082b752534
- Replaced the Python/SWIG/static-linked-libsepol policyrep module with a Cython implementation. This will have performance and memory-usage improvements and breaks the static linking to libsepol. - Significant memory usage reduction in sediff (approximately 60%, depending on the policies). - Added support for SCTP portcons - Updated permission maps - Support for Python 2.7 was dropped - Drop python2 subpackage (4.2.0 no longer supports python2) - Require userspace release 2.9 - setools-gui requires python3-setools - Add Requires for python[23]-setuptools - no longer required (just recommended) by python[23] (#1623371) - Fixed performance regressions - Made further memory usage improvements - Fixed build issues with clean target and runtime_library_dirs - Revised package structure to make policyrep a module of the setools package - Symbol names are now available as the name attribute (e.g. Boolean.name, Type.name, etc.) - Fixed some apol layouts to increase the size of text fields - Move constraint expression to its own class - Made Conditional.evaluate() more useful and added BaseTERule.enabled() method to determine if a rule is enabled - Restored missing statement() methods in some policyrep classes - Fixed NULL pointer dereference when iterating over type attributes when the policy has none - Added xdp_socket permission mapping - SELinuxPolicy: Create a map of aliases on policy load - Remove source policy references from man pages, as loading source policies is no longer supported. - Fix a performance regression in alias loading after alias dereferencing fixes in 4.2.1
50 lines
2.2 KiB
Diff
50 lines
2.2 KiB
Diff
From 4b3dc6b38abbd32cda557d5ef9ea1383ac5fdcf2 Mon Sep 17 00:00:00 2001
|
||
From: rpm-build <rpm-build>
|
||
Date: Thu, 23 Feb 2017 08:17:07 +0100
|
||
Subject: [PATCH 2/3] Do not use -Werror during build
|
||
MIME-Version: 1.0
|
||
Content-Type: text/plain; charset=UTF-8
|
||
Content-Transfer-Encoding: 8bit
|
||
|
||
There are new warnings when setools are built with gcc 7 therefore we
|
||
want to suppress -Werror for now
|
||
|
||
Fixes:
|
||
libqpol/policy_extend.c: In function ‘policy_extend’:
|
||
libqpol/policy_extend.c:161:27: error: ‘%04zd’ directive output may be truncated writing between 4 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
|
||
snprintf(buff, 9, "@ttr%04zd", i + 1);
|
||
^~~~~
|
||
libqpol/policy_extend.c:161:22: note: directive argument in the range [1, 4294967295]
|
||
snprintf(buff, 9, "@ttr%04zd", i + 1);
|
||
^~~~~~~~~~~
|
||
In file included from /usr/include/stdio.h:939:0,
|
||
from /usr/include/sepol/policydb/policydb.h:53,
|
||
from libqpol/policy_extend.c:29:
|
||
/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 9 and 15 bytes into a destination of size 9
|
||
return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
|
||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
__bos (__s), __fmt, __va_arg_pack ());
|
||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
cc1: all warnings being treated as errors
|
||
error: command 'gcc' failed with exit status 1
|
||
---
|
||
setup.py | 2 +-
|
||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
||
diff --git a/setup.py b/setup.py
|
||
index c94daf1..a7442ac 100644
|
||
--- a/setup.py
|
||
+++ b/setup.py
|
||
@@ -105,7 +105,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
|
||
libraries=['selinux', 'sepol'],
|
||
library_dirs=lib_dirs,
|
||
define_macros=macros,
|
||
- extra_compile_args=['-Werror', '-Wextra',
|
||
+ extra_compile_args=['-Wextra',
|
||
'-Waggregate-return',
|
||
'-Wfloat-equal',
|
||
'-Wformat', '-Wformat=2',
|
||
--
|
||
2.17.2
|
||
|