diff --git checkpolicy-2.7/Makefile checkpolicy-2.7/Makefile index 68e11f2..4c817cd 100644 --- checkpolicy-2.7/Makefile +++ checkpolicy-2.7/Makefile @@ -1,12 +1,9 @@ # # Makefile for building the checkpolicy program # -PREFIX ?= $(DESTDIR)/usr +PREFIX ?= /usr BINDIR ?= $(PREFIX)/bin MANDIR ?= $(PREFIX)/share/man -LIBDIR ?= $(PREFIX)/lib -INCLUDEDIR ?= $(PREFIX)/include -LIBSEPOLA ?= $(LIBDIR)/libsepol.a TARGETS = checkpolicy checkmodule LEX = flex @@ -14,7 +11,12 @@ YACC = bison -y CFLAGS ?= -g -Wall -Werror -Wshadow -O2 -pipe -fno-strict-aliasing -override CFLAGS += -I. +# If no specific libsepol.a is specified, fall back on LDFLAGS search path +# Otherwise, as $(LIBSEPOLA) already appears in the dependencies, there +# is no need to define a value for LDLIBS_LIBSEPOLA +ifeq ($(LIBSEPOLA),) + LDLIBS_LIBSEPOLA := -l:libsepol.a +endif CHECKOBJS = y.tab.o lex.yy.o queue.o module_compiler.o parse_util.o \ policy_define.o @@ -27,8 +29,10 @@ all: $(TARGETS) $(MAKE) -C test checkpolicy: $(CHECKPOLOBJS) $(LIBSEPOLA) + $(CC) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA) checkmodule: $(CHECKMODOBJS) $(LIBSEPOLA) + $(CC) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA) %.o: %.c $(CC) $(CFLAGS) -o $@ -c $< @@ -46,15 +50,15 @@ lex.yy.c: policy_scan.l y.tab.c $(LEX) policy_scan.l install: all - -mkdir -p $(BINDIR) - -mkdir -p $(MANDIR)/man8 - install -m 755 $(TARGETS) $(BINDIR) - install -m 644 checkpolicy.8 $(MANDIR)/man8 - install -m 644 checkmodule.8 $(MANDIR)/man8 + -mkdir -p $(DESTDIR)$(BINDIR) + -mkdir -p $(DESTDIR)$(MANDIR)/man8 + install -m 755 $(TARGETS) $(DESTDIR)$(BINDIR) + install -m 644 checkpolicy.8 $(DESTDIR)$(MANDIR)/man8 + install -m 644 checkmodule.8 $(DESTDIR)$(MANDIR)/man8 relabel: install - /sbin/restorecon $(BINDIR)/checkpolicy - /sbin/restorecon $(BINDIR)/checkmodule + /sbin/restorecon $(DESTDIR)$(BINDIR)/checkpolicy + /sbin/restorecon $(DESTDIR)$(BINDIR)/checkmodule clean: -rm -f $(TARGETS) $(CHECKPOLOBJS) $(CHECKMODOBJS) y.tab.c y.tab.h lex.yy.c diff --git checkpolicy-2.7/checkmodule.8 checkpolicy-2.7/checkmodule.8 index ee95882..cf76591 100644 --- checkpolicy-2.7/checkmodule.8 +++ checkpolicy-2.7/checkmodule.8 @@ -64,4 +64,4 @@ especially "Configuring the SELinux Policy". This manual page was copied from the checkpolicy man page written by Arpad Magosanyi , and edited by Dan Walsh . -The program was written by Stephen Smalley . +The program was written by Stephen Smalley . diff --git checkpolicy-2.7/checkpolicy.8 checkpolicy-2.7/checkpolicy.8 index 7b28696..1c8805d 100644 --- checkpolicy-2.7/checkpolicy.8 +++ checkpolicy-2.7/checkpolicy.8 @@ -58,5 +58,5 @@ especially "Configuring the SELinux Policy". .SH AUTHOR This manual page was written by Arpad Magosanyi , -and edited by Stephen Smalley . -The program was written by Stephen Smalley . +and edited by Stephen Smalley . +The program was written by Stephen Smalley . diff --git checkpolicy-2.7/checkpolicy.c checkpolicy-2.7/checkpolicy.c index b75f2af..fbda455 100644 --- checkpolicy-2.7/checkpolicy.c +++ checkpolicy-2.7/checkpolicy.c @@ -1,6 +1,6 @@ /* - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* @@ -69,6 +69,9 @@ #ifndef IPPROTO_DCCP #define IPPROTO_DCCP 33 #endif +#ifndef IPPROTO_SCTP +#define IPPROTO_SCTP 132 +#endif #include #include #include @@ -944,6 +947,8 @@ int main(int argc, char **argv) protocol = IPPROTO_UDP; else if (!strcmp(ans, "dccp") || !strcmp(ans, "DCCP")) protocol = IPPROTO_DCCP; + else if (!strcmp(ans, "sctp") || !strcmp(ans, "SCTP")) + protocol = IPPROTO_SCTP; else { printf("unknown protocol\n"); break; diff --git checkpolicy-2.7/policy_define.c checkpolicy-2.7/policy_define.c index f12ebdb..11fd37d 100644 --- checkpolicy-2.7/policy_define.c +++ checkpolicy-2.7/policy_define.c @@ -1,5 +1,5 @@ /* - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* @@ -40,6 +40,9 @@ #ifndef IPPROTO_DCCP #define IPPROTO_DCCP 33 #endif +#ifndef IPPROTO_SCTP +#define IPPROTO_SCTP 132 +#endif #include #include #include @@ -5004,6 +5007,8 @@ int define_port_context(unsigned int low, unsigned int high) protocol = IPPROTO_UDP; } else if ((strcmp(id, "dccp") == 0) || (strcmp(id, "DCCP") == 0)) { protocol = IPPROTO_DCCP; + } else if ((strcmp(id, "sctp") == 0) || (strcmp(id, "SCTP") == 0)) { + protocol = IPPROTO_SCTP; } else { yyerror2("unrecognized protocol %s", id); goto bad; diff --git checkpolicy-2.7/policy_parse.y checkpolicy-2.7/policy_parse.y index 6b406c8..247bd4e 100644 --- checkpolicy-2.7/policy_parse.y +++ checkpolicy-2.7/policy_parse.y @@ -1,6 +1,6 @@ /* - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* diff --git checkpolicy-2.7/policy_scan.l checkpolicy-2.7/policy_scan.l index e6c4898..e93ccb6 100644 --- checkpolicy-2.7/policy_scan.l +++ checkpolicy-2.7/policy_scan.l @@ -1,6 +1,6 @@ /* - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* Updated: David Caplan, diff --git checkpolicy-2.7/queue.c checkpolicy-2.7/queue.c index acc991c..82e6673 100644 --- checkpolicy-2.7/queue.c +++ checkpolicy-2.7/queue.c @@ -1,5 +1,5 @@ -/* Author : Stephen Smalley, */ +/* Author : Stephen Smalley, */ /* FLASK */ diff --git checkpolicy-2.7/queue.h checkpolicy-2.7/queue.h index 655c94b..60c07fe 100644 --- checkpolicy-2.7/queue.h +++ checkpolicy-2.7/queue.h @@ -1,5 +1,5 @@ -/* Author : Stephen Smalley, */ +/* Author : Stephen Smalley, */ /* FLASK */ diff --git checkpolicy-2.7/test/Makefile checkpolicy-2.7/test/Makefile index 59fa446..89e7557 100644 --- checkpolicy-2.7/test/Makefile +++ checkpolicy-2.7/test/Makefile @@ -1,19 +1,22 @@ # # Makefile for building the dispol program # -PREFIX ?= $(DESTDIR)/usr -BINDIR ?= $(PREFIX)/bin -LIBDIR ?= $(PREFIX)/lib -INCLUDEDIR ?= $(PREFIX)/include -LIBSEPOLA ?= $(LIBDIR)/libsepol.a - CFLAGS ?= -g -Wall -W -Werror -O2 -pipe +# If no specific libsepol.a is specified, fall back on LDFLAGS search path +# Otherwise, as $(LIBSEPOLA) already appears in the dependencies, there +# is no need to define a value for LDLIBS_LIBSEPOLA +ifeq ($(LIBSEPOLA),) + LDLIBS_LIBSEPOLA := -l:libsepol.a +endif + all: dispol dismod dispol: dispol.o $(LIBSEPOLA) + $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA) dismod: dismod.o $(LIBSEPOLA) + $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA) clean: -rm -f dispol dismod *.o