[libselinux] Rebuild with latest libsepol
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Nov 19 20:17:46 UTC 2012
commit e7604b157b01c57bc52cacab1a041383be098f25
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Nov 19 15:17:16 2012 -0500
Rebuild with latest libsepol
libselinux-rhat.patch | 120 ++++++++++++++++++++++++++++++++++++++++++++----
libselinux.spec | 7 ++-
2 files changed, 115 insertions(+), 12 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index bd52906..a6dc9dd 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -126,7 +126,7 @@ index 9f16f77..4835f2f 100644
.SH FILES
/etc/selinux/config
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
-index 02483a3..647ea4c 100644
+index 02483a3..d2de4d5 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -164,6 +164,9 @@ static PyObject *finish(PyObject *self __attribute__((unused)), PyObject *args)
@@ -191,32 +191,132 @@ index 02483a3..647ea4c 100644
if (!PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path))
return NULL;
result = __policy_init(init_path);
-@@ -306,6 +298,7 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
- return result;
+@@ -302,10 +294,12 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
+ }
+
+ #define RETURN(X) \
+- PyTuple_SetItem(result, 0, Py_BuildValue("i", X)); \
+- return result;
++ { \
++ return Py_BuildValue("iO", (X), Py_None); \
++ }
static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) {
+ char *reason_buf = NULL;
security_context_t scon;
security_context_t tcon;
char *tclassstr;
-@@ -376,7 +369,7 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+@@ -320,10 +314,6 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ struct sepol_av_decision avd;
+ int rc;
+ int i=0;
+- PyObject *result = PyTuple_New(2);
+- if (!result) return NULL;
+- Py_INCREF(Py_None);
+- PyTuple_SetItem(result, 1, Py_None);
+
+ if (!PyArg_ParseTuple(args,(char *)"sssO!:audit2why",&scon,&tcon,&tclassstr,&PyList_Type, &listObj))
+ return NULL;
+@@ -334,22 +324,21 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ /* should raise an error here. */
+ if (numlines < 0) return NULL; /* Not a list */
+
+- if (!avc) {
++ if (!avc)
+ RETURN(NOPOLICY)
+- }
+
+ rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid);
+- if (rc < 0) {
++ if (rc < 0)
+ RETURN(BADSCON)
+- }
++
+ rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
+- if (rc < 0) {
++ if (rc < 0)
+ RETURN(BADTCON)
+- }
++
+ tclass = string_to_security_class(tclassstr);
+- if (!tclass) {
++ if (!tclass)
+ RETURN(BADTCLASS)
+- }
++
+ /* Convert the permission list to an AV. */
+ av = 0;
+
+@@ -369,21 +358,20 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ #endif
+
+ perm = string_to_av_perm(tclass, permstr);
+- if (!perm) {
++ if (!perm)
+ RETURN(BADPERM)
+- }
++
+ av |= perm;
}
/* Reproduce the computation. */
- rc = sepol_compute_av_reason(ssid, tsid, tclass, av, &avd, &reason);
+- if (rc < 0) {
+ rc = sepol_compute_av_reason_buffer(ssid, tsid, tclass, av, &avd, &reason, &reason_buf);
- if (rc < 0) {
++ if (rc < 0)
RETURN(BADCOMPUTE)
- }
-@@ -417,6 +410,8 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+- }
+
+- if (!reason) {
++ if (!reason)
+ RETURN(ALLOW)
+- }
++
+ if (reason & SEPOL_COMPUTEAV_TE) {
+ avc->ssid = ssid;
+ avc->tsid = tsid;
+@@ -396,28 +384,34 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ RETURN(TERULE)
+ }
+ } else {
+- PyTuple_SetItem(result, 0, Py_BuildValue("i", BOOLEAN));
++ PyObject *outboollist;
+ struct boolean_t *b = bools;
+ int len=0;
+ while (b->name) {
+ len++; b++;
+ }
+ b = bools;
+- PyObject *outboollist = PyTuple_New(len);
++ outboollist = PyList_New(len);
+ len=0;
+ while(b->name) {
+- PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
+- PyTuple_SetItem(outboollist, len++, bool);
++ PyObject *bool_ = Py_BuildValue("(si)", b->name, b->active);
++ PyList_SetItem(outboollist, len++, bool_);
+ b++;
+ }
+ free(bools);
+- PyTuple_SetItem(result, 1, outboollist);
+- return result;
++ /* 'N' steals the reference to outboollist */
++ return Py_BuildValue("iN", BOOLEAN, outboollist);
+ }
}
if (reason & SEPOL_COMPUTEAV_CONS) {
-+ printf("%s\n", reason_buf);
-+ free(reason_buf);
- RETURN(CONSTRAINT);
+- RETURN(CONSTRAINT);
++ if (reason_buf) {
++ PyObject *result = NULL;
++ result = Py_BuildValue("is", CONSTRAINT, reason_buf);
++ free(reason_buf);
++ return result;
++ }
++ RETURN(CONSTRAINT)
}
+ if (reason & SEPOL_COMPUTEAV_RBAC) {
diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
index 802a07f..6ff83a7 100644
--- a/libselinux/src/avc.c
diff --git a/libselinux.spec b/libselinux.spec
index f76c2cd..72ed057 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -4,13 +4,13 @@
%define ruby_inc %(pkg-config --cflags ruby-1.9)
%define ruby_sitearch %(ruby -rrbconfig -e "puts RbConfig::CONFIG['vendorarchdir']")
-%define libsepolver 2.1.7-4
+%define libsepolver 2.1.8-3
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.1.12
-Release: 8%{?dist}
+Release: 9%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: %{name}-%{version}.tgz
@@ -241,6 +241,9 @@ rm -rf %{buildroot}
%{ruby_sitearch}/selinux.so
%changelog
+* Mon Nov 19 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-9
+- Rebuild with latest libsepol
+
* Fri Nov 16 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-8
- Return EPERM if login program can not reach default label for user
- Attempt to return container info from audit2why
More information about the scm-commits
mailing list