rpms / iptables

Clone
Source Code
GIT

Blame SOURCES/0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   087bff15e95ba74a6a23c88f7c0b45a3777186eb
  2.   SOURCES
  3.   0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch
Blob History Raw
087bff 
From 45664de1be104ce9716227a0ad11ef2343ece3df Mon Sep 17 00:00:00 2001
087bff 
From: Phil Sutter <psutter@redhat.com>
087bff 
Date: Fri, 16 Jul 2021 21:51:49 +0200
087bff 
Subject: [PATCH] extensions: SECMARK: Use a better context in test case
087bff
087bff 
RHEL SELinux policies don't allow setting
087bff 
system_u:object_r:firewalld_exec_t:s0 context. Use one instead which has
087bff 
'packet_type' attribute (identified via
087bff 
'seinfo -xt | grep packet_type').
087bff 
---
087bff 
 extensions/libxt_SECMARK.t | 2 +-
087bff 
 1 file changed, 1 insertion(+), 1 deletion(-)
087bff
087bff 
diff --git a/extensions/libxt_SECMARK.t b/extensions/libxt_SECMARK.t
087bff 
index 39d4c09348bf4..295e7a7244902 100644
087bff 
--- a/extensions/libxt_SECMARK.t
087bff 
+++ b/extensions/libxt_SECMARK.t
087bff 
@@ -1,4 +1,4 @@
087bff 
 :INPUT,FORWARD,OUTPUT
087bff 
 *security
087bff 
--j SECMARK --selctx system_u:object_r:firewalld_exec_t:s0;=;OK
087bff 
+-j SECMARK --selctx system_u:object_r:ssh_server_packet_t:s0;=;OK
087bff 
 -j SECMARK;;FAIL
087bff 
--
087bff 
2.34.1
087bff

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation