rpms/libselinux/devel libselinux-rhat.patch,1.60,1.61

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Oct 18 18:27:48 UTC 2005 

Author: dwalsh

Update of /cvs/dist/rpms/libselinux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv2225

Modified Files:
	libselinux-rhat.patch 
Log Message:
* Mon Oct 17 2005 Dan Walsh <dwalsh at redhat.com> 1.27.12-1
- Update to latest from NSA
	* Merged get_default_context_with_rolelevel and man pages from
	  Dan Walsh (Red Hat).
	* Updated call to sepol_policydb_to_image for sepol changes.
	* Changed getseuserbyname to ignore empty lines and to handle
	no matching entry in the same manner as no seusers file.


libselinux-rhat.patch:
 get_default_context_with_level.3      |    1 +
 get_default_context_with_rolelevel.3  |    1 +
 get_ordered_context_list_with_level.3 |    1 +
 3 files changed, 3 insertions(+)

Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- libselinux-rhat.patch	17 Oct 2005 18:19:07 -0000	1.60
+++ libselinux-rhat.patch	18 Oct 2005 18:27:41 -0000	1.61
@@ -1,22 +1,3 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/get_context_list.h libselinux-1.27.10/include/selinux/get_context_list.h
---- nsalibselinux/include/selinux/get_context_list.h	2005-09-19 13:36:06.000000000 -0400
-+++ libselinux-1.27.10/include/selinux/get_context_list.h	2005-10-17 13:48:00.000000000 -0400
-@@ -54,6 +54,15 @@
- 				  security_context_t fromcon,
- 				  security_context_t *newcon);
- 
-+/* Same as get_default_context, but only return a context
-+   that has the specified role and level.  If no reachable context exists
-+   for the user with that role, then return -1. */
-+int get_default_context_with_rolelevel(const char* user, 
-+				       const char *level,
-+				       const char *role,
-+				       security_context_t fromcon,
-+				       security_context_t *newcon);
-+
- /* Given a list of authorized security contexts for the user, 
-    query the user to select one and set *newcon to refer to it.
-    Caller must free via freecon.
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_default_context_with_level.3 libselinux-1.27.10/man/man3/get_default_context_with_level.3
 --- nsalibselinux/man/man3/get_default_context_with_level.3	1969-12-31 19:00:00.000000000 -0500
 +++ libselinux-1.27.10/man/man3/get_default_context_with_level.3	2005-10-17 13:58:54.000000000 -0400
@@ -27,133 +8,8 @@
 +++ libselinux-1.27.10/man/man3/get_default_context_with_rolelevel.3	2005-10-17 13:58:41.000000000 -0400
 @@ -0,0 +1 @@
 +.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-1.27.10/man/man3/get_ordered_context_list.3
---- nsalibselinux/man/man3/get_ordered_context_list.3	2005-04-29 14:06:50.000000000 -0400
-+++ libselinux-1.27.10/man/man3/get_ordered_context_list.3	2005-10-17 13:57:48.000000000 -0400
-@@ -1,6 +1,6 @@
- .TH "get_ordered_context_list" "3" "1 January 2004" "russell at coker.com.au" "SE Linux"
- .SH "NAME"
--get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
-+get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
- 
- .SH "SYNOPSIS"
- .B #include <selinux/selinux.h>
-@@ -9,10 +9,16 @@
- .sp
- .BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
- .sp
-+.BI "int get_ordered_context_list_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t **" list );
-+.sp
- .BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
- .sp
-+.BI "int get_default_context_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t *" newcon );
-+.sp
- .BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
- .sp
-+.BI "int get_default_context_with_rolelevel(const char* " user ", const char* " level ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
-+.sp
- .BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
- .sp
- .BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
-@@ -27,7 +33,7 @@
- .I user
- that are reachable from the specified
- .I fromcon
--context and then orders the resulting list based on the global
-+context.  The function then orders the resulting list based on the global
- .B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
- file and the per-user
- .B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
-@@ -39,13 +45,22 @@
- .B freeconary
- function.
- 
-+.B get_ordered_context_list_with_level
-+invokes the get_ordered_context_list function and applies the specified level.
-+
- .B get_default_context
- is the same as get_ordered_context_list but only returns a single context
- which has to be freed with freecon.
- 
-+.B get_default_context_with_level
-+invokes the get_default_context function and applies the specified level.
-+
- .B get_default_context_with_role
- is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.
- 
-+.B get_default_context_with_rolelevel
-+invokes the get_default_context_with_role function and applies the specified level.
-+
- .B query_user_context
- takes a list of contexts, queries the user via stdin/stdout as to which context
- they want, and returns a new context as selected by the user (which has to be
-@@ -58,9 +73,8 @@
- Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.
- 
- .SH "RETURN VALUE"
--get_ordered_context_list returns the number of contexts in the list upon
--success or -1 upon errors.
-+get_ordered_context_list and get_ordered_context_list_with_level return the number of contexts in the list upon success or -1 upon errors.
- The other functions return 0 for success or -1 for errors.
- 
- .SH "SEE ALSO"
--.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"
-+.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)"
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list_with_level.3 libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3
 --- nsalibselinux/man/man3/get_ordered_context_list_with_level.3	1969-12-31 19:00:00.000000000 -0500
 +++ libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3	2005-10-17 13:59:03.000000000 -0400
 @@ -0,0 +1 @@
 +.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-1.27.10/src/get_context_list.c
---- nsalibselinux/src/get_context_list.c	2005-10-14 14:45:05.000000000 -0400
-+++ libselinux-1.27.10/src/get_context_list.c	2005-10-17 13:45:55.000000000 -0400
-@@ -48,6 +48,49 @@
-     return rc;
- }
- 
-+int get_default_context_with_rolelevel(const char* user, 
-+				       const char *role,
-+				       const char *level,
-+				       security_context_t fromcon,
-+				       security_context_t *newcon) 
-+{
-+
-+    int rc=0;
-+    int freefrom = 0;
-+    context_t con;
-+    char *newfromcon;
-+    if (!level) 
-+	    return get_default_context_with_role(user, role, fromcon, newcon);
-+	
-+    if (!fromcon) {
-+	    rc = getcon(&fromcon);
-+	    if (rc < 0)
-+		    return rc;
-+	    freefrom = 1;
-+    }
-+    
-+    rc = -1;
-+    con=context_new(fromcon);
-+    if (!con)
-+	    goto out;
-+    
-+    if (context_range_set(con, level))
-+	    goto out;
-+    
-+    newfromcon = context_str(con);
-+    if (!newfromcon)
-+	    goto out;
-+    
-+    rc = get_default_context_with_role(user, role, newfromcon, newcon);
-+    
-+out:
-+    context_free(con);
-+    if (freefrom) 
-+	    freecon(fromcon);
-+    return rc;
-+
-+}
-+
- int get_default_context(const char* user, 
- 			security_context_t fromcon,
- 			security_context_t *newcon)

More information about the fedora-cvs-commits mailing list