From: Daniel J Walsh <dwalsh@redhat.com>
To: "Christopher J. PeBenito" <cpebenito@tresys.com>,
SE Linux <selinux@tycho.nsa.gov>
Subject: setools is still broken in rawhide.
Date: Fri, 01 Feb 2008 23:35:51 -0500 [thread overview]
Message-ID: <47A3F327.8000202@redhat.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 701 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch fixes two functions in libqpol/util.c
is_binpol_valid should return true if the policy version is greater than
or equal to the policy installed in the kernel.
search_binary_policy_file
Should return 0 on success, meaning it found a policy.
And return 1 if the return code is < 0;
Making these changes allows seinfo and sesearch to find policy.22 on a
machine running policy.21
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkej8yYACgkQrlYvE4MpobOeJQCfSLBDBI51Y/cpBqlauoN1GuOd
3EAAoMBfpuMexQ6XIXgJMYILwzYwMsXv
=Ggke
-----END PGP SIGNATURE-----
[-- Attachment #2: setools-3.3.2-validpol.patch --]
[-- Type: text/plain, Size: 757 bytes --]
diff -up setools-3.3.2/libqpol/src/util.c.validpol setools-3.3.2/libqpol/src/util.c
--- setools-3.3.2/libqpol/src/util.c.validpol 2008-02-01 23:28:54.000000000 -0500
+++ setools-3.3.2/libqpol/src/util.c 2008-02-01 23:28:58.000000000 -0500
@@ -74,7 +74,7 @@ static int is_binpol_valid(const char *p
}
ret_version = qpol_binpol_version(policy_fp);
fclose(policy_fp);
- return (ret_version == version);
+ return (ret_version >= version);
}
static int search_for_policyfile_with_ver(const char *binary_path, const int version, char **path)
@@ -198,7 +198,7 @@ static int search_binary_policy_file(cha
}
free(*path);
if ((rt = search_for_policyfile_with_ver(bin_path, current_version, path)) != 0) {
- return rt;
+ return rt < 0;
}
#endif
[-- Attachment #3: setools-3.3.2-validpol.patch.sig --]
[-- Type: application/octet-stream, Size: 72 bytes --]
next reply other threads:[~2008-02-02 4:35 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-02 4:35 Daniel J Walsh [this message]
2008-02-04 15:34 ` setools is still broken in rawhide Jeremy A. Mowery
2008-02-04 16:00 ` Stephen Smalley
2008-02-04 18:19 ` Jeremy A. Mowery
2008-02-04 18:55 ` Daniel J Walsh
2008-02-05 13:05 ` Christopher J. PeBenito
2008-02-05 13:26 ` Daniel J Walsh
2008-02-04 20:32 ` Stephen Smalley
2008-02-04 16:01 ` Daniel J Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47A3F327.8000202@redhat.com \
--to=dwalsh@redhat.com \
--cc=cpebenito@tresys.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.