- Patch to work with current libsepol, libselinux Added: setools-tclass.patch OBS-URL: https://build.opensuse.org/request/show/416659 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/setools?expand=0&rev=52
115 lines
4.7 KiB
Diff
115 lines
4.7 KiB
Diff
From f1e5b208d507171968ca4d2eeefd7980f1004a3c Mon Sep 17 00:00:00 2001
|
|
From: Chris PeBenito <cpebenito@tresys.com>
|
|
Date: Thu, 12 Feb 2015 08:55:12 -0500
|
|
Subject: [PATCH] Update for 2015-02-02 Userspace release (2.4)
|
|
|
|
SETools now requires libsepol 2.4 and libselinux 2.4.
|
|
---
|
|
configure.ac | 6 +++---
|
|
libqpol/src/policy_define.c | 4 ++--
|
|
libqpol/src/policy_extend.c | 4 ++--
|
|
libqpol/src/syn_rule_query.c | 6 +++---
|
|
secmds/replcon.cc | 2 +-
|
|
5 files changed, 11 insertions(+), 11 deletions(-)
|
|
|
|
Index: setools3-setools-3.3.8/configure.ac
|
|
===================================================================
|
|
--- setools3-setools-3.3.8.orig/configure.ac 2016-07-18 12:40:35.914965056 +0200
|
|
+++ setools3-setools-3.3.8/configure.ac 2016-07-18 12:40:35.930965312 +0200
|
|
@@ -25,9 +25,9 @@ libseaudit_version=4.5
|
|
setoolsdir='${prefix}/share/setools-3.3'
|
|
javadir='${prefix}/share/java'
|
|
|
|
-version_min_sepol_major=1
|
|
-version_min_sepol_minor=12
|
|
-version_min_sepol_patch=27
|
|
+version_min_sepol_major=2
|
|
+version_min_sepol_minor=4
|
|
+version_min_sepol_patch=0
|
|
|
|
dnl *** end of tunable values ***
|
|
|
|
Index: setools3-setools-3.3.8/libqpol/src/policy_define.c
|
|
===================================================================
|
|
--- setools3-setools-3.3.8.orig/libqpol/src/policy_define.c 2016-07-18 12:40:35.878964480 +0200
|
|
+++ setools3-setools-3.3.8/libqpol/src/policy_define.c 2016-07-18 12:40:35.930965312 +0200
|
|
@@ -1449,7 +1449,7 @@ int define_compute_type_helper(int which
|
|
return -1;
|
|
}
|
|
class_perm_node_init(perm);
|
|
- perm->class = i + 1;
|
|
+ perm->tclass = i + 1;
|
|
perm->data = datum->s.value;
|
|
perm->next = avrule->perms;
|
|
avrule->perms = perm;
|
|
@@ -1700,7 +1700,7 @@ int define_te_avtab_helper(int which, av
|
|
goto out;
|
|
}
|
|
class_perm_node_init(cur_perms);
|
|
- cur_perms->class = i + 1;
|
|
+ cur_perms->tclass = i + 1;
|
|
if (!perms)
|
|
perms = cur_perms;
|
|
if (tail)
|
|
Index: setools3-setools-3.3.8/libqpol/src/policy_extend.c
|
|
===================================================================
|
|
--- setools3-setools-3.3.8.orig/libqpol/src/policy_extend.c 2013-01-16 17:36:04.000000000 +0100
|
|
+++ setools3-setools-3.3.8/libqpol/src/policy_extend.c 2016-07-18 12:40:35.930965312 +0200
|
|
@@ -843,7 +843,7 @@ static int qpol_syn_rule_table_insert_se
|
|
for (class_node = rule->perms; class_node; class_node = class_node->next) {
|
|
key.rule_type = rule->specified;
|
|
key.source_val = key.target_val = i + 1;
|
|
- key.class_val = class_node->class;
|
|
+ key.class_val = class_node->tclass;
|
|
key.cond = cond;
|
|
if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
|
|
goto err;
|
|
@@ -856,7 +856,7 @@ static int qpol_syn_rule_table_insert_se
|
|
key.rule_type = rule->specified;
|
|
key.source_val = i + 1;
|
|
key.target_val = j + 1;
|
|
- key.class_val = class_node->class;
|
|
+ key.class_val = class_node->tclass;
|
|
key.cond = cond;
|
|
if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
|
|
goto err;
|
|
Index: setools3-setools-3.3.8/libqpol/src/syn_rule_query.c
|
|
===================================================================
|
|
--- setools3-setools-3.3.8.orig/libqpol/src/syn_rule_query.c 2013-01-16 17:36:04.000000000 +0100
|
|
+++ setools3-setools-3.3.8/libqpol/src/syn_rule_query.c 2016-07-18 12:40:35.930965312 +0200
|
|
@@ -67,7 +67,7 @@ static void *syn_rule_class_state_get_cu
|
|
return NULL;
|
|
}
|
|
|
|
- return db->class_val_to_struct[srcs->cur->class - 1];
|
|
+ return db->class_val_to_struct[srcs->cur->tclass - 1];
|
|
}
|
|
|
|
static int syn_rule_class_state_next(qpol_iterator_t * iter)
|
|
@@ -465,10 +465,10 @@ int qpol_syn_avrule_get_perm_iter(const
|
|
}
|
|
|
|
for (node = internal_rule->perms; node; node = node->next) {
|
|
- for (i = 0; i < db->class_val_to_struct[node->class - 1]->permissions.nprim; i++) {
|
|
+ for (i = 0; i < db->class_val_to_struct[node->tclass - 1]->permissions.nprim; i++) {
|
|
if (!(node->data & (1 << i)))
|
|
continue;
|
|
- tmp = sepol_av_to_string(db, node->class, (sepol_access_vector_t) (1 << i));
|
|
+ tmp = sepol_av_to_string(db, node->tclass, (sepol_access_vector_t) (1 << i));
|
|
if (tmp) {
|
|
tmp++; /* remove prepended space */
|
|
for (cur = 0; cur < perm_list_sz; cur++)
|
|
Index: setools3-setools-3.3.8/secmds/replcon.cc
|
|
===================================================================
|
|
--- setools3-setools-3.3.8.orig/secmds/replcon.cc 2013-01-16 17:36:04.000000000 +0100
|
|
+++ setools3-setools-3.3.8/secmds/replcon.cc 2016-07-18 12:40:35.930965312 +0200
|
|
@@ -60,7 +60,7 @@ static struct option const longopts[] =
|
|
{NULL, 0, NULL, 0}
|
|
};
|
|
|
|
-extern int lsetfilecon_raw(const char *, security_context_t) __attribute__ ((weak));
|
|
+extern int lsetfilecon_raw(const char *, const char *) __attribute__ ((weak));
|
|
|
|
/**
|
|
* As that setools must work with older libselinux versions that may
|