This patch adds support for the new open_perms policy capability.
Simple yet true. I would like to point out that after this change
checkpolicy will also need to be rebuilt with the new libsepol-static
installed.
-Eric
---
diff -Naupr libsepol-2.0.21/include/sepol/policydb/polcaps.h libsepol-2.0.21.new/include/sepol/policydb/polcaps.h
--- libsepol-2.0.21/include/sepol/policydb/polcaps.h 2008-02-20 13:47:52.000000000 -0500
+++ libsepol-2.0.21.new/include/sepol/policydb/polcaps.h 2008-02-26 18:58:23.000000000 -0500
@@ -4,6 +4,7 @@
/* Policy capabilities */
enum {
POLICYDB_CAPABILITY_NETPEER,
+ POLICYDB_CAPABILITY_OPENPERM,
__POLICYDB_CAPABILITY_MAX
};
#define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1)
diff -Naupr libsepol-2.0.21/src/polcaps.c libsepol-2.0.21.new/src/polcaps.c
--- libsepol-2.0.21/src/polcaps.c 2008-02-20 13:47:51.000000000 -0500
+++ libsepol-2.0.21.new/src/polcaps.c 2008-02-26 18:57:56.000000000 -0500
@@ -7,6 +7,7 @@
static const char *polcap_names[] = {
"network_peer_controls", /* POLICYDB_CAPABILITY_NETPEER */
+ "open_perms", /* POLICYDB_CAPABILITY_OPENPERM */
NULL
};
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
