diff --git a/libselinux-3.4.tar.gz b/libselinux-3.4.tar.gz deleted file mode 100644 index 0fd200d..0000000 --- a/libselinux-3.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:77c294a927e6795c2e98f74b5c3adde9c8839690e9255b767c5fca6acff9b779 -size 210061 diff --git a/libselinux-3.4.tar.gz.asc b/libselinux-3.4.tar.gz.asc deleted file mode 100644 index 8d765b9..0000000 --- a/libselinux-3.4.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEE1qW2HJpVNBaCkttnviIJHj72InUFAmKFCEsACgkQviIJHj72 -InXlLhAAtklDK8OvcL08fYu8Hw2EYI6wWopn4KctGiZN0axNRxLTqzljWJCU2MjM -jqRDqQ4M1i+Bp4NKDKxYLJSMq8gABoC3L9pvM5Tm24Lw9R/A85FcBtTAr7fSevd1 -hu42yDrjZI1pdAY1kSATipo57JiL4O8WA4qJdNGxJepsMNG49dFSezhO2VyBj4Tl -IVG4smxF/5PEPGVJfjH0dorYarRtsXVVQxrzT739x/9jE8YBe0ONbGrnzxL6ga5G -dlAMEyRyHTn1sLBp6mxi3KxvkgkLZ8hFH28JeQ+8zyOs/FjCQOSk/akOewsLOUMV -S/f4ydgaPHSjmN+etv03P1iOPWxiH8DdIez/GA7DRrwY80xfbIfO5M51fNKIBzXM -M2Co24kGHyaythzzFgwClw41SLB3SGkHPQcb0Hm1uFeSVCdIPUCwCWmQcFABZaZ0 -SHDC47zZ0E22A4y33tT0/SbYtqEJLPfVCBYGWK+wRnKzGMTdUYzVoW4tr9p+yDhQ -SN0+m84Ryz8cfYWuE3WB53V4z0Pk5alk43XkmtHXNRgI2hGjXs1Q3UxEdB/YEpun -tGh6oA4oMj4brPWXb6PE/egpvYJzW6k6Z1JHAIY8Sj2zx5LtJgf5yfiX3iI9kfSf -2iF9s6Y+eNgTceKkQ55PIOI0NhcArMQxwIlBZb63xsrYqTTA+xw= -=Oane ------END PGP SIGNATURE----- diff --git a/libselinux-3.5.tar.gz b/libselinux-3.5.tar.gz new file mode 100644 index 0000000..2f3044e --- /dev/null +++ b/libselinux-3.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9a3a3705ac13a2ccca2de6d652b6356fead10f36fb33115c185c5ccdf29eec19 +size 211453 diff --git a/libselinux-3.5.tar.gz.asc b/libselinux-3.5.tar.gz.asc new file mode 100644 index 0000000..49dc887 --- /dev/null +++ b/libselinux-3.5.tar.gz.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQKTBAABCgB9FiEE4WLerRzN0RPwSz1JK77Zyxpo71UFAmP3a11fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx +NjJERUFEMUNDREQxMTNGMDRCM0Q0OTJCQkVEOUNCMUE2OEVGNTUACgkQK77Zyxpo +71Uajg//WGv3IopVYrtph3FgRUU5V+QGwvd0rdsL/+ZhNGYKi/Br1Pqdi8nHzg4j +jXX9B6uek1A9S1WC76uEtoG0pqc3KNXxAgZAVGpJBp29QCXftWbmMEu5obN+cST8 +H1HaCm0MUdMB01Yyc8pNSujV7AezsKv60cxLNITdYXGjEFDIM73oYxc61qNrYbpm +dQabXqnGxp0FkzbRbO0JsOiwIMJuLBZEe7UyHPlF6Z9OemDe3ro5YbtyUJrzHIjO +nIyWZ8ApWXZ6Q8vJyk9RGBO1fNiAHlH5UCELK1Mj4vDMNkSmrOUkoz0DWJ8+vnkf +Bb7wC7STzWMXTb8R/Zx0GuQ/3VsM5Y9ebYFz2XV3Brttxrp4WAKZjwXduDOHOSLX +EOMM3/c20z3LYAl6aAvo36DQSYJ7zAm6qF1ZF5JmH0DYBSZevXMRF14x0EZLchgS +TSIzfFlIT7SYlxIGZX54hwN9FQidhlK//onHE16Ri/GyOSJa8/uUhntrJb0lgoh+ +5FllC+dgXuLMNpCE7ltqWFHgMLsEaKBi4Z6mOONL54iYJUUzfHHjXoi+cLRO6eUU +9zQhQfQ7+HANcQt691EUBo0efiNT1upI4H4C6CFojobMX4pVUsKouMfjAg8Jl/is +Z63fXRJWBGS6NGR7ZxodV6wF5OzVMH4IDO6Rdf5X6Apcinshs8U= +=NKC3 +-----END PGP SIGNATURE----- diff --git a/libselinux-bindings.changes b/libselinux-bindings.changes index 9917fb9..dab38d2 100644 --- a/libselinux-bindings.changes +++ b/libselinux-bindings.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Fri Feb 24 07:42:25 UTC 2023 - Johannes Segitz + +- Update to version 3.5: + * check for truncations + * avoid newline in avc message + * bail out on path truncations + * add getpidprevcon to gather the previous context before the last + exec of a given process + * Workaround for heap overhead of pcre + * fix memory leaks on the audit2why module init + * ignore invalid class name lookup +- Drop restorecon_pin_file.patch, is upstream +- Refreshed python3.8-compat.patch +- Added additional developer key (Jason Zaman) + ------------------------------------------------------------------- Mon May 9 10:23:32 UTC 2022 - Johannes Segitz diff --git a/libselinux-bindings.spec b/libselinux-bindings.spec index d7aacac..0553d7f 100644 --- a/libselinux-bindings.spec +++ b/libselinux-bindings.spec @@ -1,7 +1,7 @@ # # spec file for package libselinux-bindings # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,9 +17,9 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} -%define libsepol_ver 3.4 +%define libsepol_ver 3.5 Name: libselinux-bindings -Version: 3.4 +Version: 3.5 Release: 0 Summary: SELinux runtime library and simple utilities License: SUSE-Public-Domain @@ -36,7 +36,8 @@ Patch4: readv-proto.patch # Make linking working even when default pkg-config doesn’t provide -lpython Patch5: python3.8-compat.patch Patch6: swig4_moduleimport.patch -Patch7: restorecon_pin_file.patch +BuildRequires: %{python_module pip} +BuildRequires: %{python_module setuptools} BuildRequires: libsepol-devel-static >= %{libsepol_ver} BuildRequires: python-rpm-macros BuildRequires: python3-devel diff --git a/libselinux.changes b/libselinux.changes index 70ceda6..40a5a0c 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Fri Feb 24 07:42:25 UTC 2023 - Johannes Segitz + +- Update to version 3.5: + * check for truncations + * avoid newline in avc message + * bail out on path truncations + * add getpidprevcon to gather the previous context before the last + exec of a given process + * Workaround for heap overhead of pcre + * fix memory leaks on the audit2why module init + * ignore invalid class name lookup +- Drop restorecon_pin_file.patch, is upstream +- Added additional developer key (Jason Zaman) + ------------------------------------------------------------------- Thu Jul 7 12:16:45 UTC 2022 - Johannes Segitz diff --git a/libselinux.keyring b/libselinux.keyring index 494a45d..96cd939 100644 --- a/libselinux.keyring +++ b/libselinux.keyring @@ -167,3 +167,139 @@ et3lz04U61v8ajHBqX/pRfPtrraNnvAM2knD3E58Lf95f/nr7p0tV59EWP8s4i72 t4zhuhOJjZ2YaPVALQ== =UVQc -----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFMyh7gBEADHbVdNWxivgqISiinIAE7gOl9vFemvnqfzn7hdfw2y02hUzojd +0HzEJsyqxGBYHpdNYoiLbCYNubMDA/Xd0Att2D7fIAuNFo3gnKEm27xLSzjC02bk +h2Pxp9d92dxPXsk+zDvY74Vwem74Yon824ESurH4gTK/HsiX2Y+7+5z3Ep07xC7p +IA0RzD3zlKhfT9dpS0QR2LP1utFcT40eEjSZY8QK3iKapNtyvIrpKpkWx0tZTWwX ++F8IoL9MzJBi5L/pS8fyUOkyBVIwdRXLNuX+sle+llH7i+6DWsWHEphiZ3ObiXDm +iXKBu/I0useEE4K7TmOLqqeEZl+CTU6YWJLPpD38pq+p64TlAcT7rZSmRUr7zY0a +X1gsXqm7e95Txm6UYy3Xth1jmZ0PuHjCBIvy8foxZVKGsR34ntAYcZzZhDca+J2S +WyL/YcQbSFhad1N1ZpCXj4eYGQIg57b1OLrabopdSQ73s8uGdS12aNQKcehkAvKs +Pab45Qxk7PWGNXuvHGYFCvedl8Gh/MUy3UqlXE58GBob9ldB+7eaO5VgR0GydSFO +cbRDDpXBdWbsq4u0BDT3uB4FZTqYC3i83NFdCSppxG6aXDl4Hux+Fq7FcjFV7scw +e/ndpnLMzj0oSyOmq6GZfvbZKRbyPztYxrEIoDw1mgvJQhm2AnfnhoOWVwARAQAB +tCJKYXNvbiBaYW1hbiA8amFzb256YW1hbkBnbWFpbC5jb20+iQJXBBMBCABBAhsD +Ah4BAheABQsJCAcDBRUKCQgLBRYCAwEAAhkBFiEEYxkc6UGDCYaJyrjbfvE37JNb +Dq8FAl1mIt8FCQw1xCcACgkQfvE37JNbDq8mKA/7BnUyy3K0nEboJfXKP7mbI7vH +hnDYP9ojwi6Lv7BJLOGNVmHDrZa9HA8uzH7AZIIf1XLOWd+bABqHETETElckXK+x +gtE9GUQO0DQRVH2gCyJUaLtYgK/VD2GRXLlFRUA81XLmU0pNZVIRL6u5P1RbHjdd +G01NgzH2sDKtmAtIashj25YD5m2RukTDfGYDMujjxR2bBRp8QnNiDHp93pYmF6oR +iElJKrUOhBS7Mw2Cuy7GhcvPmFsUY7o/Kq+4bu9DzZOMrPTmVQMF//PV5JChWCou +Aqv1Qybrt5I4/OzOVX+9bID7xowueMbTlak/1yqmgGNmFA5jN5XDuwZxoOX7F/m2 +ITJPRADEvZZLNF0kdj4zcLvk+/C8ofwcPcltO9SmDYwi3aKuMifVHqQnaG+Tu4qI +okSA+Vngamvy0BFBLjjZ1DZhRBS4GELzprzQ4brBqmdFnwtGnc3GOHK5Q8teZeRW +SbCh1u7CNBNXIdnTX5VlGonxjAO27ISDP7oaQyiJetnMy2W2qEG1DIDnLJtlPwDR ++UFO5kBHdJSnuTnCl20XUADeH0tx4jHAAYcIyx0tvJCuOWylMG8yVadxS73IA6a9 +GA+fOku9XBh4eP5vIoMRfuVwDDu2y2n5J68OCfshs3JllGImrWUzR8hpZmjXmpAZ +VjN4Ft83ZEvUEntlI620NUphc29uIFphbWFuIChHZW50b28gRGV2ZWxvcGVyKSA8 +cGVyZmluaW9uQGdlbnRvby5vcmc+iQJUBBMBCAA+AhsDBQsJCAcDBRUKCQgLBRYD +AgEAAh4BAheAFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIucFCQw1xCcACgkQ +fvE37JNbDq8dtA//cUEBx8rIvXyO14TcUu5o3Cc2DRhFxLwVIPOnw6cfZYhRrIKr +2wegsllvV4vJ+KJoIBvlw83VAunHt07N2+hF72LM6qPWkX055gY5PkFSGPBpybZk +oevE9rI+8p7aOqu0Qns4O3juDMava+nSnHjmZCJO7wnjrkGC57eBwI7Z3H32EFIU +b+IvOivBFA6iSeXkmEg1ub3iaA2vXdKOGDfoxrEjSJWt04q8VDUmtscKRkRrc1AX +XToVzcSd4w8C6j4tlOk8DbCLfyf8M3cDeETzyD6ICYWkSN1OxYFopNvsty2L9xQ2 +oTCp/1CjJTO2mxOY7K75vLr8MNYnVrYPzCruazt0YetOY74raTMFhnA6mQapcM+c +L0DKylIOHra/jSj7WQCy/xujMWZKDg8LfcfTuknSFPXVL6s95TYwBayRkVhFs73c +Z5Tpk4dAxSLZI040uExlFmzqwaMRoAhLJShhe/QRGu5rBnjtaKRYl08Hnb2gLc+0 +LH1gsGIvrsB89coa4y5Grues0mw9Bbk5tjGJHWlSgGG6NPds/L2RWCsXgkb4qn6p +Prsq6dyA8qp7O4LiZkzvKpFxmpO3ggIeIh17N21piUs9awnFySLR68gv0E6OnLdL +s2fpRYclaw2DxS4WHloWfW2MoV/b4K+GzovlVGAi19gwzBVk1uHneB504eW0IUph +c29uIFphbWFuIDxqYXNvbkBwZXJmaW5pb24uY29tPokCVAQTAQgAPgIbAwIeAQIX +gAULCQgHAwUVCgkICwUWAgMBABYhBGMZHOlBgwmGicq4237xN+yTWw6vBQJdZiLm +BQkMNcQnAAoJEH7xN+yTWw6vzScQAMABgqR/v0b/Cj/qhUGhW5ReUoqDGkPTWqT/ +ZJHoEtG21v8zmFaGJSw0hGzR8LBKPUcBIgcoe4ahPoNkD8ThvY/FgNV/VbjPmbwM +QqCEy8J3ZR3Tgrv03SGhW4BbWPkLwKEsXQc6hhvJxUMo35ORwUX549DrKb4/jSZs +6El3ONkeyeShnrc8dtKZeL+w4p01WbZ13Z4cwhM9bEsyMDVSv64y8QQZXeK8V0lK +jMbLNywf39AjjHKAo4o09hL75/BC8XW9Eqi5IKGRD8uWdvBB7o+xaAVY5WBMLQqL +GEaXvcc4r7tod17At0E59OfBQyJpp5vfEZXPzmkjC97iIXfUzhdqfuuEBfkfoZc9 +aqBo0chedltXatlwHbr1BZ2zP/LtIPH0+G8/t/iP/KoKWMUXzqPOQmK9XP9ryDvN +HCMogbDMAOYzbGAvY9+eDwW1Oc++eMRrRmbPxY5jRShYMYxzAG3iYEUST62Pxxu4 +tNzYdKc1t0JZHx1S+9jVTpplGuUnRbcLbrwaoqVxmikCdSHbZ3Q75NizFr4zC2n8 +VXj7WNHiCVh4E2hD/aXINbyFHfaukojVVSe2NjSHaCQx64CJbFKeaks25f4+m9GR +ZPTceAlYub9A6lcVlyugdAI0flQCnjz3gOye9CoIWjloOzfH7RXpKol7BrnBISme +L9kh6fIduQINBFzabgEBEADm+3+ZRXtW1Y7KB0QO3iG6tXG0acc95bh2rO6djhP8 +xV4vV6a6hI691SQorLxKCjpZSzshczJlmMZ3SRuMh7VSefc7w59ElBLoWDhuEKs5 +c3gtxAmzxICWNo/IJnnb5h1s3hG8kmPzKdaskdbAttQq4YGk2GAYS9LvmKLPwAu/ +iSaGfAr7RJPSQxvW2i2y1OdhF4ibuVJT1TGa8z1IsU8rf5Ybx1AdkjPnazoE16+j +rs763tnSzT3kpJeymMppkHMJIkO7u7D4bDR+qi10EsfF0inzmhimH5k/ng87+qi6 +UwryvUorJPSbjRLq/n07y2LDwkdOrW3XsLyU7RAfgZ4FUfvpUqkLZqB+GmgVccsy +2bC/T7JMSPZsIlk/KysIl3kK2wg7oNRKJqtMTPhpzEiIGaEjJNa1S7c8jswSL97y +/S/ok8iYaluHTSTHMJrdzriSP0irWzC8MJJNcUZgsP2NGWfjc9l0VlMqOdyW1mtf +PXY+uONeAlM8x5KwMJ/r4nsixodozkI7BOx16F59fjMfc9ywZH3o/rNOoG/+P9rS +ABO6p/zg0e8uNyAE2KobjAfvWxYLoaT6ngYbXGgC4E6DKjnxI3n0EEMjdfALzcmK ++SNiYtxtUQ4g3rFcOxt8U43ObZO85yuTI8TCQT+03/vLzzMOTTAfwn3Slu8ORsVq +tQARAQABiQI8BBgBCAAmAhsgFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIxUF +CQKN3hQACgkQfvE37JNbDq/P6BAAlt4eEQcxin9m5eayHEvnSgjYk99FT1asgfqD +z8d6qVBTKsFxNXvm19Ps294bD2oO02hzScyVlY28dKH38MkGOmslxkMB7yO/6vAh +/d1IixZNz+dQeWtb7XmNySj4/AVH8ODRK2gs0rVrcAH5gsjWlgBFzywmdODFE5iQ +VH8OJ6msT00gvkkvKaKU2K0q7A3DOGTy9Lzk8A3co39JzzR8E44kgJzLC1JASuoL +1LaIe5Fg8VMkDpr5Uchzi2NnaXtuaNNerappRf9Jrga54vQDdAmW02NCcea4Oj4O +zKpC0bOU6N50HsmeQjKEk0sgJrIKdg65k8rlrF2uQl0wBsy9EyWgJgL0rPYOceD6 +d6yEfy9i3G8fPvzCIoBUntZHGGpHDx8ZpYjP2qhg6Vj/ultHfQBk+A7D4V+NU2qy +4+RSTMyIJjUAAgX4WWlxipuy1mRnfJGf/ZuLBAOVST2Igtk4E6cKNagCv3vJEfJi +aak8TQhi/Z9hFsHpN+RhEldqaPOd4yym2iKnoYX98wJsryrsZc2tHIwGQXi+lkNe +cLJYokWXbKnLdlfwkWrziTFAAekIBdQ2HrhXFq9EdfIWgv4PHA+goPXDjIzyhFD2 +5D5NX3YxUGfMWzWyxfg36hJAjbyv/wcdPDJVaYGxSK2Dap4KZOGA+L0lE0mLZN+T +28FSbHO5Ag0EVCGdywEQAMzu5hN79Cwleh7TvQueT6WjsajCVZ8wm4JfZ+D/uCmu +V3z9TKIzJ9TyZ1qAhCGetXUvocq6ZCq18Zii/qBDmfN3e7RvcNrcRNuR51frgPIt +HGHFnjsW2vaVnIARJyHOtKYW5u7m2tUa9JMHFpzRqwNiu2nFw/LZhfO+DeAjAMd5 +1mdJSCuWww7l+xZWQPha1pyxS6BQCB8qC4BOTdW2EkBSIUAaucHX3iaiGQINXuFG +OUVcsPhtcsmmDzqD8JuxuGfzit8LZ4qauh+CeKsACt0fRWjGsSO+veihOaSUxv6N +6jwvOO1oCZzA5lI2zN4QQQs9JPmSt+W+ePBUeCFOCT5lELu4+P4WWc9el6LhHj/O +fsMongI6jvpGWnirzmw9joLKWMaam8MT2S1c9nmYtNramI1lzeJWYU3VFgJpc5DZ +klb6IROb0oEgmbUSIZwap/MB/G9N216mr3V15AKEnt4vqu6ol0CKB3jrMafGCDrH +UIoOd8FCwK1VBRWsnjKLXa+mgGCaWSPau6hcvOuV2/Zq6s77iaQQ82+0qkdno6l9 +nhdmZsLxnZuGOUfwtn1PFdjQ4/3/mgL0KxloqSwdMHpgancOMT+tJnebOCGg/iFC +yXSSNm8zek/lREGevH+3AUIKTY3JhfdvG7qo3zW7u+C0QlFnrj/pUSFs6JMW3hMB +ABEBAAGJBFsEGAEIACYCGwIWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCXWYjCQUJ +C0auPgIpwV0gBBkBAgAGBQJUIZ3LAAoJECu+2csaaO9VpE8P/2FSNpVsqHNxejzF +JYRjpbsOOhIUj/wovCTz9q7nvbGxd2Tq4Cs91aXPmjhZhO/9q+RySCDFKsmmxx54 +nyC6nZaxN4XAvxi5CVNKYdSq+WfuVuex2czF4l9irFYZsrAxxBdQeE47zJNKDEKL +kMnonGBxeJ3NBJWB7HOSsiz4LARfYLohOAqAd500ek8tAHpDLopsD6YQxZv+zgD2 +SzqaQYLtL996OE47+WnZpFVdmnj7JFCfJbDi7w+dhlf/+HPf+r78TQPpl1btlfeE +kSyQr50XRLw6ctJGA62Co7eHVIMDvsidTUo2yMdUQjd9huepSoIq0spPF5yX79xK +6KdnjpkPvmgN3XqJUQVd+JlIEGisMmn01Bz5OeJl0OkWO5aIIJ93pisU7sJJhMw7 +YsZCovzguqFXNnI/nus9SNRtrvMTItiDkOocrPfEff8IpJ/956iZPH3bIaez53gi +XSEvaZXbVhyVYlbVW2Wgwkm/64K4G5+9cUguTomIGcDovXuEHSg0n3QnZ2FFjfsv +VwQ38G3abEErF7APDx36WUJ3GbA2FFr0xqmHN1YQpObIcepWwkXQUCC7CHLQWRcl +CnYvSgtX/pFJ3qt+rrL0vMhosBGGIUJORadPjABPugG5Nf/WV64pBZHOq9A5dZKM +OJg2vpgqVi3YlNHG66oE1oSupFVzCRB+8Tfsk1sOr/zyD/9rLFX27Blv1D8DjqV6 +P9IzWR/YDC4AhYG+fdllq4+N/XO2gG8bYHlbh+rd5KHrCn/t3OYg1xOAqdO8lCqP +1jhkjbOdw2aIsL8pdh7/zZEwPXFCJREWWa30a4IqfvQG2f+kiPBYOtMFy5dmZj6j +N4mD75jbU6Nfhlb2UX7L0T0wLUtOOQhrlqBfXNKASbDAOn5zrvtz0tjRMcE7xPsF +o9/3x+/xElkLkJnUzF1LH/n6T24ZseBqB6WNCPi9nqWbx1AGTK9jeWDjQJ1/Nvj+ +YX6PPOfwpZquKvLi6ZiS5nR1wssz9iv93iL78o90Hd/z0wM9Dimi5njwEyl3Eocf +ZbpATMt8zWVDNxmrkYT33PRYy9V7G/O8aJnTkuSTOglo7akHMlJEhYfDLrmZtQnM +X2H5A/vO1JkJntC6kG7mIKn2q2U8CSYwfMqdscYDEHXaKTSPj225S6Xskw9nSuj8 +HcboihKRosViuoX5NLF2Wu/hXryd0grv0WgHjpuqClQbMlmsd1mcVThzh84KLSlu +QgkabK3rbvDviEOOQ7fxfTj1MR3FzfYovY4TVrO8fjTAk5Rj4f/nlcgiiaCpQlFl +wTwcxDBL1s6MXv7aoAzyqpTBQ6vSFXWK5Ur+7roEkTAUEj8akgmxC9JzJqComHrw +vebSMV7XavdmfCvUXszFeQ/jNbkCDQRTMoe4ARAAz6Zr1rgM2fwNSuaOM9jmYRkU +GM6km1DIDLl/PiFJ/54jGn46pX5nQE+oiZ7Dr4hFIfxn8eEwlQVFGo0lzcNn5JP1 +RGJFdAfLamTmaKrXl1cWayOtTvouuKfFEXH+BC/pPyy87tNiCki0NkzN59j8Plcc +ZZ0LRZWsyhLSQcBQh5xkei9Zvaen+nPTLSg6eIF1hFLoSa8lPZqBX8D2OMJxutKV +umhlO1DPzRX/mIpo0LwiYYu8/CX3ptaBMrrlnk7rZHIVk0vDjB0eVg2DEt+vEU3k +5FQkV/1RYgSlBA0kP8tgKBrve1I4KUorJLAZmX5i0BRrzAqpL1DWdhR+9IpYRKae +a6PYjBMghkWRw7st0XVB7x/boZE6eKswaxywGoc0kw3luR1RpF3Gg95N+2hfHixQ +1OhoPeqzQ+3AHlkr/vbhjtakkiPqLfuk+Ux9B6MISIeuWF/EKtyurWyDMTryKOgg +tj7YuTMtaDV7r8gLbOlMPpGGjBiBh566GR1SKDAUNGlGzp1dKOhWXVqaMwFt9Mja +y8ESH6hEJreQx2Q6R6XgXzWysQqM0RBMXh8p8yEV6mr3Ma8lNJM45tmOTfrazlrm +9PM1kzV646J72mxXr6qr4Q1cvr+xJQdvbXOocdYMmW/R+f1tPcvnlRkMyB7wzEtS +OGi9G6ErhhvNUSoZtlUAEQEAAYkCPAQYAQgAJgIbDBYhBGMZHOlBgwmGicq4237x +N+yTWw6vBQJdZiL4BQkMNcRAAAoJEH7xN+yTWw6vfCkQAIxkDpI+rVDrstPN+uoe +pfnaOlYCBVrzITIG+HYAeGj1nuZHMeg2AztVoeJ9FWq9z2xVuo4GIFyfFggZMEVS +Dyjgjojq0d8jEmOaUKFNnPMAAErGJEVHmQSAbp67lkwtcHZkkWgXKQ9FLx6z17U0 +66H4svf/RTNiAxqgFu5UdLgfxULbnvoqI6+rWYggVWdlbm2dmoUwLRJsQrI6GMBS +jL6nWwu8tAQBk9Vzo1nj0l5M5i0R/PhbcsnUynlWxBVCGNxnMYydNbjpzNC2qnSy +ibyx0exiJM5HjYlDy82yr4LI9iN28wKmSxTOvCHN+QaQZ5adlDquhGwFm8TRRsm1 +FDsVcmrjPTcGUsKfIAOyeiSHZO2tMU/CTvEYRNw09geVeOvIwNSXS8oblC1b3P1j +UP67CKVAYBnBFx7bMujlGyNJY8jGNEEBrDqxfYEAIEhyKNd0tWc86B1tqz/ArRvc +XfPof/cQcFVHpfpJ/NS+b4KrRvJHzV884N709JmrFZVVAR/2I/GmZ0wdCmBoZtH8 ++IpwyMey0HIfa5dOtZw6jAAB5mkCBEs/P7VPrwzTpXcPBKFfj1R/iqpT7YvNk8Gh +l4xDVhZI8IpQ7j1RtJoULvAwmH0z/M5kS2N0ADxEo3mPgm1CaFudP4JijV3HX7Rx +IuOUseqwzF197kqA16in1P25 +=f80i +-----END PGP PUBLIC KEY BLOCK----- diff --git a/libselinux.spec b/libselinux.spec index 9ad6c93..35713cf 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -1,7 +1,7 @@ # # spec file for package libselinux # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,9 +16,9 @@ # -%define libsepol_ver 3.4 +%define libsepol_ver 3.5 Name: libselinux -Version: 3.4 +Version: 3.5 Release: 0 Summary: SELinux runtime library and utilities License: SUSE-Public-Domain @@ -32,7 +32,6 @@ Source4: baselibs.conf # PATCH-FIX-UPSTREAM Include for readv prototype Patch4: readv-proto.patch Patch5: skip_cycles.patch -Patch7: restorecon_pin_file.patch BuildRequires: fdupes BuildRequires: libsepol-devel >= %{libsepol_ver} BuildRequires: pkgconfig @@ -102,7 +101,6 @@ necessary to develop your own software using libselinux. %setup -q -n libselinux-%{version} %patch4 -p1 %patch5 -p1 -%patch7 -p1 %build %define _lto_cflags %{nil} @@ -150,6 +148,7 @@ install -m 0755 %{SOURCE3} %{buildroot}%{_sbindir}/selinux-ready %{_sbindir}/selinux_check_securetty_context %{_sbindir}/selabel_get_digests_all_partial_matches %{_sbindir}/validatetrans +%{_sbindir}/getpidprevcon %{_mandir}/man5/* %{_mandir}/ru/man5/* %{_mandir}/man8/* diff --git a/python3.8-compat.patch b/python3.8-compat.patch index 960ef56..d1a7dbc 100644 --- a/python3.8-compat.patch +++ b/python3.8-compat.patch @@ -1,7 +1,7 @@ -Index: libselinux-3.1/src/Makefile +Index: libselinux-3.5/src/Makefile =================================================================== ---- libselinux-3.1.orig/src/Makefile -+++ libselinux-3.1/src/Makefile +--- libselinux-3.5.orig/src/Makefile ++++ libselinux-3.5/src/Makefile @@ -13,7 +13,11 @@ LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= /lib INCLUDEDIR ?= $(PREFIX)/include @@ -11,6 +11,6 @@ Index: libselinux-3.1/src/Makefile +else PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX)) +endif - PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))") + PYTHONLIBDIR ?= $(shell $(PYTHON) -c "import sysconfig; print(sysconfig.get_path('platlib', vars={'platbase': '$(PREFIX)', 'base': '$(PREFIX)'}))") PYCEXT ?= $(shell $(PYTHON) -c 'import importlib.machinery;print(importlib.machinery.EXTENSION_SUFFIXES[0])') RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]') diff --git a/restorecon_pin_file.patch b/restorecon_pin_file.patch deleted file mode 100644 index 22f6cfd..0000000 --- a/restorecon_pin_file.patch +++ /dev/null @@ -1,139 +0,0 @@ -Index: libselinux-3.4/src/selinux_restorecon.c -=================================================================== ---- libselinux-3.4.orig/src/selinux_restorecon.c -+++ libselinux-3.4/src/selinux_restorecon.c -@@ -623,13 +623,13 @@ out: - return rc; - } - --static int restorecon_sb(const char *pathname, struct rest_flags *flags, bool first) -+static int restorecon_sb(const char *pathname, const struct stat *sb, -+ struct rest_flags *flags, bool first) - { - char *newcon = NULL; - char *curcon = NULL; - char *newtypecon = NULL; -- int fd = -1, rc; -- struct stat stat_buf; -+ int rc; - bool updated = false; - const char *lookup_path = pathname; - float pc; -@@ -644,21 +644,13 @@ static int restorecon_sb(const char *pat - lookup_path += rootpathlen; - } - -- fd = open(pathname, O_PATH | O_NOFOLLOW | O_EXCL); -- if (fd < 0) -- goto err; -- -- rc = fstat(fd, &stat_buf); -- if (rc < 0) -- goto err; -- - if (rootpath != NULL && lookup_path[0] == '\0') - /* this is actually the root dir of the alt root. */ - rc = selabel_lookup_raw(fc_sehandle, &newcon, "/", -- stat_buf.st_mode); -+ sb->st_mode); - else - rc = selabel_lookup_raw(fc_sehandle, &newcon, lookup_path, -- stat_buf.st_mode); -+ sb->st_mode); - - if (rc < 0) { - if (errno == ENOENT) { -@@ -667,10 +659,10 @@ static int restorecon_sb(const char *pat - "Warning no default label for %s\n", - lookup_path); - -- goto out; /* no match, but not an error */ -+ return 0; /* no match, but not an error */ - } - -- goto err; -+ return -1; - } - - if (flags->progress) { -@@ -690,17 +682,19 @@ static int restorecon_sb(const char *pat - } - - if (flags->add_assoc) { -- rc = filespec_add(stat_buf.st_ino, newcon, pathname, flags); -+ rc = filespec_add(sb->st_ino, newcon, pathname, flags); - - if (rc < 0) { - selinux_log(SELINUX_ERROR, - "filespec_add error: %s\n", pathname); -- goto out1; -+ freecon(newcon); -+ return -1; - } - - if (rc > 0) { - /* Already an association and it took precedence. */ -- goto out; -+ freecon(newcon); -+ return 0; - } - } - -@@ -708,7 +702,7 @@ static int restorecon_sb(const char *pat - selinux_log(SELINUX_INFO, "%s matched by %s\n", - pathname, newcon); - -- if (fgetfilecon_raw(fd, &curcon) < 0) { -+ if (lgetfilecon_raw(pathname, &curcon) < 0) { - if (errno != ENODATA) - goto err; - -@@ -741,7 +735,7 @@ static int restorecon_sb(const char *pat - } - - if (!flags->nochange) { -- if (fsetfilecon(fd, newcon) < 0) -+ if (lsetfilecon(pathname, newcon) < 0) - goto err; - updated = true; - } -@@ -766,8 +760,6 @@ static int restorecon_sb(const char *pat - out: - rc = 0; - out1: -- if (fd >= 0) -- close(fd); - freecon(curcon); - freecon(newcon); - return rc; -@@ -865,6 +857,7 @@ static void *selinux_restorecon_thread(v - FTSENT *ftsent; - int error; - char ent_path[PATH_MAX]; -+ struct stat ent_st; - bool first = false; - - if (state->parallel) -@@ -963,11 +956,11 @@ loop_body: - /* fall through */ - default: - strcpy(ent_path, ftsent->fts_path); -- -+ ent_st = *ftsent->fts_statp; - if (state->parallel) - pthread_mutex_unlock(&state->mutex); - -- error = restorecon_sb(ent_path, &state->flags, -+ error = restorecon_sb(ent_path, &ent_st, &state->flags, - first); - - if (state->parallel) { -@@ -1163,7 +1156,7 @@ static int selinux_restorecon_common(con - goto cleanup; - } - -- error = restorecon_sb(pathname, &state.flags, true); -+ error = restorecon_sb(pathname, &sb, &state.flags, true); - goto cleanup; - } -