Added a patch so third party policy makers can identify ports as port_types

Added a patch so third party policy makers can identify ports as port_types

[Daniel J Walsh]

[-- Attachment #1: Type: text/plain, Size: 2 bytes --]




[-- Attachment #2: corenet_port_type.patch --]
[-- Type: text/x-patch, Size: 1362 bytes --]

--- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in	2007-02-19 11:32:51.000000000 -0500
+++ serefpolicy-2.5.10/policy/modules/kernel/corenetwork.if.in	2007-03-22 15:06:58.000000000 -0400
@@ -1977,3 +1977,57 @@
 
 	typeattribute $1 corenet_unconfined_type;
 ')
+
+########################################
+## <summary>
+##	Define type to be a network port type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Type to be used for network ports.
+##	</summary>
+## </param>
+#
+interface(`corenet_port_type',`
+	gen_require(`
+		attribute port_type;
+	')
+
+	typeattribute $1 port_type;
+')
+
+########################################
+## <summary>
+##	Define network type to be a reserved port (lt 1024) 
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Type to be used for network ports.
+##	</summary>
+## </param>
+#
+interface(`corenet_reserved_port_type',`
+	gen_require(`
+		attribute reserved_port_type;
+	')
+
+	typeattribute $1 reserved_port_type;
+')
+
+########################################
+## <summary>
+##	Define network type to be a rpc port ( 512 lt PORT lt 1024) 
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Type to be used for network ports.
+##	</summary>
+## </param>
+#
+interface(`corenet_rpc_port_type',`
+	gen_require(`
+		attribute rpc_port_type;
+	')
+
+	typeattribute $1 rpc_port_type;
+')

Re: Added a patch so third party policy makers can identify ports as port_types

[Christopher J. PeBenito]

On Fri, 2007-03-23 at 15:09 -0400, Daniel J Walsh wrote:
> --- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in      2007-02-19 11:32:51.000000000 -0500
> +++ serefpolicy-2.5.10/policy/modules/kernel/corenetwork.if.in  2007-03-22 15:06:58.000000000 -0400
> @@ -1977,3 +1977,57 @@
>  
>         typeattribute $1 corenet_unconfined_type;
>  ')
> +
> +########################################
> +## <summary>
> +##     Define type to be a network port type
> +## </summary>
> +## <param name="domain">
> +##     <summary>
> +##     Type to be used for network ports.
> +##     </summary>
> +## </param>
> +#
> +interface(`corenet_port_type',`
> +       gen_require(`
> +               attribute port_type;
> +       ')
> +
> +       typeattribute $1 port_type;
> +')
> +
> +########################################
> +## <summary>
> +##     Define network type to be a reserved port (lt 1024) 
> +## </summary>
> +## <param name="domain">
> +##     <summary>
> +##     Type to be used for network ports.
> +##     </summary>
> +## </param>
> +#
> +interface(`corenet_reserved_port_type',`
> +       gen_require(`
> +               attribute reserved_port_type;
> +       ')
> +
> +       typeattribute $1 reserved_port_type;
> +')
> +
> +########################################
> +## <summary>
> +##     Define network type to be a rpc port ( 512 lt PORT lt 1024) 
> +## </summary>
> +## <param name="domain">
> +##     <summary>
> +##     Type to be used for network ports.
> +##     </summary>
> +## </param>
> +#
> +interface(`corenet_rpc_port_type',`
> +       gen_require(`
> +               attribute rpc_port_type;
> +       ')
> +
> +       typeattribute $1 rpc_port_type;
> +')

Merged, but dropped _type out of the interface names.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.