SELinux userspace 3.0 release
This commit is contained in:
parent
5c73d48883
commit
50ae97404c
1
.gitignore
vendored
1
.gitignore
vendored
@ -175,3 +175,4 @@ libsepol-2.0.41.tgz
|
|||||||
/libsepol-2.9-rc2.tar.gz
|
/libsepol-2.9-rc2.tar.gz
|
||||||
/libsepol-2.9.tar.gz
|
/libsepol-2.9.tar.gz
|
||||||
/libsepol-3.0-rc1.tar.gz
|
/libsepol-3.0-rc1.tar.gz
|
||||||
|
/libsepol-3.0.tar.gz
|
||||||
|
@ -1,43 +0,0 @@
|
|||||||
From c7527bdb608b3d2f2283047bcc6faeecd1ebfaf4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: James Carter <jwcart2@tycho.nsa.gov>
|
|
||||||
Date: Fri, 1 Nov 2019 09:50:53 -0400
|
|
||||||
Subject: [PATCH] libsepol/cil: Report disabling an optional block only at high
|
|
||||||
verbose levels
|
|
||||||
|
|
||||||
Since failing to resolve a statement in an optional block is normal,
|
|
||||||
only display messages about the statement failing to resolve and the
|
|
||||||
optional block being disabled at the highest verbosity level.
|
|
||||||
|
|
||||||
These messages are now only at log level CIL_INFO instead of CIL_WARN.
|
|
||||||
|
|
||||||
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
|
|
||||||
---
|
|
||||||
libsepol/cil/src/cil_resolve_ast.c | 6 ++++--
|
|
||||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
|
|
||||||
index 70a60bdfa024..875758609494 100644
|
|
||||||
--- a/libsepol/cil/src/cil_resolve_ast.c
|
|
||||||
+++ b/libsepol/cil/src/cil_resolve_ast.c
|
|
||||||
@@ -3761,14 +3761,16 @@ int __cil_resolve_ast_node_helper(struct cil_tree_node *node, uint32_t *finished
|
|
||||||
enum cil_log_level lvl = CIL_ERR;
|
|
||||||
|
|
||||||
if (optstack != NULL) {
|
|
||||||
- lvl = CIL_WARN;
|
|
||||||
+ lvl = CIL_INFO;
|
|
||||||
|
|
||||||
struct cil_optional *opt = (struct cil_optional *)optstack->data;
|
|
||||||
struct cil_tree_node *opt_node = opt->datum.nodes->head->data;
|
|
||||||
- cil_tree_log(opt_node, lvl, "Disabling optional '%s'", opt->datum.name);
|
|
||||||
/* disable an optional if something failed to resolve */
|
|
||||||
opt->enabled = CIL_FALSE;
|
|
||||||
+ cil_tree_log(node, lvl, "Failed to resolve %s statement", cil_node_to_string(node));
|
|
||||||
+ cil_tree_log(opt_node, lvl, "Disabling optional '%s'", opt->datum.name);
|
|
||||||
rc = SEPOL_OK;
|
|
||||||
+ goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
cil_tree_log(node, lvl, "Failed to resolve %s statement", cil_node_to_string(node));
|
|
||||||
--
|
|
||||||
2.23.0
|
|
||||||
|
|
@ -1,16 +1,15 @@
|
|||||||
Summary: SELinux binary policy manipulation library
|
Summary: SELinux binary policy manipulation library
|
||||||
Name: libsepol
|
Name: libsepol
|
||||||
Version: 3.0
|
Version: 3.0
|
||||||
Release: 0.rc.1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
Source0: https://github.com/SELinuxProject/selinux/releases/download/20191031/libsepol-3.0-rc1.tar.gz
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/20191204/libsepol-3.0.tar.gz
|
||||||
URL: https://github.com/SELinuxProject/selinux/wiki
|
URL: https://github.com/SELinuxProject/selinux/wiki
|
||||||
# $ git clone https://github.com/fedora-selinux/selinux.git
|
# $ git clone https://github.com/fedora-selinux/selinux.git
|
||||||
# $ cd selinux
|
# $ cd selinux
|
||||||
# $ git format-patch libsepol-3.0-rc1 -- libsepol
|
# $ git format-patch -N libsepol-3.0 -- libsepol
|
||||||
# $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
|
# $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
|
||||||
# Patch list start
|
# Patch list start
|
||||||
Patch0001: 0001-libsepol-cil-Report-disabling-an-optional-block-only.patch
|
|
||||||
# Patch list end
|
# Patch list end
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: flex
|
BuildRequires: flex
|
||||||
@ -48,7 +47,7 @@ The libsepol-static package contains the static libraries and header files
|
|||||||
needed for developing applications that manipulate binary policies.
|
needed for developing applications that manipulate binary policies.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -p 2 -n libsepol-%{version}-rc1
|
%autosetup -p 2 -n libsepol-%{version}
|
||||||
|
|
||||||
# sparc64 is an -fPIC arch, so we need to fix it here
|
# sparc64 is an -fPIC arch, so we need to fix it here
|
||||||
%ifarch sparc64
|
%ifarch sparc64
|
||||||
@ -97,6 +96,9 @@ exit 0
|
|||||||
%{_libdir}/libsepol.so.1
|
%{_libdir}/libsepol.so.1
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 6 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-1
|
||||||
|
- SELinux userspace 3.0 release
|
||||||
|
|
||||||
* Mon Nov 11 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-0.rc.1
|
* Mon Nov 11 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-0.rc.1
|
||||||
- SELinux userspace 3.0-rc1 release
|
- SELinux userspace 3.0-rc1 release
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (libsepol-3.0-rc1.tar.gz) = 7cd57732b59a8e869a33583651b26cd741e08a02b3afd5b3e6f92fbd529f9b1b1e45477d8001cee5a6f1a53503d4ce40f0d143c3c19648e1d3dce1539e2dd8b2
|
SHA512 (libsepol-3.0.tar.gz) = 82a5bae0afd9ae53b55ddcfc9f6dd61724a55e45aef1d9cd0122d1814adf2abe63c816a7ac63b64b401f5c67acb910dd8e0574eec546bed04da7842ab6c3bb55
|
||||||
|
Loading…
Reference in New Issue
Block a user