rpms/rpm/devel rpm-4.4.2.2-matchpathcon.patch, NONE, 1.1 .cvsignore, 1.21, 1.22 rpm.spec, 1.259, 1.260 sources, 1.127, 1.128

Panu Matilainen (pmatilai) fedora-extras-commits at redhat.com
Wed Oct 3 10:56:59 UTC 2007 

Author: pmatilai

Update of /cvs/pkgs/rpms/rpm/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24652

Modified Files:
	.cvsignore rpm.spec sources 
Added Files:
	rpm-4.4.2.2-matchpathcon.patch 
Log Message:
- update to 4.4.2.2 final
- update matchpathcon patch to work better when selinux disabled
- resolves #251400, #315271, #296731, #308171, #305221, #295941


rpm-4.4.2.2-matchpathcon.patch:

--- NEW FILE rpm-4.4.2.2-matchpathcon.patch ---
diff -up rpm-4.4.2.2-rc2/python/Makefile.am.matchpathcon rpm-4.4.2.2-rc2/python/Makefile.am
--- rpm-4.4.2.2-rc2/python/Makefile.am.matchpathcon	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2-rc2/python/Makefile.am	2007-09-27 11:05:29.000000000 +0300
@@ -34,7 +34,8 @@ mylibs= \
 	$(top_builddir)/rpmdb/librpmdb.la \
 	$(top_builddir)/rpmio/librpmio.la \
 	@WITH_POPT_LIB@ \
-	@WITH_LIBELF_LIB@
+	@WITH_LIBELF_LIB@ \
+	@WITH_SELINUX_LIB@
 
 LDADD =
 
diff -up rpm-4.4.2.2-rc2/python/rpmts-py.c.matchpathcon rpm-4.4.2.2-rc2/python/rpmts-py.c
--- rpm-4.4.2.2-rc2/python/rpmts-py.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2-rc2/python/rpmts-py.c	2007-09-27 11:25:29.000000000 +0300
@@ -1187,17 +1187,13 @@ rpmts_Run(rpmtsObject * s, PyObject * ar
     }
 
     /* Initialize security context patterns (if not already done). */
-    if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
-	rpmsx sx = rpmtsREContext(s->ts);
-	if (sx == NULL) {
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-	    if (fn != NULL && *fn != '\0') {
-		sx = rpmsxNew(fn);
-		(void) rpmtsSetREContext(s->ts, sx);
-	    }
-	    fn = _free(fn);
+    if (rpmtsSELinuxEnabled(s->ts) &&
+	!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
+	const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+	if (fn != NULL && *fn != '\0') {
+                matchpathcon_init(fn);
 	}
-	sx = rpmsxFree(sx);
+	fn = _free(fn);
     } 
 
 if (_rpmts_debug)
diff -up rpm-4.4.2.2-rc2/build/Makefile.am.matchpathcon rpm-4.4.2.2-rc2/build/Makefile.am
--- rpm-4.4.2.2-rc2/build/Makefile.am.matchpathcon	2007-09-11 09:28:12.000000000 +0300
+++ rpm-4.4.2.2-rc2/build/Makefile.am	2007-09-27 11:05:29.000000000 +0300
@@ -35,6 +35,7 @@ librpmbuild_la_LDFLAGS = -release 4.4 $(
 	$(top_builddir)/lib/librpm.la \
 	$(top_builddir)/rpmdb/librpmdb.la \
 	$(top_builddir)/rpmio/librpmio.la \
+	@WITH_SELINUX_LIB@ \
 	@WITH_LIBELF_LIB@
 
 rpmfile.h:
diff -up rpm-4.4.2.2-rc2/build/files.c.matchpathcon rpm-4.4.2.2-rc2/build/files.c
--- rpm-4.4.2.2-rc2/build/files.c.matchpathcon	2007-09-11 09:28:12.000000000 +0300
+++ rpm-4.4.2.2-rc2/build/files.c	2007-09-27 11:05:29.000000000 +0300
@@ -23,7 +23,7 @@
 #define	_RPMFI_INTERNAL
 #include "rpmfi.h"
 
-#include "rpmsx.h"
+#include <selinux/selinux.h>
 
 #define	_RPMTE_INTERNAL
 #include "rpmte.h"
@@ -1136,7 +1136,7 @@ static void genCpioListAndHeader(/*@part
     int apathlen = 0;
     int dpathlen = 0;
     int skipLen = 0;
-    rpmsx sx = NULL;
+    security_context_t scon = NULL;
     const char * sxfn;
     size_t fnlen;
     FileListRec flp;
@@ -1156,7 +1156,7 @@ static void genCpioListAndHeader(/*@part
 
     sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
     if (sxfn != NULL && *sxfn != '\0')
-   	sx = rpmsxNew(sxfn);
+   	matchpathcon_init(sxfn);
 
     for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
 	const char *s;
@@ -1338,18 +1338,19 @@ static void genCpioListAndHeader(/*@part
 			       &(flp->flags), 1);
 
 	/* Add file security context to package. */
-/*@-branchstate@*/
-	if (sx != NULL) {
-	    mode_t fmode = (uint_16)flp->fl_mode;
-	    s = rpmsxFContext(sx, flp->fileURL, fmode);
-	    if (s == NULL) s = "";
-	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
-			       &s, 1);
-	}
-/*@=branchstate@*/
+	mode_t fmode = (uint_16)flp->fl_mode;
+	int rc = matchpathcon(flp->fileURL, fmode, &scon);
+        if ( rc == 0 && scon != NULL) {
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &scon, 1);
+	    freecon(scon);
+        }
+        else  {
+            const char *nocon = "";
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &nocon, 1);
+        }
+
 
     }
-    sx = rpmsxFree(sx);
     sxfn = _free(sxfn);
 
     (void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
diff -up rpm-4.4.2.2-rc2/lib/fsm.c.matchpathcon rpm-4.4.2.2-rc2/lib/fsm.c
--- rpm-4.4.2.2-rc2/lib/fsm.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2-rc2/lib/fsm.c	2007-09-27 11:28:30.000000000 +0300
@@ -634,12 +634,11 @@ static int fsmMapFContext(FSM_t fsm)
     if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
 	!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
     {
-	rpmsx sx = rpmtsREContext(ts);
+	security_context_t scon = NULL;
 
-	if (sx != NULL) {
+	if ( matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL) {
 	    /* Get file security context from patterns. */
-	    fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
-	    sx = rpmsxFree(sx);
+	    fsm->fcontext = scon;
 	} else {
 	    int i = fsm->ix;
 
@@ -1277,7 +1276,7 @@ static int fsmMkdirs(/*@special@*/ /*@pa
 /*@-compdef@*/
     rpmts ts = fsmGetTs(fsm);
 /*@=compdef@*/
-    rpmsx sx = rpmtsREContext(ts);
+    security_context_t scon = NULL;
 
     fsm->path = NULL;
 
@@ -1341,10 +1340,15 @@ static int fsmMkdirs(/*@special@*/ /*@pa
 		if (!rc) {
 		    /* XXX FIXME? only new dir will have context set. */
 		    /* Get file security context from patterns. */
-		    if (sx != NULL) {
-			fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
-			rc = fsmNext(fsm, FSM_LSETFCON);
+		    if (rpmtsSELinuxEnabled(ts) &&
+			! rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS) {
+			if (matchpathcon(fsm->path, st->st_mode, &scon) == 0 &&
+			    scon != NULL) {
+				fsm->fcontext = scon;
+				rc = fsmNext(fsm, FSM_LSETFCON);
+			}
 		    }
+			
 		    if (fsm->fcontext == NULL)
 			rpmMessage(RPMMESS_DEBUG,
 			    _("%s directory created with perms %04o, no context.\n"),
@@ -1377,7 +1381,6 @@ static int fsmMkdirs(/*@special@*/ /*@pa
     }
 /*@=boundswrite@*/
     dnli = dnlFreeIterator(dnli);
-    sx = rpmsxFree(sx);
     /*@=observertrans =dependenttrans@*/
 
     fsm->path = path;
diff -up rpm-4.4.2.2-rc2/lib/rpmfi.c.matchpathcon rpm-4.4.2.2-rc2/lib/rpmfi.c
--- rpm-4.4.2.2-rc2/lib/rpmfi.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2-rc2/lib/rpmfi.c	2007-09-27 11:05:29.000000000 +0300
@@ -16,7 +16,7 @@
 #define	_RPMFI_INTERNAL
 #include "rpmfi.h"
 
-#include "rpmsx.h"
+#include <selinux/selinux.h>
 
 #define	_RPMTE_INTERNAL	/* relocations */
 #include "rpmte.h"
@@ -1697,8 +1697,8 @@ void rpmfiBuildREContexts(Header h,
 {
     int scareMem = 0;
     rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
-    rpmsx sx = NULL;
     const char ** av = NULL;
+    const char * myfn = rpmGetPath("%{?__file_context_path}", NULL);
     int ac;
     size_t nb;
     char * t;
@@ -1712,7 +1712,7 @@ void rpmfiBuildREContexts(Header h,
     }
 
     /* Read security context patterns. */
-    sx = rpmsxNew(NULL);
+    matchpathcon_init(myfn);
 
     /* Compute size of argv array blob, concatenating file contexts. */
     nb = ac * sizeof(*fcnb);
@@ -1723,10 +1723,9 @@ void rpmfiBuildREContexts(Header h,
     while (rpmfiNext(fi) >= 0) {
 	const char * fn = rpmfiFN(fi);
 	mode_t fmode = rpmfiFMode(fi);
-	const char * scon;
+	security_context_t scon;
 
-	scon = rpmsxFContext(sx, fn, fmode);
-	if (scon != NULL) {
+	if (matchpathcon(fn, fmode, &scon) == 0) {
 	    fcnb[ac] = strlen(scon) + 1;
 /*@-branchstate@*/
 	    if (fcnb[ac] > 0) {
@@ -1734,6 +1733,7 @@ void rpmfiBuildREContexts(Header h,
 		memcpy(fctxt+fctxtlen, scon, fcnb[ac]);
 		fctxtlen += fcnb[ac];
 	    }
+            freecon(scon); 
 /*@=branchstate@*/
 	}
 	ac++;
@@ -1759,7 +1759,6 @@ void rpmfiBuildREContexts(Header h,
 
 exit:
     fi = rpmfiFree(fi);
-    sx = rpmsxFree(sx);
     /*@-branchstate@*/
     if (fcontextp)
 	*fcontextp = av;
diff -up rpm-4.4.2.2-rc2/lib/rpminstall.c.matchpathcon rpm-4.4.2.2-rc2/lib/rpminstall.c
--- rpm-4.4.2.2-rc2/lib/rpminstall.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2-rc2/lib/rpminstall.c	2007-09-27 11:27:46.000000000 +0300
@@ -309,17 +309,12 @@ int rpmInstall(rpmts ts,
 	ia->transFlags |= RPMTRANS_FLAG_REPACKAGE;
 
     /* Initialize security context patterns (if not already done). */
-    if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
-	rpmsx sx = rpmtsREContext(ts);
-	if (sx == NULL) {
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-	    if (fn != NULL && *fn != '\0') {
-		sx = rpmsxNew(fn);
-		(void) rpmtsSetREContext(ts, sx);
-	    }
-	    fn = _free(fn);
-	}
-	sx = rpmsxFree(sx);
+    if (rpmtsSELinuxEnabled(ts) &&
+	!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
+            const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+            if (fn != NULL && *fn != '\0') {
+                    matchpathcon_init(fn);
+            }
     }
     (void) rpmtsSetFlags(ts, ia->transFlags);
 


Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/rpm/devel/.cvsignore,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- .cvsignore	11 Sep 2007 07:27:05 -0000	1.21
+++ .cvsignore	3 Oct 2007 10:56:24 -0000	1.22
@@ -1 +1 @@
-rpm-4.4.2.2-rc2.tar.gz
+rpm-4.4.2.2.tar.gz


Index: rpm.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rpm/devel/rpm.spec,v
retrieving revision 1.259
retrieving revision 1.260
diff -u -r1.259 -r1.260
--- rpm.spec	11 Sep 2007 07:27:05 -0000	1.259
+++ rpm.spec	3 Oct 2007 10:56:24 -0000	1.260
@@ -6,16 +6,16 @@
 Summary: The RPM package management system
 Name: rpm
 Version: 4.4.2.2
-Release: 0.5.rc2
+Release: 1%{?dist}
 Group: System Environment/Base
 Url: http://www.rpm.org/
-Source: %{name}-%{version}-rc2.tar.gz
+Source: %{name}-%{version}.tar.gz
 Patch1: rpm-4.4.1-prereq.patch
 Patch2: rpm-4.4.2-ghost-conflicts.patch
 Patch3: rpm-4.4.2-trust.patch
 Patch4: rpm-4.4.2-devel-autodep.patch
 Patch5: rpm-4.4.2-rpmfc-skip.patch
-Patch6: rpm-4.4.2-matchpathcon.patch
+Patch6: rpm-4.4.2.2-matchpathcon.patch
 Patch7: rpm-4.4.2.1-no-popt.patch
 
 # XXX Beware, this is one murky license, partially GPL/LGPL dual-licensed
@@ -131,7 +131,7 @@
 %endif
 
 %prep
-%setup -q -n %{name}-%{version}-rc2
+%setup -q -n %{name}-%{version}
 %patch1 -p1 -b .prereq
 %patch2 -p1 -b .ghostconflicts
 %patch3 -p1 -b .trust
@@ -401,6 +401,11 @@
 %endif
 
 %changelog
+* Wed Oct 03 2007 Panu Matilainen <pmatilai at redhat.com> 4.4.2.2-1
+- update to 4.4.2.2 final
+- update matchpathcon patch to work better when selinux disabled
+- resolves #251400, #315271, #296731, #308171, #305221, #295941
+
 * Tue Sep 11 2007 Panu Matilainen <pmatilai at redhat.com> 4.4.2.2-0.5.rc2
 - 4.4.2.2-rc2
 - resolves #180996, #281611, #259961, #277161, #155079


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/rpm/devel/sources,v
retrieving revision 1.127
retrieving revision 1.128
diff -u -r1.127 -r1.128
--- sources	11 Sep 2007 07:27:05 -0000	1.127
+++ sources	3 Oct 2007 10:56:24 -0000	1.128
@@ -1 +1 @@
-75c0be2051be684e5f0b1517c4269aa3  rpm-4.4.2.2-rc2.tar.gz
+15faa7ebd9791ade1a2f8181821ac259  rpm-4.4.2.2.tar.gz

More information about the fedora-extras-commits mailing list