Compare commits
No commits in common. "factory" and "devel" have entirely different histories.
@ -1,30 +0,0 @@
|
||||
By default, GIO channels use UTF-8 as encoding, which causes issues when
|
||||
reading binary data such as inotify events.
|
||||
|
||||
Signed-off-by: Fabian Vogt <fvogt@suse.de>
|
||||
---
|
||||
restorecond/user.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/restorecond/user.c b/restorecond/user.c
|
||||
index 3ae3ebbb7230..7188c22e3119 100644
|
||||
--- a/restorecond/user.c
|
||||
+++ b/restorecond/user.c
|
||||
@@ -238,6 +238,7 @@ static int local_server(void) {
|
||||
}
|
||||
/* watch for stdin/terminal going away */
|
||||
GIOChannel *in = g_io_channel_unix_new(0);
|
||||
+ g_io_channel_set_encoding(in, NULL, NULL);
|
||||
g_io_add_watch_full( in,
|
||||
G_PRIORITY_HIGH,
|
||||
G_IO_IN|G_IO_ERR|G_IO_HUP,
|
||||
@@ -282,6 +283,7 @@ int server(int master_fd, const char *watch_file) {
|
||||
set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
|
||||
|
||||
GIOChannel *c = g_io_channel_unix_new(master_fd);
|
||||
+ g_io_channel_set_encoding(c, NULL, NULL);
|
||||
|
||||
g_io_add_watch_full(c,
|
||||
G_PRIORITY_HIGH,
|
||||
--
|
||||
2.47.0
|
||||
@ -1,32 +0,0 @@
|
||||
Without nonblocking IO, g_io_channel_read_chars waits indefinitely for more
|
||||
data without ever returning control to the event loop.
|
||||
|
||||
Set the IO channels to nonblocking to fix SIGTERM handling.
|
||||
|
||||
Signed-off-by: Fabian Vogt <fvogt@suse.de>
|
||||
---
|
||||
restorecond/user.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/restorecond/user.c b/restorecond/user.c
|
||||
index 7188c22e3119..25e70ae15b94 100644
|
||||
--- a/restorecond/user.c
|
||||
+++ b/restorecond/user.c
|
||||
@@ -239,6 +239,7 @@ static int local_server(void) {
|
||||
/* watch for stdin/terminal going away */
|
||||
GIOChannel *in = g_io_channel_unix_new(0);
|
||||
g_io_channel_set_encoding(in, NULL, NULL);
|
||||
+ g_io_channel_set_flags(in, g_io_channel_get_flags(in) | G_IO_FLAG_NONBLOCK, NULL);
|
||||
g_io_add_watch_full( in,
|
||||
G_PRIORITY_HIGH,
|
||||
G_IO_IN|G_IO_ERR|G_IO_HUP,
|
||||
@@ -284,6 +285,7 @@ int server(int master_fd, const char *watch_file) {
|
||||
|
||||
GIOChannel *c = g_io_channel_unix_new(master_fd);
|
||||
g_io_channel_set_encoding(c, NULL, NULL);
|
||||
+ g_io_channel_set_flags(c, g_io_channel_get_flags(c) | G_IO_FLAG_NONBLOCK, NULL);
|
||||
|
||||
g_io_add_watch_full(c,
|
||||
G_PRIORITY_HIGH,
|
||||
--
|
||||
2.47.0
|
||||
3
restorecond-3.6.tar.gz
Normal file
3
restorecond-3.6.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:8f8aa2c6c66bcc6d91c6edd63913e5d738de6428928f27d1019d89c31cf347b1
|
||||
size 18020
|
||||
16
restorecond-3.6.tar.gz.asc
Normal file
16
restorecond-3.6.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEG+LA/wiUliMQL9JWRpWIHCVFCNEFAmV5xAMACgkQRpWIHCVF
|
||||
CNFXsw//RSQSkQcUwzxy+sVlv5IQnKNfc45b8xgsVmIkxfA5prVEPaQf+SAcuaQj
|
||||
PQ9ukDHBr07vtfyPRYm/eRmPZW/6s6FLrGEwhu4mnIJMuL84nB229IraSQeHRK5n
|
||||
53G+xuCMz3+fm8fZqyyr8XN1QS+ReVTeE1rFEGYTceAW2R+bYTfAoJXA+ExsQO/R
|
||||
d7U23+JyrLY5xADbaszvE1v2fDyTxhaGrdT+QmqySqcnrt8BF1sGbX46sEoyIUyh
|
||||
jgVy5dOfI11TxxZ3+uJovZmD6K1pQKcHuC7X/9LlGsoIOjdVz42DJlAcr2nGdPjc
|
||||
8GyC6dgCnWhisl1ePZMY7cW2LYXQvKnf7YH0KXRVtywuGX4mKD+PXmekJgfP20vz
|
||||
EeXkPMuRsHpnWhUcvPzxpVtlqsdVLKKVIhsKBQ/m5q8aplxM21xr5Ed/SZ+t2BA1
|
||||
H5G2L7wwGU88AOmRfYqkC/ebjozSS7e0htAm92gdC3g8hUbm04XsHJSRXfDHkqNu
|
||||
wkQJ6Y6A0M33Pc3YZFg+YnLL2Bb3F9+SxOh28YilEDtqgMBVyzlUhN2T4/oegABn
|
||||
G77GRVV3HG9e7kMpA/Oek77r055RN/E684NfpqN8pfoA/6LvtVh+LO2twT6YjO6t
|
||||
BpZWuPGPvlnjZiKUanDs9zNVshngq8gOuGhFqSt6uvMf+lO+BAE=
|
||||
=hHoX
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,11 +1,3 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 24 09:58:41 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
|
||||
|
||||
- Fix issue where inotify events are not being handled properly
|
||||
* added: 1231512-Set-GLib-IO-channels-to-binary-mode.patch
|
||||
- Fix issue where restorecond -u is not terminating with SIGTERM (bsc#1231512)
|
||||
* added: 1231512-Set-GLib-IO-channels-to-nonblocking.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 1 08:12:59 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
|
||||
|
||||
|
||||
@ -28,8 +28,6 @@ Source0: https://github.com/SELinuxProject/selinux/releases/download/%{ve
|
||||
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz.asc
|
||||
Source2: restorecond.keyring
|
||||
Patch0: harden_restorecond.service.patch
|
||||
Patch1: 1231512-Set-GLib-IO-channels-to-binary-mode.patch
|
||||
Patch2: 1231512-Set-GLib-IO-channels-to-nonblocking.patch
|
||||
BuildRequires: dbus-1-glib-devel
|
||||
BuildRequires: libselinux-devel >= %{libselinux_ver}
|
||||
Requires: libselinux1 >= %{libselinux_ver}
|
||||
@ -41,8 +39,6 @@ Daemon that watches for file creation and then sets the default SELinux file con
|
||||
%prep
|
||||
%setup -q
|
||||
%patch -P0 -p1
|
||||
%patch -P1 -p2
|
||||
%patch -P2 -p2
|
||||
|
||||
%build
|
||||
export CFLAGS="%optflags"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user