[checkpolicy/f18] Space should be allowed for file trans names
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Mar 12 17:11:43 UTC 2013
commit 3151f4b9a8ea54d058de479866249d7c53379de0
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Mar 12 13:11:39 2013 -0400
Space should be allowed for file trans names
.gitignore | 1 +
checkpolicy-rhat.patch | 46 +++++++++++++---------------------------------
checkpolicy.spec | 47 ++++++++++++++++++++++++++++++++++-------------
sources | 2 +-
4 files changed, 49 insertions(+), 47 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 27c9541..876d17d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -88,3 +88,4 @@ checkpolicy-2.0.22.tgz
/checkpolicy-2.1.9.tgz
/checkpolicy-2.1.10.tgz
/checkpolicy-2.1.11.tgz
+/checkpolicy-2.1.12.tgz
diff --git a/checkpolicy-rhat.patch b/checkpolicy-rhat.patch
index c6c639c..2b1116b 100644
--- a/checkpolicy-rhat.patch
+++ b/checkpolicy-rhat.patch
@@ -1,33 +1,13 @@
-diff --git a/checkpolicy/checkmodule.c b/checkpolicy/checkmodule.c
-index 47603e0..cb58cf0 100644
---- a/checkpolicy/checkmodule.c
-+++ b/checkpolicy/checkmodule.c
-@@ -63,10 +63,12 @@ static int read_binary_policy(policydb_t * p, char *file, char *progname)
- if (fstat(fd, &sb) < 0) {
- fprintf(stderr, "Can't stat '%s': %s\n",
- file, strerror(errno));
-+ close(fd);
- return -1;
- }
- map =
- mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
-+ close(fd);
- if (map == MAP_FAILED) {
- fprintf(stderr, "Can't map '%s': %s\n", file, strerror(errno));
- return -1;
-diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
-index 8fa3214..2c12447 100644
---- a/checkpolicy/policy_define.c
-+++ b/checkpolicy/policy_define.c
-@@ -2341,7 +2341,10 @@ int define_role_trans(int class_specified)
- return -1;
- }
-
-- ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE);
-+ if (ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE)) {
-+ yyerror("out of memory");
-+ return -1;
-+ }
- }
-
- id = (char *)queue_remove(id_queue);
+diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
+index bba7667..f82c93b 100644
+--- a/checkpolicy/policy_scan.l
++++ b/checkpolicy/policy_scan.l
+@@ -240,7 +240,7 @@ HIGH { return(HIGH); }
+ low |
+ LOW { return(LOW); }
+ "/"({alnum}|[_\.\-/])* { return(PATH); }
+-\"({alnum}|[_\.\-\+\~])+\" { return(FILENAME); }
++\"({alnum}|[_\.\-\+\~ ])+\" { return(FILENAME); }
+ {letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))* { return(IDENTIFIER); }
+ {alnum}*{letter}{alnum}* { return(FILESYSTEM); }
+ {digit}+|0x{hexval}+ { return(NUMBER); }
diff --git a/checkpolicy.spec b/checkpolicy.spec
index 807796b..64fd94d 100644
--- a/checkpolicy.spec
+++ b/checkpolicy.spec
@@ -2,11 +2,12 @@
%define libsepolver 2.1.8-2
Summary: SELinux policy compiler
Name: checkpolicy
-Version: 2.1.11
+Version: 2.1.12
Release: 2%{?dist}
License: GPLv2
Group: Development/System
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: checkpolicy-rhat.patch
BuildRoot: %{_tmppath}/%{name}-buildroot
BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel >= %{libselinuxver}
@@ -27,6 +28,7 @@ Only required for building policies.
%prep
%setup -q
+%patch -p2 -b .rhat
%build
make clean
@@ -54,6 +56,26 @@ rm -rf ${RPM_BUILD_ROOT}
%{_bindir}/sedispol
%changelog
+* Tue Mar 12 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-2
+- Space should be allowed for file trans names
+
+* Thu Feb 7 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.12-1
+- Update to upstream
+ * Fix errors found by coverity
+ * implement default type policy syntax
+ * Free allocated memory when clean up / exit.
+
+* Sat Jan 5 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.11-3
+- Update to latest patches from eparis/Upstream
+- checkpolicy: libsepol: implement default type policy syntax
+-
+- We currently have a mechanism in which the default user, role, and range
+- can be picked up from the source or the target object. This implements
+- the same thing for types. The kernel will override this with type
+- transition rules and similar. This is just the default if nothing
+- specific is given.
+
+
* Wed Sep 19 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.11-2
- Rebuild with fixed libsepol
@@ -206,7 +228,7 @@ such a rule is added to a conditional.
* Wed Dec 8 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-2
- Rebuild to make sure it will build in Fedora
-* Mon Jun 16 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-1
+* Wed Jun 16 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.22-1
- Latest update from NSA
* Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
- Allow policy version to be one number
@@ -214,7 +236,7 @@ such a rule is added to a conditional.
* Mon May 3 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.21-2
- Fix checkmodule man page and usage statements
-* Tue Nov 1 2009 Dan Walsh <dwalsh at redhat.com> - 2.0.21-1
+* Sun Nov 1 2009 Dan Walsh <dwalsh at redhat.com> - 2.0.21-1
- Latest update from NSA
* Add support for building Xen policies from Paul Nuzzi.
* Add long options to checkpolicy and checkmodule by Guido
@@ -248,12 +270,12 @@ such a rule is added to a conditional.
- Latest update from NSA
* Update checkpolicy for user and role mapping support from Joshua Brindle.
-* Tue May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.15-1
+* Fri May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.15-1
- Latest update from NSA
* Fix for policy module versions that look like IPv4 addresses from Jim Carter.
Resolves bug 444451.
-* Tue May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-2
+* Fri May 2 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-2
- Allow modules with 4 sections or more
* Thu Mar 27 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.14-1
@@ -303,10 +325,10 @@ such a rule is added to a conditional.
* Tue Aug 28 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 2.0.3-3
- Rebuild for selinux ppc32 issue.
-* Thu Jun 18 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-2
+* Mon Jun 18 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-2
- Rebuild with the latest libsepol
-* Thu Jun 17 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-1
+* Sun Jun 17 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.3-1
- Latest update from NSA
* Merged fix for segfault on duplicate require of sensitivity from Caleb Case.
* Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
@@ -321,7 +343,7 @@ such a rule is added to a conditional.
* Wed Mar 28 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.1-2
- Rebuild with new libsepol
-* Tue Nov 20 2006 Dan Walsh <dwalsh at redhat.com> - 2.0.1-1
+* Mon Nov 20 2006 Dan Walsh <dwalsh at redhat.com> - 2.0.1-1
- Latest update from NSA
* Merged patch to allow dots in class identifiers from Caleb Case.
@@ -366,7 +388,7 @@ such a rule is added to a conditional.
from Joshua Brindle.
* Merged optionals in base take 2 patch set from Joshua Brindle.
-* Wed May 23 2006 Dan Walsh <dwalsh at redhat.com> - 1.30.5-1
+* Tue May 23 2006 Dan Walsh <dwalsh at redhat.com> - 1.30.5-1
- Latest upgrade from NSA
* Merged compiler cleanup patch from Karl MacMillan.
* Merged fix warnings patch from Karl MacMillan.
@@ -616,7 +638,7 @@ such a rule is added to a conditional.
* Added sepol_ prefix to Flask types to avoid namespace
collision with libselinux.
-* Fri May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.23-2-1
+* Sat May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.23-2-1
- Update to NSA Release
* Merged identifier fix from Joshua Brindle (Tresys).
@@ -694,7 +716,7 @@ such a rule is added to a conditional.
* Wed Aug 11 2004 Dan Walsh <dwalsh at redhat.com> 1.15.4-1
- Latest from NSA
-* Sat Aug 8 2004 Dan Walsh <dwalsh at redhat.com> 1.15.3-1
+* Sat Aug 7 2004 Dan Walsh <dwalsh at redhat.com> 1.15.3-1
- Latest from NSA
* Wed Aug 4 2004 Dan Walsh <dwalsh at redhat.com> 1.15.2-1
@@ -736,7 +758,7 @@ such a rule is added to a conditional.
* Mon Mar 15 2004 Dan Walsh <dwalsh at redhat.com> 1.8-1
- Upgrade to the latest from NSA
-* Mon Feb 24 2004 Dan Walsh <dwalsh at redhat.com> 1.6-1
+* Tue Feb 24 2004 Dan Walsh <dwalsh at redhat.com> 1.6-1
- Upgrade to the latest from NSA
* Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com>
@@ -768,4 +790,3 @@ such a rule is added to a conditional.
* Mon Jun 2 2003 Dan Walsh <dwalsh at redhat.com> 1.0-1
- Initial version
-
diff --git a/sources b/sources
index 18afb94..41aa3c0 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a39eec39a84161f88b63ce405549e5b6 checkpolicy-2.1.11.tgz
+36e9a62952239b4cdfbb9dcdcf292e14 checkpolicy-2.1.12.tgz
More information about the scm-commits
mailing list