From 612cc229f4a9407ba9a3ac03428350aec5c86272 Mon Sep 17 00:00:00 2001
From: rhatdan <dwalsh@redhat.com>
Date: Sep 18 2012 14:31:07 +0000
Subject: Update to upstream


	* libsemanage: do not set soname needlessly
	* libsemanage: remove PYTHONLIBDIR and ruby equivalent
	* do boolean name substitution
	* Fix segfault for building standard policies.

---

diff --git a/.gitignore b/.gitignore
index 7e0ae2b..672d5c0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -127,3 +127,4 @@ libsemanage-2.0.45.tgz
 /libsemanage-2.1.6.tgz
 /libsemanage-2.1.7.tgz
 /libsemanage-2.1.8.tgz
+/libsemanage-2.1.9.tgz
diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch
index f60ce5e..efe7fa9 100644
--- a/libsemanage-rhat.patch
+++ b/libsemanage-rhat.patch
@@ -1,35 +1,74 @@
-diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile
-index fc64919..c63bb22 100644
---- a/libsemanage/src/Makefile
-+++ b/libsemanage/src/Makefile
-@@ -13,12 +13,10 @@ SHLIBDIR ?= $(PREFIX)/lib
- INCLUDEDIR ?= $(PREFIX)/include
- PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')
- PYINC ?= $(shell pkg-config --cflags $(PYPREFIX))
--PYTHONLIBDIR ?= $(shell pkg-config --libs $(PYPREFIX))
- PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
- RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
- RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM')
- RUBYINC ?= $(shell pkg-config --cflags ruby-$(RUBYLIBVER))
--RUBYLIBDIR ?= $(shell pkg-config --libs ruby-$(RUBYLIBVER))
- RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
+diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
+index bbdac1d..80d08ec 100644
+--- a/libsemanage/src/conf-parse.y
++++ b/libsemanage/src/conf-parse.y
+@@ -58,7 +58,7 @@ static int parse_errors;
+ }
  
- LIBBASE=$(shell basename $(LIBDIR))
-@@ -84,10 +82,10 @@ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
- 	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+ %token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED
+-%token LOAD_POLICY_START SETFILES_START DISABLE_GENHOMEDIRCON HANDLE_UNKNOWN USEPASSWD IGNOREDIRS
++%token LOAD_POLICY_START SETFILES_START SEFCONTEXT_COMPILE_START DISABLE_GENHOMEDIRCON HANDLE_UNKNOWN USEPASSWD IGNOREDIRS
+ %token BZIP_BLOCKSIZE BZIP_SMALL
+ %token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
+ %token PROG_PATH PROG_ARGS
+@@ -230,6 +230,14 @@ command_start:
+                                 YYABORT;
+                         }
+                 }
++        |       SEFCONTEXT_COMPILE_START {
++                        semanage_conf_external_prog_destroy(current_conf->sefcontext_compile);
++                        current_conf->sefcontext_compile = NULL;
++                        if (new_external_prog(&current_conf->sefcontext_compile) == -1) {
++                                parse_errors++;
++                                YYABORT;
++                        }
++                }
+         ;
  
- $(SWIGSO): $(SWIGLOBJ)
--	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@
-+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR)
+ verify_block:   verify_start external_opts BLOCK_END  {
+@@ -308,6 +316,20 @@ static int semanage_conf_init(semanage_conf_t * conf)
+ 		return -1;
+ 	}
  
- $(SWIGRUBYSO): $(SWIGRUBYLOBJ)
--	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@
-+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR)
++	if ((conf->sefcontext_compile =
++	     calloc(1, sizeof(*(current_conf->sefcontext_compile)))) == NULL) {
++		return -1;
++	}
++	if (access("/sbin/sefcontext_compile", X_OK) == 0) {
++		conf->sefcontext_compile->path = strdup("/sbin/sefcontext_compile");
++	} else {
++		conf->sefcontext_compile->path = strdup("/usr/sbin/sefcontext_compile");
++	}
++	if ((conf->sefcontext_compile->path == NULL) ||
++	    (conf->sefcontext_compile->args = strdup("$@")) == NULL) {
++		return -1;
++	}
++
+ 	return 0;
+ }
  
- $(LIBA): $(OBJS)
- 	$(AR) rcs $@ $^
+@@ -363,6 +385,7 @@ void semanage_conf_destroy(semanage_conf_t * conf)
+ 		free(conf->ignoredirs);
+ 		semanage_conf_external_prog_destroy(conf->load_policy);
+ 		semanage_conf_external_prog_destroy(conf->setfiles);
++		semanage_conf_external_prog_destroy(conf->sefcontext_compile);
+ 		semanage_conf_external_prog_destroy(conf->mod_prog);
+ 		semanage_conf_external_prog_destroy(conf->linked_prog);
+ 		semanage_conf_external_prog_destroy(conf->kernel_prog);
+diff --git a/libsemanage/src/conf-scan.l b/libsemanage/src/conf-scan.l
+index 7ef4154..41ba044 100644
+--- a/libsemanage/src/conf-scan.l
++++ b/libsemanage/src/conf-scan.l
+@@ -53,6 +53,7 @@ bzip-blocksize	return BZIP_BLOCKSIZE;
+ bzip-small	return BZIP_SMALL;
+ "[load_policy]"   return LOAD_POLICY_START;
+ "[setfiles]"      return SETFILES_START;
++"[sefcontext_compile]"      return SEFCONTEXT_COMPILE_START;
+ "[verify module]" return VERIFY_MOD_START;
+ "[verify linked]" return VERIFY_LINKED_START;
+ "[verify kernel]" return VERIFY_KERNEL_START;
 diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
-index 7fcd2b4..18babe6 100644
+index 7fcd2b4..6aa9057 100644
 --- a/libsemanage/src/handle.c
 +++ b/libsemanage/src/handle.c
 @@ -52,6 +52,26 @@ static char *private_usersconf_path = NULL;
@@ -39,7 +78,7 @@ index 7fcd2b4..18babe6 100644
 +static char *get_policy_path(void) {
 +	char *dup_path = NULL;
 +	int max = security_policyvers();
-+	if (max < 0) 
++	if (max < 0)
 +		max = sepol_policy_kern_vers_max();
 +
 +	char *policy_path = selinux_binary_policy_path_min_max(0, &max);
@@ -65,7 +104,7 @@ index 7fcd2b4..18babe6 100644
  
 -	if ( asprintf(&private_binary_policy_path, "%s/%s", path, selinux_binary_policy_path()) < 0 ) {
 +	char *policy_path = get_policy_path();
-+	if (! policy_path) 
++	if (! policy_path)
 +		goto error;
 +
 +	if ( asprintf(&private_binary_policy_path, "%s/%s", path, policy_path) < 0 ) {
@@ -87,11 +126,41 @@ index 7fcd2b4..18babe6 100644
  }
  
  const char *semanage_usersconf_path() {
+diff --git a/libsemanage/src/semanage_conf.h b/libsemanage/src/semanage_conf.h
+index 95f8ec3..9b7852c 100644
+--- a/libsemanage/src/semanage_conf.h
++++ b/libsemanage/src/semanage_conf.h
+@@ -46,6 +46,7 @@ typedef struct semanage_conf {
+ 	char *ignoredirs;	/* ";" separated of list for genhomedircon to ignore */
+ 	struct external_prog *load_policy;
+ 	struct external_prog *setfiles;
++	struct external_prog *sefcontext_compile;
+ 	struct external_prog *mod_prog, *linked_prog, *kernel_prog;
+ } semanage_conf_t;
+ 
 diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
-index cd7ce68..9c4b1fe 100644
+index cd7ce68..2fab63e 100644
 --- a/libsemanage/src/semanage_store.c
 +++ b/libsemanage/src/semanage_store.c
-@@ -1145,8 +1145,7 @@ static int semanage_install_active(semanage_handle_t * sh)
+@@ -1100,6 +1100,17 @@ int semanage_split_fc(semanage_handle_t * sh)
+ 
+ }
+ 
++static int sefcontext_compile(semanage_handle_t * sh, const char *path) {
++
++	int r;
++	if ((r = semanage_exec_prog(sh, sh->conf->sefcontext_compile, path, "")) != 0) {
++		ERR(sh, "sefcontext_compile returned error code %d. Compiling %s", r, path);
++		return -1;
++	}
++
++	return 0;
++}
++
+ /* Actually load the contents of the current active directory into the
+  * kernel.  Return 0 on success, -3 on error. */
+ static int semanage_install_active(semanage_handle_t * sh)
+@@ -1145,8 +1156,7 @@ static int semanage_install_active(semanage_handle_t * sh)
  	if (asprintf(&storepath, "%s%s", semanage_selinux_path(), sh->conf->store_path) < 0)
  		return retval;
  
@@ -101,3 +170,32 @@ index cd7ce68..9c4b1fe 100644
  	if (semanage_copy_file(active_kernel, store_pol, sh->conf->file_mode) ==
  	    -1) {
  		ERR(sh, "Could not copy %s to %s.", active_kernel, store_pol);
+@@ -1233,6 +1243,16 @@ static int semanage_install_active(semanage_handle_t * sh)
+ 		goto cleanup;
+ 	}
+ 
++	if (sefcontext_compile(sh, store_fc) != 0) {
++		goto cleanup;
++	}
++	if (sefcontext_compile(sh, store_fc_loc) != 0) {
++		goto cleanup;
++	}
++	if (sefcontext_compile(sh, store_fc_hd) != 0) {
++		goto cleanup;
++	}
++
+ 	retval = 0;
+       cleanup:
+ 	free(storepath);
+@@ -1371,6 +1391,11 @@ int semanage_install_sandbox(semanage_handle_t * sh)
+ 		goto cleanup;
+ 	}
+ 
++	if (sh->conf->sefcontext_compile == NULL) {
++		ERR(sh, "No sefcontext_compile program specified in configuration file.");
++		goto cleanup;
++	}
++
+ 	if ((commit_num = semanage_commit_sandbox(sh)) < 0) {
+ 		retval = commit_num;
+ 		goto cleanup;
diff --git a/libsemanage.spec b/libsemanage.spec
index f1ca1ef..57b91b8 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -4,13 +4,13 @@
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print (get_python_lib(1))")}
 %endif
 
-%define libsepolver 2.1.5-1
-%define libselinuxver 2.1.11-2
+%define libsepolver 2.1.7-1
+%define libselinuxver 2.1.12-1
 
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
-Version: 2.1.8
-Release: 6%{?dist}
+Version: 2.1.9
+Release: 1%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: libsemanage-%{version}.tgz
@@ -180,6 +180,13 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif # if with_python3
 
 %changelog
+* Thu Sep 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-1
+- Update to upstream 
+	* libsemanage: do not set soname needlessly
+	* libsemanage: remove PYTHONLIBDIR and ruby equivalent
+	* do boolean name substitution
+	* Fix segfault for building standard policies.
+
 * Fri Aug 03 2012 David Malcolm <dmalcolm@redhat.com> - 2.1.8-6
 - rebuild for https://fedoraproject.org/wiki/Features/Python_3.3
 
diff --git a/sources b/sources
index 0ed77db..9b2666f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-acb5c0f40f70ff32c4c39cee8432be26  libsemanage-2.1.8.tgz
+eae2f9c81be857032efde81504b9e82a  libsemanage-2.1.9.tgz