RHEL 9.0.0 Alpha bootstrap

The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/libuser#32e5f351474e1fb5ea88e8a33bb6d0ff5a89a960

.gitignore

@@ -0,0 +1,17 @@
+/.project
+libuser-0.56.16.tar.xz
+/libuser-0.56.17.tar.xz
+/libuser-0.56.18.tar.xz
+/libuser-0.57.tar.xz
+/libuser-0.57.1.tar.xz
+/libuser-0.57.2.tar.xz
+/libuser-0.57.3.tar.xz
+/libuser-0.57.4.tar.xz
+/libuser-0.57.5.tar.xz
+/libuser-0.57.6.tar.xz
+/libuser-0.57.7.tar.xz
+/libuser-0.58.tar.xz
+/libuser-0.59.tar.xz
+/libuser-0.60.tar.xz
+/libuser-0.61.tar.xz
+/libuser-0.62.tar.xz

0001-Fix-errors-with-Werror-format-security.patch

@@ -0,0 +1,52 @@
+From 9317afc8bb7eec656444fc2eecfcd1ea3bfdda82 Mon Sep 17 00:00:00 2001
+From: Stephen Gallagher <sgallagh@redhat.com>
+Date: Wed, 15 Mar 2017 12:43:03 -0400
+Subject: [PATCH] Fix errors with -Werror=format-security
+
+Recent versions of the Fedora build system treat format-security
+warnings as errors, resulting in failure to build. This patch
+ensures that appropriate format strings are present.
+
+Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
+---
+ modules/files.c | 2 +-
+ modules/ldap.c  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/modules/files.c b/modules/files.c
+index 4ef0a57be9f2aad99d82abfae5204009a93e5572..6a7787e28112ba07e0fc44f2887ce1d1540af29e 100644
+--- a/modules/files.c
++++ b/modules/files.c
+@@ -532,11 +532,11 @@ parse_field(const struct format_specifier *format, GValue *value,
+ 	err = NULL;
+ 	ret = lu_value_init_set_attr_from_string(value, format->attribute,
+ 						 string, &err);
+ 	if (ret == FALSE) {
+ 		g_assert(err != NULL);
+-		g_warning(lu_strerror(err));
++		g_warning("%s", lu_strerror(err));
+ 		lu_error_free(&err);
+ 	}
+ 	return ret;
+ }
+ 
+diff --git a/modules/ldap.c b/modules/ldap.c
+index ad10f7394c5735f3180cbab5bc7314301fd83ffc..02e9eb6a0cf10595d730e3dc719f2e848a3491d4 100644
+--- a/modules/ldap.c
++++ b/modules/ldap.c
+@@ -670,11 +670,11 @@ lu_ldap_lookup(struct lu_module *module,
+ 					error = NULL;
+ 					ok = lu_value_init_set_attr_from_string
+ 						(&value, attr, val, &error);
+ 					if (ok == FALSE) {
+ 						g_assert(error != NULL);
+-						g_warning(lu_strerror(error));
++						g_warning("%s", lu_strerror(error));
+ 						lu_error_free(&error);
+ 					} else {
+ 						lu_ent_add_current(ent, attr,
+ 								   &value);
+ 						g_value_unset(&value);
+-- 
+2.12.0
+

libuser-0.62-Do-not-use-deprecated-includes.patch

@@ -0,0 +1,78 @@
+From 29d9996dd200916db888d41196f87609bce329ff Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Apr 07 2020 11:55:38 +0000
+Subject: Do not use deprecated flask.h and av_permissions.h
+
+
+selinux/flask.h and selinux/av_permissions.h will be completely dropped in the
+next SELinux release.
+
+Use string_to_security_class() and string_to_av_perm() to get class and
+permission values. The original hardcoded values could be invalid and are
+deprecated as the whole flask.h and av_permissions.h header files.
+
+Fixes: https://pagure.io/libuser/issue/44
+
+---
+
+diff --git a/apps/apputil.c b/apps/apputil.c
+index 1937645..7413ab5 100644
+--- a/apps/apputil.c
++++ b/apps/apputil.c
+@@ -26,8 +26,6 @@
+ #include <unistd.h>
+ #ifdef WITH_SELINUX
+ #include <selinux/selinux.h>
+-#include <selinux/av_permissions.h>
+-#include <selinux/flask.h>
+ #include <selinux/context.h>
+ #endif
+ #include "../lib/error.h"
+@@ -57,7 +55,7 @@ check_access(const char *chuser, access_vector_t access)
+ 
+ 			retval = security_compute_av(user_context,
+ 						     user_context,
+-						     SECCLASS_PASSWD,
++						     string_to_security_class("passwd"),
+  						     access, &avd);
+ 
+ 			if (retval == 0 && (avd.allowed & access) == access)
+@@ -221,19 +219,25 @@ lu_authenticate_unprivileged(struct lu_context *ctx, const char *user,
+ #ifdef WITH_SELINUX
+ 	if (is_selinux_enabled() > 0) {
+ 		/* FIXME: PASSWD_CHSH, PASSWD_PASSWD ? */
+-		if (getuid() == 0 && check_access(user, PASSWD__CHFN) != 0) {
+-			security_context_t user_context;
++		if (getuid() == 0) {
++			security_class_t class;
++			access_vector_t perm;
++			class = string_to_security_class("passwd");
++			perm = string_to_av_perm(class, "chfn");
++			if (check_access(user, perm) != 0) {
++				security_context_t user_context;
+ 
+-			if (getprevcon(&user_context) < 0)
+-				user_context = NULL;
+-			/* FIXME: "change the finger info?" */
+-			fprintf(stderr,
+-				_("%s is not authorized to change the finger "
+-				  "info of %s\n"), user_context ? user_context
+-				: _("Unknown user context"), user);
+-			if (user_context != NULL)
+-				freecon(user_context);
+-			goto err;
++				if (getprevcon(&user_context) < 0)
++					user_context = NULL;
++				/* FIXME: "change the finger info?" */
++				fprintf(stderr,
++					_("%s is not authorized to change the finger "
++					  "info of %s\n"), user_context ? user_context
++					: _("Unknown user context"), user);
++				if (user_context != NULL)
++					freecon(user_context);
++				goto err;
++			}
+ 		}
+ 		/* FIXME: is this right for lpasswd? */
+ 		if (!lu_util_fscreate_from_file("/etc/passwd", NULL)) {
+

sources

@@ -0,0 +1 @@
+63e5e5c551e99dc5302b40b80bd6d4f2  libuser-0.62.tar.xz