[libselinux] Add sefcontext_compile.8 man page
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Jun 28 10:11:08 UTC 2013
commit 876a4a8ad903b4a026ac992e742da09b759cfc0b
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Jun 28 06:10:55 2013 -0400
Add sefcontext_compile.8 man page
- Add Russell Coker patch to fix man pages
- Add patches from Laurent Bigonville to fix Makefiles for debian.
- modify spec file to use %{_prefix}/lib
libselinux-rhat.patch | 137 +++++++++++++++++++++++++++++++++++++++++++++++++
libselinux.spec | 47 +++++++++--------
2 files changed, 163 insertions(+), 21 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index d19cc56..98da2bc 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -42,6 +42,44 @@ index c6837fc..de62d26 100644
.sp
.BI "int selinux_check_access(const security_context_t " scon ", const security_context_t " tcon ", const char *" class ", const char *" perm ", void *" auditdata);
.sp
+diff --git a/libselinux/man/man3/security_disable.3 b/libselinux/man/man3/security_disable.3
+index aeb78da..c75ce0d 100644
+--- a/libselinux/man/man3/security_disable.3
++++ b/libselinux/man/man3/security_disable.3
+@@ -17,7 +17,7 @@ and then unmounts
+ This function can only be called at runtime and prior to the initial policy
+ load. After the initial policy load, the SELinux kernel code cannot be disabled,
+ but only placed in "permissive" mode by using
+-.BR setenforce (1).
++.BR security_setenforce(3).
+ .
+ .SH "RETURN VALUE"
+ .BR security_disable ()
+@@ -27,4 +27,4 @@ returns zero on success or \-1 on error.
+ This manual page has been written by Guido Trentalancia <guido at trentalancia.com>
+ .
+ .SH "SEE ALSO"
+-.BR selinux (8), " setenforce "(3)
++.BR selinux (8), " setenforce "(8)
+diff --git a/libselinux/man/man3/security_load_policy.3 b/libselinux/man/man3/security_load_policy.3
+index c4439bf..af56163 100644
+--- a/libselinux/man/man3/security_load_policy.3
++++ b/libselinux/man/man3/security_load_policy.3
+@@ -43,7 +43,7 @@ unmounted using a call to
+ .BR security_disable (3).
+ Therefore, after the initial policy load, the only operational changes
+ are those permitted by
+-.BR setenforce (3)
++.BR security_setenforce (3)
+ (i.e. eventually setting the framework in permissive mode rather than
+ in enforcing one).
+ .
+@@ -54,4 +54,4 @@ Returns zero on success or \-1 on error.
+ This manual page has been written by Guido Trentalancia <guido at trentalancia.com>
+ .
+ .SH "SEE ALSO"
+-.BR selinux "(8), " security_disable "(3), " setenforce "(1)
++.BR selinux "(8), " security_disable "(3), " setenforce "(8)
diff --git a/libselinux/man/man3/selinux_binary_policy_path.3 b/libselinux/man/man3/selinux_binary_policy_path.3
index ec97dcf..503c52c 100644
--- a/libselinux/man/man3/selinux_binary_policy_path.3
@@ -312,6 +350,16 @@ index b834577..0000000
-.
-.SH "SEE ALSO"
-.BR selinux "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"
+diff --git a/libselinux/man/man8/getenforce.8 b/libselinux/man/man8/getenforce.8
+index 906279f..e0924d8 100644
+--- a/libselinux/man/man8/getenforce.8
++++ b/libselinux/man/man8/getenforce.8
+@@ -1,4 +1,4 @@
+-.TH "getenforce" "1" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
++.TH "getenforce" "8" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
+ .SH "NAME"
+ getenforce \- get the current mode of SELinux
+ .
diff --git a/libselinux/man/man8/matchpathcon.8 b/libselinux/man/man8/matchpathcon.8
index 368991f..5d60789 100644
--- a/libselinux/man/man8/matchpathcon.8
@@ -335,6 +383,31 @@ index 368991f..5d60789 100644
.B \-V
Verify file context on disk matches defaults
.
+diff --git a/libselinux/man/man8/sefcontext_compile.8 b/libselinux/man/man8/sefcontext_compile.8
+new file mode 100644
+index 0000000..c37ed4a
+--- /dev/null
++++ b/libselinux/man/man8/sefcontext_compile.8
+@@ -0,0 +1,19 @@
++.TH "sefcontext_compile" "8" "27 Jun 2013" "dwalsh at redhat.com" "SELinux Command Line documentation"
++.SH "NAME"
++sefcontext_compile \- compile file context regular expression files
++.
++.SH "SYNOPSIS"
++.B sefcontext_compile inputfile
++.
++.SH "DESCRIPTION"
++sefcontext_compile is used libsemanage to compile file context regular expressions into prce format. sefcontext_compile writes the compiled prce file with the .bin suffix appended "inputfile".bin. This compiled file is used by libselinux file labeling functions.
++
++.SH "EXAMPLE"
++sefcontext_compile /etc/selinux/targeted/contexts/files/file_contexts
++.
++.SH AUTHOR
++Dan Walsh, <dwalsh at redhat.com>
++.
++.SH "SEE ALSO"
++.BR selinux (8),
++.BR semanage (8),
diff --git a/libselinux/man/man8/selinux.8 b/libselinux/man/man8/selinux.8
index a328866..50868e4 100644
--- a/libselinux/man/man8/selinux.8
@@ -394,6 +467,70 @@ index a328866..50868e4 100644
.BR sepolicy(8)
Every confined service on the system has a man page in the following format:
+diff --git a/libselinux/man/man8/selinuxenabled.8 b/libselinux/man/man8/selinuxenabled.8
+index e0b5201..ac20587 100644
+--- a/libselinux/man/man8/selinuxenabled.8
++++ b/libselinux/man/man8/selinuxenabled.8
+@@ -1,4 +1,4 @@
+-.TH "selinuxenabled" "1" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
++.TH "selinuxenabled" "8" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
+ .SH "NAME"
+ selinuxenabled \- tool to be used within shell scripts to determine if selinux is enabled
+ .
+diff --git a/libselinux/man/man8/selinuxexeccon.8 b/libselinux/man/man8/selinuxexeccon.8
+index 765cf8c..30c20ed 100644
+--- a/libselinux/man/man8/selinuxexeccon.8
++++ b/libselinux/man/man8/selinuxexeccon.8
+@@ -1,4 +1,4 @@
+-.TH "selinuxexeccon" "1" "14 May 2011" "dwalsh at redhat.com" "SELinux Command Line documentation"
++.TH "selinuxexeccon" "8" "14 May 2011" "dwalsh at redhat.com" "SELinux Command Line documentation"
+ .SH "NAME"
+ selinuxexeccon \- report SELinux context used for this executable
+ .
+diff --git a/libselinux/man/man8/setenforce.8 b/libselinux/man/man8/setenforce.8
+index b038da0..8a24f1c 100644
+--- a/libselinux/man/man8/setenforce.8
++++ b/libselinux/man/man8/setenforce.8
+@@ -1,4 +1,4 @@
+-.TH "setenforce" "1" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
++.TH "setenforce" "8" "7 April 2004" "dwalsh at redhat.com" "SELinux Command Line documentation"
+ .SH "NAME"
+ setenforce \- modify the mode SELinux is running in
+ .
+diff --git a/libselinux/man/man8/togglesebool.8 b/libselinux/man/man8/togglesebool.8
+index 948aff1..598dc94 100644
+--- a/libselinux/man/man8/togglesebool.8
++++ b/libselinux/man/man8/togglesebool.8
+@@ -1,4 +1,4 @@
+-.TH "togglesebool" "1" "26 Oct 2004" "sgrubb at redhat.com" "SELinux Command Line documentation"
++.TH "togglesebool" "8" "26 Oct 2004" "sgrubb at redhat.com" "SELinux Command Line documentation"
+ .SH "NAME"
+ togglesebool \- flip the current value of a SELinux boolean
+ .
+diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
+index c4f5d4c..8f557a1 100644
+--- a/libselinux/src/Makefile
++++ b/libselinux/src/Makefile
+@@ -18,9 +18,7 @@ RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")'
+ RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM')
+ RUBYINC ?= $(shell pkg-config --cflags ruby)
+ RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
+-LIBBASE=$(shell basename $(LIBDIR))
+-
+-LDFLAGS ?= -lpcre -lpthread
++LIBBASE ?= $(shell basename $(LIBDIR))
+
+ VERSION = $(shell cat ../VERSION)
+ LIBVERSION = 1
+@@ -116,7 +114,7 @@ $(LIBA): $(OBJS)
+ $(RANLIB) $@
+
+ $(LIBSO): $(LOBJS)
+- $(CC) $(CFLAGS) -shared -o $@ $^ -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
++ $(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -lpthread -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ ln -sf $@ $(TARGET)
+
+ $(LIBPC): $(LIBPC).in ../VERSION
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index ffe381b..560bc25 100644
--- a/libselinux/src/audit2why.c
diff --git a/libselinux.spec b/libselinux.spec
index aad4bdc..b7fe3c9 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -10,7 +10,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.1.13
-Release: 15%{?dist}
+Release: 16%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: %{name}-%{version}.tgz
@@ -145,13 +145,12 @@ InstallPythonWrapper() {
}
rm -rf %{buildroot}
-mkdir -p %{buildroot}/%{_lib}
+mkdir -p %{buildroot}/%{_prefix}/lib/tmpfiles.d
mkdir -p %{buildroot}/%{_libdir}
mkdir -p %{buildroot}%{_includedir}
mkdir -p %{buildroot}%{_sbindir}
mkdir -p %{buildroot}/var/run/setrans
-mkdir -p %{buildroot}/usr/lib/tmpfiles.d
-echo "d /var/run/setrans 0755 root root" > %{buildroot}/usr/lib/tmpfiles.d/libselinux.conf
+echo "d /var/run/setrans 0755 root root" > %{buildroot}/%{_prefix}/lib/tmpfiles.d/libselinux.conf
InstallPythonWrapper %{__python}
%if 0%{?with_python3}
@@ -193,7 +192,7 @@ rm -rf %{buildroot}
%{_libdir}/libselinux.so.*
/var/run/setrans
%{_sbindir}/sefcontext_compile
-/usr/lib/tmpfiles.d/libselinux.conf
+%{_prefix}/lib/tmpfiles.d/libselinux.conf
%files utils
%defattr(-,root,root,-)
@@ -241,6 +240,12 @@ rm -rf %{buildroot}
%{ruby_sitearch}/selinux.so
%changelog
+* Fri Jun 28 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.13-16
+- Add sefcontext_compile.8 man page
+- Add Russell Coker patch to fix man pages
+- Add patches from Laurent Bigonville to fix Makefiles for debian.
+- modify spec file to use %{_prefix}/lib
+
* Mon May 6 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.13-15
- Fix patch that Handles substitutions for /
@@ -763,7 +768,7 @@ pthread_key_delete, and is ignored.
- add python3 subpackage from David Malcolm
* Wed Mar 24 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.94-1
- * Set errno=EINVAL for invalid contexts from Dan Walsh.
+* Set errno=EINVAL for invalid contexts from Dan Walsh.
* Tue Mar 16 2010 Dan Walsh <dwalsh at redhat.com> - 2.0.93-1
- Update to upstream
@@ -1241,8 +1246,8 @@ pthread_key_delete, and is ignored.
* Fri Jun 1 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.18-1
- Upgrade to upstream
- * Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura.
- This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case.
+- Merged patch to reduce size of libselinux and remove need for libsepol for embedded systems from Yuichi Nakamura.
+ This patch also turns the link-time dependency on libsepol into a runtime (dlopen) dependency even in the non-embedded case.
2.0.17 2007-05-31
* Updated Lindent script and reindented two header files.
@@ -1290,9 +1295,9 @@ pthread_key_delete, and is ignored.
- Add stdint.h to avc.h
* Mon Mar 12 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.7-1
- * Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb.
- * Merged patch to drop support for old /etc/sysconfig/selinux and
- /etc/security policy file layout from Steve Grubb.
+- Merged patch to drop support for CACHETRANS=0 config option from Steve Grubb.
+- Merged patch to drop support for old /etc/sysconfig/selinux and
+- /etc/security policy file layout from Steve Grubb.
* Thu Mar 8 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.5-2
- Do not fail on permission denied in getsebool
@@ -1312,13 +1317,13 @@ pthread_key_delete, and is ignored.
* Sun Feb 18 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.1-1
- Upgrade to upstream
- * Merged patch from Todd Miller to convert int types over to C99 style.
+ * Merged patch from Todd Miller to convert int types over to C99 style.
* Wed Feb 7 2007 Dan Walsh <dwalsh at redhat.com> - 2.0.0-1
- * Merged patch from Todd Miller to remove sscanf in matchpathcon.c because
- of the use of the non-standard format (original patch changed
- for style).
- * Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
+- Merged patch from Todd Miller to remove sscanf in matchpathcon.c because
+ of the use of the non-standard format (original patch changed
+ for style).
+- Merged patch from Todd Miller to fix memory leak in matchpathcon.c.
* Fri Jan 19 2007 Dan Walsh <dwalsh at redhat.com> - 1.34.0-2
- Add context function to python to split context into 4 parts
@@ -1499,8 +1504,8 @@ Resolves: #200110
- Check for selinux_mnt == NULL
* Tue May 30 2006 Dan Walsh <dwalsh at redhat.com> 1.30.11-1
- * Merged matchmediacon and trans_to_raw_context fixes from
- Serge Hallyn.
+- Merged matchmediacon and trans_to_raw_context fixes from
+ Serge Hallyn.
* Fri May 26 2006 Dan Walsh <dwalsh at redhat.com> 1.30.10-4
- Remove getseuser
@@ -1569,7 +1574,7 @@ Resolves: #200110
- Fix booleans man page
* Mon Mar 27 2006 Dan Walsh <dwalsh at redhat.com> 1.30.1-1
- * Merged Makefile PYLIBVER definition patch from Dan Walsh.
+- Merged Makefile PYLIBVER definition patch from Dan Walsh.
* Fri Mar 10 2006 Dan Walsh <dwalsh at redhat.com> 1.30-1
- Make some fixes so it will build on RHEL4
@@ -1847,8 +1852,8 @@ Resolves: #200110
- Allow set_comp on unset ranges
* Wed Aug 24 2005 Dan Walsh <dwalsh at redhat.com> 1.25.3-1
- * Merged context translation patch, originally by TCS,
- with modifications by Dan Walsh (Red Hat).
+- Merged context translation patch, originally by TCS,
+ with modifications by Dan Walsh (Red Hat).
* Wed Aug 17 2005 Dan Walsh <dwalsh at redhat.com> 1.25.2-2
- Apply translation patch
More information about the scm-commits
mailing list