On 04/15/2014 10:44 AM, Richard Haines wrote: > This uses the policy build files from checkpolicy-2.1.12-5.fc20 that > are then modified to be used in setools for source policy expansion. > The files have comments /* Required for SETools libqpol */ added to > allow for easier patching next time. > > This patch should now enable all policy features up to policy version 29. > > There are #defines in policy.c infer_policy_version() to determine the > max version the policy should support when being built, however they > have not been fully tested. > > The source policy expansion has been tested using apol on Fedora 20. > > There is one bug where filename type_transition rules are added twice. > This is a problem in libsepol (expand.c copy_and_expand_avrule_block()) > that adds these rules again - have a fix for this - probably. > > There are two bug fixes: > 1) Add range field to default_range. > 2) Toggle apol "Policy Source" tab correctly. > > This patch MUST be applied on top of the four patches available from: > http://marc.info/?l=selinux&m=139696911602613&w=2 > > or (the preferred approach), a fully patched version of setools is > available from: https://github.com/QuarkSecurity/setools > > With RPMs at: https://quarksecurity.com/files/RPMS/ > > Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx> Applied. Thanks! - Steve _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
