From 3829eecb1218f5e3873f6731bf4b3ce6ead0e4c0 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Tue, 13 Apr 2010 11:52:09 -0400 Subject: [PATCH] Clean up output of generated corenetwork.te. --- policy/modules/kernel/corenetwork.te.m4 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/policy/modules/kernel/corenetwork.te.m4 b/policy/modules/kernel/corenetwork.te.m4 index 6ceddc8a9..5ef5f7829 100644 --- a/policy/modules/kernel/corenetwork.te.m4 +++ b/policy/modules/kernel/corenetwork.te.m4 @@ -77,10 +77,9 @@ type $1_node_t alias node_$1_t, node_type; declare_nodes($1_node_t,shift($*)) ') +# bindresvport in glibc starts searching for reserved ports at 600 define(`declare_ports',`dnl -ifelse(eval(range_start($3) < 1024),1,` -typeattribute $1 reserved_port_type; -#bindresvport in glibc starts searching for reserved ports at 600 +ifelse(eval(range_start($3) < 1024),1,`typeattribute $1 reserved_port_type; ifelse(eval(range_start($3) >= 600),1,`typeattribute $1 rpc_port_type;',`dnl') ',`dnl') portcon $2 $3 gen_context(system_u:object_r:$1,$4) @@ -94,7 +93,7 @@ define(`network_port',` type $1_port_t, port_type; type $1_client_packet_t, packet_type, client_packet_type; type $1_server_packet_t, packet_type, server_packet_type; -declare_ports($1_port_t,shift($*)) +declare_ports($1_port_t,shift($*))dnl ') #