Rebuild with latest libsepol

libselinux-rhat.patch

@@ -126,7 +126,7 @@ index 9f16f77..4835f2f 100644
  .SH FILES
  /etc/selinux/config
 diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
-index 02483a3..647ea4c 100644
+index 02483a3..d2de4d5 100644
 --- a/libselinux/src/audit2why.c
 +++ b/libselinux/src/audit2why.c
 @@ -164,6 +164,9 @@ static PyObject *finish(PyObject *self __attribute__((unused)), PyObject *args)
@@ -191,32 +191,132 @@ index 02483a3..647ea4c 100644
    if (!PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path))
      return NULL;
    result = __policy_init(init_path);
-@@ -306,6 +298,7 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
- 	return result;						
+@@ -302,10 +294,12 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
+ }
+ 
+ #define RETURN(X) \
+-	PyTuple_SetItem(result, 0, Py_BuildValue("i", X));	\
+-	return result;						
++	{ \
++		return Py_BuildValue("iO", (X), Py_None);	\
++	}					
  
  static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) {
 +	char *reason_buf = NULL;
  	security_context_t scon; 
  	security_context_t tcon;
  	char *tclassstr; 
-@@ -376,7 +369,7 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+@@ -320,10 +314,6 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ 	struct sepol_av_decision avd;
+ 	int rc;
+ 	int i=0;
+-	PyObject *result = PyTuple_New(2);
+-	if (!result) return NULL;
+-	Py_INCREF(Py_None);
+-	PyTuple_SetItem(result, 1, Py_None);
+ 
+ 	if (!PyArg_ParseTuple(args,(char *)"sssO!:audit2why",&scon,&tcon,&tclassstr,&PyList_Type, &listObj)) 
+ 		return NULL;
+@@ -334,22 +324,21 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ 	/* should raise an error here. */
+ 	if (numlines < 0)	return NULL; /* Not a list */
+ 
+-	if (!avc) {
++	if (!avc)
+ 		RETURN(NOPOLICY)
+-	}
+ 
+ 	rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid);
+-	if (rc < 0) {
++	if (rc < 0)
+ 		RETURN(BADSCON)
+-	}
++
+ 	rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
+-	if (rc < 0) {
++	if (rc < 0)
+ 		RETURN(BADTCON)
+-	}
++
+ 	tclass = string_to_security_class(tclassstr);
+-	if (!tclass) {
++	if (!tclass)
+ 		RETURN(BADTCLASS)
+-	}
++
+ 	/* Convert the permission list to an AV. */
+ 	av = 0;
+ 
+@@ -369,21 +358,20 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ #endif
+ 		
+ 		perm = string_to_av_perm(tclass, permstr);
+-		if (!perm) {
++		if (!perm)
+ 			RETURN(BADPERM)
+-		}
++
+ 		av |= perm;
  	}
  
  	/* Reproduce the computation. */
 -	rc = sepol_compute_av_reason(ssid, tsid, tclass, av, &avd, &reason);
+-	if (rc < 0) {
 +	rc = sepol_compute_av_reason_buffer(ssid, tsid, tclass, av, &avd, &reason, &reason_buf);
- 	if (rc < 0) {
++	if (rc < 0)
  		RETURN(BADCOMPUTE)
- 	}
-@@ -417,6 +410,8 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+-	}
+ 
+-	if (!reason) {
++	if (!reason)
+ 		RETURN(ALLOW)
+-	}
++
+ 	if (reason & SEPOL_COMPUTEAV_TE) {
+ 		avc->ssid = ssid;
+ 		avc->tsid = tsid;
+@@ -396,28 +384,34 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ 				RETURN(TERULE)
+ 			}
+ 		} else {
+-			PyTuple_SetItem(result, 0, Py_BuildValue("i", BOOLEAN));
++			PyObject *outboollist;
+ 			struct boolean_t *b = bools;
+ 			int len=0;
+ 			while (b->name) {
+ 				len++; b++;
+ 			}
+ 			b = bools;
+-			PyObject *outboollist = PyTuple_New(len);
++			outboollist = PyList_New(len);
+ 			len=0;
+ 			while(b->name) {
+-				PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
+-				PyTuple_SetItem(outboollist, len++, bool);
++				PyObject *bool_ = Py_BuildValue("(si)", b->name, b->active);
++				PyList_SetItem(outboollist, len++, bool_);
+ 				b++;
+ 			}
+ 			free(bools);
+-			PyTuple_SetItem(result, 1, outboollist);
+-			return result;
++			/* 'N' steals the reference to outboollist */
++			return Py_BuildValue("iN", BOOLEAN, outboollist);
+ 		}
  	}
  
  	if (reason & SEPOL_COMPUTEAV_CONS) {
-+		printf("%s\n", reason_buf);
-+		free(reason_buf);
- 		RETURN(CONSTRAINT);
+-		RETURN(CONSTRAINT);
++		if (reason_buf) {
++			PyObject *result = NULL;
++			result = Py_BuildValue("is", CONSTRAINT, reason_buf);
++			free(reason_buf);
++			return result;
++		} 
++		RETURN(CONSTRAINT)
  	}
  
+ 	if (reason & SEPOL_COMPUTEAV_RBAC) {
 diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
 index 802a07f..6ff83a7 100644
 --- a/libselinux/src/avc.c

libselinux.spec

@@ -4,13 +4,13 @@
 
 %define ruby_inc %(pkg-config --cflags ruby-1.9)
 %define ruby_sitearch %(ruby -rrbconfig -e "puts RbConfig::CONFIG['vendorarchdir']")
-%define libsepolver 2.1.7-4
+%define libsepolver 2.1.8-3
 %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
 
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.1.12
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@@ -241,6 +241,9 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so
 
 %changelog
+* Mon Nov 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-9
+- Rebuild with latest libsepol
+
 * Fri Nov 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-8
 - Return EPERM if login program can not reach default label for user
 - Attempt to return container info from audit2why