forked from pool/libselinux
This commit is contained in:
Johannes Segitz
Git OBS Bridge
parent
9e1669780b
commit
b0259f782e
@ -1,24 +0,0 @@
|
||||
Index: src/Makefile
|
||||
===================================================================
|
||||
--- src/Makefile.orig
|
||||
+++ src/Makefile
|
||||
@@ -16,8 +16,8 @@ PYINC ?= $(shell pkg-config --cflags $(P
|
||||
PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
|
||||
RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
|
||||
RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM')
|
||||
-RUBYINC ?= $(shell pkg-config --cflags ruby)
|
||||
-RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
|
||||
+RUBYINC ?= $(shell ruby -r rbconfig -e "print RbConfig::CONFIG['rubyhdrdir'].nil? ? '$(LIBDIR)/ruby/$(RUBYLIBVER)' : RbConfig::CONFIG['rubyhdrdir']")
|
||||
+RUBYINSTALL ?= $(shell ruby -r rbconfig -e "print RbConfig::CONFIG['vendorarchdir'].nil? ? '$(DESTDIR)'+RbConfig::CONFIG['sitearchdir'] : '$(DESTDIR)'+RbConfig::CONFIG['vendorarchdir']")
|
||||
LIBBASE ?= $(shell basename $(LIBDIR))
|
||||
|
||||
VERSION = $(shell cat ../VERSION)
|
||||
@@ -98,7 +98,7 @@ $(SWIGLOBJ): $(SWIGCOUT)
|
||||
$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(PYINC) -fPIC -DSHARED -c -o $@ $<
|
||||
|
||||
$(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
|
||||
- $(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
|
||||
+ $(CC) $(filter-out -Werror, $(CFLAGS)) -I$(RUBYINC) -I$(RUBYINC)/$(RUBYPLATFORM) -fPIC -DSHARED -c -o $@ $<
|
||||
|
||||
$(SWIGSO): $(SWIGLOBJ)
|
||||
$(CC) $(CFLAGS) -shared -o $@ $< -L. -lselinux $(LDFLAGS) -L$(LIBDIR)
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:94c9e97706280bedcc288f784f67f2b9d3d6136c192b2c9f812115edba58514f
|
||||
size 189019
|
||||
3
libselinux-2.6.tar.gz
Normal file
3
libselinux-2.6.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4ea2dde50665c202253ba5caac7738370ea0337c47b251ba981c60d24e1a118a
|
||||
size 203119
|
||||
@ -1,3 +1,32 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 24 09:09:02 UTC 2017 - jsegitz@suse.com
|
||||
|
||||
- Update to version 2.6. Notable changes:
|
||||
* selinux_restorecon: fix realpath logic
|
||||
* sefcontext_compile: invert semantics of "-r" flag
|
||||
* sefcontext_compile: Add "-i" flag
|
||||
* Introduce configurable backends
|
||||
* Add function to find security.restorecon_last entries
|
||||
* Add openrc_contexts functions
|
||||
* Add support for pcre2
|
||||
* Handle NULL pcre study data
|
||||
* Add setfiles support to selinux_restorecon(3)
|
||||
* Evaluate inodes in selinux_restorecon(3)
|
||||
* Change the location of _selinux.so
|
||||
* Explain how to free policy type from selinux_getpolicytype()
|
||||
* Compare absolute pathname in matchpathcon -V
|
||||
* Add selinux_snapperd_contexts_path()
|
||||
* Modify audit2why analyze function to use loaded policy
|
||||
* Avoid mounting /proc outside of selinux_init_load_policy()
|
||||
* Fix location of selinuxfs mount point
|
||||
* Only mount /proc if necessary
|
||||
* procattr: return einval for <= 0 pid args
|
||||
* procattr: return error on invalid pid_t input
|
||||
- Dropped
|
||||
* libselinux-2.2-ruby.patch
|
||||
* libselinux-proc-mount-only-if-needed.patch
|
||||
* python-selinux-swig-3.10.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 5 10:30:57 UTC 2017 - schwab@suse.de
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package libselinux-bindings
|
||||
#
|
||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -16,10 +16,10 @@
|
||||
#
|
||||
|
||||
|
||||
%define libsepol_ver 2.5
|
||||
%define libsepol_ver 2.6
|
||||
|
||||
Name: libselinux-bindings
|
||||
Version: 2.5
|
||||
Version: 2.6
|
||||
Release: 0
|
||||
Summary: SELinux runtime library and simple utilities
|
||||
License: GPL-2.0 and SUSE-Public-Domain
|
||||
@ -27,12 +27,9 @@ Group: Development/Libraries/C and C++
|
||||
Url: https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||
|
||||
# embedded is the MD5
|
||||
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223/libselinux-%{version}.tar.gz
|
||||
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/libselinux-%{version}.tar.gz
|
||||
Source1: selinux-ready
|
||||
Source2: baselibs.conf
|
||||
Patch1: libselinux-2.2-ruby.patch
|
||||
# PATCH-FIX-UPSTREAM swig-3.10 use importlib which not search the directory __init__.py is in but standard path
|
||||
Patch2: python-selinux-swig-3.10.patch
|
||||
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
|
||||
Patch4: readv-proto.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -76,8 +73,6 @@ language.
|
||||
|
||||
%prep
|
||||
%setup -q -n libselinux-%{version}
|
||||
%patch1
|
||||
%patch2 -p1
|
||||
%patch4 -p1
|
||||
|
||||
%build
|
||||
|
||||
@ -1,93 +0,0 @@
|
||||
Index: libselinux-2.5/src/init.c
|
||||
===================================================================
|
||||
--- libselinux-2.5.orig/src/init.c
|
||||
+++ libselinux-2.5/src/init.c
|
||||
@@ -11,7 +11,6 @@
|
||||
#include <sys/vfs.h>
|
||||
#include <stdint.h>
|
||||
#include <limits.h>
|
||||
-#include <sys/mount.h>
|
||||
|
||||
#include "dso.h"
|
||||
#include "policy.h"
|
||||
@@ -57,20 +56,18 @@ static int verify_selinuxmnt(const char
|
||||
|
||||
int selinuxfs_exists(void)
|
||||
{
|
||||
- int exists = 0, mnt_rc = 0;
|
||||
+ int exists = 0;
|
||||
FILE *fp = NULL;
|
||||
char *buf = NULL;
|
||||
size_t len;
|
||||
ssize_t num;
|
||||
|
||||
- mnt_rc = mount("proc", "/proc", "proc", 0, 0);
|
||||
|
||||
fp = fopen("/proc/filesystems", "r");
|
||||
- if (!fp) {
|
||||
- exists = 1; /* Fail as if it exists */
|
||||
- goto out;
|
||||
- }
|
||||
|
||||
+ if (!fp)
|
||||
+ return 1; /* Fail as if it exists */
|
||||
+
|
||||
__fsetlocking(fp, FSETLOCKING_BYCALLER);
|
||||
|
||||
num = getline(&buf, &len, fp);
|
||||
@@ -85,13 +82,6 @@ int selinuxfs_exists(void)
|
||||
free(buf);
|
||||
fclose(fp);
|
||||
|
||||
-out:
|
||||
-#ifndef MNT_DETACH
|
||||
-#define MNT_DETACH 2
|
||||
-#endif
|
||||
- if (mnt_rc == 0)
|
||||
- umount2("/proc", MNT_DETACH);
|
||||
-
|
||||
return exists;
|
||||
}
|
||||
hidden_def(selinuxfs_exists)
|
||||
Index: libselinux-2.5/src/load_policy.c
|
||||
===================================================================
|
||||
--- libselinux-2.5.orig/src/load_policy.c
|
||||
+++ libselinux-2.5/src/load_policy.c
|
||||
@@ -17,6 +17,10 @@
|
||||
#include "policy.h"
|
||||
#include <limits.h>
|
||||
|
||||
+#ifndef MNT_DETACH
|
||||
+#define MNT_DETACH 2
|
||||
+#endif
|
||||
+
|
||||
int security_load_policy(void *data, size_t len)
|
||||
{
|
||||
char path[PATH_MAX];
|
||||
@@ -348,11 +352,6 @@ int selinux_init_load_policy(int *enforc
|
||||
fclose(cfg);
|
||||
free(buf);
|
||||
}
|
||||
-#ifndef MNT_DETACH
|
||||
-#define MNT_DETACH 2
|
||||
-#endif
|
||||
- if (rc == 0)
|
||||
- umount2("/proc", MNT_DETACH);
|
||||
|
||||
/*
|
||||
* Determine the final desired mode.
|
||||
@@ -402,9 +401,13 @@ int selinux_init_load_policy(int *enforc
|
||||
}
|
||||
|
||||
goto noload;
|
||||
+ if (rc == 0)
|
||||
+ umount2("/proc", MNT_DETACH);
|
||||
}
|
||||
set_selinuxmnt(mntpoint);
|
||||
-
|
||||
+
|
||||
+ if (rc == 0)
|
||||
+ umount2("/proc", MNT_DETACH);
|
||||
/*
|
||||
* Note: The following code depends on having selinuxfs
|
||||
* already mounted and selinuxmnt set above.
|
||||
@ -1,3 +1,32 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 24 09:09:02 UTC 2017 - jsegitz@suse.com
|
||||
|
||||
- Update to version 2.6. Notable changes:
|
||||
* selinux_restorecon: fix realpath logic
|
||||
* sefcontext_compile: invert semantics of "-r" flag
|
||||
* sefcontext_compile: Add "-i" flag
|
||||
* Introduce configurable backends
|
||||
* Add function to find security.restorecon_last entries
|
||||
* Add openrc_contexts functions
|
||||
* Add support for pcre2
|
||||
* Handle NULL pcre study data
|
||||
* Add setfiles support to selinux_restorecon(3)
|
||||
* Evaluate inodes in selinux_restorecon(3)
|
||||
* Change the location of _selinux.so
|
||||
* Explain how to free policy type from selinux_getpolicytype()
|
||||
* Compare absolute pathname in matchpathcon -V
|
||||
* Add selinux_snapperd_contexts_path()
|
||||
* Modify audit2why analyze function to use loaded policy
|
||||
* Avoid mounting /proc outside of selinux_init_load_policy()
|
||||
* Fix location of selinuxfs mount point
|
||||
* Only mount /proc if necessary
|
||||
* procattr: return einval for <= 0 pid args
|
||||
* procattr: return error on invalid pid_t input
|
||||
- Dropped
|
||||
* libselinux-2.2-ruby.patch
|
||||
* libselinux-proc-mount-only-if-needed.patch
|
||||
* python-selinux-swig-3.10.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 5 10:30:57 UTC 2017 - schwab@suse.de
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package libselinux
|
||||
#
|
||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -16,24 +16,19 @@
|
||||
#
|
||||
|
||||
|
||||
%define libsepol_ver 2.5
|
||||
%define libsepol_ver 2.6
|
||||
|
||||
Name: libselinux
|
||||
Version: 2.5
|
||||
Version: 2.6
|
||||
Release: 0
|
||||
Summary: SELinux runtime library and utilities
|
||||
License: GPL-2.0 and SUSE-Public-Domain
|
||||
Group: Development/Libraries/C and C++
|
||||
Url: https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||
|
||||
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223/%{name}-%{version}.tar.gz
|
||||
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/%{name}-%{version}.tar.gz
|
||||
Source1: selinux-ready
|
||||
Source2: baselibs.conf
|
||||
Patch1: %{name}-2.2-ruby.patch
|
||||
# PATCH-FIX-UPSTREAM swig-3.10 use importlib which not search the directory __init__.py is in but standard path
|
||||
Patch2: python-selinux-swig-3.10.patch
|
||||
# PATCH-FIX-UPSTREAM Avoid mounting /proc outside of selinux_init_load_policy().
|
||||
Patch3: libselinux-proc-mount-only-if-needed.patch
|
||||
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
|
||||
Patch4: readv-proto.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -102,9 +97,6 @@ necessary to develop your own software using libselinux.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
%build
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
Index: b/src/Makefile
|
||||
===================================================================
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -155,7 +155,7 @@ install: all
|
||||
|
||||
install-pywrap: pywrap
|
||||
test -d $(PYLIBDIR)/site-packages/selinux || install -m 755 -d $(PYLIBDIR)/site-packages/selinux
|
||||
- install -m 755 $(SWIGSO) $(PYLIBDIR)/site-packages/selinux/_selinux.so
|
||||
+ install -m 755 $(SWIGSO) $(PYLIBDIR)/site-packages/_selinux.so
|
||||
install -m 755 $(AUDIT2WHYSO) $(PYLIBDIR)/site-packages/selinux/audit2why.so
|
||||
install -m 644 $(SWIGPYOUT) $(PYLIBDIR)/site-packages/selinux/__init__.py
|
||||
|
||||
Loading…
Reference in New Issue
Block a user