rpms/libselinux/devel libselinux-rhat.patch, 1.51, 1.52 libselinux.spec, 1.113, 1.114
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Sep 13 16:48:19 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/libselinux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27456
Modified Files:
libselinux-rhat.patch libselinux.spec
Log Message:
* Mon Sep 12 2005 Dan Walsh <dwalsh at redhat.com> 1.26-2
- Eliminate forth param from mls context when mls is not enabled.
libselinux-rhat.patch:
include/selinux/selinux.h | 6 +++++
src/init.c | 10 ++++++--
src/matchpathcon.c | 26 ++++++++++++++++++----
src/selinux_config.c | 53 ++++++++++++++++++++++++++--------------------
4 files changed, 66 insertions(+), 29 deletions(-)
Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- libselinux-rhat.patch 12 Sep 2005 15:52:30 -0000 1.51
+++ libselinux-rhat.patch 13 Sep 2005 16:48:15 -0000 1.52
@@ -1,22 +1,22 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.25.7/include/selinux/selinux.h
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.26/include/selinux/selinux.h
--- nsalibselinux/include/selinux/selinux.h 2005-09-01 11:17:40.000000000 -0400
-+++ libselinux-1.25.7/include/selinux/selinux.h 2005-09-12 11:33:32.000000000 -0400
++++ libselinux-1.26/include/selinux/selinux.h 2005-09-12 17:05:36.000000000 -0400
@@ -304,6 +304,12 @@
extern int selinux_getenforcemode(int *enforce);
/*
-+ selinux_gettype reads the /etc/selinux/config file and determines
++ selinux_getpolicytype reads the /etc/selinux/config file and determines
+ whether the policy tyep for this machine, type must be freed.
+ */
-+extern void selinux_gettype(char **type);
++extern void selinux_getpolicytype(char **type);
+
+/*
selinux_policy_root reads the /etc/selinux/config file and returns
the directory path under which the compiled policy file and context
configuration files exist.
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-1.25.7/src/init.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-1.26/src/init.c
--- nsalibselinux/src/init.c 2005-09-01 13:21:11.000000000 -0400
-+++ libselinux-1.25.7/src/init.c 2005-09-12 11:36:33.000000000 -0400
++++ libselinux-1.26/src/init.c 2005-09-12 17:13:20.000000000 -0400
@@ -8,6 +8,7 @@
#include <asm/page.h>
#include <stdio.h>
@@ -34,25 +34,108 @@
int (*lib_trans_init)(void) = NULL;
-
- translation_lib_handle = dlopen("libsetrans.so.0", RTLD_NOW);
-+ selinux_gettype(&type);
++ selinux_getpolicytype(&type);
+ if (!type) return;
-+ snprintf(path, PATH_MAX-1, "/lib/selinux/lib%s.so.0", type);
++ snprintf(path, PATH_MAX-1, "/$LIB/selinux/%s/libsetrans.so.0", type);
+ free(type);
+ translation_lib_handle = dlopen(path, RTLD_NOW);
if (!translation_lib_handle)
return;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.25.7/src/selinux_config.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-1.26/src/matchpathcon.c
+--- nsalibselinux/src/matchpathcon.c 2005-08-24 09:07:11.000000000 -0400
++++ libselinux-1.26/src/matchpathcon.c 2005-09-12 17:05:37.000000000 -0400
+@@ -25,6 +25,20 @@
+ va_end(ap);
+ }
+
++#define STRIP_LEVEL(CON) \
++ if (! mls_enabled) { \
++ int i=0; \
++ int ctr=0; \
++ while (CON[i]) { \
++ if (CON[i] == ':') ctr++; \
++ if (ctr==3) { \
++ CON[i]=0; \
++ break; \
++ } \
++ i++; \
++ } \
++ }
++
+ static void (*myprintf)(const char *fmt, ...) = &default_printf;
+
+ void set_matchpathcon_printf(void (*f)(const char *fmt, ...))
+@@ -415,7 +429,7 @@
+ }
+ return;
+ }
+-static int process_line( const char *path, char *line_buf, int pass, unsigned lineno) {
++static int process_line( const char *path, char *line_buf, int pass, unsigned lineno, int mls_enabled) {
+ int items, len, regerr;
+ char *buf_p;
+ char *regex, *type, *context;
+@@ -438,6 +452,7 @@
+ } else if (items == 2) {
+ /* The type field is optional. */
+ free(context);
++ STRIP_LEVEL(type)
+ context = type;
+ type = 0;
+ }
+@@ -510,7 +525,7 @@
+ }
+
+ skip_type:
+-
++ STRIP_LEVEL(context)
+ spec_arr[nspec].context = context;
+
+ if (strcmp(context, "<<none>>")) {
+@@ -557,6 +572,7 @@
+ unsigned int lineno, pass, i, j, maxnspec;
+ spec_t *spec_copy=NULL;
+ int status=-1;
++ int mls_enabled=is_selinux_mls_enabled();
+
+ /* Open the specification file. */
+ if (!path)
+@@ -590,20 +606,20 @@
+ lineno = 0;
+ nspec = 0;
+ while (getline(&line_buf, &line_len, fp) > 0 && nspec < maxnspec) {
+- if (process_line(path, line_buf, pass, ++lineno) != 0)
++ if (process_line(path, line_buf, pass, ++lineno, mls_enabled) != 0)
+ goto finish;
+ }
+ lineno = 0;
+ if (homedirfp)
+ while (getline(&line_buf, &line_len, homedirfp) > 0 && nspec < maxnspec) {
+- if (process_line(homedir_path, line_buf, pass, ++lineno) != 0)
++ if (process_line(homedir_path, line_buf, pass, ++lineno, mls_enabled) != 0)
+ goto finish;
+ }
+
+ lineno = 0;
+ if (localfp)
+ while (getline(&line_buf, &line_len, localfp) > 0 && nspec < maxnspec) {
+- if (process_line(local_path, line_buf, pass, ++lineno) != 0)
++ if (process_line(local_path, line_buf, pass, ++lineno, mls_enabled) != 0)
+ goto finish;
+ }
+
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.26/src/selinux_config.c
--- nsalibselinux/src/selinux_config.c 2005-03-17 14:56:21.000000000 -0500
-+++ libselinux-1.25.7/src/selinux_config.c 2005-09-12 11:35:35.000000000 -0400
-@@ -85,6 +85,28 @@
++++ libselinux-1.26/src/selinux_config.c 2005-09-13 12:46:22.682193000 -0400
+@@ -85,6 +85,29 @@
static int use_compat_file_path;
-+void selinux_gettype(char **rtype) {
++void selinux_getpolicytype(char **rtype) {
+ char *type=SELINUXDEFAULT;
+ char buf[4097];
-+ int len, i;
++ int i=0;
++ int len=sizeof(SELINUXTYPETAG)-1;
+ FILE *cfg = fopen(SELINUXCONFIG,"r");
+ if (cfg) {
+ while (fgets_unlocked(buf, 4096, cfg)) {
@@ -74,15 +157,16 @@
int selinux_getenforcemode(int *enforce) {
int ret=-1;
FILE *cfg = fopen(SELINUXCONFIG,"r");
-@@ -122,38 +144,24 @@
+@@ -122,38 +145,24 @@
static void init_selinux_policyroot(void)
{
- char *type=SELINUXDEFAULT;
-+ char *type=NULL;
- int i=0, len=sizeof(SELINUXTYPETAG)-1, len2;
+- int i=0, len=sizeof(SELINUXTYPETAG)-1, len2;
- char buf[4097];
- FILE *cfg;
++ char *type=NULL;
++ int i=0, len, len2;
if (selinux_policyroot) return;
if (access(SELINUXDIR, F_OK) != 0) {
selinux_policyroot = SECURITYDIR;
@@ -105,7 +189,7 @@
- type[i]=0;
- i--;
- }
-+ selinux_gettype(&type);
++ selinux_getpolicytype(&type);
+ if (!type) return;
len=sizeof(SELINUXDIR) + strlen(type);
selinux_policyroot=malloc(len);
Index: libselinux.spec
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.113
retrieving revision 1.114
diff -u -r1.113 -r1.114
--- libselinux.spec 12 Sep 2005 15:52:30 -0000 1.113
+++ libselinux.spec 13 Sep 2005 16:48:16 -0000 1.114
@@ -1,11 +1,11 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 1.26
-Release: 1
+Release: 2
License: Public domain (uncopyrighted)
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
-Prereq: libsetrans >= 0.1.4-2
+Prereq: libsetrans >= 0.1.4-3
Patch: libselinux-rhat.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
@@ -86,6 +86,9 @@
%{_mandir}/man8/*
%changelog
+* Mon Sep 12 2005 Dan Walsh <dwalsh at redhat.com> 1.26-2
+- Eliminate forth param from mls context when mls is not enabled.
+
* Tue Sep 6 2005 Dan Walsh <dwalsh at redhat.com> 1.25.7-1
- Update from NSA
* Merged modified form of patch to avoid dlopen/dlclose by
More information about the fedora-cvs-commits
mailing list