From 25dcff4b7ddce78aab983ea4158e32d59334a720 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 12 Jan 2009 15:55:47 +0000 Subject: [PATCH] - Fix up patch to get it upstreamed --- libsemanage-rhat.patch | 116 +++++++++++++++++++++-------------------- libsemanage.spec | 5 +- 2 files changed, 64 insertions(+), 57 deletions(-) diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch index 0f72991..17f8834 100644 --- a/libsemanage-rhat.patch +++ b/libsemanage-rhat.patch @@ -1,6 +1,6 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h libsemanage-2.0.30/include/semanage/modules.h --- nsalibsemanage/include/semanage/modules.h 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/include/semanage/modules.h 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/include/semanage/modules.h 2009-01-12 09:38:35.420740000 -0500 @@ -30,10 +30,16 @@ int semanage_module_install(semanage_handle_t *, @@ -18,21 +18,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h l int semanage_module_remove(semanage_handle_t *, char *module_name); /* semanage_module_info is for getting information on installed -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/Makefile libsemanage-2.0.30/src/Makefile ---- nsalibsemanage/src/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/src/Makefile 2008-12-04 15:15:23.000000000 -0500 -@@ -54,7 +54,7 @@ - ranlib $@ - - $(LIBSO): $(LOBJS) -- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs -+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs - ln -sf $@ $(TARGET) - - conf-scan.c: conf-scan.l conf-parse.h diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.30/src/direct_api.c --- nsalibsemanage/src/direct_api.c 2008-11-14 17:10:15.000000000 -0500 -+++ libsemanage-2.0.30/src/direct_api.c 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/direct_api.c 2009-01-12 10:20:45.394714000 -0500 @@ -50,6 +50,7 @@ #include "semanage_store.h" #include "database_policydb.h" @@ -76,8 +64,8 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage +#include +#include + -+/* bzip() a file to '*data', returning the total number of uncompressed bytes -+ * in the file. Returns 0 if file could not be decompressed. */ ++/* bzip() a data to a file, returning the total number of compressed bytes ++ * in the file. Returns -1 if file could not be compressed. */ +static size_t bzip(const char *filename, char *data, size_t num_bytes) { + BZFILE* b; + size_t size = 1<<16; @@ -87,13 +75,13 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + FILE *f; + + if ((f = fopen(filename, "wb")) == NULL) { -+ return 0; ++ return -1; + } + + b = BZ2_bzWriteOpen( &bzerror, f, 9, 0, 0); + if (bzerror != BZ_OK) { + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); -+ return 0; ++ return -1; + } + + while ( num_bytes > total ) { @@ -105,7 +93,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + BZ2_bzWrite ( &bzerror, b, &data[total], len ); + if (bzerror == BZ_IO_ERROR) { + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); -+ return 0; ++ return -1; + } + total += len; + } @@ -113,13 +101,13 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + BZ2_bzWriteClose ( &bzerror, b, 0, 0, 0 ); + fclose(f); + if (bzerror == BZ_IO_ERROR) { -+ return 0; ++ return -1; + } + return total; +} + +/* bunzip() a file to '*data', returning the total number of uncompressed bytes -+ * in the file. Returns 0 if file could not be decompressed. */ ++ * in the file. Returns -1 if file could not be decompressed. */ +size_t bunzip(FILE *f, char **data) { + BZFILE* b; + size_t nBuf; @@ -131,7 +119,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + b = BZ2_bzReadOpen ( &bzerror, f, 0, 0, NULL, 0 ); + if ( bzerror != BZ_OK ) { + BZ2_bzReadClose ( &bzerror, b ); -+ return 0; ++ return -1; + } + + char *uncompress = realloc(NULL, size); @@ -150,7 +138,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + if ( bzerror != BZ_STREAM_END ) { + BZ2_bzReadClose ( &bzerror, b ); + free(uncompress); -+ return 0; ++ return -1; + } + BZ2_bzReadClose ( &bzerror, b ); + @@ -162,16 +150,16 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + * If the file is bzip compressed map_file will uncompress + * the file into '*data'. + * Returns the total number of bytes in memory . -+ * Returns 0 if file could not be opened or mapped. */ ++ * Returns -1 if file could not be opened or mapped. */ +static size_t map_file(int fd, char **data, int *compressed) +{ -+ int size; ++ int size = -1; + char *uncompress; + if ((size = bunzip(fdopen(fd, "r"), &uncompress)) > 0) { + *data = mmap(0, size, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0); + if (*data == MAP_FAILED) { + free(uncompress); -+ return 0; ++ return -1; + } else { + memcpy(*data, uncompress, size); + } @@ -182,7 +170,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + if (fstat(fd, &sb) == -1 || + (*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == + MAP_FAILED) { -+ size = 0; ++ size = -1; + } else { + size = sb.st_size; + } @@ -234,18 +222,19 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage seusers_modified, users_extra_modified; dbase_config_t *users = semanage_user_dbase_local(sh); dbase_config_t *users_base = semanage_user_base_dbase_local(sh); -@@ -815,7 +967,9 @@ +@@ -815,8 +967,10 @@ &filename)) != 0) { goto cleanup; } - if (write_file(sh, filename, data, data_len) == -1) { -+ + if (bzip(filename, data, data_len) == 0) { + ERR(sh, "Error while writing to %s.", filename); retval = -3; ++ goto cleanup; } retval = 0; -@@ -826,19 +980,60 @@ + cleanup: +@@ -826,17 +980,58 @@ return retval; } @@ -275,7 +264,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + int in_fd = -1; + + if ((in_fd = open(install_filename, O_RDONLY)) == -1) { -+ return 0; ++ return -1; + } + + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { @@ -312,12 +301,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage +static int get_direct_upgrade_filename(semanage_handle_t * sh, + char *data, size_t data_len, char **outfilename) { int i, retval, num_modules = 0; -- char *module_name = NULL, *version = NULL, *filename = NULL; -+ char *filename = NULL, *module_name = NULL, *version = NULL; + char *module_name = NULL, *version = NULL, *filename = NULL; semanage_module_info_t *modinfo = NULL; - if ((retval = parse_module_headers(sh, data, data_len, - &module_name, &version, -@@ -868,14 +1063,10 @@ +@@ -868,14 +1063,9 @@ if (retval == -4) { ERR(sh, "There does not already exist a module named %s.", module_name); @@ -326,14 +312,13 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage - if (write_file(sh, filename, data, data_len) == -1) { - retval = -3; } -+ cleanup: free(version); - free(filename); free(module_name); for (i = 0; modinfo != NULL && i < num_modules; i++) { semanage_module_info_t *m = -@@ -883,6 +1074,80 @@ +@@ -883,6 +1073,80 @@ semanage_module_info_datum_destroy(m); } free(modinfo); @@ -386,7 +371,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + int in_fd = -1; + + if ((in_fd = open(module_filename, O_RDONLY)) == -1) { -+ return 0; ++ return -1; + } + + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { @@ -414,7 +399,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage return retval; } -@@ -903,7 +1168,8 @@ +@@ -903,14 +1167,59 @@ if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) { goto cleanup; } @@ -422,9 +407,10 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + if (bzip(filename, base_data, data_len) == 0) { + ERR(sh, "Error while writing to %s.", filename); retval = -3; ++ goto cleanup; } retval = 0; -@@ -911,6 +1177,49 @@ + cleanup: return retval; } @@ -443,7 +429,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + int in_fd; + + if ((in_fd = open(install_filename, O_RDONLY)) == -1) { -+ return 0; ++ return -1; + } + + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { @@ -474,7 +460,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage /* Removes a module from the sandbox. Returns 0 on success, -1 if out * of memory, -2 if module not found or could not be removed. */ static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) -@@ -1005,15 +1314,26 @@ +@@ -1005,15 +1314,29 @@ * report it */ continue; } @@ -484,9 +470,12 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage + if ((size = bunzip(fp, &data)) != 0) { + fclose(fp); + fp = fmemopen(data, size, "rb"); ++ if (!fp) { ++ ERR(sh, "Out of memory!"); ++ goto cleanup; ++ } + } + rewind(fp); -+ __fsetlocking(fp, FSETLOCKING_BYCALLER); sepol_policy_file_set_fp(pf, fp); if (sepol_module_package_info(pf, &type, &name, &version)) { @@ -503,19 +492,18 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage (*modinfo)[*num_modules].version = version; diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.h libsemanage-2.0.30/src/direct_api.h --- nsalibsemanage/src/direct_api.h 2008-11-14 17:10:15.000000000 -0500 -+++ libsemanage-2.0.30/src/direct_api.h 2008-12-04 15:15:23.000000000 -0500 -@@ -37,6 +37,7 @@ ++++ libsemanage-2.0.30/src/direct_api.h 2009-01-12 10:23:16.078163000 -0500 +@@ -39,4 +39,7 @@ - int semanage_direct_access_check(struct semanage_handle *sh); + int semanage_direct_mls_enabled(struct semanage_handle *sh); --int semanage_direct_mls_enabled(struct semanage_handle *sh); +#include +size_t bunzip(FILE *f, char **data); - ++ #endif diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.30/src/genhomedircon.c --- nsalibsemanage/src/genhomedircon.c 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/src/genhomedircon.c 2008-12-04 15:16:11.000000000 -0500 ++++ libsemanage-2.0.30/src/genhomedircon.c 2009-01-12 09:38:35.444738000 -0500 @@ -487,7 +487,6 @@ const char *role_prefix) { @@ -547,7 +535,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libseman *errors = STATUS_ERR; diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.30/src/libsemanage.map --- nsalibsemanage/src/libsemanage.map 2008-11-14 17:10:15.000000000 -0500 -+++ libsemanage-2.0.30/src/libsemanage.map 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/libsemanage.map 2009-01-12 09:38:35.456740000 -0500 @@ -3,8 +3,10 @@ semanage_is_managed; semanage_connect; semanage_disconnect; semanage_msg_*; @@ -561,9 +549,21 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libseman semanage_module_list; semanage_module_info_datum_destroy; semanage_module_list_nth; semanage_module_get_name; semanage_module_get_version; semanage_select_store; +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/Makefile libsemanage-2.0.30/src/Makefile +--- nsalibsemanage/src/Makefile 2008-08-28 09:34:24.000000000 -0400 ++++ libsemanage-2.0.30/src/Makefile 2009-01-12 09:38:35.424738000 -0500 +@@ -54,7 +54,7 @@ + ranlib $@ + + $(LIBSO): $(LOBJS) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs + ln -sf $@ $(TARGET) + + conf-scan.c: conf-scan.l conf-parse.h diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.30/src/modules.c --- nsalibsemanage/src/modules.c 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/src/modules.c 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/modules.c 2009-01-12 09:38:35.462738000 -0500 @@ -52,6 +52,25 @@ return sh->funcs->install(sh, module_data, data_len); } @@ -644,7 +644,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2. if (sh->funcs->remove == NULL) { diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0.30/src/policy.h --- nsalibsemanage/src/policy.h 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/src/policy.h 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/policy.h 2009-01-12 09:38:35.481737000 -0500 @@ -49,8 +49,14 @@ /* Install a policy module */ int (*install) (struct semanage_handle *, char *, size_t); @@ -672,7 +672,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0 /* Should be backend independent */ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.30/src/semanage.conf --- nsalibsemanage/src/semanage.conf 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.30/src/semanage.conf 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/semanage.conf 2009-01-12 09:38:35.487738000 -0500 @@ -35,4 +35,4 @@ # given in . Change this setting if a different # version is necessary. @@ -681,7 +681,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanag +expand-check=0 diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.30/src/semanage_store.c --- nsalibsemanage/src/semanage_store.c 2008-11-11 16:13:18.000000000 -0500 -+++ libsemanage-2.0.30/src/semanage_store.c 2008-12-04 15:15:23.000000000 -0500 ++++ libsemanage-2.0.30/src/semanage_store.c 2009-01-12 10:17:08.334866000 -0500 @@ -440,6 +440,8 @@ char tmp[PATH_MAX]; char buf[4192]; @@ -691,7 +691,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsema n = snprintf(tmp, PATH_MAX, "%s.tmp", dst); if (n < 0 || n >= PATH_MAX) return -1; -@@ -1523,16 +1525,26 @@ +@@ -1523,16 +1525,30 @@ ERR(sh, "Could not open module file %s for reading.", filename); goto cleanup; } @@ -701,6 +701,10 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsema + if ((size = bunzip(fp, &data)) != 0) { + fclose(fp); + fp = fmemopen(data, size, "rb"); ++ if (!fp) { ++ ERR(sh, "Out of memory!"); ++ goto cleanup; ++ } + } + rewind(fp); __fsetlocking(fp, FSETLOCKING_BYCALLER); diff --git a/libsemanage.spec b/libsemanage.spec index f4491a6..d2b23bd 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Summary: SELinux binary policy manipulation library Name: libsemanage Version: 2.0.30 -Release: 2%{?dist} +Release: 3%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/libsemanage-%{version}.tgz @@ -90,6 +90,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/python*/site-packages/* %changelog +* Mon Jan 12 2009 Dan Walsh - 2.0.30-3 +- Fix up patch to get it upstreamed + * Thu Dec 04 2008 Ignacio Vazquez-Abrams - 2.0.30-2 - Rebuild for Python 2.6