diff --git a/.gitignore b/.gitignore index 587c598..7ed27ae 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -star-1.5.1.tar.bz2 +/star-1.5.2.tar.bz2 diff --git a/sources b/sources index fa66c12..cdc0138 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f9a28f83702624c4c08ef1a343014c7a star-1.5.1.tar.bz2 +5c15cedb52e26b02b95c82de08c5fcc1 star-1.5.2.tar.bz2 diff --git a/star-1.5-selinux.patch b/star-1.5-selinux.patch deleted file mode 100644 index 89b9d52..0000000 --- a/star-1.5-selinux.patch +++ /dev/null @@ -1,260 +0,0 @@ -diff -urNp star-1.5.1-orig/autoconf/configure.in star-1.5.1/autoconf/configure.in ---- star-1.5.1-orig/autoconf/configure.in -+++ star-1.5.1/autoconf/configure.in -@@ -452,6 +452,15 @@ AC_CHECK_FUNCS(sched_yield) - AC_CHECK_FUNCS(nanosleep) - LIBS="$ac_save_LIBS" - -+AC_CHECK_HEADERS(selinux/selinux.h) -+if test "$ac_cv_header_selinux_selinux_h" = yes; then -+ AC_CHECKING(for SELinux support) -+ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr") -+ ac_save_LIBS="$LIBS" -+ LIBS="$LIBS $lib_selinux" -+ AC_CHECK_FUNCS(is_selinux_enabled) -+fi -+ - dnl Misc OS checks. - AC_MSG_CHECKING(for /dev/tty) - if test -r /dev/tty; then -@@ -543,6 +552,7 @@ AC_SUBST(lib_secdb) - AC_SUBST(lib_gen) - AC_SUBST(lib_pthread) - AC_SUBST(lib_rt) -+AC_SUBST(lib_selinux) - AC_SUBST(lib_dl) - AC_SUBST(lib_dir) - -diff -urNp star-1.5.1-orig/conf/rules.cnf.in star-1.5.1/conf/rules.cnf.in ---- star-1.5.1-orig/autoconf/rules.cnf.in -+++ star-1.5.1/autoconf/rules.cnf.in -@@ -21,5 +21,6 @@ LIB_SECDB = @lib_secdb@ - LIB_GEN = @lib_gen@ - LIB_PTHREAD = @lib_pthread@ - LIB_RT = @lib_rt@ -+LIB_SELINUX = @lib_selinux@ - LIB_DL= @lib_dl@ - LIB_DIR= @lib_dir@ -diff -urNp star-1.5-orig/star/cpio.mk star-1.5/star/cpio.mk ---- star-1.5-orig/star/cpio.mk 2008-04-06 20:01:45.000000000 +0200 -+++ star-1.5/star/cpio.mk 2008-12-18 16:00:27.000000000 +0100 -@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CPPOPTS += -DSCHILY_PRINT - CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ -@@ -34,7 +35,7 @@ CFILES= cpio.c header.c cpiohdr.c xhead - HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ - movearch.h table.h props.h fifo.h diff.h \ - checkerr.h dumpdate.h bitstring.h --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - XMK_FILE= scpioman.mk - - ########################################################################### -diff -urNp star-1.5-orig/star/extract.c star-1.5/star/extract.c ---- star-1.5-orig/star/extract.c 2008-04-06 17:32:15.000000000 +0200 -+++ star-1.5/star/extract.c 2008-12-18 15:59:46.000000000 +0100 -@@ -253,6 +253,17 @@ extern struct WALK walkstate; - continue; - } - #endif -+ -+#ifdef WITH_SELINUX -+ if (!to_stdout && selinux_enabled) { -+ if (setselinux(&finfo) == FALSE) { -+ errmsgno(EX_BAD, -+ "Can not setup security context for '%s'. Not created.\n", -+ finfo.f_name); -+ } -+ } -+#endif -+ - if (finfo.f_flags & F_BAD_META) { - if (!void_bad(&finfo)) - break; -diff -urNp star-1.5-orig/star/gnutar.mk star-1.5/star/gnutar.mk ---- star-1.5-orig/star/gnutar.mk 2008-04-06 20:01:45.000000000 +0200 -+++ star-1.5/star/gnutar.mk 2008-12-18 16:08:54.000000000 +0100 -@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CPPOPTS += -DSCHILY_PRINT - CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ -@@ -34,7 +35,7 @@ CFILES= gnutar.c header.c cpiohdr.c xhe - HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ - movearch.h table.h props.h fifo.h diff.h \ - checkerr.h dumpdate.h bitstring.h --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - XMK_FILE= gnutarman.mk - - ########################################################################### -diff -urNp star-1.5-orig/star/pax.mk star-1.5/star/pax.mk ---- star-1.5-orig/star/pax.mk 2008-04-06 20:01:45.000000000 +0200 -+++ star-1.5/star/pax.mk 2008-12-18 16:03:42.000000000 +0100 -@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CPPOPTS += -DPAX - CPPOPTS += -DSCHILY_PRINT - CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \ -@@ -35,7 +36,7 @@ CFILES= pax.c header.c cpiohdr.c xheade - HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ - movearch.h table.h props.h fifo.h diff.h \ - checkerr.h dumpdate.h bitstring.h --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - XMK_FILE= spaxman.mk - - ########################################################################### -diff -urNp star-1.5-orig/star/star.c star-1.5/star/star.c ---- star-1.5-orig/star/star.c 2008-04-13 15:01:30.000000000 +0200 -+++ star-1.5/star/star.c 2008-12-18 16:05:31.000000000 +0100 -@@ -46,6 +46,10 @@ static char sccsid[] = - #include "starsubs.h" - #include "checkerr.h" - -+#ifdef WITH_SELINUX -+int selinux_enabled=0; -+#endif -+ - EXPORT int main __PR((int ac, char **av)); - LOCAL void star_create __PR((int ac, char *const *av)); - LOCAL void checkdumptype __PR((GINFO *gp)); -@@ -388,6 +392,10 @@ main(ac, av) - comerr("Panic cannot set back effective uid.\n"); - } - my_uid = geteuid(); -+ -+#ifdef WITH_SELINUX -+ selinux_enabled=is_selinux_enabled()>0; -+#endif - /* - * WARNING: We now are no more able to open a new remote connection - * unless we have been called by root. -diff -urNp star-1.5-orig/star/star_fat.mk star-1.5/star/star_fat.mk ---- star-1.5-orig/star/star_fat.mk 2008-04-06 20:02:25.000000000 +0200 -+++ star-1.5/star/star_fat.mk 2008-12-18 16:04:20.000000000 +0100 -@@ -29,6 +29,7 @@ CPPOPTS += -DUSE_FFLAGS - CPPOPTS += -DCOPY_LINKS_DELAYED - CPPOPTS += -DSTAR_FAT - CPPOPTS += -DSCHILY_PRINT -+CPPOPTS += -DWITH_SELINUX - CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -48,7 +49,7 @@ HFILES= star.h starsubs.h dirtime.h xta - - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - # - # Wenn -lfind, dann auch $(LIB_INTL) - # -diff -urNp star-1.5-orig/star/star.mk star-1.5/star/star.mk ---- star-1.5-orig/star/star.mk 2008-04-06 20:01:45.000000000 +0200 -+++ star-1.5/star/star.mk 2008-12-18 16:06:07.000000000 +0100 -@@ -21,6 +21,7 @@ CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS - CPPOPTS += -DCOPY_LINKS_DELAYED - CPPOPTS += -DSCHILY_PRINT -+CPPOPTS += -DWITH_SELINUX - CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -35,7 +36,7 @@ CFILES= star.c header.c cpiohdr.c xhead - HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ - movearch.h table.h props.h fifo.h diff.h restore.h \ - checkerr.h dumpdate.h bitstring.h --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - XMK_FILE= Makefile.man starformatman.mk - - ########################################################################### -diff -urNp star-1.5-orig/star/starsubs.h star-1.5/star/starsubs.h ---- star-1.5-orig/star/starsubs.h 2008-04-06 17:32:15.000000000 +0200 -+++ star-1.5/star/starsubs.h 2008-12-18 16:01:15.000000000 +0100 -@@ -304,6 +304,11 @@ extern void opt_xattr __PR((void)); - extern BOOL get_xattr __PR((register FINFO *info)); - extern BOOL set_xattr __PR((register FINFO *info)); - extern void free_xattr __PR((star_xattr_t **xattr)); -+# ifdef WITH_SELINUX -+#include -+extern BOOL setselinux __PR((register FINFO *info)); -+extern int selinux_enabled; -+# endif - #endif - - /* -diff -urNp star-1.5-orig/star/suntar.mk star-1.5/star/suntar.mk ---- star-1.5-orig/star/suntar.mk 2008-04-06 20:01:45.000000000 +0200 -+++ star-1.5/star/suntar.mk 2008-12-18 15:58:44.000000000 +0100 -@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CPPOPTS += -DSCHILY_PRINT - CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ -@@ -34,7 +35,7 @@ CFILES= suntar.c header.c cpiohdr.c xhe - HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ - movearch.h table.h props.h fifo.h diff.h \ - checkerr.h dumpdate.h bitstring.h --LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) -+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) - XMK_FILE= suntarman.mk - - ########################################################################### -diff -urNp star-1.5-orig/star/xattr.c star-1.5/star/xattr.c ---- star-1.5-orig/star/xattr.c 2008-03-16 16:40:41.000000000 +0100 -+++ star-1.5/star/xattr.c 2008-12-18 16:08:15.000000000 +0100 -@@ -196,6 +196,27 @@ fail: - #endif /* USE_XATTR */ - } - -+#ifdef WITH_SELINUX -+EXPORT BOOL -+setselinux(info) -+ register FINFO *info; -+{ -+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX) -+ if (info->f_xattr) { -+ star_xattr_t *xap; -+ for (xap = info->f_xattr; xap->name != NULL; xap++) { -+ if (strcmp(xap->name, "security.selinux") == 0) { -+ if (setfscreatecon(xap->value)) { -+ return FALSE; -+ } -+ } -+ } -+ } -+#endif /* USE_XATTR && WITH_SELINUX */ -+ return TRUE; -+} -+#endif -+ - /* ARGSUSED */ - EXPORT BOOL - set_xattr(info) -@@ -209,6 +230,10 @@ set_xattr(info) - return (TRUE); - - for (xap = info->f_xattr; xap->name != NULL; xap++) { -+#ifdef WITH_SELINUX -+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0)) -+ continue; -+#endif - if (lsetxattr(info->f_name, xap->name, xap->value, - xap->value_len, 0) != 0) { - if (!errhidden(E_SETXATTR, info->f_name)) { diff --git a/star-1.5.1-bufferoverflow.patch b/star-1.5.1-bufferoverflow.patch deleted file mode 100644 index afc0b4a..0000000 --- a/star-1.5.1-bufferoverflow.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -urNp star-1.5.1-orig/star/longnames.c star-1.5.1/star/longnames.c ---- star-1.5.1-orig/star/longnames.c 2009-10-16 00:38:55.000000000 +0200 -+++ star-1.5.1/star/longnames.c 2010-02-03 13:36:03.000000000 +0100 -@@ -155,7 +155,7 @@ name_to_tcb(info, ptb) - if (add) - strcatl(ptb->dbuf.t_name, name, "/", (char *)NULL); - else -- strcpy(ptb->dbuf.t_name, name); -+ strncpy(ptb->dbuf.t_name, name, props.pr_maxsname); - return (TRUE); - } - -@@ -198,7 +198,7 @@ name_to_tcb(info, ptb) - if (add) - strcatl(ptb->dbuf.t_name, &np[1], "/", (char *)NULL); - else -- strcpy(ptb->dbuf.t_name, &np[1]); -+ strncpy(ptb->dbuf.t_name, &np[1], props.pr_maxsname); - strncpy(ptb->dbuf.t_prefix, name, np - name); - info->f_flags |= F_SPLIT_NAME; - return (TRUE); diff --git a/star-1.5.2-bufferoverflow.patch b/star-1.5.2-bufferoverflow.patch new file mode 100644 index 0000000..33d31cb --- /dev/null +++ b/star-1.5.2-bufferoverflow.patch @@ -0,0 +1,22 @@ +diff --git a/star/longnames.c b/star/longnames.c +index 33cbe2a..9d2e303 100644 +--- a/star/longnames.c ++++ b/star/longnames.c +@@ -155,7 +155,7 @@ name_to_tcb(info, ptb) + if (add) + strcatl(ptb->ndbuf.t_name, name, "/", (char *)NULL); + else +- strcpy(ptb->ndbuf.t_name, name); ++ strncpy(ptb->ndbuf.t_name, name, props.pr_maxsname); + return (TRUE); + } + +@@ -198,7 +198,7 @@ name_to_tcb(info, ptb) + if (add) + strcatl(ptb->ndbuf.t_name, &np[1], "/", (char *)NULL); + else +- strcpy(ptb->ndbuf.t_name, &np[1]); ++ strncpy(ptb->ndbuf.t_name, &np[1], props.pr_maxsname); + strncpy(ptb->dbuf.t_prefix, name, np - name); + info->f_flags |= F_SPLIT_NAME; + return (TRUE); diff --git a/star-1.5.2-selinux.patch b/star-1.5.2-selinux.patch new file mode 100644 index 0000000..edcd246 --- /dev/null +++ b/star-1.5.2-selinux.patch @@ -0,0 +1,272 @@ +diff --git a/autoconf/configure.in b/autoconf/configure.in +index 1465ce1..3046a62 100644 +--- a/autoconf/configure.in ++++ b/autoconf/configure.in +@@ -817,6 +817,15 @@ AC_CHECK_FUNCS(sched_yield) + AC_CHECK_FUNCS(nanosleep) + LIBS="$ac_save_LIBS" + ++AC_CHECK_HEADERS(selinux/selinux.h) ++if test "$ac_cv_header_selinux_selinux_h" = yes; then ++ AC_CHECKING(for SELinux support) ++ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr") ++ ac_save_LIBS="$LIBS" ++ LIBS="$LIBS $lib_selinux" ++ AC_CHECK_FUNCS(is_selinux_enabled) ++fi ++ + dnl Misc OS checks. + AC_CHECK_FILES(/dev/tty /dev/null /dev/zero) + AC_CHECK_FILES(/dev/stdin /dev/stdout /dev/stderr) +@@ -894,6 +903,7 @@ AC_SUBST(lib_secdb) + AC_SUBST(lib_gen) + AC_SUBST(lib_pthread) + AC_SUBST(lib_rt) ++AC_SUBST(lib_selinux) + AC_SUBST(lib_dl) + AC_SUBST(lib_dir) + +diff --git a/autoconf/rules.cnf.in b/autoconf/rules.cnf.in +index 6de994c..31b1575 100644 +--- a/autoconf/rules.cnf.in ++++ b/autoconf/rules.cnf.in +@@ -30,5 +30,6 @@ LIB_SECDB = @lib_secdb@ + LIB_GEN = @lib_gen@ + LIB_PTHREAD = @lib_pthread@ + LIB_RT = @lib_rt@ ++LIB_SELINUX = @lib_selinux@ + LIB_DL= @lib_dl@ + LIB_DIR= @lib_dir@ +diff --git a/star/cpio.mk b/star/cpio.mk +index ec48a95..8a2c7a0 100644 +--- a/star/cpio.mk ++++ b/star/cpio.mk +@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -34,7 +35,7 @@ CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \ + HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + movearch.h table.h props.h fifo.h diff.h \ + checkerr.h dumpdate.h bitstring.h +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + XMK_FILE= scpioman.mk + + ########################################################################### +diff --git a/star/extract.c b/star/extract.c +index 9a83bf4..3d68c43 100644 +--- a/star/extract.c ++++ b/star/extract.c +@@ -253,6 +253,17 @@ extern struct WALK walkstate; + continue; + } + #endif ++ ++#ifdef WITH_SELINUX ++ if (!to_stdout && selinux_enabled) { ++ if (setselinux(&finfo) == FALSE) { ++ errmsgno(EX_BAD, ++ "Can not setup security context for '%s'. Not created.\n", ++ finfo.f_name); ++ } ++ } ++#endif ++ + if (finfo.f_flags & F_BAD_META) { + if (!void_bad(&finfo)) + break; +diff --git a/star/gnutar.mk b/star/gnutar.mk +index d0da54b..9c5de30 100644 +--- a/star/gnutar.mk ++++ b/star/gnutar.mk +@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -34,7 +35,7 @@ CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \ + HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + movearch.h table.h props.h fifo.h diff.h \ + checkerr.h dumpdate.h bitstring.h +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + XMK_FILE= gnutarman.mk + + ########################################################################### +diff --git a/star/pax.mk b/star/pax.mk +index 0254e77..15c8ea0 100644 +--- a/star/pax.mk ++++ b/star/pax.mk +@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DPAX + CPPOPTS += -DSCHILY_PRINT + CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \ +@@ -35,7 +36,7 @@ CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \ + HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + movearch.h table.h props.h fifo.h diff.h \ + checkerr.h dumpdate.h bitstring.h +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + XMK_FILE= spaxman.mk + + ########################################################################### +diff --git a/star/star.c b/star/star.c +index 7b58964..fe9d984 100644 +--- a/star/star.c ++++ b/star/star.c +@@ -46,6 +46,10 @@ static UConst char sccsid[] = + #include "starsubs.h" + #include "checkerr.h" + ++#ifdef WITH_SELINUX ++int selinux_enabled=0; ++#endif ++ + EXPORT int main __PR((int ac, char **av)); + LOCAL void star_create __PR((int ac, char *const *av)); + LOCAL void checkdumptype __PR((GINFO *gp)); +@@ -399,6 +403,10 @@ main(ac, av) + comerr("Panic cannot set back effective uid.\n"); + } + my_uid = geteuid(); ++ ++#ifdef WITH_SELINUX ++ selinux_enabled=is_selinux_enabled()>0; ++#endif + /* + * WARNING: We now are no more able to open a new remote connection + * unless we have been called by root. +diff --git a/star/star.mk b/star/star.mk +index a6f6cff..68d3482 100644 +--- a/star/star.mk ++++ b/star/star.mk +@@ -21,6 +21,7 @@ CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS + CPPOPTS += -DCOPY_LINKS_DELAYED + CPPOPTS += -DSCHILY_PRINT ++CPPOPTS += -DWITH_SELINUX + CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ + remove.c star_unix.c acl_unix.c acltext.c fflags.c \ +@@ -35,7 +36,7 @@ CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \ + HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + movearch.h table.h props.h fifo.h diff.h restore.h \ + checkerr.h dumpdate.h bitstring.h +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + XMK_FILE= Makefile.man starformatman.mk + + ########################################################################### +diff --git a/star/star_fat.mk b/star/star_fat.mk +index 1975c94..507fbee 100644 +--- a/star/star_fat.mk ++++ b/star/star_fat.mk +@@ -29,6 +29,7 @@ CPPOPTS += -DUSE_FFLAGS + CPPOPTS += -DCOPY_LINKS_DELAYED + CPPOPTS += -DSTAR_FAT + CPPOPTS += -DSCHILY_PRINT ++CPPOPTS += -DWITH_SELINUX + CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ + remove.c star_unix.c acl_unix.c acltext.c fflags.c \ +@@ -48,7 +49,7 @@ HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + # + # Wenn -lfind, dann auch $(LIB_INTL) + # +diff --git a/star/starsubs.h b/star/starsubs.h +index a914ade..1e2a233 100644 +--- a/star/starsubs.h ++++ b/star/starsubs.h +@@ -317,6 +317,11 @@ extern void opt_xattr __PR((void)); + extern BOOL get_xattr __PR((register FINFO *info)); + extern BOOL set_xattr __PR((register FINFO *info)); + extern void free_xattr __PR((star_xattr_t **xattr)); ++# ifdef WITH_SELINUX ++#include ++extern BOOL setselinux __PR((register FINFO *info)); ++extern int selinux_enabled; ++# endif + #endif + + /* +diff --git a/star/suntar.mk b/star/suntar.mk +index 5690c9f..f781f63 100644 +--- a/star/suntar.mk ++++ b/star/suntar.mk +@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -34,7 +35,7 @@ CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \ + HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ + movearch.h table.h props.h fifo.h diff.h \ + checkerr.h dumpdate.h bitstring.h +-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) ++LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX) + XMK_FILE= suntarman.mk + + ########################################################################### +diff --git a/star/xattr.c b/star/xattr.c +index 1462950..6493447 100644 +--- a/star/xattr.c ++++ b/star/xattr.c +@@ -196,6 +196,27 @@ fail: + #endif /* USE_XATTR */ + } + ++#ifdef WITH_SELINUX ++EXPORT BOOL ++setselinux(info) ++ register FINFO *info; ++{ ++#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX) ++ if (info->f_xattr) { ++ star_xattr_t *xap; ++ for (xap = info->f_xattr; xap->name != NULL; xap++) { ++ if (strcmp(xap->name, "security.selinux") == 0) { ++ if (setfscreatecon(xap->value)) { ++ return FALSE; ++ } ++ } ++ } ++ } ++#endif /* USE_XATTR && WITH_SELINUX */ ++ return TRUE; ++} ++#endif ++ + /* ARGSUSED */ + EXPORT BOOL + set_xattr(info) +@@ -209,6 +230,10 @@ set_xattr(info) + return (TRUE); + + for (xap = info->f_xattr; xap->name != NULL; xap++) { ++#ifdef WITH_SELINUX ++ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0)) ++ continue; ++#endif + if (lsetxattr(info->f_name, xap->name, xap->value, + xap->value_len, 0) != 0) { + if (!errhidden(E_SETXATTR, info->f_name)) { diff --git a/star.spec b/star.spec index 415a142..349af4a 100644 --- a/star.spec +++ b/star.spec @@ -3,29 +3,25 @@ %endif Summary: An archiving tool with ACL support Name: star -Version: 1.5.1 -Release: 12%{?dist} +Version: 1.5.2 +Release: 1%{?dist} URL: http://cdrecord.berlios.de/old/private/star.html Source: ftp://ftp.berlios.de/pub/star/%{name}-%{version}.tar.bz2 #use gcc for compilation, change defaults for Linux Patch1: star-1.5-newMake.patch #add SELinux support to star(#) -Patch2: star-1.5-selinux.patch +Patch2: star-1.5.2-selinux.patch #do not segfault with data-change-warn option (#255261) Patch3: star-1.5-changewarnSegv.patch -#do not conflict with glibc stdio functions (#494213) -Patch4: star-1.5-stdioconflict.patch #Prevent buffer overflow for filenames with length of 100 characters (#556664) -Patch5: star-1.5.1-bufferoverflow.patch +Patch4: star-1.5.2-bufferoverflow.patch #Fix some invalid manpage references (#624612) -Patch6: star-1.5.1-manpagereferences.patch -#fix signedness segfault with multivol option(#666015) -Patch7: star-1.5.1-multivolsigsegv.patch +Patch5: star-1.5.1-manpagereferences.patch # do not crash when xattrs are not set on all files (#861848) -Patch8: star-1.5.1-selinux-segfault.patch +Patch6: star-1.5.1-selinux-segfault.patch # note that the H=crc format uses Sum32 algorithm, not CRC -Patch9: star-1.5.1-crc.patch +Patch7: star-1.5.1-crc.patch License: CDDL Group: Applications/Archiving @@ -44,12 +40,10 @@ and can restore individual files from the archive. Star supports ACL. %patch2 -p1 -b .selinux %endif %patch3 -p1 -b .changewarnSegv -%patch4 -p1 -b .stdio -%patch5 -p1 -b .namesoverflow -%patch6 -p1 -b .references -%patch7 -p1 -b .multivol -%patch8 -p1 -b .selinux-segfault -%patch9 -p1 -b .crc +%patch4 -p1 -b .namesoverflow +%patch5 -p1 -b .references +%patch6 -p1 -b .selinux-segfault +%patch7 -p1 -b .crc cp -a star/all.mk star/Makefile iconv -f iso_8859-1 -t utf-8 AN-1.5 >AN-1.5_utf8 mv AN-1.5_utf8 AN-1.5 @@ -88,8 +82,6 @@ rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man4 %makeinstall RPM_INSTALLDIR=${RPM_BUILD_ROOT} PARCH=%{_target_cpu} K_ARCH=%{_target_cpu} < /dev/null rm -rf ${RPM_BUILD_ROOT}/usr/share/doc/rmt -mv ${RPM_BUILD_ROOT}/usr/man/man5/star.5 ${RPM_BUILD_ROOT}%{_mandir}/man4/star.4 -mv ${RPM_BUILD_ROOT}/usr/man/* ${RPM_BUILD_ROOT}%{_mandir} ln -s star.1.gz ${RPM_BUILD_ROOT}%{_mandir}/man1/ustar.1 # XXX Nuke unpackaged files. @@ -106,9 +98,9 @@ ln -s star.1.gz ${RPM_BUILD_ROOT}%{_mandir}/man1/ustar.1 rm -rf .%{_prefix}%{_sysconfdir} rm -rf .%{_prefix}/include rm -rf .%{_prefix}/lib - rm -rf .%{_mandir}/man5 rm -rf .%{_mandir}/man3 - rm -rf .%{_mandir}/man1/{tartest,rmt,gnutar,smt,suntar,match}.1* + rm -rf .%{_mandir}/man5/{makefiles,makerules}.5* + rm -rf .%{_mandir}/man1/{tartest,rmt,gnutar,smt,mt,suntar,match}.1* rm -rf .%{_sbindir} ) @@ -126,9 +118,13 @@ rm -rf ${RPM_BUILD_ROOT} %{_mandir}/man1/spax.1* %{_mandir}/man1/ustar.1* %{_mandir}/man1/scpio.1* -%{_mandir}/man4/star.4* +%{_mandir}/man5/star.5* %changelog +* Wed Apr 10 2013 Pavel Raiskup - 1.5.2-1 +- rebase to most up2date upstream tarball, remove patches already upstream, fix + code movements in patches (#928758) + * Thu Mar 21 2013 Pavel Raiskup - 1.5.1-12 - package also the 'scpio' utility (#771926)