libsepol: reserve policycapability for redhat testing of ptrace child

Red Hat is testing ptrace_child in the wild. reserve this policy capability so we don't have conflicts. Signed-off-by: Eric Paris <eparis@redhat.com>
2024-12-11 21:36:23 +00:00 · 2012-06-15 14:15:32 -04:00 · 2012-06-15 14:15:32 -04:00 · 7a1e3e1fef
commit 7a1e3e1fef
parent f508a29446
2 changed files with 2 additions and 0 deletions
--- a/libsepol/include/sepol/policydb/polcaps.h
+++ b/libsepol/include/sepol/policydb/polcaps.h
@ -5,6 +5,7 @@
 enum {
 	POLICYDB_CAPABILITY_NETPEER,
 	POLICYDB_CAPABILITY_OPENPERM,
+	POLICYDB_CAPABILITY_REDHAT1, /* reserved for RH testing of ptrace_child */
 	__POLICYDB_CAPABILITY_MAX
 };
 #define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1)
--- a/libsepol/src/polcaps.c
+++ b/libsepol/src/polcaps.c
@ -8,6 +8,7 @@
 static const char *polcap_names[] = {
 	"network_peer_controls",	/* POLICYDB_CAPABILITY_NETPEER */
 	"open_perms",			/* POLICYDB_CAPABILITY_OPENPERM */
+	"redhat1",			/* POLICYDB_CAPABILITY_REDHAT1, aka ptrace_child */
 	NULL
 };