rpms
/
libselinux
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list

This commit is contained in:
Daniel J Walsh 2010-07-27 17:50:51 +00:00
parent 9eca71ac71
commit 159f7d2174
2 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
libselinux-rhat.patch
View File

@ -153,6 +153,44 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.
va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap);
va_end(ap);
diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-2.0.96/src/get_context_list.c
--- nsalibselinux/src/get_context_list.c 2010-05-19 14:45:51.000000000 -0400
+++ libselinux-2.0.96/src/get_context_list.c 2010-07-27 13:09:08.000000000 -0400
@@ -286,7 +286,6 @@
if (buf[plen - 1] == '\n')
buf[plen - 1] = 0;
- retry:
nlen = strlen(user) + 1 + plen + 1;
*newcon = malloc(nlen);
if (!(*newcon))
@@ -306,10 +305,6 @@
if (security_check_context(*newcon) && errno != ENOENT) {
free(*newcon);
*newcon = 0;
- if (strcmp(user, SELINUX_DEFAULTUSER)) {
- user = SELINUX_DEFAULTUSER;
- goto retry;
- }
return -1;
}
@@ -418,13 +413,8 @@
/* Determine the set of reachable contexts for the user. */
rc = security_compute_user(fromcon, user, &reachable);
- if (rc < 0) {
- /* Retry with the default SELinux user identity. */
- user = SELINUX_DEFAULTUSER;
- rc = security_compute_user(fromcon, user, &reachable);
- if (rc < 0)
- goto failsafe;
- }
+ if (rc < 0)
+ goto failsafe;
nreach = 0;
for (ptr = reachable; *ptr; ptr++)
nreach++;
diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.96/src/Makefile
--- nsalibselinux/src/Makefile 2010-05-19 14:45:51.000000000 -0400
+++ libselinux-2.0.96/src/Makefile 2010-06-16 09:20:39.000000000 -0400
@ -211,7 +249,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.9
install-rubywrap: rubywrap
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.96/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c 2010-05-19 14:45:51.000000000 -0400
+++ libselinux-2.0.96/src/matchpathcon.c 2010-06-16 09:20:34.000000000 -0400
+++ libselinux-2.0.96/src/matchpathcon.c 2010-07-26 14:55:18.000000000 -0400
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>

5
libselinux.spec
View File

@ -7,7 +7,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.0.96
Release: 3%{?dist}
Release: 4%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@ -230,6 +230,9 @@ exit 0
%{ruby_sitearch}/selinux.so
%changelog
* Tue Jul 27 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.96-4
- Turn off fallback in to SELINUX_DEFAULTUSER in get_context_list
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 2.0.96-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild