Hello community, here is the log from the commit of package libsepol for openSUSE:Factory checked in at Mon Jun 29 14:15:05 CEST 2009. -------- --- libsepol/libsepol.changes 2008-12-01 11:38:39.000000000 +0100 +++ libsepol/libsepol.changes 2009-06-19 13:26:58.000000000 +0200 @@ -1,0 +2,13 @@ +Fri Jun 19 13:26:45 CEST 2009 - prusnak@suse.cz + +- put static library in libsepol-devel-static + +------------------------------------------------------------------- +Wed May 27 13:56:59 CEST 2009 - prusnak@suse.cz + +- updated to 2.0.36 + * fix alias field in module format, caused by boundary format + change from Caleb Case + * fix boolean state smashing from Joshua Brindle + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- libsepol-2.0.34.tar.bz2 New: ---- libsepol-2.0.36.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsepol.spec ++++++ --- /var/tmp/diff_new_pack.kG2853/_old 2009-06-29 14:13:06.000000000 +0200 +++ /var/tmp/diff_new_pack.kG2853/_new 2009-06-29 14:13:06.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package libsepol (Version 2.0.34) +# spec file for package libsepol (Version 2.0.36) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,8 +19,8 @@ Name: libsepol -Version: 2.0.34 -Release: 2 +Version: 2.0.36 +Release: 1 Url: http://www.nsa.gov/selinux/ License: LGPL v2.1 or later Group: System/Libraries @@ -79,12 +79,25 @@ Requires: libsepol1 = %{version} %description devel -The libsepol-devel package contains the static libraries and header +The libsepol-devel package contains the libraries and header files needed for developing applications that manipulate binary policies. +%package devel-static +License: LGPL v2.1 or later +Summary: Development Include Files and Libraries for SELinux policy manipulation +Group: Development/Libraries/C and C++ +Requires: libsepol-devel = %{version} + +%description devel-static +The libsepol-devel-static package contains the static libraries +needed for developing applications that manipulate binary +policies. + + + %prep %setup -q @@ -117,26 +130,14 @@ %files devel %defattr(-,root,root) %{_libdir}/libsepol.so -%{_libdir}/libsepol.a %{_mandir}/man3/* %dir %{_includedir}/sepol %{_includedir}/sepol/*.h %dir %{_includedir}/sepol/policydb %{_includedir}/sepol/policydb/*.h +%files devel-static +%defattr(-,root,root) +%{_libdir}/libsepol.a + %changelog -* Mon Dec 01 2008 prusnak@suse.cz -- updated to 2.0.34 - * add bounds support - * fix invalid aliases bug -* Wed Oct 22 2008 mrueckert@suse.de -- fix debug_packages_requires define -* Tue Sep 23 2008 prusnak@suse.cz -- require only version, not release [bnc#429053] -* Fri Aug 22 2008 prusnak@suse.cz -- added baselibs.conf file -* Fri Aug 01 2008 ro@suse.de -- fix requires for debuginfo package -* Tue Jul 15 2008 prusnak@suse.cz -- initial version 2.0.32 - * based on Fedora package by Dan Walsh <dwalsh@redhat.com> ++++++ libsepol-2.0.34.tar.bz2 -> libsepol-2.0.36.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/ChangeLog new/libsepol-2.0.36/ChangeLog --- old/libsepol-2.0.34/ChangeLog 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/ChangeLog 2009-03-25 21:15:27.000000000 +0100 @@ -1,3 +1,10 @@ +2.0.36 2009-03-25 + * Fix boolean state smashing from Joshua Brindle. + +2.0.35 2009-02-19 + * Fix alias field in module format, caused by boundary format change + from Caleb Case. + 2.0.34 2008-10-09 * Add bounds support from KaiGai Kohei. * Fix invalid aliases bug from Joshua Brindle. diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/include/sepol/policydb/policydb.h new/libsepol-2.0.36/include/sepol/policydb/policydb.h --- old/libsepol-2.0.34/include/sepol/policydb/policydb.h 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/include/sepol/policydb/policydb.h 2009-03-25 21:15:27.000000000 +0100 @@ -614,17 +614,18 @@ #define POLICYDB_VERSION_MAX POLICYDB_VERSION_BOUNDARY /* Module versions and specific changes*/ -#define MOD_POLICYDB_VERSION_BASE 4 -#define MOD_POLICYDB_VERSION_VALIDATETRANS 5 -#define MOD_POLICYDB_VERSION_MLS 5 -#define MOD_POLICYDB_VERSION_RANGETRANS 6 -#define MOD_POLICYDB_VERSION_MLS_USERS 6 -#define MOD_POLICYDB_VERSION_POLCAP 7 -#define MOD_POLICYDB_VERSION_PERMISSIVE 8 -#define MOD_POLICYDB_VERSION_BOUNDARY 9 +#define MOD_POLICYDB_VERSION_BASE 4 +#define MOD_POLICYDB_VERSION_VALIDATETRANS 5 +#define MOD_POLICYDB_VERSION_MLS 5 +#define MOD_POLICYDB_VERSION_RANGETRANS 6 +#define MOD_POLICYDB_VERSION_MLS_USERS 6 +#define MOD_POLICYDB_VERSION_POLCAP 7 +#define MOD_POLICYDB_VERSION_PERMISSIVE 8 +#define MOD_POLICYDB_VERSION_BOUNDARY 9 +#define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE -#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_BOUNDARY +#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_BOUNDARY_ALIAS #define POLICYDB_CONFIG_MLS 1 diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/link.c new/libsepol-2.0.36/src/link.c --- old/libsepol-2.0.34/src/link.c 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/src/link.c 2009-03-25 21:15:27.000000000 +0100 @@ -540,6 +540,7 @@ char *id = key, *new_id = NULL; cond_bool_datum_t *booldatum, *base_bool, *new_bool = NULL; link_state_t *state = (link_state_t *) data; + scope_datum_t *scope; booldatum = (cond_bool_datum_t *) datum; @@ -556,7 +557,6 @@ (cond_bool_datum_t *) malloc(sizeof(*new_bool))) == NULL) { goto cleanup; } - new_bool->state = booldatum->state; new_bool->s.value = state->base->p_bools.nprim + 1; ret = hashtab_insert(state->base->p_bools.table, @@ -570,6 +570,14 @@ } + /* Get the scope info for this boolean to see if this is the declaration, + * if so set the state */ + scope = hashtab_search(state->cur->policy->p_bools_scope.table, id); + if (!scope) + return SEPOL_ERR; + if (scope->scope == SCOPE_DECL) + base_bool->state = booldatum->state; + state->cur->map[SYM_BOOLS][booldatum->s.value - 1] = base_bool->s.value; return 0; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/policydb.c new/libsepol-2.0.36/src/policydb.c --- old/libsepol-2.0.34/src/policydb.c 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/src/policydb.c 2009-03-25 21:15:27.000000000 +0100 @@ -153,6 +153,12 @@ .ocon_num = OCON_NODE6 + 1, }, { + .type = POLICY_BASE, + .version = MOD_POLICYDB_VERSION_BOUNDARY_ALIAS, + .sym_num = SYM_NUM, + .ocon_num = OCON_NODE6 + 1, + }, + { .type = POLICY_MOD, .version = MOD_POLICYDB_VERSION_BASE, .sym_num = SYM_NUM, @@ -188,6 +194,12 @@ .sym_num = SYM_NUM, .ocon_num = 0 }, + { + .type = POLICY_MOD, + .version = MOD_POLICYDB_VERSION_BOUNDARY_ALIAS, + .sym_num = SYM_NUM, + .ocon_num = 0 + }, }; #if 0 @@ -1942,13 +1954,19 @@ uint32_t buf[5]; size_t len; int rc, to_read; + int pos = 0; typdatum = calloc(1, sizeof(type_datum_t)); if (!typdatum) return -1; - if (policydb_has_boundary_feature(p)) - to_read = 4; + if (policydb_has_boundary_feature(p)) { + if (p->policy_type != POLICY_KERN + && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) + to_read = 5; + else + to_read = 4; + } else if (p->policy_type == POLICY_KERN) to_read = 3; else if (p->policyvers >= MOD_POLICYDB_VERSION_PERMISSIVE) @@ -1960,13 +1978,23 @@ if (rc < 0) goto bad; - len = le32_to_cpu(buf[0]); - typdatum->s.value = le32_to_cpu(buf[1]); + len = le32_to_cpu(buf[pos]); + typdatum->s.value = le32_to_cpu(buf[++pos]); if (policydb_has_boundary_feature(p)) { - uint32_t properties = le32_to_cpu(buf[2]); + uint32_t properties; + + if (p->policy_type != POLICY_KERN + && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) { + typdatum->primary = le32_to_cpu(buf[++pos]); + properties = le32_to_cpu(buf[++pos]); + } + else { + properties = le32_to_cpu(buf[++pos]); + + if (properties & TYPEDATUM_PROPERTY_PRIMARY) + typdatum->primary = 1; + } - if (properties & TYPEDATUM_PROPERTY_PRIMARY) - typdatum->primary = 1; if (properties & TYPEDATUM_PROPERTY_ATTRIBUTE) typdatum->flavor = TYPE_ATTRIB; if (properties & TYPEDATUM_PROPERTY_ALIAS @@ -1976,13 +2004,13 @@ && p->policy_type != POLICY_KERN) typdatum->flags |= TYPE_FLAGS_PERMISSIVE; - typdatum->bounds = le32_to_cpu(buf[3]); + typdatum->bounds = le32_to_cpu(buf[++pos]); } else { - typdatum->primary = le32_to_cpu(buf[2]); + typdatum->primary = le32_to_cpu(buf[++pos]); if (p->policy_type != POLICY_KERN) { - typdatum->flavor = le32_to_cpu(buf[3]); + typdatum->flavor = le32_to_cpu(buf[++pos]); if (p->policyvers >= MOD_POLICYDB_VERSION_PERMISSIVE) - typdatum->flags = le32_to_cpu(buf[4]); + typdatum->flags = le32_to_cpu(buf[++pos]); } } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/write.c new/libsepol-2.0.36/src/write.c --- old/libsepol-2.0.34/src/write.c 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/src/write.c 2009-03-25 21:15:27.000000000 +0100 @@ -970,6 +970,11 @@ if (policydb_has_boundary_feature(p)) { uint32_t properties = 0; + if (p->policy_type != POLICY_KERN + && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) { + buf[items++] = cpu_to_le32(typdatum->primary); + } + if (typdatum->primary) properties |= TYPEDATUM_PROPERTY_PRIMARY; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/VERSION new/libsepol-2.0.36/VERSION --- old/libsepol-2.0.34/VERSION 2008-10-14 19:57:54.000000000 +0200 +++ new/libsepol-2.0.36/VERSION 2009-03-25 21:15:27.000000000 +0100 @@ -1 +1 @@ -2.0.34 +2.0.36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org