rpms/libselinux/devel .cvsignore, 1.173, 1.174 libselinux-rhat.patch, 1.159, 1.160 libselinux.spec, 1.336, 1.337 sources, 1.175, 1.176
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Fri Aug 1 10:57:07 UTC 2008
- Previous message (by thread): rpms/acl/F-9 acl-2.2.47-params.patch,NONE,1.1 acl.spec,1.48,1.49
- Next message (by thread): rpms/iwl5000-firmware/F-8 import.log, NONE, 1.1 iwl5000-firmware.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/libselinux/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1022
Modified Files:
.cvsignore libselinux-rhat.patch libselinux.spec sources
Log Message:
* Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.70-1
- Update to Upstream
* Merge ruby bindings from Dan Walsh.
- Add support for Linux groups to getseuserbyname
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/.cvsignore,v
retrieving revision 1.173
retrieving revision 1.174
diff -u -r1.173 -r1.174
--- .cvsignore 29 Jul 2008 13:22:45 -0000 1.173
+++ .cvsignore 1 Aug 2008 10:56:37 -0000 1.174
@@ -154,3 +154,4 @@
libselinux-2.0.65.tgz
libselinux-2.0.67.tgz
libselinux-2.0.69.tgz
+libselinux-2.0.70.tgz
libselinux-rhat.patch:
Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.159
retrieving revision 1.160
diff -u -r1.159 -r1.160
--- libselinux-rhat.patch 29 Jul 2008 18:37:01 -0000 1.159
+++ libselinux-rhat.patch 1 Aug 2008 10:56:37 -0000 1.160
@@ -1,29 +1,22 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.69/Makefile
---- nsalibselinux/Makefile 2008-06-12 23:25:14.000000000 -0400
-+++ libselinux-2.0.69/Makefile 2008-07-29 14:21:44.000000000 -0400
-@@ -29,6 +29,9 @@
- pywrap:
- $(MAKE) -C src pywrap
-
-+rubywrap:
-+ $(MAKE) -C src rubywrap
-+
- install:
- $(MAKE) -C include install
- $(MAKE) -C src install
-@@ -38,6 +41,9 @@
- install-pywrap:
- $(MAKE) -C src install-pywrap
-
-+install-rubywrap:
-+ $(MAKE) -C src install-rubywrap
-+
- relabel:
- $(MAKE) -C src relabel
-
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.69/man/man8/selinuxconlist.8
+diff --exclude-from=exclude -N -u -r nsalibselinux/ChangeLog libselinux-2.0.70/ChangeLog
+--- nsalibselinux/ChangeLog 2008-08-01 06:48:06.000000000 -0400
++++ libselinux-2.0.70/ChangeLog 2008-08-01 06:51:25.000000000 -0400
+@@ -1,6 +1,3 @@
+-2.0.70 2008-07-30
+- * Merge ruby bindings from Dan Walsh.
+-
+ 2.0.69 2008-07-29
+ * Handle duplicate file context regexes as a fatal error from Stephen Smalley.
+ This prevents adding them via semanage.
+diff --exclude-from=exclude -N -u -r nsalibselinux/VERSION libselinux-2.0.70/VERSION
+--- nsalibselinux/VERSION 2008-08-01 06:48:06.000000000 -0400
++++ libselinux-2.0.70/VERSION 2008-08-01 06:51:25.000000000 -0400
+@@ -1 +1 @@
+-2.0.70
++2.0.69
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.70/man/man8/selinuxconlist.8
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.69/man/man8/selinuxconlist.8 2008-07-29 14:07:37.000000000 -0400
++++ libselinux-2.0.70/man/man8/selinuxconlist.8 2008-08-01 06:51:25.000000000 -0400
@@ -0,0 +1,18 @@
+.TH "selinuxconlist" "1" "7 May 2008" "dwalsh at redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
@@ -43,9 +36,9 @@
+
+.SH "SEE ALSO"
+secon(8), selinuxdefcon(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.69/man/man8/selinuxdefcon.8
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.70/man/man8/selinuxdefcon.8
--- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.69/man/man8/selinuxdefcon.8 2008-07-29 14:07:37.000000000 -0400
++++ libselinux-2.0.70/man/man8/selinuxdefcon.8 2008-08-01 06:51:25.000000000 -0400
@@ -0,0 +1,19 @@
+.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh at redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
@@ -66,110 +59,9 @@
+
+.SH "SEE ALSO"
+secon(8), selinuxconlist(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.69/src/Makefile
---- nsalibselinux/src/Makefile 2008-06-22 09:40:25.000000000 -0400
-+++ libselinux-2.0.69/src/Makefile 2008-07-29 14:15:39.000000000 -0400
-@@ -7,16 +7,24 @@
- PYINC ?= /usr/include/$(PYLIBVER)
- PYLIB ?= /usr/lib/$(PYLIBVER)
- PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-+RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
-+RUBYPLATFORM ?= $(shell ruby -e 'print RUBY_PLATFORM')
-+RUBYINC ?= $(LIBDIR)/ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
-+RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
-
- LIBVERSION = 1
-
- LIBA=libselinux.a
- TARGET=libselinux.so
- SWIGIF= selinuxswig_python.i
-+SWIGRUBYIF= selinuxswig_ruby.i
- SWIGCOUT= selinuxswig_wrap.c
-+SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
- SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
-+SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
- SWIGSO=_selinux.so
- SWIGFILES=$(SWIGSO) selinux.py
-+SWIGRUBYSO=_rubyselinux.so
- LIBSO=$(TARGET).$(LIBVERSION)
- AUDIT2WHYSO=audit2why.so
-
-@@ -29,7 +37,9 @@
- ifeq ($(DISABLE_RPM),y)
- UNUSED_SRCS+=rpm.c
- endif
--SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(SWIGCOUT),$(wildcard *.c)))
-+
-+GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT)
-+SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(GENERATED),$(wildcard *.c)))
-
- OBJS= $(patsubst %.c,%.o,$(SRCS))
- LOBJS= $(patsubst %.c,%.lo,$(SRCS))
-@@ -44,12 +54,14 @@
-
- SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
-
--GENERATED=$(SWIGCOUT)
-+SWIGRUBY = swig -Wall -ruby -o $(SWIGRUBYCOUT) -outdir ./
-
- all: $(LIBA) $(LIBSO)
-
- pywrap: all $(SWIGSO) $(AUDIT2WHYSO)
-
-+rubywrap: all $(SWIGRUBYSO)
-+
- $(LIBA): $(OBJS)
- $(AR) rcs $@ $^
- $(RANLIB) $@
-@@ -57,9 +69,15 @@
- $(SWIGLOBJ): $(SWIGCOUT)
- $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
-
-+$(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
-+ $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $<
-+
- $(SWIGSO): $(SWIGLOBJ)
- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
-
-+$(SWIGRUBYSO): $(SWIGRUBYLOBJ)
-+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
-+
- $(LIBSO): $(LOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
- ln -sf $@ $(TARGET)
-@@ -79,6 +97,9 @@
- $(SWIGCOUT): $(SWIGIF)
- $(SWIG) $^
-
-+$(SWIGRUBYCOUT): $(SWIGRUBYIF)
-+ $(SWIGRUBY) $^
-+
- swigify: $(SWIGIF)
- $(SWIG) $^
-
-@@ -95,6 +116,10 @@
- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
- install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
-
-+install-rubywrap: rubywrap
-+ test -d $(RUBYINSTALL) || install -m 755 -d $(RUBYINSTALL)
-+ install -m 755 $(SWIGRUBYSO) $(RUBYINSTALL)/selinux.so
-+
- relabel:
- /sbin/restorecon $(SHLIBDIR)/$(LIBSO)
-
-@@ -102,7 +127,7 @@
- -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~
-
- distclean: clean
-- rm -f $(SWIGCOUT) $(SWIGFILES)
-+ rm -f $(GENERATED) $(SWIGFILES)
-
- indent:
- ../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.69/src/callbacks.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.70/src/callbacks.c
--- nsalibselinux/src/callbacks.c 2008-06-12 23:25:14.000000000 -0400
-+++ libselinux-2.0.69/src/callbacks.c 2008-07-29 14:07:37.000000000 -0400
++++ libselinux-2.0.70/src/callbacks.c 2008-08-01 06:51:25.000000000 -0400
@@ -16,6 +16,7 @@
{
int rc;
@@ -178,9 +70,9 @@
va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap);
va_end(ap);
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.69/src/matchpathcon.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.70/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c 2008-06-12 23:25:14.000000000 -0400
-+++ libselinux-2.0.69/src/matchpathcon.c 2008-07-29 14:07:37.000000000 -0400
++++ libselinux-2.0.70/src/matchpathcon.c 2008-08-01 06:51:25.000000000 -0400
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
@@ -198,59 +90,142 @@
va_end(ap);
}
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_ruby.i libselinux-2.0.69/src/selinuxswig_ruby.i
---- nsalibselinux/src/selinuxswig_ruby.i 1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.69/src/selinuxswig_ruby.i 2008-07-29 14:17:14.000000000 -0400
-@@ -0,0 +1,52 @@
-+/* Author: Dan Walsh
-+ Based on selinuxswig_python.i by James Athey
-+ */
-+
-+%module selinux
-+%{
-+ #include "selinux/selinux.h"
-+%}
-+
-+/* return a sid along with the result */
-+%typemap(argout) (security_id_t * sid) {
-+ if (*$1) {
-+ %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0));
-+ }
-+}
-+
-+%typemap(in,numinputs=0) security_id_t *(security_id_t temp) {
-+ $1 = &temp;
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-2.0.70/src/seusers.c
+--- nsalibselinux/src/seusers.c 2008-06-12 23:25:14.000000000 -0400
++++ libselinux-2.0.70/src/seusers.c 2008-08-01 06:53:03.000000000 -0400
+@@ -89,6 +89,62 @@
+
+ int require_seusers hidden = 0;
+
++#include <pwd.h>
++#include <grp.h>
++
++static gid_t get_default_gid(const char *name) {
++ struct passwd pwstorage, *pwent = NULL;
++ gid_t gid = -1;
++ /* Allocate space for the getpwnam_r buffer */
++ long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
++ if (rbuflen <= 0) return -1;
++ char *rbuf = malloc(rbuflen);
++ if (rbuf == NULL) return -1;
++
++ int retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent);
++ if (retval == 0 || pwent != NULL) {
++ gid = pwent->pw_gid;
++ }
++ free(rbuf);
++ return gid;
+}
+
-+%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) {
-+ $1 = &temp;
-+}
-+%typemap(freearg,match="in") security_context_t * "";
-+%typemap(argout,noblock=1) security_context_t * {
-+ if (*$1) {
-+ %append_output(SWIG_FromCharPtr(*$1));
-+ freecon(*$1);
++static int check_group(const char *group, const char *name, const gid_t gid) {
++ int match = 0;
++ int i, ng = 0;
++ gid_t *groups = NULL;
++ struct group gbuf, *grent = NULL;
++
++ long rbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
++ if (rbuflen <= 0)
++ return 0;
++ char *rbuf = malloc(rbuflen);
++ if (rbuf == NULL)
++ return 0;
++
++ if (getgrnam_r(group, &gbuf, rbuf, rbuflen,
++ &grent) != 0)
++ goto done;
++
++ if (getgrouplist(name, gid, NULL, &ng) < 0) {
++ groups = (gid_t *) malloc(sizeof (gid_t) * ng);
++ if (!groups) goto done;
++ if (getgrouplist(name, gid, groups, &ng) < 0) goto done;
+ }
-+}
+
-+%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
-+ $1 = &temp;
-+}
-+%typemap(freearg,match="in") char ** "";
-+%typemap(argout,noblock=1) char ** {
-+ if (*$1) {
-+ %append_output(SWIG_FromCharPtr(*$1));
-+ free(*$1);
++ for (i = 0; i < ng; i++) {
++ if (grent->gr_gid == groups[i]) {
++ match = 1;
++ goto done;
++ }
+ }
++
++ done:
++ free(groups);
++ free(rbuf);
++ return match;
+}
+
-+%typemap(freearg,match="in") char * const [] {
-+ int i = 0;
-+ while($1[i]) {
-+ free($1[i]);
-+ i++;
+ int getseuserbyname(const char *name, char **r_seuser, char **r_level)
+ {
+ FILE *cfg = NULL;
+@@ -101,9 +157,14 @@
+ char *username = NULL;
+ char *seuser = NULL;
+ char *level = NULL;
++ char *groupseuser = NULL;
++ char *grouplevel = NULL;
+ char *defaultseuser = NULL;
+ char *defaultlevel = NULL;
+
++ gid_t gid = get_default_gid(name);
++ if ( gid == (gid_t) -1 ) goto nomatch;
++
+ cfg = fopen(selinux_usersconf_path(), "r");
+ if (!cfg)
+ goto nomatch;
+@@ -124,31 +185,48 @@
+ if (!strcmp(username, name))
+ break;
+
+- if (!defaultseuser && !strcmp(username, "__default__")) {
+- free(username);
+- defaultseuser = seuser;
+- defaultlevel = level;
++ if (username[0] == '%' &&
++ !groupseuser &&
++ check_group(&username[1], name, gid)) {
++ groupseuser = seuser;
++ grouplevel = level;
+ } else {
+- free(username);
+- free(seuser);
+- free(level);
++ if (!defaultseuser &&
++ !strcmp(username, "__default__")) {
++ defaultseuser = seuser;
++ defaultlevel = level;
++ } else {
++ free(seuser);
++ free(level);
++ }
+ }
++ free(username);
++ username = NULL;
+ seuser = NULL;
+ }
+
+- if (buffer)
+- free(buffer);
++ free(buffer);
+ fclose(cfg);
+
+ if (seuser) {
+ free(username);
+ free(defaultseuser);
+ free(defaultlevel);
++ free(groupseuser);
++ free(grouplevel);
+ *r_seuser = seuser;
+ *r_level = level;
+ return 0;
+ }
+
++ if (groupseuser) {
++ free(defaultseuser);
++ free(defaultlevel);
++ *r_seuser = groupseuser;
++ *r_level = grouplevel;
++ return 0;
+ }
-+ free($1);
-+}
+
-+%include "selinuxswig.i"
+ if (defaultseuser) {
+ *r_seuser = defaultseuser;
+ *r_level = defaultlevel;
Index: libselinux.spec
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.336
retrieving revision 1.337
diff -u -r1.336 -r1.337
--- libselinux.spec 29 Jul 2008 18:37:01 -0000 1.336
+++ libselinux.spec 1 Aug 2008 10:56:37 -0000 1.337
@@ -4,8 +4,8 @@
Summary: SELinux library and simple utilities
Name: libselinux
-Version: 2.0.69
-Release: 2%{?dist}
+Version: 2.0.70
+Release: 1%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -152,6 +152,14 @@
%{ruby_sitearch}/selinux.so
%changelog
+* Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.70-1
+- Update to Upstream
+ * Merge ruby bindings from Dan Walsh.
+- Add support for Linux groups to getseuserbyname
+
+* Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.69-2
+- Allow group handling in getseuser call
+
* Tue Jul 29 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.69-1
- Update to Upstream
* Handle duplicate file context regexes as a fatal error from Stephen Smalley.
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/sources,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- sources 29 Jul 2008 13:22:45 -0000 1.175
+++ sources 1 Aug 2008 10:56:37 -0000 1.176
@@ -1 +1 @@
-df1da9cc1131fa5ce102928ce1cd910b libselinux-2.0.69.tgz
+46464eff4dd1d432d9f74cebebe222c5 libselinux-2.0.70.tgz
- Previous message (by thread): rpms/acl/F-9 acl-2.2.47-params.patch,NONE,1.1 acl.spec,1.48,1.49
- Next message (by thread): rpms/iwl5000-firmware/F-8 import.log, NONE, 1.1 iwl5000-firmware.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list