From aebde7523f1e37f0b4a41e064611e6f0ecff80a7 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Jul 18 2007 17:54:00 +0000 Subject: - Fix matchpathcon to set default myprintf --- diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 09b772e..05ff3ce 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.23/include/selinux/av_permissions.h ---- nsalibselinux/include/selinux/av_permissions.h 2006-11-16 17:15:18.000000000 -0500 -+++ libselinux-2.0.23/include/selinux/av_permissions.h 2007-07-11 10:06:56.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.24/include/selinux/av_permissions.h +--- nsalibselinux/include/selinux/av_permissions.h 2007-07-16 14:20:45.000000000 -0400 ++++ libselinux-2.0.24/include/selinux/av_permissions.h 2007-07-18 13:52:07.000000000 -0400 @@ -290,12 +290,16 @@ #define NODE__RAWIP_RECV 0x00000010UL #define NODE__RAWIP_SEND 0x00000020UL @@ -56,9 +56,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permission +#define DCCP_SOCKET__NODE_BIND 0x00400000UL +#define DCCP_SOCKET__NAME_CONNECT 0x00800000UL +#define MEMPROTECT__MMAP_ZERO 0x00000001UL -diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/flask.h libselinux-2.0.23/include/selinux/flask.h ---- nsalibselinux/include/selinux/flask.h 2006-11-16 17:15:18.000000000 -0500 -+++ libselinux-2.0.23/include/selinux/flask.h 2007-07-11 10:07:03.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/flask.h libselinux-2.0.24/include/selinux/flask.h +--- nsalibselinux/include/selinux/flask.h 2007-07-16 14:20:45.000000000 -0400 ++++ libselinux-2.0.24/include/selinux/flask.h 2007-07-18 13:52:07.000000000 -0400 @@ -64,6 +64,8 @@ #define SECCLASS_PACKET 57 #define SECCLASS_KEY 58 @@ -68,9 +68,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/flask.h libse /* * Security identifier indices for initial entities -diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.23/Makefile ---- nsalibselinux/Makefile 2007-06-01 10:44:08.000000000 -0400 -+++ libselinux-2.0.23/Makefile 2007-06-26 05:11:37.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.24/Makefile +--- nsalibselinux/Makefile 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/Makefile 2007-07-18 13:52:07.000000000 -0400 @@ -20,6 +20,9 @@ $(MAKE) -C src $(MAKE) -C utils @@ -81,9 +81,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.23/Ma pywrap: $(MAKE) -C src pywrap -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 libselinux-2.0.23/man/man3/avc_add_callback.3 ---- nsalibselinux/man/man3/avc_add_callback.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_add_callback.3 2007-07-10 12:17:08.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 libselinux-2.0.24/man/man3/avc_add_callback.3 +--- nsalibselinux/man/man3/avc_add_callback.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_add_callback.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,26 +6,26 @@ avc_add_callback \- additional event notification for SELinux userspace object managers. .SH "SYNOPSIS" @@ -118,9 +118,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 l .BI "access_vector_t " perms ");" .in .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 libselinux-2.0.23/man/man3/avc_cache_stats.3 ---- nsalibselinux/man/man3/avc_cache_stats.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_cache_stats.3 2007-07-10 12:17:08.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 libselinux-2.0.24/man/man3/avc_cache_stats.3 +--- nsalibselinux/man/man3/avc_cache_stats.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_cache_stats.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace SELinux AVC statistics. .SH "SYNOPSIS" @@ -130,9 +130,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 li .B #include .sp .BI "void avc_av_stats(void);" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_compute_create.3 libselinux-2.0.23/man/man3/avc_compute_create.3 ---- nsalibselinux/man/man3/avc_compute_create.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_compute_create.3 2007-07-10 12:17:07.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_compute_create.3 libselinux-2.0.24/man/man3/avc_compute_create.3 +--- nsalibselinux/man/man3/avc_compute_create.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_compute_create.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ avc_compute_create \- obtain SELinux label for new object. .SH "SYNOPSIS" @@ -142,9 +142,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_compute_create.3 .B #include .sp .BI "int avc_compute_create(security_id_t " ssid ", security_id_t " tsid , -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 libselinux-2.0.23/man/man3/avc_context_to_sid.3 ---- nsalibselinux/man/man3/avc_context_to_sid.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_context_to_sid.3 2007-07-10 12:17:07.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 libselinux-2.0.24/man/man3/avc_context_to_sid.3 +--- nsalibselinux/man/man3/avc_context_to_sid.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_context_to_sid.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ avc_context_to_sid, avc_sid_to_context, sidput, sidget, avc_get_initial_sid \- obtain and manipulate SELinux security ID's. .SH "SYNOPSIS" @@ -154,9 +154,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 .B #include .sp .BI "int avc_context_to_sid(security_context_t " ctx ", security_id_t *" sid ");" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libselinux-2.0.23/man/man3/avc_has_perm.3 ---- nsalibselinux/man/man3/avc_has_perm.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_has_perm.3 2007-07-10 12:13:47.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libselinux-2.0.24/man/man3/avc_has_perm.3 +--- nsalibselinux/man/man3/avc_has_perm.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_has_perm.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ avc_has_perm, avc_has_perm_noaudit, avc_audit, avc_entry_ref_init \- obtain and audit SELinux access decisions. .SH "SYNOPSIS" @@ -191,9 +191,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libse .BI "struct av_decision *" avd ", int " result ", void *" auditdata ");" .in .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinux-2.0.23/man/man3/avc_init.3 ---- nsalibselinux/man/man3/avc_init.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/avc_init.3 2007-07-10 12:13:43.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinux-2.0.24/man/man3/avc_init.3 +--- nsalibselinux/man/man3/avc_init.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/avc_init.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,17 +6,17 @@ avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and teardown. .SH "SYNOPSIS" @@ -216,9 +216,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinu .BI "const struct avc_lock_callback *" lock_callbacks ");" .in .sp -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libselinux-2.0.23/man/man3/context_new.3 ---- nsalibselinux/man/man3/context_new.3 2007-01-17 11:11:35.000000000 -0500 -+++ libselinux-2.0.23/man/man3/context_new.3 2007-07-10 12:13:40.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libselinux-2.0.24/man/man3/context_new.3 +--- nsalibselinux/man/man3/context_new.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/context_new.3 2007-07-18 13:52:07.000000000 -0400 @@ -4,27 +4,27 @@ .SH "SYNOPSIS" @@ -258,9 +258,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libsel .B "const char * context_user_set(context_t " con ", const char* " user ); .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.23/man/man3/freecon.3 ---- nsalibselinux/man/man3/freecon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/freecon.3 2007-07-10 12:13:55.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.24/man/man3/freecon.3 +--- nsalibselinux/man/man3/freecon.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/freecon.3 2007-07-18 13:52:07.000000000 -0400 @@ -5,7 +5,7 @@ .B #include .sp @@ -270,9 +270,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux .BI "void freeconary(security_context_t *" con ); .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux-2.0.23/man/man3/getcon.3 ---- nsalibselinux/man/man3/getcon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/getcon.3 2007-07-10 12:14:08.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux-2.0.24/man/man3/getcon.3 +--- nsalibselinux/man/man3/getcon.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/getcon.3 2007-07-18 13:52:07.000000000 -0400 @@ -1,21 +1,21 @@ .TH "getcon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation" .SH "NAME" @@ -301,9 +301,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux- .BI "int setcon(security_context_t " context); .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libselinux-2.0.23/man/man3/getexeccon.3 ---- nsalibselinux/man/man3/getexeccon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/getexeccon.3 2007-07-10 12:14:24.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libselinux-2.0.24/man/man3/getexeccon.3 +--- nsalibselinux/man/man3/getexeccon.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/getexeccon.3 2007-07-18 13:52:07.000000000 -0400 @@ -1,16 +1,16 @@ .TH "getexeccon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation" .SH "NAME" @@ -344,9 +344,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libseli .B rpm_execcon runs a helper for rpm in an appropriate security context. The -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libselinux-2.0.23/man/man3/getfilecon.3 ---- nsalibselinux/man/man3/getfilecon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/getfilecon.3 2007-07-10 12:17:06.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libselinux-2.0.24/man/man3/getfilecon.3 +--- nsalibselinux/man/man3/getfilecon.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/getfilecon.3 2007-07-18 13:52:07.000000000 -0400 @@ -5,9 +5,9 @@ .B #include .sp @@ -367,9 +367,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libseli The returned context should be freed with freecon if non-NULL. .SH "RETURN VALUE" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 libselinux-2.0.23/man/man3/getfscreatecon.3 ---- nsalibselinux/man/man3/getfscreatecon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/getfscreatecon.3 2007-07-10 12:17:06.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 libselinux-2.0.24/man/man3/getfscreatecon.3 +--- nsalibselinux/man/man3/getfscreatecon.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/getfscreatecon.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ .B #include .sp @@ -393,9 +393,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 lib Note: Signal handlers that perform an setfscreate must take care to save, reset, and restore the fscreate context to avoid unexpected behaviors. -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-2.0.23/man/man3/get_ordered_context_list.3 ---- nsalibselinux/man/man3/get_ordered_context_list.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/get_ordered_context_list.3 2007-07-10 12:17:05.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-2.0.24/man/man3/get_ordered_context_list.3 +--- nsalibselinux/man/man3/get_ordered_context_list.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/get_ordered_context_list.3 2007-07-18 13:52:07.000000000 -0400 @@ -4,7 +4,7 @@ .SH "SYNOPSIS" @@ -405,9 +405,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_ .B #include .sp .BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list ); -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-2.0.23/man/man3/getseuserbyname.3 ---- nsalibselinux/man/man3/getseuserbyname.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/getseuserbyname.3 2007-07-10 12:17:04.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-2.0.24/man/man3/getseuserbyname.3 +--- nsalibselinux/man/man3/getseuserbyname.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/getseuserbyname.3 2007-07-18 13:52:07.000000000 -0400 @@ -12,7 +12,7 @@ then be passed to other libselinux functions such as get_ordered_context_list_with_level and get_default_context_with_level. @@ -417,9 +417,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 li The returned SELinux username and level should be freed by the caller using free. -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-2.0.23/man/man3/is_context_customizable.3 ---- nsalibselinux/man/man3/is_context_customizable.3 2007-01-17 11:11:35.000000000 -0500 -+++ libselinux-2.0.23/man/man3/is_context_customizable.3 2007-07-10 12:17:04.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-2.0.24/man/man3/is_context_customizable.3 +--- nsalibselinux/man/man3/is_context_customizable.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/is_context_customizable.3 2007-07-18 13:52:07.000000000 -0400 @@ -8,7 +8,7 @@ .SH "DESCRIPTION" @@ -429,9 +429,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customiza This function checks whether the type of scon is in the /etc/selinux/SELINUXTYPE/context/customizable_types file. A customizable type is a file context type that administrators set on files, usually to allow certain domains to share the file content. restorecon and setfiles, by default, leave these context in place. -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libselinux-2.0.23/man/man3/matchmediacon.3 ---- nsalibselinux/man/man3/matchmediacon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/matchmediacon.3 2007-07-10 12:17:03.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libselinux-2.0.24/man/man3/matchmediacon.3 +--- nsalibselinux/man/man3/matchmediacon.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/matchmediacon.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,14 +6,14 @@ .B #include .sp @@ -450,9 +450,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libs .B Note: Caller must free returned security context "con" using freecon. .SH "RETURN VALUE" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libselinux-2.0.23/man/man3/matchpathcon.3 ---- nsalibselinux/man/man3/matchpathcon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/matchpathcon.3 2007-07-10 12:15:33.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libselinux-2.0.24/man/man3/matchpathcon.3 +--- nsalibselinux/man/man3/matchpathcon.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/matchpathcon.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,18 +6,18 @@ .B #include .sp @@ -531,9 +531,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libse .sp .SH "RETURN VALUE" Returns 0 on success or -1 otherwise. -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_class_to_string.3 libselinux-2.0.23/man/man3/security_class_to_string.3 ---- nsalibselinux/man/man3/security_class_to_string.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/security_class_to_string.3 2007-07-10 12:15:16.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_class_to_string.3 libselinux-2.0.24/man/man3/security_class_to_string.3 +--- nsalibselinux/man/man3/security_class_to_string.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/security_class_to_string.3 2007-07-18 13:52:07.000000000 -0400 @@ -8,7 +8,7 @@ .SH "SYNOPSIS" @@ -543,9 +543,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_class_to_st .B #include .sp .BI "const char * security_class_to_string(security_class_t " tclass ");" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av.3 libselinux-2.0.23/man/man3/security_compute_av.3 ---- nsalibselinux/man/man3/security_compute_av.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/security_compute_av.3 2007-07-10 12:15:12.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av.3 libselinux-2.0.24/man/man3/security_compute_av.3 +--- nsalibselinux/man/man3/security_compute_av.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/security_compute_av.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ .SH "SYNOPSIS" @@ -555,9 +555,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av. .B #include .sp .BI "int security_compute_av(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", access_vector_t "requested ", struct av_decision *" avd ); -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce.3 libselinux-2.0.23/man/man3/security_getenforce.3 ---- nsalibselinux/man/man3/security_getenforce.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/security_getenforce.3 2007-07-10 12:15:08.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce.3 libselinux-2.0.24/man/man3/security_getenforce.3 +--- nsalibselinux/man/man3/security_getenforce.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/security_getenforce.3 2007-07-18 13:52:07.000000000 -0400 @@ -5,7 +5,7 @@ .B #include .sp @@ -567,9 +567,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce. .BI "int security_setenforce(int "value ); .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_booleans.3 libselinux-2.0.23/man/man3/security_load_booleans.3 ---- nsalibselinux/man/man3/security_load_booleans.3 2007-01-17 11:11:35.000000000 -0500 -+++ libselinux-2.0.23/man/man3/security_load_booleans.3 2007-07-10 12:17:02.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_booleans.3 libselinux-2.0.24/man/man3/security_load_booleans.3 +--- nsalibselinux/man/man3/security_load_booleans.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/security_load_booleans.3 2007-07-18 13:52:07.000000000 -0400 @@ -7,15 +7,15 @@ .B #include .sp @@ -625,9 +625,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_boolea Commit all pending values for the booleans. .SH AUTHOR -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_lookup.3 libselinux-2.0.23/man/man3/selabel_lookup.3 ---- nsalibselinux/man/man3/selabel_lookup.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selabel_lookup.3 2007-07-10 12:17:01.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_lookup.3 libselinux-2.0.24/man/man3/selabel_lookup.3 +--- nsalibselinux/man/man3/selabel_lookup.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selabel_lookup.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,20 +6,20 @@ selabel_lookup \- obtain SELinux security context from a string label. .SH "SYNOPSIS" @@ -652,9 +652,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_lookup.3 lib .BI "const char *" key ", int " type ");" .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_open.3 libselinux-2.0.23/man/man3/selabel_open.3 ---- nsalibselinux/man/man3/selabel_open.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selabel_open.3 2007-07-10 12:17:00.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_open.3 libselinux-2.0.24/man/man3/selabel_open.3 +--- nsalibselinux/man/man3/selabel_open.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selabel_open.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,13 +6,13 @@ selabel_open, selabel_close \- userspace SELinux labeling interface. .SH "SYNOPSIS" @@ -671,9 +671,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_open.3 libse .BI "unsigned " nopt ");" .in .sp -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_stats.3 libselinux-2.0.23/man/man3/selabel_stats.3 ---- nsalibselinux/man/man3/selabel_stats.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selabel_stats.3 2007-07-10 12:16:59.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_stats.3 libselinux-2.0.24/man/man3/selabel_stats.3 +--- nsalibselinux/man/man3/selabel_stats.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selabel_stats.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,7 +6,7 @@ selabel_stats \- obtain SELinux labeling statistics. .SH "SYNOPSIS" @@ -683,9 +683,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selabel_stats.3 libs .B #include .sp .BI "void selabel_lookup(struct selabel_handle *" hnd ");" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-2.0.23/man/man3/selinux_binary_policy_path.3 ---- nsalibselinux/man/man3/selinux_binary_policy_path.3 2007-01-17 11:11:35.000000000 -0500 -+++ libselinux-2.0.23/man/man3/selinux_binary_policy_path.3 2007-07-10 12:16:08.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-2.0.24/man/man3/selinux_binary_policy_path.3 +--- nsalibselinux/man/man3/selinux_binary_policy_path.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selinux_binary_policy_path.3 2007-07-18 13:52:07.000000000 -0400 @@ -10,27 +10,27 @@ .SH "SYNOPSIS" .B #include @@ -725,9 +725,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_polic extern const char *selinux_booleans_path(void); -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemode.3 libselinux-2.0.23/man/man3/selinux_getenforcemode.3 ---- nsalibselinux/man/man3/selinux_getenforcemode.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selinux_getenforcemode.3 2007-07-10 12:16:51.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemode.3 libselinux-2.0.24/man/man3/selinux_getenforcemode.3 +--- nsalibselinux/man/man3/selinux_getenforcemode.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selinux_getenforcemode.3 2007-07-18 13:52:07.000000000 -0400 @@ -5,13 +5,13 @@ .B #include .sp @@ -744,9 +744,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemo Sets the value of enforce to 1 if SELinux should be run in enforcing mode. Sets the value of enforce to 0 if SELinux should be run in permissive mode. Sets the value of enforce to -1 if SELinux should be disabled. -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root.3 libselinux-2.0.23/man/man3/selinux_policy_root.3 ---- nsalibselinux/man/man3/selinux_policy_root.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selinux_policy_root.3 2007-07-10 12:16:49.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root.3 libselinux-2.0.24/man/man3/selinux_policy_root.3 +--- nsalibselinux/man/man3/selinux_policy_root.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selinux_policy_root.3 2007-07-18 13:52:07.000000000 -0400 @@ -5,7 +5,7 @@ .B #include .sp @@ -756,9 +756,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root. .SH "DESCRIPTION" .B selinux_policy_root -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_set_callback.3 libselinux-2.0.23/man/man3/selinux_set_callback.3 ---- nsalibselinux/man/man3/selinux_set_callback.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/selinux_set_callback.3 2007-07-10 12:16:48.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_set_callback.3 libselinux-2.0.24/man/man3/selinux_set_callback.3 +--- nsalibselinux/man/man3/selinux_set_callback.3 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man3/selinux_set_callback.3 2007-07-18 13:52:07.000000000 -0400 @@ -39,11 +39,11 @@ argument indicates the type of message and will be set to one of the following: @@ -774,9 +774,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_set_callback .B SELINUX_AVC .TP -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libselinux-2.0.23/man/man3/setfilecon.3 ---- nsalibselinux/man/man3/setfilecon.3 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man3/setfilecon.3 2007-07-10 12:12:18.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libselinux-2.0.24/man/man3/setfilecon.3 +--- nsalibselinux/man/man3/setfilecon.3 2007-07-16 14:20:47.000000000 -0400 ++++ libselinux-2.0.24/man/man3/setfilecon.3 2007-07-18 13:52:07.000000000 -0400 @@ -6,9 +6,9 @@ .B #include .sp @@ -789,9 +789,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libseli .BI "int fsetfilecon(int "fd ", security_context_t "con ); .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_file.5 libselinux-2.0.23/man/man5/selabel_file.5 ---- nsalibselinux/man/man5/selabel_file.5 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man5/selabel_file.5 2007-07-10 12:18:11.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_file.5 libselinux-2.0.24/man/man5/selabel_file.5 +--- nsalibselinux/man/man5/selabel_file.5 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man5/selabel_file.5 2007-07-18 13:52:07.000000000 -0400 @@ -6,13 +6,13 @@ selabel_file \- userspace SELinux labeling interface: file contexts backend. .SH "SYNOPSIS" @@ -808,9 +808,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_file.5 libse .BI "const char *" path ", int " mode ");" .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_media.5 libselinux-2.0.23/man/man5/selabel_media.5 ---- nsalibselinux/man/man5/selabel_media.5 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man5/selabel_media.5 2007-07-10 12:18:11.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_media.5 libselinux-2.0.24/man/man5/selabel_media.5 +--- nsalibselinux/man/man5/selabel_media.5 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man5/selabel_media.5 2007-07-18 13:52:07.000000000 -0400 @@ -6,13 +6,13 @@ selabel_media \- userspace SELinux labeling interface: media contexts backend. .SH "SYNOPSIS" @@ -827,9 +827,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_media.5 libs .BI "const char *" device_name ", int " unused ");" .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_x.5 libselinux-2.0.23/man/man5/selabel_x.5 ---- nsalibselinux/man/man5/selabel_x.5 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man5/selabel_x.5 2007-07-10 12:18:09.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_x.5 libselinux-2.0.24/man/man5/selabel_x.5 +--- nsalibselinux/man/man5/selabel_x.5 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man5/selabel_x.5 2007-07-18 13:52:07.000000000 -0400 @@ -6,13 +6,13 @@ selabel_x \- userspace SELinux labeling interface: X Window System contexts backend. .SH "SYNOPSIS" @@ -846,9 +846,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man5/selabel_x.5 libselin .BI "const char *" object_name ", int " object_type ");" .SH "DESCRIPTION" -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-2.0.23/man/man8/matchpathcon.8 ---- nsalibselinux/man/man8/matchpathcon.8 2007-06-21 05:16:39.000000000 -0400 -+++ libselinux-2.0.23/man/man8/matchpathcon.8 2007-07-10 11:38:39.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-2.0.24/man/man8/matchpathcon.8 +--- nsalibselinux/man/man8/matchpathcon.8 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man8/matchpathcon.8 2007-07-18 13:52:07.000000000 -0400 @@ -10,16 +10,16 @@ .SH OPTIONS .B \-n @@ -870,9 +870,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libse .B \-V Verify file context on disk matches defaults -diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinux.8 libselinux-2.0.23/man/man8/selinux.8 ---- nsalibselinux/man/man8/selinux.8 2006-11-16 17:15:26.000000000 -0500 -+++ libselinux-2.0.23/man/man8/selinux.8 2007-07-10 11:38:21.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinux.8 libselinux-2.0.24/man/man8/selinux.8 +--- nsalibselinux/man/man8/selinux.8 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/man/man8/selinux.8 2007-07-18 13:52:07.000000000 -0400 @@ -62,14 +62,13 @@ .B system-config-securitylevel allows customization of these booleans and tunables. @@ -889,3 +889,15 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinux.8 libselinux The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files. .SH AUTHOR +diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.24/src/matchpathcon.c +--- nsalibselinux/src/matchpathcon.c 2007-07-16 14:20:46.000000000 -0400 ++++ libselinux-2.0.24/src/matchpathcon.c 2007-07-18 13:52:29.000000000 -0400 +@@ -65,7 +65,7 @@ + #ifdef __GNUC__ + __attribute__ ((format(printf, 1, 2))) + #endif +- (*myprintf) (const char *fmt,...); ++ (*myprintf) (const char *fmt,...) = &default_printf; + + void set_matchpathcon_printf(void (*f) (const char *fmt, ...)) + { diff --git a/libselinux.spec b/libselinux.spec index 55d3ee4..a657fc7 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -2,7 +2,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.0.24 -Release: 1%{?dist} +Release: 2%{?dist} License: Public domain (uncopyrighted) Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz @@ -123,6 +123,9 @@ exit 0 %{_libdir}/python*/site-packages/selinux.py* %changelog +* Wed Jul 18 2007 Dan Walsh - 2.0.24-2 +- Fix matchpathcon to set default myprintf + * Mon Jul 16 2007 Dan Walsh - 2.0.24-1 - Upgrade to upstream * Fix for getfilecon() for zero-length contexts from Stephen Smalley.