[PATCH] libsepol/tests: adjust IPv6 netmasks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

checkpolicy(8) since 01b88ac3 ("checkpolicy: warn on bogus IP address or
netmask in nodecon statement") warns about host bits set in IPv6
addresses.
Adjust IPv6 netmasks in the libsepol tests so that the used address ::1
does not set any host bits and running the tests does not print several
of the following warnings:

    net_contexts:15:WARNING 'host bits in ipv6 address set' at token '' on line 594:

Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 libsepol/tests/policies/test-deps/base-metreq.conf    | 2 +-
 libsepol/tests/policies/test-deps/base-notmetreq.conf | 2 +-
 libsepol/tests/policies/test-deps/small-base.conf     | 2 +-
 libsepol/tests/policies/test-expander/alias-base.conf | 2 +-
 libsepol/tests/policies/test-expander/role-base.conf  | 2 +-
 libsepol/tests/policies/test-expander/small-base.conf | 2 +-
 libsepol/tests/policies/test-expander/user-base.conf  | 2 +-
 libsepol/tests/policies/test-hooks/cmp_policy.conf    | 2 +-
 libsepol/tests/policies/test-hooks/small-base.conf    | 2 +-
 libsepol/tests/policies/test-linker/small-base.conf   | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/libsepol/tests/policies/test-deps/base-metreq.conf b/libsepol/tests/policies/test-deps/base-metreq.conf
index 3e2f8407..b7528dde 100644
--- a/libsepol/tests/policies/test-deps/base-metreq.conf
+++ b/libsepol/tests/policies/test-deps/base-metreq.conf
@@ -516,7 +516,7 @@ genfscon proc /				gen_context(system_u:object_r:sys_foo_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:net_foo_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-deps/base-notmetreq.conf b/libsepol/tests/policies/test-deps/base-notmetreq.conf
index 8ff3d204..eee36dca 100644
--- a/libsepol/tests/policies/test-deps/base-notmetreq.conf
+++ b/libsepol/tests/policies/test-deps/base-notmetreq.conf
@@ -503,7 +503,7 @@ genfscon proc /				gen_context(system_u:object_r:sys_foo_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:net_foo_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-deps/small-base.conf b/libsepol/tests/policies/test-deps/small-base.conf
index 1411e624..98f49c23 100644
--- a/libsepol/tests/policies/test-deps/small-base.conf
+++ b/libsepol/tests/policies/test-deps/small-base.conf
@@ -504,7 +504,7 @@ genfscon proc /				gen_context(system_u:object_r:sys_foo_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:net_foo_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-expander/alias-base.conf b/libsepol/tests/policies/test-expander/alias-base.conf
index 57d4520e..b950039d 100644
--- a/libsepol/tests/policies/test-expander/alias-base.conf
+++ b/libsepol/tests/policies/test-expander/alias-base.conf
@@ -494,7 +494,7 @@ genfscon proc /				gen_context(system_u:object_r:system_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:system_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-expander/role-base.conf b/libsepol/tests/policies/test-expander/role-base.conf
index a603390b..8e88b4be 100644
--- a/libsepol/tests/policies/test-expander/role-base.conf
+++ b/libsepol/tests/policies/test-expander/role-base.conf
@@ -476,7 +476,7 @@ genfscon proc /				gen_context(system_u:object_r:system_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:system_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-expander/small-base.conf b/libsepol/tests/policies/test-expander/small-base.conf
index 20005e3f..055ea054 100644
--- a/libsepol/tests/policies/test-expander/small-base.conf
+++ b/libsepol/tests/policies/test-expander/small-base.conf
@@ -714,7 +714,7 @@ genfscon proc /				gen_context(system_u:object_r:sys_foo_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:net_foo_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-expander/user-base.conf b/libsepol/tests/policies/test-expander/user-base.conf
index 1f84fd76..b31ee8cd 100644
--- a/libsepol/tests/policies/test-expander/user-base.conf
+++ b/libsepol/tests/policies/test-expander/user-base.conf
@@ -480,7 +480,7 @@ genfscon proc /				gen_context(system_u:object_r:system_t, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 system_u:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(system_u:object_r:system_t, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-hooks/cmp_policy.conf b/libsepol/tests/policies/test-hooks/cmp_policy.conf
index 1eccf4a8..9082b333 100644
--- a/libsepol/tests/policies/test-hooks/cmp_policy.conf
+++ b/libsepol/tests/policies/test-hooks/cmp_policy.conf
@@ -464,7 +464,7 @@ genfscon proc /				gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 g_b_user_1:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(g_b_user_1:object_r:g_b_type_1, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-hooks/small-base.conf b/libsepol/tests/policies/test-hooks/small-base.conf
index 1eccf4a8..9082b333 100644
--- a/libsepol/tests/policies/test-hooks/small-base.conf
+++ b/libsepol/tests/policies/test-hooks/small-base.conf
@@ -464,7 +464,7 @@ genfscon proc /				gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 g_b_user_1:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(g_b_user_1:object_r:g_b_type_1, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 
 
 
diff --git a/libsepol/tests/policies/test-linker/small-base.conf b/libsepol/tests/policies/test-linker/small-base.conf
index 2bc14656..890ebbeb 100644
--- a/libsepol/tests/policies/test-linker/small-base.conf
+++ b/libsepol/tests/policies/test-linker/small-base.conf
@@ -593,7 +593,7 @@ genfscon proc /				gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 #
 #nodecon 127.0.0.1 255.255.255.255 g_b_user_1:object_r:net_foo_t:s0
 
-nodecon ::1 FFFF:FFFF:FFFF:FFFF:: gen_context(g_b_user_1:object_r:g_b_type_1, s0)
+nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
 
 
 
-- 
2.35.2
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux