Blame SOURCES/0001-libqpol-Do-not-fail-on-neverallow-rule-query.patch
|
|
883847 |
From b00d11c941b689fbf3441e80b318c6a05c6657e4 Mon Sep 17 00:00:00 2001
|
|
|
883847 |
From: Vit Mojzis <vmojzis@redhat.com>
|
|
|
883847 |
Date: Thu, 19 Oct 2017 15:17:21 +0200
|
|
|
883847 |
Subject: [PATCH] libqpol: Do not fail on neverallow rule query
|
|
|
883847 |
|
|
|
883847 |
Drawing upon the conclusion from:
|
|
|
883847 |
|
|
|
883847 |
77bd0f2103e8f02f02ba75dd5fd5ceb263d4f878
|
|
|
883847 |
No need to take into account the policy capabilities in sesearch code,
|
|
|
883847 |
the lower levels in the library handle it correctly. (fixes Fedora
|
|
|
883847 |
bug #526460)
|
|
|
883847 |
---
|
|
|
883847 |
libqpol/src/avrule_query.c | 6 ------
|
|
|
883847 |
1 file changed, 6 deletions(-)
|
|
|
883847 |
|
|
|
883847 |
diff --git a/libqpol/src/avrule_query.c b/libqpol/src/avrule_query.c
|
|
|
883847 |
index 749565b..c2dd010 100644
|
|
|
883847 |
--- a/libqpol/src/avrule_query.c
|
|
|
883847 |
+++ b/libqpol/src/avrule_query.c
|
|
|
883847 |
@@ -55,12 +55,6 @@ int qpol_policy_get_avrule_iter(const qpol_policy_t * policy, uint32_t rule_type
|
|
|
883847 |
}
|
|
|
883847 |
#endif
|
|
|
883847 |
|
|
|
883847 |
- if ((rule_type_mask & QPOL_RULE_NEVERALLOW) && !qpol_policy_has_capability(policy, QPOL_CAP_NEVERALLOW)) {
|
|
|
883847 |
- ERR(policy, "%s", "Cannot get avrules: Neverallow rules requested but not available");
|
|
|
883847 |
- errno = ENOTSUP;
|
|
|
883847 |
- return STATUS_ERR;
|
|
|
883847 |
- }
|
|
|
883847 |
-
|
|
|
883847 |
db = &policy->p->p;
|
|
|
883847 |
|
|
|
883847 |
state = calloc(1, sizeof(avtab_state_t));
|
|
|
883847 |
--
|
|
|
883847 |
2.9.4
|
|
|
883847 |
|