From 8ffc2801edc5a8df6897076834983f4ea2a17c7b Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jul 11 2007 14:52:47 +0000
Subject: - Update to match flask/access_vectors in policy


---

diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index c7b38bd..09b772e 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,3 +1,73 @@
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.23/include/selinux/av_permissions.h
+--- nsalibselinux/include/selinux/av_permissions.h	2006-11-16 17:15:18.000000000 -0500
++++ libselinux-2.0.23/include/selinux/av_permissions.h	2007-07-11 10:06:56.000000000 -0400
+@@ -290,12 +290,16 @@
+ #define NODE__RAWIP_RECV                          0x00000010UL
+ #define NODE__RAWIP_SEND                          0x00000020UL
+ #define NODE__ENFORCE_DEST                        0x00000040UL
++#define NODE__DCCP_RECV                           0x00000080UL
++#define NODE__DCCP_SEND                           0x00000100UL
+ #define NETIF__TCP_RECV                           0x00000001UL
+ #define NETIF__TCP_SEND                           0x00000002UL
+ #define NETIF__UDP_RECV                           0x00000004UL
+ #define NETIF__UDP_SEND                           0x00000008UL
+ #define NETIF__RAWIP_RECV                         0x00000010UL
+ #define NETIF__RAWIP_SEND                         0x00000020UL
++#define NETIF__DCCP_RECV                          0x00000040UL
++#define NETIF__DCCP_SEND                          0x00000080UL
+ #define NETLINK_SOCKET__IOCTL                     0x00000001UL
+ #define NETLINK_SOCKET__READ                      0x00000002UL
+ #define NETLINK_SOCKET__WRITE                     0x00000004UL
+@@ -837,6 +841,8 @@
+ #define NSCD__SHMEMPWD                            0x00000020UL
+ #define NSCD__SHMEMGRP                            0x00000040UL
+ #define NSCD__SHMEMHOST                           0x00000080UL
++#define NSCD__GETSERV                             0x00000100UL
++#define NSCD__SHMEMSERV                           0x00000200UL
+ #define ASSOCIATION__SENDTO                       0x00000001UL
+ #define ASSOCIATION__RECVFROM                     0x00000002UL
+ #define ASSOCIATION__SETCONTEXT                   0x00000004UL
+@@ -897,3 +903,28 @@
+ #define KEY__CREATE                               0x00000040UL
+ #define CONTEXT__TRANSLATE                        0x00000001UL
+ #define CONTEXT__CONTAINS                         0x00000002UL
++#define DCCP_SOCKET__IOCTL                        0x00000001UL
++#define DCCP_SOCKET__READ                         0x00000002UL
++#define DCCP_SOCKET__WRITE                        0x00000004UL
++#define DCCP_SOCKET__CREATE                       0x00000008UL
++#define DCCP_SOCKET__GETATTR                      0x00000010UL
++#define DCCP_SOCKET__SETATTR                      0x00000020UL
++#define DCCP_SOCKET__LOCK                         0x00000040UL
++#define DCCP_SOCKET__RELABELFROM                  0x00000080UL
++#define DCCP_SOCKET__RELABELTO                    0x00000100UL
++#define DCCP_SOCKET__APPEND                       0x00000200UL
++#define DCCP_SOCKET__BIND                         0x00000400UL
++#define DCCP_SOCKET__CONNECT                      0x00000800UL
++#define DCCP_SOCKET__LISTEN                       0x00001000UL
++#define DCCP_SOCKET__ACCEPT                       0x00002000UL
++#define DCCP_SOCKET__GETOPT                       0x00004000UL
++#define DCCP_SOCKET__SETOPT                       0x00008000UL
++#define DCCP_SOCKET__SHUTDOWN                     0x00010000UL
++#define DCCP_SOCKET__RECVFROM                     0x00020000UL
++#define DCCP_SOCKET__SENDTO                       0x00040000UL
++#define DCCP_SOCKET__RECV_MSG                     0x00080000UL
++#define DCCP_SOCKET__SEND_MSG                     0x00100000UL
++#define DCCP_SOCKET__NAME_BIND                    0x00200000UL
++#define DCCP_SOCKET__NODE_BIND                    0x00400000UL
++#define DCCP_SOCKET__NAME_CONNECT                 0x00800000UL
++#define MEMPROTECT__MMAP_ZERO                     0x00000001UL
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/flask.h libselinux-2.0.23/include/selinux/flask.h
+--- nsalibselinux/include/selinux/flask.h	2006-11-16 17:15:18.000000000 -0500
++++ libselinux-2.0.23/include/selinux/flask.h	2007-07-11 10:07:03.000000000 -0400
+@@ -64,6 +64,8 @@
+ #define SECCLASS_PACKET                                  57
+ #define SECCLASS_KEY                                     58
+ #define SECCLASS_CONTEXT                                 59
++#define SECCLASS_DCCP_SOCKET                             60
++#define SECCLASS_MEMPROTECT                              61
+ 
+ /*
+  * Security identifier indices for initial entities
 diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.23/Makefile
 --- nsalibselinux/Makefile	2007-06-01 10:44:08.000000000 -0400
 +++ libselinux-2.0.23/Makefile	2007-06-26 05:11:37.000000000 -0400
diff --git a/libselinux.spec b/libselinux.spec
index ab42574..d566945 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -2,7 +2,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.0.23
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -123,6 +123,9 @@ exit 0
 %{_libdir}/python*/site-packages/selinux.py*
 
 %changelog
+* Wed Jul 11 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.23-3
+- Update to match flask/access_vectors in policy
+
 * Tue Jul 10 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.23-2
 - Fix man page markup lanquage for translations