diff --git a/0001-libsepol-Bring-back-POLICYDB_CAPABILITY_-constants.patch b/0001-libsepol-Bring-back-POLICYDB_CAPABILITY_-constants.patch new file mode 100644 index 0000000..0bc995c --- /dev/null +++ b/0001-libsepol-Bring-back-POLICYDB_CAPABILITY_-constants.patch @@ -0,0 +1,43 @@ +From 923849fa1cc36580086be542036c4935d7cbfe1c Mon Sep 17 00:00:00 2001 +From: Petr Lautrbach +Date: Mon, 23 May 2022 12:25:58 +0200 +Subject: [PATCH] libsepol: Bring back POLICYDB_CAPABILITY_* constants +Content-type: text/plain + +They were removed by the commit 0d84ebcbc475d ("libsepol: Shorten the +policy capability enum names") but they might be used somewhere in code +deployed on RHEL 9.0 + +Signed-off-by: Petr Lautrbach +--- + libsepol/include/sepol/policydb/polcaps.h | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/libsepol/include/sepol/policydb/polcaps.h b/libsepol/include/sepol/policydb/polcaps.h +index f5e32e60975d..e568733b3a33 100644 +--- a/libsepol/include/sepol/policydb/polcaps.h ++++ b/libsepol/include/sepol/policydb/polcaps.h +@@ -19,6 +19,20 @@ enum { + }; + #define POLICYDB_CAP_MAX (__POLICYDB_CAP_MAX - 1) + ++/* legacy constants from past to preserve backward compatibility */ ++enum { ++ POLICYDB_CAPABILITY_NETPEER = POLICYDB_CAP_NETPEER, ++ POLICYDB_CAPABILITY_OPENPERM = POLICYDB_CAP_OPENPERM, ++ POLICYDB_CAPABILITY_EXTSOCKCLASS = POLICYDB_CAP_EXTSOCKCLASS, ++ POLICYDB_CAPABILITY_ALWAYSNETWORK = POLICYDB_CAP_ALWAYSNETWORK, ++ POLICYDB_CAPABILITY_CGROUPSECLABEL = POLICYDB_CAP_CGROUPSECLABEL, ++ POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION = POLICYDB_CAP_NNP_NOSUID_TRANSITION, ++ POLICYDB_CAPABILITY_GENFS_SECLABEL_SYMLINKS = POLICYDB_CAP_GENFS_SECLABEL_SYMLINKS, ++ POLICYDB_CAPABILITY_IOCTL_SKIP_CLOEXEC = POLICYDB_CAP_IOCTL_SKIP_CLOEXEC, ++ __POLICYDB_CAPABILITY_MAX = __POLICYDB_CAP_MAX ++}; ++#define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAP_MAX - 1) ++ + /* Convert a capability name to number. */ + extern int sepol_polcap_getnum(const char *name); + +-- +2.39.0 + diff --git a/libsepol.spec b/libsepol.spec index 9729ac5..e109836 100644 --- a/libsepol.spec +++ b/libsepol.spec @@ -1,7 +1,7 @@ Summary: SELinux binary policy manipulation library Name: libsepol Version: 3.5 -Release: 0.rc1.1%{?dist} +Release: 0.rc1.2%{?dist} License: LGPLv2+ Source0: https://github.com/SELinuxProject/selinux/releases/download/3.5-rc1/libsepol-3.5-rc1.tar.gz URL: https://github.com/SELinuxProject/selinux/wiki @@ -10,6 +10,7 @@ URL: https://github.com/SELinuxProject/selinux/wiki # $ git format-patch -N libsepol-3.5-rc1 -- libsepol # $ i=1; for j in 0*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done # Patch list start +Patch0001: 0001-libsepol-Bring-back-POLICYDB_CAPABILITY_-constants.patch # Patch list end BuildRequires: make BuildRequires: gcc @@ -106,7 +107,7 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/ru/man8 %{_mandir}/man8/chkcon.8.gz %changelog -* Mon Jan 2 2023 Petr Lautrbach - 3.5-0.rc1.1 +* Mon Jan 2 2023 Petr Lautrbach - 3.5-0.rc1.2 - SELinux userspace 3.5-rc1 release * Fri Oct 21 2022 Petr Lautrbach - 3.4-3