From 445c9b4a2f0a23963fa85e04a0911cbc71c4d3b7 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 30 Jan 2019 10:25:45 +0100 Subject: [PATCH] SELinux userspace 2.9-rc1 release candidate --- .gitignore | 1 + checkpolicy-fedora.patch | 28 ---------------------------- checkpolicy.spec | 21 ++++++++++++--------- sources | 2 +- 4 files changed, 14 insertions(+), 38 deletions(-) diff --git a/.gitignore b/.gitignore index 7930f40..cc199a1 100644 --- a/.gitignore +++ b/.gitignore @@ -99,3 +99,4 @@ checkpolicy-2.0.22.tgz /checkpolicy-2.8-rc1.tar.gz /checkpolicy-2.8-rc3.tar.gz /checkpolicy-2.8.tar.gz +/checkpolicy-2.9-rc1.tar.gz diff --git a/checkpolicy-fedora.patch b/checkpolicy-fedora.patch index 26040ef..e69de29 100644 --- a/checkpolicy-fedora.patch +++ b/checkpolicy-fedora.patch @@ -1,28 +0,0 @@ -diff --git checkpolicy-2.8/module_compiler.c checkpolicy-2.8/module_compiler.c -index 155702f..ada7cb2 100644 ---- checkpolicy-2.8/module_compiler.c -+++ checkpolicy-2.8/module_compiler.c -@@ -802,6 +802,7 @@ int require_class(int pass) - if ((datum = calloc(1, sizeof(*datum))) == NULL || - symtab_init(&datum->permissions, PERM_SYMTAB_SIZE)) { - yyerror("Out of memory!"); -+ class_datum_destroy(datum); - return -1; - } - ret = -diff --git checkpolicy-2.8/policy_define.c checkpolicy-2.8/policy_define.c -index d8788a6..ece10e7 100644 ---- checkpolicy-2.8/policy_define.c -+++ checkpolicy-2.8/policy_define.c -@@ -1107,6 +1107,11 @@ int define_level(void) - (cat_datum_t *) hashtab_search(policydbp->p_cats. - table, - (hashtab_key_t) id); -+ if (!cdatum) { -+ yyerror2("unknown category %s", id); -+ free(id); -+ return -1; -+ } - range_start = range_end = cdatum->s.value - 1; - } - diff --git a/checkpolicy.spec b/checkpolicy.spec index 6a2cdec..e4f3bea 100644 --- a/checkpolicy.spec +++ b/checkpolicy.spec @@ -1,17 +1,17 @@ -%define libselinuxver 2.8-7 -%define libsepolver 2.8-3 +%define libselinuxver 2.9-0 +%define libsepolver 2.9-0 Summary: SELinux policy compiler Name: checkpolicy -Version: 2.8 -Release: 3%{?dist} +Version: 2.9 +Release: 0.rc1.1%{?dist} License: GPLv2 -Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/checkpolicy-2.8.tar.gz +Source0: https://github.com/SELinuxProject/selinux/releases/download/20190125/checkpolicy-2.9-rc1.tar.gz # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh # run: -# $ VERSION=2.8 ./make-fedora-selinux-patch.sh checkpolicy -# HEAD https://github.com/fedora-selinux/selinux/commit/10767636b5d9b8f3fa3cf3815e860f4ca4fcb247 -Patch1: checkpolicy-fedora.patch +# $ VERSION=2.9-rc1./make-fedora-selinux-patch.sh checkpolicy +# HEAD https://github.com/fedora-selinux/selinux/commit/ +# Patch1: checkpolicy-fedora.patch Conflicts: selinux-policy-base < 3.13.1-138 BuildRequires: gcc BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel >= %{libselinuxver} @@ -31,7 +31,7 @@ This package contains checkpolicy, the SELinux policy compiler. Only required for building policies. %prep -%autosetup -p 1 -n checkpolicy-%{version} +%autosetup -p 1 -n checkpolicy-%{version}-rc1 %build make clean @@ -56,6 +56,9 @@ install test/dispol ${RPM_BUILD_ROOT}%{_bindir}/sedispol %{_bindir}/sedispol %changelog +* Fri Jan 25 2019 Petr Lautrbach - 2.9-0.rc1.1 +- SELinux userspace 2.9-rc1 release + * Mon Jan 21 2019 Petr Lautrbach - 2.8-3 - Check the result value of hashtable_search - Destroy the class datum if it fails to initialize diff --git a/sources b/sources index 6e4d1c6..a2d1f09 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (checkpolicy-2.8.tar.gz) = d1a52dffefcc8f9f879214290f01beb5f4978f1764ab6378ee03a62ef924206b9a6f6a512001ae556034ababcd3a0043d455f5aef66b5629a4f152cd2c9f0b7a +SHA512 (checkpolicy-2.9-rc1.tar.gz) = 1ad53f70219c0b57ad19ee1b242709b8e0721dc45a6f73f61553b602247e8a64a1c3896226bac977a795aa7c0fb83fa214d1ad1d6ccb6dc3bbc4228f33fe89b0