libsemanage: update to 3.2

* Merge inc file into bb file. * Drop obsolete patches: libsemanage-define-FD_CLOEXEC-as-necessary.patch Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2021-03-13 13:50:33 +0800
committer: Joe MacDonald <joe@deserted.net> 2021-03-17 09:39:50 -0400
commit: bb2473e6d724de6b662f4c45302e7af7b1f87dd2 (patch)
tree: 96e2e0e056e09ec27cca18a439bf82bed9979381
parent: e2895ba1990345a7346b1e910cde1e3d7d04499d (diff)
download: meta-selinux-bb2473e6d724de6b662f4c45302e7af7b1f87dd2.tar.gz
3 files changed, 18 insertions, 58 deletions
diff --git a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch b/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch
deleted file mode 100644
index 45bcbe6..0000000
--- a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 81f2e8b62ad2298a197c4b16e7182a133c1e116f Mon Sep 17 00:00:00 2001
-From: Joe MacDonald <joe.macdonald@windriver.com>
-Date: Tue, 15 Oct 2013 10:17:38 -0400
-Subject: [PATCH] libsemanage: define FD_CLOEXEC as necessary
-In truly old systems, even FD_CLOEXEC may not be defined.  Produce a
-warning and duplicate the #define for FD_CLOEXEC found in
-asm-generic/fcntl.h on more modern platforms.
-Upstream-Status: Inappropriate
-Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
---
- src/semanage_store.c | 5 +++++
- 1 file changed, 5 insertions(+)
-diff --git a/src/semanage_store.c b/src/semanage_store.c
-index 1a94545..b586a8f 100644
--- a/src/semanage_store.c
-+++ b/src/semanage_store.c
-@@ -66,6 +66,11 @@ typedef struct dbase_policydb dbase_t;
- 
- #define TRUE 1
- 
-+#ifndef FD_CLOEXEC
-+#warning FD_CLOEXEC undefined on this platform, this may leak file descriptors
-+#define FD_CLOEXEC 1
-+#endif
-+
- enum semanage_file_defs {
-        SEMANAGE_ROOT,
-        SEMANAGE_TRANS_LOCK,
-- 
-2.7.4
diff --git a/recipes-security/selinux/libsemanage_3.1.bb b/recipes-security/selinux/libsemanage_3.1.bb
deleted file mode 100644
index 8e6781f..0000000
--- a/recipes-security/selinux/libsemanage_3.1.bb
+++ /dev/null
@@ -1,14 +0,0 @@
-require selinux_20200710.inc
-require ${BPN}.inc
-LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
-SRC_URI[md5sum] = "d16eee8c1dc8cf43f59957d575d6bd29"
-SRC_URI[sha256sum] = "22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8"
-SRC_URI += "\
-        file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
-        file://libsemanage-define-FD_CLOEXEC-as-necessary.patch \
-        file://libsemanage-allow-to-disable-audit-support.patch \
-        file://libsemanage-disable-expand-check-on-policy-load.patch \
-        "
diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage_3.2.bb
index 0139511..58b6da4 100644
--- a/recipes-security/selinux/libsemanage.inc
+++ b/recipes-security/selinux/libsemanage_3.2.bb
@@ -5,12 +5,22 @@ as by programs like load_policy that need to perform specific transformations \
 on binary policies such as customizing policy boolean settings."
 SECTION = "base"
 LICENSE = "LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
+require selinux_common.inc
 inherit lib_package python3native
+SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
+            file://libsemanage-allow-to-disable-audit-support.patch \
+            file://libsemanage-disable-expand-check-on-policy-load.patch \
+           "
 DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native"
 DEPENDS_append_class-target = " audit"
+S = "${WORKDIR}/git/libsemanage"
 PACKAGES =+ "${PN}-python"
 # For /usr/libexec/selinux/semanage_migrate_store
@@ -19,27 +29,26 @@ RDEPENDS_${PN}-python += "python3-core"
 FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
                      ${libexecdir}/selinux/semanage_migrate_store"
 FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*"
 FILES_${PN} += "${libexecdir}"
 EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y"
 do_compile_append() {
    oe_runmake pywrap \
-            PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
+        PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
-            PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \
+        PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \
-            PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'
+        PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'
 }
 do_install_append() {
    oe_runmake install-pywrap \
-            PYCEXT='.so' \
+        PYCEXT='.so' \
-            PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
+        PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
-            PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages'
+        PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages'
    # Update "policy-version" for semanage.conf
-    sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 31/' \
+    sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 33/' \
-        ${D}/etc/selinux/semanage.conf
+        ${D}/etc/selinux/semanage.conf
 }
 BBCLASSEXTEND = "native"
author	Yi Zhao <yi.zhao@windriver.com>	2021-03-13 13:50:33 +0800
committer	Joe MacDonald <joe@deserted.net>	2021-03-17 09:39:50 -0400
commit	bb2473e6d724de6b662f4c45302e7af7b1f87dd2 (patch)
tree	96e2e0e056e09ec27cca18a439bf82bed9979381
parent	e2895ba1990345a7346b1e910cde1e3d7d04499d (diff)
download	meta-selinux-bb2473e6d724de6b662f4c45302e7af7b1f87dd2.tar.gz

diff --git a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch b/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch deleted file mode 100644 index 45bcbe6..0000000 --- a/recipes-security/selinux/libsemanage/libsemanage-define-FD_CLOEXEC-as-necessary.patch +++ /dev/null
@@ -1,35 +0,0 @@
1	From 81f2e8b62ad2298a197c4b16e7182a133c1e116f Mon Sep 17 00:00:00 2001
2	From: Joe MacDonald <joe.macdonald@windriver.com>
3	Date: Tue, 15 Oct 2013 10:17:38 -0400
4	Subject: [PATCH] libsemanage: define FD_CLOEXEC as necessary
5
6	In truly old systems, even FD_CLOEXEC may not be defined. Produce a
7	warning and duplicate the #define for FD_CLOEXEC found in
8	asm-generic/fcntl.h on more modern platforms.
9
10	Upstream-Status: Inappropriate
11
12	Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
13	---
14	src/semanage_store.c \| 5 +++++
15	1 file changed, 5 insertions(+)
16
17	diff --git a/src/semanage_store.c b/src/semanage_store.c
18	index 1a94545..b586a8f 100644
19	--- a/src/semanage_store.c
20	+++ b/src/semanage_store.c
21	@@ -66,6 +66,11 @@ typedef struct dbase_policydb dbase_t;
22
23	#define TRUE 1
24
25	+#ifndef FD_CLOEXEC
26	+#warning FD_CLOEXEC undefined on this platform, this may leak file descriptors
27	+#define FD_CLOEXEC 1
28	+#endif
29	+
30	enum semanage_file_defs {
31	SEMANAGE_ROOT,
32	SEMANAGE_TRANS_LOCK,
33	--
34	2.7.4
35


diff --git a/recipes-security/selinux/libsemanage_3.1.bb b/recipes-security/selinux/libsemanage_3.1.bb deleted file mode 100644 index 8e6781f..0000000 --- a/recipes-security/selinux/libsemanage_3.1.bb +++ /dev/null
@@ -1,14 +0,0 @@
1	require selinux_20200710.inc
2	require ${BPN}.inc
3
4	LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
5
6	SRC_URI[md5sum] = "d16eee8c1dc8cf43f59957d575d6bd29"
7	SRC_URI[sha256sum] = "22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8"
8
9	SRC_URI += "\
10	file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
11	file://libsemanage-define-FD_CLOEXEC-as-necessary.patch \
12	file://libsemanage-allow-to-disable-audit-support.patch \
13	file://libsemanage-disable-expand-check-on-policy-load.patch \
14	"


diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage_3.2.bb index 0139511..58b6da4 100644 --- a/recipes-security/selinux/libsemanage.inc +++ b/recipes-security/selinux/libsemanage_3.2.bb
@@ -5,12 +5,22 @@ as by programs like load_policy that need to perform specific transformations \
5	on binary policies such as customizing policy boolean settings."	5	on binary policies such as customizing policy boolean settings."
6	SECTION = "base"	6	SECTION = "base"
7	LICENSE = "LGPLv2.1+"	7	LICENSE = "LGPLv2.1+"
		8	LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
		9
		10	require selinux_common.inc
8		11
9	inherit lib_package python3native	12	inherit lib_package python3native
10		13
		14	SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
		15	file://libsemanage-allow-to-disable-audit-support.patch \
		16	file://libsemanage-disable-expand-check-on-policy-load.patch \
		17	"
		18
11	DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native"	19	DEPENDS += "libsepol libselinux bzip2 python3 bison-native flex-native swig-native"
12	DEPENDS_append_class-target = " audit"	20	DEPENDS_append_class-target = " audit"
13		21
		22	S = "${WORKDIR}/git/libsemanage"
		23
14	PACKAGES =+ "${PN}-python"	24	PACKAGES =+ "${PN}-python"
15		25
16	# For /usr/libexec/selinux/semanage_migrate_store	26	# For /usr/libexec/selinux/semanage_migrate_store
@@ -19,27 +29,26 @@ RDEPENDS_${PN}-python += "python3-core"
19	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \	29	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
20	${libexecdir}/selinux/semanage_migrate_store"	30	${libexecdir}/selinux/semanage_migrate_store"
21	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*"	31	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*"
22
23	FILES_${PN} += "${libexecdir}"	32	FILES_${PN} += "${libexecdir}"
24		33
25	EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y"	34	EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y"
26		35
27	do_compile_append() {	36	do_compile_append() {
28	oe_runmake pywrap \	37	oe_runmake pywrap \
29	PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \	38	PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
30	PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \	39	PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \
31	PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'	40	PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'
32	}	41	}
33		42
34	do_install_append() {	43	do_install_append() {
35	oe_runmake install-pywrap \	44	oe_runmake install-pywrap \
36	PYCEXT='.so' \	45	PYCEXT='.so' \
37	PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \	46	PYLIBVER='python${PYTHON_BASEVERSION}${PYTHON_ABI}' \
38	PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages'	47	PYTHONLIBDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages'
39		48
40	# Update "policy-version" for semanage.conf	49	# Update "policy-version" for semanage.conf
41	sed -i 's/^#\s\(policy-version\s=\).*$/\1 31/' \	50	sed -i 's/^#\s\(policy-version\s=\).*$/\1 33/' \
42	${D}/etc/selinux/semanage.conf	51	${D}/etc/selinux/semanage.conf
43	}	52	}
44		53
45	BBCLASSEXTEND = "native"	54	BBCLASSEXTEND = "native"