[gnome-keyring/f15/master] Update the pam module selinux patch

Tomas Bzatek tbzatek at fedoraproject.org
Tue Mar 15 16:40:27 UTC 2011 

commit 90d4af20f515c6a212758312cbe2ed67a275e32d
Author: Tomas Bzatek <tbzatek at redhat.com>
Date:   Tue Mar 15 17:40:23 2011 +0100

    Update the pam module selinux patch

 gnome-keyring-2.91.93-pam-selinux.patch |   48 ++++++++++++++++++-------------
 gnome-keyring.spec                      |    7 +++-
 2 files changed, 33 insertions(+), 22 deletions(-)
---
diff --git a/gnome-keyring-2.91.93-pam-selinux.patch b/gnome-keyring-2.91.93-pam-selinux.patch
index ef1676c..ae05fa5 100644
--- a/gnome-keyring-2.91.93-pam-selinux.patch
+++ b/gnome-keyring-2.91.93-pam-selinux.patch
@@ -1,37 +1,33 @@
 diff --git a/configure.in b/configure.in
-index a5a434d..8294028 100644
+index a5a434d..1d3801e 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -572,6 +572,28 @@ AC_SUBST(GCOV)
+@@ -572,6 +572,24 @@ AC_SUBST(GCOV)
  AC_SUBST(GENHTML)
  
  # ----------------------------------------------------------------------
 +# selinux
++
++LIBSELINUX=""
++selinux_status="no"
 +AC_ARG_ENABLE([selinux],
-+        AC_HELP_STRING([--disable-selinux],[do not use SELinux]),
-+        WITH_SELINUX=$enableval, WITH_SELINUX=yes)
-+if test "$WITH_SELINUX" == "yes" ; then
-+  AC_CHECK_LIB([selinux],[getfilecon], LIBSELINUX="-lselinux", LIBSELINUX="")
-+  selinux_status="yes"
-+else
-+  LIBSELINUX=""
-+  selinux_status="no"
++        AC_HELP_STRING([--disable-selinux],[do not use SELinux]))
++if test "x$enable_selinux" != "xno"; then
++    AC_CHECK_LIB([selinux],[getfilecon],
++        [AC_CHECK_LIB([selinux],[setexeccon],
++            [AC_DEFINE([WITH_SELINUX], 1, [Defined if SE Linux support is compiled in])
++             LIBSELINUX="-lselinux"
++             selinux_status="yes"])
++        ])
 +fi
 +AC_SUBST(LIBSELINUX)
 +AM_CONDITIONAL([HAVE_LIBSELINUX], [test ! -z "$LIBSELINUX"])
-+if test ! -z "$LIBSELINUX" ; then
-+    AC_DEFINE([WITH_SELINUX], 1, [Defined if SE Linux support is compiled in])
-+    BACKUP_LIBS=$LIBS
-+    LIBS="$LIBS $LIBSELINUX"
-+    AC_CHECK_FUNCS(setexeccon)
-+    LIBS=$BACKUP_LIBS
-+fi
 +
 +# ----------------------------------------------------------------------
  # Valgrind
  
  AC_ARG_ENABLE(valgrind,
-@@ -742,6 +764,7 @@ echo
+@@ -742,6 +760,7 @@ echo
  echo "OPTIONAL DEPENDENCIES"
  echo "  PAM:                  $pam_status"
  echo "  Linux capabilities:   $libcapng_status"
@@ -39,8 +35,20 @@ index a5a434d..8294028 100644
  echo
  echo "CONFIGURATION"
  echo "  SSH Agent:            $ssh_status"
+diff --git a/pam/Makefile.am b/pam/Makefile.am
+index 81bda13..2e6362d 100644
+--- a/pam/Makefile.am
++++ b/pam/Makefile.am
+@@ -16,6 +16,7 @@ pam_gnome_keyring_la_LIBADD = \
+ 	$(top_builddir)/egg/libegg-buffer.la \
+ 	$(top_builddir)/egg/libegg-creds.la \
+ 	$(top_builddir)/egg/libegg-secure.la \
++	$(LIBSELINUX) \
+ 	-lpam
+ 	
+ pam_gnome_keyring_la_LDFLAGS = \
 diff --git a/pam/gkr-pam-module.c b/pam/gkr-pam-module.c
-index e63c917..2e2e765 100644
+index e63c917..8ad814c 100644
 --- a/pam/gkr-pam-module.c
 +++ b/pam/gkr-pam-module.c
 @@ -317,6 +317,36 @@ cleanup_free_password (pam_handle_t *ph, void *data, int pam_end_status)
@@ -63,7 +71,7 @@ index e63c917..2e2e765 100644
 +
 +	ret = getfilecon(command, &fcon);
 +	if (ret < 0) goto err;
-+	
++
 +	ret = security_compute_create(execcon, fcon, SECCLASS_PROCESS, &newcon);
 +	if (ret < 0) goto err;
 +
diff --git a/gnome-keyring.spec b/gnome-keyring.spec
index 5aed3f3..db805e5 100644
--- a/gnome-keyring.spec
+++ b/gnome-keyring.spec
@@ -8,7 +8,7 @@
 Summary: Framework for managing passwords and other secrets
 Name: gnome-keyring
 Version: 2.91.92
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: System Environment/Libraries
 #VCS: git:git://git.gnome.org/gnome-keyring
@@ -36,6 +36,7 @@ BuildRequires: libtasn1-tools
 BuildRequires: libgnome-keyring-devel >= %{libgnome-keyring_version}
 BuildRequires: gtk-doc
 BuildRequires: libcap-ng-devel
+BuildRequires: libselinux-devel
 # for smooth transition since the core was split
 Requires: libgnome-keyring >= %{libgnome-keyring_version}
 
@@ -80,7 +81,6 @@ autoreconf -i -f
 
 %configure --disable-gtk-doc \
            --with-pam-dir=/%{_lib}/security \
-           --disable-acl-prompts \
            --enable-pam \
            --with-gtk=3.0
 
@@ -148,6 +148,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas
 
 
 %changelog
+* Tue Mar 15 2011 Tomas Bzatek <tbzatek at redhat.com> - 2.91.92-3
+- Update the pam module selinux patch
+
 * Tue Mar 15 2011 Tomas Bzatek <tbzatek at redhat.com> - 2.91.92-2
 - Set correct SELinux context of daemon started from the pam module (#684225)

More information about the scm-commits mailing list