rpms/libselinux/devel .cvsignore, 1.174, 1.175 libselinux-rhat.patch, 1.160, 1.161 libselinux.spec, 1.337, 1.338 sources, 1.176, 1.177

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Tue Aug 5 14:05:45 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/libselinux/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32244

Modified Files:
	.cvsignore libselinux-rhat.patch libselinux.spec sources 
Log Message:
* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.71-1
- Update to Upstream
	* Add group support to seusers using %groupname syntax from Dan Walsh.
	* Mark setrans socket close-on-exec from Stephen Smalley.
	* Only apply nodups checking to base file contexts from Stephen Smalley.



Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/.cvsignore,v
retrieving revision 1.174
retrieving revision 1.175
diff -u -r1.174 -r1.175
--- .cvsignore	1 Aug 2008 10:56:37 -0000	1.174
+++ .cvsignore	5 Aug 2008 14:05:15 -0000	1.175
@@ -155,3 +155,4 @@
 libselinux-2.0.67.tgz
 libselinux-2.0.69.tgz
 libselinux-2.0.70.tgz
+libselinux-2.0.71.tgz

libselinux-rhat.patch:

Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.160
retrieving revision 1.161
diff -u -r1.160 -r1.161
--- libselinux-rhat.patch	1 Aug 2008 10:56:37 -0000	1.160
+++ libselinux-rhat.patch	5 Aug 2008 14:05:15 -0000	1.161
@@ -1,7 +1,12 @@
 diff --exclude-from=exclude -N -u -r nsalibselinux/ChangeLog libselinux-2.0.70/ChangeLog
---- nsalibselinux/ChangeLog	2008-08-01 06:48:06.000000000 -0400
+--- nsalibselinux/ChangeLog	2008-08-05 09:58:25.000000000 -0400
 +++ libselinux-2.0.70/ChangeLog	2008-08-01 06:51:25.000000000 -0400
-@@ -1,6 +1,3 @@
+@@ -1,11 +1,3 @@
+-2.0.71 2008-08-05
+-	* Add group support to seusers using %groupname syntax from Dan Walsh.
+-	* Mark setrans socket close-on-exec from Stephen Smalley.
+-	* Only apply nodups checking to base file contexts from Stephen Smalley.
+-
 -2.0.70 2008-07-30
 -	* Merge ruby bindings from Dan Walsh.
 -
@@ -9,10 +14,10 @@
  	* Handle duplicate file context regexes as a fatal error from Stephen Smalley.
  	  This prevents adding them via semanage.
 diff --exclude-from=exclude -N -u -r nsalibselinux/VERSION libselinux-2.0.70/VERSION
---- nsalibselinux/VERSION	2008-08-01 06:48:06.000000000 -0400
+--- nsalibselinux/VERSION	2008-08-05 09:58:25.000000000 -0400
 +++ libselinux-2.0.70/VERSION	2008-08-01 06:51:25.000000000 -0400
 @@ -1 +1 @@
--2.0.70
+-2.0.71
 +2.0.69
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.70/man/man8/selinuxconlist.8
 --- nsalibselinux/man/man8/selinuxconlist.8	1969-12-31 19:00:00.000000000 -0500
@@ -90,142 +95,3 @@
  	va_end(ap);
  }
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-2.0.70/src/seusers.c
---- nsalibselinux/src/seusers.c	2008-06-12 23:25:14.000000000 -0400
-+++ libselinux-2.0.70/src/seusers.c	2008-08-01 06:53:03.000000000 -0400
-@@ -89,6 +89,62 @@
- 
- int require_seusers hidden = 0;
- 
-+#include <pwd.h>
-+#include <grp.h>
-+
-+static gid_t get_default_gid(const char *name) {
-+	struct passwd pwstorage, *pwent = NULL;
-+	gid_t gid = -1;
-+	/* Allocate space for the getpwnam_r buffer */
-+	long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
-+	if (rbuflen <= 0) return -1;
-+	char *rbuf = malloc(rbuflen);
-+	if (rbuf == NULL) return -1;
-+
-+	int retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent);
-+	if (retval == 0 || pwent != NULL) {
-+		gid = pwent->pw_gid;
-+	}
-+	free(rbuf);
-+	return gid;
-+}
-+
-+static int check_group(const char *group, const char *name, const gid_t gid) {
-+	int match = 0;
-+	int i, ng = 0;
-+	gid_t *groups = NULL;
-+	struct group gbuf, *grent = NULL;
-+
-+	long rbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
-+	if (rbuflen <= 0)
-+		return 0;
-+	char *rbuf = malloc(rbuflen);
-+	if (rbuf == NULL)
-+		return 0;
-+
-+	if (getgrnam_r(group, &gbuf, rbuf, rbuflen, 
-+		       &grent) != 0)
-+		goto done;
-+
-+	if (getgrouplist(name, gid, NULL, &ng) < 0) {
-+		groups = (gid_t *) malloc(sizeof (gid_t) * ng);
-+		if (!groups) goto done;
-+		if (getgrouplist(name, gid, groups, &ng) < 0) goto done;
-+	}
-+
-+	for (i = 0; i < ng; i++) {
-+		if (grent->gr_gid == groups[i]) {
-+			match = 1;
-+			goto done;
-+		}
-+	}
-+
-+ done:
-+	free(groups);
-+	free(rbuf);
-+	return match;
-+}
-+
- int getseuserbyname(const char *name, char **r_seuser, char **r_level)
- {
- 	FILE *cfg = NULL;
-@@ -101,9 +157,14 @@
- 	char *username = NULL;
- 	char *seuser = NULL;
- 	char *level = NULL;
-+	char *groupseuser = NULL;
-+	char *grouplevel = NULL;
- 	char *defaultseuser = NULL;
- 	char *defaultlevel = NULL;
- 
-+	gid_t gid = get_default_gid(name);
-+	if ( gid == (gid_t) -1 ) goto nomatch;
-+
- 	cfg = fopen(selinux_usersconf_path(), "r");
- 	if (!cfg)
- 		goto nomatch;
-@@ -124,31 +185,48 @@
- 		if (!strcmp(username, name))
- 			break;
- 
--		if (!defaultseuser && !strcmp(username, "__default__")) {
--			free(username);
--			defaultseuser = seuser;
--			defaultlevel = level;
-+		if (username[0] == '%' && 
-+		    !groupseuser && 
-+		    check_group(&username[1], name, gid)) {
-+				groupseuser = seuser;
-+				grouplevel = level;
- 		} else {
--			free(username);
--			free(seuser);
--			free(level);
-+			if (!defaultseuser && 
-+			    !strcmp(username, "__default__")) {
-+				defaultseuser = seuser;
-+				defaultlevel = level;
-+			} else {
-+				free(seuser);
-+				free(level);
-+			}
- 		}
-+		free(username);
-+		username = NULL;
- 		seuser = NULL;
- 	}
- 
--	if (buffer)
--		free(buffer);
-+	free(buffer);
- 	fclose(cfg);
- 
- 	if (seuser) {
- 		free(username);
- 		free(defaultseuser);
- 		free(defaultlevel);
-+		free(groupseuser);
-+		free(grouplevel);
- 		*r_seuser = seuser;
- 		*r_level = level;
- 		return 0;
- 	}
- 
-+	if (groupseuser) {
-+		free(defaultseuser);
-+		free(defaultlevel);
-+		*r_seuser = groupseuser;
-+		*r_level = grouplevel;
-+		return 0;
-+	}
-+
- 	if (defaultseuser) {
- 		*r_seuser = defaultseuser;
- 		*r_level = defaultlevel;


Index: libselinux.spec
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.337
retrieving revision 1.338
diff -u -r1.337 -r1.338
--- libselinux.spec	1 Aug 2008 10:56:37 -0000	1.337
+++ libselinux.spec	5 Aug 2008 14:05:15 -0000	1.338
@@ -4,7 +4,7 @@
 
 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 2.0.70
+Version: 2.0.71
 Release: 1%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
@@ -152,6 +152,12 @@
 %{ruby_sitearch}/selinux.so
 
 %changelog
+* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.71-1
+- Update to Upstream
+	* Add group support to seusers using %groupname syntax from Dan Walsh.
+	* Mark setrans socket close-on-exec from Stephen Smalley.
+	* Only apply nodups checking to base file contexts from Stephen Smalley.
+
 * Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.70-1
 - Update to Upstream
 	* Merge ruby bindings from Dan Walsh.


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/sources,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- sources	1 Aug 2008 10:56:37 -0000	1.176
+++ sources	5 Aug 2008 14:05:15 -0000	1.177
@@ -1 +1 @@
-46464eff4dd1d432d9f74cebebe222c5  libselinux-2.0.70.tgz
+5d59c1105c777f8520978ee00ab46656  libselinux-2.0.71.tgz

More information about the scm-commits mailing list