rpms/libselinux/devel .cvsignore, 1.174, 1.175 libselinux-rhat.patch, 1.160, 1.161 libselinux.spec, 1.337, 1.338 sources, 1.176, 1.177
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Aug 5 14:05:45 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/libselinux/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32244
Modified Files:
.cvsignore libselinux-rhat.patch libselinux.spec sources
Log Message:
* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.71-1
- Update to Upstream
* Add group support to seusers using %groupname syntax from Dan Walsh.
* Mark setrans socket close-on-exec from Stephen Smalley.
* Only apply nodups checking to base file contexts from Stephen Smalley.
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/.cvsignore,v
retrieving revision 1.174
retrieving revision 1.175
diff -u -r1.174 -r1.175
--- .cvsignore 1 Aug 2008 10:56:37 -0000 1.174
+++ .cvsignore 5 Aug 2008 14:05:15 -0000 1.175
@@ -155,3 +155,4 @@
libselinux-2.0.67.tgz
libselinux-2.0.69.tgz
libselinux-2.0.70.tgz
+libselinux-2.0.71.tgz
libselinux-rhat.patch:
Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.160
retrieving revision 1.161
diff -u -r1.160 -r1.161
--- libselinux-rhat.patch 1 Aug 2008 10:56:37 -0000 1.160
+++ libselinux-rhat.patch 5 Aug 2008 14:05:15 -0000 1.161
@@ -1,7 +1,12 @@
diff --exclude-from=exclude -N -u -r nsalibselinux/ChangeLog libselinux-2.0.70/ChangeLog
---- nsalibselinux/ChangeLog 2008-08-01 06:48:06.000000000 -0400
+--- nsalibselinux/ChangeLog 2008-08-05 09:58:25.000000000 -0400
+++ libselinux-2.0.70/ChangeLog 2008-08-01 06:51:25.000000000 -0400
-@@ -1,6 +1,3 @@
+@@ -1,11 +1,3 @@
+-2.0.71 2008-08-05
+- * Add group support to seusers using %groupname syntax from Dan Walsh.
+- * Mark setrans socket close-on-exec from Stephen Smalley.
+- * Only apply nodups checking to base file contexts from Stephen Smalley.
+-
-2.0.70 2008-07-30
- * Merge ruby bindings from Dan Walsh.
-
@@ -9,10 +14,10 @@
* Handle duplicate file context regexes as a fatal error from Stephen Smalley.
This prevents adding them via semanage.
diff --exclude-from=exclude -N -u -r nsalibselinux/VERSION libselinux-2.0.70/VERSION
---- nsalibselinux/VERSION 2008-08-01 06:48:06.000000000 -0400
+--- nsalibselinux/VERSION 2008-08-05 09:58:25.000000000 -0400
+++ libselinux-2.0.70/VERSION 2008-08-01 06:51:25.000000000 -0400
@@ -1 +1 @@
--2.0.70
+-2.0.71
+2.0.69
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.70/man/man8/selinuxconlist.8
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
@@ -90,142 +95,3 @@
va_end(ap);
}
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-2.0.70/src/seusers.c
---- nsalibselinux/src/seusers.c 2008-06-12 23:25:14.000000000 -0400
-+++ libselinux-2.0.70/src/seusers.c 2008-08-01 06:53:03.000000000 -0400
-@@ -89,6 +89,62 @@
-
- int require_seusers hidden = 0;
-
-+#include <pwd.h>
-+#include <grp.h>
-+
-+static gid_t get_default_gid(const char *name) {
-+ struct passwd pwstorage, *pwent = NULL;
-+ gid_t gid = -1;
-+ /* Allocate space for the getpwnam_r buffer */
-+ long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
-+ if (rbuflen <= 0) return -1;
-+ char *rbuf = malloc(rbuflen);
-+ if (rbuf == NULL) return -1;
-+
-+ int retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent);
-+ if (retval == 0 || pwent != NULL) {
-+ gid = pwent->pw_gid;
-+ }
-+ free(rbuf);
-+ return gid;
-+}
-+
-+static int check_group(const char *group, const char *name, const gid_t gid) {
-+ int match = 0;
-+ int i, ng = 0;
-+ gid_t *groups = NULL;
-+ struct group gbuf, *grent = NULL;
-+
-+ long rbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
-+ if (rbuflen <= 0)
-+ return 0;
-+ char *rbuf = malloc(rbuflen);
-+ if (rbuf == NULL)
-+ return 0;
-+
-+ if (getgrnam_r(group, &gbuf, rbuf, rbuflen,
-+ &grent) != 0)
-+ goto done;
-+
-+ if (getgrouplist(name, gid, NULL, &ng) < 0) {
-+ groups = (gid_t *) malloc(sizeof (gid_t) * ng);
-+ if (!groups) goto done;
-+ if (getgrouplist(name, gid, groups, &ng) < 0) goto done;
-+ }
-+
-+ for (i = 0; i < ng; i++) {
-+ if (grent->gr_gid == groups[i]) {
-+ match = 1;
-+ goto done;
-+ }
-+ }
-+
-+ done:
-+ free(groups);
-+ free(rbuf);
-+ return match;
-+}
-+
- int getseuserbyname(const char *name, char **r_seuser, char **r_level)
- {
- FILE *cfg = NULL;
-@@ -101,9 +157,14 @@
- char *username = NULL;
- char *seuser = NULL;
- char *level = NULL;
-+ char *groupseuser = NULL;
-+ char *grouplevel = NULL;
- char *defaultseuser = NULL;
- char *defaultlevel = NULL;
-
-+ gid_t gid = get_default_gid(name);
-+ if ( gid == (gid_t) -1 ) goto nomatch;
-+
- cfg = fopen(selinux_usersconf_path(), "r");
- if (!cfg)
- goto nomatch;
-@@ -124,31 +185,48 @@
- if (!strcmp(username, name))
- break;
-
-- if (!defaultseuser && !strcmp(username, "__default__")) {
-- free(username);
-- defaultseuser = seuser;
-- defaultlevel = level;
-+ if (username[0] == '%' &&
-+ !groupseuser &&
-+ check_group(&username[1], name, gid)) {
-+ groupseuser = seuser;
-+ grouplevel = level;
- } else {
-- free(username);
-- free(seuser);
-- free(level);
-+ if (!defaultseuser &&
-+ !strcmp(username, "__default__")) {
-+ defaultseuser = seuser;
-+ defaultlevel = level;
-+ } else {
-+ free(seuser);
-+ free(level);
-+ }
- }
-+ free(username);
-+ username = NULL;
- seuser = NULL;
- }
-
-- if (buffer)
-- free(buffer);
-+ free(buffer);
- fclose(cfg);
-
- if (seuser) {
- free(username);
- free(defaultseuser);
- free(defaultlevel);
-+ free(groupseuser);
-+ free(grouplevel);
- *r_seuser = seuser;
- *r_level = level;
- return 0;
- }
-
-+ if (groupseuser) {
-+ free(defaultseuser);
-+ free(defaultlevel);
-+ *r_seuser = groupseuser;
-+ *r_level = grouplevel;
-+ return 0;
-+ }
-+
- if (defaultseuser) {
- *r_seuser = defaultseuser;
- *r_level = defaultlevel;
Index: libselinux.spec
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.337
retrieving revision 1.338
diff -u -r1.337 -r1.338
--- libselinux.spec 1 Aug 2008 10:56:37 -0000 1.337
+++ libselinux.spec 5 Aug 2008 14:05:15 -0000 1.338
@@ -4,7 +4,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
-Version: 2.0.70
+Version: 2.0.71
Release: 1%{?dist}
License: Public Domain
Group: System Environment/Libraries
@@ -152,6 +152,12 @@
%{ruby_sitearch}/selinux.so
%changelog
+* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.71-1
+- Update to Upstream
+ * Add group support to seusers using %groupname syntax from Dan Walsh.
+ * Mark setrans socket close-on-exec from Stephen Smalley.
+ * Only apply nodups checking to base file contexts from Stephen Smalley.
+
* Fri Aug 1 2008 Dan Walsh <dwalsh at redhat.com> - 2.0.70-1
- Update to Upstream
* Merge ruby bindings from Dan Walsh.
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/libselinux/devel/sources,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- sources 1 Aug 2008 10:56:37 -0000 1.176
+++ sources 5 Aug 2008 14:05:15 -0000 1.177
@@ -1 +1 @@
-46464eff4dd1d432d9f74cebebe222c5 libselinux-2.0.70.tgz
+5d59c1105c777f8520978ee00ab46656 libselinux-2.0.71.tgz
More information about the fedora-extras-commits
mailing list