[libselinux] - Update to upstream - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Dec 21 21:32:41 UTC 2010
commit ca9cea76981c2cedae474162ddd6cdbed0d71f25
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Dec 21 16:29:19 2010 -0500
- Update to upstream
- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
.gitignore | 1 +
libselinux-rhat.patch | 217 +++++++++++++++++++++----------------------------
libselinux.spec | 8 ++-
sources | 2 +-
4 files changed, 102 insertions(+), 126 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 19f80dd..dd6b058 100644
--- a/.gitignore
+++ b/.gitignore
@@ -180,3 +180,4 @@ libselinux-2.0.93.tgz
libselinux-2.0.94.tgz
libselinux-2.0.96.tgz
/libselinux-2.0.97.tgz
+/libselinux-2.0.98.tgz
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 069e5b6..9fe710c 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,6 +1,8 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.96/man/man8/selinuxconlist.8
---- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.96/man/man8/selinuxconlist.8 2010-06-16 09:20:34.000000000 -0400
+diff --git a/libselinux/man/man8/selinuxconlist.8 b/libselinux/man/man8/selinuxconlist.8
+new file mode 100644
+index 0000000..c698daa
+--- /dev/null
++++ b/libselinux/man/man8/selinuxconlist.8
@@ -0,0 +1,18 @@
+.TH "selinuxconlist" "1" "7 May 2008" "dwalsh at redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
@@ -20,9 +22,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 lib
+
+.SH "SEE ALSO"
+secon(8), selinuxdefcon(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.96/man/man8/selinuxdefcon.8
---- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.96/man/man8/selinuxdefcon.8 2010-06-16 09:20:34.000000000 -0400
+diff --git a/libselinux/man/man8/selinuxdefcon.8 b/libselinux/man/man8/selinuxdefcon.8
+new file mode 100644
+index 0000000..3cbeff2
+--- /dev/null
++++ b/libselinux/man/man8/selinuxdefcon.8
@@ -0,0 +1,24 @@
+.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh at redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
@@ -48,9 +52,67 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libs
+
+.SH "SEE ALSO"
+secon(8), selinuxconlist(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.96/src/audit2why.c
---- nsalibselinux/src/audit2why.c 2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/audit2why.c 2010-06-25 17:03:37.000000000 -0400
+diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
+index bf665ab..8aeb7a1 100644
+--- a/libselinux/src/Makefile
++++ b/libselinux/src/Makefile
+@@ -1,9 +1,10 @@
+ # Installation directories.
++PYTHON ?= python
+ PREFIX ?= $(DESTDIR)/usr
+ LIBDIR ?= $(PREFIX)/lib
+ SHLIBDIR ?= $(DESTDIR)/lib
+ INCLUDEDIR ?= $(PREFIX)/include
+-PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
++PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
+ PYINC ?= /usr/include/$(PYLIBVER)
+ PYLIB ?= /usr/lib/$(PYLIBVER)
+ PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
+@@ -23,13 +24,13 @@ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i
+ SWIGRUBYIF= selinuxswig_ruby.i
+ SWIGCOUT= selinuxswig_wrap.c
+ SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
+-SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
++SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT))
+ SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
+-SWIGSO=_selinux.so
++SWIGSO=$(PYPREFIX)_selinux.so
+ SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i
+ SWIGRUBYSO=_rubyselinux.so
+ LIBSO=$(TARGET).$(LIBVERSION)
+-AUDIT2WHYSO=audit2why.so
++AUDIT2WHYSO=$(PYPREFIX)audit2why.so
+
+ ifeq ($(DISABLE_AVC),y)
+ UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
+@@ -91,10 +92,10 @@ $(LIBPC): $(LIBPC).in
+ selinuxswig_python_exception.i: ../include/selinux/selinux.h
+ bash exception.sh > $@
+
+-audit2why.lo: audit2why.c
++$(PYPREFIX)audit2why.lo: audit2why.c
+ $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+
+-$(AUDIT2WHYSO): audit2why.lo
++$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
+
+ %.o: %.c policy.h
+@@ -123,8 +124,8 @@ install: all
+
+ install-pywrap: pywrap
+ test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
+- install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
+- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
++ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so
++ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so
+ install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
+
+ install-rubywrap: rubywrap
+diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
+index 691bc67..12e8614 100644
+--- a/libselinux/src/audit2why.c
++++ b/libselinux/src/audit2why.c
@@ -1,3 +1,6 @@
+/* Workaround for http://bugs.python.org/issue4835 */
+#define SIZEOF_SOCKET_T SIZEOF_INT
@@ -58,7 +120,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
#include <Python.h>
#include <unistd.h>
#include <stdlib.h>
-@@ -255,6 +258,8 @@
+@@ -255,6 +258,8 @@ static int __policy_init(const char *init_path)
fclose(fp);
sepol_set_policydb(&avc->policydb->p);
avc->handle = sepol_handle_create();
@@ -67,7 +129,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
rc = sepol_bool_count(avc->handle,
avc->policydb, &cnt);
-@@ -287,8 +292,10 @@
+@@ -287,8 +292,10 @@ static int __policy_init(const char *init_path)
static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
int result;
char *init_path=NULL;
@@ -80,7 +142,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
return Py_BuildValue("i", result);
}
-@@ -353,7 +360,11 @@
+@@ -353,7 +360,11 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
strObj = PyList_GetItem(listObj, i); /* Can't fail */
/* make it a string */
@@ -92,7 +154,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
perm = string_to_av_perm(tclass, permstr);
if (!perm) {
-@@ -423,10 +434,39 @@
+@@ -423,10 +434,39 @@ static PyMethodDef audit2whyMethods[] = {
{NULL, NULL, 0, NULL} /* Sentinel */
};
@@ -133,7 +195,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN);
PyModule_AddIntConstant(m,"BADSCON", BADSCON);
PyModule_AddIntConstant(m,"BADTCON", BADTCON);
-@@ -440,4 +480,8 @@
+@@ -440,4 +480,8 @@ initaudit2why(void)
PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN);
PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT);
PyModule_AddIntConstant(m,"RBAC", RBAC);
@@ -142,10 +204,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
+ return m;
+#endif
}
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.96/src/callbacks.c
---- nsalibselinux/src/callbacks.c 2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/callbacks.c 2010-06-16 09:20:34.000000000 -0400
-@@ -16,6 +16,7 @@
+diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c
+index b245364..7c47222 100644
+--- a/libselinux/src/callbacks.c
++++ b/libselinux/src/callbacks.c
+@@ -16,6 +16,7 @@ default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
{
int rc;
va_list ap;
@@ -153,103 +216,10 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.
va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap);
va_end(ap);
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-2.0.96/src/get_context_list.c
---- nsalibselinux/src/get_context_list.c 2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/get_context_list.c 2010-07-27 13:09:08.000000000 -0400
-@@ -286,7 +286,6 @@
- if (buf[plen - 1] == '\n')
- buf[plen - 1] = 0;
-
-- retry:
- nlen = strlen(user) + 1 + plen + 1;
- *newcon = malloc(nlen);
- if (!(*newcon))
-@@ -306,10 +305,6 @@
- if (security_check_context(*newcon) && errno != ENOENT) {
- free(*newcon);
- *newcon = 0;
-- if (strcmp(user, SELINUX_DEFAULTUSER)) {
-- user = SELINUX_DEFAULTUSER;
-- goto retry;
-- }
- return -1;
- }
-
-@@ -418,13 +413,8 @@
-
- /* Determine the set of reachable contexts for the user. */
- rc = security_compute_user(fromcon, user, &reachable);
-- if (rc < 0) {
-- /* Retry with the default SELinux user identity. */
-- user = SELINUX_DEFAULTUSER;
-- rc = security_compute_user(fromcon, user, &reachable);
-- if (rc < 0)
-- goto failsafe;
-- }
-+ if (rc < 0)
-+ goto failsafe;
- nreach = 0;
- for (ptr = reachable; *ptr; ptr++)
- nreach++;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.96/src/Makefile
---- nsalibselinux/src/Makefile 2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/Makefile 2010-06-16 09:20:39.000000000 -0400
-@@ -1,9 +1,10 @@
- # Installation directories.
-+PYTHON ?= python
- PREFIX ?= $(DESTDIR)/usr
- LIBDIR ?= $(PREFIX)/lib
- SHLIBDIR ?= $(DESTDIR)/lib
- INCLUDEDIR ?= $(PREFIX)/include
--PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
-+PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
- PYINC ?= /usr/include/$(PYLIBVER)
- PYLIB ?= /usr/lib/$(PYLIBVER)
- PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-@@ -23,13 +24,13 @@
- SWIGRUBYIF= selinuxswig_ruby.i
- SWIGCOUT= selinuxswig_wrap.c
- SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
--SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
-+SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT))
- SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
--SWIGSO=_selinux.so
-+SWIGSO=$(PYPREFIX)_selinux.so
- SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i
- SWIGRUBYSO=_rubyselinux.so
- LIBSO=$(TARGET).$(LIBVERSION)
--AUDIT2WHYSO=audit2why.so
-+AUDIT2WHYSO=$(PYPREFIX)audit2why.so
-
- ifeq ($(DISABLE_AVC),y)
- UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
-@@ -91,10 +92,10 @@
- selinuxswig_python_exception.i: ../include/selinux/selinux.h
- bash exception.sh > $@
-
--audit2why.lo: audit2why.c
-+$(PYPREFIX)audit2why.lo: audit2why.c
- $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
-
--$(AUDIT2WHYSO): audit2why.lo
-+$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo
- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
-
- %.o: %.c policy.h
-@@ -123,8 +124,8 @@
-
- install-pywrap: pywrap
- test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
-- install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
-- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
-+ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so
-+ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so
- install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
-
- install-rubywrap: rubywrap
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.96/src/matchpathcon.c
---- nsalibselinux/src/matchpathcon.c 2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/matchpathcon.c 2010-07-26 14:55:18.000000000 -0400
+diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
+index bb4eb9f..c9ae42f 100644
+--- a/libselinux/src/matchpathcon.c
++++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
@@ -258,7 +228,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
#include "selinux_internal.h"
#include "label_internal.h"
#include "callbacks.h"
-@@ -57,7 +58,7 @@
+@@ -60,7 +61,7 @@ static void
{
va_list ap;
va_start(ap, fmt);
@@ -267,10 +237,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
va_end(ap);
}
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.96/src/selinuxswig_python.i
---- nsalibselinux/src/selinuxswig_python.i 2010-06-16 08:03:38.000000000 -0400
-+++ libselinux-2.0.96/src/selinuxswig_python.i 2010-06-16 09:20:34.000000000 -0400
-@@ -45,7 +45,7 @@
+diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i
+index dea0e80..bb227e9 100644
+--- a/libselinux/src/selinuxswig_python.i
++++ b/libselinux/src/selinuxswig_python.i
+@@ -45,7 +45,7 @@ def install(src, dest):
PyObject* list = PyList_New(*$2);
int i;
for (i = 0; i < *$2; i++) {
@@ -279,7 +250,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
}
$result = SWIG_Python_AppendOutput($result, list);
}
-@@ -74,7 +74,9 @@
+@@ -74,7 +74,9 @@ def install(src, dest):
len++;
plist = PyList_New(len);
for (i = 0; i < len; i++) {
@@ -290,7 +261,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
}
} else {
plist = PyList_New(0);
-@@ -91,7 +93,9 @@
+@@ -91,7 +93,9 @@ def install(src, dest):
if (*$1) {
plist = PyList_New(result);
for (i = 0; i < result; i++) {
@@ -301,7 +272,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
}
} else {
plist = PyList_New(0);
-@@ -144,16 +148,20 @@
+@@ -144,16 +148,20 @@ def install(src, dest):
$1 = (char**) malloc(size + 1);
for(i = 0; i < size; i++) {
diff --git a/libselinux.spec b/libselinux.spec
index c075622..0ba80d0 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -6,7 +6,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
-Version: 2.0.97
+Version: 2.0.98
Release: 1%{?dist}
License: Public Domain
Group: System Environment/Libraries
@@ -96,7 +96,7 @@ needed for developing SELinux applications.
%prep
%setup -q
-%patch1 -p1 -b .rhat
+%patch1 -p2 -b .rhat
%build
# To support building the Python wrapper against multiple Python runtimes
@@ -236,6 +236,10 @@ exit 0
%{ruby_sitearch}/selinux.so
%changelog
+* Tue Dec 21 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.98-1
+- Update to upstream
+ - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
+
* Mon Dec 6 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.97-1
- Update to upstream
* Thread local storage fixes from Eamon Walsh.
diff --git a/sources b/sources
index 3b7fed6..c613b3a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1f2f5ff4fafddcd557caaac7b551fa27 libselinux-2.0.97.tgz
+ae5872335424582717bd9d3bd646ef17 libselinux-2.0.98.tgz
More information about the scm-commits
mailing list