From 111c53ca0aba45128685792b032d6298e12f6065e8898d8b4671015523b7776c Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Fri, 12 Mar 2021 07:59:15 +0000 Subject: [PATCH 1/3] OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsemanage?expand=0&rev=88 --- baselibs.conf | 2 +- libsemanage-3.1.tar.gz | 3 --- libsemanage-3.2.tar.gz | 3 +++ libsemanage.changes | 9 +++++++++ libsemanage.spec | 20 +++++++++++--------- python-semanage.changes | 9 +++++++++ python-semanage.spec | 12 +++++++----- 7 files changed, 40 insertions(+), 18 deletions(-) delete mode 100644 libsemanage-3.1.tar.gz create mode 100644 libsemanage-3.2.tar.gz diff --git a/baselibs.conf b/baselibs.conf index 7dc14f9..f02cd37 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1 +1 @@ -libsemanage1 +libsemanage2 diff --git a/libsemanage-3.1.tar.gz b/libsemanage-3.1.tar.gz deleted file mode 100644 index 005add5..0000000 --- a/libsemanage-3.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8 -size 179601 diff --git a/libsemanage-3.2.tar.gz b/libsemanage-3.2.tar.gz new file mode 100644 index 0000000..a96daf5 --- /dev/null +++ b/libsemanage-3.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d722a55ca4fe2d4e2b30527720db657e6238b28079e69e2e4affeb8e733ee511 +size 178839 diff --git a/libsemanage.changes b/libsemanage.changes index 7000190..c598540 100644 --- a/libsemanage.changes +++ b/libsemanage.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Mar 9 09:09:18 UTC 2021 - Johannes Segitz + +- Update to version 3.2 + * dropped old and deprecated symbols and functions + libsemanage version was bumped to libsemanage.so.2 + * libsemanage tries to sync data to prevent empty files in SELinux module + store + ------------------------------------------------------------------- Wed Jul 29 14:37:19 UTC 2020 - Thorsten Kukuk diff --git a/libsemanage.spec b/libsemanage.spec index 356289a..cb298c9 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -1,7 +1,7 @@ # # spec file for package libsemanage # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,14 +16,16 @@ # +%define libname libsemanage2 + Name: libsemanage -Version: 3.1 +Version: 3.2 Release: 0 Summary: SELinux policy management library License: LGPL-2.1-or-later Group: Development/Libraries/C and C++ URL: https://github.com/SELinuxProject/selinux/wiki/Releases -Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/%{name}-%{version}.tar.gz +Source: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz Source1: baselibs.conf Source2: semanage.conf # PATCH-FIX-UPSTREAM bsc#1133102 LTO: Update map file to include new symbols and remove wildcards @@ -45,12 +47,12 @@ libselinux to interact with the SELinux system, it also calls helper programs for loading policy and for checking whether the file_contexts configuration is valid. -%package -n libsemanage1 +%package -n %{libname} Summary: SELinux policy management library Group: System/Libraries Suggests: %{name}-migrate-store -%description -n libsemanage1 +%description -n %{libname} libsemanage is the policy management library. Using libsepol and libselinux to interact with the SELinux system, it also calls helper programs for loading policy and for checking whether the @@ -64,7 +66,7 @@ Security.) %package devel Summary: Header files and libraries for SELinux's policy management libary Group: Development/Libraries/C and C++ -Requires: libsemanage1 = %{version} +Requires: %{libname} = %{version} Requires: libustr-devel %description devel @@ -113,10 +115,10 @@ cp %{SOURCE2} %{buildroot}%{_sysconfdir}/selinux/semanage.conf # Remove duplicate files %fdupes -s %{buildroot}%{_mandir} -%post -n libsemanage1 -p /sbin/ldconfig -%postun -n libsemanage1 -p /sbin/ldconfig +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig -%files -n libsemanage1 +%files -n %{libname} %dir %{_sysconfdir}/selinux %config(noreplace) %{_sysconfdir}/selinux/semanage.conf %{_libdir}/libsemanage.so.* diff --git a/python-semanage.changes b/python-semanage.changes index f3ee6dc..740f85d 100644 --- a/python-semanage.changes +++ b/python-semanage.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Mar 9 09:09:18 UTC 2021 - Johannes Segitz + +- Update to version 3.2 + * dropped old and deprecated symbols and functions + libsemanage version was bumped to libsemanage.so.2 + * libsemanage tries to sync data to prevent empty files in SELinux module + store + ------------------------------------------------------------------- Tue Jul 14 08:36:19 UTC 2020 - Johannes Segitz diff --git a/python-semanage.spec b/python-semanage.spec index 1914e5d..47431f8 100644 --- a/python-semanage.spec +++ b/python-semanage.spec @@ -1,7 +1,7 @@ # # spec file for package python-semanage # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,15 +16,17 @@ # +%define libname libsemanage2 + %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-semanage -Version: 3.1 +Version: 3.2 Release: 0 Summary: Python bindings for SELinux's policy management library License: LGPL-2.1-only Group: Development/Languages/Python URL: https://github.com/SELinuxProject/selinux -Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/libsemanage-%{version}.tar.gz +Source: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsemanage-%{version}.tar.gz Source1: baselibs.conf # PATCH-FIX-UPSTREAM bsc#1133102 LTO: Update map file to include new symbols and remove wildcards # For now we need to disable this. This breaks e.g. shadow and also other packages in security:SELinux @@ -35,12 +37,12 @@ BuildRequires: bison BuildRequires: flex BuildRequires: libbz2-devel BuildRequires: libselinux-devel -BuildRequires: libsepol-devel +BuildRequires: libsepol-devel >= 3.2 BuildRequires: libustr-devel BuildRequires: python-rpm-macros BuildRequires: swig # Ensure same version -Requires: libsemanage1 = %{version} +Requires: %{libname} = %{version} %python_subpackages %description From 76295ef61ac991227250d199eb14a80d03b19069a0794704099f1b5ca696fa1f Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Wed, 17 Mar 2021 15:35:23 +0000 Subject: [PATCH 2/3] Accepting request 879702 from home:jsegitz:branches:security:SELinux - Move configuration file to separate libsemanage-conf package to allow for parallel installation in future versions OBS-URL: https://build.opensuse.org/request/show/879702 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsemanage?expand=0&rev=89 --- libsemanage.changes | 6 ++++++ libsemanage.spec | 17 +++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/libsemanage.changes b/libsemanage.changes index c598540..06d3ccf 100644 --- a/libsemanage.changes +++ b/libsemanage.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Mar 17 08:29:15 UTC 2021 - Johannes Segitz + +- Move configuration file to separate libsemanage-conf package to allow + for parallel installation in future versions + ------------------------------------------------------------------- Tue Mar 9 09:09:18 UTC 2021 - Johannes Segitz diff --git a/libsemanage.spec b/libsemanage.spec index cb298c9..2b32621 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -51,6 +51,7 @@ file_contexts configuration is valid. Summary: SELinux policy management library Group: System/Libraries Suggests: %{name}-migrate-store +Requires: %{name}-conf >= %{version} %description -n %{libname} libsemanage is the policy management library. Using libsepol and @@ -63,6 +64,16 @@ utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security.) +%package conf +Summary: Configuration for the SELinux policy management library +# before 3.1 the config file wasn't separated, so no parallel install is possible +Group: System/Libraries +Conflicts: %{name}1 <= 3.1 + +%description conf +Configuration file for libsemanage. Moved to a separate package to allow +parallel installation + %package devel Summary: Header files and libraries for SELinux's policy management libary Group: Development/Libraries/C and C++ @@ -119,11 +130,13 @@ cp %{SOURCE2} %{buildroot}%{_sysconfdir}/selinux/semanage.conf %postun -n %{libname} -p /sbin/ldconfig %files -n %{libname} -%dir %{_sysconfdir}/selinux -%config(noreplace) %{_sysconfdir}/selinux/semanage.conf %{_libdir}/libsemanage.so.* %dir %{_localstatedir}/lib/selinux +%files conf +%dir %{_sysconfdir}/selinux +%config(noreplace) %{_sysconfdir}/selinux/semanage.conf + %files devel %{_libdir}/libsemanage.so %{_libdir}/pkgconfig/libsemanage.pc From 53616ca4478fe48987cfa4264edbde3d8b7a59cfd78c3d0f0f4b24dbe8dc8a22 Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Thu, 18 Mar 2021 10:06:40 +0000 Subject: [PATCH 3/3] Accepting request 879845 from home:jsegitz:branches:security:SELinux - Link to correct so version - Minor spec file cleanups - Minor spec file cleanups OBS-URL: https://build.opensuse.org/request/show/879845 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsemanage?expand=0&rev=90 --- libsemanage.changes | 6 ++++++ libsemanage.spec | 13 +++++++------ python-semanage.changes | 5 +++++ python-semanage.spec | 9 +++++---- 4 files changed, 23 insertions(+), 10 deletions(-) diff --git a/libsemanage.changes b/libsemanage.changes index 06d3ccf..0fae926 100644 --- a/libsemanage.changes +++ b/libsemanage.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Mar 18 08:31:30 UTC 2021 - Johannes Segitz + +- Link to correct so version +- Minor spec file cleanups + ------------------------------------------------------------------- Wed Mar 17 08:29:15 UTC 2021 - Johannes Segitz diff --git a/libsemanage.spec b/libsemanage.spec index 2b32621..edc89a7 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -16,7 +16,8 @@ # -%define libname libsemanage2 +%define soversion 2 +%define libname libsemanage%{soversion} Name: libsemanage Version: 3.2 @@ -39,7 +40,7 @@ BuildRequires: libbz2-devel BuildRequires: libselinux-devel BuildRequires: libsepol-devel BuildRequires: libustr-devel -BuildRequires: pkg-config +BuildRequires: pkgconfig %description libsemanage is the policy management library. Using libsepol and @@ -111,9 +112,9 @@ grep /usr/libexec . -rl | xargs sed -i "s|/usr/libexec|%{_libexecdir}|g" %build %define _lto_cflags %{nil} -make %{?_smp_mflags} clean -make -j1 CFLAGS="%{optflags} -fno-semantic-interposition" CC="gcc" -make -j1 CFLAGS="%{optflags} -fno-semantic-interposition" LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" SHLIBDIR="%{_lib}" CC="gcc" all +%make_build clean +%make_build CFLAGS="%{optflags} -fno-semantic-interposition" CC="gcc" +%make_build CFLAGS="%{optflags} -fno-semantic-interposition" LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" SHLIBDIR="%{_lib}" CC="gcc" all %install mkdir -p %{buildroot}/%{_lib} @@ -121,7 +122,7 @@ mkdir -p %{buildroot}%{_libdir} mkdir -p %{buildroot}%{_includedir} mkdir -p %{buildroot}%{_localstatedir}/lib/selinux %make_install LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" SHLIBDIR="%{_libdir}" -ln -sf %{_libdir}/libsemanage.so.1 %{buildroot}/%{_libdir}/libsemanage.so +ln -sf %{_libdir}/libsemanage.so.%{soversion} %{buildroot}/%{_libdir}/libsemanage.so cp %{SOURCE2} %{buildroot}%{_sysconfdir}/selinux/semanage.conf # Remove duplicate files %fdupes -s %{buildroot}%{_mandir} diff --git a/python-semanage.changes b/python-semanage.changes index 740f85d..47cb881 100644 --- a/python-semanage.changes +++ b/python-semanage.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Mar 18 08:31:30 UTC 2021 - Johannes Segitz + +- Minor spec file cleanups + ------------------------------------------------------------------- Tue Mar 9 09:09:18 UTC 2021 - Johannes Segitz diff --git a/python-semanage.spec b/python-semanage.spec index 47431f8..292bcc7 100644 --- a/python-semanage.spec +++ b/python-semanage.spec @@ -16,7 +16,8 @@ # -%define libname libsemanage2 +%define soversion 2 +%define libname libsemanage%{soversion} %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-semanage @@ -56,10 +57,10 @@ grep /usr/libexec . -rl | xargs sed -i "s|/usr/libexec|%{_libexecdir}|g" %build %define _lto_cflags %{nil} -make %{?_smp_mflags} clean +%make_build clean %{python_expand # loop over possible pythons -make -j1 PYTHON=$python CFLAGS="%{optflags} -fno-semantic-interposition" swigify -make -j1 PYTHON=$python CFLAGS="%{optflags} -fno-semantic-interposition" \ +%make_build PYTHON=$python CFLAGS="%{optflags} -fno-semantic-interposition" swigify +%make_build PYTHON=$python CFLAGS="%{optflags} -fno-semantic-interposition" \ LIBDIR="%{_libdir}" \ LIBEXECDIR="%{_libexecdir}" \ SHLIBDIR="%{_lib}" \