SOURCES (LINUX_2_6): kernel-vserver-fixes.patch - missing CAP_CONTEXT defin...

zbyniu zbyniu at pld-linux.org
Wed May 21 11:11:40 CEST 2008 

Author: zbyniu                       Date: Wed May 21 09:11:40 2008 GMT
Module: SOURCES                       Tag: LINUX_2_6
---- Log message:
- missing CAP_CONTEXT definitions in selinux

---- Files affected:
SOURCES:
   kernel-vserver-fixes.patch (1.1.2.1 -> 1.1.2.2) 

---- Diffs:

================================================================
Index: SOURCES/kernel-vserver-fixes.patch
diff -u SOURCES/kernel-vserver-fixes.patch:1.1.2.1 SOURCES/kernel-vserver-fixes.patch:1.1.2.2
--- SOURCES/kernel-vserver-fixes.patch:1.1.2.1	Sun Mar 30 21:52:30 2008
+++ SOURCES/kernel-vserver-fixes.patch	Wed May 21 11:11:34 2008
@@ -9,3 +9,25 @@
  #include <net/tcp.h>  /* For tcp_prot in getorigdst */
  #include <linux/icmp.h>
  #include <linux/udp.h>
+diff -upr linux-2.6.25/security/selinux/include/av_perm_to_string.h linux-2.6.25/security/selinux/include/av_perm_to_string.h
+--- linux-2.6.25/security/selinux/include/av_perm_to_string.h	2008-04-17 02:49:44.000000000 +0000
++++ linux-2.6.25/security/selinux/include/av_perm_to_string.h	2008-05-21 08:48:33.061933886 +0000
+@@ -135,6 +135,7 @@
+    S_(SECCLASS_CAPABILITY, CAPABILITY__SETFCAP, "setfcap")
+    S_(SECCLASS_CAPABILITY2, CAPABILITY2__MAC_OVERRIDE, "mac_override")
+    S_(SECCLASS_CAPABILITY2, CAPABILITY2__MAC_ADMIN, "mac_admin")
++   S_(SECCLASS_CAPABILITY2, CAPABILITY2__CONTEXT, "context")
+    S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_READ, "nlmsg_read")
+    S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE, "nlmsg_write")
+    S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_READ, "nlmsg_read")
+diff -upr linux-2.6.25/security/selinux/include/av_permissions.h linux-2.6.25/security/selinux/include/av_permissions.h
+--- linux-2.6.25/security/selinux/include/av_permissions.h	2008-04-17 02:49:44.000000000 +0000
++++ linux-2.6.25/security/selinux/include/av_permissions.h	2008-05-21 08:49:07.059597304 +0000
+@@ -536,6 +536,7 @@
+ #define CAPABILITY__SETFCAP                       0x80000000UL
+ #define CAPABILITY2__MAC_OVERRIDE                 0x00000001UL
+ #define CAPABILITY2__MAC_ADMIN                    0x00000002UL
++#define CAPABILITY2__CONTEXT                      0x00000004UL
+ #define NETLINK_ROUTE_SOCKET__IOCTL               0x00000001UL
+ #define NETLINK_ROUTE_SOCKET__READ                0x00000002UL
+ #define NETLINK_ROUTE_SOCKET__WRITE               0x00000004UL
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-vserver-fixes.patch?r1=1.1.2.1&r2=1.1.2.2&f=u

More information about the pld-cvs-commit mailing list