rpms/libselinux
5
0
Fork 0
Code Issues Pull Requests Releases Activity

SELinux userspace 3.4-rc3 release

Browse Source
This commit is contained in:
Petr Lautrbach 2022-05-10 16:22:23 +02:00
parent 7fb483760b
commit 2441ed1cdc
4 changed files with 28 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -223,3 +223,4 @@ libselinux-2.0.96.tgz
/libselinux-3.3.tar.gz /libselinux-3.3.tar.gz
/libselinux-3.4-rc1.tar.gz /libselinux-3.4-rc1.tar.gz
/libselinux-3.4-rc2.tar.gz /libselinux-3.4-rc2.tar.gz
/libselinux-3.4-rc3.tar.gz

37
0001-Use-SHA-2-instead-of-SHA-1.patch
View File

@ -1,7 +1,8 @@
From ec1b147076345478636de763ce5d4e8daa69afd6 Mon Sep 17 00:00:00 2001 From a6529e0fb5b3f385a3f4239d977da0491a1687ec Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com> From: Petr Lautrbach <plautrba@redhat.com>
Date: Fri, 30 Jul 2021 14:14:37 +0200 Date: Fri, 30 Jul 2021 14:14:37 +0200
Subject: [PATCH] Use SHA-2 instead of SHA-1 Subject: [PATCH] Use SHA-2 instead of SHA-1
Content-type: text/plain
The use of SHA-1 in RHEL9 is deprecated The use of SHA-1 in RHEL9 is deprecated
--- ---
@ -50,7 +51,7 @@ index e8983606d93b..a35d84d63b0a 100644
* @num_specfiles: number of specfiles in the list. * @num_specfiles: number of specfiles in the list.
* *
diff --git a/libselinux/include/selinux/restorecon.h b/libselinux/include/selinux/restorecon.h diff --git a/libselinux/include/selinux/restorecon.h b/libselinux/include/selinux/restorecon.h
index 1821a3dc596c..8f9a030cda98 100644 index b10fe684eff9..8df4744505b3 100644
--- a/libselinux/include/selinux/restorecon.h --- a/libselinux/include/selinux/restorecon.h
+++ b/libselinux/include/selinux/restorecon.h +++ b/libselinux/include/selinux/restorecon.h
@@ -41,8 +41,8 @@ extern int selinux_restorecon_parallel(const char *pathname, @@ -41,8 +41,8 @@ extern int selinux_restorecon_parallel(const char *pathname,
@ -83,7 +84,7 @@ index 56a008f00df0..5f7c42533d0e 100644
with the number of entries in with the number of entries in
.IR num_specfiles . .IR num_specfiles .
diff --git a/libselinux/man/man3/selabel_open.3 b/libselinux/man/man3/selabel_open.3 diff --git a/libselinux/man/man3/selabel_open.3 b/libselinux/man/man3/selabel_open.3
index 971ebc1acd41..2cf2eb8a1410 100644 index 0e03e1be111e..14ab888d2e03 100644
--- a/libselinux/man/man3/selabel_open.3 --- a/libselinux/man/man3/selabel_open.3
+++ b/libselinux/man/man3/selabel_open.3 +++ b/libselinux/man/man3/selabel_open.3
@@ -69,7 +69,7 @@ is used; a custom validation function can be provided via @@ -69,7 +69,7 @@ is used; a custom validation function can be provided via
@ -96,7 +97,7 @@ index 971ebc1acd41..2cf2eb8a1410 100644
.BR selabel_digest (3) .BR selabel_digest (3)
. .
diff --git a/libselinux/man/man3/selinux_restorecon.3 b/libselinux/man/man3/selinux_restorecon.3 diff --git a/libselinux/man/man3/selinux_restorecon.3 b/libselinux/man/man3/selinux_restorecon.3
index 334d2930bb4f..500845917fb8 100644 index 218aaf6d2ae5..c74189c0852d 100644
--- a/libselinux/man/man3/selinux_restorecon.3 --- a/libselinux/man/man3/selinux_restorecon.3
+++ b/libselinux/man/man3/selinux_restorecon.3 +++ b/libselinux/man/man3/selinux_restorecon.3
@@ -36,7 +36,7 @@ If this is a directory and the @@ -36,7 +36,7 @@ If this is a directory and the
@ -128,7 +129,7 @@ index 334d2930bb4f..500845917fb8 100644
.IR security.sehash .IR security.sehash
extended attribute once relabeling has been completed successfully provided the extended attribute once relabeling has been completed successfully provided the
.B SELINUX_RESTORECON_NOCHANGE .B SELINUX_RESTORECON_NOCHANGE
@@ -92,7 +92,7 @@ default specfile context. @@ -95,7 +95,7 @@ default specfile context.
.sp .sp
.B SELINUX_RESTORECON_RECURSE .B SELINUX_RESTORECON_RECURSE
change file and directory labels recursively (descend directories) change file and directory labels recursively (descend directories)
@ -137,8 +138,8 @@ index 334d2930bb4f..500845917fb8 100644
extended attribute as described in the extended attribute as described in the
.B NOTES .B NOTES
section. section.
@@ -166,7 +166,7 @@ to treat conflicting specifications, such as where two hardlinks for the @@ -184,7 +184,7 @@ walk, the specfile entries SHA1 digest will not have been written to the
same inode have different contexts, as errors. extended attribute.
.RE .RE
.sp .sp
-The behavior regarding the checking and updating of the SHA1 digest described -The behavior regarding the checking and updating of the SHA1 digest described
@ -146,7 +147,7 @@ index 334d2930bb4f..500845917fb8 100644
above is the default behavior. It is possible to change this by first calling above is the default behavior. It is possible to change this by first calling
.BR selabel_open (3) .BR selabel_open (3)
and not enabling the and not enabling the
@@ -229,7 +229,7 @@ To improve performance when relabeling file systems recursively (e.g. the @@ -247,7 +247,7 @@ To improve performance when relabeling file systems recursively (e.g. the
.B SELINUX_RESTORECON_RECURSE .B SELINUX_RESTORECON_RECURSE
flag is set) flag is set)
.BR selinux_restorecon () .BR selinux_restorecon ()
@ -155,7 +156,7 @@ index 334d2930bb4f..500845917fb8 100644
.BR selabel_get_digests_all_partial_matches (3) .BR selabel_get_digests_all_partial_matches (3)
to an extended attribute named to an extended attribute named
.IR security.sehash .IR security.sehash
@@ -222,7 +222,7 @@ Should any of the specfile entries have changed, then when @@ -269,7 +269,7 @@ Should any of the specfile entries have changed, then when
.BR selinux_restorecon () .BR selinux_restorecon ()
is run again with the is run again with the
.B SELINUX_RESTORECON_RECURSE .B SELINUX_RESTORECON_RECURSE
@ -364,7 +365,7 @@ index 54fd49a5b7b9..4003eb8dc7af 100644
digest->hashbuf = NULL; digest->hashbuf = NULL;
return; return;
diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
index 72f4fb462e34..f7e84657d09d 100644 index e61929120a74..b77b3bc5639f 100644
--- a/libselinux/src/selinux_restorecon.c --- a/libselinux/src/selinux_restorecon.c
+++ b/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c
@@ -37,7 +37,7 @@ @@ -37,7 +37,7 @@
@ -376,7 +377,7 @@ index 72f4fb462e34..f7e84657d09d 100644
#define STAR_COUNT 1024 #define STAR_COUNT 1024
@@ -294,7 +294,7 @@ static int exclude_non_seclabel_mounts(void) @@ -298,7 +298,7 @@ static int exclude_non_seclabel_mounts(void)
static int add_xattr_entry(const char *directory, bool delete_nonmatch, static int add_xattr_entry(const char *directory, bool delete_nonmatch,
bool delete_all) bool delete_all)
{ {
@ -385,7 +386,7 @@ index 72f4fb462e34..f7e84657d09d 100644
size_t i, digest_len = 0; size_t i, digest_len = 0;
int rc, digest_result; int rc, digest_result;
bool match; bool match;
@@ -317,15 +317,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, @@ -321,15 +321,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
} }
/* Convert entry to a hex encoded string. */ /* Convert entry to a hex encoded string. */
@ -404,7 +405,7 @@ index 72f4fb462e34..f7e84657d09d 100644
digest_result = match ? MATCH : NOMATCH; digest_result = match ? MATCH : NOMATCH;
@@ -345,7 +345,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, @@ -349,7 +349,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
/* Now add entries to link list. */ /* Now add entries to link list. */
new_entry = malloc(sizeof(struct dir_xattr)); new_entry = malloc(sizeof(struct dir_xattr));
if (!new_entry) { if (!new_entry) {
@ -413,7 +414,7 @@ index 72f4fb462e34..f7e84657d09d 100644
goto oom; goto oom;
} }
new_entry->next = NULL; new_entry->next = NULL;
@@ -353,15 +353,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, @@ -357,15 +357,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
new_entry->directory = strdup(directory); new_entry->directory = strdup(directory);
if (!new_entry->directory) { if (!new_entry->directory) {
free(new_entry); free(new_entry);
@ -432,7 +433,7 @@ index 72f4fb462e34..f7e84657d09d 100644
goto oom; goto oom;
} }
@@ -374,7 +374,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, @@ -379,7 +379,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
dir_xattr_last = new_entry; dir_xattr_last = new_entry;
} }
@ -441,7 +442,7 @@ index 72f4fb462e34..f7e84657d09d 100644
return 0; return 0;
oom: oom:
@@ -755,7 +755,7 @@ err: @@ -759,7 +759,7 @@ err:
struct dir_hash_node { struct dir_hash_node {
char *path; char *path;
@ -450,7 +451,7 @@ index 72f4fb462e34..f7e84657d09d 100644
struct dir_hash_node *next; struct dir_hash_node *next;
}; };
/* /*
@@ -1232,7 +1232,7 @@ static int selinux_restorecon_common(const char *pathname_orig, @@ -1249,7 +1249,7 @@ static int selinux_restorecon_common(const char *pathname_orig,
if (setxattr(current->path, if (setxattr(current->path,
RESTORECON_PARTIAL_MATCH_DIGEST, RESTORECON_PARTIAL_MATCH_DIGEST,
current->digest, current->digest,
@ -1342,5 +1343,5 @@ index e28833d2ce97..900f018c0091 100644
} }
default: default:
-- --
2.35.1 2.36.0

11
libselinux.spec
View File

@ -4,16 +4,16 @@
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Name: libselinux Name: libselinux
Version: 3.4 Version: 3.4
Release: 0.rc2.1%{?dist} Release: 0.rc3.1%{?dist}
License: Public Domain License: Public Domain
# https://github.com/SELinuxProject/selinux/wiki/Releases # https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4-rc2/libselinux-3.4-rc2.tar.gz Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4-rc3/libselinux-3.4-rc3.tar.gz
Source1: selinuxconlist.8 Source1: selinuxconlist.8
Source2: selinuxdefcon.8 Source2: selinuxdefcon.8
Url: https://github.com/SELinuxProject/selinux/wiki Url: https://github.com/SELinuxProject/selinux/wiki
# $ git clone https://github.com/fedora-selinux/selinux.git # $ git clone https://github.com/fedora-selinux/selinux.git
# $ cd selinux # $ cd selinux
# $ git format-patch -N 3.4-rc2 -- libselinux # $ git format-patch -N 3.4-rc3 -- libselinux
# $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done # $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
# Patch list start # Patch list start
Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch
@ -87,7 +87,7 @@ The libselinux-static package contains the static libraries
needed for developing SELinux applications. needed for developing SELinux applications.
%prep %prep
%autosetup -p 2 -n libselinux-%{version}-rc2 %autosetup -p 2 -n libselinux-%{version}-rc3
%build %build
export DISABLE_RPM="y" export DISABLE_RPM="y"
@ -213,6 +213,9 @@ rm -f %{buildroot}%{_mandir}/man8/togglesebool*
%{ruby_vendorarchdir}/selinux.so %{ruby_vendorarchdir}/selinux.so
%changelog %changelog
* Tue May 10 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-0.rc3.1
- SELinux userspace 3.4-rc3 release
* Thu Apr 21 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-0.rc2.1 * Thu Apr 21 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-0.rc2.1
- SELinux userspace 3.4-rc2 release - SELinux userspace 3.4-rc2 release

2
sources
View File

@ -1 +1 @@
SHA512 (libselinux-3.4-rc2.tar.gz) = 5332e598bb4f6f2d6681921d699addd1fc7b82229c1cd082ac43c15e1c390a8e9021c1725e444c1f6ddfc125cb008c62fa169d741cca777d1d6160e1a9995a6f SHA512 (libselinux-3.4-rc3.tar.gz) = 588d46ee7be688df31daea2280a8e98aa968b1ca07f9a2bf4034bc0dee0d7b0872286e3355538c52bb0179948891a4b26400d7ad8c4abbe84f4698846d56affd