rpms/libselinux/devel libselinux-rhat.patch,1.60,1.61
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Oct 18 18:27:48 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/libselinux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv2225
Modified Files:
libselinux-rhat.patch
Log Message:
* Mon Oct 17 2005 Dan Walsh <dwalsh at redhat.com> 1.27.12-1
- Update to latest from NSA
* Merged get_default_context_with_rolelevel and man pages from
Dan Walsh (Red Hat).
* Updated call to sepol_policydb_to_image for sepol changes.
* Changed getseuserbyname to ignore empty lines and to handle
no matching entry in the same manner as no seusers file.
libselinux-rhat.patch:
get_default_context_with_level.3 | 1 +
get_default_context_with_rolelevel.3 | 1 +
get_ordered_context_list_with_level.3 | 1 +
3 files changed, 3 insertions(+)
Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- libselinux-rhat.patch 17 Oct 2005 18:19:07 -0000 1.60
+++ libselinux-rhat.patch 18 Oct 2005 18:27:41 -0000 1.61
@@ -1,22 +1,3 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/get_context_list.h libselinux-1.27.10/include/selinux/get_context_list.h
---- nsalibselinux/include/selinux/get_context_list.h 2005-09-19 13:36:06.000000000 -0400
-+++ libselinux-1.27.10/include/selinux/get_context_list.h 2005-10-17 13:48:00.000000000 -0400
-@@ -54,6 +54,15 @@
- security_context_t fromcon,
- security_context_t *newcon);
-
-+/* Same as get_default_context, but only return a context
-+ that has the specified role and level. If no reachable context exists
-+ for the user with that role, then return -1. */
-+int get_default_context_with_rolelevel(const char* user,
-+ const char *level,
-+ const char *role,
-+ security_context_t fromcon,
-+ security_context_t *newcon);
-+
- /* Given a list of authorized security contexts for the user,
- query the user to select one and set *newcon to refer to it.
- Caller must free via freecon.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_default_context_with_level.3 libselinux-1.27.10/man/man3/get_default_context_with_level.3
--- nsalibselinux/man/man3/get_default_context_with_level.3 1969-12-31 19:00:00.000000000 -0500
+++ libselinux-1.27.10/man/man3/get_default_context_with_level.3 2005-10-17 13:58:54.000000000 -0400
@@ -27,133 +8,8 @@
+++ libselinux-1.27.10/man/man3/get_default_context_with_rolelevel.3 2005-10-17 13:58:41.000000000 -0400
@@ -0,0 +1 @@
+.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-1.27.10/man/man3/get_ordered_context_list.3
---- nsalibselinux/man/man3/get_ordered_context_list.3 2005-04-29 14:06:50.000000000 -0400
-+++ libselinux-1.27.10/man/man3/get_ordered_context_list.3 2005-10-17 13:57:48.000000000 -0400
-@@ -1,6 +1,6 @@
- .TH "get_ordered_context_list" "3" "1 January 2004" "russell at coker.com.au" "SE Linux"
- .SH "NAME"
--get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
-+get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
-
- .SH "SYNOPSIS"
- .B #include <selinux/selinux.h>
-@@ -9,10 +9,16 @@
- .sp
- .BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
- .sp
-+.BI "int get_ordered_context_list_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t **" list );
-+.sp
- .BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
- .sp
-+.BI "int get_default_context_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t *" newcon );
-+.sp
- .BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
- .sp
-+.BI "int get_default_context_with_rolelevel(const char* " user ", const char* " level ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
-+.sp
- .BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
- .sp
- .BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
-@@ -27,7 +33,7 @@
- .I user
- that are reachable from the specified
- .I fromcon
--context and then orders the resulting list based on the global
-+context. The function then orders the resulting list based on the global
- .B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
- file and the per-user
- .B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
-@@ -39,13 +45,22 @@
- .B freeconary
- function.
-
-+.B get_ordered_context_list_with_level
-+invokes the get_ordered_context_list function and applies the specified level.
-+
- .B get_default_context
- is the same as get_ordered_context_list but only returns a single context
- which has to be freed with freecon.
-
-+.B get_default_context_with_level
-+invokes the get_default_context function and applies the specified level.
-+
- .B get_default_context_with_role
- is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.
-
-+.B get_default_context_with_rolelevel
-+invokes the get_default_context_with_role function and applies the specified level.
-+
- .B query_user_context
- takes a list of contexts, queries the user via stdin/stdout as to which context
- they want, and returns a new context as selected by the user (which has to be
-@@ -58,9 +73,8 @@
- Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.
-
- .SH "RETURN VALUE"
--get_ordered_context_list returns the number of contexts in the list upon
--success or -1 upon errors.
-+get_ordered_context_list and get_ordered_context_list_with_level return the number of contexts in the list upon success or -1 upon errors.
- The other functions return 0 for success or -1 for errors.
-
- .SH "SEE ALSO"
--.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"
-+.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list_with_level.3 libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3
--- nsalibselinux/man/man3/get_ordered_context_list_with_level.3 1969-12-31 19:00:00.000000000 -0500
+++ libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3 2005-10-17 13:59:03.000000000 -0400
@@ -0,0 +1 @@
+.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-1.27.10/src/get_context_list.c
---- nsalibselinux/src/get_context_list.c 2005-10-14 14:45:05.000000000 -0400
-+++ libselinux-1.27.10/src/get_context_list.c 2005-10-17 13:45:55.000000000 -0400
-@@ -48,6 +48,49 @@
- return rc;
- }
-
-+int get_default_context_with_rolelevel(const char* user,
-+ const char *role,
-+ const char *level,
-+ security_context_t fromcon,
-+ security_context_t *newcon)
-+{
-+
-+ int rc=0;
-+ int freefrom = 0;
-+ context_t con;
-+ char *newfromcon;
-+ if (!level)
-+ return get_default_context_with_role(user, role, fromcon, newcon);
-+
-+ if (!fromcon) {
-+ rc = getcon(&fromcon);
-+ if (rc < 0)
-+ return rc;
-+ freefrom = 1;
-+ }
-+
-+ rc = -1;
-+ con=context_new(fromcon);
-+ if (!con)
-+ goto out;
-+
-+ if (context_range_set(con, level))
-+ goto out;
-+
-+ newfromcon = context_str(con);
-+ if (!newfromcon)
-+ goto out;
-+
-+ rc = get_default_context_with_role(user, role, newfromcon, newcon);
-+
-+out:
-+ context_free(con);
-+ if (freefrom)
-+ freecon(fromcon);
-+ return rc;
-+
-+}
-+
- int get_default_context(const char* user,
- security_context_t fromcon,
- security_context_t *newcon)
More information about the fedora-cvs-commits
mailing list