rpms/libsepol/devel libsepol-rhat.patch, 1.2, 1.3 libsepol.spec, 1.21, 1.22
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Mar 29 15:39:56 UTC 2005
- Previous message (by thread): rpms/libselinux/devel libselinux-rhat.patch, 1.37, 1.38 libselinux.spec, 1.88, 1.89
- Next message (by thread): rpms/selinux-policy-strict/devel booleans, 1.7, 1.8 policy-20050322.patch, 1.6, 1.7 selinux-policy-strict.spec, 1.262, 1.263
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/dist/rpms/libsepol/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv5909
Modified Files:
libsepol-rhat.patch libsepol.spec
Log Message:
* Thu Mar 24 2005 Dan Walsh <dwalsh at redhat.com> 1.5.2-2
- Handle booleans.local
libsepol-rhat.patch:
genbools.c | 82 +++++++++++++++++++++++++++++++++++++++++--------------------
1 files changed, 56 insertions(+), 26 deletions(-)
Index: libsepol-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libsepol/devel/libsepol-rhat.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- libsepol-rhat.patch 25 Feb 2005 19:52:36 -0000 1.2
+++ libsepol-rhat.patch 29 Mar 2005 15:39:54 -0000 1.3
@@ -1,275 +1,110 @@
-diff --exclude-from=exclude -N -u -r nsalibsepol/include/sepol/sepol.h libsepol-1.3.6/include/sepol/sepol.h
---- nsalibsepol/include/sepol/sepol.h 2005-02-17 17:55:48.000000000 -0500
-+++ libsepol-1.3.6/include/sepol/sepol.h 2005-02-25 10:18:10.000000000 -0500
-@@ -32,5 +32,6 @@
- /* Check context validity against currently set binary policy. */
- extern int sepol_check_context(char *context);
-
--
-+/* Turn on or off sepol error messages. */
-+extern void sepol_debug(int on);
- #endif
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/genbools.c libsepol-1.3.6/src/genbools.c
---- nsalibsepol/src/genbools.c 2005-02-25 09:44:03.000000000 -0500
-+++ libsepol-1.3.6/src/genbools.c 2005-02-25 09:50:17.000000000 -0500
-@@ -87,7 +87,7 @@
- pf.data = data;
- pf.len = len;
- if (policydb_read(&policydb,&pf, 0)) {
-- fprintf(stderr, "Can't read binary policy: %s\n",
-+ __sepol_debug_printf("Can't read binary policy: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -97,12 +97,12 @@
- sepol_set_policyvers(policydb.policyvers);
-
- if (load_booleans(&policydb, booleans) < 0) {
-- fprintf(stderr, "Warning! Error while reading %s: %s\n",
-+ __sepol_debug_printf("Warning! Error while reading %s: %s\n",
- booleans, strerror(errno));
- }
-
- if (evaluate_conds(&policydb) < 0) {
-- fprintf(stderr, "Error while re-evaluating conditionals: %s\n",
-+ __sepol_debug_printf("Error while re-evaluating conditionals: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -111,7 +111,7 @@
- pf.len = len;
- rc = policydb_write(&policydb, &pf);
- if (rc) {
-- fprintf(stderr, "Can't write binary policy: %s\n",
-+ __sepol_debug_printf("Can't write binary policy: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -129,7 +129,7 @@
- pf.data = data;
- pf.len = len;
- if (policydb_read(&policydb,&pf, 0)) {
-- fprintf(stderr, "Can't read binary policy: %s\n",
-+ __sepol_debug_printf("Can't read binary policy: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -154,7 +154,7 @@
- }
-
- if (evaluate_conds(&policydb) < 0) {
-- fprintf(stderr, "Error while re-evaluating conditionals: %s\n",
-+ __sepol_debug_printf("Error while re-evaluating conditionals: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -163,7 +163,7 @@
- pf.len = len;
- rc = policydb_write(&policydb, &pf);
- if (rc) {
-- fprintf(stderr, "Can't write binary policy: %s\n",
-+ __sepol_debug_printf("Can't write binary policy: %s\n",
- strerror(errno));
- return -1;
- }
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/genusers.c libsepol-1.3.6/src/genusers.c
---- nsalibsepol/src/genusers.c 2005-02-25 09:44:03.000000000 -0500
-+++ libsepol-1.3.6/src/genusers.c 2005-02-25 14:44:19.680658712 -0500
-@@ -7,12 +7,25 @@
-
- #include <sepol/policydb.h>
- #include <sepol/mls.h>
-+#include <stdarg.h>
-
- #include "private.h"
+diff --exclude-from=exclude -N -u -r nsalibsepol/src/genbools.c libsepol-1.5.2/src/genbools.c
+--- nsalibsepol/src/genbools.c 2005-03-08 15:15:26.000000000 -0500
++++ libsepol-1.5.2/src/genbools.c 2005-03-29 10:20:54.000000000 -0500
+@@ -24,11 +24,40 @@
+ return dest;
+ }
-+static int gdebug=1;
-+
-+void sepol_debug(int on) { gdebug=on; };
-+
-+void __sepol_debug_printf(const char *fmt, ...) {
-+ if (gdebug) {
-+ va_list ap;
-+ va_start(ap, fmt);
-+ vfprintf (stderr, fmt, ap);
-+ va_end(ap);
++static int process_boolean(char *buffer, char *name, int namesize, int *val) {
++ char name1[BUFSIZ];
++ char *ptr;
++ char *tok=strtok_r(buffer,"=",&ptr);
++ if (tok) {
++ strncpy(name1,tok, BUFSIZ-1);
++ strtrim(name,name1,namesize-1);
++ if ( name[0]=='#' ) return 0;
++ tok=strtok_r(NULL,"\0",&ptr);
++ if (tok) {
++ while (isspace(*tok)) tok++;
++ *val = -1;
++ if (isdigit(tok[0]))
++ *val=atoi(tok);
++ else if (!strncmp(tok, "true", sizeof("true")-1))
++ *val = 1;
++ else if (!strncmp(tok, "false", sizeof("false")-1))
++ *val = 0;
++ if (*val != 0 && *val != 1) {
++ fprintf(stderr,"illegal value for boolean %s=%s\n", name, tok);
++ return -1;
++ }
++
++ }
+ }
++ return 1;
+}
- #undef BADLINE
- #define BADLINE() { \
-- fprintf(stderr, "%s: invalid entry %s on line %u\n", \
-+ __sepol_debug_printf("%s: invalid entry %s on line %u\n", \
- path, buffer, lineno); \
- continue; \
- }
-@@ -68,10 +81,11 @@
- /* Adding a new user definition. */
- usrdatum = (user_datum_t *) malloc(sizeof(user_datum_t));
- if (!id || !usrdatum) {
-- fprintf(stderr, "%s: out of memory for %s on line %u\n",
-+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
- path, buffer, lineno);
- errno = ENOMEM;
- free(buffer);
-+ fclose(fp);
- return -1;
- }
- memset(usrdatum, 0, sizeof(user_datum_t));
-@@ -81,10 +95,11 @@
- rc = hashtab_insert(policydb->p_users.table,
- id, (hashtab_datum_t) usrdatum);
- if (rc) {
-- fprintf(stderr, "%s: out of memory for %s on line %u\n",
-+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
- path, buffer, lineno);
- errno = ENOMEM;
- free(buffer);
-+ fclose(fp);
- return -1;
++
+ static int load_booleans(struct policydb *policydb, char *path) {
+ FILE *boolf;
+- char buffer[BUFSIZ];
++ char *buffer=NULL;
++ size_t size=0;
++ char localbools[BUFSIZ];
+ char name[BUFSIZ];
+- char name1[BUFSIZ];
+ int val;
+ int errors=0;
+ struct cond_bool_datum *datum;
+@@ -37,28 +66,29 @@
+ if (boolf == NULL)
+ return -1;
+
+- while (fgets(buffer, sizeof(buffer), boolf)) {
+- char *tok=strtok(buffer,"=");
+- if (tok) {
+- strncpy(name1,tok, BUFSIZ-1);
+- strtrim(name,name1,BUFSIZ-1);
+- if ( name[0]=='#' ) continue;
+- tok=strtok(NULL,"\0");
+- if (tok) {
+- while (isspace(*tok)) tok++;
+- val = -1;
+- if (isdigit(tok[0]))
+- val=atoi(tok);
+- else if (!strncasecmp(tok, "true", sizeof("true")-1))
+- val = 1;
+- else if (!strncasecmp(tok, "false", sizeof("false")-1))
+- val = 0;
+- if (val != 0 && val != 1) {
+- fprintf(stderr,"illegal value for boolean %s=%s\n", name, tok);
+- errors++;
+- continue;
+- }
+-
++ while (getline(&buffer, &size, boolf) > 0) {
++ int ret=process_boolean(buffer, name, sizeof(name), &val);
++ if (ret==-1)
++ errors++;
++ if (ret==1) {
++ datum = hashtab_search(policydb->p_bools.table, name);
++ if (!datum) {
++ fprintf(stderr,"unknown boolean %s\n", name);
++ errors++;
++ continue;
++ }
++ datum->state = val;
++ }
++ }
++ fclose(boolf);
++ snprintf(localbools,sizeof(localbools), "%s.local", path);
++ boolf = fopen(localbools,"r");
++ if (boolf != NULL) {
++ while (getline(&buffer, &size, boolf) > 0) {
++ int ret=process_boolean(buffer, name, sizeof(name), &val);
++ if (ret==-1)
++ errors++;
++ if (ret==1) {
+ datum = hashtab_search(policydb->p_bools.table, name);
+ if (!datum) {
+ fprintf(stderr,"unknown boolean %s\n", name);
+@@ -68,9 +98,9 @@
+ datum->state = val;
}
}
-@@ -128,7 +143,7 @@
-
- roldatum = hashtab_search(policydb->p_roles.table, q);
- if (!roldatum) {
-- fprintf(stderr, "%s: undefined role %s in %s on line %u\n",
-+ __sepol_debug_printf("%s: undefined role %s in %s on line %u\n",
- path, q, buffer, lineno);
- continue;
- }
-@@ -136,7 +151,7 @@
- for (bit = ebitmap_startbit(&roldatum->dominates); bit < ebitmap_length(&roldatum->dominates); bit++) {
- if (ebitmap_get_bit(&roldatum->dominates, bit))
- if (ebitmap_set_bit(&usrdatum->roles, bit, 1)) {
-- fprintf(stderr, "%s: out of memory for %s on line %u\n",
-+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
- path, buffer, lineno);
- errno = ENOMEM;
- free(buffer);
-@@ -172,10 +187,11 @@
-
- scontext = malloc(p - q);
- if (!scontext) {
-- fprintf(stderr, "%s: out of memory for %s on line %u\n",
-+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
- path, buffer, lineno);
- errno = ENOMEM;
- free(buffer);
-+ fclose(fp);
- return -1;
- }
- r = scontext;
-@@ -191,7 +207,7 @@
- context_init(&context);
- rc = mls_context_to_sid(policydb, oldc, &r, &context);
- if (rc) {
-- fprintf(stderr, "%s: invalid level %s in %s on line %u\n",
-+ __sepol_debug_printf("%s: invalid level %s in %s on line %u\n",
- path, scontext, buffer, lineno);
- free(scontext);
- continue;
-@@ -218,10 +234,11 @@
-
- scontext = malloc(p - q);
- if (!scontext) {
-- fprintf(stderr, "%s: out of memory for %s on line %u\n",
-+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
- path, buffer, lineno);
- errno = ENOMEM;
- free(buffer);
-+ fclose(fp);
- return -1;
- }
- r = scontext;
-@@ -237,7 +254,7 @@
- context_init(&context);
- rc = mls_context_to_sid(policydb, oldc, &r, &context);
- if (rc) {
-- fprintf(stderr, "%s: invalid range %s in %s on line %u\n",
-+ __sepol_debug_printf("%s: invalid range %s in %s on line %u\n",
- path, scontext, buffer, lineno);
- free(scontext);
- continue;
-@@ -248,7 +265,7 @@
++ fclose(boolf);
}
-
- free(buffer);
+- fclose(boolf);
-
-+ fclose(fp);
- return 0;
- }
-
-@@ -334,7 +351,7 @@
- pf.data = data;
- pf.len = len;
- if (policydb_read(&policydb,&pf, 0)) {
-- fprintf(stderr, "%s: Can't read binary policy: %s\n",
-+ __sepol_debug_printf("%s: Can't read binary policy: %s\n",
- __FUNCTION__, strerror(errno));
- return -1;
- }
-@@ -342,7 +359,7 @@
- /* Load base set of system users from the policy package. */
- snprintf(path, sizeof path, "%s/system.users", usersdir);
- if (load_users(&policydb, path) < 0) {
-- fprintf(stderr, "%s: Can't load system.users: %s\n",
-+ __sepol_debug_printf("%s: Can't load system.users: %s\n",
- __FUNCTION__, strerror(errno));
- return -1;
- }
-@@ -350,7 +367,7 @@
- /* Load locally defined users. */
- snprintf(path, sizeof path, "%s/local.users", usersdir);
- if (load_users(&policydb, path) < 0) {
-- fprintf(stderr, "%s: Can't load local.users: %s\n",
-+ __sepol_debug_printf("%s: Can't load local.users: %s\n",
- __FUNCTION__, strerror(errno));
- return -1;
- }
-@@ -374,7 +391,7 @@
- pf.len = 0;
- rc = policydb_write(&policydb, &pf);
- if (rc) {
-- fprintf(stderr, "Can't compute length of binary policy: %s\n",
-+ __sepol_debug_printf("Can't compute length of binary policy: %s\n",
- strerror(errno));
- return -1;
- }
-@@ -383,7 +400,7 @@
- pf.type = PF_USE_MEMORY;
- pf.data = malloc(pf.len);
- if (!pf.data) {
-- fprintf(stderr, "%s: %s\n", __FUNCTION__, strerror(errno));
-+ __sepol_debug_printf("%s: %s\n", __FUNCTION__, strerror(errno));
- return -1;
- }
-
-@@ -394,7 +411,7 @@
- /* Write out the new binary policy image. */
- rc = policydb_write(&policydb, &pf);
- if (rc) {
-- fprintf(stderr, "Can't write binary policy: %s\n",
-+ __sepol_debug_printf("Can't write binary policy: %s\n",
- strerror(errno));
- free(pf.data);
- return -1;
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/libsepol.map libsepol-1.3.6/src/libsepol.map
---- nsalibsepol/src/libsepol.map 2005-02-17 17:55:49.000000000 -0500
-+++ libsepol-1.3.6/src/libsepol.map 2005-02-25 10:19:28.000000000 -0500
-@@ -1,4 +1,4 @@
- {
-- global: sepol_genbools*; sepol_set_policydb_from_file; sepol_check_context; sepol_genusers;
-+ global: sepol_genbools*; sepol_set_policydb_from_file; sepol_check_context; sepol_genusers; sepol_debug;
- local: *;
- };
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/private.h libsepol-1.3.6/src/private.h
---- nsalibsepol/src/private.h 2005-02-07 10:23:04.000000000 -0500
-+++ libsepol-1.3.6/src/private.h 2005-02-25 10:20:39.000000000 -0500
-@@ -25,6 +25,7 @@
- };
-
- extern struct policydb_compat_info *policydb_lookup_compat(int version);
-+extern void __sepol_debug_printf(const char *fmt, ...);
++ free(buffer);
+ if (errors)
+ errno = EINVAL;
- /* Reading from a policy "file". */
- static inline void *next_entry(struct policy_file * fp, size_t bytes)
Index: libsepol.spec
===================================================================
RCS file: /cvs/dist/rpms/libsepol/devel/libsepol.spec,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- libsepol.spec 17 Mar 2005 20:04:11 -0000 1.21
+++ libsepol.spec 29 Mar 2005 15:39:54 -0000 1.22
@@ -1,10 +1,11 @@
Summary: SELinux binary policy manipulation library
Name: libsepol
Version: 1.5.2
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/libsepol-%{version}.tgz
+patch: libsepol-rhat.patch
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-buildroot
Provides: libsepol.so
@@ -36,6 +37,7 @@
%prep
%setup -q
+%patch -p1 -b .rhat
%build
make CFLAGS="%{optflags}"
@@ -71,6 +73,9 @@
/%{_lib}/libsepol.so.1
%changelog
+* Thu Mar 24 2005 Dan Walsh <dwalsh at redhat.com> 1.5.2-2
+- Handle booleans.local
+
* Thu Mar 17 2005 Dan Walsh <dwalsh at redhat.com> 1.5.2-1
- Update to latest from NSA
* Added man page for sepol_check_context.
- Previous message (by thread): rpms/libselinux/devel libselinux-rhat.patch, 1.37, 1.38 libselinux.spec, 1.88, 1.89
- Next message (by thread): rpms/selinux-policy-strict/devel booleans, 1.7, 1.8 policy-20050322.patch, 1.6, 1.7 selinux-policy-strict.spec, 1.262, 1.263
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list