[policycoreutils] Ignore permissive commands in interfaces

Daniel J Walsh dwalsh at fedoraproject.org
Thu Sep 29 14:56:52 UTC 2011 

commit b6236f90238a2594b2eb288143be0e014a9702d1
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu Sep 29 10:56:39 2011 -0400

    Ignore permissive commands in interfaces

 policycoreutils-sepolgen.patch |   39 +++++++++++++++++++++++++++++++++++++++
 policycoreutils.spec           |    5 ++++-
 2 files changed, 43 insertions(+), 1 deletions(-)
---
diff --git a/policycoreutils-sepolgen.patch b/policycoreutils-sepolgen.patch
index 03f07da..ee09b7c 100644
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@@ -181,3 +181,42 @@ index 0e6b502..6ce892c 100644
              self.module.children.append(rule)
  
  
+diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
+index 1a2eec8..955784d 100644
+--- a/sepolgen/src/sepolgen/refparser.py
++++ b/sepolgen/src/sepolgen/refparser.py
+@@ -109,6 +109,7 @@ tokens = (
+     'DONTAUDIT',
+     'AUDITALLOW',
+     'NEVERALLOW',
++    'PERMISSIVE',
+     'TYPE_TRANSITION',
+     'TYPE_CHANGE',
+     'TYPE_MEMBER',
+@@ -170,6 +171,7 @@ reserved = {
+     'dontaudit' : 'DONTAUDIT',
+     'auditallow' : 'AUDITALLOW',
+     'neverallow' : 'NEVERALLOW',
++    'permissive' : 'PERMISSIVE',
+     'type_transition' : 'TYPE_TRANSITION',
+     'type_change' : 'TYPE_CHANGE',
+     'type_member' : 'TYPE_MEMBER',
+@@ -490,6 +492,7 @@ def p_policy_stmt(p):
+                    | interface_call
+                    | role_def
+                    | role_allow
++                   | permissive
+                    | type_def
+                    | typealias_def
+                    | attribute_def
+@@ -747,6 +750,10 @@ def p_role_allow(p):
+     r.tgt_roles = p[3]
+     p[0] = r
+ 
++def p_permissive(p):
++    'permissive : PERMISSIVE names SEMI'
++    t.skip(1)
++
+ def p_avrule_def(p):
+     '''avrule_def : ALLOW names names COLON names names SEMI
+                   | DONTAUDIT names names COLON names names SEMI
diff --git a/policycoreutils.spec b/policycoreutils.spec
index aa63752..86d15e1 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.6
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -352,6 +352,9 @@ fi
 /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Thu Sep 29 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.6-3
+- Ignore permissive commands in interfaces
+
 * Thu Sep 29 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.6-2
 - Remove gnome requirement from polgengui

More information about the scm-commits mailing list