[libselinux] Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Jan 24 16:10:34 UTC 2014
commit ee8c867b33ec69e40c4a58e08ec4e8aa764d3c66
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Jan 24 11:10:54 2014 -0500
Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go
- Add Int_to_mcs function to generate MCS labels from integers.
libselinux-rhat.patch | 166 ++++++++++++++++++++++++++++++++++++++++++++++---
libselinux.spec | 10 ++-
2 files changed, 164 insertions(+), 12 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 2f74652..933a820 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -10,14 +10,14 @@ index fd4f0b1..51469bc 100644
DISABLE_SETRANS ?= n
diff --git a/libselinux/golang/Makefile b/libselinux/golang/Makefile
new file mode 100644
-index 0000000..e0be66f
+index 0000000..ad3e481
--- /dev/null
+++ b/libselinux/golang/Makefile
@@ -0,0 +1,17 @@
+# Installation directories.
+PREFIX ?= $(DESTDIR)/usr
-+GODIR ?= $(PREFIX)/share/gocode/src/selinux
-+
++LIBDIR ?= $(DESTDIR)/usr/lib
++GODIR ?= $(LIBDIR)/golang/src/pkg/github.com/selinux
+all:
+
+install:
@@ -33,10 +33,10 @@ index 0000000..e0be66f
+relabel:
diff --git a/libselinux/golang/selinux.go b/libselinux/golang/selinux.go
new file mode 100644
-index 0000000..018c955
+index 0000000..9e7fdb3
--- /dev/null
+++ b/libselinux/golang/selinux.go
-@@ -0,0 +1,282 @@
+@@ -0,0 +1,302 @@
+package selinux
+
+/*
@@ -183,6 +183,24 @@ index 0000000..018c955
+ return mcs_list[mcs]
+}
+
++func Int_to_mcs(id int, catRange uint32) string {
++ if ((id < 1) || (id >523776)) {
++ return "";
++ }
++
++ SETSIZE := int(catRange);
++ TIER := SETSIZE;
++
++ ORD := id;
++ for ;ORD > TIER; {
++ ORD = ORD - TIER;
++ TIER -= 1;
++ }
++ TIER = SETSIZE - TIER;
++ ORD = ORD + TIER;
++ return fmt.Sprintf("s0:c%d,c%d", TIER, ORD);
++}
++
+func uniq_mcs(catRange uint32) string {
+ var n uint32
+ var c1,c2 uint32
@@ -264,7 +282,7 @@ index 0000000..018c955
+ }
+exit:
+ var scon Context
-+ mcs := uniq_mcs(1024)
++ mcs := Int_to_mcs(os.Getpid(), 1024)
+ scon = New_context(process_label)
+ scon.Set_level(mcs)
+ process_label = scon.Get()
@@ -314,10 +332,12 @@ index 0000000..018c955
+ } else {
+ fmt.Println("Disabled")
+ }
-+ fmt.Println(Selinux_getenforce())
-+ fmt.Println(Selinux_getenforcemode())
++ fmt.Println("getenforce ", Selinux_getenforce())
++ fmt.Println("getenforcemode ", Selinux_getenforcemode())
+ flabel,_ = Matchpathcon("/home/dwalsh/.emacs", 0)
+ fmt.Println(flabel)
++ pid := os.Getpid()
++ fmt.Printf("PID:%d MCS:%s\n", pid, Int_to_mcs(pid, 1023))
+}
diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
index 02dd829..6dfdb46 100644
@@ -332,6 +352,134 @@ index 02dd829..6dfdb46 100644
ln -sf $@ $(TARGET)
$(LIBPC): $(LIBPC).in ../VERSION
+diff --git a/libselinux/src/avc_sidtab.c b/libselinux/src/avc_sidtab.c
+index 0b696bb..506e236 100644
+--- a/libselinux/src/avc_sidtab.c
++++ b/libselinux/src/avc_sidtab.c
+@@ -81,6 +81,11 @@ sidtab_context_to_sid(struct sidtab *s,
+ int hvalue, rc = 0;
+ struct sidtab_node *cur;
+
++ if (! ctx) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ *sid = NULL;
+ hvalue = sidtab_hash(ctx);
+
+diff --git a/libselinux/src/canonicalize_context.c b/libselinux/src/canonicalize_context.c
+index 176c45a..6075025 100644
+--- a/libselinux/src/canonicalize_context.c
++++ b/libselinux/src/canonicalize_context.c
+@@ -17,6 +17,11 @@ int security_canonicalize_context_raw(const security_context_t con,
+ size_t size;
+ int fd, ret;
+
++ if (! con) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+diff --git a/libselinux/src/check_context.c b/libselinux/src/check_context.c
+index 33ab5e3..1277bdd 100644
+--- a/libselinux/src/check_context.c
++++ b/libselinux/src/check_context.c
+@@ -14,6 +14,11 @@ int security_check_context_raw(const security_context_t con)
+ char path[PATH_MAX];
+ int fd, ret;
+
++ if (! con) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+diff --git a/libselinux/src/compute_av.c b/libselinux/src/compute_av.c
+index 5962c0b..61ea454 100644
+--- a/libselinux/src/compute_av.c
++++ b/libselinux/src/compute_av.c
+@@ -26,6 +26,11 @@ int security_compute_av_flags_raw(const security_context_t scon,
+ return -1;
+ }
+
++ if ((! scon) || (! tcon)) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ snprintf(path, sizeof path, "%s/access", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+diff --git a/libselinux/src/compute_create.c b/libselinux/src/compute_create.c
+index 3c05be3..34a1ccd 100644
+--- a/libselinux/src/compute_create.c
++++ b/libselinux/src/compute_create.c
+@@ -64,6 +64,11 @@ int security_compute_create_name_raw(const security_context_t scon,
+ return -1;
+ }
+
++ if ((! scon) || (! tcon)) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ snprintf(path, sizeof path, "%s/create", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+diff --git a/libselinux/src/compute_member.c b/libselinux/src/compute_member.c
+index dad0a77..7850986 100644
+--- a/libselinux/src/compute_member.c
++++ b/libselinux/src/compute_member.c
+@@ -25,6 +25,11 @@ int security_compute_member_raw(const security_context_t scon,
+ return -1;
+ }
+
++ if ((! scon) || (! tcon)) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ snprintf(path, sizeof path, "%s/member", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+diff --git a/libselinux/src/compute_relabel.c b/libselinux/src/compute_relabel.c
+index 656f00a..2560e78 100644
+--- a/libselinux/src/compute_relabel.c
++++ b/libselinux/src/compute_relabel.c
+@@ -25,6 +25,11 @@ int security_compute_relabel_raw(const security_context_t scon,
+ return -1;
+ }
+
++ if ((! scon) || (! tcon)) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ snprintf(path, sizeof path, "%s/relabel", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+diff --git a/libselinux/src/compute_user.c b/libselinux/src/compute_user.c
+index 3b39ddd..af20735 100644
+--- a/libselinux/src/compute_user.c
++++ b/libselinux/src/compute_user.c
+@@ -24,6 +24,11 @@ int security_compute_user_raw(const security_context_t scon,
+ return -1;
+ }
+
++ if (! scon) {
++ errno=EINVAL;
++ return -1;
++ }
++
+ snprintf(path, sizeof path, "%s/user", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c
index 9963f7a..37f9d74 100644
--- a/libselinux/src/fsetfilecon.c
@@ -352,7 +500,7 @@ index 9963f7a..37f9d74 100644
security_context_t ccontext = NULL;
int err = errno;
diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
-index e419f1a..fdeca93 100644
+index e419f1a..275672d 100644
--- a/libselinux/src/load_policy.c
+++ b/libselinux/src/load_policy.c
@@ -16,6 +16,82 @@
diff --git a/libselinux.spec b/libselinux.spec
index d2fe0b0..a161bba 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -10,7 +10,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.2.2
-Release: 2%{?dist}
+Release: 3%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: %{name}-%{version}.tgz
@@ -213,9 +213,9 @@ rm -rf %{buildroot}
%defattr(-,root,root,-)
%{_libdir}/libselinux.so
%{_libdir}/pkgconfig/libselinux.pc
+%dir %{_libdir}/golang/src/pkg/github.com/selinux
+%{_libdir}/golang/src/pkg/github.com/selinux/selinux.go
%dir %{_includedir}/selinux
-%dir %{_datadir}/gocode/src/selinux
-%{_datadir}/gocode/src/selinux/selinux.go
%{_includedir}/selinux/*
%{_mandir}/man3/*
@@ -243,6 +243,10 @@ rm -rf %{buildroot}
%{ruby_sitearch}/selinux.so
%changelog
+* Fri Jan 24 2014 Dan Walsh <dwalsh at redhat.com> - 2.2.2-3
+- Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go
+- Add Int_to_mcs function to generate MCS labels from integers.
+
* Tue Jan 14 2014 Dan Walsh <dwalsh at redhat.com> - 2.2.2-2
- Add ghost flag for /var/run/setrans
More information about the scm-commits
mailing list