libselinux/libselinux-rhat.patch
Daniel J Walsh c4aa29e945 - Upgrade to upstream
dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
Based on a suggestion from Ulrich Drepper, defer regex compilation until we
    have a stem match, by Stephen Smalley.
A further optimization would be to defer regex compilation until we have a
    complete match of the constant prefix of the regex - TBD.
2007-11-30 20:13:08 +00:00

62 lines
2.2 KiB
Diff

diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.42/include/selinux/av_permissions.h
--- nsalibselinux/include/selinux/av_permissions.h 2007-11-15 15:52:46.000000000 -0500
+++ libselinux-2.0.42/include/selinux/av_permissions.h 2007-11-15 16:30:48.000000000 -0500
@@ -900,6 +900,8 @@
#define PACKET__SEND 0x00000001UL
#define PACKET__RECV 0x00000002UL
#define PACKET__RELABELTO 0x00000004UL
+#define PACKET__FLOW_IN 0x00000008UL
+#define PACKET__FLOW_OUT 0x00000010UL
#define KEY__VIEW 0x00000001UL
#define KEY__READ 0x00000002UL
#define KEY__WRITE 0x00000004UL
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.42/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c 2007-09-28 09:48:58.000000000 -0400
+++ libselinux-2.0.42/src/matchpathcon.c 2007-11-15 15:08:23.000000000 -0500
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
#include <stdio.h>
+#include <syslog.h>
#include "selinux_internal.h"
#include "label_internal.h"
#include "callbacks.h"
@@ -57,7 +58,7 @@
{
va_list ap;
va_start(ap, fmt);
- vfprintf(stderr, fmt, ap);
+ vsyslog(LOG_ERR, fmt, ap);
va_end(ap);
}
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.42/utils/matchpathcon.c
--- nsalibselinux/utils/matchpathcon.c 2007-07-16 14:20:45.000000000 -0400
+++ libselinux-2.0.42/utils/matchpathcon.c 2007-11-15 15:08:23.000000000 -0500
@@ -17,10 +17,24 @@
exit(1);
}
+static void
+#ifdef __GNUC__
+ __attribute__ ((format(printf, 1, 2)))
+#endif
+ myprintf(const char *fmt, ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ vfprintf(stderr, fmt, ap);
+ va_end(ap);
+}
+
int printmatchpathcon(char *path, int header, int mode)
{
char *buf;
- int rc = matchpathcon(path, mode, &buf);
+ int rc;
+ set_matchpathcon_printf(myprintf);
+ rc = matchpathcon(path, mode, &buf);
if (rc < 0) {
fprintf(stderr, "matchpathcon(%s) failed: %s\n", path,
strerror(errno));