([-_\.]|{alnum})+ { return(FILENAME); }
-@@ -253,6 +252,7 @@ PERMISSIVE { return(PERMISSIVE); }
+-\.({alnum}|[_\.\-])* { return(FILENAME); }
+-{letter}+([-_\.]|{alnum})+ { return(FILENAME); }
+-([_\.]){alnum}+ { return(FILENAME); }
++\.({alnum}|[_\.\-\~])* { return(FILENAME); }
++{letter}+([-_\.\~]|{alnum})+ { return(FILENAME); }
++([_\.\~]){alnum}+ { return(FILENAME); }
+ #line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); }
+ #line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; }
+ #[^\n]* { /* delete comments */ }
+@@ -251,6 +250,7 @@ PERMISSIVE { return(PERMISSIVE); }
"-" |
"." |
"]" |
@@ -53,3 +45,15 @@ index a61e0db..2ba5971 100644
"~" |
"*" { return(yytext[0]); }
. { yywarn("unrecognized character");}
+diff -up checkpolicy-2.1.3/test/dispol.c.rhat checkpolicy-2.1.3/test/dispol.c
+--- checkpolicy-2.1.3/test/dispol.c.rhat 2011-08-18 06:47:32.000000000 -0400
++++ checkpolicy-2.1.3/test/dispol.c 2011-11-14 11:37:40.726277672 -0500
+@@ -365,7 +365,7 @@ static void display_filename_trans(polic
+ display_id(p, fp, SYM_TYPES, ft->ttype - 1, "");
+ display_id(p, fp, SYM_CLASSES, ft->tclass - 1, ":");
+ display_id(p, fp, SYM_TYPES, ft->otype - 1, "");
+- fprintf(fp, "%s\n", ft->name);
++ fprintf(fp, " %s\n", ft->name);
+ }
+ }
+
diff --git a/checkpolicy.spec b/checkpolicy.spec
index 57178de..33d5c77 100644
--- a/checkpolicy.spec
+++ b/checkpolicy.spec
@@ -2,7 +2,7 @@
Summary: SELinux policy compiler
Name: checkpolicy
Version: 2.1.3
-Release: 1.2%{?dist}
+Release: 1.3%{?dist}
License: GPLv2
Group: Development/System
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -55,6 +55,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_bindir}/sedispol
%changelog
+* Mon Nov 14 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.3-1.3
+- Allow ~ in FILENAMEs
+
* Wed Sep 21 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.3-1.2
- Try again
More information about the scm-commits
mailing list