On Mon, Aug 15, 2016 at 9:37 AM, Miroslav Vadkerti <mvadkert@xxxxxxxxxx> wrote:
On Sun, Aug 14, 2016 at 10:23 PM, Chris PeBenito <pebenito@xxxxxxxx> wrote:On 08/10/16 04:39, Miroslav Vadkerti wrote:
The tcp/udp protocol numbers were accidentaly swapped in
the original patch 'semanage: add auditing of changes in records'.
Signed-off-by: Miroslav Vadkerti <mvadkert@xxxxxxxxxx>
---
policycoreutils/semanage/seobject.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seo bject.py
index 317b421..786ed0e 100644
--- a/policycoreutils/semanage/seobject.py
+++ b/policycoreutils/semanage/seobject.py
@@ -88,8 +88,8 @@ file_type_str_to_option = {"all files": "a",
"symbolic link": "l",
"named pipe": "p"}
-proto_to_audit = {"tcp": 17,
- "udp": 6,
+proto_to_audit = {"tcp": 6,
+ "udp": 17,
"ipv4": 4,
"ipv6": 41}
I realize this has already been merged, but why not use existing constants such as socket.IPPROTO_TCP and socket.AF_INET rather than hard coding the protocol numbers?Yes, ot we could directly use socket.getprotobyname(protocolname) instead of the dictionary. I will supply a patch today, thanks!
The patch using socket.getprotobyname(protocolname) has been submmited, but it is based on top of this patch, so if possible please this one also so there is no conflict.
Thanks!
/M
--
Chris PeBenito
--Miroslav Vadkerti :: Senior QE / RHCSS :: BaseOS QE SecurityIRC mvadkert #qe #urt #brno #rpmdiff :: GPG 0x25881087Red Hat Czech s.r.o, Purkyňova 99/71, 612 00, Brno, CR
Miroslav Vadkerti :: Senior QE / RHCSS :: BaseOS QE Security
IRC mvadkert #qe #urt #brno #rpmdiff :: GPG 0x25881087
Red Hat Czech s.r.o, Purkyňova 99/71, 612 00, Brno, CR
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
