diff --git a/libselinux-fedora.patch b/libselinux-fedora.patch index e3b2094..1d949b8 100644 --- a/libselinux-fedora.patch +++ b/libselinux-fedora.patch @@ -1833,6 +1833,77 @@ index 46566f6..3d5c9fb 100644 hidden_proto(selinux_systemd_contexts_path) hidden_proto(selinux_path) hidden_proto(selinux_check_passwd_access) +diff --git libselinux-2.5/src/selinuxswig.i libselinux-2.5/src/selinuxswig.i +index c1e4ef7..687c43b 100644 +--- libselinux-2.5/src/selinuxswig.i ++++ libselinux-2.5/src/selinuxswig.i +@@ -9,6 +9,7 @@ + #include "../include/selinux/get_context_list.h" + #include "../include/selinux/get_default_type.h" + #include "../include/selinux/label.h" ++ #include "../include/selinux/restorecon.h" + #include "../include/selinux/selinux.h" + %} + %apply int *OUTPUT { int *enforce }; +@@ -61,4 +62,5 @@ + %include "../include/selinux/get_context_list.h" + %include "../include/selinux/get_default_type.h" + %include "../include/selinux/label.h" ++%include "../include/selinux/restorecon.h" + %include "../include/selinux/selinux.h" +diff --git libselinux-2.5/src/selinuxswig_python.i libselinux-2.5/src/selinuxswig_python.i +index 8cea18d..eac8475 100644 +--- libselinux-2.5/src/selinuxswig_python.i ++++ libselinux-2.5/src/selinuxswig_python.i +@@ -14,31 +14,23 @@ DISABLED = -1 + PERMISSIVE = 0 + ENFORCING = 1 + +-def restorecon(path, recursive=False): +- """ Restore SELinux context on a given path """ +- +- try: +- mode = os.lstat(path)[stat.ST_MODE] +- status, context = matchpathcon(path, mode) +- except OSError: +- path = os.path.realpath(os.path.expanduser(path)) +- mode = os.lstat(path)[stat.ST_MODE] +- status, context = matchpathcon(path, mode) +- +- if status == 0: +- try: +- status, oldcontext = lgetfilecon(path) +- except OSError as e: +- if e.errno != errno.ENODATA: +- raise +- oldcontext = None +- if context != oldcontext: +- lsetfilecon(path, context) +- +- if recursive: +- for root, dirs, files in os.walk(path): +- for name in files + dirs: +- restorecon(os.path.join(root, name)) ++def restorecon(path, recursive=False, verbose=False): ++ """ Restore SELinux context on a given path ++ ++ Arguments: ++ path -- The pathname for the file or directory to be relabeled. ++ ++ Keyword arguments: ++ recursive -- Change files and directories file labels recursively (default False) ++ verbose -- Show changes in file labels (default False) ++ """ ++ ++ restorecon_flags = SELINUX_RESTORECON_IGNORE_DIGEST | SELINUX_RESTORECON_REALPATH ++ if recursive: ++ restorecon_flags |= SELINUX_RESTORECON_RECURSE ++ if verbose: ++ restorecon_flags |= SELINUX_RESTORECON_VERBOSE ++ selinux_restorecon(os.path.expanduser(path), restorecon_flags) + + def chcon(path, context, recursive=False): + """ Set the SELinux context on a given path """ diff --git libselinux-2.5/src/setfilecon.c libselinux-2.5/src/setfilecon.c index d05969c..3f0200e 100644 --- libselinux-2.5/src/setfilecon.c diff --git a/libselinux.spec b/libselinux.spec index 9e753e4..e1f2709 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -9,7 +9,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.5 -Release: 14%{?dist} +Release: 15%{?dist} License: Public Domain Group: System Environment/Libraries # https://github.com/SELinuxProject/selinux/wiki/Releases @@ -20,7 +20,7 @@ Url: https://github.com/SELinuxProject/selinux/wiki # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh # run: # $ VERSION=2.5 ./make-fedora-selinux-patch.sh libselinux -# HEAD https://github.com/fedora-selinux/selinux/commit/be955a4daf0598dbce8881c5dbab23b0cb1a6322 +# HEAD https://github.com/fedora-selinux/selinux/commit/3dcc89405fc1efdcd41b96c50b030174fcaf4514 Patch1: libselinux-fedora.patch BuildRequires: pkgconfig python python-devel ruby-devel ruby libsepol-static >= %{libsepolver} swig pcre-devel xz-devel %if 0%{?with_python3} @@ -256,6 +256,9 @@ rm -rf %{buildroot} %{ruby_vendorarchdir}/selinux.so %changelog +* Wed Jan 11 2017 Petr Lautrbach - 2.5-15 +- Rewrite restorecon() python method + * Fri Dec 09 2016 Charalampos Stratakis - 2.5-14 - Rebuild for Python 3.6