Update to upstream release 2.4 from https://github.com/bachradsusi/selinux.git branch 2.4

libsemanage-rhat.patch

@@ -1,89 +1,13 @@
-diff --git a/src/direct_api.c b/src/direct_api.c
-index 64dc7d9..5b94725 100644
---- a/src/direct_api.c
-+++ b/src/direct_api.c
-@@ -690,7 +690,7 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 	/* Declare some variables */
- 	int modified = 0, fcontexts_modified, ports_modified,
- 	    seusers_modified, users_extra_modified, dontaudit_modified,
--	    preserve_tunables_modified;
-+	    preserve_tunables_modified, bools_modified;
- 	dbase_config_t *users = semanage_user_dbase_local(sh);
- 	dbase_config_t *users_base = semanage_user_base_dbase_local(sh);
- 	dbase_config_t *pusers_base = semanage_user_base_dbase_policy(sh);
-@@ -771,11 +771,11 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 	users_extra_modified =
- 	    users_extra->dtable->is_modified(users_extra->dbase);
- 	ports_modified = ports->dtable->is_modified(ports->dbase);
-+	bools_modified = bools->dtable->is_modified(bools->dbase);
+diff --git libsemanage-2.4/tests/test_utilities.c libsemanage-2.4/tests/test_utilities.c
+index 4d25b07..32cc33c 100644
+--- libsemanage-2.4/tests/test_utilities.c
++++ libsemanage-2.4/tests/test_utilities.c
+@@ -45,7 +45,7 @@ void test_slurp_file_filter(void);
  
- 	modified = sh->modules_modified;
- 	modified |= ports_modified;
- 	modified |= users->dtable->is_modified(users_base->dbase);
--	modified |= bools->dtable->is_modified(bools->dbase);
- 	modified |= ifaces->dtable->is_modified(ifaces->dbase);
- 	modified |= nodes->dtable->is_modified(nodes->dbase);
- 	modified |= dontaudit_modified;
-@@ -891,15 +891,26 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 
- 		/* ==================== Policydb-backed ================ */
- 
--		/* Create new policy object, then attach to policy databases
--		 * that work with a policydb */
-+		/* Create new policy object */
- 		retval = semanage_expand_sandbox(sh, base, &out);
- 		if (retval < 0)
- 			goto cleanup;
- 	
- 		sepol_module_package_free(base);
- 		base = NULL;
-+	} else {
-+		/* Load already linked policy */
-+		retval = sepol_policydb_create(&out);
-+		if (retval < 0)
-+			goto cleanup;
-+
-+		retval = semanage_read_policydb(sh, out);
-+		if (retval < 0)
-+			goto cleanup;
-+	}
- 
-+	if (sh->do_rebuild || modified || bools_modified) {
-+		/* Attach to policy databases that work with a policydb. */
- 		dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase,
- 				      out);
- 		dbase_policydb_attach((dbase_policydb_t *) pports->dbase, out);
-@@ -921,14 +932,7 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 		if (retval < 0)
- 			goto cleanup;
- 	} else {
--		retval = sepol_policydb_create(&out);
--		if (retval < 0)
--			goto cleanup;
--
--		retval = semanage_read_policydb(sh, out);
--		if (retval < 0)
--			goto cleanup;
--		
-+		/* Changes to non-kernel policy configurations only. */
- 		if (seusers_modified || users_extra_modified) {
- 			retval = semanage_link_base(sh, &base);
- 			if (retval < 0)
-@@ -1007,7 +1011,7 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 	sepol_policydb_free(out);
- 	out = NULL;
- 
--	if (sh->do_rebuild || modified || 
-+	if (sh->do_rebuild || modified || bools_modified ||
- 	    seusers_modified || fcontexts_modified || users_extra_modified) {
- 		retval = semanage_install_sandbox(sh);
- 	}
-@@ -1017,7 +1021,7 @@ static int semanage_direct_commit(semanage_handle_t * sh)
- 		free(mod_filenames[i]);
- 	}
- 
--	if (modified) {
-+	if (modified || bools_modified) {
- 		/* Detach from policydb, so it can be freed */
- 		dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase);
- 		dbase_policydb_detach((dbase_policydb_t *) pports->dbase);
+ char fname[] = {
+ 	'T', 'E', 'S', 'T', '_', 'T', 'E', 'M', 'P', '_', 'X', 'X', 'X', 'X',
+-	'X', 'X'
++	'X', 'X', '\0'
+ };
+ int fd;
+ FILE *fptr;

libsemanage.spec

@@ -1,21 +1,21 @@
 %global with_python3 1
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print (get_python_lib(1))")}
 
-%define libsepolver 2.1.9-1
-%define libselinuxver 2.1.13-1
+%define libsepolver 2.4-0
+%define libselinuxver 2.4-0
 
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
-Version: 2.3
-Release: 6%{?dist}
+Version: 2.4
+Release: 0%{?dist}.3
 License: LGPLv2+
 Group: System Environment/Libraries
-Source: libsemanage-%{version}.tgz
+Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/libsemanage-%{version}.tar.gz
+# use make-rhat-patches.sh to create following patch from https://github.com/bachradsusi/selinux.git
 Patch: libsemanage-rhat.patch
-URL: http://oss.tresys.com/git/selinux.git
+URL: https://github.com/SELinuxProject/selinux/wiki
 Source1: semanage.conf
 
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: libselinux-devel >= %{libselinuxver} swig ustr-devel
 BuildRequires: libsepol-devel >= %{libsepolver} 
 BuildRequires: audit-libs-devel
@@ -122,8 +122,9 @@ InstallPythonWrapper() {
 }
 
 rm -rf ${RPM_BUILD_ROOT}
-mkdir -p ${RPM_BUILD_ROOT}/%{_libdir} 
+mkdir -p ${RPM_BUILD_ROOT}%{_libdir}
 mkdir -p ${RPM_BUILD_ROOT}%{_includedir} 
+mkdir -p ${RPM_BUILD_ROOT}%{_sharedstatedir}/selinux
 make DESTDIR="${RPM_BUILD_ROOT}" LIBDIR="${RPM_BUILD_ROOT}%{_libdir}" SHLIBDIR="${RPM_BUILD_ROOT}/%{_libdir}" install
 
 InstallPythonWrapper \
@@ -148,8 +149,11 @@ rm -rf ${RPM_BUILD_ROOT}
 %license COPYING
 %dir %{_sysconfdir}/selinux
 %config(noreplace) %{_sysconfdir}/selinux/semanage.conf
-/%{_libdir}/libsemanage.so.1
+%{_libdir}/libsemanage.so.1
 %{_mandir}/man5/*
+%dir %{_libexecdir}/selinux
+%dir %{_sharedstatedir}/selinux
+%{_libexecdir}/selinux/semanage_migrate_store
 
 %post -p /sbin/ldconfig
 
@@ -181,6 +185,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif # if with_python3
 
 %changelog
+* Mon Apr 13 2015 Petr Lautrbach <plautrba@redhat.com> 2.4-0.3
+- Update to upstream release 2.4
+
 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
 

make-rhat-patches.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+LIBSEMANAGE_VERSION=2.4
+BRANCH=2.4
+
+REBASEDIR=`mktemp -d rebase.XXXXXX`
+pushd $REBASEDIR
+
+# git clone git@github.com:fedora-selinux/selinux.git
+git clone https://github.com/bachradsusi/selinux.git
+pushd selinux; git checkout $BRANCH; COMMIT=`git rev-parse --verify HEAD`; popd
+
+# prepare libsemanage-rhat.patch
+tar xfz ../libsemanage-$LIBSEMANAGE_VERSION.tar.gz
+pushd libsemanage-$LIBSEMANAGE_VERSION
+
+git init; git add .; git commit -m "init"
+cp -r ../selinux/libsemanage/* .
+git add -A .
+
+git diff --cached --src-prefix=libsemanage-$LIBSEMANAGE_VERSION/ --dst-prefix=libsemanage-$LIBSEMANAGE_VERSION/ > ../../libsemanage-rhat.patch
+
+popd
+
+popd
+# echo rm -rf $REBASEDIR
+
+echo libsemanage-rhat.patch created from https://github.com/fedora-selinux/selinux/commit/$COMMIT