- Update from upstream, fix setsebool -P segfault
This commit is contained in:
Daniel J Walsh
parent
37dbcb478d
commit
38be80f2c3
@ -7,3 +7,4 @@ libselinux-1.17.14.tgz
|
||||
libselinux-1.17.15.tgz
|
||||
libselinux-1.17.16.tgz
|
||||
libselinux-1.18.1.tgz
|
||||
libselinux-1.19.1.tgz
|
||||
|
||||
@ -1,135 +1,11 @@
|
||||
--- libselinux-1.17.13/man/man8/setenforce.8.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/man/man8/setenforce.8 2004-10-01 14:53:51.508185621 -0400
|
||||
@@ -6,9 +6,9 @@
|
||||
--- libselinux-1.19.1/utils/setsebool.c.rhat 2004-11-09 09:14:24.000000000 -0500
|
||||
+++ libselinux-1.19.1/utils/setsebool.c 2004-11-09 09:19:31.770804491 -0500
|
||||
@@ -35,6 +35,8 @@
|
||||
|
||||
.SH "DESCRIPTION"
|
||||
.B setenforce [1|0]
|
||||
-Execute setenforce 1 to put SELinux is enforcing mode.
|
||||
-Execute setenforce 0 to put SELinux in permissive mode.
|
||||
-You need to modify /etc/grub.conf or /etc/sysconfig/selinux
|
||||
+Execute setenforce [ Enforcing | 1 ] to put SELinux is enforcing mode.
|
||||
+Execute setenforce [ Permissive | 0 ] to put SELinux in permissive mode.
|
||||
+You need to modify /etc/grub.conf or /etc/selinux/config
|
||||
to disable SELinux.
|
||||
|
||||
.SH AUTHOR
|
||||
--- libselinux-1.17.13/include/selinux/selinux.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/include/selinux/selinux.h 2004-10-01 14:35:29.873277912 -0400
|
||||
@@ -197,6 +197,7 @@
|
||||
policy root directory. */
|
||||
extern const char *selinux_binary_policy_path(void);
|
||||
extern const char *selinux_failsafe_context_path(void);
|
||||
+extern const char *selinux_removable_context_path(void);
|
||||
extern const char *selinux_default_context_path(void);
|
||||
extern const char *selinux_user_contexts_path(void);
|
||||
extern const char *selinux_file_context_path(void);
|
||||
--- libselinux-1.17.13/src/selinux_internal.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/src/selinux_internal.h 2004-10-01 14:35:29.876277582 -0400
|
||||
@@ -16,6 +16,7 @@
|
||||
hidden_proto(security_getenforce)
|
||||
hidden_proto(selinux_default_context_path)
|
||||
hidden_proto(selinux_failsafe_context_path)
|
||||
+hidden_proto(selinux_removable_context_path)
|
||||
hidden_proto(selinux_file_context_path)
|
||||
hidden_proto(selinux_user_contexts_path)
|
||||
hidden_proto(selinux_booleans_path)
|
||||
--- libselinux-1.17.13/src/selinux_config.c.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/src/selinux_config.c 2004-10-01 14:35:29.874277802 -0400
|
||||
@@ -25,7 +25,8 @@
|
||||
#define DEFAULT_TYPE 6
|
||||
#define BOOLEANS 7
|
||||
#define MEDIA_CONTEXTS 8
|
||||
-#define NEL 9
|
||||
+#define REMOVABLE_CONTEXT 9
|
||||
+#define NEL 10
|
||||
|
||||
/* New layout is relative to SELINUXDIR/policytype. */
|
||||
static char *file_paths[NEL];
|
||||
@@ -192,6 +193,11 @@
|
||||
}
|
||||
hidden_def(selinux_failsafe_context_path)
|
||||
|
||||
+const char *selinux_removable_context_path() {
|
||||
+ return get_path(REMOVABLE_CONTEXT);
|
||||
+}
|
||||
+hidden_def(selinux_removable_context_path)
|
||||
+
|
||||
const char *selinux_binary_policy_path() {
|
||||
return get_path(BINPOLICY);
|
||||
}
|
||||
--- libselinux-1.17.13/src/file_path_suffixes.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/src/file_path_suffixes.h 2004-10-01 14:35:29.877277472 -0400
|
||||
@@ -8,3 +8,4 @@
|
||||
S_(DEFAULT_TYPE, "/contexts/default_type")
|
||||
S_(BOOLEANS, "/booleans")
|
||||
S_(MEDIA_CONTEXTS, "/contexts/files/media")
|
||||
+S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
|
||||
--- libselinux-1.17.13/src/dso.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/src/dso.h 2004-10-01 14:35:29.875277692 -0400
|
||||
@@ -7,8 +7,13 @@
|
||||
# define __hidden_proto(fct, internal) \
|
||||
extern __typeof (fct) internal; \
|
||||
extern __typeof (fct) fct __asm (#internal) hidden;
|
||||
-# define hidden_def(fct) \
|
||||
+# ifdef __alpha__
|
||||
+# define hidden_def(fct) \
|
||||
+ asm (".globl " #fct "\n" #fct " = " #fct "_internal");
|
||||
+# else
|
||||
+# define hidden_def(fct) \
|
||||
asm (".globl " #fct "\n.set " #fct ", " #fct "_internal");
|
||||
+#endif
|
||||
#else
|
||||
# define hidden
|
||||
# define hidden_proto(fct)
|
||||
--- libselinux-1.17.13/src/compat_file_path.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/src/compat_file_path.h 2004-10-01 14:35:29.876277582 -0400
|
||||
@@ -8,3 +8,5 @@
|
||||
S_(DEFAULT_TYPE, SECURITYDIR "/default_type")
|
||||
S_(BOOLEANS, SECURITYDIR "/booleans")
|
||||
S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media")
|
||||
+S_(REMOVABLE_CONTEXT, SECURITYDIR "/removable_context")
|
||||
+
|
||||
--- libselinux-1.17.13/utils/setenforce.c.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||
+++ libselinux-1.17.13/utils/setenforce.c 2004-10-01 14:52:15.730713531 -0400
|
||||
@@ -1,18 +1,37 @@
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
+#include <ctype.h>
|
||||
+#include <string.h>
|
||||
+#include <strings.h>
|
||||
#include <selinux/selinux.h>
|
||||
|
||||
+void usage(const char *progname) {
|
||||
+ fprintf(stderr, "usage: %s [ Enforcing | Permissive | 1 | 0 ]\n", progname);
|
||||
+ exit(1);
|
||||
+}
|
||||
+
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
int rc;
|
||||
-
|
||||
if (argc != 2) {
|
||||
- fprintf(stderr, "usage: %s value\n", argv[0]);
|
||||
- exit(1);
|
||||
+ usage(argv[0]);
|
||||
if (strcmp(argv[1], "-P") == 0) {
|
||||
permanent = 1;
|
||||
+ if (argc < 3)
|
||||
+ usage();
|
||||
start = 2;
|
||||
}
|
||||
|
||||
- rc = security_setenforce(atoi(argv[1]));
|
||||
+
|
||||
+ if (strlen(argv[1]) == 1 && (argv[1][0] == '0' || argv[1][0]=='1')) {
|
||||
+ rc = security_setenforce(atoi(argv[1]));
|
||||
+ } else {
|
||||
+ if (strcasecmp(argv[1], "enforcing")==0) {
|
||||
+ rc = security_setenforce(1);
|
||||
+ }
|
||||
+ else
|
||||
+ if (strcasecmp(argv[1], "permissive")==0) {
|
||||
+ rc = security_setenforce(0);
|
||||
+ }
|
||||
+ else
|
||||
+ usage(argv[0]);
|
||||
+ }
|
||||
if (rc < 0) {
|
||||
fprintf(stderr, "%s: setenforce() failed\n", argv[0]);
|
||||
exit(2);
|
||||
else
|
||||
|
||||
@ -1,14 +1,11 @@
|
||||
Summary: SELinux library and simple utilities
|
||||
Name: libselinux
|
||||
Version: 1.18.1
|
||||
Release: 5
|
||||
Version: 1.19.1
|
||||
Release: 1
|
||||
License: Public domain (uncopyrighted)
|
||||
Group: System Environment/Libraries
|
||||
Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
|
||||
#Patch: libselinux-rhat.patch
|
||||
Patch1: libselinux-1.18.1-cleanup.patch
|
||||
Patch2: libselinux-1.17.15-permanent.patch
|
||||
Patch3: libselinux-1.18.1-missing-copy.patch
|
||||
Patch: libselinux-rhat.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
|
||||
|
||||
%description
|
||||
@ -37,9 +34,7 @@ needed for developing SELinux applications.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1 -b .cleanup
|
||||
%patch2 -p1 -b .permanent
|
||||
%patch3 -p1 -b .missing
|
||||
%patch -p1 -b .rhat
|
||||
|
||||
%build
|
||||
make CFLAGS="-g %{optflags}"
|
||||
@ -90,6 +85,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%{_mandir}/man8/*
|
||||
|
||||
%changelog
|
||||
* Tue Nov 9 2004 Dan Walsh <dwalsh@redhat.com> 1.19.1-1
|
||||
- Update from upstream, fix setsebool -P segfault
|
||||
|
||||
* Fri Nov 5 2004 Steve Grubb <sgrubb@redhat.com> 1.18.1-5
|
||||
- Add a patch from upstream. Fixes signed/unsigned issues, and
|
||||
incomplete structure copy.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user