Use make macros

https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro

.gitignore

@@ -21,3 +21,12 @@ mcstrans-0.2.10.tgz
 mcstrans-0.2.11.tgz
 mcstrans-0.3.0.6.tgz
 mcstrans-0.3.1.tgz
+/mcstrans-0.3.2.tgz
+/mcstrans-0.3.4.tgz
+/mcstrans-2.8.tar.gz
+/mcstrans-2.9-rc1.tar.gz
+/mcstrans-2.9-rc2.tar.gz
+/mcstrans-2.9.tar.gz
+/mcstrans-3.0-rc1.tar.gz
+/mcstrans-3.0.tar.gz
+/mcstrans-3.1.tar.gz

0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch

@@ -0,0 +1,129 @@
+From a9eae01e435c2d6f13f3672a50f545bab03e9992 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Wed, 28 Nov 2018 18:28:05 +0100
+Subject: [PATCH] mcstrans: Fir RESOURCE_LEAK and USE_AFTER_FREE coverity scan
+ defects
+
+---
+ mcstrans/src/mcstrans.c  | 21 +++++++++++++++++++--
+ mcstrans/src/mcstransd.c |  4 +++-
+ 2 files changed, 22 insertions(+), 3 deletions(-)
+
+diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
+index 96bdbdff7d8b..0d9d0f3e25b7 100644
+--- a/mcstrans/src/mcstrans.c
++++ b/mcstrans/src/mcstrans.c
+@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
+ 
+ 	map->raw = strdup(raw);
+ 	if (!map->raw) {
++		free(map);
+ 		goto err;
+ 	}
+ 	map->trans = strdup(trans);
+ 	if (!map->trans) {
++		free(map->raw);
++		free(map);
+ 		goto err;
+ 	}
+ 
+ 	log_debug(" add_cache (%s,%s)\n", raw, trans);
+-	if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
++	if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
++		free(map->trans);
++		free(map->raw);
++		free(map);
+ 		goto err;
++	}
+ 
+ 	if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
+ 		goto err;
+@@ -1519,6 +1526,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
+ 			trans = compute_trans_from_raw(range, domain);
+ 			if (trans)
+ 				if (add_cache(domain, range, trans) < 0) {
++					free(trans);
+ 					free(range);
+ 					return -1;
+ 				}
+@@ -1530,6 +1538,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
+ 				ltrans = compute_trans_from_raw(lrange, domain);
+ 				if (ltrans) {
+ 					if (add_cache(domain, lrange, ltrans) < 0) {
++						free(ltrans);
+ 						free(range);
+ 						return -1;
+ 					}
+@@ -1548,6 +1557,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
+ 				utrans = compute_trans_from_raw(urange, domain);
+ 				if (utrans) {
+ 					if (add_cache(domain, urange, utrans) < 0) {
++						free(utrans);
+ 						free(ltrans);
+ 						free(range);
+ 						return -1;
+@@ -1647,14 +1657,19 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
+ 					canonical = compute_trans_from_raw(raw, domain);
+ 					if (canonical && strcmp(canonical, range))
+ 						if (add_cache(domain, raw, canonical) < 0) {
++							free(canonical);
+ 							free(range);
++							free(raw);
+ 							return -1;
+ 						}
+ 				}
+-				if (canonical)
++				if (canonical) {
+ 					free(canonical);
++					free(raw);
++				}
+ 				if (add_cache(domain, raw, range) < 0) {
+ 					free(range);
++					free(raw);
+ 					return -1;
+ 				}
+ 			} else {
+@@ -1672,6 +1687,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
+ 						canonical = compute_trans_from_raw(lraw, domain);
+ 						if (canonical)
+ 							if (add_cache(domain, lraw, canonical) < 0) {
++								free(canonical);
+ 								free(lraw);
+ 								free(range);
+ 								return -1;
+@@ -1703,6 +1719,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
+ 						canonical = compute_trans_from_raw(uraw, domain);
+ 						if (canonical)
+ 							if (add_cache(domain, uraw, canonical) < 0) {
++								free(canonical);
+ 								free(uraw);
+ 								free(lraw);
+ 								free(range);
+diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
+index 858994932e4f..a1ec81acb3c8 100644
+--- a/mcstrans/src/mcstransd.c
++++ b/mcstrans/src/mcstransd.c
+@@ -335,6 +335,7 @@ process_events(struct pollfd **ufds, int *nfds)
+ 					/* Setup pollfd for deletion later. */
+ 					(*ufds)[ii].fd = -1;
+ 					close(connfd);
++					connfd = -1;
+ 					/* So we don't get bothered later */
+ 					revents = revents & ~(POLLHUP);
+ 				}
+@@ -348,10 +349,11 @@ process_events(struct pollfd **ufds, int *nfds)
+ 			/* Set the pollfd up for deletion later. */
+ 			(*ufds)[ii].fd = -1;
+ 			close(connfd);
++			connfd = -1;
+ 
+ 			revents = revents & ~(POLLHUP);
+ 		}
+-		if (revents) {
++		if (revents && connfd != -1) {
+ 			syslog(LOG_ERR, "Unknown/error events (%x) encountered"
+ 					" for fd (%d)\n", revents, connfd);
+ 
+-- 
+2.23.0
+

0002-mcstrans-Fix-USER_AFTER_FREE-problem.patch

@@ -0,0 +1,28 @@
+From d09b54cfffaa3923c22bb3ff7818cb4a19325905 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Thu, 9 May 2019 16:44:43 +0200
+Subject: [PATCH] mcstrans: Fix USER_AFTER_FREE problem
+
+---
+ mcstrans/src/mcstrans.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
+index 0d9d0f3e25b7..29cadb78b62c 100644
+--- a/mcstrans/src/mcstrans.c
++++ b/mcstrans/src/mcstrans.c
+@@ -1663,10 +1663,8 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
+ 							return -1;
+ 						}
+ 				}
+-				if (canonical) {
++				if (canonical)
+ 					free(canonical);
+-					free(raw);
+-				}
+ 				if (add_cache(domain, raw, range) < 0) {
+ 					free(range);
+ 					free(raw);
+-- 
+2.23.0
+

0003-mcstrans-Do-not-accept-incomplete-contexts.patch

@@ -0,0 +1,59 @@
+From 0173a950563b23080fd40433f55efcb1d6b77923 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Mon, 15 Apr 2019 15:22:51 +0200
+Subject: [PATCH] mcstrans: Do not accept incomplete contexts
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes:
+$ python3
+> import selinux
+> selinux.selinux_raw_context_to_color("xyz_u:xyz_r:xyz_t:")
+
+Traceback (most recent call last):
+  File "<stdin>", line 2, in <module>
+OSError: [Errno 0] Error
+
+:: [ 10:25:45 ] :: [  BEGIN   ] :: Running 'service mcstransd status'
+Redirecting to /bin/systemctl status mcstransd.service
+● mcstrans.service - Translates SELinux MCS/MLS labels to human readable form
+   Loaded: loaded (/usr/lib/systemd/system/mcstrans.service; disabled; vendor preset: disabled)
+   Active: failed (Result: core-dump) since Fri 2019-04-12 10:25:44 EDT; 1s ago
+  Process: 16681 ExecStart=/sbin/mcstransd -f (code=dumped, signal=SEGV)
+ Main PID: 16681 (code=dumped, signal=SEGV)
+
+systemd[1]: mcstrans.service: Main process exited, code=dumped, status=11/SEGV
+systemd[1]: mcstrans.service: Failed with result 'core-dump'.
+
+Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
+---
+ mcstrans/src/mcscolor.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c
+index 4ee0db507ef2..3a3a6de9a02b 100644
+--- a/mcstrans/src/mcscolor.c
++++ b/mcstrans/src/mcscolor.c
+@@ -272,10 +272,14 @@ static const unsigned precedence[N_COLOR][N_COLOR - 1] = {
+ static const secolor_t default_color = { 0x000000, 0xffffff };
+ 
+ static int parse_components(context_t con, char **components) {
+-	components[COLOR_USER] = (char *)context_user_get(con);
+-	components[COLOR_ROLE] = (char *)context_role_get(con);
+-	components[COLOR_TYPE] = (char *)context_type_get(con);
+-	components[COLOR_RANGE] = (char *)context_range_get(con);
++	if ((components[COLOR_USER] = (char *)context_user_get(con)) == NULL)
++		return -1;
++	if ((components[COLOR_ROLE] = (char *)context_role_get(con)) == NULL)
++		return -1;
++	if ((components[COLOR_TYPE] = (char *)context_type_get(con)) == NULL)
++		return -1;
++	if ((components[COLOR_RANGE] = (char *)context_range_get(con)) == NULL)
++		return -1;
+ 
+ 	return 0;
+ }
+-- 
+2.23.0
+

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: mcstrans
-# $Id: Makefile,v 1.1 2006/05/03 16:13:52 dwalsh Exp $
-NAME := mcstrans
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

mcstrans-0.1.8-subsys-locking.patch

@@ -1,29 +0,0 @@
---- mcstrans-0.1.8/src/mcstrans.init.subsys-locking	2006-09-13 11:21:11.000000000 -0400
-+++ mcstrans-0.1.8/src/mcstrans.init	2006-09-13 11:29:18.000000000 -0400
-@@ -48,7 +48,7 @@
-     RETVAL=$?
-     echo
-     if test $RETVAL = 0 ; then
--        touch /var/lock/subsys/$prog
-+        touch /var/lock/subsys/mcstrans
-     fi
-     return $RETVAL
- }
-@@ -58,7 +58,7 @@
-     killproc $prog
-     RETVAL=$?
-     echo
--    rm -f /var/lock/subsys/$prog
-+    rm -f /var/lock/subsys/mcstrans
-     return $RETVAL
- }
- 
-@@ -76,7 +76,7 @@
- }
- 
- condrestart(){
--    [ -e /var/lock/subsys/$prog ] && restart
-+    [ -e /var/lock/subsys/mcstrans ] && restart
-     return 0
- }
- 

mcstrans-0.3.1-init.patch

@@ -1,65 +0,0 @@
---- mcstrans-0.3.1/src/mcstrans.init~	2009-09-16 11:01:17.646738932 +0200
-+++ mcstrans-0.3.1/src/mcstrans.init	2009-09-16 11:23:47.605763983 +0200
-@@ -20,6 +20,7 @@
- 
- PATH=/sbin:/bin:/usr/bin:/usr/sbin
- prog="mcstransd"
-+lockfile=/var/lock/subsys/$prog
- 
- # Source function library.
- . /etc/init.d/functions
-@@ -54,7 +55,7 @@
- 	RETVAL=$?
- 	echo
- 	if test $RETVAL = 0 ; then
--        	touch /var/lock/subsys/mcstrans
-+        	touch $lockfile
- 	fi
- 	return $RETVAL
- }
-@@ -64,15 +65,7 @@
- 	killproc $prog
- 	RETVAL=$?
- 	echo
--	rm -f /var/lock/subsys/mcstrans
--	return $RETVAL
--}
--
--reload(){
--	echo -n $"Reloading configuration: "	
--	killproc $prog -HUP
--	RETVAL=$?
--	echo
-+	rm -f $lockfile
- 	return $RETVAL
- }
- 
-@@ -82,7 +75,7 @@
- }
- 
- condrestart(){
--	[ -e /var/lock/subsys/mcstrans ] && restart
-+	[ -e $lockfile ] && restart
- 	return 0
- }
- 
-@@ -95,17 +88,14 @@
-     stop)
- 	stop
- 	;;
--    restart)
-+    restart|force-reload)
- 	restart
- 	;;
--    reload)
--	reload
--	;;
-     condrestart)
- 	condrestart
- 	;;
-     *)
--	echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|rotate}"
-+	echo $"Usage: $0 {start|stop|status|restart|force-reload|condrestart}"
- 	RETVAL=3
- esac
- 

mcstrans.spec

@@ -1,20 +1,26 @@
 Summary: SELinux Translation Daemon
 Name: mcstrans
-Version: 0.3.1
+Version: 3.1
 Release: 3%{?dist}
 License: GPL+
-Group: System Environment/Daemons
-Source: http://fedora.redhat.com/projects/%{name}-%{version}.tgz
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: libselinux-devel >= 1.30.3-1
+Url: https://github.com/SELinuxProject/selinux/wiki
+Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/mcstrans-3.1.tar.gz
+Source2: secolor.conf.8
+# fedora-selinux/selinux: git format-patch -N mcstrans-3.1 -- mcstrans
+# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
+# Patch list start
+Patch0001: 0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
+Patch0002: 0002-mcstrans-Fix-USER_AFTER_FREE-problem.patch
+Patch0003: 0003-mcstrans-Do-not-accept-incomplete-contexts.patch
+# Patch list end
+BuildRequires: gcc
+BuildRequires: libselinux-devel >= %{version}
 BuildRequires: libcap-devel pcre-devel libsepol-devel libsepol-static
+BuildRequires: systemd
 Requires: pcre
-Requires(pre): /sbin/chkconfig /sbin/service
-Requires(post):/sbin/chkconfig /sbin/service
+%{?systemd_requires}
 Provides: setransd
 Provides: libsetrans
-Patch: mcstrans-0.3.1-init.patch
-Obsoletes: libsetrans
 
 %description
 Security-enhanced Linux is a feature of the Linux® kernel and a number
@@ -31,12 +37,12 @@ mcstrans provides an translation daemon to translate SELinux categories
 from internal representations to user defined representation.
 
 %prep
-%setup -q
-%patch -p1 
+%autosetup -p 2 -n mcstrans-%{version}
 
 %build
-make clean
-make LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" %{?_smp_mflags}
+%set_build_flags
+
+%make_build LIBDIR="%{_libdir}"
 
 %install
 rm -rf %{buildroot}
@@ -45,36 +51,35 @@ mkdir -p %{buildroot}/%{_libdir}
 mkdir -p %{buildroot}%{_usr}/share/mcstrans
 mkdir -p %{buildroot}%{_sysconfdir}/selinux/mls/setrans.d
 
-make DESTDIR="%{buildroot}" LIBDIR="%{buildroot}%{_libdir}" SHLIBDIR="%{buildroot}/%{_lib}" install
-rm -f %{buildroot}%{_sbindir}/*
+%make_install LIBDIR="%{_libdir}" SHLIBDIR="%{_lib}" SBINDIR="%{_sbindir}"
 rm -f %{buildroot}%{_libdir}/*.a
 cp -r share/* %{buildroot}%{_usr}/share/mcstrans/
-
-%clean
-rm -rf %{buildroot}
+# Systemd 
+mkdir -p %{buildroot}%{_unitdir}
+ln -s %{_unitdir}/mcstrans.service %{buildroot}/%{_unitdir}/mcstransd.service
+rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/mcstrans
+install -m644 %{SOURCE2} %{buildroot}%{_mandir}/man8/
 
 %post 
-chkconfig --add mcstrans
-if [ -f /var/lock/subsys/mcstrans ]; then
-   mv /var/lock/subsys/mcstrans /var/lock/subsys/mcstransd
-fi
+%systemd_post mcstransd.service
 
 %preun
-if [ $1 -eq 0 ]; then
-   service mcstrans stop > /dev/null 2>&1
-   chkconfig --del mcstrans
-fi
+%systemd_preun mcstransd.service
 
 %postun 
-if [ $1 -ge 1 ]; then
-   service mcstrans condrestart > /dev/null 2>&1 || :
-fi
+%systemd_postun mcstransd.service
 
 %files
-%defattr(-,root,root,0755)
 %{_mandir}/man8/mcs.8.gz
-/sbin/mcstransd
-%{_sysconfdir}/rc.d/init.d/mcstrans
+%{_mandir}/man8/mcstransd.8.gz
+%{_mandir}/man5/setrans.conf.5.gz
+%{_mandir}/ru/man8/mcs.8.gz
+%{_mandir}/ru/man8/mcstransd.8.gz
+%{_mandir}/ru/man5/setrans.conf.5.gz
+%{_mandir}/man8/secolor.conf.8.gz
+/usr/sbin/mcstransd
+%{_unitdir}/mcstrans.service
+%{_unitdir}/mcstransd.service
 %dir %{_sysconfdir}/selinux/mls/setrans.d
 
 %dir %{_usr}/share/mcstrans
@@ -88,6 +93,123 @@ fi
 %{_usr}/share/mcstrans/util/*
 
 %changelog
+* Tue Jul 28 2020 Tom Stellard <tstellar@redhat.com> - 3.1-3
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Thu Jul 16 2020 Petr Lautrbach <plautrba@redhat.com> - 3.1-1
+- SELinux userspace 3.1 release
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Dec  6 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-1
+- SELinux userspace 3.0 release
+
+* Mon Nov 11 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-0.rc1.1
+- SELinux userspace 3.0-rc1 release candidate
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Tue Mar 19 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-1
+- SELinux userspace 2.9 release
+
+* Mon Mar 11 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-0.rc2.1
+- SELinux userspace 2.9-rc2 release
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-0.rc1.1.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Wed Jan 30 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-0.rc1.1
+- Update to mcstrans-2.9-rc1
+
+* Tue Oct  2 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-1
+- Update to mcstrans-2.8
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.4-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed Mar 19 2014 Karsten Hopp |karsten@redhat.com> - 0.3.4-4
+- fix changelog order so that it builds with a recent rpm
+
+* Wed Oct 16 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-3
+- Make mcstrans PIE and fully relro 
+- Resolves: #983268
+
+* Tue Oct 15 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-2
+- Add RELRO support for long running services
+
+* Thu Sep 12 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.4-1
+- Update to latest version/applying patches
+- Move binary to /usr/sbin rather then /sbin
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Tue Mar 26 2013 Dan Walsh <dwalsh@redhat.com> - 0.3.3-7
+- Add secolor.conf.5 man page
+- Make mcstransd watch for content being written to /run/setrans for files names containing translations.
+-- This will allow apps like libvirt to write content nameing randomly selected MCS labels
+- Fix memory leak in mcstransd
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 0.3.3-4
+- Rebuild against PCRE 8.30
+
+* Thu Feb 2 2012 Dan Walsh <dwalsh@redhat.com> - 0.3.3-3
+- Fix the systemd service file
+
+* Wed Feb 1 2012 Dan Walsh <dwalsh@redhat.com> - 0.3.3-2
+- Update to upstream
+- Write pid file
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.2-1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Jan  5 2011 Ted X Toth <txtoth@gmail.com> - 0.3.2-0
+- Add constraints
+- Add setrans.conf man page
+- Fix mixed raw and translated range bug
+- Moved todo comments to TODO file
+
+* Fri Oct 16 2009 Dan Walsh <dwalsh@redhat.com> 0.3.1-4
+- Add mcstransd man page
+
 * Thu Sep 17 2009 Miroslav Grepl <mgrepl@redhat.com> 0.3.1-3
 - Fix init script
 
@@ -116,7 +238,7 @@ fi
 * Tue Feb 12 2008 Dan Walsh <dwalsh@redhat.com> 0.2.7-2
 - Rebuild for gcc 4.3
 
-* Mon Oct 30 2007 Steve Conklin <sconklin@redhat.com> - 0.2.7-1
+* Tue Oct 30 2007 Steve Conklin <sconklin@redhat.com> - 0.2.7-1
 - Folded current patches into tarball
 
 * Thu Oct 25 2007 Steve Conklin <sconklin@redhat.com> - 0.2.6-3

mcstransd.service

@@ -0,0 +1,12 @@
+[Unit]
+Description= Daemon used to translate SELinux MCS/MLS labels to human readable form
+After=syslog.target
+ConditionPathExists=/etc/selinux/mls/setrans.d
+
+[Service]
+Type=forking
+PIDFile=/run/mcstransd.pid
+ExecStart=/usr/sbin/mcstransd
+
+[Install]
+WantedBy=multi-user.target

secolor.conf.8

@@ -0,0 +1,180 @@
+.TH "secolor.conf" "8" "08 April 2011" "SELinux API documentation"
+.SH "NAME"
+secolor.conf \- The SELinux color configuration file
+.
+.SH "DESCRIPTION"
+The 
+.I /etc/selinux/{SELINUXTYPE}/secolor.conf
+configuation file controls the color to be associated to the context components associated to the 
+.I raw
+context passed by 
+.BR selinux_raw_context_to_color "(3),"
+when context related information is to be displayed in color by an SELinux-aware application. 
+.sp
+.BR selinux_raw_context_to_color "(3)"
+obtains this color information from the active policy 
+.B secolor.conf
+file as returned by 
+.BR selinux_colors_path "(3)."
+.
+.SH "FILE FORMAT"
+The file format is as follows:
+.RS
+.B color
+.I color_name
+.BI "= #"color_mask
+.br
+[...]
+.sp
+.I context_component string
+.B =
+.I fg_color_name bg_color_name
+.br
+[...]
+.sp 
+.RE
+
+Where:
+.br
+.B color
+.RS
+The color keyword. Each color entry is on a new line.
+.RE
+.I color_name
+.RS
+A single word name for the color (e.g. red).
+.RE
+.I color_mask
+.RS
+A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #000000 and white being #ffffff.
+.RE
+.I context_component
+.RS
+The context component name that must be one of the following:
+.br
+.RS
+user, role, type or range 
+.RE
+Each
+.IR context_component " " string " ..."
+entry is on a new line.
+.RE
+.I string
+.RS
+This is the 
+.I context_component
+string that will be matched with the 
+.I raw
+context component passed by
+.BR selinux_raw_context_to_color "(3)."
+.br
+A wildcard '*' may be used to match any undefined string for the user, role and type 
+.I context_component
+entries only.
+.RE
+
+.I fg_color_name
+.RS
+The color_name string that will be used as the foreground color.
+A 
+.I color_mask
+may also be used.
+.RE
+.I bg_color_name
+.RS
+The color_name string that will be used as the background color.
+A 
+.I color_mask
+may also be used.
+.RE
+.
+.SH "EXAMPLES"
+Example 1 entries are:
+.RS
+color black  = #000000
+.br
+color green  = #008000
+.br
+color yellow = #ffff00
+.br
+color blue   = #0000ff
+.br
+color white  = #ffffff
+.br
+color red    = #ff0000
+.br
+color orange = #ffa500
+.br
+color tan    = #D2B48C
+.sp
+user * = black white
+.br
+role * = white black
+.br
+type * = tan orange
+.br
+range s0\-s0:c0.c1023 = black green
+.br
+range s1\-s1:c0.c1023 = white green
+.br
+range s3\-s3:c0.c1023 = black tan
+.br
+range s5\-s5:c0.c1023 = white blue
+.br
+range s7\-s7:c0.c1023 = black red
+.br
+range s9\-s9:c0.c1023 = black orange
+.br
+range s15:c0.c1023   = black yellow
+.RE
+
+.sp
+Example 2 entries are:
+.RS
+color black  = #000000
+.br
+color green  = #008000
+.br
+color yellow = #ffff00
+.br
+color blue   = #0000ff
+.br
+color white  = #ffffff
+.br
+color red    = #ff0000
+.br
+color orange = #ffa500
+.br
+color tan    = #d2b48c
+.sp
+user unconfined_u = #ff0000 green
+.br
+role unconfined_r = red #ffffff
+.br
+type unconfined_t = red orange
+.br
+user user_u       = black green
+.br
+role user_r       = white black
+.br
+type user_t       = tan red
+.br
+user xguest_u     = black yellow
+.br
+role xguest_r     = black red
+.br
+type xguest_t     = black green
+.br
+user sysadm_u     = white black
+.br
+range s0:c0.c1023 = black white
+.br
+user *            = black white
+.br
+role *            = black white
+.br
+type *            = black white
+.RE
+.
+.SH "SEE ALSO"
+.BR mcstransd "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"

sources

@@ -1 +1 @@
-b9f80deb6a34211650e19bc283e94e46  mcstrans-0.3.1.tgz
+SHA512 (mcstrans-3.1.tar.gz) = 21e9b7a8c9d98cbee61f2eb1c440a51d19ac111a5955c24d365a8784e1aa34fb47a22a108e550c8a4cde4f25ec5afc466126a68e9faedfc796bef83eada93b60