Update to upstream

* libsemanage: do not set soname needlessly * libsemanage: remove PYTHONLIBDIR and ruby equivalent * do boolean name substitution * Fix segfault for building standard policies.
2012-09-15 07:48:40 -04:00 · 2012-09-15 07:48:40 -04:00 · 70de4204ca
commit 70de4204ca
parent 5f72978380
4 changed files with 142 additions and 36 deletions
--- a/.gitignore
+++ b/.gitignore
@ -127,3 +127,4 @@ libsemanage-2.0.45.tgz
 /libsemanage-2.1.6.tgz
 /libsemanage-2.1.7.tgz
 /libsemanage-2.1.8.tgz
 /libsemanage-2.1.9.tgz
--- a/libsemanage-rhat.patch
+++ b/libsemanage-rhat.patch
@ -1,35 +1,74 @@
-diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile
+diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
-index fc64919..c63bb22 100644
+index bbdac1d..80d08ec 100644
--- a/libsemanage/src/Makefile
+--- a/libsemanage/src/conf-parse.y
-+++ b/libsemanage/src/Makefile
+++ b/libsemanage/src/conf-parse.y
-@@ -13,12 +13,10 @@ SHLIBDIR ?= $(PREFIX)/lib
+@@ -58,7 +58,7 @@ static int parse_errors;
- INCLUDEDIR ?= $(PREFIX)/include
+ }
 PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
 PYINC ?= $(shell pkg-config --cflags $(PYPREFIX))
 -PYTHONLIBDIR ?= $(shell pkg-config --libs $(PYPREFIX))
 PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
 RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
 RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM')
 RUBYINC ?= $(shell pkg-config --cflags ruby-$(RUBYLIBVER))
 -RUBYLIBDIR ?= $(shell pkg-config --libs ruby-$(RUBYLIBVER))
 RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
- LIBBASE=$(shell basename $(LIBDIR))
+ %token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED
-@@ -84,10 +82,10 @@ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
+-%token LOAD_POLICY_START SETFILES_START DISABLE_GENHOMEDIRCON HANDLE_UNKNOWN USEPASSWD IGNOREDIRS
- 	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+%token LOAD_POLICY_START SETFILES_START SEFCONTEXT_COMPILE_START DISABLE_GENHOMEDIRCON HANDLE_UNKNOWN USEPASSWD IGNOREDIRS
 %token BZIP_BLOCKSIZE BZIP_SMALL
 %token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
 %token PROG_PATH PROG_ARGS
@@ -230,6 +230,14 @@ command_start:
                                 YYABORT;
                         }
                 }
 +        |       SEFCONTEXT_COMPILE_START {
 +                        semanage_conf_external_prog_destroy(current_conf->sefcontext_compile);
 +                        current_conf->sefcontext_compile = NULL;
 +                        if (new_external_prog(&current_conf->sefcontext_compile) == -1) {
 +                                parse_errors++;
 +                                YYABORT;
 +                        }
 +                }
         ;
- $(SWIGSO): $(SWIGLOBJ)
+ verify_block:   verify_start external_opts BLOCK_END  {
-	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@
+@@ -308,6 +316,20 @@ static int semanage_conf_init(semanage_conf_t * conf)
-+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR)
+ 		return -1;
 	}
- $(SWIGRUBYSO): $(SWIGRUBYLOBJ)
+	if ((conf->sefcontext_compile =
-	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@
+	     calloc(1, sizeof(*(current_conf->sefcontext_compile)))) == NULL) {
-+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR)
+		return -1;
 +	}
 +	if (access("/sbin/sefcontext_compile", X_OK) == 0) {
 +		conf->sefcontext_compile->path = strdup("/sbin/sefcontext_compile");
 +	} else {
 +		conf->sefcontext_compile->path = strdup("/usr/sbin/sefcontext_compile");
 +	}
 +	if ((conf->sefcontext_compile->path == NULL) ||
 +	    (conf->sefcontext_compile->args = strdup("$@")) == NULL) {
 +		return -1;
 +	}
 +
 	return 0;
 }
- $(LIBA): $(OBJS)
+@@ -363,6 +385,7 @@ void semanage_conf_destroy(semanage_conf_t * conf)
- 	$(AR) rcs $@ $^
+ 		free(conf->ignoredirs);
 		semanage_conf_external_prog_destroy(conf->load_policy);
 		semanage_conf_external_prog_destroy(conf->setfiles);
 +		semanage_conf_external_prog_destroy(conf->sefcontext_compile);
 		semanage_conf_external_prog_destroy(conf->mod_prog);
 		semanage_conf_external_prog_destroy(conf->linked_prog);
 		semanage_conf_external_prog_destroy(conf->kernel_prog);
 diff --git a/libsemanage/src/conf-scan.l b/libsemanage/src/conf-scan.l
 index 7ef4154..41ba044 100644
 --- a/libsemanage/src/conf-scan.l
 +++ b/libsemanage/src/conf-scan.l
@@ -53,6 +53,7 @@ bzip-blocksize	return BZIP_BLOCKSIZE;
 bzip-small	return BZIP_SMALL;
 "[load_policy]"   return LOAD_POLICY_START;
 "[setfiles]"      return SETFILES_START;
 +"[sefcontext_compile]"      return SEFCONTEXT_COMPILE_START;
 "[verify module]" return VERIFY_MOD_START;
 "[verify linked]" return VERIFY_LINKED_START;
 "[verify kernel]" return VERIFY_KERNEL_START;
 diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
-index 7fcd2b4..18babe6 100644
+index 7fcd2b4..6aa9057 100644
 --- a/libsemanage/src/handle.c
 +++ b/libsemanage/src/handle.c
@@ -52,6 +52,26 @@ static char *private_usersconf_path = NULL;
@ -39,7 +78,7 @@ index 7fcd2b4..18babe6 100644
 +static char *get_policy_path(void) {
 +	char *dup_path = NULL;
 +	int max = security_policyvers();
-+	if (max < 0) 
+	if (max < 0)
 +		max = sepol_policy_kern_vers_max();
 +
 +	char *policy_path = selinux_binary_policy_path_min_max(0, &max);
@ -65,7 +104,7 @@ index 7fcd2b4..18babe6 100644
 -	if ( asprintf(&private_binary_policy_path, "%s/%s", path, selinux_binary_policy_path()) < 0 ) {
 +	char *policy_path = get_policy_path();
-+	if (! policy_path) 
+	if (! policy_path)
 +		goto error;
 +
 +	if ( asprintf(&private_binary_policy_path, "%s/%s", path, policy_path) < 0 ) {
@ -87,11 +126,41 @@ index 7fcd2b4..18babe6 100644
 }
 const char *semanage_usersconf_path() {
 diff --git a/libsemanage/src/semanage_conf.h b/libsemanage/src/semanage_conf.h
 index 95f8ec3..9b7852c 100644
 --- a/libsemanage/src/semanage_conf.h
 +++ b/libsemanage/src/semanage_conf.h
@@ -46,6 +46,7 @@ typedef struct semanage_conf {
 	char *ignoredirs;	/* ";" separated of list for genhomedircon to ignore */
 	struct external_prog *load_policy;
 	struct external_prog *setfiles;
 +	struct external_prog *sefcontext_compile;
 	struct external_prog *mod_prog, *linked_prog, *kernel_prog;
 } semanage_conf_t;
 diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
-index cd7ce68..9c4b1fe 100644
+index cd7ce68..2fab63e 100644
 --- a/libsemanage/src/semanage_store.c
 +++ b/libsemanage/src/semanage_store.c
-@@ -1145,8 +1145,7 @@ static int semanage_install_active(semanage_handle_t * sh)
+@@ -1100,6 +1100,17 @@ int semanage_split_fc(semanage_handle_t * sh)
 }
 +static int sefcontext_compile(semanage_handle_t * sh, const char *path) {
 +
 +	int r;
 +	if ((r = semanage_exec_prog(sh, sh->conf->sefcontext_compile, path, "")) != 0) {
 +		ERR(sh, "sefcontext_compile returned error code %d. Compiling %s", r, path);
 +		return -1;
 +	}
 +
 +	return 0;
 +}
 +
 /* Actually load the contents of the current active directory into the
  * kernel.  Return 0 on success, -3 on error. */
 static int semanage_install_active(semanage_handle_t * sh)
@@ -1145,8 +1156,7 @@ static int semanage_install_active(semanage_handle_t * sh)
 	if (asprintf(&storepath, "%s%s", semanage_selinux_path(), sh->conf->store_path) < 0)
 		return retval;
@ -101,3 +170,32 @@ index cd7ce68..9c4b1fe 100644
 	if (semanage_copy_file(active_kernel, store_pol, sh->conf->file_mode) ==
 	    -1) {
 		ERR(sh, "Could not copy %s to %s.", active_kernel, store_pol);
@@ -1233,6 +1243,16 @@ static int semanage_install_active(semanage_handle_t * sh)
 		goto cleanup;
 	}
 +	if (sefcontext_compile(sh, store_fc) != 0) {
 +		goto cleanup;
 +	}
 +	if (sefcontext_compile(sh, store_fc_loc) != 0) {
 +		goto cleanup;
 +	}
 +	if (sefcontext_compile(sh, store_fc_hd) != 0) {
 +		goto cleanup;
 +	}
 +
 	retval = 0;
       cleanup:
 	free(storepath);
@@ -1371,6 +1391,11 @@ int semanage_install_sandbox(semanage_handle_t * sh)
 		goto cleanup;
 	}
 +	if (sh->conf->sefcontext_compile == NULL) {
 +		ERR(sh, "No sefcontext_compile program specified in configuration file.");
 +		goto cleanup;
 +	}
 +
 	if ((commit_num = semanage_commit_sandbox(sh)) < 0) {
 		retval = commit_num;
 		goto cleanup;
--- a/libsemanage.spec
+++ b/libsemanage.spec
@ -4,13 +4,13 @@
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print (get_python_lib(1))")}
 %endif
-%define libsepolver 2.1.5-1
+%define libsepolver 2.1.8-1
-%define libselinuxver 2.1.11-2
+%define libselinuxver 2.1.12-1
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
-Version: 2.1.8
+Version: 2.1.9
-Release: 3%{?dist}
+Release: 1%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: libsemanage-%{version}.tgz
@ -180,6 +180,13 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif # if with_python3
 %changelog
 * Thu Sep 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-1
 - Update to upstream 
 	* libsemanage: do not set soname needlessly
 	* libsemanage: remove PYTHONLIBDIR and ruby equivalent
 	* do boolean name substitution
 	* Fix segfault for building standard policies.
 * Fri Jul 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.8-3
 - Attempt to allocate memory for selinux_binary_policy_path and free memory 
 - allocated by asprintf.
--- a/2
+++ b/2
@ -1 +1 @@
-acb5c0f40f70ff32c4c39cee8432be26  libsemanage-2.1.8.tgz
+eae2f9c81be857032efde81504b9e82a  libsemanage-2.1.9.tgz
`@ -1 +1 @@`
	`acb5c0f40f70ff32c4c39cee8432be26 libsemanage-2.1.8.tgz`	`eae2f9c81be857032efde81504b9e82a libsemanage-2.1.9.tgz`