rpms/libsemanage/devel libsemanage-rhat.patch,1.38,1.39
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Aug 29 18:57:47 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/libsemanage/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28048
Modified Files:
libsemanage-rhat.patch
Log Message:
* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.27-2
- Don't rebuild on fcontext or seuser modifications
libsemanage-rhat.patch:
Index: libsemanage-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/libsemanage/devel/libsemanage-rhat.patch,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- libsemanage-rhat.patch 14 Aug 2008 20:17:18 -0000 1.38
+++ libsemanage-rhat.patch 29 Aug 2008 18:57:16 -0000 1.39
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.27/src/direct_api.c
--- nsalibsemanage/src/direct_api.c 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/direct_api.c 2008-08-14 11:51:15.000000000 -0400
++++ libsemanage-2.0.27/src/direct_api.c 2008-08-26 10:25:38.000000000 -0400
@@ -489,12 +489,6 @@
modified |= ifaces->dtable->is_modified(ifaces->dbase);
modified |= nodes->dtable->is_modified(nodes->dbase);
@@ -14,56 +14,78 @@
/* If there were policy changes, or explicitly requested, rebuild the policy */
if (sh->do_rebuild || modified) {
-@@ -667,11 +661,34 @@
+@@ -667,11 +661,33 @@
retval = semanage_verify_kernel(sh);
if (retval < 0)
goto cleanup;
- }
+ } else {
-+ sepol_policydb_create(&out);
-+ modified |= seusers_modified;
-+ modified |= fcontexts_modified;
-+ modified |= users_extra_modified;
++ retval = sepol_policydb_create(&out);
++ if (retval < 0)
++ goto cleanup;
+
+ retval = semanage_read_policydb(sh, out);
+ if (retval < 0)
+ goto cleanup;
+
-+ dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase,out);
++ /* dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase,out);
+ dbase_policydb_attach((dbase_policydb_t *) pports->dbase, out);
+ dbase_policydb_attach((dbase_policydb_t *) pifaces->dbase, out);
+ dbase_policydb_attach((dbase_policydb_t *) pbools->dbase, out);
+ dbase_policydb_attach((dbase_policydb_t *) pnodes->dbase, out);
-
-- /* FIXME: else if !modified, but seusers_modified,
-- * load the existing policy instead of rebuilding */
++ */
+ if (seusers_modified) {
+ retval = pseusers->dtable->clear(sh, pseusers->dbase);
+ if (retval < 0)
+ goto cleanup;
+ }
+- /* FIXME: else if !modified, but seusers_modified,
+- * load the existing policy instead of rebuilding */
+ retval = semanage_base_merge_components(sh);
+ if (retval < 0)
+ goto cleanup;
-+
+
+ /* Seusers */
+ }
/* ======= Post-process: Validate non-policydb components ===== */
/* Validate local modifications to file contexts.
+@@ -724,7 +740,8 @@
+ sepol_policydb_free(out);
+ out = NULL;
+
+- if (sh->do_rebuild || modified) {
++ if (sh->do_rebuild || modified ||
++ seusers_modified || fcontexts_modified || users_extra_modified) {
+ retval = semanage_install_sandbox(sh);
+ }
+
+@@ -733,12 +750,14 @@
+ free(mod_filenames[i]);
+ }
+
+- /* Detach from policydb, so it can be freed */
+- dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase);
+- dbase_policydb_detach((dbase_policydb_t *) pports->dbase);
+- dbase_policydb_detach((dbase_policydb_t *) pifaces->dbase);
+- dbase_policydb_detach((dbase_policydb_t *) pnodes->dbase);
+- dbase_policydb_detach((dbase_policydb_t *) pbools->dbase);
++ if (modified) {
++ /* Detach from policydb, so it can be freed */
++ dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase);
++ dbase_policydb_detach((dbase_policydb_t *) pports->dbase);
++ dbase_policydb_detach((dbase_policydb_t *) pifaces->dbase);
++ dbase_policydb_detach((dbase_policydb_t *) pnodes->dbase);
++ dbase_policydb_detach((dbase_policydb_t *) pbools->dbase);
++ }
+
+ free(mod_filenames);
+ sepol_policydb_free(out);
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.27/src/genhomedircon.c
--- nsalibsemanage/src/genhomedircon.c 2008-08-05 09:57:28.000000000 -0400
-+++ libsemanage-2.0.27/src/genhomedircon.c 2008-08-08 14:00:37.000000000 -0400
-@@ -21,6 +21,7 @@
- */
-
- #include <semanage/handle.h>
-+#include <syslog.h>
- #include <semanage/seusers_policy.h>
- #include <semanage/users_policy.h>
- #include <semanage/user_record.h>
-@@ -487,7 +488,6 @@
++++ libsemanage-2.0.27/src/genhomedircon.c 2008-08-26 10:30:30.000000000 -0400
+@@ -487,7 +487,6 @@
const char *role_prefix)
{
replacement_pair_t repl[] = {
@@ -71,7 +93,7 @@
{.search_for = TEMPLATE_HOME_DIR,.replace_with = home},
{.search_for = TEMPLATE_ROLE,.replace_with = role_prefix},
{NULL, NULL}
-@@ -547,7 +547,6 @@
+@@ -547,7 +546,6 @@
replacement_pair_t repl[] = {
{.search_for = TEMPLATE_USER,.replace_with = user},
{.search_for = TEMPLATE_ROLE,.replace_with = role_prefix},
@@ -81,7 +103,7 @@
Ustr *line = USTR_NULL;
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.27/src/semanage.conf
--- nsalibsemanage/src/semanage.conf 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/semanage.conf 2008-08-08 14:00:37.000000000 -0400
++++ libsemanage-2.0.27/src/semanage.conf 2008-08-14 14:53:32.000000000 -0400
@@ -35,4 +35,4 @@
# given in <sepol/policydb.h>. Change this setting if a different
# version is necessary.
@@ -90,7 +112,7 @@
+expand-check=0
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.27/src/semanage_store.c
--- nsalibsemanage/src/semanage_store.c 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/semanage_store.c 2008-08-08 15:23:20.000000000 -0400
++++ libsemanage-2.0.27/src/semanage_store.c 2008-08-14 14:53:32.000000000 -0400
@@ -1648,6 +1648,47 @@
}
@@ -141,7 +163,7 @@
int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out)
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h libsemanage-2.0.27/src/semanage_store.h
--- nsalibsemanage/src/semanage_store.h 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/semanage_store.h 2008-08-11 09:05:16.000000000 -0400
++++ libsemanage-2.0.27/src/semanage_store.h 2008-08-14 14:53:32.000000000 -0400
@@ -97,6 +97,9 @@
sepol_module_package_t * base,
sepol_policydb_t ** policydb);
@@ -152,3 +174,79 @@
int semanage_write_policydb(semanage_handle_t * sh,
sepol_policydb_t * policydb);
+diff --exclude-from=exclude -N -u -r nsalibsemanage/tests/test_fcontext.c libsemanage-2.0.27/tests/test_fcontext.c
+--- nsalibsemanage/tests/test_fcontext.c 1969-12-31 19:00:00.000000000 -0500
++++ libsemanage-2.0.27/tests/test_fcontext.c 2008-08-15 10:59:48.000000000 -0400
+@@ -0,0 +1,72 @@
++#include <semanage/fcontext_record.h>
++#include <semanage/semanage.h>
++#include <semanage/fcontexts_local.h>
++#include <sepol/sepol.h>
++
++#include <errno.h>
++#include <stdio.h>
++#include <stdlib.h>
++
++int main(const int argc, const char **argv) {
++ semanage_handle_t *sh = NULL;
++ semanage_fcontext_t *fcontext;
++ semanage_context_t *con;
++ semanage_fcontext_key_t *k;
++
++ int exist = 0;
++ sh = semanage_handle_create();
++ if (sh == NULL) {
++ perror("Can't create semanage handle\n");
++ return -1;
++ }
++ if (semanage_access_check(sh) < 0) {
++ perror("Semanage access check failed\n");
++ return -1;
++ }
++ if (semanage_connect(sh) < 0) {
++ perror("Semanage connect failed\n");
++ return -1;
++ }
++
++ if (semanage_fcontext_key_create(sh, argv[2], SEMANAGE_FCONTEXT_REG, &k) < 0) {
++ fprintf(stderr, "Could not create key for %s", argv[2]);
++ return -1;
++ }
++
++ if(semanage_fcontext_exists(sh, k, &exist) < 0) {
++ fprintf(stderr,"Could not check if key exists for %s", argv[2]);
++ return -1;
++ }
++ if (exist) {
++ fprintf(stderr,"Could create %s mapping already exists", argv[2]);
++ return -1;
++ }
++
++ if (semanage_fcontext_create(sh, &fcontext) < 0) {
++ fprintf(stderr,"Could not create file context for %s", argv[2]);
++ return -1;
++ }
++ semanage_fcontext_set_expr(sh, fcontext, argv[2]);
++
++ if (semanage_context_from_string(sh, argv[1], &con)) {
++ fprintf(stderr,"Could not create context using %s for file context %s", argv[1], argv[2]);
++ return -1;
++ }
++
++ if (semanage_fcontext_set_con(sh, fcontext, con) < 0) {
++ fprintf(stderr,"Could not set file context for %s", argv[2]);
++ return -1;
++ }
++
++ semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_REG);
++
++ if(semanage_fcontext_modify_local(sh, k, fcontext) < 0) {
++ fprintf(stderr,"Could not add file context for %s", argv[2]);
++ return -1;
++ }
++ semanage_fcontext_key_free(k);
++ semanage_fcontext_free(fcontext);
++
++ return 0;
++}
++
More information about the fedora-extras-commits
mailing list