Mailinglist Archive: opensuse-commit (1177 mails)
| < Previous | Next > |
commit libsemanage for openSUSE:Factory
- From: root@xxxxxxxxxxxxxxx (h_root)
- Date: Fri, 16 Jan 2009 01:48:38 +0100
- Message-id: <20090116004839.B39DA6780A8@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package libsemanage for openSUSE:Factory
checked in at Fri Jan 16 01:48:38 CET 2009.
--------
--- libsemanage/libsemanage.changes 2008-10-22 16:21:03.000000000 +0200
+++ /mounts/work_src_done/STABLE/libsemanage/libsemanage.changes
2009-01-14 14:08:33.000000000 +0100
@@ -1,0 +2,18 @@
+Wed Jan 14 14:06:28 CET 2009 - prusnak@xxxxxxx
+
+- updated to 2.0.31
+ * policy module compression (bzip) support from Dan Walsh
+ * hard link files between tmp/active/previous from Dan Walsh
+ * add semanage_mls_enabled() interface from Stephen Smalley
+
+-------------------------------------------------------------------
+Mon Dec 1 11:35:58 CET 2008 - prusnak@xxxxxxx
+
+- updated to 2.0.29
+ * add USER to lines to homedir_template context file
+ * add compression support
+ * allow fcontext and seuser changes without rebuilding the policy
+ * don't rebuild on fcontext or seuser modifications
+ * modify genhomedircon to skip %groupname entries
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
libsemanage-2.0.27-rhat.patch
libsemanage-2.0.27.tar.bz2
New:
----
libsemanage-2.0.31-rhat.patch
libsemanage-2.0.31.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsemanage.spec ++++++
--- /var/tmp/diff_new_pack.w30875/_old 2009-01-16 01:48:22.000000000 +0100
+++ /var/tmp/diff_new_pack.w30875/_new 2009-01-16 01:48:22.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package libsemanage (Version 2.0.27)
+# spec file for package libsemanage (Version 2.0.31)
#
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,8 +24,8 @@
BuildRequires: libsepol-devel >= %{libsepol_ver}
Name: libsemanage
-Version: 2.0.27
-Release: 3
+Version: 2.0.31
+Release: 1
Url: http://www.nsa.gov/selinux/
License: LGPL v2.1 only
Group: System/Libraries
@@ -168,6 +168,18 @@
%{_libdir}/python*/site-packages/*
%changelog
+* Wed Jan 14 2009 prusnak@xxxxxxx
+- updated to 2.0.31
+ * policy module compression (bzip) support from Dan Walsh
+ * hard link files between tmp/active/previous from Dan Walsh
+ * add semanage_mls_enabled() interface from Stephen Smalley
+* Mon Dec 01 2008 prusnak@xxxxxxx
+- updated to 2.0.29
+ * add USER to lines to homedir_template context file
+ * add compression support
+ * allow fcontext and seuser changes without rebuilding the policy
+ * don't rebuild on fcontext or seuser modifications
+ * modify genhomedircon to skip %%groupname entries
* Wed Oct 22 2008 mrueckert@xxxxxxx
- fix debug_packages_requires define
* Tue Sep 23 2008 prusnak@xxxxxxx
++++++ libsemanage-2.0.27-rhat.patch -> libsemanage-2.0.31-rhat.patch ++++++
--- libsemanage/libsemanage-2.0.27-rhat.patch 2008-08-29 20:57:16.000000000
+0200
+++ /mounts/work_src_done/STABLE/libsemanage/libsemanage-2.0.31-rhat.patch
2009-01-14 14:08:30.000000000 +0100
@@ -1,252 +1,25 @@
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c
libsemanage-2.0.27/src/direct_api.c
---- nsalibsemanage/src/direct_api.c 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/direct_api.c 2008-08-26 10:25:38.000000000
-0400
-@@ -489,12 +489,6 @@
- modified |= ifaces->dtable->is_modified(ifaces->dbase);
- modified |= nodes->dtable->is_modified(nodes->dbase);
-
-- /* FIXME: get rid of these, once we support loading the existing policy,
-- * instead of rebuilding it */
-- modified |= seusers_modified;
-- modified |= fcontexts_modified;
-- modified |= users_extra_modified;
--
- /* If there were policy changes, or explicitly requested, rebuild the
policy */
- if (sh->do_rebuild || modified) {
-
-@@ -667,11 +661,33 @@
- retval = semanage_verify_kernel(sh);
- if (retval < 0)
- goto cleanup;
-- }
-+ } else {
-+ retval = sepol_policydb_create(&out);
-+ if (retval < 0)
-+ goto cleanup;
-+
-+ retval = semanage_read_policydb(sh, out);
-+ if (retval < 0)
-+ goto cleanup;
-+
-+ /* dbase_policydb_attach((dbase_policydb_t *)
pusers_base->dbase,out);
-+ dbase_policydb_attach((dbase_policydb_t *) pports->dbase, out);
-+ dbase_policydb_attach((dbase_policydb_t *) pifaces->dbase, out);
-+ dbase_policydb_attach((dbase_policydb_t *) pbools->dbase, out);
-+ dbase_policydb_attach((dbase_policydb_t *) pnodes->dbase, out);
-+ */
-+ if (seusers_modified) {
-+ retval = pseusers->dtable->clear(sh, pseusers->dbase);
-+ if (retval < 0)
-+ goto cleanup;
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c
libsemanage-2.0.30/src/genhomedircon.c
+--- nsalibsemanage/src/genhomedircon.c 2008-08-28 09:34:24.000000000 -0400
++++ libsemanage-2.0.30/src/genhomedircon.c 2009-01-12 10:29:24.000000000
-0500
+@@ -794,6 +792,12 @@
+ * /root */
+ continue;
+ }
++ if (strcmp(pwent->pw_dir, "/root") == 0) {
++ /* don't relabel / genhomdircon checked to see if root
++ * was the user and if so, set his home directory to
++ * /root */
++ continue;
+ }
-
-- /* FIXME: else if !modified, but seusers_modified,
-- * load the existing policy instead of rebuilding */
-+ retval = semanage_base_merge_components(sh);
-+ if (retval < 0)
-+ goto cleanup;
-
-+ /* Seusers */
-+ }
- /* ======= Post-process: Validate non-policydb components ===== */
-
- /* Validate local modifications to file contexts.
-@@ -724,7 +740,8 @@
- sepol_policydb_free(out);
- out = NULL;
-
-- if (sh->do_rebuild || modified) {
-+ if (sh->do_rebuild || modified ||
-+ seusers_modified || fcontexts_modified || users_extra_modified) {
- retval = semanage_install_sandbox(sh);
- }
-
-@@ -733,12 +750,14 @@
- free(mod_filenames[i]);
- }
-
-- /* Detach from policydb, so it can be freed */
-- dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase);
-- dbase_policydb_detach((dbase_policydb_t *) pports->dbase);
-- dbase_policydb_detach((dbase_policydb_t *) pifaces->dbase);
-- dbase_policydb_detach((dbase_policydb_t *) pnodes->dbase);
-- dbase_policydb_detach((dbase_policydb_t *) pbools->dbase);
-+ if (modified) {
-+ /* Detach from policydb, so it can be freed */
-+ dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase);
-+ dbase_policydb_detach((dbase_policydb_t *) pports->dbase);
-+ dbase_policydb_detach((dbase_policydb_t *) pifaces->dbase);
-+ dbase_policydb_detach((dbase_policydb_t *) pnodes->dbase);
-+ dbase_policydb_detach((dbase_policydb_t *) pbools->dbase);
-+ }
-
- free(mod_filenames);
- sepol_policydb_free(out);
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c
libsemanage-2.0.27/src/genhomedircon.c
---- nsalibsemanage/src/genhomedircon.c 2008-08-05 09:57:28.000000000 -0400
-+++ libsemanage-2.0.27/src/genhomedircon.c 2008-08-26 10:30:30.000000000
-0400
-@@ -487,7 +487,6 @@
- const char *role_prefix)
- {
- replacement_pair_t repl[] = {
-- {.search_for = TEMPLATE_SEUSER,.replace_with = seuser},
- {.search_for = TEMPLATE_HOME_DIR,.replace_with = home},
- {.search_for = TEMPLATE_ROLE,.replace_with = role_prefix},
- {NULL, NULL}
-@@ -547,7 +546,6 @@
- replacement_pair_t repl[] = {
- {.search_for = TEMPLATE_USER,.replace_with = user},
- {.search_for = TEMPLATE_ROLE,.replace_with = role_prefix},
-- {.search_for = TEMPLATE_SEUSER,.replace_with = seuser},
- {NULL, NULL}
- };
- Ustr *line = USTR_NULL;
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf
libsemanage-2.0.27/src/semanage.conf
---- nsalibsemanage/src/semanage.conf 2008-06-12 23:25:16.000000000 -0400
-+++ libsemanage-2.0.27/src/semanage.conf 2008-08-14 14:53:32.000000000
-0400
+ if (push_user_entry(&head, name, seuname,
+ prefix, pwent->pw_dir) != STATUS_SUCCESS) {
+ *errors = STATUS_ERR;
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf
libsemanage-2.0.30/src/semanage.conf
+--- nsalibsemanage/src/semanage.conf 2008-08-28 09:34:24.000000000 -0400
++++ libsemanage-2.0.30/src/semanage.conf 2009-01-12 10:29:24.000000000
-0500
@@ -35,4 +35,4 @@
# given in <sepol/policydb.h>. Change this setting if a different
# version is necessary.
#policy-version = 19
-
+expand-check=0
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c
libsemanage-2.0.27/src/semanage_store.c
---- nsalibsemanage/src/semanage_store.c 2008-06-12 23:25:16.000000000
-0400
-+++ libsemanage-2.0.27/src/semanage_store.c 2008-08-14 14:53:32.000000000
-0400
-@@ -1648,6 +1648,47 @@
- }
-
- /**
-+ * Read the policy from the sandbox (kernel)
-+ */
-+int semanage_read_policydb(semanage_handle_t * sh, sepol_policydb_t * in)
-+{
-+
-+ int retval = STATUS_ERR;
-+ const char *kernel_filename = NULL;
-+ struct sepol_policy_file *pf = NULL;
-+ FILE *infile = NULL;
-+
-+ if ((kernel_filename =
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_KERNEL)) == NULL) {
-+ goto cleanup;
-+ }
-+ if ((infile = fopen(kernel_filename, "r")) == NULL) {
-+ ERR(sh, "Could not open kernel policy %s for reading.",
-+ kernel_filename);
-+ goto cleanup;
-+ }
-+ __fsetlocking(infile, FSETLOCKING_BYCALLER);
-+ if (sepol_policy_file_create(&pf)) {
-+ ERR(sh, "Out of memory!");
-+ goto cleanup;
-+ }
-+ sepol_policy_file_set_fp(pf, infile);
-+ sepol_policy_file_set_handle(pf, sh->sepolh);
-+ if (sepol_policydb_read(in, pf) == -1) {
-+ ERR(sh, "Error while reading kernel policy from %s.",
-+ kernel_filename);
-+ goto cleanup;
-+ }
-+ retval = STATUS_SUCCESS;
-+
-+ cleanup:
-+ if (infile != NULL) {
-+ fclose(infile);
-+ }
-+ sepol_policy_file_free(pf);
-+ return retval;
-+}
-+/**
- * Writes the final policy to the sandbox (kernel)
- */
- int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out)
-diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h
libsemanage-2.0.27/src/semanage_store.h
---- nsalibsemanage/src/semanage_store.h 2008-06-12 23:25:16.000000000
-0400
-+++ libsemanage-2.0.27/src/semanage_store.h 2008-08-14 14:53:32.000000000
-0400
-@@ -97,6 +97,9 @@
- sepol_module_package_t * base,
- sepol_policydb_t ** policydb);
-
-+int semanage_read_policydb(semanage_handle_t * sh,
-+ sepol_policydb_t * policydb);
-+
- int semanage_write_policydb(semanage_handle_t * sh,
- sepol_policydb_t * policydb);
-
-diff --exclude-from=exclude -N -u -r nsalibsemanage/tests/test_fcontext.c
libsemanage-2.0.27/tests/test_fcontext.c
---- nsalibsemanage/tests/test_fcontext.c 1969-12-31 19:00:00.000000000
-0500
-+++ libsemanage-2.0.27/tests/test_fcontext.c 2008-08-15 10:59:48.000000000
-0400
-@@ -0,0 +1,72 @@
-+#include <semanage/fcontext_record.h>
-+#include <semanage/semanage.h>
-+#include <semanage/fcontexts_local.h>
-+#include <sepol/sepol.h>
-+
-+#include <errno.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+
-+int main(const int argc, const char **argv) {
-+ semanage_handle_t *sh = NULL;
-+ semanage_fcontext_t *fcontext;
-+ semanage_context_t *con;
-+ semanage_fcontext_key_t *k;
-+
-+ int exist = 0;
-+ sh = semanage_handle_create();
-+ if (sh == NULL) {
-+ perror("Can't create semanage handle\n");
-+ return -1;
-+ }
-+ if (semanage_access_check(sh) < 0) {
-+ perror("Semanage access check failed\n");
-+ return -1;
-+ }
-+ if (semanage_connect(sh) < 0) {
-+ perror("Semanage connect failed\n");
-+ return -1;
-+ }
-+
-+ if (semanage_fcontext_key_create(sh, argv[2], SEMANAGE_FCONTEXT_REG,
&k) < 0) {
-+ fprintf(stderr, "Could not create key for %s", argv[2]);
-+ return -1;
-+ }
-+
-+ if(semanage_fcontext_exists(sh, k, &exist) < 0) {
-+ fprintf(stderr,"Could not check if key exists for %s", argv[2]);
-+ return -1;
-+ }
-+ if (exist) {
-+ fprintf(stderr,"Could create %s mapping already exists",
argv[2]);
-+ return -1;
-+ }
-+
-+ if (semanage_fcontext_create(sh, &fcontext) < 0) {
-+ fprintf(stderr,"Could not create file context for %s", argv[2]);
-+ return -1;
-+ }
-+ semanage_fcontext_set_expr(sh, fcontext, argv[2]);
-+
-+ if (semanage_context_from_string(sh, argv[1], &con)) {
-+ fprintf(stderr,"Could not create context using %s for file
context %s", argv[1], argv[2]);
-+ return -1;
-+ }
-+
-+ if (semanage_fcontext_set_con(sh, fcontext, con) < 0) {
-+ fprintf(stderr,"Could not set file context for %s", argv[2]);
-+ return -1;
-+ }
-+
-+ semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_REG);
-+
-+ if(semanage_fcontext_modify_local(sh, k, fcontext) < 0) {
-+ fprintf(stderr,"Could not add file context for %s", argv[2]);
-+ return -1;
-+ }
-+ semanage_fcontext_key_free(k);
-+ semanage_fcontext_free(fcontext);
-+
-+ return 0;
-+}
-+
++++++ libsemanage-2.0.27.tar.bz2 -> libsemanage-2.0.31.tar.bz2 ++++++
++++ 2228 lines of diff (skipped)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx
| < Previous | Next > |