diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch index f349caf..d9f8e1d 100644 --- a/policycoreutils-gui.patch +++ b/policycoreutils-gui.patch @@ -2184,8 +2184,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc + app.stand_alone() diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py --- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.7/gui/polgen.py 2007-03-29 12:10:22.000000000 -0400 -@@ -0,0 +1,437 @@ ++++ policycoreutils-2.0.7/gui/polgen.py 2007-04-03 14:54:50.000000000 -0400 +@@ -0,0 +1,436 @@ +#! /usr/bin/python +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information @@ -2368,7 +2368,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + + for i in self.in_udp: + rec = self.find_port(int(i)) -+ print i, rec + if rec == None: + self.need_udp_type = True; + else: @@ -2398,8 +2397,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + def generate_network_rules(self): + newte = "" + tcp = len(self.in_tcp) + len(self.out_tcp) -+ udp = len(self.in_udp) + len(self.out_tcp) -+ ++ udp = len(self.in_udp) + len(self.out_udp) + if tcp > 0 or udp > 0: + newte = "\n" + @@ -2613,6 +2611,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore + mypolicy.add_dir("/var/lib/daemon") + mypolicy.add_dir("/etc/daemon") + mypolicy.add_dir("/etc/daemon/special") ++ mypolicy.set_out_tcp("8000") + print mypolicy.generate() +# mypolicy = policy("inetd", "/usr/sbin/inetd", 1) +# mypolicy.generate() diff --git a/policycoreutils.spec b/policycoreutils.spec index 4624d7f..52bce08 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities. Name: policycoreutils Version: 2.0.7 -Release: 8%{?dist} +Release: 9%{?dist} License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then fi %changelog +* Tue Apr 3 2007 Dan Walsh 2.0.7-9 +- Fix polgen.py to not generate udp rules on tcp input + * Fri Mar 30 2007 Dan Walsh 2.0.7-8 - system-config-selinux should be able to run on a disabled system, - at least enough to get it enabled.