[selinux-policy: 680/3172] fix error with file common being output, not file class (unique perms were missing)

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 20:03:42 UTC 2010 

commit 6e0542eb272f8ff5cc550be4532a8650f0e58571
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Wed Sep 21 20:01:21 2005 +0000

    fix error with file common being output, not file class (unique perms were missing)

 refpolicy/support/genclassperms.py |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)
---
diff --git a/refpolicy/support/genclassperms.py b/refpolicy/support/genclassperms.py
index 0de7d62..ba22b31 100755
--- a/refpolicy/support/genclassperms.py
+++ b/refpolicy/support/genclassperms.py
@@ -31,17 +31,21 @@ class Class:
 		# True if the class is declared as common, False if not.
 		self.common = common
 
-def get_perms(name, av_db):
+def get_perms(name, av_db, common):
 	"""
 	Returns the list of permissions contained within an access vector
 	class that is stored in the access vector database av_db.
 	Returns an empty list if the object name is not found.
+	Specifiy whether get_perms is to return the class or the
+	common set of permissions with the boolean value 'common',
+	which is important in the case of having duplicate names (such as
+	class file and common file).
 	"""
 
 	# Traverse through the access vector database and try to find the
 	#  object with the name passed.
 	for obj in av_db:
-		if obj.name == name:
+		if obj.name == name and obj.common == common:
 			return obj.perms
 
 	return []
@@ -153,7 +157,8 @@ def get_av_db(file_name):
 				# av_data[0] is the name of the parent.
 				# Append the permissions of the parent to
 				#  the current class' permissions.
-				perms += get_perms(av_data[0], database)
+				perms += get_perms(av_data[0], database, True)
+
 				# Dequeue the name of the parent.
 				av_data = av_data[1:]
 
@@ -247,8 +252,8 @@ def gen_class_perms(av_db, sc_db):
 		if obj.common == True:
 			continue
 
-		# Get the list of permissions.
-		perms = get_perms(obj.name, av_db)
+		# Get the list of permissions from the specified class.
+		perms = get_perms(obj.name, av_db, False)
 
 		# Merge all the permissions into one string with one space
 		#  padding.

More information about the scm-commits mailing list