- Add ruby support for puppet
This commit is contained in:
parent
c56d166bb6
commit
ee778682f8
@ -1,6 +1,6 @@
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.67/man/man3/freecon.3
|
||||
--- nsalibselinux/man/man3/freecon.3 2008-06-12 23:25:12.000000000 -0400
|
||||
+++ libselinux-2.0.67/man/man3/freecon.3 2008-06-29 08:28:37.000000000 -0400
|
||||
+++ libselinux-2.0.67/man/man3/freecon.3 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -15,6 +15,11 @@
|
||||
.B freeconary
|
||||
frees the memory allocated for a context array.
|
||||
@ -15,7 +15,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux
|
||||
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.67/man/man8/selinuxconlist.8
|
||||
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-06-29 08:27:30.000000000 -0400
|
||||
+++ libselinux-2.0.67/man/man8/selinuxconlist.8 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -0,0 +1,18 @@
|
||||
+.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
||||
+.SH "NAME"
|
||||
@ -37,7 +37,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 lib
|
||||
+secon(8), selinuxdefcon(8)
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.67/man/man8/selinuxdefcon.8
|
||||
--- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ libselinux-2.0.67/man/man8/selinuxdefcon.8 2008-06-29 08:27:30.000000000 -0400
|
||||
+++ libselinux-2.0.67/man/man8/selinuxdefcon.8 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -0,0 +1,19 @@
|
||||
+.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
||||
+.SH "NAME"
|
||||
@ -58,9 +58,147 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libs
|
||||
+
|
||||
+.SH "SEE ALSO"
|
||||
+secon(8), selinuxconlist(8)
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.67/src/Makefile
|
||||
--- nsalibselinux/src/Makefile 2008-06-22 09:40:25.000000000 -0400
|
||||
+++ libselinux-2.0.67/src/Makefile 2008-07-09 16:56:37.000000000 -0400
|
||||
@@ -7,16 +7,24 @@
|
||||
PYINC ?= /usr/include/$(PYLIBVER)
|
||||
PYLIB ?= /usr/lib/$(PYLIBVER)
|
||||
PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
|
||||
+RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
|
||||
+RUBYPLATFORM ?= $(shell ruby -e 'print RUBY_PLATFORM')
|
||||
+RUBYINC ?= $(LIBDIR)/ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
|
||||
+RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
|
||||
|
||||
LIBVERSION = 1
|
||||
|
||||
LIBA=libselinux.a
|
||||
TARGET=libselinux.so
|
||||
SWIGIF= selinuxswig_python.i
|
||||
+SWIGRUBYIF= selinuxswig_ruby.i
|
||||
SWIGCOUT= selinuxswig_wrap.c
|
||||
+SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
|
||||
SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
|
||||
+SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
|
||||
SWIGSO=_selinux.so
|
||||
SWIGFILES=$(SWIGSO) selinux.py
|
||||
+SWIGRUBYSO=_rubyselinux.so
|
||||
LIBSO=$(TARGET).$(LIBVERSION)
|
||||
AUDIT2WHYSO=audit2why.so
|
||||
|
||||
@@ -29,7 +37,9 @@
|
||||
ifeq ($(DISABLE_RPM),y)
|
||||
UNUSED_SRCS+=rpm.c
|
||||
endif
|
||||
-SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(SWIGCOUT),$(wildcard *.c)))
|
||||
+
|
||||
+GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT)
|
||||
+SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(GENERATED),$(wildcard *.c)))
|
||||
|
||||
OBJS= $(patsubst %.c,%.o,$(SRCS))
|
||||
LOBJS= $(patsubst %.c,%.lo,$(SRCS))
|
||||
@@ -44,11 +54,11 @@
|
||||
|
||||
SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
|
||||
|
||||
-GENERATED=$(SWIGCOUT)
|
||||
+SWIGRUBY = swig -Wall -ruby -o $(SWIGRUBYCOUT) -outdir ./
|
||||
|
||||
all: $(LIBA) $(LIBSO)
|
||||
|
||||
-pywrap: all $(SWIGSO) $(AUDIT2WHYSO)
|
||||
+pywrap: all $(SWIGSO) $(AUDIT2WHYSO) $(SWIGRUBYSO)
|
||||
|
||||
$(LIBA): $(OBJS)
|
||||
$(AR) rcs $@ $^
|
||||
@@ -57,8 +67,14 @@
|
||||
$(SWIGLOBJ): $(SWIGCOUT)
|
||||
$(CC) $(filter-out -Werror,$(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
|
||||
|
||||
+$(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
|
||||
+ $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $<
|
||||
+
|
||||
$(SWIGSO): $(SWIGLOBJ)
|
||||
- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
|
||||
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
|
||||
+
|
||||
+$(SWIGRUBYSO): $(SWIGRUBYLOBJ)
|
||||
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
|
||||
|
||||
$(LIBSO): $(LOBJS)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
|
||||
@@ -79,6 +95,9 @@
|
||||
$(SWIGCOUT): $(SWIGIF)
|
||||
$(SWIG) $^
|
||||
|
||||
+$(SWIGRUBYCOUT): $(SWIGRUBYIF)
|
||||
+ $(SWIGRUBY) $^
|
||||
+
|
||||
swigify: $(SWIGIF)
|
||||
$(SWIG) $^
|
||||
|
||||
@@ -95,6 +114,9 @@
|
||||
install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
|
||||
install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
|
||||
|
||||
+ test -d $(RUBYINSTALL) || install -m 755 -d $(RUBYINSTALL)
|
||||
+ install -m 755 $(SWIGRUBYSO) $(RUBYINSTALL)/selinux.so
|
||||
+
|
||||
relabel:
|
||||
/sbin/restorecon $(SHLIBDIR)/$(LIBSO)
|
||||
|
||||
@@ -102,7 +124,7 @@
|
||||
-rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~
|
||||
|
||||
distclean: clean
|
||||
- rm -f $(SWIGCOUT) $(SWIGFILES)
|
||||
+ rm -f $(GENERATED) $(SWIGFILES)
|
||||
|
||||
indent:
|
||||
../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.67/src/audit2why.c
|
||||
--- nsalibselinux/src/audit2why.c 2008-06-12 23:25:14.000000000 -0400
|
||||
+++ libselinux-2.0.67/src/audit2why.c 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -55,7 +55,7 @@
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static int check_booleans(struct avc_t *avc, struct boolean_t **bools)
|
||||
+static int check_booleans(struct boolean_t **bools)
|
||||
{
|
||||
char errormsg[PATH_MAX];
|
||||
struct sepol_av_decision avd;
|
||||
@@ -376,7 +376,7 @@
|
||||
avc->tsid = tsid;
|
||||
avc->tclass = tclass;
|
||||
avc->av = av;
|
||||
- if (check_booleans(avc, &bools) == 0) {
|
||||
+ if (check_booleans(&bools) == 0) {
|
||||
if (av & ~avd.auditdeny) {
|
||||
RETURN(DONTAUDIT)
|
||||
} else {
|
||||
@@ -390,15 +390,15 @@
|
||||
len++; b++;
|
||||
}
|
||||
b = bools;
|
||||
- PyObject *boollist = PyTuple_New(len);
|
||||
+ PyObject *outboollist = PyTuple_New(len);
|
||||
len=0;
|
||||
while(b->name) {
|
||||
PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
|
||||
- PyTuple_SetItem(boollist, len++, bool);
|
||||
+ PyTuple_SetItem(outboollist, len++, bool);
|
||||
b++;
|
||||
}
|
||||
free(bools);
|
||||
- PyTuple_SetItem(result, 1, boollist);
|
||||
+ PyTuple_SetItem(result, 1, outboollist);
|
||||
return result;
|
||||
}
|
||||
}
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.67/src/matchpathcon.c
|
||||
--- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400
|
||||
+++ libselinux-2.0.67/src/matchpathcon.c 2008-06-29 08:27:30.000000000 -0400
|
||||
+++ libselinux-2.0.67/src/matchpathcon.c 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -2,6 +2,7 @@
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
@ -78,3 +216,154 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_ruby.i libselinux-2.0.67/src/selinuxswig_ruby.i
|
||||
--- nsalibselinux/src/selinuxswig_ruby.i 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ libselinux-2.0.67/src/selinuxswig_ruby.i 2008-07-09 16:52:33.000000000 -0400
|
||||
@@ -0,0 +1,147 @@
|
||||
+/* Author: James Athey
|
||||
+ */
|
||||
+
|
||||
+%module selinux
|
||||
+%{
|
||||
+ #include "selinux/selinux.h"
|
||||
+%}
|
||||
+
|
||||
+/* security_get_boolean_names() typemap */
|
||||
+/*
|
||||
+%typemap(argout) (char ***names, int *len) {
|
||||
+ PyObject* list = PyList_New(*$2);
|
||||
+ int i;
|
||||
+ for (i = 0; i < *$2; i++) {
|
||||
+ PyList_SetItem(list, i, PyString_FromString((*$1)[i]));
|
||||
+ }
|
||||
+ $result = SWIG_Python_AppendOutput($result, list);
|
||||
+}
|
||||
+*/
|
||||
+/* return a sid along with the result */
|
||||
+%typemap(argout) (security_id_t * sid) {
|
||||
+ if (*$1) {
|
||||
+ %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0));
|
||||
+ }
|
||||
+/* else {
|
||||
+ Py_INCREF(Py_None);
|
||||
+ %append_output(Py_None);
|
||||
+ }
|
||||
+*/
|
||||
+}
|
||||
+
|
||||
+%typemap(in,numinputs=0) security_id_t *(security_id_t temp) {
|
||||
+ $1 = &temp;
|
||||
+}
|
||||
+
|
||||
+/* Makes security_compute_user() return a Python list of contexts */
|
||||
+/*
|
||||
+%typemap(argout) (security_context_t **con) {
|
||||
+ PyObject* plist;
|
||||
+ int i, len = 0;
|
||||
+
|
||||
+ if (*$1) {
|
||||
+ while((*$1)[len])
|
||||
+ len++;
|
||||
+ plist = PyList_New(len);
|
||||
+ for (i = 0; i < len; i++) {
|
||||
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
|
||||
+ }
|
||||
+ } else {
|
||||
+ plist = PyList_New(0);
|
||||
+ }
|
||||
+
|
||||
+ $result = SWIG_Python_AppendOutput($result, plist);
|
||||
+}
|
||||
+*/
|
||||
+/* Makes functions in get_context_list.h return a Python list of contexts */
|
||||
+
|
||||
+#ifdef fixme
|
||||
+%typemap(argout) (security_context_t **list) {
|
||||
+ PyObject* plist;
|
||||
+ int i;
|
||||
+
|
||||
+ if (*$1) {
|
||||
+ plist = PyList_New(result);
|
||||
+ for (i = 0; i < result; i++) {
|
||||
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
|
||||
+ }
|
||||
+ } else {
|
||||
+ plist = PyList_New(0);
|
||||
+ }
|
||||
+ /* Only return the Python list, don't need to return the length anymore */
|
||||
+ $result = plist;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
+%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) {
|
||||
+ $1 = &temp;
|
||||
+}
|
||||
+%typemap(freearg,match="in") security_context_t * "";
|
||||
+%typemap(argout,noblock=1) security_context_t * {
|
||||
+ if (*$1) {
|
||||
+ %append_output(SWIG_FromCharPtr(*$1));
|
||||
+ freecon(*$1);
|
||||
+ }
|
||||
+/*
|
||||
+ else {
|
||||
+ Py_INCREF(Py_None);
|
||||
+ %append_output(Py_None);
|
||||
+ }
|
||||
+*/
|
||||
+}
|
||||
+
|
||||
+%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
|
||||
+ $1 = &temp;
|
||||
+}
|
||||
+%typemap(freearg,match="in") char ** "";
|
||||
+%typemap(argout,noblock=1) char ** {
|
||||
+ if (*$1) {
|
||||
+ %append_output(SWIG_FromCharPtr(*$1));
|
||||
+ free(*$1);
|
||||
+ }
|
||||
+/*
|
||||
+ else {
|
||||
+ Py_INCREF(Py_None);
|
||||
+ %append_output(Py_None);
|
||||
+ }
|
||||
+*/
|
||||
+}
|
||||
+/*
|
||||
+%typemap(in) char * const [] {
|
||||
+ int i, size;
|
||||
+ PyObject * s;
|
||||
+
|
||||
+ if (!PySequence_Check($input)) {
|
||||
+ PyErr_SetString(PyExc_ValueError, "Expected a sequence");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ size = PySequence_Size($input);
|
||||
+
|
||||
+ $1 = (char**) malloc(size + 1);
|
||||
+ for(i = 0; i < size; i++) {
|
||||
+ if (!PyString_Check(PySequence_GetItem($input, i))) {
|
||||
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ for(i = 0; i < size; i++) {
|
||||
+ s = PySequence_GetItem($input, i);
|
||||
+ $1[i] = (char*) malloc(PyString_Size(s) + 1);
|
||||
+ strcpy($1[i], PyString_AsString(s));
|
||||
+ }
|
||||
+ $1[size] = NULL;
|
||||
+}
|
||||
+*/
|
||||
+
|
||||
+%typemap(freearg,match="in") char * const [] {
|
||||
+ int i = 0;
|
||||
+ while($1[i]) {
|
||||
+ free($1[i]);
|
||||
+ i++;
|
||||
+ }
|
||||
+ free($1);
|
||||
+}
|
||||
+
|
||||
+%include "selinuxswig.i"
|
||||
|
@ -1,17 +1,18 @@
|
||||
%define ruby_sitearch %(ruby -rrbconfig -e "puts Config::CONFIG['sitearchdir']")
|
||||
%define libsepolver 2.0.32-1
|
||||
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
||||
|
||||
Summary: SELinux library and simple utilities
|
||||
Name: libselinux
|
||||
Version: 2.0.67
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: Public Domain
|
||||
Group: System Environment/Libraries
|
||||
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
|
||||
Patch: libselinux-rhat.patch
|
||||
URL: http://www.nsa.gov/selinux
|
||||
|
||||
BuildRequires: python-devel libsepol-static >= %{libsepolver} swig
|
||||
BuildRequires: python-devel ruby-devel ruby libsepol-static >= %{libsepolver} swig
|
||||
Requires: libsepol >= %{libsepolver}
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
@ -39,6 +40,15 @@ Requires: libselinux = %{version}-%{release}
|
||||
The libselinux-python package contains the python bindings for developing
|
||||
SELinux applications.
|
||||
|
||||
%package ruby
|
||||
Summary: SELinux ruby bindings for libselinux
|
||||
Group: Development/Libraries
|
||||
Requires: libselinux = %{version}-%{release}
|
||||
|
||||
%description ruby
|
||||
The libselinux-ruby package contains the ruby bindings for developing
|
||||
SELinux applications.
|
||||
|
||||
%package devel
|
||||
Summary: Header files and libraries used to build SELinux
|
||||
Group: Development/Libraries
|
||||
@ -135,7 +145,14 @@ exit 0
|
||||
%dir %{python_sitearch}/selinux
|
||||
%{python_sitearch}/selinux/*
|
||||
|
||||
%files ruby
|
||||
%defattr(-,root,root,-)
|
||||
%{ruby_sitearch}/selinux.so
|
||||
|
||||
%changelog
|
||||
* Wed Jul 9 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-4
|
||||
- Add ruby support for puppet
|
||||
|
||||
* Tue Jul 8 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.67-3
|
||||
- Rebuild for new libsepol
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user