diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2022-08-28 10:29:23 +0800 |
---|---|---|
committer | Joe MacDonald <joe@deserted.net> | 2022-08-28 13:54:58 -0400 |
commit | 76cb1e8cafd0308a6fc1fcbb3b5682bc3042b3ce (patch) | |
tree | 14b56147378e33d2e9754f433ff0c2675becdf5e | |
parent | b452f8c085de7afc0595186c583165fdbbed8c3d (diff) | |
download | meta-selinux-76cb1e8cafd0308a6fc1fcbb3b5682bc3042b3ce.tar.gz |
libsemanage: upgrade 3.3 -> 3.4
Refresh patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
-rw-r--r-- | recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch | 10 | ||||
-rw-r--r-- | recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch | 8 | ||||
-rw-r--r-- | recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch | 8 | ||||
-rw-r--r-- | recipes-security/selinux/libsemanage_3.4.bb (renamed from recipes-security/selinux/libsemanage_3.3.bb) | 9 |
4 files changed, 18 insertions, 17 deletions
diff --git a/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch b/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch index 0b1f3d8..5a03d30 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 01a37b94a1f5605a395e8b45ee9ec653ce716c06 Mon Sep 17 00:00:00 2001 | 1 | From 2111f86dce8defd9bebd9b43008339e3b5af0aa7 Mon Sep 17 00:00:00 2001 |
2 | From: Xin Ouyang <Xin.Ouyang@windriver.com> | 2 | From: Xin Ouyang <Xin.Ouyang@windriver.com> |
3 | Date: Mon, 26 Mar 2012 15:15:16 +0800 | 3 | Date: Mon, 26 Mar 2012 15:15:16 +0800 |
4 | Subject: [PATCH] libsemanage: Fix execve segfaults on Ubuntu. | 4 | Subject: [PATCH] libsemanage: Fix execve segfaults on Ubuntu. |
@@ -9,7 +9,7 @@ Such as "make load" while building refpolicy. | |||
9 | 9 | ||
10 | http://oss.tresys.com/pipermail/refpolicy/2011-December/004859.html | 10 | http://oss.tresys.com/pipermail/refpolicy/2011-December/004859.html |
11 | 11 | ||
12 | Upstream-Status: Pending | 12 | Upstream-Status: Inappropriate [embedded specific] |
13 | 13 | ||
14 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | 14 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> |
15 | --- | 15 | --- |
@@ -17,10 +17,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | |||
17 | 1 file changed, 1 insertion(+), 1 deletion(-) | 17 | 1 file changed, 1 insertion(+), 1 deletion(-) |
18 | 18 | ||
19 | diff --git a/src/semanage_store.c b/src/semanage_store.c | 19 | diff --git a/src/semanage_store.c b/src/semanage_store.c |
20 | index 58dded6..1a94545 100644 | 20 | index 14a0957..0a9200e 100644 |
21 | --- a/src/semanage_store.c | 21 | --- a/src/semanage_store.c |
22 | +++ b/src/semanage_store.c | 22 | +++ b/src/semanage_store.c |
23 | @@ -1441,7 +1441,7 @@ static int semanage_exec_prog(semanage_handle_t * sh, | 23 | @@ -1470,7 +1470,7 @@ static int semanage_exec_prog(semanage_handle_t * sh, |
24 | if (forkval == 0) { | 24 | if (forkval == 0) { |
25 | /* child process. file descriptors will be closed | 25 | /* child process. file descriptors will be closed |
26 | * because they were set as close-on-exec. */ | 26 | * because they were set as close-on-exec. */ |
@@ -30,5 +30,5 @@ index 58dded6..1a94545 100644 | |||
30 | } | 30 | } |
31 | 31 | ||
32 | -- | 32 | -- |
33 | 2.7.4 | 33 | 2.25.1 |
34 | 34 | ||
diff --git a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch index ff5cb00..19263d8 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch | |||
@@ -1,9 +1,9 @@ | |||
1 | From e76867515be3bc296174aeb26c7996a0939a2a8c Mon Sep 17 00:00:00 2001 | 1 | From 5718384543ff06ad4032e90291f9e4398a2749c4 Mon Sep 17 00:00:00 2001 |
2 | From: Wenzong Fan <wenzong.fan@windriver.com> | 2 | From: Wenzong Fan <wenzong.fan@windriver.com> |
3 | Date: Mon, 20 Jan 2014 03:53:48 -0500 | 3 | Date: Mon, 20 Jan 2014 03:53:48 -0500 |
4 | Subject: [PATCH] libsemanage: allow to disable audit support | 4 | Subject: [PATCH] libsemanage: allow to disable audit support |
5 | 5 | ||
6 | Upstream-Status: Pending | 6 | Upstream-Status: Inappropriate [embedded specific] |
7 | 7 | ||
8 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | 8 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> |
9 | --- | 9 | --- |
@@ -13,7 +13,7 @@ Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | |||
13 | 3 files changed, 31 insertions(+), 2 deletions(-) | 13 | 3 files changed, 31 insertions(+), 2 deletions(-) |
14 | 14 | ||
15 | diff --git a/src/Makefile b/src/Makefile | 15 | diff --git a/src/Makefile b/src/Makefile |
16 | index a0eb374..afc4437 100644 | 16 | index 71c2a1d..52f335e 100644 |
17 | --- a/src/Makefile | 17 | --- a/src/Makefile |
18 | +++ b/src/Makefile | 18 | +++ b/src/Makefile |
19 | @@ -26,6 +26,14 @@ ifeq ($(DEBUG),1) | 19 | @@ -26,6 +26,14 @@ ifeq ($(DEBUG),1) |
@@ -122,5 +122,5 @@ index 69f49a3..f914492 100644 | |||
122 | OBJECTS = $(SOURCES:.c=.o) | 122 | OBJECTS = $(SOURCES:.c=.o) |
123 | POLICIES = $(CILS:.cil=.policy) | 123 | POLICIES = $(CILS:.cil=.policy) |
124 | -- | 124 | -- |
125 | 2.17.1 | 125 | 2.25.1 |
126 | 126 | ||
diff --git a/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch b/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch index d1e5720..6e0faeb 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 35196d58cd37fec89fcf95e3d43b41de7008f0be Mon Sep 17 00:00:00 2001 | 1 | From dd52bfb66d710473aeb75c5fe92d5cf0a66b637e Mon Sep 17 00:00:00 2001 |
2 | From: Joe MacDonald <joe@deserted.net> | 2 | From: Joe MacDonald <joe@deserted.net> |
3 | Date: Wed, 7 May 2014 11:36:27 -0400 | 3 | Date: Wed, 7 May 2014 11:36:27 -0400 |
4 | Subject: [PATCH] libsemanage: disable expand-check on policy load | 4 | Subject: [PATCH] libsemanage: disable expand-check on policy load |
@@ -17,10 +17,10 @@ Signed-off-by: Joe MacDonald <joe@deserted.net> | |||
17 | 1 file changed, 4 insertions(+) | 17 | 1 file changed, 4 insertions(+) |
18 | 18 | ||
19 | diff --git a/src/semanage.conf b/src/semanage.conf | 19 | diff --git a/src/semanage.conf b/src/semanage.conf |
20 | index dc8d46b..254f156 100644 | 20 | index 98d769b..708fa8c 100644 |
21 | --- a/src/semanage.conf | 21 | --- a/src/semanage.conf |
22 | +++ b/src/semanage.conf | 22 | +++ b/src/semanage.conf |
23 | @@ -39,3 +39,7 @@ module-store = direct | 23 | @@ -40,3 +40,7 @@ module-store = direct |
24 | # By default, semanage will generate policies for the SELinux target. | 24 | # By default, semanage will generate policies for the SELinux target. |
25 | # To build policies for Xen, uncomment the following line. | 25 | # To build policies for Xen, uncomment the following line. |
26 | #target-platform = xen | 26 | #target-platform = xen |
@@ -29,5 +29,5 @@ index dc8d46b..254f156 100644 | |||
29 | +# module. This results in a significant speed-up in policy loading. | 29 | +# module. This results in a significant speed-up in policy loading. |
30 | +expand-check=0 | 30 | +expand-check=0 |
31 | -- | 31 | -- |
32 | 2.7.4 | 32 | 2.25.1 |
33 | 33 | ||
diff --git a/recipes-security/selinux/libsemanage_3.3.bb b/recipes-security/selinux/libsemanage_3.4.bb index b17eb68..08d2c9c 100644 --- a/recipes-security/selinux/libsemanage_3.3.bb +++ b/recipes-security/selinux/libsemanage_3.4.bb | |||
@@ -16,23 +16,24 @@ SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ | |||
16 | file://libsemanage-disable-expand-check-on-policy-load.patch \ | 16 | file://libsemanage-disable-expand-check-on-policy-load.patch \ |
17 | " | 17 | " |
18 | 18 | ||
19 | DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native" | 19 | DEPENDS = "libsepol libselinux bison-native swig-native" |
20 | |||
20 | DEPENDS:append:class-target = " audit" | 21 | DEPENDS:append:class-target = " audit" |
21 | 22 | ||
22 | S = "${WORKDIR}/git/libsemanage" | 23 | S = "${WORKDIR}/git/libsemanage" |
23 | 24 | ||
25 | EXTRA_OEMAKE:class-native = "DISABLE_AUDIT=y" | ||
26 | |||
24 | PACKAGES =+ "${PN}-python" | 27 | PACKAGES =+ "${PN}-python" |
25 | 28 | ||
26 | # For /usr/libexec/selinux/semanage_migrate_store | 29 | # For /usr/libexec/selinux/semanage_migrate_store |
27 | RDEPENDS:${PN}-python += "python3-core" | 30 | RDEPENDS:${PN}-python = "python3-core" |
28 | 31 | ||
29 | FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ | 32 | FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ |
30 | ${libexecdir}/selinux/semanage_migrate_store" | 33 | ${libexecdir}/selinux/semanage_migrate_store" |
31 | FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*" | 34 | FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*" |
32 | FILES:${PN} += "${libexecdir}" | 35 | FILES:${PN} += "${libexecdir}" |
33 | 36 | ||
34 | EXTRA_OEMAKE:class-native += "DISABLE_AUDIT=y" | ||
35 | |||
36 | do_compile:append() { | 37 | do_compile:append() { |
37 | oe_runmake pywrap \ | 38 | oe_runmake pywrap \ |
38 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ | 39 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ |