-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This patch fixes two functions in libqpol/util.c is_binpol_valid should return true if the policy version is greater than or equal to the policy installed in the kernel. search_binary_policy_file Should return 0 on success, meaning it found a policy. And return 1 if the return code is < 0; Making these changes allows seinfo and sesearch to find policy.22 on a machine running policy.21 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkej8yYACgkQrlYvE4MpobOeJQCfSLBDBI51Y/cpBqlauoN1GuOd 3EAAoMBfpuMexQ6XIXgJMYILwzYwMsXv =Ggke -----END PGP SIGNATURE-----
diff -up setools-3.3.2/libqpol/src/util.c.validpol setools-3.3.2/libqpol/src/util.c
--- setools-3.3.2/libqpol/src/util.c.validpol 2008-02-01 23:28:54.000000000 -0500
+++ setools-3.3.2/libqpol/src/util.c 2008-02-01 23:28:58.000000000 -0500
@@ -74,7 +74,7 @@ static int is_binpol_valid(const char *p
}
ret_version = qpol_binpol_version(policy_fp);
fclose(policy_fp);
- return (ret_version == version);
+ return (ret_version >= version);
}
static int search_for_policyfile_with_ver(const char *binary_path, const int version, char **path)
@@ -198,7 +198,7 @@ static int search_binary_policy_file(cha
}
free(*path);
if ((rt = search_for_policyfile_with_ver(bin_path, current_version, path)) != 0) {
- return rt;
+ return rt < 0;
}
#endif
Attachment:
setools-3.3.2-validpol.patch.sig
Description: Binary data
