diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile index bf665ab..ccd08ae 100644 --- a/libselinux/src/Makefile +++ b/libselinux/src/Makefile @@ -1,10 +1,11 @@ # Installation directories. +PYTHON ?= python PREFIX ?= $(DESTDIR)/usr LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= $(DESTDIR)/lib INCLUDEDIR ?= $(PREFIX)/include -PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') -PYINC ?= /usr/include/$(PYLIBVER) +PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])') +PYINC ?= $(shell pkg-config --cflags `basename $(PYTHON)`) PYLIB ?= /usr/lib/$(PYLIBVER) PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER) RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")') @@ -23,13 +24,13 @@ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i SWIGRUBYIF= selinuxswig_ruby.i SWIGCOUT= selinuxswig_wrap.c SWIGRUBYCOUT= selinuxswig_ruby_wrap.c -SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) +SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT)) -SWIGSO=_selinux.so +SWIGSO=$(PYPREFIX)_selinux.so SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i SWIGRUBYSO=_rubyselinux.so LIBSO=$(TARGET).$(LIBVERSION) -AUDIT2WHYSO=audit2why.so +AUDIT2WHYSO=$(PYPREFIX)audit2why.so ifeq ($(DISABLE_AVC),y) UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c @@ -70,7 +71,7 @@ $(LIBA): $(OBJS) $(RANLIB) $@ $(SWIGLOBJ): $(SWIGCOUT) - $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< + $(CC) $(filter-out -Werror,$(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $< $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT) $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $< @@ -91,10 +92,10 @@ $(LIBPC): $(LIBPC).in selinuxswig_python_exception.i: ../include/selinux/selinux.h bash exception.sh > $@ -audit2why.lo: audit2why.c - $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< +$(PYPREFIX)audit2why.lo: audit2why.c + $(CC) $(CFLAGS) $(PYINC) -fPIC -DSHARED -c -o $@ $< -$(AUDIT2WHYSO): audit2why.lo +$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@ %.o: %.c policy.h @@ -123,8 +124,8 @@ install: all install-pywrap: pywrap test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux - install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux - install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux + install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so + install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py install-rubywrap: rubywrap diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c index 691bc67..12e8614 100644 --- a/libselinux/src/audit2why.c +++ b/libselinux/src/audit2why.c @@ -1,3 +1,6 @@ +/* Workaround for http://bugs.python.org/issue4835 */ +#define SIZEOF_SOCKET_T SIZEOF_INT + #include #include #include @@ -255,6 +258,8 @@ static int __policy_init(const char *init_path) fclose(fp); sepol_set_policydb(&avc->policydb->p); avc->handle = sepol_handle_create(); + /* Turn off messages */ + sepol_msg_set_callback(avc->handle, NULL, NULL); rc = sepol_bool_count(avc->handle, avc->policydb, &cnt); @@ -287,8 +292,10 @@ static int __policy_init(const char *init_path) static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) { int result; char *init_path=NULL; - if (PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path)) - result = __policy_init(init_path); + if (!PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path)) { + return NULL; + } + result = __policy_init(init_path); return Py_BuildValue("i", result); } @@ -353,7 +360,11 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args strObj = PyList_GetItem(listObj, i); /* Can't fail */ /* make it a string */ +#if PY_MAJOR_VERSION >= 3 + permstr = _PyUnicode_AsString( strObj ); +#else permstr = PyString_AsString( strObj ); +#endif perm = string_to_av_perm(tclass, permstr); if (!perm) { @@ -423,10 +434,39 @@ static PyMethodDef audit2whyMethods[] = { {NULL, NULL, 0, NULL} /* Sentinel */ }; +#if PY_MAJOR_VERSION >= 3 +/* Module-initialization logic specific to Python 3 */ +struct module_state { + /* empty for now */ +}; +static struct PyModuleDef moduledef = { + PyModuleDef_HEAD_INIT, + "audit2why", + NULL, + sizeof(struct module_state), + audit2whyMethods, + NULL, + NULL, + NULL, + NULL +}; + +PyMODINIT_FUNC +PyInit_audit2why(void) +#else PyMODINIT_FUNC initaudit2why(void) +#endif { - PyObject *m = Py_InitModule("audit2why", audit2whyMethods); + PyObject *m; +#if PY_MAJOR_VERSION >= 3 + m = PyModule_Create(&moduledef); + if (m == NULL) { + return NULL; + } +#else + m = Py_InitModule("audit2why", audit2whyMethods); +#endif PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN); PyModule_AddIntConstant(m,"BADSCON", BADSCON); PyModule_AddIntConstant(m,"BADTCON", BADTCON); @@ -440,4 +480,8 @@ initaudit2why(void) PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN); PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT); PyModule_AddIntConstant(m,"RBAC", RBAC); + +#if PY_MAJOR_VERSION >= 3 + return m; +#endif } diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c index b245364..7c47222 100644 --- a/libselinux/src/callbacks.c +++ b/libselinux/src/callbacks.c @@ -16,6 +16,7 @@ default_selinux_log(int type __attribute__((unused)), const char *fmt, ...) { int rc; va_list ap; + if (is_selinux_enabled() == 0) return 0; va_start(ap, fmt); rc = vfprintf(stderr, fmt, ap); va_end(ap); diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c index bb4eb9f..c9ae42f 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -2,6 +2,7 @@ #include #include #include +#include #include "selinux_internal.h" #include "label_internal.h" #include "callbacks.h" @@ -60,7 +61,7 @@ static void { va_list ap; va_start(ap, fmt); - vfprintf(stderr, fmt, ap); + vsyslog(LOG_ERR, fmt, ap); va_end(ap); } diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i index dea0e80..bb227e9 100644 --- a/libselinux/src/selinuxswig_python.i +++ b/libselinux/src/selinuxswig_python.i @@ -45,7 +45,7 @@ def install(src, dest): PyObject* list = PyList_New(*$2); int i; for (i = 0; i < *$2; i++) { - PyList_SetItem(list, i, PyString_FromString((*$1)[i])); + PyList_SetItem(list, i, PyBytes_FromString((*$1)[i])); } $result = SWIG_Python_AppendOutput($result, list); } @@ -74,7 +74,9 @@ def install(src, dest): len++; plist = PyList_New(len); for (i = 0; i < len; i++) { - PyList_SetItem(plist, i, PyString_FromString((*$1)[i])); + PyList_SetItem(plist, i, + PyBytes_FromString((*$1)[i]) + ); } } else { plist = PyList_New(0); @@ -91,7 +93,9 @@ def install(src, dest): if (*$1) { plist = PyList_New(result); for (i = 0; i < result; i++) { - PyList_SetItem(plist, i, PyString_FromString((*$1)[i])); + PyList_SetItem(plist, i, + PyBytes_FromString((*$1)[i]) + ); } } else { plist = PyList_New(0); @@ -144,16 +148,20 @@ def install(src, dest): $1 = (char**) malloc(size + 1); for(i = 0; i < size; i++) { - if (!PyString_Check(PySequence_GetItem($input, i))) { - PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings"); + if (!PyBytes_Check(PySequence_GetItem($input, i))) { + PyErr_SetString(PyExc_ValueError, "Sequence must contain only bytes"); + return NULL; } + } for(i = 0; i < size; i++) { s = PySequence_GetItem($input, i); - $1[i] = (char*) malloc(PyString_Size(s) + 1); - strcpy($1[i], PyString_AsString(s)); + + $1[i] = (char*) malloc(PyBytes_Size(s) + 1); + strcpy($1[i], PyBytes_AsString(s)); + } $1[size] = NULL; }