rpms/libselinux/devel libselinux-rhat.patch, 1.81, 1.82 libselinux.spec, 1.191, 1.192
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue May 9 19:13:14 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/libselinux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv30486
Modified Files:
libselinux-rhat.patch libselinux.spec
Log Message:
* Tue May 9 2006 Dan Walsh <dwalsh at redhat.com> 1.30.6-2
- Add Russell's AVC patch to handle large numbers
libselinux-rhat.patch:
avcstat.c | 18 +++++++++---------
1 files changed, 9 insertions(+), 9 deletions(-)
Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- libselinux-rhat.patch 8 May 2006 14:08:20 -0000 1.81
+++ libselinux-rhat.patch 9 May 2006 19:13:08 -0000 1.82
@@ -1,1327 +1,49 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/setrans.h libselinux-1.30.3/include/selinux/setrans.h
---- nsalibselinux/include/selinux/setrans.h 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.30.3/include/selinux/setrans.h 2006-05-03 09:25:00.000000000 -0400
-@@ -0,0 +1,32 @@
-+/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
-+
-+#ifndef _SETRANS_H
-+#define _SETRANS_H
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/* This must be called once, prior to calling any other
-+ translation function.
-+ Returns nonzero if translations cannot be performed,
-+ or 0 otherwise. */
-+int init_context_translations(void);
-+
-+/* Perform context translation.
-+ Caller must free the resulting context.
-+ Returns nonzero if error or 0 otherwise. */
-+int translate_context(const char *, char **);
-+int untranslate_context(const char *, char **);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#define SETRANS_UNIX_SOCKET "/var/run/setrans/.setrans-unix"
-+
-+#define SETRANS_INIT 1
-+#define RAW_TO_TRANS_CONTEXT 2
-+#define TRANS_TO_RAW_CONTEXT 3
-+
-+#endif /* _SETRANS_H */
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/canonicalize_context.c libselinux-1.30.3/src/canonicalize_context.c
---- nsalibselinux/src/canonicalize_context.c 2005-11-08 09:34:17.000000000 -0500
-+++ libselinux-1.30.3/src/canonicalize_context.c 2006-05-03 11:00:33.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -23,7 +22,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -64,22 +63,16 @@
- security_context_t rcon = con;
- security_context_t rcanoncon;
-
-- if (context_translations && trans_to_raw_context(con, &rcon))
-+
-+ if (selinux_trans_to_raw_context(con, &rcon))
- return -1;
-
- ret = security_canonicalize_context_raw(rcon, &rcanoncon);
-
-- if (context_translations) {
-- freecon(rcon);
-- if (!ret) {
-- if (raw_to_trans_context(rcanoncon, canoncon)) {
-- *canoncon = NULL;
-- ret = -1;
-- }
-- freecon(rcanoncon);
-- }
-- } else if (!ret) {
-- *canoncon = rcanoncon;
-+ freecon(rcon);
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcanoncon, canoncon);
-+ freecon(rcanoncon);
- }
-
- return ret;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/check_context.c libselinux-1.30.3/src/check_context.c
---- nsalibselinux/src/check_context.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/check_context.c 2006-05-03 10:59:57.000000000 -0400
-@@ -32,13 +32,12 @@
- int ret;
- security_context_t rcon = con;
-
-- if (context_translations && trans_to_raw_context(con, &rcon))
-+ if (selinux_trans_to_raw_context(con, &rcon))
- return -1;
-
- ret = security_check_context_raw(rcon);
-
-- if (context_translations)
-- freecon(rcon);
-+ freecon(rcon);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/compute_av.c libselinux-1.30.3/src/compute_av.c
---- nsalibselinux/src/compute_av.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/compute_av.c 2006-05-03 11:00:48.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -26,7 +25,7 @@
- if (fd < 0)
- return -1;
-
-- len = PAGE_SIZE;
-+ len = selinux_page_size;
- buf = malloc(len);
- if (!buf) {
- ret = -1;
-@@ -70,21 +69,17 @@
- security_context_t rscon = scon;
- security_context_t rtcon = tcon;
-
-- if (context_translations) {
-- if (trans_to_raw_context(scon, &rscon))
-- return -1;
-- if (trans_to_raw_context(tcon, &rtcon)) {
-- freecon(rscon);
-- return -1;
-- }
-+ if (selinux_trans_to_raw_context(scon, &rscon))
-+ return -1;
-+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
-+ freecon(rscon);
-+ return -1;
- }
-
- ret = security_compute_av_raw(rscon, rtcon, tclass, requested, avd);
-
-- if (context_translations) {
-- freecon(rscon);
-- freecon(rtcon);
-- }
-+ freecon(rscon);
-+ freecon(rtcon);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/compute_create.c libselinux-1.30.3/src/compute_create.c
---- nsalibselinux/src/compute_create.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/compute_create.c 2006-05-03 11:04:26.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -25,7 +24,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -66,29 +65,21 @@
- security_context_t rtcon = tcon;
- security_context_t rnewcon;
-
-- if (context_translations) {
-- if (trans_to_raw_context(scon, &rscon))
-- return -1;
-- if (trans_to_raw_context(tcon, &rtcon)) {
-- freecon(rscon);
-- return -1;
-- }
-+ if (selinux_trans_to_raw_context(scon, &rscon))
-+ return -1;
-+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
-+ freecon(rscon);
-+ return -1;
- }
-
- ret = security_compute_create_raw(rscon, rtcon, tclass, &rnewcon);
-
-- if (context_translations) {
-- freecon(rscon);
-- freecon(rtcon);
-- if (!ret) {
-- if (raw_to_trans_context(rnewcon, newcon)) {
-- *newcon = NULL;
-- ret = -1;
-- }
-- freecon(rnewcon);
-- }
-- } else if (!ret)
-- *newcon = rnewcon;
-+ freecon(rscon);
-+ freecon(rtcon);
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rnewcon, newcon);
-+ freecon(rnewcon);
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/compute_member.c libselinux-1.30.3/src/compute_member.c
---- nsalibselinux/src/compute_member.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/compute_member.c 2006-05-03 11:01:44.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -25,7 +24,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -66,29 +65,24 @@
- security_context_t rtcon = tcon;
- security_context_t rnewcon;
-
-- if (context_translations) {
-- if (trans_to_raw_context(scon, &rscon))
-- return -1;
-- if (trans_to_raw_context(tcon, &rtcon)) {
-- freecon(rscon);
-- return -1;
-- }
-+ if (selinux_trans_to_raw_context(scon, &rscon))
-+ return -1;
-+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
-+ freecon(rscon);
-+ return -1;
- }
-
- ret = security_compute_member_raw(rscon, rtcon, tclass, &rnewcon);
-
-- if (context_translations) {
-- freecon(rscon);
-- freecon(rtcon);
-- if (!ret) {
-- if (raw_to_trans_context(rnewcon, newcon)) {
-- *newcon = NULL;
-- ret = -1;
-- }
-- freecon(rnewcon);
-+ freecon(rscon);
-+ freecon(rtcon);
-+ if (!ret) {
-+ if (selinux_raw_to_trans_context(rnewcon, newcon)) {
-+ *newcon = NULL;
-+ ret = -1;
- }
-- } else if (!ret)
-- *newcon = rnewcon;
-+ freecon(rnewcon);
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/compute_relabel.c libselinux-1.30.3/src/compute_relabel.c
---- nsalibselinux/src/compute_relabel.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/compute_relabel.c 2006-05-03 11:04:30.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -25,7 +24,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -66,29 +65,21 @@
- security_context_t rtcon = tcon;
- security_context_t rnewcon;
-
-- if (context_translations) {
-- if (trans_to_raw_context(scon, &rscon))
-- return -1;
-- if (trans_to_raw_context(tcon, &rtcon)) {
-- freecon(rscon);
-- return -1;
-- }
-+ if (selinux_trans_to_raw_context(scon, &rscon))
-+ return -1;
-+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
-+ freecon(rscon);
-+ return -1;
- }
-
- ret = security_compute_relabel_raw(rscon, rtcon, tclass, &rnewcon);
-
-- if (context_translations) {
-- freecon(rscon);
-- freecon(rtcon);
-- if (!ret) {
-- if (raw_to_trans_context(rnewcon, newcon)) {
-- *newcon = NULL;
-- ret = -1;
-- }
-- freecon(rnewcon);
-- }
-- } else if (!ret)
-- *newcon = rnewcon;
-+ freecon(rscon);
-+ freecon(rtcon);
-+ if (!ret) {
-+ ret=selinux_raw_to_trans_context(rnewcon, newcon);
-+ freecon(rnewcon);
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/compute_user.c libselinux-1.30.3/src/compute_user.c
---- nsalibselinux/src/compute_user.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/compute_user.c 2006-05-03 11:02:16.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdio.h>
- #include <errno.h>
- #include <string.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
- #include <limits.h>
-@@ -26,7 +25,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -82,24 +81,22 @@
- int ret;
- security_context_t rscon = scon;
-
-- if (context_translations && trans_to_raw_context(scon, &rscon))
-+ if (selinux_trans_to_raw_context(scon, &rscon))
- return -1;
-
- ret = security_compute_user_raw(rscon, user, con);
-
-- if (context_translations) {
-- freecon(rscon);
-- if (!ret) {
-- security_context_t *ptr, tmpcon;
-- for (ptr = *con; *ptr; ptr++) {
-- if (raw_to_trans_context(*ptr, &tmpcon)) {
-- freeconary(*con);
-- *con = NULL;
-- return -1;
-- }
-- freecon(*ptr);
-- *ptr = tmpcon;
-+ freecon(rscon);
-+ if (!ret) {
-+ security_context_t *ptr, tmpcon;
-+ for (ptr = *con; *ptr; ptr++) {
-+ if (selinux_raw_to_trans_context(*ptr, &tmpcon)) {
-+ freeconary(*con);
-+ *con = NULL;
-+ return -1;
- }
-+ freecon(*ptr);
-+ *ptr = tmpcon;
- }
- }
-
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/enabled.c libselinux-1.30.3/src/enabled.c
---- nsalibselinux/src/enabled.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/enabled.c 2006-05-02 14:48:35.000000000 -0400
-@@ -5,7 +5,6 @@
- #include <stdlib.h>
- #include <errno.h>
- #include <limits.h>
--#include <asm/page.h>
- #include <stdio.h>
- #include "policy.h"
-
-@@ -22,7 +21,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- enabled = -1;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/fgetfilecon.c libselinux-1.30.3/src/fgetfilecon.c
---- nsalibselinux/src/fgetfilecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/fgetfilecon.c 2006-05-03 10:55:46.000000000 -0400
-@@ -52,14 +52,10 @@
-
- ret = fgetfilecon_raw(fd, &rcontext);
-
-- if (context_translations && ret > 0) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (ret > 0) {
-+ ret=selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (ret > 0)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/fsetfilecon.c libselinux-1.30.3/src/fsetfilecon.c
---- nsalibselinux/src/fsetfilecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/fsetfilecon.c 2006-05-03 11:02:20.000000000 -0400
-@@ -18,13 +18,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = fsetfilecon_raw(fd, rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getcon.c libselinux-1.30.3/src/getcon.c
---- nsalibselinux/src/getcon.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/getcon.c 2006-05-03 11:02:25.000000000 -0400
-@@ -4,7 +4,6 @@
- #include "selinux_internal.h"
- #include <stdlib.h>
- #include <errno.h>
--#include <asm/page.h>
- #include "policy.h"
-
- int getcon_raw(security_context_t *context)
-@@ -18,7 +17,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -51,14 +50,13 @@
-
- ret = getcon_raw(&rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-+ if (!ret) {
-+ if (selinux_raw_to_trans_context(rcontext, context)) {
- *context = NULL;
- ret = -1;
+diff --exclude-from=exclude -N -u -r nsalibselinux/utils/avcstat.c libselinux-1.30.6/utils/avcstat.c
+--- nsalibselinux/utils/avcstat.c 2005-05-19 15:24:25.000000000 -0400
++++ libselinux-1.30.6/utils/avcstat.c 2006-05-09 15:09:13.000000000 -0400
+@@ -27,12 +27,12 @@
+ #define HEADERS "lookups hits misses allocations reclaims frees"
+
+ struct avc_cache_stats {
+- unsigned int lookups;
+- unsigned int hits;
+- unsigned int misses;
+- unsigned int allocations;
+- unsigned int reclaims;
+- unsigned int frees;
++ unsigned long long lookups;
++ unsigned long long hits;
++ unsigned long long misses;
++ unsigned long long allocations;
++ unsigned long long reclaims;
++ unsigned long long frees;
+ };
+
+ static int interval;
+@@ -172,7 +172,7 @@
+ while ((line = strtok(NULL, "\n"))) {
+ struct avc_cache_stats tmp;
+
+- ret = sscanf(line, "%u %u %u %u %u %u",
++ ret = sscanf(line, "%Lu %Lu %Lu %Lu %Lu %Lu",
+ &tmp.lookups,
+ &tmp.hits,
+ &tmp.misses,
+@@ -195,7 +195,7 @@
+ die("unable to parse \'%s\': no data", avcstatfile);
+
+ if (cumulative || (!cumulative && !i))
+- printf("%10u %10u %10u %10u %10u %10u\n",
++ printf("%10Lu %10Lu %10Lu %10Lu %10Lu %10Lu\n",
+ tot.lookups, tot.hits, tot.misses,
+ tot.allocations, tot.reclaims, tot.frees);
+ else {
+@@ -205,7 +205,7 @@
+ rel.allocations = tot.allocations - last.allocations;
+ rel.reclaims = tot.reclaims - last.reclaims;
+ rel.frees = tot.frees - last.frees;
+- printf("%10u %10u %10u %10u %10u %10u\n",
++ printf("%10Lu %10Lu %10Lu %10Lu %10Lu %10Lu\n",
+ rel.lookups, rel.hits, rel.misses,
+ rel.allocations, rel.reclaims, rel.frees);
}
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getexeccon.c libselinux-1.30.3/src/getexeccon.c
---- nsalibselinux/src/getexeccon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/getexeccon.c 2006-05-03 11:04:35.000000000 -0400
-@@ -3,7 +3,6 @@
- #include <string.h>
- #include <stdlib.h>
- #include <errno.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
-
-@@ -18,7 +17,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -56,14 +55,10 @@
-
- ret = getexeccon_raw(&rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getfilecon.c libselinux-1.30.3/src/getfilecon.c
---- nsalibselinux/src/getfilecon.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/getfilecon.c 2006-05-03 10:54:32.000000000 -0400
-@@ -52,14 +52,10 @@
-
- ret = getfilecon_raw(path, &rcontext);
-
-- if (context_translations && ret > 0) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (ret > 0) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (ret > 0)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getfscreatecon.c libselinux-1.30.3/src/getfscreatecon.c
---- nsalibselinux/src/getfscreatecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/getfscreatecon.c 2006-05-03 11:04:45.000000000 -0400
-@@ -3,7 +3,6 @@
- #include <string.h>
- #include <stdlib.h>
- #include <errno.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
-
-@@ -18,7 +17,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -56,14 +55,10 @@
-
- ret = getfscreatecon_raw(&rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getpeercon.c libselinux-1.30.3/src/getpeercon.c
---- nsalibselinux/src/getpeercon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/getpeercon.c 2006-05-03 11:03:09.000000000 -0400
-@@ -51,14 +51,10 @@
-
- ret = getpeercon_raw(fd, &rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getpidcon.c libselinux-1.30.3/src/getpidcon.c
---- nsalibselinux/src/getpidcon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/getpidcon.c 2006-05-03 11:03:33.000000000 -0400
-@@ -4,7 +4,6 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <errno.h>
--#include <asm/page.h>
- #include "selinux_internal.h"
- #include "policy.h"
-
-@@ -22,7 +21,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -55,14 +54,10 @@
-
- ret = getpidcon_raw(pid, &rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/getprevcon.c libselinux-1.30.3/src/getprevcon.c
---- nsalibselinux/src/getprevcon.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/getprevcon.c 2006-05-03 11:03:45.000000000 -0400
-@@ -4,7 +4,6 @@
- #include "selinux_internal.h"
- #include <stdlib.h>
- #include <errno.h>
--#include <asm/page.h>
- #include "policy.h"
-
- int getprevcon_raw(security_context_t *context)
-@@ -18,7 +17,7 @@
- if (fd < 0)
- return -1;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
- buf = malloc(size);
- if (!buf) {
- ret = -1;
-@@ -51,14 +50,10 @@
-
- ret = getprevcon_raw(&rcontext);
-
-- if (context_translations && !ret) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (!ret) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (!ret)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-1.30.3/src/init.c
---- nsalibselinux/src/init.c 2005-12-14 14:16:46.000000000 -0500
-+++ libselinux-1.30.3/src/init.c 2006-05-03 10:30:57.000000000 -0400
-@@ -4,15 +4,16 @@
- #include <stdlib.h>
- #include <errno.h>
- #include <ctype.h>
--#include <asm/page.h>
- #include <stdio.h>
- #include <dlfcn.h>
-+#include <unistd.h>
-
- #include "dso.h"
- #include "policy.h"
- #include "selinux_internal.h"
-
- char *selinux_mnt = NULL;
-+int selinux_page_size=0;
-
- static void init_selinuxmnt(void)
- {
-@@ -27,11 +28,12 @@
- if (!fp)
- return;
-
-- size = PAGE_SIZE;
-+ size = selinux_page_size;
-+
- buf = malloc(size);
- if (!buf)
- goto out;
--
-+
- memset(buf, 0, size);
-
- while(( bufp = fgets_unlocked(buf, size, fp)))
-@@ -75,65 +77,15 @@
- }
- hidden_def(set_selinuxmnt)
-
--int context_translations hidden;
--void *translation_lib_handle hidden;
--
--/* from libsetrans.c */
--extern int hidden (*lib_trans_to_raw_context)(char *trans, char **rawp);
--extern int hidden (*lib_raw_to_trans_context)(char *raw, char **transp);
--
--
- static void init_translations(void)
- {
--#ifdef SHARED
-- int (*lib_trans_init)(void) = NULL;
--
-- translation_lib_handle = dlopen("libsetrans.so.0", RTLD_NOW);
-- if (!translation_lib_handle)
-- return;
--
-- dlerror();
--
-- lib_trans_init = dlsym(translation_lib_handle,
-- "init_context_translations");
-- if (dlerror() || lib_trans_init())
-- return;
--
-- lib_raw_to_trans_context = dlsym(translation_lib_handle,
-- "translate_context");
-- if (dlerror())
-- return;
--
-- lib_trans_to_raw_context = dlsym(translation_lib_handle,
-- "untranslate_context");
-- if (dlerror())
-- return;
--
-- context_translations = 1;
--#endif
--}
--
--static void fini_translations(void)
--{
--#ifdef SHARED
-- context_translations = 0;
-- if (translation_lib_handle) {
-- int (*lib_trans_finish)(void) = NULL;
--
-- lib_trans_finish = dlsym(translation_lib_handle,
-- "finish_context_translations");
-- if (! dlerror())
-- lib_trans_finish();
--
-- dlclose(translation_lib_handle);
-- translation_lib_handle = NULL;
-- }
--#endif
-+ init_context_translations();
- }
-
- static void init_lib(void) __attribute__ ((constructor));
- static void init_lib(void)
- {
-+ selinux_page_size = sysconf(_SC_PAGE_SIZE);
- init_selinuxmnt();
- init_translations();
- }
-@@ -141,6 +93,5 @@
- static void fini_lib(void) __attribute__ ((destructor));
- static void fini_lib(void)
- {
-- fini_translations();
- fini_selinuxmnt();
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/lgetfilecon.c libselinux-1.30.3/src/lgetfilecon.c
---- nsalibselinux/src/lgetfilecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/lgetfilecon.c 2006-05-03 10:55:25.000000000 -0400
-@@ -52,14 +52,10 @@
-
- ret = lgetfilecon_raw(path, &rcontext);
-
-- if (context_translations && ret > 0) {
-- if (raw_to_trans_context(rcontext, context)) {
-- *context = NULL;
-- ret = -1;
-- }
-+ if (ret > 0) {
-+ ret = selinux_raw_to_trans_context(rcontext, context);
- freecon(rcontext);
-- } else if (ret > 0)
-- *context = rcontext;
-+ }
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/lsetfilecon.c libselinux-1.30.3/src/lsetfilecon.c
---- nsalibselinux/src/lsetfilecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/lsetfilecon.c 2006-05-03 11:03:50.000000000 -0400
-@@ -18,13 +18,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = lsetfilecon_raw(path, rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchmediacon.c libselinux-1.30.3/src/matchmediacon.c
---- nsalibselinux/src/matchmediacon.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/matchmediacon.c 2006-05-03 11:03:54.000000000 -0400
-@@ -59,13 +59,10 @@
- return -1;
- }
-
-- if (context_translations) {
-- if (raw_to_trans_context(ptr2, con)) {
-- *con = NULL;
-- return -1;
-- }
-- } else
-- *con = strdup(ptr2);
-+ if (selinux_raw_to_trans_context(ptr2, con)) {
-+ *con = NULL;
-+ return -1;
-+ }
-
- return 0;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-1.30.3/src/matchpathcon.c
---- nsalibselinux/src/matchpathcon.c 2006-04-14 07:21:23.000000000 -0400
-+++ libselinux-1.30.3/src/matchpathcon.c 2006-05-03 11:04:01.000000000 -0400
-@@ -591,19 +591,14 @@
- if (myflags & MATCHPATHCON_NOTRANS)
- goto skip_trans;
-
-- if (context_translations) {
-- if (raw_to_trans_context(context, &tmpcon)) {
-- myprintf("%s: line %u has invalid "
-- "context %s\n",
-- path, lineno, context);
-- return 0;
-- }
-- free(context);
-- context = tmpcon;
-- } else {
-- if (STRIP_LEVEL(&context, mls_enabled))
-- return -1;
-+ if (selinux_raw_to_trans_context(context, &tmpcon)) {
-+ myprintf("%s: line %u has invalid "
-+ "context %s\n",
-+ path, lineno, context);
-+ return 0;
- }
-+ free(context);
-+ context = tmpcon;
-
- skip_trans:
- if (myflags & MATCHPATHCON_VALIDATE) {
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.3/src/selinux_internal.h
---- nsalibselinux/src/selinux_internal.h 2005-12-01 10:10:32.000000000 -0500
-+++ libselinux-1.30.3/src/selinux_internal.h 2006-05-03 10:56:53.000000000 -0400
-@@ -65,9 +65,6 @@
- hidden_proto(selinux_translations_path);
- hidden_proto(selinux_getenforcemode);
-
--extern int context_translations hidden;
--extern int hidden trans_to_raw_context(char *trans, char **rawp);
--extern int hidden raw_to_trans_context(char *raw, char **transp);
--
- extern int load_setlocaldefs hidden;
- extern int require_seusers hidden;
-+extern int selinux_page_size hidden;
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-1.30.3/src/selinuxswig.i
---- nsalibselinux/src/selinuxswig.i 2006-04-14 07:21:23.000000000 -0400
-+++ libselinux-1.30.3/src/selinuxswig.i 2006-05-02 13:08:05.000000000 -0400
-@@ -28,9 +28,18 @@
- %typemap(in, numinputs=0) security_context_t *(security_context_t temp) {
- $1 = &temp;
- }
--%typemap(argout) security_context_t * {
-- $result = SWIG_Python_AppendOutput($result, PyString_FromString(*$1));
-+%typemap(argout) security_context_t * (char *temp) {
-+ if (*$1)
-+ temp = *$1;
-+ else
-+ temp = "";
-+ $result = SWIG_Python_AppendOutput($result, PyString_FromString(temp));
-+}
-+
-+%typemap(in) security_context_t {
-+ $1 = (security_context_t)PyString_AsString($input);
- }
-+
- %typedef unsigned mode_t;
-
- extern int is_selinux_enabled(void);
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setcon.c libselinux-1.30.3/src/setcon.c
---- nsalibselinux/src/setcon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/setcon.c 2006-05-03 11:04:05.000000000 -0400
-@@ -32,13 +32,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = setcon_raw(rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setexeccon.c libselinux-1.30.3/src/setexeccon.c
---- nsalibselinux/src/setexeccon.c 2005-08-23 13:34:34.000000000 -0400
-+++ libselinux-1.30.3/src/setexeccon.c 2006-05-03 11:04:09.000000000 -0400
-@@ -28,13 +28,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = setexeccon_raw(rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setfilecon.c libselinux-1.30.3/src/setfilecon.c
---- nsalibselinux/src/setfilecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/setfilecon.c 2006-05-03 11:04:13.000000000 -0400
-@@ -18,13 +18,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = setfilecon_raw(path, rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setfscreatecon.c libselinux-1.30.3/src/setfscreatecon.c
---- nsalibselinux/src/setfscreatecon.c 2005-08-25 11:32:02.000000000 -0400
-+++ libselinux-1.30.3/src/setfscreatecon.c 2006-05-03 11:04:17.000000000 -0400
-@@ -28,13 +28,12 @@
- int ret;
- security_context_t rcontext = context;
-
-- if (context_translations && trans_to_raw_context(context, &rcontext))
-+ if (selinux_trans_to_raw_context(context, &rcontext))
- return -1;
-
- ret = setfscreatecon_raw(rcontext);
-
-- if (context_translations)
-- freecon(rcontext);
-+ freecon(rcontext);
-
- return ret;
- }
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_client.c libselinux-1.30.3/src/setrans_client.c
---- nsalibselinux/src/setrans_client.c 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.30.3/src/setrans_client.c 2006-05-03 10:56:24.000000000 -0400
-@@ -0,0 +1,246 @@
-+/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
-+
-+#include <sys/types.h>
-+#include <sys/socket.h>
-+#include <sys/un.h>
-+
-+#include <errno.h>
-+#include <stdlib.h>
-+#include <netdb.h>
-+
-+#include <stdio.h>
-+#include <string.h>
-+#include <ctype.h>
-+#include <unistd.h>
-+#include <selinux/selinux.h>
-+#include "selinux/setrans.h"
-+#include "dso.h"
-+
-+
-+/*
-+ * setransd_open
-+ *
-+ * This function opens a socket to the setransd.
-+ * Returns: on success, a file descriptor ( >= 0 ) to the socket
-+ * on error, a negative value
-+ */
-+static int
-+setransd_open(void)
-+{
-+ struct sockaddr_un addr;
-+ int fd;
-+
-+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
-+ if (fd < 0) {
-+ return -1;
-+ }
-+
-+ memset(&addr, 0, sizeof(addr));
-+ addr.sun_family = AF_UNIX;
-+ strcpy(addr.sun_path, SETRANS_UNIX_SOCKET);
-+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
-+ close(fd);
-+ return -1;
-+ }
-+
-+ return fd;
-+}
-+
-+/* Returns: 0 on success, <0 on failure */
-+static int
-+send_request(int fd, uint32_t function, const char *data1, const char *data2)
-+{
-+ struct iovec req_hdr[4];
-+ uint32_t data1_size;
-+ uint32_t data2_size;
-+ struct iovec req_data[2];
-+ ssize_t count;
-+
-+ if (fd < 0)
-+ return -1;
-+
-+ if (!data1)
-+ data1 = "";
-+ if (!data2)
-+ data2 = "";
-+
-+ data1_size = strlen(data1) + 1;
-+ data2_size = strlen(data2) + 1;
-+
-+ req_hdr[0].iov_base = &function;
-+ req_hdr[0].iov_len = sizeof(function);
-+ req_hdr[1].iov_base = &data1_size;
-+ req_hdr[1].iov_len = sizeof(data1_size);
-+ req_hdr[2].iov_base = &data2_size;
-+ req_hdr[2].iov_len = sizeof(data2_size);
-+
-+ while (((count = writev(fd, req_hdr, 3)) < 0) && (errno == EINTR));
-+ if (count != (sizeof(function) + sizeof(data1_size) +
-+ sizeof(data2_size) )) {
-+ return -1;
-+ }
-+
-+ req_data[0].iov_base = (char *)data1;
-+ req_data[0].iov_len = data1_size;
-+ req_data[1].iov_base = (char *)data2;
-+ req_data[1].iov_len = data2_size;
-+
-+ while (((count = writev(fd, req_data, 2)) < 0) && (errno == EINTR));
-+ if (count < 0 || (uint32_t)count != (data1_size + data2_size)) {
-+ return -1;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Returns: 0 on success, <0 on failure */
-+static int
-+receive_response(int fd, uint32_t function, char **outdata, int32_t *ret_val)
-+{
-+ struct iovec resp_hdr[3];
-+ uint32_t func;
-+ uint32_t data_size;
-+ char *data;
-+ struct iovec resp_data;
-+ ssize_t count;
-+
-+ if (fd < 0)
-+ return -1;
-+
-+ resp_hdr[0].iov_base = &func;
-+ resp_hdr[0].iov_len = sizeof(func);
-+ resp_hdr[1].iov_base = &data_size;
-+ resp_hdr[1].iov_len = sizeof(data_size);
-+ resp_hdr[2].iov_base = ret_val;
-+ resp_hdr[2].iov_len = sizeof(*ret_val);
-+
-+ while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR));
-+ if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
-+ return -1;
-+ }
-+
-+ if (func != function || !data_size) {
-+ return -1;
-+ }
-+
-+ data = malloc(data_size);
-+ if (!data) {
-+ return -1;
-+ }
-+
-+ resp_data.iov_base = data;
-+ resp_data.iov_len = data_size;
-+
-+ while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR));
-+ if (count < 0 || (uint32_t)count != data_size || data[data_size - 1] != '\0') {
-+ free(data);
-+ return -1;
-+ }
-+
-+ *outdata = data;
-+ return 0;
-+}
-+
-+static int raw_to_trans_context(char *raw, char **transp)
-+{
-+ int ret;
-+ int32_t ret_val;
-+ int fd;
-+
-+ *transp = NULL;
-+
-+ fd = setransd_open();
-+ if (fd < 0)
-+ return fd;
-+
-+ ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
-+ if (ret)
-+ goto out;
-+
-+ ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
-+ if (ret)
-+ goto out;
-+
-+ ret = ret_val;
-+out:
-+ close(fd);
-+ return ret;
-+}
-+
-+static int trans_to_raw_context(char *trans, char **rawp)
-+{
-+ int ret;
-+ int32_t ret_val;
-+ int fd;
-+
-+ *rawp = NULL;
-+
-+ fd = setransd_open();
-+ if (fd < 0)
-+ return fd;
-+ ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
-+ if (ret)
-+ goto out;
-+
-+ ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
-+ if (ret)
-+ goto out;
-+
-+ ret = ret_val;
-+out:
-+ close(fd);
-+ return ret_val;
-+}
-+
-+
-+int
-+init_context_translations(void)
-+{
-+ int ret, fd;
-+ int32_t ret_val;
-+ char *out = NULL;
-+
-+ fd = setransd_open();
-+ if (fd < 0)
-+ return fd;
-+
-+ ret = send_request(fd, SETRANS_INIT, NULL, NULL);
-+ if (ret)
-+ goto out;
-+
-+ ret = receive_response(fd, SETRANS_INIT, &out, &ret_val);
-+ free(out);
-+ if (!ret)
-+ ret = ret_val;
-+out:
-+ close(fd);
-+ return ret;
-+}
-+
-+
-+int selinux_trans_to_raw_context(security_context_t trans,
-+ security_context_t *rawp)
-+{
-+ if (!trans) {
-+ *rawp = NULL;
-+ return 0;
-+ }
-+
-+ if (trans_to_raw_context(trans, rawp))
-+ *rawp = strdup(trans);
-+ return *rawp ? 0 : -1;
-+}
-+
-+int selinux_raw_to_trans_context(security_context_t raw,
-+ security_context_t *transp)
-+{
-+ if (!raw) {
-+ *transp = NULL;
-+ return 0;
-+ }
-+
-+ if (raw_to_trans_context(raw, transp))
-+ *transp = strdup(raw);
-+
-+ return *transp ? 0 : -1;
-+}
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_internal.h libselinux-1.30.3/src/setrans_internal.h
---- nsalibselinux/src/setrans_internal.h 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.30.3/src/setrans_internal.h 2006-05-03 09:18:19.000000000 -0400
-@@ -0,0 +1,8 @@
-+/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
-+
-+#define SETRANS_UNIX_SOCKET "/var/.setrans-unix"
-+
-+#define SETRANS_INIT 1
-+#define RAW_TO_TRANS_CONTEXT 2
-+#define TRANS_TO_RAW_CONTEXT 3
-+
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/trans.c libselinux-1.30.3/src/trans.c
---- nsalibselinux/src/trans.c 2005-08-31 12:33:10.000000000 -0400
-+++ libselinux-1.30.3/src/trans.c 1969-12-31 19:00:00.000000000 -0500
-@@ -1,59 +0,0 @@
--#include "selinux_internal.h"
--#include <string.h>
--
--int (*lib_trans_to_raw_context)(char *trans, char **rawp) hidden;
--int (*lib_raw_to_trans_context)(char *raw, char **transp) hidden;
--
--int hidden trans_to_raw_context(char *trans, char **rawp)
--{
-- *rawp = NULL;
-- if (!trans)
-- return 0;
--
-- if (trans && lib_trans_to_raw_context(trans, rawp))
-- *rawp = strdup(trans);
--
-- return *rawp ? 0 : -1;
--}
--
--int selinux_trans_to_raw_context(security_context_t trans,
-- security_context_t *rawp)
--{
-- if (context_translations)
-- return trans_to_raw_context(trans, rawp);
--
-- if (!trans) {
-- *rawp = NULL;
-- return 0;
-- }
--
-- *rawp = strdup(trans);
-- return *rawp ? 0 : -1;
--}
--
--int hidden raw_to_trans_context(char *raw, char **transp)
--{
-- *transp = NULL;
-- if (!raw)
-- return 0;
--
-- if (raw && lib_raw_to_trans_context(raw, transp))
-- *transp = strdup(raw);
--
-- return *transp ? 0 : -1;
--}
--
--int selinux_raw_to_trans_context(security_context_t raw,
-- security_context_t *transp)
--{
-- if (context_translations)
-- return raw_to_trans_context(raw, transp);
--
-- if (!raw) {
-- *transp = NULL;
-- return 0;
-- }
--
-- *transp = strdup(raw);
-- return *transp ? 0 : -1;
--}
Index: libselinux.spec
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.191
retrieving revision 1.192
diff -u -r1.191 -r1.192
--- libselinux.spec 8 May 2006 15:04:16 -0000 1.191
+++ libselinux.spec 9 May 2006 19:13:08 -0000 1.192
@@ -2,13 +2,14 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 1.30.6
-Release: 1
+Release: 2
License: Public domain (uncopyrighted)
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: libselinux-rhat.patch
BuildRequires: libsepol-devel >= %{libsepolver}
-Requires: libsepol >= %{libsepolver}
+Requires: libsepol >= %{libsepolver} setransd
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
@@ -48,6 +49,7 @@
%prep
%setup -q
+%patch -p1 -b .rhat
%build
make clean
@@ -110,6 +112,9 @@
%{_libdir}/python*/site-packages/selinux.py*
%changelog
+* Tue May 9 2006 Dan Walsh <dwalsh at redhat.com> 1.30.6-2
+- Add Russell's AVC patch to handle large numbers
+
* Mon May 8 2006 Dan Walsh <dwalsh at redhat.com> 1.30.6-1
- Upgrade to latest from NSA
* Merged getfscreatecon man page fix from Dan Walsh.
More information about the fedora-cvs-commits
mailing list