[checkpolicy/f18] Space should be allowed for file trans names

Daniel J Walsh dwalsh at fedoraproject.org
Tue Mar 12 17:11:43 UTC 2013 

commit 3151f4b9a8ea54d058de479866249d7c53379de0
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Tue Mar 12 13:11:39 2013 -0400

    Space should be allowed for file trans names

 .gitignore             |    1 +
 checkpolicy-rhat.patch |   46 +++++++++++++---------------------------------
 checkpolicy.spec       |   47 ++++++++++++++++++++++++++++++++++-------------
 sources                |    2 +-
 4 files changed, 49 insertions(+), 47 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 27c9541..876d17d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -88,3 +88,4 @@ checkpolicy-2.0.22.tgz
 /checkpolicy-2.1.9.tgz
 /checkpolicy-2.1.10.tgz
 /checkpolicy-2.1.11.tgz
+/checkpolicy-2.1.12.tgz
diff --git a/checkpolicy-rhat.patch b/checkpolicy-rhat.patch
index c6c639c..2b1116b 100644
--- a/checkpolicy-rhat.patch
+++ b/checkpolicy-rhat.patch
@@ -1,33 +1,13 @@
-diff --git a/checkpolicy/checkmodule.c b/checkpolicy/checkmodule.c
-index 47603e0..cb58cf0 100644
---- a/checkpolicy/checkmodule.c
-+++ b/checkpolicy/checkmodule.c
-@@ -63,10 +63,12 @@ static int read_binary_policy(policydb_t * p, char *file, char *progname)
- 	if (fstat(fd, &sb) < 0) {
- 		fprintf(stderr, "Can't stat '%s':  %s\n",
- 			file, strerror(errno));
-+		close(fd);
- 		return -1;
- 	}
- 	map =
- 	    mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
-+	close(fd);
- 	if (map == MAP_FAILED) {
- 		fprintf(stderr, "Can't map '%s':  %s\n", file, strerror(errno));
- 		return -1;
-diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
-index 8fa3214..2c12447 100644
---- a/checkpolicy/policy_define.c
-+++ b/checkpolicy/policy_define.c
-@@ -2341,7 +2341,10 @@ int define_role_trans(int class_specified)
- 			return -1;
- 		}
- 
--		ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE);
-+		if (ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE)) {
-+			yyerror("out of memory");
-+			return -1;
-+		}
- 	}
- 
- 	id = (char *)queue_remove(id_queue);
+diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
+index bba7667..f82c93b 100644
+--- a/checkpolicy/policy_scan.l
++++ b/checkpolicy/policy_scan.l
+@@ -240,7 +240,7 @@ HIGH				{ return(HIGH); }
+ low |
+ LOW				{ return(LOW); }
+ "/"({alnum}|[_\.\-/])*	        { return(PATH); }
+-\"({alnum}|[_\.\-\+\~])+\"	{ return(FILENAME); }
++\"({alnum}|[_\.\-\+\~ ])+\"	{ return(FILENAME); }
+ {letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))*	{ return(IDENTIFIER); }
+ {alnum}*{letter}{alnum}*        { return(FILESYSTEM); }
+ {digit}+|0x{hexval}+            { return(NUMBER); }
diff --git a/checkpolicy.spec b/checkpolicy.spec
index 807796b..64fd94d 100644
--- a/checkpolicy.spec
+++ b/checkpolicy.spec
@@ -2,11 +2,12 @@
 %define libsepolver 2.1.8-2
 Summary: SELinux policy compiler
 Name: checkpolicy
-Version: 2.1.11
+Version: 2.1.12
 Release: 2%{?dist}
 License: GPLv2
 Group: Development/System
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: checkpolicy-rhat.patch
 
 BuildRoot: %{_tmppath}/%{name}-buildroot
 BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel  >= %{libselinuxver} 
@@ -27,6 +28,7 @@ Only required for building policies.
 
 %prep
 %setup -q
+%patch -p2 -b .rhat
 
 %build
 make clean
@@ -54,6 +56,26 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_bindir}/sedispol
 
 %changelog
+* Tue Mar 12 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-2
+- Space should be allowed for file trans names
+
+* Thu Feb 7 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-1
+- Update to upstream 
+        * Fix errors found by coverity
+        * implement default type policy syntax
+        * Free allocated memory when clean up / exit.
+
+* Sat Jan 5 2013 Dan Walsh <dwalsh at redhat.com> -  2.1.11-3
+- Update to latest patches from eparis/Upstream
+-   checkpolicy: libsepol: implement default type policy syntax
+-   
+-   We currently have a mechanism in which the default user, role, and range
+-   can be picked up from the source or the target object.  This implements
+-   the same thing for types.  The kernel will override this with type
+-   transition rules and similar.  This is just the default if nothing
+-   specific is given.
+    
+
 * Wed Sep 19 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-2
 - Rebuild with fixed libsepol
 
@@ -206,7 +228,7 @@ such a rule is added to a conditional.
 * Wed Dec 8 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-2
 - Rebuild to make sure it will build in Fedora 
 
-* Mon Jun 16 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-1
+* Wed Jun 16 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-1
 - Latest update from NSA
 	* Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
 - Allow policy version to be one number
@@ -214,7 +236,7 @@ such a rule is added to a conditional.
 * Mon May 3 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.21-2
 - Fix checkmodule man page and usage statements
 
-* Tue Nov 1 2009 Dan Walsh <dwalsh at redhat.com> - 2.0.21-1
+* Sun Nov 1 2009 Dan Walsh <dwalsh at redhat.com> - 2.0.21-1
 - Latest update from NSA
 	* Add support for building Xen policies from Paul Nuzzi.
 	* Add long options to checkpolicy and checkmodule by Guido
@@ -248,12 +270,12 @@ such a rule is added to a conditional.
 - Latest update from NSA
 	* Update checkpolicy for user and role mapping support from Joshua Brindle.
 
-* Tue May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.15-1
+* Fri May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.15-1
 - Latest update from NSA
 	* Fix for policy module versions that look like IPv4 addresses from Jim Carter.
 	  Resolves bug 444451.
 
-* Tue May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-2
+* Fri May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-2
 - Allow modules with 4 sections or more
 
 * Thu Mar 27 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-1
@@ -303,10 +325,10 @@ such a rule is added to a conditional.
 * Tue Aug 28 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 2.0.3-3
 - Rebuild for selinux ppc32 issue.
 
-* Thu Jun 18 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-2
+* Mon Jun 18 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-2
 - Rebuild with the latest libsepol
 
-* Thu Jun 17 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-1
+* Sun Jun 17 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-1
 - Latest update from NSA
 	* Merged fix for segfault on duplicate require of sensitivity from Caleb Case.
 	* Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
@@ -321,7 +343,7 @@ such a rule is added to a conditional.
 * Wed Mar 28 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.1-2
 - Rebuild with new libsepol
 
-* Tue Nov 20 2006 Dan Walsh <dwalsh at redhat.com> - 2.0.1-1
+* Mon Nov 20 2006 Dan Walsh <dwalsh at redhat.com> - 2.0.1-1
 - Latest update from NSA
 	* Merged patch to allow dots in class identifiers from Caleb Case.
 
@@ -366,7 +388,7 @@ such a rule is added to a conditional.
 	  from Joshua Brindle.
 	* Merged optionals in base take 2 patch set from Joshua Brindle.
 
-* Wed May 23 2006 Dan Walsh <dwalsh at redhat.com> - 1.30.5-1
+* Tue May 23 2006 Dan Walsh <dwalsh at redhat.com> - 1.30.5-1
 - Latest upgrade from NSA
 	* Merged compiler cleanup patch from Karl MacMillan.
 	* Merged fix warnings patch from Karl MacMillan.	
@@ -616,7 +638,7 @@ such a rule is added to a conditional.
 	* Added sepol_ prefix to Flask types to avoid namespace
 	  collision with libselinux.
 
-* Fri May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.23-2-1
+* Sat May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.23-2-1
 - Update to NSA Release
 	* Merged identifier fix from Joshua Brindle (Tresys).
 
@@ -694,7 +716,7 @@ such a rule is added to a conditional.
 * Wed Aug 11 2004 Dan Walsh <dwalsh at redhat.com> 1.15.4-1
 - Latest from NSA
 
-* Sat Aug 8 2004 Dan Walsh <dwalsh at redhat.com> 1.15.3-1
+* Sat Aug 7 2004 Dan Walsh <dwalsh at redhat.com> 1.15.3-1
 - Latest from NSA
 
 * Wed Aug 4 2004 Dan Walsh <dwalsh at redhat.com> 1.15.2-1
@@ -736,7 +758,7 @@ such a rule is added to a conditional.
 * Mon Mar 15 2004 Dan Walsh <dwalsh at redhat.com> 1.8-1
 - Upgrade to the latest from NSA
 
-* Mon Feb 24 2004 Dan Walsh <dwalsh at redhat.com> 1.6-1
+* Tue Feb 24 2004 Dan Walsh <dwalsh at redhat.com> 1.6-1
 - Upgrade to the latest from NSA
 
 * Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com>
@@ -768,4 +790,3 @@ such a rule is added to a conditional.
 
 * Mon Jun 2 2003 Dan Walsh <dwalsh at redhat.com> 1.0-1
 - Initial version
-
diff --git a/sources b/sources
index 18afb94..41aa3c0 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a39eec39a84161f88b63ce405549e5b6  checkpolicy-2.1.11.tgz
+36e9a62952239b4cdfbb9dcdcf292e14  checkpolicy-2.1.12.tgz

More information about the scm-commits mailing list