- Fix patch to satisfy upstream

2005-09-29 21:35:43 +00:00 · 2005-09-29 21:35:43 +00:00 · 4dc4d104e7
commit 4dc4d104e7
parent bebb529bd5
2 changed files with 131 additions and 106 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -1,7 +1,15 @@
 diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.27.1/include/selinux/selinux.h
 --- nsalibselinux/include/selinux/selinux.h	2005-09-01 11:17:40.000000000 -0400
-+++ libselinux-1.27.1/include/selinux/selinux.h	2005-09-28 14:37:04.000000000 -0400
-@@ -354,6 +354,25 @@
+++ libselinux-1.27.1/include/selinux/selinux.h	2005-09-29 14:46:48.000000000 -0400
+@@ -323,6 +323,7 @@
+ extern const char *selinux_booleans_path(void);
+ extern const char *selinux_customizable_types_path(void);
+ extern const char *selinux_users_path(void);
+extern const char *selinux_usersconf_path(void);
+ 
+ /* Check a permission in the passwd class.
+    Return 0 if granted or -1 otherwise. */
+@@ -354,6 +355,12 @@
 extern int selinux_raw_to_trans_context(security_context_t raw, 
 					security_context_t *transp);
 
@ -9,60 +17,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h lib
 +/* the following functions are used to retrieve the SELinux user and their 
 +   security level via the  Linux usernames selinux */
 +
-+#define SEUSERFILE "/etc/selinux/seusers.conf"
-+
-+/* Define data structures */
-+typedef struct seuser {
-+	char* username;
-+	char* seusername;
-+	char* level;
-+} seuser_t;
-+
-+/* read /etc/selinux/seusers.conf file an return selinux user info */
-+
-+extern void freeseuser(seuser_t *seuser);
-+
-+extern int getseuserbyname(const char *name, seuser_t **r_seuser);
+extern int getseuserbyname(const char *name, char **seuser, char **level);
 +
 #ifdef __cplusplus
 }
 #endif
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/seuser.h libselinux-1.27.1/include/selinux/seuser.h
--- nsalibselinux/include/selinux/seuser.h	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/include/selinux/seuser.h	2005-09-28 14:32:11.000000000 -0400
-@@ -0,0 +1,32 @@
-+#ifndef _SEUSER_H_
-+#define _SEUSER_H_
-+
-+#include <sys/types.h>
-+#include <stdarg.h>
-+
-+#ifdef __cplusplus
-+extern "C"
-+{
-+#endif
-+
-+#define SEUSERFILE "/etc/selinux/seusers.conf"
-+
-+/* Define data structures */
-+typedef struct seuser {
-+	char* username;
-+	char* seusername;
-+	char* sensitivity;
-+	char* categories;
-+} seuser_t;
-+
-+/* read /etc/selinux/seusers.conf file an return selinux user info */
-+
-+extern void free_seuser(seuser_t *seuser);
-+
-+extern int getseuserbyname(const char *name, seuser_t **r_seuser);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/Makefile libselinux-1.27.1/man/Makefile
 --- nsalibselinux/man/Makefile	2004-10-20 16:31:36.000000000 -0400
 +++ libselinux-1.27.1/man/Makefile	2005-09-28 14:32:16.000000000 -0400
@ -73,10 +32,67 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/Makefile libselinux-1.27.
 +clean:
 +	-rm -f *~ \#*
 +	-rm -f man8/*~ man8/\#*
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-1.27.1/man/man3/getseuserbyname.3
+--- nsalibselinux/man/man3/getseuserbyname.3	1969-12-31 19:00:00.000000000 -0500
+++ libselinux-1.27.1/man/man3/getseuserbyname.3	2005-09-29 15:09:57.000000000 -0400
+@@ -0,0 +1,21 @@
+.TH "getseuserbyname" "3" "29 September 2005" "dwalsh@redhat.com" "SE Linux API documentation"
+.SH "NAME"
+getseuserbyname \- get SELinux user and level via Linux username
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.sp
+.BI "int getseuserbyname(const char *" username ", char **" selinuxuser ", char **" level ");
+.SH "DESCRIPTION"
+.B getseuserbyname
+retrieves the SELinux Username and security level associated with username.
+
+.br
+
+The returned SELinux username and level should be free with free if non-NULL.  
+.SH "RETURN VALUE"
+On success, 0 is returned indicating.
+On failure, \-1 is returned and errno is set appropriately.
+
+The errors documented for the stat(2) system call are also applicable
+here.
+
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.27.1/src/selinux_config.c
+--- nsalibselinux/src/selinux_config.c	2005-03-17 14:56:21.000000000 -0500
+++ libselinux-1.27.1/src/selinux_config.c	2005-09-29 11:28:55.000000000 -0400
+@@ -11,6 +11,7 @@
+ 
+ #define SELINUXDIR "/etc/selinux/"
+ #define SELINUXCONFIG SELINUXDIR "config"
+#define SELINUXUSERS SELINUXDIR "seusers.conf"
+ #define SELINUXDEFAULT "targeted"
+ #define SELINUXTYPETAG "SELINUXTYPE="
+ #define SELINUXTAG "SELINUX="
+@@ -252,5 +253,9 @@
+ const char *selinux_users_path() {
+   return get_path(USERS_DIR);
+ }
+const char *selinux_usersconf_path() {
+  return SELINUXUSERS;
+}
+
+ hidden_def(selinux_users_path)
+ 
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.27.1/src/selinux_internal.h
+--- nsalibselinux/src/selinux_internal.h	2005-08-25 16:18:01.000000000 -0400
+++ libselinux-1.27.1/src/selinux_internal.h	2005-09-29 14:49:43.000000000 -0400
+@@ -49,6 +49,7 @@
+ hidden_proto(selinux_check_passwd_access)
+ hidden_proto(matchpathcon_init)
+ hidden_proto(selinux_users_path)
+hidden_proto(selinux_usersconf_path);
+ 
+ extern int context_translations hidden;
+ extern int hidden trans_to_raw_context(char *trans, char **rawp);
 diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27.1/src/seusers.c
 --- nsalibselinux/src/seusers.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/src/seusers.c	2005-09-28 14:48:28.000000000 -0400
-@@ -0,0 +1,132 @@
+++ libselinux-1.27.1/src/seusers.c	2005-09-29 14:51:47.000000000 -0400
+@@ -0,0 +1,138 @@
 +#include <unistd.h>
 +#include <fcntl.h>
 +#include <stdlib.h>
@ -87,38 +103,24 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +#include <selinux/context.h>
 +#include "selinux_internal.h"
 +
-+void freeseuser(seuser_t *seuser) {
-+	if (!seuser) return;
-+	if (seuser->username)
-+		free(seuser->username);
-+	if (seuser->seusername)
-+		free(seuser->seusername);
-+	if (seuser->level)
-+		free(seuser->level);
-+	free(seuser);
-+	return;
-+}
-+
-+/* Process line from SEUSERSFILE. 
+/* Process line from seusers.conf. 
 +   Remove white space and set name do data before the "=" and sename to data
 +   after it */
-+static int process_seusers(const char *buffer, seuser_t **r_user) {
-+	seuser_t *user=NULL;
+static int process_seusers(const char *buffer, char **r_username, char **r_seuser, char **r_level) {
+	char *username=NULL;
+	char *seuser=NULL;
+	char *level=NULL;
 +	char *ptr;
 +	int rc=-1;
 +	char *tok;
 +	char *newbuf=strdup(buffer);
 +	if (!newbuf) return -1;
 +
-+	user=calloc(1, sizeof(seuser_t));
-+	if (!user) return -1;
-+
 +	tok=strtok_r(newbuf,":",&ptr);
 +	if (!tok) goto err;
 +	if ( tok[0]=='#' ) goto err;
-+	user->username=strdup(tok);
-+	if (!user->username) {
-+		freeseuser(user);
+	username=strdup(tok);
+	if (!username) {
 +		rc=-1; 
 +		goto err;
 +	}
@ -127,9 +129,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +	if (!tok) goto err;
 +	while (isspace(*tok)) tok++;
 +	if(strlen(tok))
-+	   user->seusername=strdup(tok);
-+	if (!user->seusername) {
-+		freeseuser(user);
+	   seuser=strdup(tok);
+	if (!seuser) {
+		free(username);
 +		rc=-1; 
 +		goto err;
 +	}
@ -138,9 +140,10 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +	if (!tok) goto err;
 +	while (isspace(*tok)) tok++;
 +	if(strlen(tok))
-+	   user->level=strdup(tok);
-+	if (!user->level) {
-+		freeseuser(user);
+		level=strdup(tok);
+	if (!level) {
+		free(username);
+		free(seuser);
 +		rc=-1; 
 +		goto err;
 +	}
@ -151,59 +154,78 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +		while (isspace(*tok)) tok++;
 +		len=strlen(tok);
 +		if(len) {
-+			char *ptr=realloc(user->level, strlen(user->level) + len + 2);
+			char *ptr=realloc(level, strlen(level) + len + 2);
 +			if (ptr==NULL) {
-+				freeseuser(user);
+				free(username);
+				free(seuser);
+				free(level);
 +				rc=-1; 
 +				goto err;
 +			}
-+			user->level=ptr;
-+			strcat(user->level,":");
-+			strcat(user->level,tok);
+			level=ptr;
+			strcat(level,":");
+			strcat(level,tok);
 +		}
 +	}
 +
-+	*r_user=user;
+	*r_username=username;
+	*r_seuser=seuser;
+	*r_level=level;
 +	rc=0;
 +err:		
 +	free(newbuf);
 +	return rc;
 +}
 +
-+int getseuserbyname(const char *name, seuser_t **r_seuser) {
+int getseuserbyname(const char *name, char **r_seuser, char **r_level) {
 +	FILE *cfg=NULL;
 +	size_t size=0;
 +	char *buffer=NULL;
 +
-+        static seuser_t *seuser=NULL;
-+        static seuser_t *defaultseuser=NULL;
+	char *username=NULL;
+        char *seuser=NULL;
+        char *level=NULL;
+        char *defaultseuser=NULL;
+        char *defaultlevel=NULL;
 +
-+	cfg = fopen(SEUSERFILE,"r");
+	cfg = fopen(selinux_usersconf_path(),"r");
 +	if (!cfg) return -1;
 +
 +	while (getline(&buffer, &size, cfg) > 0) {
-+		if(process_seusers(buffer, &seuser) == 0) {
-+			if (strcasecmp(seuser->username, name)==0) 
+		if(process_seusers(buffer, &username, &seuser, &level) == 0) {
+			if (strcmp(username, name)==0) 
 +			    break;
 +
-+			if (strcasecmp(seuser->username,"default")==0) {
-+				if (defaultseuser) 	freeseuser(defaultseuser);
+			if (strcmp(username,"default")==0) {
+				free(username);
+				if (defaultseuser) 
+					free(defaultseuser);
+				if (defaultlevel) 
+					free(defaultlevel);
 +				defaultseuser=seuser;
+				defaultlevel=level;
 +			} 
-+			else 
-+				freeseuser(seuser);
+			else {
+				free(username);
+				free(seuser);
+				free(level);
+			}
 +			seuser=NULL;
 +		}
 +	}
 +	if (buffer) free(buffer);
 +	fclose(cfg);
 +	if (seuser) {
-+		freeseuser(defaultseuser);
+		free(username);
+		free(defaultseuser);
+		free(defaultlevel);
 +		*r_seuser=seuser;
+		*r_level=level;
 +		return 0;
 +	}
 +	if (defaultseuser) {
 +		*r_seuser=defaultseuser;
+		*r_level=defaultlevel;
 +		return 0;
 +	}
 +		
@ -211,7 +233,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +}
 diff --exclude-from=exclude -N -u -r nsalibselinux/utils/getseuser.c libselinux-1.27.1/utils/getseuser.c
 --- nsalibselinux/utils/getseuser.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/utils/getseuser.c	2005-09-28 14:49:21.000000000 -0400
+++ libselinux-1.27.1/utils/getseuser.c	2005-09-29 14:46:06.000000000 -0400
@@ -0,0 +1,27 @@
 +#include <unistd.h>
 +#include <stdlib.h>
@ -227,13 +249,13 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/utils/getseuser.c libselinux-
 +	exit(1);
 +}
 +int main(int argc, char **argv) {
-+	seuser_t *seuser;
+	char *seuser;
+	char *level;
 +	if ( argc != 2 ) usage(argv[0]);
-+	if (getseuserbyname(argv[1], &seuser) == 0 ) {
-+		printf("%s\n", seuser->username);
-+		printf("%s\n", seuser->seusername);
-+		printf("%s", seuser->level);
-+		freeseuser(seuser);
+	if (getseuserbyname(argv[1], &seuser, &level) == 0 ) {
+		printf("%s\n", argv[1]);
+		printf("%s\n", seuser);
+		printf("%s", level);
 +		return 0;
 +	} else {
 +		printf("%s not found\n", argv[1]);
--- a/libselinux.spec
+++ b/libselinux.spec
@ -1,7 +1,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.27.1
-Release: 2
+Release: 3
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@ -86,6 +86,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*

 %changelog
+* Thu Sep 29 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-3
+- Fix patch to satisfy upstream
+
 * Wed Sep 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-2
 - Update to latest from NSA
 - Add getseuserbyname