From 153a29f02aa0489cd320bb76fc08e1d0b519a9f5 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 13 Apr 2015 13:31:52 +0200 Subject: [PATCH] Update to upstream release 2.4 from https://github.com/bachradsusi/selinux.git branch 2.4 --- libsemanage-rhat.patch | 100 +++++------------------------------------ libsemanage.spec | 25 +++++++---- make-rhat-patches.sh | 28 ++++++++++++ 3 files changed, 56 insertions(+), 97 deletions(-) create mode 100755 make-rhat-patches.sh diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch index 5991109..ccb36d4 100644 --- a/libsemanage-rhat.patch +++ b/libsemanage-rhat.patch @@ -1,89 +1,13 @@ -diff --git a/src/direct_api.c b/src/direct_api.c -index 64dc7d9..5b94725 100644 ---- a/src/direct_api.c -+++ b/src/direct_api.c -@@ -690,7 +690,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) - /* Declare some variables */ - int modified = 0, fcontexts_modified, ports_modified, - seusers_modified, users_extra_modified, dontaudit_modified, -- preserve_tunables_modified; -+ preserve_tunables_modified, bools_modified; - dbase_config_t *users = semanage_user_dbase_local(sh); - dbase_config_t *users_base = semanage_user_base_dbase_local(sh); - dbase_config_t *pusers_base = semanage_user_base_dbase_policy(sh); -@@ -771,11 +771,11 @@ static int semanage_direct_commit(semanage_handle_t * sh) - users_extra_modified = - users_extra->dtable->is_modified(users_extra->dbase); - ports_modified = ports->dtable->is_modified(ports->dbase); -+ bools_modified = bools->dtable->is_modified(bools->dbase); +diff --git libsemanage-2.4/tests/test_utilities.c libsemanage-2.4/tests/test_utilities.c +index 4d25b07..32cc33c 100644 +--- libsemanage-2.4/tests/test_utilities.c ++++ libsemanage-2.4/tests/test_utilities.c +@@ -45,7 +45,7 @@ void test_slurp_file_filter(void); - modified = sh->modules_modified; - modified |= ports_modified; - modified |= users->dtable->is_modified(users_base->dbase); -- modified |= bools->dtable->is_modified(bools->dbase); - modified |= ifaces->dtable->is_modified(ifaces->dbase); - modified |= nodes->dtable->is_modified(nodes->dbase); - modified |= dontaudit_modified; -@@ -891,15 +891,26 @@ static int semanage_direct_commit(semanage_handle_t * sh) - - /* ==================== Policydb-backed ================ */ - -- /* Create new policy object, then attach to policy databases -- * that work with a policydb */ -+ /* Create new policy object */ - retval = semanage_expand_sandbox(sh, base, &out); - if (retval < 0) - goto cleanup; - - sepol_module_package_free(base); - base = NULL; -+ } else { -+ /* Load already linked policy */ -+ retval = sepol_policydb_create(&out); -+ if (retval < 0) -+ goto cleanup; -+ -+ retval = semanage_read_policydb(sh, out); -+ if (retval < 0) -+ goto cleanup; -+ } - -+ if (sh->do_rebuild || modified || bools_modified) { -+ /* Attach to policy databases that work with a policydb. */ - dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase, - out); - dbase_policydb_attach((dbase_policydb_t *) pports->dbase, out); -@@ -921,14 +932,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) - if (retval < 0) - goto cleanup; - } else { -- retval = sepol_policydb_create(&out); -- if (retval < 0) -- goto cleanup; -- -- retval = semanage_read_policydb(sh, out); -- if (retval < 0) -- goto cleanup; -- -+ /* Changes to non-kernel policy configurations only. */ - if (seusers_modified || users_extra_modified) { - retval = semanage_link_base(sh, &base); - if (retval < 0) -@@ -1007,7 +1011,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) - sepol_policydb_free(out); - out = NULL; - -- if (sh->do_rebuild || modified || -+ if (sh->do_rebuild || modified || bools_modified || - seusers_modified || fcontexts_modified || users_extra_modified) { - retval = semanage_install_sandbox(sh); - } -@@ -1017,7 +1021,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) - free(mod_filenames[i]); - } - -- if (modified) { -+ if (modified || bools_modified) { - /* Detach from policydb, so it can be freed */ - dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase); - dbase_policydb_detach((dbase_policydb_t *) pports->dbase); + char fname[] = { + 'T', 'E', 'S', 'T', '_', 'T', 'E', 'M', 'P', '_', 'X', 'X', 'X', 'X', +- 'X', 'X' ++ 'X', 'X', '\0' + }; + int fd; + FILE *fptr; diff --git a/libsemanage.spec b/libsemanage.spec index 3dbd9f8..7295b5c 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -1,21 +1,21 @@ %global with_python3 1 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print (get_python_lib(1))")} -%define libsepolver 2.1.9-1 -%define libselinuxver 2.1.13-1 +%define libsepolver 2.4-0 +%define libselinuxver 2.4-0 Summary: SELinux binary policy manipulation library Name: libsemanage -Version: 2.3 -Release: 6%{?dist} +Version: 2.4 +Release: 0%{?dist}.3 License: LGPLv2+ Group: System Environment/Libraries -Source: libsemanage-%{version}.tgz +Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/libsemanage-%{version}.tar.gz +# use make-rhat-patches.sh to create following patch from https://github.com/bachradsusi/selinux.git Patch: libsemanage-rhat.patch -URL: http://oss.tresys.com/git/selinux.git +URL: https://github.com/SELinuxProject/selinux/wiki Source1: semanage.conf -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libselinux-devel >= %{libselinuxver} swig ustr-devel BuildRequires: libsepol-devel >= %{libsepolver} BuildRequires: audit-libs-devel @@ -122,8 +122,9 @@ InstallPythonWrapper() { } rm -rf ${RPM_BUILD_ROOT} -mkdir -p ${RPM_BUILD_ROOT}/%{_libdir} +mkdir -p ${RPM_BUILD_ROOT}%{_libdir} mkdir -p ${RPM_BUILD_ROOT}%{_includedir} +mkdir -p ${RPM_BUILD_ROOT}%{_sharedstatedir}/selinux make DESTDIR="${RPM_BUILD_ROOT}" LIBDIR="${RPM_BUILD_ROOT}%{_libdir}" SHLIBDIR="${RPM_BUILD_ROOT}/%{_libdir}" install InstallPythonWrapper \ @@ -148,8 +149,11 @@ rm -rf ${RPM_BUILD_ROOT} %license COPYING %dir %{_sysconfdir}/selinux %config(noreplace) %{_sysconfdir}/selinux/semanage.conf -/%{_libdir}/libsemanage.so.1 +%{_libdir}/libsemanage.so.1 %{_mandir}/man5/* +%dir %{_libexecdir}/selinux +%dir %{_sharedstatedir}/selinux +%{_libexecdir}/selinux/semanage_migrate_store %post -p /sbin/ldconfig @@ -181,6 +185,9 @@ rm -rf ${RPM_BUILD_ROOT} %endif # if with_python3 %changelog +* Mon Apr 13 2015 Petr Lautrbach 2.4-0.3 +- Update to upstream release 2.4 + * Sun Aug 17 2014 Fedora Release Engineering - 2.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild diff --git a/make-rhat-patches.sh b/make-rhat-patches.sh new file mode 100755 index 0000000..5061340 --- /dev/null +++ b/make-rhat-patches.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +LIBSEMANAGE_VERSION=2.4 +BRANCH=2.4 + +REBASEDIR=`mktemp -d rebase.XXXXXX` +pushd $REBASEDIR + +# git clone git@github.com:fedora-selinux/selinux.git +git clone https://github.com/bachradsusi/selinux.git +pushd selinux; git checkout $BRANCH; COMMIT=`git rev-parse --verify HEAD`; popd + +# prepare libsemanage-rhat.patch +tar xfz ../libsemanage-$LIBSEMANAGE_VERSION.tar.gz +pushd libsemanage-$LIBSEMANAGE_VERSION + +git init; git add .; git commit -m "init" +cp -r ../selinux/libsemanage/* . +git add -A . + +git diff --cached --src-prefix=libsemanage-$LIBSEMANAGE_VERSION/ --dst-prefix=libsemanage-$LIBSEMANAGE_VERSION/ > ../../libsemanage-rhat.patch + +popd + +popd +# echo rm -rf $REBASEDIR + +echo libsemanage-rhat.patch created from https://github.com/fedora-selinux/selinux/commit/$COMMIT