On Thu, 2008-08-14 at 09:32 +0200, Christian Kuester wrote: > Stephen Smalley schrieb: > > Hi List, > > > On Tue, 2008-07-08 at 08:30 -0400, Stephen Smalley wrote: > >> On Tue, 2008-07-08 at 12:13 +0200, Christian Kuester wrote: > >>>> Other tidbits on the semanage patch that I noticed: > >>>> - semanage node -l was broken, requires additional argument that has > >>>> been added to the list methods subsequently. Also would be nice to > >>>> support locallist/-C option. > >>>> - semanage node -p option should take a string rather than an integer > >>>> and map it to the proper symbolic constant for ipv4/ipv6. > >> Please be sure to test each of the nodeRecords methods. > > Are you still pursuing getting this cleaned up and merged? > > Sorry, it took some time. The revised patch for nodecon support in > the semanage tool is attached. > > It now takes strings as arguments for the ip protocol. list/locallist > work as expected and output is more readable. I also made changes for > the semanage.8 man page. semanage node -lC appears to list all of the entries rather than only the local modifications (i.e. the ones in the nodes.local file). Compare with semanage fcontext -lC or port -lC. Also the patch should be from the top of the tree, preferably appliable by git-apply. Thanks. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
