Release new version 0.63

* Release new version 0.63 * Remove patch files (included upstream already) * Change the build so it creates everything from source cose as it is in git - previous version packed few generated items * Add build requirements to generate missing pieces (gtk-doc, bison, libtool)
2021-03-04 13:40:37 +01:00 · 2021-03-04 13:40:37 +01:00 · 0deb2ae103
commit 0deb2ae103
parent a993fec7a6
5 changed files with 14 additions and 143 deletions
--- a/.gitignore
+++ b/.gitignore
@ -15,3 +15,4 @@ libuser-0.56.16.tar.xz
 /libuser-0.60.tar.xz
 /libuser-0.61.tar.xz
 /libuser-0.62.tar.xz
 /libuser-0.63.tar.xz
--- a/0001-Fix-errors-with-Werror-format-security.patch
+++ b/0001-Fix-errors-with-Werror-format-security.patch
@ -1,52 +0,0 @@
 From 9317afc8bb7eec656444fc2eecfcd1ea3bfdda82 Mon Sep 17 00:00:00 2001
 From: Stephen Gallagher <sgallagh@redhat.com>
 Date: Wed, 15 Mar 2017 12:43:03 -0400
 Subject: [PATCH] Fix errors with -Werror=format-security
 Recent versions of the Fedora build system treat format-security
 warnings as errors, resulting in failure to build. This patch
 ensures that appropriate format strings are present.
 Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 ---
 modules/files.c | 2 +-
 modules/ldap.c  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
 diff --git a/modules/files.c b/modules/files.c
 index 4ef0a57be9f2aad99d82abfae5204009a93e5572..6a7787e28112ba07e0fc44f2887ce1d1540af29e 100644
 --- a/modules/files.c
 +++ b/modules/files.c
@@ -532,11 +532,11 @@ parse_field(const struct format_specifier *format, GValue *value,
 	err = NULL;
 	ret = lu_value_init_set_attr_from_string(value, format->attribute,
 						 string, &err);
 	if (ret == FALSE) {
 		g_assert(err != NULL);
 -		g_warning(lu_strerror(err));
 +		g_warning("%s", lu_strerror(err));
 		lu_error_free(&err);
 	}
 	return ret;
 }
 diff --git a/modules/ldap.c b/modules/ldap.c
 index ad10f7394c5735f3180cbab5bc7314301fd83ffc..02e9eb6a0cf10595d730e3dc719f2e848a3491d4 100644
 --- a/modules/ldap.c
 +++ b/modules/ldap.c
@@ -670,11 +670,11 @@ lu_ldap_lookup(struct lu_module *module,
 					error = NULL;
 					ok = lu_value_init_set_attr_from_string
 						(&value, attr, val, &error);
 					if (ok == FALSE) {
 						g_assert(error != NULL);
 -						g_warning(lu_strerror(error));
 +						g_warning("%s", lu_strerror(error));
 						lu_error_free(&error);
 					} else {
 						lu_ent_add_current(ent, attr,
 								   &value);
 						g_value_unset(&value);
 -- 
 2.12.0
--- a/libuser-0.62-Do-not-use-deprecated-includes.patch
+++ b/libuser-0.62-Do-not-use-deprecated-includes.patch
@ -1,78 +0,0 @@
 From 29d9996dd200916db888d41196f87609bce329ff Mon Sep 17 00:00:00 2001
 From: Petr Lautrbach <plautrba@redhat.com>
 Date: Apr 07 2020 11:55:38 +0000
 Subject: Do not use deprecated flask.h and av_permissions.h
 selinux/flask.h and selinux/av_permissions.h will be completely dropped in the
 next SELinux release.
 Use string_to_security_class() and string_to_av_perm() to get class and
 permission values. The original hardcoded values could be invalid and are
 deprecated as the whole flask.h and av_permissions.h header files.
 Fixes: https://pagure.io/libuser/issue/44
 ---
 diff --git a/apps/apputil.c b/apps/apputil.c
 index 1937645..7413ab5 100644
 --- a/apps/apputil.c
 +++ b/apps/apputil.c
@@ -26,8 +26,6 @@
 #include <unistd.h>
 #ifdef WITH_SELINUX
 #include <selinux/selinux.h>
 -#include <selinux/av_permissions.h>
 -#include <selinux/flask.h>
 #include <selinux/context.h>
 #endif
 #include "../lib/error.h"
@@ -57,7 +55,7 @@ check_access(const char *chuser, access_vector_t access)
 			retval = security_compute_av(user_context,
 						     user_context,
 -						     SECCLASS_PASSWD,
 +						     string_to_security_class("passwd"),
  						     access, &avd);
 			if (retval == 0 && (avd.allowed & access) == access)
@@ -221,19 +219,25 @@ lu_authenticate_unprivileged(struct lu_context *ctx, const char *user,
 #ifdef WITH_SELINUX
 	if (is_selinux_enabled() > 0) {
 		/* FIXME: PASSWD_CHSH, PASSWD_PASSWD ? */
 -		if (getuid() == 0 && check_access(user, PASSWD__CHFN) != 0) {
 -			security_context_t user_context;
 +		if (getuid() == 0) {
 +			security_class_t class;
 +			access_vector_t perm;
 +			class = string_to_security_class("passwd");
 +			perm = string_to_av_perm(class, "chfn");
 +			if (check_access(user, perm) != 0) {
 +				security_context_t user_context;
 -			if (getprevcon(&user_context) < 0)
 -				user_context = NULL;
 -			/* FIXME: "change the finger info?" */
 -			fprintf(stderr,
 -				_("%s is not authorized to change the finger "
 -				  "info of %s\n"), user_context ? user_context
 -				: _("Unknown user context"), user);
 -			if (user_context != NULL)
 -				freecon(user_context);
 -			goto err;
 +				if (getprevcon(&user_context) < 0)
 +					user_context = NULL;
 +				/* FIXME: "change the finger info?" */
 +				fprintf(stderr,
 +					_("%s is not authorized to change the finger "
 +					  "info of %s\n"), user_context ? user_context
 +					: _("Unknown user context"), user);
 +				if (user_context != NULL)
 +					freecon(user_context);
 +				goto err;
 +			}
 		}
 		/* FIXME: is this right for lpasswd? */
 		if (!lu_util_fscreate_from_file("/etc/passwd", NULL)) {
--- a/libuser.spec
+++ b/libuser.spec
@ -1,6 +1,6 @@
 Name: libuser
-Version: 0.62
+Version: 0.63
-Release: 31%{?dist}
+Release: 1%{?dist}
 License: LGPLv2+
 URL: https://pagure.io/libuser
 Source: http://releases.pagure.org/libuser/libuser-%{version}.tar.xz
@ -21,17 +21,15 @@ BuildRequires: openldap-clients
 BuildRequires: openldap-servers
 BuildRequires: openssl
 BuildRequires: make
 BuildRequires: bison
 BuildRequires: libtool
 BuildRequires: gettext-devel
 BuildRequires: gtk-doc
 Summary: A user and group account administration library
 %global __provides_exclude_from ^(%{_libdir}/%{name}|%{python3_sitearch})/.*$
 # Patch to address format-security.
 # Submitted upstream at https://pagure.io/libuser/pull-request/17
 Patch1: 0001-Fix-errors-with-Werror-format-security.patch
 # Patch to fix FTBFS by stopping the use of deprecated flask.h and av_permissions.h
 # Submitted upstream at https://pagure.io/libuser/pull-request/45
 Patch2: libuser-0.62-Do-not-use-deprecated-includes.patch
 %description
 The libuser library implements a standardized interface for manipulating
 and administering user and group accounts.  The library uses pluggable
@ -63,11 +61,10 @@ administering user and group accounts.
 %prep
 %setup -qn libuser-%{version}
 %patch1 -p1
 %patch2 -p1
 %build
-%configure --with-selinux --with-ldap --with-html-dir=%{_datadir}/gtk-doc/html \
+./autogen.sh
 %configure --with-selinux --with-ldap --enable-gtk-doc --with-html-dir=%{_datadir}/gtk-doc/html \
 	PYTHON=%{python3}
 make
@ -119,6 +116,9 @@ make
 %{_datadir}/gtk-doc/html/*
 %changelog
 * Mon Mar 1 2021 Tomas Halman <thalman@redhat.com> - 0.63-1
 - Release new version 0.63
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.62-31
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--- a/2
+++ b/2
@ -1 +1 @@
-63e5e5c551e99dc5302b40b80bd6d4f2  libuser-0.62.tar.xz
+SHA512 (libuser-0.63.tar.xz) = 5a8d261cea62d7d67da84acd263955eca10b876d3bb0cbbf8f15c2a4ad813f3d16361f90060a8ca77f7d97da4aaceaa0549985c06e9cabefeb10451bbb93a9d2
`@ -1 +1 @@`
	`63e5e5c551e99dc5302b40b80bd6d4f2 libuser-0.62.tar.xz`	`SHA512 (libuser-0.63.tar.xz) = 5a8d261cea62d7d67da84acd263955eca10b876d3bb0cbbf8f15c2a4ad813f3d16361f90060a8ca77f7d97da4aaceaa0549985c06e9cabefeb10451bbb93a9d2`