rpms
/
libselinux
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- Reload library on loading of policy to handle chroot

This commit is contained in:
Daniel J Walsh 2008-02-28 16:58:02 +00:00
parent 73272f9b7d
commit baab9d46ea
2 changed files with 77 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
libselinux-rhat.patch
View File

@ -1,6 +1,23 @@
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.49/src/matchpathcon.c
diff --exclude-from=exclude -N -u -r nsalibselinux/src/load_policy.c libselinux-2.0.57/src/load_policy.c
--- nsalibselinux/src/load_policy.c 2008-02-13 11:16:14.000000000 -0500
+++ libselinux-2.0.57/src/load_policy.c 2008-02-28 11:11:20.000000000 -0500
@@ -308,6 +308,13 @@
FILE *cfg;
char *buf;
+
+ /*
+ Reinitialize the library, so chroot will work correctly.
+ */
+ fini_selinux_policyroot();
+ init_selinux_config();
+
/*
* Get desired mode (disabled, permissive, enforcing) from
* /etc/selinux/config.
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.57/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c 2007-09-28 09:48:58.000000000 -0400
+++ libselinux-2.0.49/src/matchpathcon.c 2008-01-25 10:31:28.000000000 -0500
+++ libselinux-2.0.57/src/matchpathcon.c 2008-02-28 10:50:12.000000000 -0500
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
@ -18,3 +35,57 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
va_end(ap);
}
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-2.0.57/src/selinux_config.c
--- nsalibselinux/src/selinux_config.c 2007-08-03 16:02:56.000000000 -0400
+++ libselinux-2.0.57/src/selinux_config.c 2008-02-28 11:10:01.000000000 -0500
@@ -127,9 +127,9 @@
static char *selinux_policyroot = NULL;
static char *selinux_rootpath = NULL;
-static void init_selinux_config(void) __attribute__ ((constructor));
+void init_selinux_config(void) __attribute__ ((constructor));
-static void init_selinux_config(void)
+void init_selinux_config(void)
{
int i, *intptr;
size_t line_len;
@@ -207,10 +207,11 @@
== -1)
return;
}
+hidden_def(init_selinux_config)
-static void fini_selinux_policyroot(void) __attribute__ ((destructor));
+void fini_selinux_policyroot(void) __attribute__ ((destructor));
-static void fini_selinux_policyroot(void)
+void fini_selinux_policyroot(void)
{
int i;
free(selinux_policyroot);
@@ -222,6 +223,7 @@
free(selinux_policytype);
selinux_policytype = NULL;
}
+hidden_def(fini_selinux_policyroot)
static const char *get_path(int idx)
{
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-2.0.57/src/selinux_internal.h
--- nsalibselinux/src/selinux_internal.h 2007-08-03 16:02:56.000000000 -0400
+++ libselinux-2.0.57/src/selinux_internal.h 2008-02-28 11:11:04.000000000 -0500
@@ -80,6 +80,13 @@
hidden_proto(security_get_initial_context);
hidden_proto(security_get_initial_context_raw);
+extern void init_selinux_config(void) hidden;
+extern void fini_selinux_policyroot(void) hidden;
+
+hidden_proto(init_selinux_config);
+hidden_proto(fini_selinux_policyroot);
+
extern int load_setlocaldefs hidden;
extern int require_seusers hidden;
extern int selinux_page_size hidden;
+

5
libselinux.spec
View File

@ -4,7 +4,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.0.57
Release: 1%{?dist}
Release: 2%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@ -137,6 +137,9 @@ exit 0
%{python_sitearch}/selinux/*
%changelog
* Thu Feb 28 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.57-2
- Reload library on loading of policy to handle chroot
* Mon Feb 25 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.57-1
- Update to Upstream
* Merged avc_has_perm() errno fix from Eamon Walsh.