From ad1a6889cc732d58c936868f76f514e16074986e Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 24 Jan 2007 17:20:19 +0000 Subject: [PATCH] - Add context function to python to split context into 4 parts --- libselinux-rhat.patch | 713 ++++++++++-------------------------------- libselinux.spec | 7 +- 2 files changed, 165 insertions(+), 555 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 9356221..92046a5 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,555 +1,160 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 libselinux-1.33.4/man/man3/avc_add_callback.3 ---- nsalibselinux/man/man3/avc_add_callback.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/avc_add_callback.3 2007-01-15 16:21:55.000000000 -0500 -@@ -3,7 +3,7 @@ - .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004 - .TH "avc_add_callback" "3" "9 June 2004" "" "SE Linux API documentation" - .SH "NAME" --avc_add_callback \- additional event notification for userspace object managers. -+avc_add_callback \- additional event notification for SELinux userspace object managers. - .SH "SYNOPSIS" - .B #include - .br -@@ -181,3 +181,4 @@ - .BR avc_context_to_sid (3), - .BR avc_cache_stats (3), - .BR security_compute_av (3) -+.BR selinux (8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 libselinux-1.33.4/man/man3/avc_cache_stats.3 ---- nsalibselinux/man/man3/avc_cache_stats.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/avc_cache_stats.3 2007-01-15 16:21:55.000000000 -0500 -@@ -3,7 +3,7 @@ - .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004 - .TH "avc_cache_stats" "3" "27 May 2004" "" "SE Linux API documentation" - .SH "NAME" --avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace AVC statistics. -+avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace SELinux AVC statistics. - .SH "SYNOPSIS" - .B #include - .br -@@ -96,3 +96,4 @@ - .BR avc_has_perm (3), - .BR avc_context_to_sid (3), - .BR avc_add_callback (3) -+.BR selinux (8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 libselinux-1.33.4/man/man3/avc_context_to_sid.3 ---- nsalibselinux/man/man3/avc_context_to_sid.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/avc_context_to_sid.3 2007-01-15 16:21:55.000000000 -0500 -@@ -3,7 +3,7 @@ - .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004 - .TH "avc_context_to_sid" "3" "27 May 2004" "" "SE Linux API documentation" - .SH "NAME" --avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate security ID's. -+avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate SELinux security ID's. - .SH "SYNOPSIS" - .B #include - .br -@@ -88,3 +88,4 @@ - .BR avc_add_callback (3), - .BR getcon (3), - .BR freecon (3) -+.BR selinux (8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libselinux-1.33.4/man/man3/avc_has_perm.3 ---- nsalibselinux/man/man3/avc_has_perm.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/avc_has_perm.3 2007-01-15 16:21:55.000000000 -0500 -@@ -152,3 +152,4 @@ - .BR avc_cache_stats (3), - .BR avc_add_callback (3), - .BR security_compute_av (3) -+.BR selinux(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinux-1.33.4/man/man3/avc_init.3 ---- nsalibselinux/man/man3/avc_init.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/avc_init.3 2007-01-15 16:21:55.000000000 -0500 -@@ -3,7 +3,7 @@ - .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004 - .TH "avc_init" "3" "27 May 2004" "" "SE Linux API documentation" - .SH "NAME" --avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace AVC setup and teardown. -+avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and teardown. - .SH "SYNOPSIS" - .B #include - .br -@@ -209,3 +209,5 @@ - .BR avc_cache_stats (3), - .BR avc_add_callback (3), - .BR security_compute_av (3) -+.BR selinux (8) -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libselinux-1.33.4/man/man3/context_new.3 ---- nsalibselinux/man/man3/context_new.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/context_new.3 2007-01-15 16:21:55.000000000 -0500 -@@ -56,3 +56,6 @@ - On success, zero is returned. On failure, -1 is returned and errno is - set appropriately. +Binary files nsalibselinux/src/selinux.pyc and libselinux-1.34.0/src/selinux.pyc differ +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-1.34.0/src/selinuxswig.i +--- nsalibselinux/src/selinuxswig.i 2006-11-16 17:15:25.000000000 -0500 ++++ libselinux-1.34.0/src/selinuxswig.i 2007-01-24 12:16:39.000000000 -0500 +@@ -25,7 +25,7 @@ + %apply int *OUTPUT { int * }; + %apply int *OUTPUT { size_t * }; -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-1.33.4/man/man3/freecon.3 ---- nsalibselinux/man/man3/freecon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/freecon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "freecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --freecon, freeconary \- free memory associated with SE Linux security contexts. -+freecon, freeconary \- free memory associated with SELinux security contexts. - .SH "SYNOPSIS" - .B #include - .sp -@@ -14,3 +14,7 @@ - - .B freeconary - frees the memory allocated for a context array. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux-1.33.4/man/man3/getcon.3 ---- nsalibselinux/man/man3/getcon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/getcon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "getcon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --getcon, getprevcon, getpidcon \- get SE Linux security context of a process. -+getcon, getprevcon, getpidcon \- get SELinux security context of a process. - .br - getpeercon - get security context of a peer socket. - .br -@@ -59,4 +59,4 @@ - On error -1 is returned. On success 0 is returned. - - .SH "SEE ALSO" --.BR freecon "(3), " setexeccon "(3)" -+.BR selinux "(8), " freecon "(3), " setexeccon "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libselinux-1.33.4/man/man3/getexeccon.3 ---- nsalibselinux/man/man3/getexeccon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/getexeccon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "getexeccon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --getexeccon, setexeccon \- get or set the SE Linux security context used for executing a new process. -+getexeccon, setexeccon \- get or set the SELinux security context used for executing a new process. - .br - rpm_execcon \- run a helper for rpm in an appropriate security context - -@@ -55,6 +55,6 @@ - rpm_execcon only returns upon errors, as it calls execve(2). - - .SH "SEE ALSO" --.BR freecon "(3), " getcon "(3)" -+.BR selinux "(8), " freecon "(3), " getcon "(3)" - - -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libselinux-1.33.4/man/man3/getfilecon.3 ---- nsalibselinux/man/man3/getfilecon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/getfilecon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "getfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --getfilecon, fgetfilecon, lgetfilecon \- get SE Linux security context of a file -+getfilecon, fgetfilecon, lgetfilecon \- get SELinux security context of a file - .SH "SYNOPSIS" - .B #include - .sp -@@ -40,4 +40,4 @@ - here. - - .SH "SEE ALSO" --.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)" -+.BR selinux "(8), " freecon "(3), " setfilecon "(3), " setfscreatecon "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 libselinux-1.33.4/man/man3/getfscreatecon.3 ---- nsalibselinux/man/man3/getfscreatecon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/getfscreatecon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "getfscreatecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --getfscreatecon, setfscreatecon \- get or set the SE Linux security context used for creating a new file system object. -+getfscreatecon, setfscreatecon \- get or set the SELinux security context used for creating a new file system object. - - .SH "SYNOPSIS" - .B #include -@@ -35,4 +35,4 @@ - On success 0 is returned. - - .SH "SEE ALSO" --.BR freecon "(3), " getcon "(3), " getexeccon "(3)" -+.BR selinux "(8), " freecon "(3), " getcon "(3), " getexeccon "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-1.33.4/man/man3/get_ordered_context_list.3 ---- nsalibselinux/man/man3/get_ordered_context_list.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/get_ordered_context_list.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux" - .SH "NAME" --get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions -+get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine SELinux context(s) for user sessions - - .SH "SYNOPSIS" - .B #include -@@ -77,4 +77,4 @@ - The other functions return 0 for success or -1 for errors. - - .SH "SEE ALSO" --.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)" -+.BR selinux "(8), " freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-1.33.4/man/man3/getseuserbyname.3 ---- nsalibselinux/man/man3/getseuserbyname.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/getseuserbyname.3 2007-01-15 16:21:55.000000000 -0500 -@@ -23,3 +23,6 @@ - The errors documented for the stat(2) system call are also applicable - here. - -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-1.33.4/man/man3/is_context_customizable.3 ---- nsalibselinux/man/man3/is_context_customizable.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/is_context_customizable.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "is_context_customizable" "3" "10 January 2005" "dwalsh@redhat.com" "SELinux API documentation" - .SH "NAME" --is_context_customizable \- check whether context type is customizable by the administrator. -+is_context_customizable \- check whether SELinux context type is customizable by the administrator. - .SH "SYNOPSIS" - .B #include - .sp -@@ -20,3 +20,6 @@ - .SH "FILE" - /etc/selinux/SELINUXTYPE/context/customizable_types - -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_selinux_enabled.3 libselinux-1.33.4/man/man3/is_selinux_enabled.3 ---- nsalibselinux/man/man3/is_selinux_enabled.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/is_selinux_enabled.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "is_selinux_enabled" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --is_selinux_enabled \- check whether SE Linux is enabled -+is_selinux_enabled \- check whether SELinux is enabled - .SH "SYNOPSIS" - .B #include - .sp -@@ -9,3 +9,7 @@ - .SH "DESCRIPTION" - .B is_selinux_enabled - returns 1 if SE Linux is running or 0 if it is not. May change soon. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libselinux-1.33.4/man/man3/matchmediacon.3 ---- nsalibselinux/man/man3/matchmediacon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/matchmediacon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "matchmediacon" "3" "15 November 2004" "dwalsh@redhat.com" "SE Linux API documentation" - .SH "NAME" --matchmediacon \- get the default security context for the specified mediatype from the policy. -+matchmediacon \- get the default SELinux security context for the specified mediatype from the policy. - - .SH "SYNOPSIS" - .B #include -@@ -23,4 +23,4 @@ - /etc/selinux/POLICYTYPE/contexts/files/media - - .SH "SEE ALSO" --.BR freecon "(3) -+.BR selinux "(8), " freecon "(3) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libselinux-1.33.4/man/man3/matchpathcon.3 ---- nsalibselinux/man/man3/matchpathcon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/matchpathcon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "matchpathcon" "3" "16 March 2005" "sds@tycho.nsa.gov" "SE Linux API documentation" - .SH "NAME" --matchpathcon \- get the default security context for the specified path from the file contexts configuration. -+matchpathcon \- get the default SELinux security context for the specified path from the file contexts configuration. - - .SH "SYNOPSIS" - .B #include -@@ -117,4 +117,4 @@ - Returns 0 on success or -1 otherwise. - - .SH "SEE ALSO" --.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)" -+.BR selinux "(8), " freecon "(3), " setfilecon "(3), " setfscreatecon "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_check_context.3 libselinux-1.33.4/man/man3/security_check_context.3 ---- nsalibselinux/man/man3/security_check_context.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_check_context.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "security_check_context" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --security_check_context \- check the validity of a context -+security_check_context \- check the validity of a SELinux context - .SH "SYNOPSIS" - .B #include - .sp -@@ -10,3 +10,7 @@ - .B security_check_context - returns 0 if SE Linux is running and the context is valid, otherwise it - returns -1. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av.3 libselinux-1.33.4/man/man3/security_compute_av.3 ---- nsalibselinux/man/man3/security_compute_av.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_compute_av.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,7 +1,7 @@ - .TH "security_compute_av" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" - security_compute_av, security_compute_create, security_compute_relabel, security_compute_user \- query --the SE Linux policy database in the kernel. -+the SELinux policy database in the kernel. - - .SH "SYNOPSIS" - .B #include -@@ -51,4 +51,4 @@ - 0 for success and on error -1 is returned. - - .SH "SEE ALSO" --.BR getcon "(3), " getfilecon "(3), " get_ordered_context_list "(3)" -+.BR selinux "(8), " getcon "(3), " getfilecon "(3), " get_ordered_context_list "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce.3 libselinux-1.33.4/man/man3/security_getenforce.3 ---- nsalibselinux/man/man3/security_getenforce.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_getenforce.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "security_getenforce" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --security_getenforce, security_setenforce \- get or set the enforcing state of SE Linux -+security_getenforce, security_setenforce \- get or set the enforcing state of SELinux - .SH "SYNOPSIS" - .B #include - .sp -@@ -17,3 +17,7 @@ - sets SE Linux to enforcing mode if the value 1 is passed in, and sets it to - permissive mode if 0 is passed in. On success 0 is returned, on error -1 is - returned. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_booleans.3 libselinux-1.33.4/man/man3/security_load_booleans.3 ---- nsalibselinux/man/man3/security_load_booleans.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_load_booleans.3 2007-01-15 16:21:55.000000000 -0500 -@@ -56,4 +56,4 @@ - This manual page was written by Dan Walsh . - - .SH "SEE ALSO" --getsebool(8), booleans(8), togglesebool(8) -+selinux(8), getsebool(8), booleans(8), togglesebool(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_policy.3 libselinux-1.33.4/man/man3/security_load_policy.3 ---- nsalibselinux/man/man3/security_load_policy.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_load_policy.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "security_load_policy" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --security_load_policy \- load a new policy -+security_load_policy \- load a new SELinux policy - .SH "SYNOPSIS" - .B #include - .sp -@@ -9,3 +9,7 @@ - .SH "DESCRIPTION" - .B security_load_policy - loads a new policy, returns 0 for success and -1 for error. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_policyvers.3 libselinux-1.33.4/man/man3/security_policyvers.3 ---- nsalibselinux/man/man3/security_policyvers.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/security_policyvers.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "security_policyvers" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --security_policyvers \- get the version of the SE Linux policy -+security_policyvers \- get the version of the SELinux policy - .SH "SYNOPSIS" - .B #include - .sp -@@ -10,3 +10,7 @@ - .B security_policyvers - returns the version of the policy (a positive integer) on success, or -1 on - error. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-1.33.4/man/man3/selinux_binary_policy_path.3 ---- nsalibselinux/man/man3/selinux_binary_policy_path.3 2007-01-11 14:01:22.000000000 -0500 -+++ libselinux-1.33.4/man/man3/selinux_binary_policy_path.3 2007-01-15 16:21:55.000000000 -0500 -@@ -4,7 +4,7 @@ - selinux_failsafe_context_path, selinux_removable_context_path, - selinux_default_context_path, selinux_user_contexts_path, - selinux_file_context_path, selinux_media_context_path, --selinux_contexts_path, selinux_booleans_path \- These functions return the paths to the active policy configuration -+selinux_contexts_path, selinux_booleans_path \- These functions return the paths to the active SELinux policy configuration - directories and files. - - .SH "SYNOPSIS" -@@ -65,3 +65,6 @@ - .SH AUTHOR - This manual page was written by Dan Walsh . - -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_check_securetty_context.3 libselinux-1.33.4/man/man3/selinux_check_securetty_context.3 ---- nsalibselinux/man/man3/selinux_check_securetty_context.3 2007-01-11 14:01:22.000000000 -0500 -+++ libselinux-1.33.4/man/man3/selinux_check_securetty_context.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "selinux_check_securetty_context" "3" "1 January 2007" "dwalsh@redhat.com" "SE Linux API documentation" - .SH "NAME" --selinux_check_securetty_context \- check whether a tty security context is defined as a securetty context -+selinux_check_securetty_context \- check whether a SELinux tty security context is defined as a securetty context - .SH "SYNOPSIS" - .B #include - .sp -@@ -10,3 +10,7 @@ - .B selinux_check_securetty_context - returns 0 if tty_context is a securetty context - returns < 0 otherwise. -+ -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemode.3 libselinux-1.33.4/man/man3/selinux_getenforcemode.3 ---- nsalibselinux/man/man3/selinux_getenforcemode.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/selinux_getenforcemode.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "selinux_getenforcemode" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation" - .SH "NAME" --selinux_getenforcemode \- get the enforcing state of SE Linux -+selinux_getenforcemode \- get the enforcing state of SELinux - .SH "SYNOPSIS" - .B #include - .sp -@@ -19,4 +19,7 @@ - On success, zero is returned. - On failure, -1 is returned. - -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ - -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root.3 libselinux-1.33.4/man/man3/selinux_policy_root.3 ---- nsalibselinux/man/man3/selinux_policy_root.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/selinux_policy_root.3 2007-01-15 16:21:55.000000000 -0500 -@@ -14,4 +14,7 @@ - On success, returns a directory path containing the SELinux policy files. - On failure, NULL is returned. - -+.SH "SEE ALSO" -+.BR selinux "(8)" -+ - -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libselinux-1.33.4/man/man3/setfilecon.3 ---- nsalibselinux/man/man3/setfilecon.3 2006-11-16 17:15:30.000000000 -0500 -+++ libselinux-1.33.4/man/man3/setfilecon.3 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "setfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation" - .SH "NAME" --setfilecon, fsetfilecon, lsetfilecon \- set SE Linux security context of a file -+setfilecon, fsetfilecon, lsetfilecon \- set SELinux security context of a file - - .SH "SYNOPSIS" - .B #include -@@ -38,4 +38,4 @@ - here. - - .SH "SEE ALSO" --.BR freecon "(3), " getfilecon "(3), " setfscreatecon "(3)" -+.BR selinux "(3), " freecon "(3), " getfilecon "(3), " setfscreatecon "(3)" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/avcstat.8 libselinux-1.33.4/man/man8/avcstat.8 ---- nsalibselinux/man/man8/avcstat.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/avcstat.8 2007-01-15 16:21:55.000000000 -0500 -@@ -22,6 +22,9 @@ - .B \-f - Specifies the location of the AVC statistics file, defaulting to '/selinux/avc/cache_stats'. - -+.SH "SEE ALSO" -+selinux(8) -+ - .SH AUTHOR - This manual page was written by Dan Walsh . - The program was written by James Morris . -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/getenforce.8 libselinux-1.33.4/man/man8/getenforce.8 ---- nsalibselinux/man/man8/getenforce.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/getenforce.8 2007-01-15 16:21:55.000000000 -0500 -@@ -12,4 +12,4 @@ - Dan Walsh, - - .SH "SEE ALSO" --setenforce(8), selinuxenabled(8) -+selinux(8), setenforce(8), selinuxenabled(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/getsebool.8 libselinux-1.33.4/man/man8/getsebool.8 ---- nsalibselinux/man/man8/getsebool.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/getsebool.8 2007-01-15 16:21:55.000000000 -0500 -@@ -26,9 +26,10 @@ - .B \-a - Show all SELinux booleans. - -+.SH "SEE ALSO" -+selinux(8), setsebool(8), booleans(8) -+ - .SH AUTHOR - This manual page was written by Dan Walsh . - The program was written by Tresys Technology. - --.SH "SEE ALSO" --setsebool(8), booleans(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-1.33.4/man/man8/matchpathcon.8 ---- nsalibselinux/man/man8/matchpathcon.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/matchpathcon.8 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "matchpathcon" "8" "21 April 2005" "dwalsh@redhat.com" "SE Linux Command Line documentation" - .SH "NAME" --matchpathcon \- get the default security context for the specified path from the file contexts configuration. -+matchpathcon \- get the default SELinux security context for the specified path from the file contexts configuration. - - .SH "SYNOPSIS" - .B matchpathcon [-V] [-N] [-n] [-f file_contexts_file ] [-p prefix ] filepath... -@@ -27,4 +27,5 @@ - This manual page was written by Dan Walsh . - - .SH "SEE ALSO" -+.BR selinux "(8), " - .BR mathpathcon "(3), " -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxenabled.8 libselinux-1.33.4/man/man8/selinuxenabled.8 ---- nsalibselinux/man/man8/selinuxenabled.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/selinuxenabled.8 2007-01-15 16:21:55.000000000 -0500 -@@ -13,4 +13,4 @@ - Dan Walsh, - - .SH "SEE ALSO" --setenforce(8), getenforce(8) -+selinux(8), setenforce(8), getenforce(8) -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/setenforce.8 libselinux-1.33.4/man/man8/setenforce.8 ---- nsalibselinux/man/man8/setenforce.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/setenforce.8 2007-01-15 16:21:55.000000000 -0500 -@@ -17,7 +17,7 @@ - Dan Walsh, - - .SH "SEE ALSO" --getenforce(8), selinuxenabled(8) -+selinux(8), getenforce(8), selinuxenabled(8) - - .SH FILES - /etc/grub.conf, /etc/selinux/config -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/togglesebool.8 libselinux-1.33.4/man/man8/togglesebool.8 ---- nsalibselinux/man/man8/togglesebool.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-1.33.4/man/man8/togglesebool.8 2007-01-15 16:21:55.000000000 -0500 -@@ -1,6 +1,6 @@ - .TH "togglesebool" "1" "26 Oct 2004" "sgrubb@redhat.com" "SELinux Command Line documentation" - .SH "NAME" --togglesebool \- flip the current value of a boolean -+togglesebool \- flip the current value of a SELinux boolean - .SH "SYNOPSIS" - .B togglesebool boolean... - -@@ -14,4 +14,4 @@ - This man page was written by Steve Grubb - - .SH "SEE ALSO" --booleans(8), getsebool(8), setsebool(8) -+selinux(8), booleans(8), getsebool(8), setsebool(8) +-%typemap(in, numinputs=0) security_context_t *(security_context_t temp) { ++%typemap(in, numinputs=0) security_context_t *(security_context_t temp=NULL) { + $1 = &temp; + } + %typemap(argout) security_context_t * (char *temp) { +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-1.34.0/src/selinuxswig_wrap.c +--- nsalibselinux/src/selinuxswig_wrap.c 2006-11-16 17:15:25.000000000 -0500 ++++ libselinux-1.34.0/src/selinuxswig_wrap.c 2007-01-24 12:16:58.000000000 -0500 +@@ -2831,7 +2831,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -2878,7 +2878,7 @@ + int result; + int val1 ; + int ecode1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -2910,7 +2910,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -2936,7 +2936,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -2980,7 +2980,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -3024,7 +3024,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -3068,7 +3068,7 @@ + PyObject *resultobj = 0; + security_context_t *arg1 = (security_context_t *) 0 ; + int result; +- security_context_t temp1 ; ++ security_context_t temp1 = NULL ; + char *temp10 ; + + { +@@ -3116,7 +3116,7 @@ + int res1 ; + char *buf1 = 0 ; + int alloc1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -3154,7 +3154,7 @@ + int res1 ; + char *buf1 = 0 ; + int alloc1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -3191,7 +3191,7 @@ + int result; + int val1 ; + int ecode1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -3313,7 +3313,7 @@ + int result; + int val1 ; + int ecode1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -3474,7 +3474,7 @@ + security_context_t arg1 ; + security_context_t *arg2 = (security_context_t *) 0 ; + int result; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -3734,7 +3734,7 @@ + int alloc1 = 0 ; + unsigned int val2 ; + int ecode2 = 0 ; +- security_context_t temp3 ; ++ security_context_t temp3 = NULL ; + char *temp30 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; +@@ -3778,7 +3778,7 @@ + int res1 ; + char *buf1 = 0 ; + int alloc1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -4212,7 +4212,7 @@ + int res1 ; + char *buf1 = 0 ; + int alloc1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + +@@ -4250,7 +4250,7 @@ + int res1 ; + char *buf1 = 0 ; + int alloc1 = 0 ; +- security_context_t temp2 ; ++ security_context_t temp2 = NULL ; + char *temp20 ; + PyObject * obj0 = 0 ; + diff --git a/libselinux.spec b/libselinux.spec index 36389a0..457b06e 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -2,10 +2,11 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 1.34.0 -Release: 1%{?dist} +Release: 3%{?dist} License: Public domain (uncopyrighted) Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz +Patch: libselinux-rhat.patch BuildRequires: libsepol-devel >= %{libsepolver} swig Requires: libsepol >= %{libsepolver} setransd @@ -48,6 +49,7 @@ needed for developing SELinux applications. %prep %setup -q +%patch -p1 -b .rhat %build make clean @@ -119,6 +121,9 @@ exit 0 %{_libdir}/python*/site-packages/selinux.py* %changelog +* Fri Jan 19 2007 Dan Walsh - 1.34.0-2 +- Add context function to python to split context into 4 parts + * Fri Jan 19 2007 Dan Walsh - 1.34.0-1 - Upgrade to upstream * Updated version for stable branch.