Only call gen_requires once.

All of lore.kernel.org
 help / color / mirror / Atom feed

* Only call gen_requires once.
@ 2008-09-11 13:35 Daniel J Walsh
  2008-09-12 13:59 ` Joshua Brindle
  0 siblings, 1 reply; 2+ messages in thread
From: Daniel J Walsh @ 2008-09-11 13:35 UTC (permalink / raw)
  To: SE Linux

[-- Attachment #1: Type: text/plain, Size: 461 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Currently audit2allow/sepolgen will create two identical gen_requires
block if you have allow rules and a role statement.

This patch fixes this problem.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjJHroACgkQrlYvE4MpobPgMQCghgAMBtaQO0BeZX+ug6IwsWB8
bNEAoMkRo4cZa0iJhGoGMmCvy5ncGpj8
=gMFg
-----END PGP SIGNATURE-----

[-- Attachment #2: diffsepol --]
[-- Type: text/plain, Size: 1184 bytes --]

diff --exclude-from=exclude -N -u -r nsasepolgen/src/sepolgen/policygen.py policycoreutils-2.0.55/sepolgen-1.0.13/src/sepolgen/policygen.py
--- nsasepolgen/src/sepolgen/policygen.py	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.55/sepolgen-1.0.13/src/sepolgen/policygen.py	2008-09-11 09:26:52.000000000 -0400
@@ -134,6 +134,10 @@
             m.refpolicy = False
 
     def get_module(self):
+        # Generate the requires
+        if self.gen_requires:
+            gen_requires(self.module)
+
         """Return the generated module"""
         return self.module
 
@@ -163,18 +167,10 @@
         # Generate the raw allow rules from the filtered list
         self.__add_allow_rules(raw_allow)
 
-        # Generate the requires
-        if self.gen_requires:
-            gen_requires(self.module)
-
     def add_role_types(self, role_type_set):
         for role_type in role_type_set:
             self.module.children.append(role_type)
 
-        # Generate the requires
-        if self.gen_requires:
-            gen_requires(self.module)
-
 def explain_access(av, ml=None, verbosity=SHORT_EXPLANATION):
     """Explain why a policy statement was generated.
 

[-- Attachment #3: diffsepol.sig --]
[-- Type: application/octet-stream, Size: 72 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Only call gen_requires once.
  2008-09-11 13:35 Only call gen_requires once Daniel J Walsh
@ 2008-09-12 13:59 ` Joshua Brindle
  0 siblings, 0 replies; 2+ messages in thread
From: Joshua Brindle @ 2008-09-12 13:59 UTC (permalink / raw)
  To: Daniel J Walsh; +Cc: SE Linux

Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Currently audit2allow/sepolgen will create two identical gen_requires
> block if you have allow rules and a role statement.
> 
> This patch fixes this problem.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iEYEARECAAYFAkjJHroACgkQrlYvE4MpobPgMQCghgAMBtaQO0BeZX+ug6IwsWB8
> bNEAoMkRo4cZa0iJhGoGMmCvy5ncGpj8
> =gMFg
> -----END PGP SIGNATURE-----
> 

Merged in sepolgen 1.0.14

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2008-09-12 13:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-09-11 13:35 Only call gen_requires once Daniel J Walsh
2008-09-12 13:59 ` Joshua Brindle

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.