This patchset provides fixes to the pp2cil tool based on feedback for 2014-08-26-rc1. An issue was encountered in 2014-08-26-rc1 with missing roles [1]. Role declarations will now be printed in base and modules, where before only module role declarations were printed. Also, roletype statements will only be created when a role or a type are in the correct scope. As a result of these changes, policies that declare roles mulitple times in different modules will result in pp2cil generating duplicate roles. Since CIL does not allow identical role delcarations in different modules, current policies must be rebuilt with a refpolicy patch that removes duplicate role declarations [2]. A bug in creating filecon statements was also fixed where a missing trailing newline in .fc files would cause parsing issues. Finally, generated typeattribute/sets will now be printed immediately unless they are in avrule conditionals/blocks. The special case will have generated typeattributes/sets to be printed after the conditionals/blocks are printed. [1] http://marc.info/?l=selinux&m=140983712508791&w=2 [2] https://github.com/TresysTechnology/refpolicy/commit/330b0fc3331d3b836691464734c96f3da3044490 Yuli Khodorkovskiy (3): policycoreutils/hll/pp: Fix role/roletype scoping policycoreutils/hll/pp: fix '\n' parsing in filecon statements policycoreutils/hll/pp: change printing behavior of typeattribute/sets policycoreutils/hll/pp/pp.c | 763 ++++++++++++++++++++++++++++++-------------- 1 file changed, 529 insertions(+), 234 deletions(-) -- 1.9.3 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
