diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
index bf665ab..ccd08ae 100644
--- a/libselinux/src/Makefile
+++ b/libselinux/src/Makefile
@@ -1,10 +1,11 @@
# Installation directories.
+PYTHON ?= python
PREFIX ?= $(DESTDIR)/usr
LIBDIR ?= $(PREFIX)/lib
SHLIBDIR ?= $(DESTDIR)/lib
INCLUDEDIR ?= $(PREFIX)/include
-PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
-PYINC ?= /usr/include/$(PYLIBVER)
+PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
+PYINC ?= $(shell pkg-config --cflags `basename $(PYTHON)`)
PYLIB ?= /usr/lib/$(PYLIBVER)
PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
@@ -23,13 +24,13 @@ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i
SWIGRUBYIF= selinuxswig_ruby.i
SWIGCOUT= selinuxswig_wrap.c
SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
-SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
+SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT))
SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
-SWIGSO=_selinux.so
+SWIGSO=$(PYPREFIX)_selinux.so
SWIGFILES=$(SWIGSO) selinux.py selinuxswig_python_exception.i
SWIGRUBYSO=_rubyselinux.so
LIBSO=$(TARGET).$(LIBVERSION)
-AUDIT2WHYSO=audit2why.so
+AUDIT2WHYSO=$(PYPREFIX)audit2why.so
ifeq ($(DISABLE_AVC),y)
UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
@@ -70,7 +71,7 @@ $(LIBA): $(OBJS)
$(RANLIB) $@
$(SWIGLOBJ): $(SWIGCOUT)
- $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+ $(CC) $(filter-out -Werror,$(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $<
$(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
$(CC) $(filter-out -Werror,$(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $<
@@ -91,10 +92,10 @@ $(LIBPC): $(LIBPC).in
selinuxswig_python_exception.i: ../include/selinux/selinux.h
bash exception.sh > $@
-audit2why.lo: audit2why.c
- $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+$(PYPREFIX)audit2why.lo: audit2why.c
+ $(CC) $(CFLAGS) $(PYINC) -fPIC -DSHARED -c -o $@ $<
-$(AUDIT2WHYSO): audit2why.lo
+$(AUDIT2WHYSO): $(PYPREFIX)audit2why.lo
$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
%.o: %.c policy.h
@@ -123,8 +124,8 @@ install: all
install-pywrap: pywrap
test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
- install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
- install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
+ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux/_selinux.so
+ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux/audit2why.so
install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
install-rubywrap: rubywrap
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index 691bc67..12e8614 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -1,3 +1,6 @@
+/* Workaround for http://bugs.python.org/issue4835 */
+#define SIZEOF_SOCKET_T SIZEOF_INT
+
#include <Python.h>
#include <unistd.h>
#include <stdlib.h>
@@ -255,6 +258,8 @@ static int __policy_init(const char *init_path)
fclose(fp);
sepol_set_policydb(&avc->policydb->p);
avc->handle = sepol_handle_create();
+ /* Turn off messages */
+ sepol_msg_set_callback(avc->handle, NULL, NULL);
rc = sepol_bool_count(avc->handle,
avc->policydb, &cnt);
@@ -287,8 +292,10 @@ static int __policy_init(const char *init_path)
static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
int result;
char *init_path=NULL;
- if (PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path))
- result = __policy_init(init_path);
+ if (!PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path)) {
+ return NULL;
+ }
+ result = __policy_init(init_path);
return Py_BuildValue("i", result);
}
@@ -353,7 +360,11 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
strObj = PyList_GetItem(listObj, i); /* Can't fail */
/* make it a string */
+#if PY_MAJOR_VERSION >= 3
+ permstr = _PyUnicode_AsString( strObj );
+#else
permstr = PyString_AsString( strObj );
+#endif
perm = string_to_av_perm(tclass, permstr);
if (!perm) {
@@ -423,10 +434,39 @@ static PyMethodDef audit2whyMethods[] = {
{NULL, NULL, 0, NULL} /* Sentinel */
};
+#if PY_MAJOR_VERSION >= 3
+/* Module-initialization logic specific to Python 3 */
+struct module_state {
+ /* empty for now */
+};
+static struct PyModuleDef moduledef = {
+ PyModuleDef_HEAD_INIT,
+ "audit2why",
+ NULL,
+ sizeof(struct module_state),
+ audit2whyMethods,
+ NULL,
+ NULL,
+ NULL,
+ NULL
+};
+
+PyMODINIT_FUNC
+PyInit_audit2why(void)
+#else
PyMODINIT_FUNC
initaudit2why(void)
+#endif
{
- PyObject *m = Py_InitModule("audit2why", audit2whyMethods);
+ PyObject *m;
+#if PY_MAJOR_VERSION >= 3
+ m = PyModule_Create(&moduledef);
+ if (m == NULL) {
+ return NULL;
+ }
+#else
+ m = Py_InitModule("audit2why", audit2whyMethods);
+#endif
PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN);
PyModule_AddIntConstant(m,"BADSCON", BADSCON);
PyModule_AddIntConstant(m,"BADTCON", BADTCON);
@@ -440,4 +480,8 @@ initaudit2why(void)
PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN);
PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT);
PyModule_AddIntConstant(m,"RBAC", RBAC);
+
+#if PY_MAJOR_VERSION >= 3
+ return m;
+#endif
}
diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c
index b245364..7c47222 100644
--- a/libselinux/src/callbacks.c
+++ b/libselinux/src/callbacks.c
@@ -16,6 +16,7 @@ default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
{
int rc;
va_list ap;
+ if (is_selinux_enabled() == 0) return 0;
va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap);
va_end(ap);
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
index bb4eb9f..c9ae42f 100644
--- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
#include <string.h>
#include <errno.h>
#include <stdio.h>
+#include <syslog.h>
#include "selinux_internal.h"
#include "label_internal.h"
#include "callbacks.h"
@@ -60,7 +61,7 @@ static void
{
va_list ap;
va_start(ap, fmt);
- vfprintf(stderr, fmt, ap);
+ vsyslog(LOG_ERR, fmt, ap);
va_end(ap);
}
diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i
index dea0e80..bb227e9 100644
--- a/libselinux/src/selinuxswig_python.i
+++ b/libselinux/src/selinuxswig_python.i
@@ -45,7 +45,7 @@ def install(src, dest):
PyObject* list = PyList_New(*$2);
int i;
for (i = 0; i < *$2; i++) {
- PyList_SetItem(list, i, PyString_FromString((*$1)[i]));
+ PyList_SetItem(list, i, PyBytes_FromString((*$1)[i]));
}
$result = SWIG_Python_AppendOutput($result, list);
}
@@ -74,7 +74,9 @@ def install(src, dest):
len++;
plist = PyList_New(len);
for (i = 0; i < len; i++) {
- PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ PyList_SetItem(plist, i,
+ PyBytes_FromString((*$1)[i])
+ );
}
} else {
plist = PyList_New(0);
@@ -91,7 +93,9 @@ def install(src, dest):
if (*$1) {
plist = PyList_New(result);
for (i = 0; i < result; i++) {
- PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ PyList_SetItem(plist, i,
+ PyBytes_FromString((*$1)[i])
+ );
}
} else {
plist = PyList_New(0);
@@ -144,16 +148,20 @@ def install(src, dest):
$1 = (char**) malloc(size + 1);
for(i = 0; i < size; i++) {
- if (!PyString_Check(PySequence_GetItem($input, i))) {
- PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
+ if (!PyBytes_Check(PySequence_GetItem($input, i))) {
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only bytes");
+
return NULL;
}
+
}
for(i = 0; i < size; i++) {
s = PySequence_GetItem($input, i);
- $1[i] = (char*) malloc(PyString_Size(s) + 1);
- strcpy($1[i], PyString_AsString(s));
+
+ $1[i] = (char*) malloc(PyBytes_Size(s) + 1);
+ strcpy($1[i], PyBytes_AsString(s));
+
}
$1[size] = NULL;
}