* [gentoo-commits] gentoo-x86 commit in sys-apps/policycoreutils/files: 0010-remove-sesandbox-support.patch 0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch 0040-reverse-access-check-in-run_init.patch 0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch 0110-build-mcstrans-bug-472912.patch 0030-make-inotify-check-use-flag-triggered.patch 0020-disable-autodetection-of-pam-and-audit.patch
@ 2014-09-21 10:22 Sven Vermeulen (swift)
0 siblings, 0 replies; only message in thread
From: Sven Vermeulen (swift) @ 2014-09-21 10:22 UTC (permalink / raw
To: gentoo-commits
swift 14/09/21 10:22:57
Added: 0010-remove-sesandbox-support.patch
0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch
0040-reverse-access-check-in-run_init.patch
0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch
0110-build-mcstrans-bug-472912.patch
0030-make-inotify-check-use-flag-triggered.patch
0020-disable-autodetection-of-pam-and-audit.patch
Log:
Noved to github; also add in masked 2.4 series
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0x2EDD52403B68AF47)
Revision Changes Path
1.1 sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch?rev=1.1&content-type=text/plain
Index: 0010-remove-sesandbox-support.patch
===================================================================
diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:13:23.212622408 +0200
+++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:14:24.136624808 +0200
@@ -1,4 +1,4 @@
-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
+SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
1.1 sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch?rev=1.1&content-type=text/plain
Index: 0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch
===================================================================
diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c
--- policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c 2014-08-28 21:26:25.125795076 +0200
+++ policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c 2014-08-28 21:27:03.509796589 +0200
@@ -11,6 +11,7 @@
#include <syslog.h>
#include <selinux/selinux.h>
#include <selinux/context.h>
+#include <selinux/av_permissions.h>
#include "mcstrans.h"
/* Define data structures */
1.1 sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch?rev=1.1&content-type=text/plain
Index: 0040-reverse-access-check-in-run_init.patch
===================================================================
diff -uNr policycoreutils-2.2.1.orig/run_init/run_init.c policycoreutils-2.2.1/run_init/run_init.c
--- policycoreutils-2.2.1.orig/run_init/run_init.c 2013-11-04 21:40:27.490018417 +0100
+++ policycoreutils-2.2.1/run_init/run_init.c 2013-11-04 21:40:57.088018480 +0100
@@ -406,7 +406,7 @@
new_context);
exit(-1);
}
- if (! access("/usr/sbin/open_init_pty", X_OK)) {
+ if (access("/usr/sbin/open_init_pty", X_OK) != 0) {
if (execvp(argv[1], argv + 1)) {
perror("execvp");
exit(-1);
1.1 sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch?rev=1.1&content-type=text/plain
Index: 0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch
===================================================================
diff -uNr policycoreutils-2.2.1.orig/load_policy/Makefile policycoreutils-2.2.1/load_policy/Makefile
--- policycoreutils-2.2.1.orig/load_policy/Makefile 2013-11-04 21:41:28.289018546 +0100
+++ policycoreutils-2.2.1/load_policy/Makefile 2013-11-04 21:43:31.118018808 +0100
@@ -19,7 +19,6 @@
test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
install -m 644 load_policy.8 $(MANDIR)/man8/
-mkdir -p $(USRSBINDIR)
- -ln -sf $(SBINDIR)/load_policy $(USRSBINDIR)/load_policy
clean:
-rm -f $(TARGETS) *.o
1.1 sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch?rev=1.1&content-type=text/plain
Index: 0110-build-mcstrans-bug-472912.patch
===================================================================
diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:31:19.563664821 +0200
+++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:32:25.900667435 +0200
@@ -1,4 +1,4 @@
-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
+SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll mcstrans
INOTIFYH ?= n
diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile policycoreutils-2.4-rc2/mcstrans/src/Makefile
--- policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile 2014-08-28 20:31:19.562664821 +0200
+++ policycoreutils-2.4-rc2/mcstrans/src/Makefile 2014-08-28 20:33:39.345670329 +0200
@@ -1,23 +1,10 @@
ARCH = $(shell uname -i)
-ifeq "$(ARCH)" "x86_64"
- # In case of 64 bit system, use these lines
- LIBDIR=/usr/lib64
-else
-ifeq "$(ARCH)" "i686"
- # In case of 32 bit system, use these lines
- LIBDIR=/usr/lib
-else
-ifeq "$(ARCH)" "i386"
- # In case of 32 bit system, use these lines
- LIBDIR=/usr/lib
-endif
-endif
-endif
# Installation directories.
PREFIX ?= $(DESTDIR)/usr
SBINDIR ?= $(DESTDIR)/sbin
INITDIR ?= $(DESTDIR)/etc/rc.d/init.d
SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd
+LIBDIR ?= $(PREFIX)/lib
PROG_SRC=mcstrans.c mcscolor.c mcstransd.c mls_level.c
PROG_OBJS= $(patsubst %.c,%.o,$(PROG_SRC))
diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile policycoreutils-2.4-rc2/mcstrans/utils/Makefile
--- policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile 2014-08-28 20:31:19.556664821 +0200
+++ policycoreutils-2.4-rc2/mcstrans/utils/Makefile 2014-08-28 20:34:14.145671701 +0200
@@ -3,22 +3,7 @@
BINDIR ?= $(PREFIX)/sbin
ARCH = $(shell uname -i)
-ifeq "$(ARCH)" "x86_64"
- # In case of 64 bit system, use these lines
- LIBDIR=/usr/lib64
-else
-ifeq "$(ARCH)" "i686"
- # In case of 32 bit system, use these lines
- LIBDIR=/usr/lib
-else
-ifeq "$(ARCH)" "i386"
- # In case of 32 bit system, use these lines
- LIBDIR=/usr/lib
-endif
-endif
-endif
-
-
+LIBDIR ?= $(PREFIX)/lib
CFLAGS ?= -Wall
override CFLAGS += -I../src -D_GNU_SOURCE
LDLIBS += -L../src ../src/mcstrans.o ../src/mls_level.o -lselinux -lpcre $(LIBDIR)/libsepol.a
1.1 sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch?rev=1.1&content-type=text/plain
Index: 0030-make-inotify-check-use-flag-triggered.patch
===================================================================
diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:22:45.230644554 +0200
+++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:27:08.642654934 +0200
@@ -1,8 +1,8 @@
SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
-INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
+INOTIFYH ?= n
-ifeq (${INOTIFYH}, /usr/include/sys/inotify.h)
+ifeq (${INOTIFYH}, y)
SUBDIRS += restorecond
endif
1.1 sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch?rev=1.1&content-type=text/plain
Index: 0020-disable-autodetection-of-pam-and-audit.patch
===================================================================
diff -uNr policycoreutils-2.2.1.orig/newrole/Makefile policycoreutils-2.2.1/newrole/Makefile
--- policycoreutils-2.2.1.orig/newrole/Makefile 2013-11-04 21:37:27.197018032 +0100
+++ policycoreutils-2.2.1/newrole/Makefile 2013-11-04 21:37:47.602018075 +0100
@@ -4,8 +4,8 @@
MANDIR ?= $(PREFIX)/share/man
ETCDIR ?= $(DESTDIR)/etc
LOCALEDIR = /usr/share/locale
-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
+PAMH ?= n
+AUDITH ?= n
# Enable capabilities to permit newrole to generate audit records.
# This will make newrole a setuid root program.
# The capabilities used are: CAP_AUDIT_WRITE.
@@ -24,7 +24,7 @@
EXTRA_OBJS =
override CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
LDLIBS += -lselinux -L$(PREFIX)/lib
-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
+ifeq ($(PAMH), y)
override CFLAGS += -DUSE_PAM
EXTRA_OBJS += hashtab.o
LDLIBS += -lpam -lpam_misc
@@ -32,7 +32,7 @@
override CFLAGS += -D_XOPEN_SOURCE=500
LDLIBS += -lcrypt
endif
-ifeq ($(AUDITH), /usr/include/libaudit.h)
+ifeq ($(AUDITH), y)
override CFLAGS += -DUSE_AUDIT
LDLIBS += -laudit
endif
@@ -49,7 +49,7 @@
IS_SUID=y
endif
ifeq ($(IS_SUID),y)
- MODE := 4555
+ MODE := 0555
LDLIBS += -lcap-ng
else
MODE := 0555
@@ -66,7 +66,7 @@
test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
install -m $(MODE) newrole $(BINDIR)
install -m 644 newrole.1 $(MANDIR)/man1/
-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
+ifeq ($(PAMH), y)
test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
ifeq ($(LSPP_PRIV),y)
install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole
diff -uNr policycoreutils-2.2.1.orig/run_init/Makefile policycoreutils-2.2.1/run_init/Makefile
--- policycoreutils-2.2.1.orig/run_init/Makefile 2013-11-04 21:37:27.115018032 +0100
+++ policycoreutils-2.2.1/run_init/Makefile 2013-11-04 21:37:47.603018075 +0100
@@ -5,20 +5,20 @@
MANDIR ?= $(PREFIX)/share/man
ETCDIR ?= $(DESTDIR)/etc
LOCALEDIR ?= /usr/share/locale
-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
+PAMH ?= n
+AUDITH ?= n
CFLAGS ?= -Werror -Wall -W
override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
LDLIBS += -lselinux -L$(PREFIX)/lib
-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
+ifeq ($(PAMH), y)
override CFLAGS += -DUSE_PAM
LDLIBS += -lpam -lpam_misc
else
override CFLAGS += -D_XOPEN_SOURCE=500
LDLIBS += -lcrypt
endif
-ifeq ($(AUDITH), /usr/include/libaudit.h)
+ifeq ($(AUDITH), y)
override CFLAGS += -DUSE_AUDIT
LDLIBS += -laudit
endif
@@ -38,7 +38,7 @@
install -m 755 open_init_pty $(SBINDIR)
install -m 644 run_init.8 $(MANDIR)/man8/
install -m 644 open_init_pty.8 $(MANDIR)/man8/
-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
+ifeq ($(PAMH), y)
install -m 644 run_init.pamd $(ETCDIR)/pam.d/run_init
endif
diff -uNr policycoreutils-2.2.1.orig/setfiles/Makefile policycoreutils-2.2.1/setfiles/Makefile
--- policycoreutils-2.2.1.orig/setfiles/Makefile 2013-11-04 21:37:27.198018032 +0100
+++ policycoreutils-2.2.1/setfiles/Makefile 2013-11-04 21:37:47.603018075 +0100
@@ -3,7 +3,7 @@
SBINDIR ?= $(DESTDIR)/sbin
MANDIR = $(PREFIX)/share/man
LIBDIR ?= $(PREFIX)/lib
-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
+AUDITH ?= n
PROGRESS_STEP=$(shell grep "^\#define STAR_COUNT" restore.h | awk -S '{ print $$3 }')
ABORT_ON_ERRORS=$(shell grep "^\#define ABORT_ON_ERRORS" setfiles.c | awk -S '{ print $$3 }')
@@ -12,7 +12,7 @@
override CFLAGS += -I$(PREFIX)/include
LDLIBS = -lselinux -lsepol -L$(LIBDIR)
-ifeq ($(AUDITH), /usr/include/libaudit.h)
+ifeq ($(AUDITH), y)
override CFLAGS += -DUSE_AUDIT
LDLIBS += -laudit
endif
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2014-09-21 10:23 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-21 10:22 [gentoo-commits] gentoo-x86 commit in sys-apps/policycoreutils/files: 0010-remove-sesandbox-support.patch 0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch 0040-reverse-access-check-in-run_init.patch 0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch 0110-build-mcstrans-bug-472912.patch 0030-make-inotify-check-use-flag-triggered.patch 0020-disable-autodetection-of-pam-and-audit.patch Sven Vermeulen (swift)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox