[libselinux: 2/2] Update to upstream
Daniel J Walsh
dwalsh at fedoraproject.org
Sat May 17 11:02:26 UTC 2014
commit 13a8a0f727d85014a026e0777f4bfb73aab00edc
Merge: ed9898e 05fcafd
Author: Dan Walsh <dwalsh at redhat.com>
Date: Sat May 17 07:02:12 2014 -0400
Update to upstream
* Get rid of security_context_t and fix const declarations.
* Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.
libselinux-rhat.patch | 208 +++++++++++++++++++++++++++---------------------
libselinux.spec | 6 ++
2 files changed, 123 insertions(+), 91 deletions(-)
---
diff --cc libselinux-rhat.patch
index 87baefe,4b9b85c..3c2e965
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@@ -1,6 -1,18 +1,18 @@@
- diff -up libselinux-2.3/golang/Makefile.rhat libselinux-2.3/golang/Makefile
- --- libselinux-2.3/golang/Makefile.rhat 2014-05-06 14:23:28.320639312 -0400
- +++ libselinux-2.3/golang/Makefile 2014-05-06 14:23:28.320639312 -0400
+ diff --git a/libselinux/Makefile b/libselinux/Makefile
-index fd4f0b1..51469bc 100644
++index 6142b60..bdf9de8 100644
+ --- a/libselinux/Makefile
+ +++ b/libselinux/Makefile
+ @@ -1,4 +1,4 @@
+ -SUBDIRS = src include utils man
+ +SUBDIRS = src include utils man golang
+
+ DISABLE_AVC ?= n
+ DISABLE_SETRANS ?= n
+ diff --git a/libselinux/golang/Makefile b/libselinux/golang/Makefile
+ new file mode 100644
+ index 0000000..b75677b
+ --- /dev/null
+ +++ b/libselinux/golang/Makefile
@@ -0,0 +1,22 @@
+# Installation directories.
+PREFIX ?= $(DESTDIR)/usr
@@@ -453,18 -469,10 +469,10 @@@ index 0000000..fed6de
+func main() {
+ selinux.Test()
+}
- diff -up libselinux-2.3/Makefile.rhat libselinux-2.3/Makefile
- --- libselinux-2.3/Makefile.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/Makefile 2014-05-06 14:23:28.319639311 -0400
- @@ -1,4 +1,4 @@
- -SUBDIRS = src include utils man
- +SUBDIRS = src include utils man golang
-
- DISABLE_AVC ?= n
- DISABLE_SETRANS ?= n
- diff -up libselinux-2.3/man/man3/getfscreatecon.3.rhat libselinux-2.3/man/man3/getfscreatecon.3
- --- libselinux-2.3/man/man3/getfscreatecon.3.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/man/man3/getfscreatecon.3 2014-05-06 14:23:28.321639313 -0400
+ diff --git a/libselinux/man/man3/getfscreatecon.3 b/libselinux/man/man3/getfscreatecon.3
-index c7675be..677ece4 100644
++index e348d3b..8cc4df5 100644
+ --- a/libselinux/man/man3/getfscreatecon.3
+ +++ b/libselinux/man/man3/getfscreatecon.3
@@ -49,6 +49,11 @@ Signal handlers that perform a
must take care to
save, reset, and restore the fscreate context to avoid unexpected behavior.
@@@ -477,9 -485,10 +485,10 @@@
.SH "RETURN VALUE"
On error \-1 is returned.
On success 0 is returned.
- diff -up libselinux-2.3/man/man3/getkeycreatecon.3.rhat libselinux-2.3/man/man3/getkeycreatecon.3
- --- libselinux-2.3/man/man3/getkeycreatecon.3.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/man/man3/getkeycreatecon.3 2014-05-06 14:23:28.322639314 -0400
+ diff --git a/libselinux/man/man3/getkeycreatecon.3 b/libselinux/man/man3/getkeycreatecon.3
-index d6a118c..b503535 100644
++index 4d70f10..b51008d 100644
+ --- a/libselinux/man/man3/getkeycreatecon.3
+ +++ b/libselinux/man/man3/getkeycreatecon.3
@@ -48,6 +48,10 @@ Signal handlers that perform a
.BR setkeycreatecon ()
must take care to
@@@ -491,9 -500,10 +500,10 @@@
.
.SH "RETURN VALUE"
On error \-1 is returned.
- diff -up libselinux-2.3/man/man3/getsockcreatecon.3.rhat libselinux-2.3/man/man3/getsockcreatecon.3
- --- libselinux-2.3/man/man3/getsockcreatecon.3.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/man/man3/getsockcreatecon.3 2014-05-06 14:23:28.322639314 -0400
+ diff --git a/libselinux/man/man3/getsockcreatecon.3 b/libselinux/man/man3/getsockcreatecon.3
-index 99e9436..673738c 100644
++index 4dd8f30..26086d9 100644
+ --- a/libselinux/man/man3/getsockcreatecon.3
+ +++ b/libselinux/man/man3/getsockcreatecon.3
@@ -49,6 +49,11 @@ Signal handlers that perform a
must take care to
save, reset, and restore the sockcreate context to avoid unexpected behavior.
@@@ -518,9 -529,23 +529,23 @@@ index e89b1ef..9e3bdc4 10064
commands are also available for relabeling files.
.
.SH AUTHOR
- diff -up libselinux-2.3/src/avc_sidtab.c.rhat libselinux-2.3/src/avc_sidtab.c
- --- libselinux-2.3/src/avc_sidtab.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/avc_sidtab.c 2014-05-06 14:23:28.323639315 -0400
+ diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
-index 02dd829..6dfdb46 100644
++index 4d07ba6..62c8dad 100644
+ --- a/libselinux/src/Makefile
+ +++ b/libselinux/src/Makefile
-@@ -114,7 +114,7 @@ $(LIBA): $(OBJS)
++@@ -111,7 +111,7 @@ $(LIBA): $(OBJS)
+ $(RANLIB) $@
+
+ $(LIBSO): $(LOBJS)
+ - $(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ + $(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -llzma -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ ln -sf $@ $(TARGET)
+
+ $(LIBPC): $(LIBPC).in ../VERSION
+ diff --git a/libselinux/src/avc_sidtab.c b/libselinux/src/avc_sidtab.c
-index 0b696bb..506e236 100644
++index 52f21df..66ad9e1 100644
+ --- a/libselinux/src/avc_sidtab.c
+ +++ b/libselinux/src/avc_sidtab.c
@@ -81,6 +81,11 @@ sidtab_context_to_sid(struct sidtab *s,
int hvalue, rc = 0;
struct sidtab_node *cur;
@@@ -533,10 -558,11 +558,11 @@@
*sid = NULL;
hvalue = sidtab_hash(ctx);
- diff -up libselinux-2.3/src/canonicalize_context.c.rhat libselinux-2.3/src/canonicalize_context.c
- --- libselinux-2.3/src/canonicalize_context.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/canonicalize_context.c 2014-05-06 14:23:28.323639315 -0400
- @@ -17,6 +17,11 @@ int security_canonicalize_context_raw(co
+ diff --git a/libselinux/src/canonicalize_context.c b/libselinux/src/canonicalize_context.c
-index 176c45a..6075025 100644
++index 7cf3139..364a746 100644
+ --- a/libselinux/src/canonicalize_context.c
+ +++ b/libselinux/src/canonicalize_context.c
-@@ -17,6 +17,11 @@ int security_canonicalize_context_raw(const security_context_t con,
++@@ -17,6 +17,11 @@ int security_canonicalize_context_raw(const char * con,
size_t size;
int fd, ret;
@@@ -548,10 -574,11 +574,11 @@@
if (!selinux_mnt) {
errno = ENOENT;
return -1;
- diff -up libselinux-2.3/src/check_context.c.rhat libselinux-2.3/src/check_context.c
- --- libselinux-2.3/src/check_context.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/check_context.c 2014-05-06 14:23:28.324639316 -0400
- @@ -14,6 +14,11 @@ int security_check_context_raw(const cha
+ diff --git a/libselinux/src/check_context.c b/libselinux/src/check_context.c
-index 33ab5e3..1277bdd 100644
++index 52063fa..234749c 100644
+ --- a/libselinux/src/check_context.c
+ +++ b/libselinux/src/check_context.c
-@@ -14,6 +14,11 @@ int security_check_context_raw(const security_context_t con)
++@@ -14,6 +14,11 @@ int security_check_context_raw(const char * con)
char path[PATH_MAX];
int fd, ret;
@@@ -563,10 -590,11 +590,11 @@@
if (!selinux_mnt) {
errno = ENOENT;
return -1;
- diff -up libselinux-2.3/src/compute_av.c.rhat libselinux-2.3/src/compute_av.c
- --- libselinux-2.3/src/compute_av.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/compute_av.c 2014-05-06 14:23:28.324639316 -0400
- @@ -26,6 +26,11 @@ int security_compute_av_flags_raw(const
+ diff --git a/libselinux/src/compute_av.c b/libselinux/src/compute_av.c
-index 5962c0b..61ea454 100644
++index 937e5c3..35ace7f 100644
+ --- a/libselinux/src/compute_av.c
+ +++ b/libselinux/src/compute_av.c
-@@ -26,6 +26,11 @@ int security_compute_av_flags_raw(const security_context_t scon,
++@@ -26,6 +26,11 @@ int security_compute_av_flags_raw(const char * scon,
return -1;
}
@@@ -578,10 -606,11 +606,11 @@@
snprintf(path, sizeof path, "%s/access", selinux_mnt);
fd = open(path, O_RDWR);
if (fd < 0)
- diff -up libselinux-2.3/src/compute_create.c.rhat libselinux-2.3/src/compute_create.c
- --- libselinux-2.3/src/compute_create.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/compute_create.c 2014-05-06 14:23:28.324639316 -0400
- @@ -64,6 +64,11 @@ int security_compute_create_name_raw(con
+ diff --git a/libselinux/src/compute_create.c b/libselinux/src/compute_create.c
-index 3c05be3..34a1ccd 100644
++index 9559d42..14a65d1 100644
+ --- a/libselinux/src/compute_create.c
+ +++ b/libselinux/src/compute_create.c
-@@ -64,6 +64,11 @@ int security_compute_create_name_raw(const security_context_t scon,
++@@ -64,6 +64,11 @@ int security_compute_create_name_raw(const char * scon,
return -1;
}
@@@ -593,10 -622,11 +622,11 @@@
snprintf(path, sizeof path, "%s/create", selinux_mnt);
fd = open(path, O_RDWR);
if (fd < 0)
- diff -up libselinux-2.3/src/compute_member.c.rhat libselinux-2.3/src/compute_member.c
- --- libselinux-2.3/src/compute_member.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/compute_member.c 2014-05-06 14:23:28.325639317 -0400
- @@ -25,6 +25,11 @@ int security_compute_member_raw(const ch
+ diff --git a/libselinux/src/compute_member.c b/libselinux/src/compute_member.c
-index dad0a77..7850986 100644
++index 1fc7e41..065d996 100644
+ --- a/libselinux/src/compute_member.c
+ +++ b/libselinux/src/compute_member.c
-@@ -25,6 +25,11 @@ int security_compute_member_raw(const security_context_t scon,
++@@ -25,6 +25,11 @@ int security_compute_member_raw(const char * scon,
return -1;
}
@@@ -608,10 -638,11 +638,11 @@@
snprintf(path, sizeof path, "%s/member", selinux_mnt);
fd = open(path, O_RDWR);
if (fd < 0)
- diff -up libselinux-2.3/src/compute_relabel.c.rhat libselinux-2.3/src/compute_relabel.c
- --- libselinux-2.3/src/compute_relabel.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/compute_relabel.c 2014-05-06 14:23:28.325639317 -0400
- @@ -25,6 +25,11 @@ int security_compute_relabel_raw(const c
+ diff --git a/libselinux/src/compute_relabel.c b/libselinux/src/compute_relabel.c
-index 656f00a..2560e78 100644
++index 4615aee..cc77f36 100644
+ --- a/libselinux/src/compute_relabel.c
+ +++ b/libselinux/src/compute_relabel.c
-@@ -25,6 +25,11 @@ int security_compute_relabel_raw(const security_context_t scon,
++@@ -25,6 +25,11 @@ int security_compute_relabel_raw(const char * scon,
return -1;
}
@@@ -623,10 -654,11 +654,11 @@@
snprintf(path, sizeof path, "%s/relabel", selinux_mnt);
fd = open(path, O_RDWR);
if (fd < 0)
- diff -up libselinux-2.3/src/compute_user.c.rhat libselinux-2.3/src/compute_user.c
- --- libselinux-2.3/src/compute_user.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/compute_user.c 2014-05-06 14:23:28.325639317 -0400
- @@ -24,6 +24,11 @@ int security_compute_user_raw(const char
+ diff --git a/libselinux/src/compute_user.c b/libselinux/src/compute_user.c
-index 3b39ddd..af20735 100644
++index b37c5d3..7703c26 100644
+ --- a/libselinux/src/compute_user.c
+ +++ b/libselinux/src/compute_user.c
-@@ -24,6 +24,11 @@ int security_compute_user_raw(const security_context_t scon,
++@@ -24,6 +24,11 @@ int security_compute_user_raw(const char * scon,
return -1;
}
@@@ -638,12 -670,13 +670,13 @@@
snprintf(path, sizeof path, "%s/user", selinux_mnt);
fd = open(path, O_RDWR);
if (fd < 0)
- diff -up libselinux-2.3/src/fsetfilecon.c.rhat libselinux-2.3/src/fsetfilecon.c
- --- libselinux-2.3/src/fsetfilecon.c.rhat 2014-05-06 14:23:28.326639318 -0400
- +++ libselinux-2.3/src/fsetfilecon.c 2014-05-06 14:26:40.740860532 -0400
+ diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c
-index 9963f7a..37f9d74 100644
++index 52707d0..0cbe12d 100644
+ --- a/libselinux/src/fsetfilecon.c
+ +++ b/libselinux/src/fsetfilecon.c
@@ -9,8 +9,12 @@
- int fsetfilecon_raw(int fd, const security_context_t context)
+ int fsetfilecon_raw(int fd, const char * context)
{
- int rc = fsetxattr(fd, XATTR_NAME_SELINUX, context, strlen(context) + 1,
- 0);
@@@ -654,11 -687,12 +687,12 @@@
+ }
+ rc = fsetxattr(fd, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0);
if (rc < 0 && errno == ENOTSUP) {
- security_context_t ccontext = NULL;
+ char * ccontext = NULL;
int err = errno;
- diff -up libselinux-2.3/src/load_policy.c.rhat libselinux-2.3/src/load_policy.c
- --- libselinux-2.3/src/load_policy.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/load_policy.c 2014-05-06 14:23:28.327639319 -0400
+ diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
+ index e419f1a..275672d 100644
+ --- a/libselinux/src/load_policy.c
+ +++ b/libselinux/src/load_policy.c
@@ -16,6 +16,82 @@
#include <dlfcn.h>
#include "policy.h"
@@@ -834,12 -868,13 +868,13 @@@
close:
close(fd);
dlclose:
- diff -up libselinux-2.3/src/lsetfilecon.c.rhat libselinux-2.3/src/lsetfilecon.c
- --- libselinux-2.3/src/lsetfilecon.c.rhat 2014-05-06 14:23:28.327639319 -0400
- +++ libselinux-2.3/src/lsetfilecon.c 2014-05-06 14:26:36.094854847 -0400
- @@ -9,8 +9,12 @@
+ diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
-index fd9bb26..af2d88c 100644
++index 1d3b28a..ea6d70b 100644
+ --- a/libselinux/src/lsetfilecon.c
+ +++ b/libselinux/src/lsetfilecon.c
+ @@ -9,8 +9,13 @@
- int lsetfilecon_raw(const char *path, const security_context_t context)
+ int lsetfilecon_raw(const char *path, const char * context)
{
- int rc = lsetxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1,
- 0);
@@@ -848,25 -883,15 +883,15 @@@
+ errno=EINVAL;
+ return -1;
+ }
+ +
+ rc = lsetxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0);
if (rc < 0 && errno == ENOTSUP) {
- security_context_t ccontext = NULL;
+ char * ccontext = NULL;
int err = errno;
- diff -up libselinux-2.3/src/Makefile.rhat libselinux-2.3/src/Makefile
- --- libselinux-2.3/src/Makefile.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/Makefile 2014-05-06 14:23:28.323639315 -0400
- @@ -111,7 +111,7 @@ $(LIBA): $(OBJS)
- $(RANLIB) $@
-
- $(LIBSO): $(LOBJS)
- - $(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
- + $(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -llzma -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
- ln -sf $@ $(TARGET)
-
- $(LIBPC): $(LIBPC).in ../VERSION
- diff -up libselinux-2.3/src/matchpathcon.c.rhat libselinux-2.3/src/matchpathcon.c
- --- libselinux-2.3/src/matchpathcon.c.rhat 2014-05-06 14:21:26.000000000 -0400
- +++ libselinux-2.3/src/matchpathcon.c 2014-05-06 14:23:28.328639320 -0400
+ diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
-index 2d7369e..2a00807 100644
++index 3b96b1d..d5c90f6 100644
+ --- a/libselinux/src/matchpathcon.c
+ +++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
@@@ -884,12 -909,13 +909,13 @@@
va_end(ap);
}
- diff -up libselinux-2.3/src/setfilecon.c.rhat libselinux-2.3/src/setfilecon.c
- --- libselinux-2.3/src/setfilecon.c.rhat 2014-05-06 14:23:28.328639320 -0400
- +++ libselinux-2.3/src/setfilecon.c 2014-05-06 14:26:47.670869020 -0400
+ diff --git a/libselinux/src/setfilecon.c b/libselinux/src/setfilecon.c
-index 50cb228..e617039 100644
++index d05969c..3f0200e 100644
+ --- a/libselinux/src/setfilecon.c
+ +++ b/libselinux/src/setfilecon.c
@@ -9,8 +9,12 @@
- int setfilecon_raw(const char *path, const security_context_t context)
+ int setfilecon_raw(const char *path, const char * context)
{
- int rc = setxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1,
- 0);
diff --cc libselinux.spec
index a8d6eab,37db6f1..d5a5144
--- a/libselinux.spec
+++ b/libselinux.spec
@@@ -243,11 -245,12 +243,17 @@@ rm -rf %{buildroot
%{ruby_sitearch}/selinux.so
%changelog
+* Tue May 6 2014 Dan Walsh <dwalsh at redhat.com> - 2.3-1
+- Update to upstream
+ * Get rid of security_context_t and fix const declarations.
+ * Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.
+
+ * Tue May 6 2014 Miroslav Grepl <mgrepl at redhat.com> - 2.2.2-8
+ - Add selinux_openssh_contexts_path()
+
+ * Thu Apr 24 2014 Vít Ondruch <vondruch at redhat.com> - 2.2.2-7
+ - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_2.1
+
* Mon Feb 24 2014 Dan Walsh <dwalsh at redhat.com> - 2.2.2-6
- Fix spelling mistake in man page
More information about the scm-commits
mailing list