diff --git a/.gitignore b/.gitignore index 19f80dd..dd6b058 100644 --- a/.gitignore +++ b/.gitignore @@ -180,3 +180,4 @@ libselinux-2.0.93.tgz libselinux-2.0.94.tgz libselinux-2.0.96.tgz /libselinux-2.0.97.tgz +/libselinux-2.0.98.tgz diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 069e5b6..9fe710c 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,6 +1,8 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.96/man/man8/selinuxconlist.8 ---- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500 -+++ libselinux-2.0.96/man/man8/selinuxconlist.8 2010-06-16 09:20:34.000000000 -0400 +diff --git a/libselinux/man/man8/selinuxconlist.8 b/libselinux/man/man8/selinuxconlist.8 +new file mode 100644 +index 0000000..c698daa +--- /dev/null ++++ b/libselinux/man/man8/selinuxconlist.8 @@ -0,0 +1,18 @@ +.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation" +.SH "NAME" @@ -20,9 +22,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 lib + +.SH "SEE ALSO" +secon(8), selinuxdefcon(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.96/man/man8/selinuxdefcon.8 ---- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500 -+++ libselinux-2.0.96/man/man8/selinuxdefcon.8 2010-06-16 09:20:34.000000000 -0400 +diff --git a/libselinux/man/man8/selinuxdefcon.8 b/libselinux/man/man8/selinuxdefcon.8 +new file mode 100644 +index 0000000..3cbeff2 +--- /dev/null ++++ b/libselinux/man/man8/selinuxdefcon.8 @@ -0,0 +1,24 @@ +.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation" +.SH "NAME" @@ -48,9 +52,67 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libs + +.SH "SEE ALSO" +secon(8), selinuxconlist(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.96/src/audit2why.c ---- nsalibselinux/src/audit2why.c 2010-05-19 14:45:51.000000000 -0400 -+++ libselinux-2.0.96/src/audit2why.c 2010-06-25 17:03:37.000000000 -0400 +diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile +index bf665ab..8aeb7a1 100644 +--- a/libselinux/src/Makefile ++++ b/libselinux/src/Makefile +@@ -1,9 +1,10 @@ + # Installation directories. ++PYTHON ?= python + PREFIX ?= $(DESTDIR)/usr + LIBDIR ?= $(PREFIX)/lib + SHLIBDIR ?= $(DESTDIR)/lib + INCLUDEDIR ?= $(PREFIX)/include +-PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') ++PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])') + PYINC ?= /usr/include/$(PYLIBVER) + PYLIB ?= /usr/lib/$(PYLIBVER) + PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER) +@@ -23,13 +24,13 @@ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i + SWIGRUBYIF= selinuxswig_ruby.i + SWIGCOUT= selinuxswig_wrap.c + SWIGRUBYCOUT= selinuxswig_ruby_wrap.c +-SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) ++SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) + SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT)) +-SWIGSO=_selinux.so ++SWIGSO=$(PYPREFIX)_selinux.so + SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i + SWIGRUBYSO=_rubyselinux.so + LIBSO=$(TARGET).$(LIBVERSION) +-AUDIT2WHYSO=audit2why.so ++AUDIT2WHYSO=$(PYPREFIX)audit2why.so + + ifeq ($(DISABLE_AVC),y) + UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c +@@ -91,10 +92,10 @@ $(LIBPC): $(LIBPC).in + selinuxswig_python_exception.i: ../include/selinux/selinux.h + bash exception.sh > $@ + +-audit2why.lo: audit2why.c ++$(PYPREFIX)audit2why.lo: audit2why.c + $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< + +-$(AUDIT2WHYSO): audit2why.lo ++$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@ + + %.o: %.c policy.h +@@ -123,8 +124,8 @@ install: all + + install-pywrap: pywrap + test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux +- install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux +- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux ++ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so ++ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so + install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py + + install-rubywrap: rubywrap +diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c +index 691bc67..12e8614 100644 +--- a/libselinux/src/audit2why.c ++++ b/libselinux/src/audit2why.c @@ -1,3 +1,6 @@ +/* Workaround for http://bugs.python.org/issue4835 */ +#define SIZEOF_SOCKET_T SIZEOF_INT @@ -58,7 +120,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. #include #include #include -@@ -255,6 +258,8 @@ +@@ -255,6 +258,8 @@ static int __policy_init(const char *init_path) fclose(fp); sepol_set_policydb(&avc->policydb->p); avc->handle = sepol_handle_create(); @@ -67,7 +129,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. rc = sepol_bool_count(avc->handle, avc->policydb, &cnt); -@@ -287,8 +292,10 @@ +@@ -287,8 +292,10 @@ static int __policy_init(const char *init_path) static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) { int result; char *init_path=NULL; @@ -80,7 +142,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. return Py_BuildValue("i", result); } -@@ -353,7 +360,11 @@ +@@ -353,7 +360,11 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args strObj = PyList_GetItem(listObj, i); /* Can't fail */ /* make it a string */ @@ -92,7 +154,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. perm = string_to_av_perm(tclass, permstr); if (!perm) { -@@ -423,10 +434,39 @@ +@@ -423,10 +434,39 @@ static PyMethodDef audit2whyMethods[] = { {NULL, NULL, 0, NULL} /* Sentinel */ }; @@ -133,7 +195,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN); PyModule_AddIntConstant(m,"BADSCON", BADSCON); PyModule_AddIntConstant(m,"BADTCON", BADTCON); -@@ -440,4 +480,8 @@ +@@ -440,4 +480,8 @@ initaudit2why(void) PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN); PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT); PyModule_AddIntConstant(m,"RBAC", RBAC); @@ -142,10 +204,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2. + return m; +#endif } -diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.96/src/callbacks.c ---- nsalibselinux/src/callbacks.c 2010-05-19 14:45:51.000000000 -0400 -+++ libselinux-2.0.96/src/callbacks.c 2010-06-16 09:20:34.000000000 -0400 -@@ -16,6 +16,7 @@ +diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c +index b245364..7c47222 100644 +--- a/libselinux/src/callbacks.c ++++ b/libselinux/src/callbacks.c +@@ -16,6 +16,7 @@ default_selinux_log(int type __attribute__((unused)), const char *fmt, ...) { int rc; va_list ap; @@ -153,103 +216,10 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2. va_start(ap, fmt); rc = vfprintf(stderr, fmt, ap); va_end(ap); -diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-2.0.96/src/get_context_list.c ---- nsalibselinux/src/get_context_list.c 2010-05-19 14:45:51.000000000 -0400 -+++ libselinux-2.0.96/src/get_context_list.c 2010-07-27 13:09:08.000000000 -0400 -@@ -286,7 +286,6 @@ - if (buf[plen - 1] == '\n') - buf[plen - 1] = 0; - -- retry: - nlen = strlen(user) + 1 + plen + 1; - *newcon = malloc(nlen); - if (!(*newcon)) -@@ -306,10 +305,6 @@ - if (security_check_context(*newcon) && errno != ENOENT) { - free(*newcon); - *newcon = 0; -- if (strcmp(user, SELINUX_DEFAULTUSER)) { -- user = SELINUX_DEFAULTUSER; -- goto retry; -- } - return -1; - } - -@@ -418,13 +413,8 @@ - - /* Determine the set of reachable contexts for the user. */ - rc = security_compute_user(fromcon, user, &reachable); -- if (rc < 0) { -- /* Retry with the default SELinux user identity. */ -- user = SELINUX_DEFAULTUSER; -- rc = security_compute_user(fromcon, user, &reachable); -- if (rc < 0) -- goto failsafe; -- } -+ if (rc < 0) -+ goto failsafe; - nreach = 0; - for (ptr = reachable; *ptr; ptr++) - nreach++; -diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.96/src/Makefile ---- nsalibselinux/src/Makefile 2010-05-19 14:45:51.000000000 -0400 -+++ libselinux-2.0.96/src/Makefile 2010-06-16 09:20:39.000000000 -0400 -@@ -1,9 +1,10 @@ - # Installation directories. -+PYTHON ?= python - PREFIX ?= $(DESTDIR)/usr - LIBDIR ?= $(PREFIX)/lib - SHLIBDIR ?= $(DESTDIR)/lib - INCLUDEDIR ?= $(PREFIX)/include --PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') -+PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])') - PYINC ?= /usr/include/$(PYLIBVER) - PYLIB ?= /usr/lib/$(PYLIBVER) - PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER) -@@ -23,13 +24,13 @@ - SWIGRUBYIF= selinuxswig_ruby.i - SWIGCOUT= selinuxswig_wrap.c - SWIGRUBYCOUT= selinuxswig_ruby_wrap.c --SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) -+SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) - SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT)) --SWIGSO=_selinux.so -+SWIGSO=$(PYPREFIX)_selinux.so - SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i - SWIGRUBYSO=_rubyselinux.so - LIBSO=$(TARGET).$(LIBVERSION) --AUDIT2WHYSO=audit2why.so -+AUDIT2WHYSO=$(PYPREFIX)audit2why.so - - ifeq ($(DISABLE_AVC),y) - UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c -@@ -91,10 +92,10 @@ - selinuxswig_python_exception.i: ../include/selinux/selinux.h - bash exception.sh > $@ - --audit2why.lo: audit2why.c -+$(PYPREFIX)audit2why.lo: audit2why.c - $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< - --$(AUDIT2WHYSO): audit2why.lo -+$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo - $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@ - - %.o: %.c policy.h -@@ -123,8 +124,8 @@ - - install-pywrap: pywrap - test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux -- install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux -- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux -+ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so -+ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so - install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py - - install-rubywrap: rubywrap -diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.96/src/matchpathcon.c ---- nsalibselinux/src/matchpathcon.c 2010-05-19 14:45:51.000000000 -0400 -+++ libselinux-2.0.96/src/matchpathcon.c 2010-07-26 14:55:18.000000000 -0400 +diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c +index bb4eb9f..c9ae42f 100644 +--- a/libselinux/src/matchpathcon.c ++++ b/libselinux/src/matchpathcon.c @@ -2,6 +2,7 @@ #include #include @@ -258,7 +228,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux #include "selinux_internal.h" #include "label_internal.h" #include "callbacks.h" -@@ -57,7 +58,7 @@ +@@ -60,7 +61,7 @@ static void { va_list ap; va_start(ap, fmt); @@ -267,10 +237,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux va_end(ap); } -diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.96/src/selinuxswig_python.i ---- nsalibselinux/src/selinuxswig_python.i 2010-06-16 08:03:38.000000000 -0400 -+++ libselinux-2.0.96/src/selinuxswig_python.i 2010-06-16 09:20:34.000000000 -0400 -@@ -45,7 +45,7 @@ +diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i +index dea0e80..bb227e9 100644 +--- a/libselinux/src/selinuxswig_python.i ++++ b/libselinux/src/selinuxswig_python.i +@@ -45,7 +45,7 @@ def install(src, dest): PyObject* list = PyList_New(*$2); int i; for (i = 0; i < *$2; i++) { @@ -279,7 +250,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs } $result = SWIG_Python_AppendOutput($result, list); } -@@ -74,7 +74,9 @@ +@@ -74,7 +74,9 @@ def install(src, dest): len++; plist = PyList_New(len); for (i = 0; i < len; i++) { @@ -290,7 +261,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs } } else { plist = PyList_New(0); -@@ -91,7 +93,9 @@ +@@ -91,7 +93,9 @@ def install(src, dest): if (*$1) { plist = PyList_New(result); for (i = 0; i < result; i++) { @@ -301,7 +272,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs } } else { plist = PyList_New(0); -@@ -144,16 +148,20 @@ +@@ -144,16 +148,20 @@ def install(src, dest): $1 = (char**) malloc(size + 1); for(i = 0; i < size; i++) { diff --git a/libselinux.spec b/libselinux.spec index c075622..0ba80d0 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -6,7 +6,7 @@ Summary: SELinux library and simple utilities Name: libselinux -Version: 2.0.97 +Version: 2.0.98 Release: 1%{?dist} License: Public Domain Group: System Environment/Libraries @@ -96,7 +96,7 @@ needed for developing SELinux applications. %prep %setup -q -%patch1 -p1 -b .rhat +%patch1 -p2 -b .rhat %build # To support building the Python wrapper against multiple Python runtimes @@ -236,6 +236,10 @@ exit 0 %{ruby_sitearch}/selinux.so %changelog +* Tue Dec 21 2010 Dan Walsh - 2.0.98-1 +- Update to upstream + - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list + * Mon Dec 6 2010 Dan Walsh - 2.0.97-1 - Update to upstream * Thread local storage fixes from Eamon Walsh. diff --git a/sources b/sources index 3b7fed6..c613b3a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1f2f5ff4fafddcd557caaac7b551fa27 libselinux-2.0.97.tgz +ae5872335424582717bd9d3bd646ef17 libselinux-2.0.98.tgz