[Glibc-bsd-commits] r1739 - trunk/web/patches
Petr Salinger
ps-guest at alioth.debian.org
Tue Nov 21 20:28:59 CET 2006
Author: ps-guest
Date: 2006-11-21 20:28:59 +0100 (Tue, 21 Nov 2006)
New Revision: 1739
Modified:
trunk/web/patches/rpm_11-matchpathcon.diff
Log:
* less invasive rpm_11-matchpathcon
Modified: trunk/web/patches/rpm_11-matchpathcon.diff
===================================================================
--- trunk/web/patches/rpm_11-matchpathcon.diff 2006-11-21 15:12:15 UTC (rev 1738)
+++ trunk/web/patches/rpm_11-matchpathcon.diff 2006-11-21 19:28:59 UTC (rev 1739)
@@ -3,36 +3,118 @@
Revert the current one, replace with this one and reapply.
After that add 21-kfreebsd.diff
-
---- rpm-4.4.1.orig/lib/fsm.c
-+++ rpm-4.4.1/lib/fsm.c
+diff -wur a/build/Makefile.am b/build/Makefile.am
+--- a/build/Makefile.am 2006-11-21 21:04:26.000000000 +0100
++++ b/build/Makefile.am 2006-11-21 21:02:30.000000000 +0100
+@@ -35,6 +35,7 @@
+ $(top_builddir)/lib/librpm.la \
+ $(top_builddir)/rpmdb/librpmdb.la \
+ $(top_builddir)/rpmio/librpmio.la \
++ @WITH_SELINUX_LIB@ \
+ @WITH_LIBELF_LIB@
+
+ rpmfile.h:
+diff -wur a/build/files.c b/build/files.c
+--- a/build/files.c 2006-11-21 21:04:26.000000000 +0100
++++ b/build/files.c 2006-11-21 21:02:30.000000000 +0100
+@@ -23,7 +23,11 @@
+ #define _RPMFI_INTERNAL
+ #include "rpmfi.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#else
+ #include "rpmsx.h"
++#endif
+
+ #define _RPMTE_INTERNAL
+ #include "rpmte.h"
+@@ -1122,7 +1126,11 @@
+ int apathlen = 0;
+ int dpathlen = 0;
+ int skipLen = 0;
++#ifdef WITH_SELINUX
++ security_context_t scon = NULL;
++#else
+ rpmsx sx = NULL;
++#endif
+ const char * sxfn;
+ size_t fnlen;
+ FileListRec flp;
+@@ -1142,7 +1150,11 @@
+
+ sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
+ if (sxfn != NULL && *sxfn != '\0')
++#ifdef WITH_SELINUX
++ matchpathcon_init(sxfn);
++#else
+ sx = rpmsxNew(sxfn);
++#endif
+
+ for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
+ const char *s;
+@@ -1324,7 +1336,18 @@
+ &(flp->flags), 1);
+
+ /* Add file security context to package. */
+-/*@-branchstate@*/
++#ifdef WITH_SELINUX
++ mode_t fmode = (uint_16)flp->fl_mode;
++ int rc = matchpathcon(flp->fileURL, fmode, &scon);
++ if ( rc == 0 && scon != NULL) {
++ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &scon, 1);
++ freecon(scon);
++ }
++ else {
++ const char *nocon = "";
++ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &nocon, 1);
++ }
++#else
+ if (sx != NULL) {
+ mode_t fmode = (uint_16)flp->fl_mode;
+ s = rpmsxFContext(sx, flp->fileURL, fmode);
+@@ -1332,10 +1355,12 @@
+ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
+ &s, 1);
+ }
+-/*@=branchstate@*/
+-
++#endif
+ }
++#ifdef WITH_SELINUX
++#else
+ sx = rpmsxFree(sx);
++#endif
+ sxfn = _free(sxfn);
+
+ (void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
+diff -wur a/lib/fsm.c b/lib/fsm.c
+--- a/lib/fsm.c 2006-11-21 21:04:26.000000000 +0100
++++ b/lib/fsm.c 2006-11-21 21:02:30.000000000 +0100
@@ -634,12 +634,20 @@
if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
{
-- rpmsx sx = rpmtsREContext(ts);
+#ifdef WITH_SELINUX
+ security_context_t scon = NULL;
-
-- if (sx != NULL) {
++
+ if ( matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL) {
- /* Get file security context from patterns. */
-- fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
-- sx = rpmsxFree(sx);
++ /* Get file security context from patterns. */
+ fsm->fcontext = scon;
+#else
-+ rpmsx sx = rpmtsREContext(ts);
-+
-+ if (sx != NULL) {
-+ /* Get file security context from patterns. */
-+ fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
-+ sx = rpmsxFree(sx);
+ rpmsx sx = rpmtsREContext(ts);
+
+ if (sx != NULL) {
+ /* Get file security context from patterns. */
+ fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
+ sx = rpmsxFree(sx);
+#endif
} else {
int i = fsm->ix;
---- rpm-4.4.1.orig/lib/rpmfi.c
-+++ rpm-4.4.1/lib/rpmfi.c
+diff -wur a/lib/rpmfi.c b/lib/rpmfi.c
+--- a/lib/rpmfi.c 2006-11-21 21:04:26.000000000 +0100
++++ b/lib/rpmfi.c 2006-11-21 21:08:33.000000000 +0100
@@ -16,7 +16,11 @@
#define _RPMFI_INTERNAL
#include "rpmfi.h"
@@ -45,21 +127,19 @@
#define _RPMTE_INTERNAL /* relocations */
#include "rpmte.h"
-@@ -1645,8 +1649,12 @@
+@@ -1645,7 +1649,11 @@
{
int scareMem = 0;
rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
-- rpmsx sx = NULL;
- const char ** av = NULL;
+#ifdef WITH_SELINUX
+ const char * myfn = rpmGetPath("%{?__file_context_path}", NULL);
+#else
-+ rpmsx sx = NULL;
+ rpmsx sx = NULL;
+#endif
+ const char ** av = NULL;
int ac;
size_t nb;
- char * t;
-@@ -1660,8 +1668,11 @@
+@@ -1660,7 +1668,11 @@
}
/* Read security context patterns. */
@@ -67,34 +147,28 @@
+ matchpathcon_init(myfn);
+#else
sx = rpmsxNew(NULL);
--
+#endif
+
/* Compute size of argv array blob, concatenating file contexts. */
nb = ac * sizeof(*fcnb);
- fcnb = memset(alloca(nb), 0, nb);
-@@ -1671,10 +1682,18 @@
+@@ -1671,10 +1683,16 @@
while (rpmfiNext(fi) >= 0) {
const char * fn = rpmfiFN(fi);
mode_t fmode = rpmfiFMode(fi);
-- const char * scon;
+#ifdef WITH_SELINUX
+ security_context_t scon;
+
+ if (matchpathcon(fn, fmode, &scon) == 0) {
+#else
-+ const char * scon;
-+
-+ scon = rpmsxFContext(sx, fn, fmode);
-+ if (scon != NULL) {
-+#endif
-+
+ const char * scon;
-- scon = rpmsxFContext(sx, fn, fmode);
-- if (scon != NULL) {
+ scon = rpmsxFContext(sx, fn, fmode);
+ if (scon != NULL) {
++#endif
fcnb[ac] = strlen(scon) + 1;
/*@-branchstate@*/
if (fcnb[ac] > 0) {
-@@ -1682,6 +1701,9 @@
+@@ -1682,6 +1700,9 @@
memcpy(fctxt+fctxtlen, scon, fcnb[ac]);
fctxtlen += fcnb[ac];
}
@@ -104,7 +178,7 @@
/*@=branchstate@*/
}
ac++;
-@@ -1707,7 +1729,11 @@
+@@ -1707,7 +1728,10 @@
exit:
fi = rpmfiFree(fi);
@@ -112,107 +186,69 @@
+#else
sx = rpmsxFree(sx);
+#endif
-+
/*@-branchstate@*/
if (fcontextp)
*fcontextp = av;
---- rpm-4.4.1.orig/lib/rpminstall.c
-+++ rpm-4.4.1/lib/rpminstall.c
-@@ -310,16 +310,23 @@
+diff -wur a/lib/rpminstall.c b/lib/rpminstall.c
+--- a/lib/rpminstall.c 2006-11-21 21:04:26.000000000 +0100
++++ b/lib/rpminstall.c 2006-11-21 21:02:30.000000000 +0100
+@@ -310,6 +310,12 @@
/* Initialize security context patterns (if not already done). */
if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
-- rpmsx sx = rpmtsREContext(ts);
-- if (sx == NULL) {
-- const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-- if (fn != NULL && *fn != '\0') {
-- sx = rpmsxNew(fn);
-- (void) rpmtsSetREContext(ts, sx);
-- }
-- fn = _free(fn);
-- }
-- sx = rpmsxFree(sx);
+#ifdef WITH_SELINUX
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0') {
+ matchpathcon_init(fn);
+ }
+#else
-+ rpmsx sx = rpmtsREContext(ts);
-+ if (sx == NULL) {
-+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-+ if (fn != NULL && *fn != '\0') {
-+ sx = rpmsxNew(fn);
-+ (void) rpmtsSetREContext(ts, sx);
-+ }
-+ fn = _free(fn);
-+ }
-+ sx = rpmsxFree(sx);
+ rpmsx sx = rpmtsREContext(ts);
+ if (sx == NULL) {
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+@@ -320,6 +326,7 @@
+ fn = _free(fn);
+ }
+ sx = rpmsxFree(sx);
+#endif
}
(void) rpmtsSetFlags(ts, ia->transFlags);
---- rpm-4.4.1.orig/lib/verify.c
-+++ rpm-4.4.1/lib/verify.c
-@@ -128,20 +128,36 @@
+diff -wur a/lib/verify.c b/lib/verify.c
+--- a/lib/verify.c 2006-11-21 21:04:26.000000000 +0100
++++ b/lib/verify.c 2006-11-21 21:09:05.000000000 +0100
+@@ -128,6 +128,20 @@
if (rc == -1)
*res |= (RPMVERIFY_LGETFILECONFAIL|RPMVERIFY_CONTEXTS);
else {
-- rpmsx sx = rpmtsREContext(ts);
-- const char * fcontext;
--
-- if (sx != NULL) {
-- /* Get file security context from patterns. */
-- fcontext = rpmsxFContext(sx, fn, fmode);
-- sx = rpmsxFree(sx);
-- } else {
+#ifdef WITH_SELINUX
+ security_context_t fcontext;
+
+ /* Get file security context from patterns. */
+ if (matchpathcon(fn,fmode,&fcontext) != 0) {
- /* Get file security context from package. */
- fcontext = rpmfiFContext(fi);
- }
++ /* Get file security context from package. */
++ fcontext = rpmfiFContext(fi);
++ }
+
++ if (fcontext == NULL || strcmp(fcontext, con))
++ *res |= RPMVERIFY_CONTEXTS;
++ freecon(con);
++ freecon(fcontext);
++#else
+ rpmsx sx = rpmtsREContext(ts);
+ const char * fcontext;
+
+@@ -142,6 +156,7 @@
if (fcontext == NULL || strcmp(fcontext, con))
*res |= RPMVERIFY_CONTEXTS;
freecon(con);
-+ freecon(fcontext);
-+#else
-+ rpmsx sx = rpmtsREContext(ts);
-+ const char * fcontext;
-+
-+ if (sx != NULL) {
-+ /* Get file security context from patterns. */
-+ fcontext = rpmsxFContext(sx, fn, fmode);
-+ sx = rpmsxFree(sx);
-+ } else {
-+ /* Get file security context from package. */
-+ fcontext = rpmfiFContext(fi);
-+ }
-+ if (fcontext == NULL || strcmp(fcontext, con))
-+ *res |= RPMVERIFY_CONTEXTS;
-+ freecon(con);
+#endif
-+
}
}
/*@=branchstate@*/
-@@ -524,16 +540,25 @@
+@@ -524,6 +539,13 @@
/* Initialize security context patterns (if not already done). */
if (qva->qva_flags & VERIFY_CONTEXTS) {
-- rpmsx sx = rpmtsREContext(ts);
-- if (sx == NULL) {
-- arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
-- if (arg != NULL && *arg != '\0') {
-- sx = rpmsxNew(arg);
-- (void) rpmtsSetREContext(ts, sx);
-- }
-- arg = _free(arg);
-- }
-- sx = rpmsxFree(sx);
+#ifdef WITH_SELINUX
+ arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
+ if (arg != NULL && *arg != '\0') {
@@ -220,116 +256,20 @@
+ }
+ arg = _free(arg);
+#else
-+ rpmsx sx = rpmtsREContext(ts);
-+ if (sx == NULL) {
-+ arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
-+ if (arg != NULL && *arg != '\0') {
-+ sx = rpmsxNew(arg);
-+ (void) rpmtsSetREContext(ts, sx);
-+ }
-+ arg = _free(arg);
-+ }
-+ sx = rpmsxFree(sx);
+ rpmsx sx = rpmtsREContext(ts);
+ if (sx == NULL) {
+ arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
+@@ -534,6 +556,7 @@
+ arg = _free(arg);
+ }
+ sx = rpmsxFree(sx);
+#endif
-+
}
ovsflags = rpmtsSetVSFlags(ts, vsflags);
---- rpm-4.4.1.orig/build/Makefile.am
-+++ rpm-4.4.1/build/Makefile.am
-@@ -35,6 +35,7 @@
- $(top_builddir)/lib/librpm.la \
- $(top_builddir)/rpmdb/librpmdb.la \
- $(top_builddir)/rpmio/librpmio.la \
-+ @WITH_SELINUX_LIB@ \
- @WITH_LIBELF_LIB@
-
- rpmfile.h:
---- rpm-4.4.1.orig/build/files.c
-+++ rpm-4.4.1/build/files.c
-@@ -23,7 +23,11 @@
- #define _RPMFI_INTERNAL
- #include "rpmfi.h"
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#else
- #include "rpmsx.h"
-+#endif
-
- #define _RPMTE_INTERNAL
- #include "rpmte.h"
-@@ -1122,7 +1126,11 @@
- int apathlen = 0;
- int dpathlen = 0;
- int skipLen = 0;
-+#ifdef WITH_SELINUX
-+ security_context_t scon = NULL;
-+#else
- rpmsx sx = NULL;
-+#endif
- const char * sxfn;
- size_t fnlen;
- FileListRec flp;
-@@ -1142,8 +1150,12 @@
-
- sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
- if (sxfn != NULL && *sxfn != '\0')
-- sx = rpmsxNew(sxfn);
--
-+#ifdef WITH_SELINUX
-+ matchpathcon_init(sxfn);
-+#else
-+ sx = rpmsxNew(sxfn);
-+#endif
-+
- for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
- const char *s;
-
-@@ -1324,18 +1336,31 @@
- &(flp->flags), 1);
-
- /* Add file security context to package. */
--/*@-branchstate@*/
-- if (sx != NULL) {
-- mode_t fmode = (uint_16)flp->fl_mode;
-- s = rpmsxFContext(sx, flp->fileURL, fmode);
-- if (s == NULL) s = "";
-- (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
-- &s, 1);
-- }
--/*@=branchstate@*/
--
-+#ifdef WITH_SELINUX
-+ mode_t fmode = (uint_16)flp->fl_mode;
-+ int rc = matchpathcon(flp->fileURL, fmode, &scon);
-+ if ( rc == 0 && scon != NULL) {
-+ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &scon, 1);
-+ freecon(scon);
-+ }
-+ else {
-+ const char *nocon = "";
-+ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &nocon, 1);
-+ }
-+#else
-+ if (sx != NULL) {
-+ mode_t fmode = (uint_16)flp->fl_mode;
-+ s = rpmsxFContext(sx, flp->fileURL, fmode);
-+ if (s == NULL) s = "";
-+ (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
-+ &s, 1);
-+ }
-+#endif
- }
-+#ifdef WITH_SELINUX
-+#else
- sx = rpmsxFree(sx);
-+#endif
- sxfn = _free(sxfn);
-
- (void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
---- rpm-4.4.1.orig/python/Makefile.am
-+++ rpm-4.4.1/python/Makefile.am
+diff -wur a/python/Makefile.am b/python/Makefile.am
+--- a/python/Makefile.am 2006-11-21 21:04:26.000000000 +0100
++++ b/python/Makefile.am 2006-11-21 21:02:30.000000000 +0100
@@ -34,6 +34,7 @@
$(top_builddir)/rpmio/librpmio.la \
$(top_builddir)/popt/libpopt.la \
@@ -338,38 +278,27 @@
@WITH_LIBELF_LIB@
LDADD =
---- rpm-4.4.1.orig/python/rpmts-py.c
-+++ rpm-4.4.1/python/rpmts-py.c
-@@ -1182,16 +1182,24 @@
+diff -wur a/python/rpmts-py.c b/python/rpmts-py.c
+--- a/python/rpmts-py.c 2006-11-21 21:04:26.000000000 +0100
++++ b/python/rpmts-py.c 2006-11-21 21:02:30.000000000 +0100
+@@ -1182,6 +1182,13 @@
/* Initialize security context patterns (if not already done). */
if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
-- rpmsx sx = rpmtsREContext(s->ts);
-- if (sx == NULL) {
-- const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-- if (fn != NULL && *fn != '\0') {
-- sx = rpmsxNew(fn);
-- (void) rpmtsSetREContext(s->ts, sx);
-- }
-- fn = _free(fn);
+#ifdef WITH_SELINUX
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0') {
+ matchpathcon_init(fn);
- }
-- sx = rpmsxFree(sx);
++ }
+ fn = _free(fn);
+#else
-+ rpmsx sx = rpmtsREContext(s->ts);
-+ if (sx == NULL) {
-+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
-+ if (fn != NULL && *fn != '\0') {
-+ sx = rpmsxNew(fn);
-+ (void) rpmtsSetREContext(s->ts, sx);
-+ }
-+ fn = _free(fn);
-+ }
-+ sx = rpmsxFree(sx);
+ rpmsx sx = rpmtsREContext(s->ts);
+ if (sx == NULL) {
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+@@ -1192,6 +1199,7 @@
+ fn = _free(fn);
+ }
+ sx = rpmsxFree(sx);
+#endif
}
More information about the Glibc-bsd-commits
mailing list