diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2021-03-13 13:50:33 +0800 |
---|---|---|
committer | Joe MacDonald <joe@deserted.net> | 2021-03-17 09:39:50 -0400 |
commit | bb2473e6d724de6b662f4c45302e7af7b1f87dd2 (patch) | |
tree | 96e2e0e056e09ec27cca18a439bf82bed9979381 | |
parent | e2895ba1990345a7346b1e910cde1e3d7d04499d (diff) | |
download | meta-selinux-bb2473e6d724de6b662f4c45302e7af7b1f87dd2.tar.gz |
libsemanage: update to 3.2
* Merge inc file into bb file.
* Drop obsolete patches:
libsemanage-define-FD_CLOEXEC-as-necessary.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
-rw-r--r-- | recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch | 35 | ||||
-rw-r--r-- | recipes-security/selinux/libsemanage_3.1.bb | 14 | ||||
-rw-r--r-- | recipes-security/selinux/libsemanage_3.2.bb (renamed from recipes-security/selinux/libsemanage.inc) | 27 |
3 files changed, 18 insertions, 58 deletions
diff --git a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch b/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch deleted file mode 100644 index 45bcbe6..0000000 --- a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch +++ /dev/null | |||
@@ -1,35 +0,0 @@ | |||
1 | From 81f2e8b62ad2298a197c4b16e7182a133c1e116f Mon Sep 17 00:00:00 2001 | ||
2 | From: Joe MacDonald <joe.macdonald@windriver.com> | ||
3 | Date: Tue, 15 Oct 2013 10:17:38 -0400 | ||
4 | Subject: [PATCH] libsemanage: define FD_CLOEXEC as necessary | ||
5 | |||
6 | In truly old systems, even FD_CLOEXEC may not be defined. Produce a | ||
7 | warning and duplicate the #define for FD_CLOEXEC found in | ||
8 | asm-generic/fcntl.h on more modern platforms. | ||
9 | |||
10 | Upstream-Status: Inappropriate | ||
11 | |||
12 | Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com> | ||
13 | --- | ||
14 | src/semanage_store.c | 5 +++++ | ||
15 | 1 file changed, 5 insertions(+) | ||
16 | |||
17 | diff --git a/src/semanage_store.c b/src/semanage_store.c | ||
18 | index 1a94545..b586a8f 100644 | ||
19 | --- a/src/semanage_store.c | ||
20 | +++ b/src/semanage_store.c | ||
21 | @@ -66,6 +66,11 @@ typedef struct dbase_policydb dbase_t; | ||
22 | |||
23 | #define TRUE 1 | ||
24 | |||
25 | +#ifndef FD_CLOEXEC | ||
26 | +#warning FD_CLOEXEC undefined on this platform, this may leak file descriptors | ||
27 | +#define FD_CLOEXEC 1 | ||
28 | +#endif | ||
29 | + | ||
30 | enum semanage_file_defs { | ||
31 | SEMANAGE_ROOT, | ||
32 | SEMANAGE_TRANS_LOCK, | ||
33 | -- | ||
34 | 2.7.4 | ||
35 | |||
diff --git a/recipes-security/selinux/libsemanage_3.1.bb b/recipes-security/selinux/libsemanage_3.1.bb deleted file mode 100644 index 8e6781f..0000000 --- a/recipes-security/selinux/libsemanage_3.1.bb +++ /dev/null | |||
@@ -1,14 +0,0 @@ | |||
1 | require selinux_20200710.inc | ||
2 | require ${BPN}.inc | ||
3 | |||
4 | LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" | ||
5 | |||
6 | SRC_URI[md5sum] = "d16eee8c1dc8cf43f59957d575d6bd29" | ||
7 | SRC_URI[sha256sum] = "22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8" | ||
8 | |||
9 | SRC_URI += "\ | ||
10 | file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ | ||
11 | file://libsemanage-define-FD_CLOEXEC-as-necessary.patch \ | ||
12 | file://libsemanage-allow-to-disable-audit-support.patch \ | ||
13 | file://libsemanage-disable-expand-check-on-policy-load.patch \ | ||
14 | " | ||
diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage_3.2.bb index 0139511..58b6da4 100644 --- a/recipes-security/selinux/libsemanage.inc +++ b/recipes-security/selinux/libsemanage_3.2.bb | |||
@@ -5,12 +5,22 @@ as by programs like load_policy that need to perform specific transformations \ | |||
5 | on binary policies such as customizing policy boolean settings." | 5 | on binary policies such as customizing policy boolean settings." |
6 | SECTION = "base" | 6 | SECTION = "base" |
7 | LICENSE = "LGPLv2.1+" | 7 | LICENSE = "LGPLv2.1+" |
8 | LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" | ||
9 | |||
10 | require selinux_common.inc | ||
8 | 11 | ||
9 | inherit lib_package python3native | 12 | inherit lib_package python3native |
10 | 13 | ||
14 | SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ | ||
15 | file://libsemanage-allow-to-disable-audit-support.patch \ | ||
16 | file://libsemanage-disable-expand-check-on-policy-load.patch \ | ||
17 | " | ||
18 | |||
11 | DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native" | 19 | DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native" |
12 | DEPENDS_append_class-target = " audit" | 20 | DEPENDS_append_class-target = " audit" |
13 | 21 | ||
22 | S = "${WORKDIR}/git/libsemanage" | ||
23 | |||
14 | PACKAGES =+ "${PN}-python" | 24 | PACKAGES =+ "${PN}-python" |
15 | 25 | ||
16 | # For /usr/libexec/selinux/semanage_migrate_store | 26 | # For /usr/libexec/selinux/semanage_migrate_store |
@@ -19,27 +29,26 @@ RDEPENDS_${PN}-python += "python3-core" | |||
19 | FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ | 29 | FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ |
20 | ${libexecdir}/selinux/semanage_migrate_store" | 30 | ${libexecdir}/selinux/semanage_migrate_store" |
21 | FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*" | 31 | FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*" |
22 | |||
23 | FILES_${PN} += "${libexecdir}" | 32 | FILES_${PN} += "${libexecdir}" |
24 | 33 | ||
25 | EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y" | 34 | EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y" |
26 | 35 | ||
27 | do_compile_append() { | 36 | do_compile_append() { |
28 | oe_runmake pywrap \ | 37 | oe_runmake pywrap \ |
29 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ | 38 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ |
30 | PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \ | 39 | PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \ |
31 | PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}' | 40 | PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}' |
32 | } | 41 | } |
33 | 42 | ||
34 | do_install_append() { | 43 | do_install_append() { |
35 | oe_runmake install-pywrap \ | 44 | oe_runmake install-pywrap \ |
36 | PYCEXT='.so' \ | 45 | PYCEXT='.so' \ |
37 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ | 46 | PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \ |
38 | PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages' | 47 | PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages' |
39 | 48 | ||
40 | # Update "policy-version" for semanage.conf | 49 | # Update "policy-version" for semanage.conf |
41 | sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 31/' \ | 50 | sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 33/' \ |
42 | ${D}/etc/selinux/semanage.conf | 51 | ${D}/etc/selinux/semanage.conf |
43 | } | 52 | } |
44 | 53 | ||
45 | BBCLASSEXTEND = "native" | 54 | BBCLASSEXTEND = "native" |