- Update to upstream

- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
2010-12-21 16:29:19 -05:00 · 2010-12-21 16:29:19 -05:00 · ca9cea7698
commit ca9cea7698
parent 2542902e06
4 changed files with 102 additions and 126 deletions
--- a/.gitignore
+++ b/.gitignore
@ -180,3 +180,4 @@ libselinux-2.0.93.tgz
 libselinux-2.0.94.tgz
 libselinux-2.0.96.tgz
 /libselinux-2.0.97.tgz
+/libselinux-2.0.98.tgz
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -1,6 +1,8 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.96/man/man8/selinuxconlist.8
--- nsalibselinux/man/man8/selinuxconlist.8	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.96/man/man8/selinuxconlist.8	2010-06-16 09:20:34.000000000 -0400
+diff --git a/libselinux/man/man8/selinuxconlist.8 b/libselinux/man/man8/selinuxconlist.8
+new file mode 100644
+index 0000000..c698daa
+--- /dev/null
+++ b/libselinux/man/man8/selinuxconlist.8
@@ -0,0 +1,18 @@
 +.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
 +.SH "NAME"
@ -20,9 +22,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 lib
 +
 +.SH "SEE ALSO"
 +secon(8), selinuxdefcon(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.96/man/man8/selinuxdefcon.8
--- nsalibselinux/man/man8/selinuxdefcon.8	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.96/man/man8/selinuxdefcon.8	2010-06-16 09:20:34.000000000 -0400
+diff --git a/libselinux/man/man8/selinuxdefcon.8 b/libselinux/man/man8/selinuxdefcon.8
+new file mode 100644
+index 0000000..3cbeff2
+--- /dev/null
+++ b/libselinux/man/man8/selinuxdefcon.8
@@ -0,0 +1,24 @@
 +.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
 +.SH "NAME"
@ -48,9 +52,67 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libs
 +
 +.SH "SEE ALSO"
 +secon(8), selinuxconlist(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.96/src/audit2why.c
--- nsalibselinux/src/audit2why.c	2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/audit2why.c	2010-06-25 17:03:37.000000000 -0400
+diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
+index bf665ab..8aeb7a1 100644
+--- a/libselinux/src/Makefile
+++ b/libselinux/src/Makefile
+@@ -1,9 +1,10 @@
+ # Installation directories.
+PYTHON ?= python
+ PREFIX ?= $(DESTDIR)/usr
+ LIBDIR ?= $(PREFIX)/lib
+ SHLIBDIR ?= $(DESTDIR)/lib
+ INCLUDEDIR ?= $(PREFIX)/include
+-PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
+PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
+ PYINC ?= /usr/include/$(PYLIBVER)
+ PYLIB ?= /usr/lib/$(PYLIBVER)
+ PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
+@@ -23,13 +24,13 @@ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i
+ SWIGRUBYIF= selinuxswig_ruby.i
+ SWIGCOUT= selinuxswig_wrap.c
+ SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
+-SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) 
+SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) 
+ SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT)) 
+-SWIGSO=_selinux.so
+SWIGSO=$(PYPREFIX)_selinux.so
+ SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i
+ SWIGRUBYSO=_rubyselinux.so
+ LIBSO=$(TARGET).$(LIBVERSION)
+-AUDIT2WHYSO=audit2why.so
+AUDIT2WHYSO=$(PYPREFIX)audit2why.so
+ 
+ ifeq ($(DISABLE_AVC),y)
+ 	UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
+@@ -91,10 +92,10 @@ $(LIBPC): $(LIBPC).in
+ selinuxswig_python_exception.i: ../include/selinux/selinux.h
+ 	bash exception.sh > $@ 
+ 
+-audit2why.lo: audit2why.c
+$(PYPREFIX)audit2why.lo: audit2why.c
+ 	$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+-$(AUDIT2WHYSO): audit2why.lo
+$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo
+ 	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
+ 
+ %.o:  %.c policy.h
+@@ -123,8 +124,8 @@ install: all
+ 
+ install-pywrap: pywrap
+ 	test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
+-	install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
+-	install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
+	install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so
+	install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so
+ 	install -m 644  selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
+ 
+ install-rubywrap: rubywrap
+diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
+index 691bc67..12e8614 100644
+--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -1,3 +1,6 @@
 +/* Workaround for http://bugs.python.org/issue4835 */
 +#define SIZEOF_SOCKET_T SIZEOF_INT
@ -58,7 +120,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
 #include <Python.h>
 #include <unistd.h>
 #include <stdlib.h>
-@@ -255,6 +258,8 @@
+@@ -255,6 +258,8 @@ static int __policy_init(const char *init_path)
 	fclose(fp);
 	sepol_set_policydb(&avc->policydb->p);
 	avc->handle = sepol_handle_create();
@ -67,7 +129,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
 
 	rc = sepol_bool_count(avc->handle,
 			      avc->policydb, &cnt);
-@@ -287,8 +292,10 @@
+@@ -287,8 +292,10 @@ static int __policy_init(const char *init_path)
 static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
   int result;
   char *init_path=NULL;
@ -80,7 +142,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
   return Py_BuildValue("i", result);
 }
 
-@@ -353,7 +360,11 @@
+@@ -353,7 +360,11 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
 		strObj = PyList_GetItem(listObj, i); /* Can't fail */
 		
 		/* make it a string */
@ -92,7 +154,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
 		
 		perm = string_to_av_perm(tclass, permstr);
 		if (!perm) {
-@@ -423,10 +434,39 @@
+@@ -423,10 +434,39 @@ static PyMethodDef audit2whyMethods[] = {
     {NULL, NULL, 0, NULL}        /* Sentinel */
 };
 
@ -133,7 +195,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
 	PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN);
 	PyModule_AddIntConstant(m,"BADSCON", BADSCON);
 	PyModule_AddIntConstant(m,"BADTCON", BADTCON);
-@@ -440,4 +480,8 @@
+@@ -440,4 +480,8 @@ initaudit2why(void)
 	PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN);
 	PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT);
 	PyModule_AddIntConstant(m,"RBAC", RBAC);
@ -142,10 +204,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.
 +	return m;
 +#endif
 }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.96/src/callbacks.c
--- nsalibselinux/src/callbacks.c	2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/callbacks.c	2010-06-16 09:20:34.000000000 -0400
-@@ -16,6 +16,7 @@
+diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c
+index b245364..7c47222 100644
+--- a/libselinux/src/callbacks.c
+++ b/libselinux/src/callbacks.c
+@@ -16,6 +16,7 @@ default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
 {
 	int rc;
 	va_list ap;
@ -153,103 +216,10 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.
 	va_start(ap, fmt);
 	rc = vfprintf(stderr, fmt, ap);
 	va_end(ap);
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-2.0.96/src/get_context_list.c
--- nsalibselinux/src/get_context_list.c	2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/get_context_list.c	2010-07-27 13:09:08.000000000 -0400
-@@ -286,7 +286,6 @@
- 	if (buf[plen - 1] == '\n')
- 		buf[plen - 1] = 0;
- 
-      retry:
- 	nlen = strlen(user) + 1 + plen + 1;
- 	*newcon = malloc(nlen);
- 	if (!(*newcon))
-@@ -306,10 +305,6 @@
- 	if (security_check_context(*newcon) && errno != ENOENT) {
- 		free(*newcon);
- 		*newcon = 0;
-		if (strcmp(user, SELINUX_DEFAULTUSER)) {
-			user = SELINUX_DEFAULTUSER;
-			goto retry;
-		}
- 		return -1;
- 	}
- 
-@@ -418,13 +413,8 @@
- 
- 	/* Determine the set of reachable contexts for the user. */
- 	rc = security_compute_user(fromcon, user, &reachable);
-	if (rc < 0) {
-		/* Retry with the default SELinux user identity. */
-		user = SELINUX_DEFAULTUSER;
-		rc = security_compute_user(fromcon, user, &reachable);
-		if (rc < 0)
-			goto failsafe;
-	}
-+	if (rc < 0)
-+		goto failsafe;
- 	nreach = 0;
- 	for (ptr = reachable; *ptr; ptr++)
- 		nreach++;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.96/src/Makefile
--- nsalibselinux/src/Makefile	2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/Makefile	2010-06-16 09:20:39.000000000 -0400
-@@ -1,9 +1,10 @@
- # Installation directories.
-+PYTHON ?= python
- PREFIX ?= $(DESTDIR)/usr
- LIBDIR ?= $(PREFIX)/lib
- SHLIBDIR ?= $(DESTDIR)/lib
- INCLUDEDIR ?= $(PREFIX)/include
-PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
-+PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
- PYINC ?= /usr/include/$(PYLIBVER)
- PYLIB ?= /usr/lib/$(PYLIBVER)
- PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-@@ -23,13 +24,13 @@
- SWIGRUBYIF= selinuxswig_ruby.i
- SWIGCOUT= selinuxswig_wrap.c
- SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
-SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) 
-+SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) 
- SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT)) 
-SWIGSO=_selinux.so
-+SWIGSO=$(PYPREFIX)_selinux.so
- SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i
- SWIGRUBYSO=_rubyselinux.so
- LIBSO=$(TARGET).$(LIBVERSION)
-AUDIT2WHYSO=audit2why.so
-+AUDIT2WHYSO=$(PYPREFIX)audit2why.so
- 
- ifeq ($(DISABLE_AVC),y)
- 	UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
-@@ -91,10 +92,10 @@
- selinuxswig_python_exception.i: ../include/selinux/selinux.h
- 	bash exception.sh > $@ 
- 
-audit2why.lo: audit2why.c
-+$(PYPREFIX)audit2why.lo: audit2why.c
- 	$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
- 
-$(AUDIT2WHYSO): audit2why.lo
-+$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo
- 	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
- 
- %.o:  %.c policy.h
-@@ -123,8 +124,8 @@
- 
- install-pywrap: pywrap
- 	test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
-	install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
-	install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
-+	install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so
-+	install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so
- 	install -m 644  selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
- 
- install-rubywrap: rubywrap
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.96/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c	2010-05-19 14:45:51.000000000 -0400
-+++ libselinux-2.0.96/src/matchpathcon.c	2010-07-26 14:55:18.000000000 -0400
+diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
+index bb4eb9f..c9ae42f 100644
+--- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
 #include <string.h>
 #include <errno.h>
@ -258,7 +228,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
 #include "selinux_internal.h"
 #include "label_internal.h"
 #include "callbacks.h"
-@@ -57,7 +58,7 @@
+@@ -60,7 +61,7 @@ static void
 {
 	va_list ap;
 	va_start(ap, fmt);
@ -267,10 +237,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
 	va_end(ap);
 }
 
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.96/src/selinuxswig_python.i
--- nsalibselinux/src/selinuxswig_python.i	2010-06-16 08:03:38.000000000 -0400
-+++ libselinux-2.0.96/src/selinuxswig_python.i	2010-06-16 09:20:34.000000000 -0400
-@@ -45,7 +45,7 @@
+diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i
+index dea0e80..bb227e9 100644
+--- a/libselinux/src/selinuxswig_python.i
+++ b/libselinux/src/selinuxswig_python.i
+@@ -45,7 +45,7 @@ def install(src, dest):
 	PyObject* list = PyList_New(*$2);
 	int i;
 	for (i = 0; i < *$2; i++) {
@ -279,7 +250,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
 	}
 	$result = SWIG_Python_AppendOutput($result, list);
 }
-@@ -74,7 +74,9 @@
+@@ -74,7 +74,9 @@ def install(src, dest):
 			len++;
 		plist = PyList_New(len);
 		for (i = 0; i < len; i++) {
@ -290,7 +261,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
 		}
 	} else {
 		plist = PyList_New(0);
-@@ -91,7 +93,9 @@
+@@ -91,7 +93,9 @@ def install(src, dest):
 	if (*$1) {
 		plist = PyList_New(result);
 		for (i = 0; i < result; i++) {
@ -301,7 +272,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
 		}
 	} else {
 		plist = PyList_New(0);
-@@ -144,16 +148,20 @@
+@@ -144,16 +148,20 @@ def install(src, dest):
 	$1 = (char**) malloc(size + 1);
 
 	for(i = 0; i < size; i++) {
--- a/libselinux.spec
+++ b/libselinux.spec
@ -6,7 +6,7 @@

 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 2.0.97
+Version: 2.0.98
 Release: 1%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
@ -96,7 +96,7 @@ needed for developing SELinux applications.

 %prep
 %setup -q
-%patch1 -p1 -b .rhat
+%patch1 -p2 -b .rhat

 %build
 # To support building the Python wrapper against multiple Python runtimes
@ -236,6 +236,10 @@ exit 0
 %{ruby_sitearch}/selinux.so

 %changelog
+* Tue Dec 21 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.98-1
+- Update to upstream 
+  - Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
+
 * Mon Dec 6 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.97-1
 - Update to upstream 
 	* Thread local storage fixes from Eamon Walsh.
--- a/2
+++ b/2
@ -1 +1 @@
-1f2f5ff4fafddcd557caaac7b551fa27  libselinux-2.0.97.tgz
+ae5872335424582717bd9d3bd646ef17  libselinux-2.0.98.tgz