* Re: [redhat-lspp] updated racoon patch [not found] ` <200609250843.09248.sgrubb@redhat.com> @ 2006-09-25 13:47 ` Steve Grubb 2006-09-29 14:55 ` Stephen Smalley 0 siblings, 1 reply; 2+ messages in thread From: Steve Grubb @ 2006-09-25 13:47 UTC (permalink / raw) To: redhat-lspp; +Cc: Stephen Smalley, Daniel Walsh, SELinux List On Monday 25 September 2006 08:43, Steve Grubb wrote: > This doesn't build. Where does the POLMATCH define come from? I can't find > it anywhere. Found that libselinux-devel and 2.6.18 kernel are not in sync. Please apply this patch: diff -ur libselinux-1.30.28.orig/include/selinux/av_permissions.h libselinux-1.30.28/include/selinux/av_permissions.h --- libselinux-1.30.28.orig/include/selinux/av_permissions.h 2006-09-25 09:44:13.000000000 -0400 +++ libselinux-1.30.28/include/selinux/av_permissions.h 2006-09-25 09:44:47.000000000 -0400 @@ -468,6 +468,7 @@ #define PROCESS__EXECSTACK 0x04000000UL #define PROCESS__EXECHEAP 0x08000000UL #define PROCESS__SETKEYCREATE 0x10000000UL +#define PROCESS__SETSOCKCREATE 0x20000000UL #define IPC__CREATE 0x00000001UL #define IPC__DESTROY 0x00000002UL @@ -910,6 +911,7 @@ #define ASSOCIATION__SENDTO 0x00000001UL #define ASSOCIATION__RECVFROM 0x00000002UL #define ASSOCIATION__SETCONTEXT 0x00000004UL +#define ASSOCIATION__POLMATCH 0x00000008UL #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL #define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [redhat-lspp] updated racoon patch 2006-09-25 13:47 ` [redhat-lspp] updated racoon patch Steve Grubb @ 2006-09-29 14:55 ` Stephen Smalley 0 siblings, 0 replies; 2+ messages in thread From: Stephen Smalley @ 2006-09-29 14:55 UTC (permalink / raw) To: Steve Grubb; +Cc: Christopher J. PeBenito, Daniel Walsh, SELinux List On Mon, 2006-09-25 at 09:47 -0400, Steve Grubb wrote: > On Monday 25 September 2006 08:43, Steve Grubb wrote: > > This doesn't build. Where does the POLMATCH define come from? I can't find > > it anywhere. > > Found that libselinux-devel and 2.6.18 kernel are not in sync. Please apply > this patch: > > diff -ur libselinux-1.30.28.orig/include/selinux/av_permissions.h libselinux-1.30.28/include/selinux/av_permissions.h > --- libselinux-1.30.28.orig/include/selinux/av_permissions.h 2006-09-25 09:44:13.000000000 -0400 > +++ libselinux-1.30.28/include/selinux/av_permissions.h 2006-09-25 09:44:47.000000000 -0400 > @@ -468,6 +468,7 @@ > #define PROCESS__EXECSTACK 0x04000000UL > #define PROCESS__EXECHEAP 0x08000000UL > #define PROCESS__SETKEYCREATE 0x10000000UL > +#define PROCESS__SETSOCKCREATE 0x20000000UL This one needs to be added to refpolicy too. > > #define IPC__CREATE 0x00000001UL > #define IPC__DESTROY 0x00000002UL > @@ -910,6 +911,7 @@ > #define ASSOCIATION__SENDTO 0x00000001UL > #define ASSOCIATION__RECVFROM 0x00000002UL > #define ASSOCIATION__SETCONTEXT 0x00000004UL > +#define ASSOCIATION__POLMATCH 0x00000008UL > > #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL > #define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL Acked-by: Stephen Smalley <sds@tycho.nsa.gov> -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-09-29 14:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <200609211855.k8LItkZw026669@faith.austin.ibm.com>
[not found] ` <200609250843.09248.sgrubb@redhat.com>
2006-09-25 13:47 ` [redhat-lspp] updated racoon patch Steve Grubb
2006-09-29 14:55 ` Stephen Smalley
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.