From f649889ef93791d676878a2beb8c3100e638c6164871b4241b1727302a647de5 Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Thu, 5 Mar 2020 10:13:54 +0000
Subject: [PATCH] Accepting request 781804 from
 home:jsegitz:branches:security:SELinux

- Update to version 3.0
  * Do not link against libpcre
  * Fix redundant console log output error
  * Use /run instead of /var/run
  Dropped r_opts_global.patch

OBS-URL: https://build.opensuse.org/request/show/781804
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/restorecond?expand=0&rev=11
---
 r_opts_global.patch    | 109 -----------------------------------------
 restorecond-2.9.tar.gz |   3 --
 restorecond-3.0.tar.gz |   3 ++
 restorecond.changes    |   9 ++++
 restorecond.spec       |  11 ++---
 5 files changed, 16 insertions(+), 119 deletions(-)
 delete mode 100644 r_opts_global.patch
 delete mode 100644 restorecond-2.9.tar.gz
 create mode 100644 restorecond-3.0.tar.gz

diff --git a/r_opts_global.patch b/r_opts_global.patch
deleted file mode 100644
index a8fc97f..0000000
--- a/r_opts_global.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-commit ad2208ec220f55877a4d31084be2b4d6413ee082
-Author: Baichuan Kong <kongbaichuan@huawei.com>
-Date:   Thu Nov 14 10:48:07 2019 +0800
-
-    restorecond: Fix redundant console log output error
-    
-    When starting restorecond without any option the following redundant
-    console log is outputed:
-    
-    /dev/log 100.0%
-    /var/volatile/run/syslogd.pid 100.0%
-    ...
-    
-    This is caused by two global variables of same name r_opts. When
-    executes r_opts = opts in restore_init(), it originally intends
-    to assign the address of struct r_opts in "restorecond.c" to the
-    pointer *r_opts in "restore.c".
-    
-    However, the address is assigned to the struct r_opts and covers
-    the value of low eight bytes in it. That causes unexpected value
-    of member varibale 'nochange' and 'verbose' in struct r_opts, thus
-    affects value of 'restorecon_flags' and executes unexpected operations
-    when restorecon the files such as the redundant console log output or
-    file label nochange.
-    
-    Cause restorecond/restore.c is copied from policycoreutils/setfiles,
-    which share the same pattern. It also has potential risk to generate
-    same problems, So fix it in case.
-    
-    Signed-off-by: Baichuan Kong <kongbaichuan@huawei.com>
-
-diff --git a/restorecond/restore.c b/restorecond/restore.c
-index f6e30001..b93b5fdb 100644
---- a/restorecond/restore.c
-+++ b/restorecond/restore.c
-@@ -12,39 +12,36 @@
- char **exclude_list;
- int exclude_count;
- 
--struct restore_opts *r_opts;
--
- void restore_init(struct restore_opts *opts)
- {
- 	int rc;
- 
--	r_opts = opts;
- 	struct selinux_opt selinux_opts[] = {
--		{ SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
--		{ SELABEL_OPT_PATH, r_opts->selabel_opt_path },
--		{ SELABEL_OPT_DIGEST, r_opts->selabel_opt_digest }
-+		{ SELABEL_OPT_VALIDATE, opts->selabel_opt_validate },
-+		{ SELABEL_OPT_PATH, opts->selabel_opt_path },
-+		{ SELABEL_OPT_DIGEST, opts->selabel_opt_digest }
- 	};
- 
--	r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
--	if (!r_opts->hnd) {
--		perror(r_opts->selabel_opt_path);
-+	opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
-+	if (!opts->hnd) {
-+		perror(opts->selabel_opt_path);
- 		exit(1);
- 	}
- 
--	r_opts->restorecon_flags = 0;
--	r_opts->restorecon_flags = r_opts->nochange | r_opts->verbose |
--			   r_opts->progress | r_opts->set_specctx  |
--			   r_opts->add_assoc | r_opts->ignore_digest |
--			   r_opts->recurse | r_opts->userealpath |
--			   r_opts->xdev | r_opts->abort_on_error |
--			   r_opts->syslog_changes | r_opts->log_matches |
--			   r_opts->ignore_noent | r_opts->ignore_mounts;
-+	opts->restorecon_flags = 0;
-+	opts->restorecon_flags = opts->nochange | opts->verbose |
-+			   opts->progress | opts->set_specctx  |
-+			   opts->add_assoc | opts->ignore_digest |
-+			   opts->recurse | opts->userealpath |
-+			   opts->xdev | opts->abort_on_error |
-+			   opts->syslog_changes | opts->log_matches |
-+			   opts->ignore_noent | opts->ignore_mounts;
- 
- 	/* Use setfiles, restorecon and restorecond own handles */
--	selinux_restorecon_set_sehandle(r_opts->hnd);
-+	selinux_restorecon_set_sehandle(opts->hnd);
- 
--	if (r_opts->rootpath) {
--		rc = selinux_restorecon_set_alt_rootpath(r_opts->rootpath);
-+	if (opts->rootpath) {
-+		rc = selinux_restorecon_set_alt_rootpath(opts->rootpath);
- 		if (rc) {
- 			fprintf(stderr,
- 				"selinux_restorecon_set_alt_rootpath error: %s.\n",
-@@ -75,7 +72,6 @@ int process_glob(char *name, struct restore_opts *opts)
- 	size_t i = 0;
- 	int len, rc, errors;
- 
--	r_opts = opts;
- 	memset(&globbuf, 0, sizeof(globbuf));
- 
- 	errors = glob(name, GLOB_TILDE | GLOB_PERIOD |
-@@ -90,7 +86,7 @@ int process_glob(char *name, struct restore_opts *opts)
- 		if (len > 0 && strcmp(&globbuf.gl_pathv[i][len], "/..") == 0)
- 			continue;
- 		rc = selinux_restorecon(globbuf.gl_pathv[i],
--					r_opts->restorecon_flags);
-+					opts->restorecon_flags);
- 		if (rc < 0)
- 			errors = rc;
- 	}
diff --git a/restorecond-2.9.tar.gz b/restorecond-2.9.tar.gz
deleted file mode 100644
index 6b3da07..0000000
--- a/restorecond-2.9.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cbf9820583e641ee0462fa7bc89e6024676af281e025703e17b2d019b1a25a4f
-size 18893
diff --git a/restorecond-3.0.tar.gz b/restorecond-3.0.tar.gz
new file mode 100644
index 0000000..b0abb35
--- /dev/null
+++ b/restorecond-3.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:32a92c9f4bf48c613f9f467ced58d8c369eec8892239cd44d5d0e139b41926dc
+size 18797
diff --git a/restorecond.changes b/restorecond.changes
index 7450bdf..39429a5 100644
--- a/restorecond.changes
+++ b/restorecond.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue Mar  3 12:28:15 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
+
+- Update to version 3.0
+  * Do not link against libpcre
+  * Fix redundant console log output error
+  * Use /run instead of /var/run
+  Dropped r_opts_global.patch
+
 -------------------------------------------------------------------
 Wed Jan 15 10:11:33 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
 
diff --git a/restorecond.spec b/restorecond.spec
index cb4bfb6..f1e452b 100644
--- a/restorecond.spec
+++ b/restorecond.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package restorecond
 #
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,17 +16,15 @@
 #
 
 
-%define libselinux_ver   2.9
+%define libselinux_ver   3.0
 Name:           restorecond
-Version:        2.9
+Version:        3.0
 Release:        0
 Summary:        Daemon to restore SELinux contexts
 License:        GPL-2.0-or-later
 Group:          Productivity/Security
 URL:            https://github.com/SELinuxProject/selinux.git
-Source0:        https://github.com/SELinuxProject/selinux/releases/download/20190315/restorecond-%{version}.tar.gz
-# can be dropped with 3.0
-Patch0:         r_opts_global.patch
+Source0:        https://github.com/SELinuxProject/selinux/releases/download/20191204/restorecond-%{version}.tar.gz
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  libselinux-devel >= %{libselinux_ver}
 Requires:       libselinux1 >= %{libselinux_ver}
@@ -37,7 +35,6 @@ Daemon that watches for file creation and then sets the default SELinux file con
 
 %prep
 %setup -q
-%patch0 -p2
 
 %build
 export CFLAGS="%optflags"