auto-import changelog data from libselinux-1.13.1-1.src.rpm

Thu May 27 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-1 - Change to use new policy mechanism
2004-09-09 07:42:50 +00:00 · 2004-09-09 07:42:50 +00:00 · cca6a80b71
parent f9343ddbdd
commit cca6a80b71
4 changed files with 6 additions and 328 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -1 +1 @@
-libselinux-1.13.tgz
+libselinux-1.13.1.tgz
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -1,323 +0,0 @@
--- /dev/null	2004-02-23 16:02:56.000000000 -0500
-+++ libselinux-1.13/src/selinux_config.c	2004-05-26 15:03:15.506622384 -0400
-@@ -0,0 +1,119 @@
-+#include <stdio.h>
-+#include <string.h>
-+#include <ctype.h>
-+#include <stdlib.h>
-+#include <limits.h>
-+
-+#define SELINUXDIR "/etc/selinux/"
-+#define SELINUXDEFAULT "targeted"
-+#define SELINUXTYPETAG "SELINUXTYPE="
-+#define SELINUXTAG "SELINUX="
-+
-+static char *file_context=NULL;
-+static char *default_type=NULL;
-+static char *default_policy=NULL;
-+static char *default_context=NULL;
-+static char *failsafe_context=NULL;
-+
-+int selinux_getenforcemode(int *enforce) {
-+  int ret=-1;
-+  FILE *cfg = fopen("/etc/sysconfig/selinux","r");
-+  char buf[4097];
-+  int len=sizeof(SELINUXTAG)-1;
-+  if (cfg) {
-+    while (fgets(buf, 4096, cfg)) {
-+      if (strncmp(buf,SELINUXTAG,len))
-+	continue;
-+      if (!strncmp(buf+len,"enforcing",sizeof("enforcing")-1)) {
-+	*enforce = 1;
-+	ret=0;
-+	break;
-+      } else if (!strncmp(buf+len,"permissive",sizeof("permissive")-1)) {
-+	*enforce = 0;
-+	ret=0;
-+	break;
-+      } else if (!strncmp(buf+len,"disabled",sizeof("disabled")-1)) {
-+	*enforce = -1;
-+	ret=0;
-+	break;
-+      }
-+    }
-+    fclose(cfg);
-+  }
-+  return ret;
-+}
-+
-+static char *selinux_policyroot = NULL;
-+
-+static void init_selinux_policyroot(void) __attribute__ ((constructor));
-+
-+static void init_selinux_policyroot(void)
-+{
-+  char *type=SELINUXDEFAULT;
-+  int i=0, len=sizeof(SELINUXTYPETAG)-1;
-+  char buf[4097];
-+  FILE *cfg;
-+  if (selinux_policyroot) return;
-+  cfg = fopen("/etc/sysconfig/selinux","r");
-+  if (cfg) {
-+    while (fgets(buf, 4096, cfg)) {
-+      if (strncmp(buf,SELINUXTYPETAG,len))
-+	continue;
-+      type=buf+len;
-+    }
-+    fclose(cfg);
-+  }
-+  i=strlen(type)-1;
-+  while ((i>=0) && 
-+	 (isspace(type[i]) || iscntrl(type[i]))) {
-+    type[i]=0;
-+    i--;
-+  }
-+  len=sizeof(SELINUXDIR) + strlen(type);
-+  selinux_policyroot=malloc(len);
-+  snprintf(selinux_policyroot,len, "%s%s", SELINUXDIR, type);
-+}
-+
-+char *selinux_default_type_path() {
-+  if (!default_type) {
-+    default_type=malloc(PATH_MAX);
-+    snprintf(default_type, PATH_MAX, "%s/contexts/default_type", selinux_policyroot);
-+  }
-+  return default_type;
-+}
-+
-+char *selinux_policy_root() {
-+  return selinux_policyroot;
-+}
-+
-+char *selinux_default_context_path() {
-+  if (!default_context) {
-+    default_context=malloc(PATH_MAX);
-+    snprintf(default_context, PATH_MAX, "%s/contexts/default_contexts", selinux_policyroot);
-+  }
-+  return default_context;
-+}
-+
-+char *selinux_failsafe_context_path() {
-+  if (!failsafe_context) {
-+    failsafe_context=malloc(PATH_MAX);
-+    snprintf(failsafe_context, PATH_MAX, "%s/contexts/failsafe_contexts", selinux_policyroot);
-+  }
-+  return failsafe_context;
-+}
-+
-+char *selinux_binary_policy_path() {
-+  if (!default_policy) {
-+    default_policy=malloc(PATH_MAX);
-+    snprintf(default_policy, PATH_MAX, "%s/policy/policy", selinux_policyroot);
-+  }
-+  return default_policy;
-+}
-+
-+char *selinux_file_context_path() {
-+  if (!file_context) {
-+    file_context=malloc(PATH_MAX);
-+    snprintf(file_context, PATH_MAX-1, "%s/contexts/file_contexts", selinux_policyroot);
-+  }
-+  return file_context;
-+}
--- libselinux-1.13/src/matchpathcon.c.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/src/matchpathcon.c	2004-05-26 14:36:00.588167768 -0400
-@@ -196,7 +196,7 @@
- 	spec_t *spec_copy;
- 
- 	/* Open the specification file. */
-	if ((fp = fopen(FILECONTEXTS, "r")) == NULL)
-+	if ((fp = fopen(selinux_file_context_path(), "r")) == NULL)
- 		return -1;
- 
- 	/* 
--- libselinux-1.13/src/get_context_list.c.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/src/get_context_list.c	2004-05-26 14:36:00.591167312 -0400
-@@ -255,7 +255,7 @@
-     }
-     else if (which == SYSTEMPRIORITY)
-     {
-        config_file = fopen (_DEFCONTEXT_PATH, "r");
-+        config_file = fopen (selinux_default_context_path(), "r");
-     }
-     else
-     {
-@@ -390,7 +390,7 @@
- 	size_t plen, nlen;
- 	int rc;
- 
-	fp = fopen(_FAILSAFECONTEXT_PATH, "r");
-+	fp = fopen(selinux_failsafe_context_path(), "r");
- 	if (!fp)
- 		return -1;
- 
--- libselinux-1.13/src/get_default_type.c.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/src/get_default_type.c	2004-05-26 14:36:00.593167008 -0400
-@@ -10,7 +10,7 @@
- {
-   FILE* fp=NULL;
-     
-  fp = fopen (_DEFTYPE_PATH, "r");
-+  fp = fopen (selinux_default_type_path(), "r");
-   if (!fp)
- 	  return -1;
- 
--- libselinux-1.13/include/selinux/get_default_type.h.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/include/selinux/get_default_type.h	2004-05-26 14:37:35.995663624 -0400
-@@ -5,7 +5,7 @@
- #ifndef _SELINUX_GET_DEFAULT_TYPE_H_
- #define _SELINUX_GET_DEFAULT_TYPE_H_
- 
-#define _DEFTYPE_PATH "/etc/security/default_type"
-+char *selinux_default_type_path();
- 
- /* Get the default type (domain) for 'role' and set 'type' to refer to it.
-    Caller must free via free().
--- libselinux-1.13/include/selinux/selinux.h.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/include/selinux/selinux.h	2004-05-26 15:06:05.799733896 -0400
-@@ -72,12 +72,6 @@
- 
- /* Wrappers for the selinuxfs (policy) API. */
- 
-/* Mount point for selinuxfs. */
-#define SELINUXMNT "/selinux/"
-
-/* Default pathname for policy configuration, without version number. */
-#define SELINUXPOLICY "/etc/security/selinux/policy"
-
- typedef unsigned int access_vector_t;
- typedef unsigned short security_class_t;
- 
-@@ -168,4 +162,22 @@
- 		 mode_t mode,
- 		 security_context_t *con);
- 
-+/*
-+  selinux_getenforcemode reads the /etc/sysconfig/selinux file and determines 
-+  whether the machine should be started in enforcing (1), permissive (0) or 
-+  disabled (-1) mode.
-+ */
-+int selinux_getenforcemode(int *enforce);
-+
-+/*
-+  selinux_policy_root is set within the init_selinux_policyroot constructor 
-+  which reads the /etc/sysconfig/selinux file and determines 
-+  where the compiled policy file and contexts files exist.
-+ */
-+char *selinux_policy_root();
-+char *selinux_binary_policy_path();
-+char *selinux_failsafe_context_path();
-+char *selinux_default_context_path();
-+char *selinux_file_context_path();
-+
- #endif
--- libselinux-1.13/include/selinux/get_context_list.h.rhat	2004-05-25 08:52:21.000000000 -0400
-+++ libselinux-1.13/include/selinux/get_context_list.h	2004-05-26 14:36:00.595166704 -0400
-@@ -3,8 +3,6 @@
- 
- #include <selinux/selinux.h>
- 
-#define _DEFCONTEXT_PATH "/etc/security/default_contexts"
-#define _FAILSAFECONTEXT_PATH "/etc/security/failsafe_context"
- #define SELINUX_DEFAULTUSER "user_u"
- 
- /* Get an ordered list of authorized security contexts for a user session
--- /dev/null	2004-02-23 16:02:56.000000000 -0500
-+++ libselinux-1.13/man/man3/selinux_policyroot.3	2004-05-26 14:36:00.596166552 -0400
-@@ -0,0 +1,17 @@
-+.TH "selinux_policyroot" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation"
-+.SH "NAME"
-+selinux_policyroot \- return the path of the SELinux policy files for this machine.
-+.SH "SYNOPSIS"
-+.B #include <selinux/selinux.h>
-+.sp
-+.B char *selinux_policyroot();
-+.br
-+
-+.SH "DESCRIPTION"
-+.B selinux_policyroot
-+Reads the contents of the /etc/sysconfig/selinux file to determine which policy files should be used for this machine.
-+.SH "RETURN VALUE"
-+On success, returns a directory path containing the SELinux policy files.
-+On failure, NULL is returned.
-+
-+
--- /dev/null	2004-02-23 16:02:56.000000000 -0500
-+++ libselinux-1.13/man/man3/selinux_getenforcemode.3	2004-05-26 14:36:00.597166400 -0400
-@@ -0,0 +1,22 @@
-+.TH "selinux_getenforcemode" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation"
-+.SH "NAME"
-+selinux_getenforcemode \- get the enforcing state of SE Linux
-+.SH "SYNOPSIS"
-+.B #include <selinux/selinux.h>
-+.sp
-+.B int selinux_getenforcemode(int *enforce);
-+.br
-+
-+.SH "DESCRIPTION"
-+.B selinux_getenforcemode
-+Reads the contents of the /etc/sysconfig/selinux file to determine how the 
-+system was setup to run SELinux.
-+.br
-+Sets the value of enforce to 1 if SELinux should be run in enforcing mode.
-+Sets the value of enforce to 0 if SELinux should be run in permissive mode.
-+Sets the value of enforce to -1 if SELinux should be disabled.
-+.SH "RETURN VALUE"
-+On success, zero is returned.
-+On failure, -1 is returned.
-+
-+
--- /dev/null	2004-02-23 16:02:56.000000000 -0500
-+++ libselinux-1.13/utils/getenforcemode.c	2004-05-26 14:36:00.598166248 -0400
-@@ -0,0 +1,31 @@
-+#include <unistd.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <selinux/selinux.h>
-+
-+int main(int argc __attribute__ ((unused)), char **argv) 
-+{
-+	int ret;
-+	int enforce;
-+	ret = selinux_getenforcemode(&enforce);
-+	if (ret) {
-+		fprintf(stderr, "%s:  selinux_getenforcemode() failed\n", argv[0]);
-+		exit(2);
-+	}
-+
-+	switch(enforce) {
-+	case 1:
-+	  printf("Enforcing\n");
-+	  break;
-+
-+	case 0:
-+	  printf("Permissive\n");
-+	  break;
-+
-+	case -1:
-+	  printf("Disabled\n");
-+	  break;
-+
-+	}
-+	exit(0);
-+}
--- /dev/null	2004-02-23 16:02:56.000000000 -0500
-+++ libselinux-1.13/utils/selinuxconfig.c	2004-05-26 15:05:07.827547008 -0400
-@@ -0,0 +1,17 @@
-+#include <unistd.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <selinux/selinux.h>
-+#include <selinux/get_default_type.h>
-+
-+int main(int argc __attribute__ ((unused)), char **argv) 
-+{
-+	printf("policypath=\"%s\"\n", selinux_policy_root());
-+	printf("default_type_path=\"%s\"\n", selinux_default_type_path());
-+	printf("default_context_path=\"%s\"\n", selinux_default_context_path());
-+	printf("default_failsafe_context_path=\"%s\"\n", selinux_failsafe_context_path());
-+	printf("binary_policy_path=\"%s\"\n", selinux_binary_policy_path());
-+	printf("file_contexts_path=\"%s\"\n", selinux_file_context_path());
-+	exit(0);
-+
-+}
--- a/libselinux.spec
+++ b/libselinux.spec
@ -1,6 +1,6 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 1.13
+Version: 1.13.1
 Release: 1
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
@ -8,7 +8,6 @@ Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
 Prefix: %{_prefix}
 BuildRoot: %{_tmppath}/%{name}-buildroot
 Provides: libselinux.so
-Patch1: libselinux-rhat.patch

 %description
 Security-enhanced Linux is a patch of the Linux® kernel and a number
@ -36,7 +35,6 @@ needed for developing SELinux applications.

 %prep
 %setup -q
-%patch1 -p1 -b .rhat

 %build
 make 
@ -71,6 +69,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*

 %changelog
+* Thu May 27 2004 Dan Walsh <dwalsh@redhat.com> 1.13.1-1
+- Change to use new policy mechanism
+
 * Mon May 17 2004 Dan Walsh <dwalsh@redhat.com> 1.12-2
 - add man patch

--- a/2
+++ b/2
@ -1 +1 @@
-3ad90bbd46814325ee76b691b677804d  libselinux-1.13.tgz
+b304325b9ea6b705bbcbae8ebea4ffe0  libselinux-1.13.1.tgz