rpm/libselinux
SHA256
1
0
Fork 0
forked from pool/libselinux
Code Pull Requests Activity

Accepting request 810878 from home:jsegitz:branches:security:SELinux

Browse Source 
- Added skip_cycles.patch to skip directory cycles and not error
  out

OBS-URL: https://build.opensuse.org/request/show/810878
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=124
This commit is contained in:
Johannes Segitz 2020-06-02 15:31:13 +00:00 committed by Git OBS Bridge
parent 8d14ff5615
commit c400328f5b
4 changed files with 37 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
libselinux-bindings.spec
View File

@ -89,17 +89,10 @@ make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src pywrap V=1
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src rubywrap V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src rubywrap V=1
%install %install
make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" \ make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a -C src install V=1
SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \ make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a -C src install-pywrap V=1
-C src install V=1 make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a -C src install-rubywrap V=1
make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" \ rm -rf %{buildroot}/%{_lib} %{buildroot}%{_libdir}/libselinux.* %{buildroot}%{_libdir}/pkgconfig
SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \
-C src install-pywrap V=1
make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" \
SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \
-C src install-rubywrap V=1
rm -rf %{buildroot}/%{_lib} %{buildroot}%{_libdir}/libselinux.* \
%{buildroot}%{_libdir}/pkgconfig
%files -n python3-selinux %files -n python3-selinux
%{python3_sitearch}/*selinux* %{python3_sitearch}/*selinux*

6
libselinux.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Mar 26 15:43:41 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
- Added skip_cycles.patch to skip directory cycles and not error
out
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <jsegitz@suse.de> Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <jsegitz@suse.de>

27
libselinux.spec
View File

@ -29,6 +29,7 @@ Source1: selinux-ready
Source2: baselibs.conf Source2: baselibs.conf
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype # PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
Patch4: readv-proto.patch Patch4: readv-proto.patch
Patch5: skip_cycles.patch
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: libsepol-devel >= %{libsepol_ver} BuildRequires: libsepol-devel >= %{libsepol_ver}
BuildRequires: pcre-devel BuildRequires: pcre-devel
@ -95,6 +96,7 @@ necessary to develop your own software using libselinux.
%prep %prep
%setup -q %setup -q
%patch4 -p1 %patch4 -p1
%patch5 -p1
%build %build
%define _lto_cflags %{nil} %define _lto_cflags %{nil}
@ -106,21 +108,6 @@ mkdir -p %{buildroot}%{_libdir}
mkdir -p %{buildroot}%{_includedir} mkdir -p %{buildroot}%{_includedir}
mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{_sbindir}
make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" BINDIR="%{_sbindir}" install make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" BINDIR="%{_sbindir}" install
rm -f %{buildroot}%{_sbindir}/compute_*
rm -f %{buildroot}%{_sbindir}/deftype
rm -f %{buildroot}%{_sbindir}/execcon
rm -f %{buildroot}%{_sbindir}/getenforcemode
rm -f %{buildroot}%{_sbindir}/getfilecon
rm -f %{buildroot}%{_sbindir}/getpidcon
rm -f %{buildroot}%{_sbindir}/mkdircon
rm -f %{buildroot}%{_sbindir}/policyvers
rm -f %{buildroot}%{_sbindir}/setfilecon
rm -f %{buildroot}%{_sbindir}/selinuxconfig
rm -f %{buildroot}%{_sbindir}/selinuxdisable
rm -f %{buildroot}%{_sbindir}/getseuser
rm -f %{buildroot}%{_sbindir}/selinux_check_securetty_context
rm -f %{buildroot}%{_sbindir}/selabel_get_digests_all_partial_matches
rm -f %{buildroot}%{_sbindir}/validatetrans
mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon
mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
install -m 0755 %{SOURCE1} %{buildroot}%{_sbindir}/selinux-ready install -m 0755 %{SOURCE1} %{buildroot}%{_sbindir}/selinux-ready
@ -145,10 +132,18 @@ install -m 0755 %{SOURCE1} %{buildroot}%{_sbindir}/selinux-ready
%{_sbindir}/selinuxenabled %{_sbindir}/selinuxenabled
%{_sbindir}/setenforce %{_sbindir}/setenforce
%{_sbindir}/togglesebool %{_sbindir}/togglesebool
#%#{_sbindir}/selinux_restorecon
%{_sbindir}/selinux-ready %{_sbindir}/selinux-ready
%{_sbindir}/selinuxexeccon %{_sbindir}/selinuxexeccon
%{_sbindir}/sefcontext_compile %{_sbindir}/sefcontext_compile
%{_sbindir}/compute_*
%{_sbindir}/getfilecon
%{_sbindir}/getpidcon
%{_sbindir}/policyvers
%{_sbindir}/setfilecon
%{_sbindir}/getseuser
%{_sbindir}/selinux_check_securetty_context
%{_sbindir}/selabel_get_digests_all_partial_matches
%{_sbindir}/validatetrans
%{_mandir}/man5/* %{_mandir}/man5/*
%{_mandir}/ru/man5/* %{_mandir}/ru/man5/*
%{_mandir}/man8/* %{_mandir}/man8/*

16
skip_cycles.patch Normal file
View File

@ -0,0 +1,16 @@
Index: libselinux-3.0/src/selinux_restorecon.c
===================================================================
--- libselinux-3.0.orig/src/selinux_restorecon.c
+++ libselinux-3.0/src/selinux_restorecon.c
@@ -991,9 +991,8 @@ int selinux_restorecon(const char *pathn
selinux_log(SELINUX_ERROR,
"Directory cycle on %s.\n",
ftsent->fts_path);
- errno = ELOOP;
- error = -1;
- goto out;
+ fts_set(fts, ftsent, FTS_SKIP);
+ continue;
case FTS_DP:
continue;
case FTS_DNR: