[Pkg-sysvinit-commits] r1503 - in sysvinit/trunk/debian: . patches
Petter Reinholdtsen
pere at alioth.debian.org
Fri Jul 24 13:13:54 UTC 2009
Author: pere
Date: 2009-07-24 13:13:53 +0000 (Fri, 24 Jul 2009)
New Revision: 1503
Removed:
sysvinit/trunk/debian/patches/40_selinux.dpatch
Modified:
sysvinit/trunk/debian/changelog
sysvinit/trunk/debian/patches/00list
Log:
Drop patch 40_selinux now included upstream.
Modified: sysvinit/trunk/debian/changelog
===================================================================
--- sysvinit/trunk/debian/changelog 2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/changelog 2009-07-24 13:13:53 UTC (rev 1503)
@@ -13,6 +13,7 @@
- Drop patch 27_last_usageopts now included upstream.
- Drop patch 28_last_full-time now included upstream.
- Drop patch 30_strip now included upstream.
+ - Drop patch 40_selinux now included upstream.
- Drop patch 41_utmp_64bit now included upstream.
- Drop patch 42_utmpdump_retval now included upstream.
- Drop patch 60_init_race now included upstream.
Modified: sysvinit/trunk/debian/patches/00list
===================================================================
--- sysvinit/trunk/debian/patches/00list 2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/patches/00list 2009-07-24 13:13:53 UTC (rev 1503)
@@ -6,7 +6,6 @@
14_doc_fsf_addr
21_ifdown_kfreebsd
##31_build_warnings
-##40_selinux
##45_pidof_symlink
##46_pidof_symlinkman
##47_pidof_chroot
Deleted: sysvinit/trunk/debian/patches/40_selinux.dpatch
===================================================================
--- sysvinit/trunk/debian/patches/40_selinux.dpatch 2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/patches/40_selinux.dpatch 2009-07-24 13:13:53 UTC (rev 1503)
@@ -1,146 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 40_selinux.dpatch by Manoj Srivastava <srivasta at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Add Selinux capabilities.
-
-Modified based on Fedora patch from Bill Nottingham to avoid aborting
-if the SE policy was loaded in the initrd. See
-<URL:https://bugzilla.redhat.com/show_bug.cgi?id=431113> for details.
-
- at DPATCH@
-diff -uBbwr sysvinit-2.86.ds1.orig/src/init.c sysvinit-2.86.ds1/src/init.c
---- sysvinit-2.86.ds1.orig/src/init.c 2006-10-19 14:57:57.000000000 -0500
-+++ sysvinit-2.86.ds1/src/init.c 2006-10-19 15:15:17.000000000 -0500
-@@ -43,6 +43,11 @@
- #include <sys/syslog.h>
- #include <sys/time.h>
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#endif
-+
-+
- #ifdef __i386__
- # if (__GLIBC__ >= 2)
- /* GNU libc 2.x */
-@@ -2599,6 +2604,7 @@
- char *p;
- int f;
- int isinit;
-+ int enforce = 0;
-
- /* Get my own name */
- if ((p = strrchr(argv[0], '/')) != NULL)
-@@ -2662,6 +2668,21 @@
- maxproclen += strlen(argv[f]) + 1;
- }
-
-+#ifdef WITH_SELINUX
-+ if (getenv("SELINUX_INIT") == NULL && !is_selinux_enabled()) {
-+ putenv("SELINUX_INIT=YES");
-+ if (selinux_init_load_policy(&enforce) == 0 ) {
-+ execv(myname, argv);
-+ } else {
-+ if (enforce > 0) {
-+ /* SELinux in enforcing mode but load_policy failed */
-+ /* At this point, we probably can't open /dev/console, so log() won't work */
-+ fprintf(stderr,"Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.\n");
-+ exit(1);
-+ }
-+ }
-+ }
-+#endif
- /* Start booting. */
- argv0 = argv[0];
- argv[1] = NULL;
-diff -uBbwr sysvinit-2.86.ds1.orig/src/Makefile sysvinit-2.86.ds1/src/Makefile
---- sysvinit-2.86.ds1.orig/src/Makefile 2006-10-19 14:57:57.000000000 -0500
-+++ sysvinit-2.86.ds1/src/Makefile 2006-10-19 15:09:30.000000000 -0500
-@@ -51,6 +51,18 @@
- INSTALL_DATA = install -o $(BIN_OWNER) -g $(BIN_GROUP) -m 644
- MANDIR = /usr/share/man
-
-+ifeq ($(WITH_SELINUX),yes)
-+ SELINUX_DEF=-DWITH_SELINUX
-+ INIT_SELIBS=-lsepol -lselinux
-+ SULOGIN_SELIBS=-lselinux
-+else
-+ SELINUX_DEF=
-+ INIT_SELIBS=
-+ SULOGIN_SELIBS=
-+endif
-+
-+
-+
- # Additional libs for GNU libc.
- ifneq ($(wildcard /usr/lib/libcrypt.a),)
- LCRYPT = -lcrypt
-@@ -59,7 +71,7 @@
- all: $(BIN) $(SBIN) $(USRBIN)
-
- init: init.o init_utmp.o
-- $(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o
-+ $(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o $(INIT_SELIBS)
-
- halt: halt.o ifdown.o hddown.o utmp.o reboot.h
- $(CC) $(LDFLAGS) -o $@ halt.o ifdown.o hddown.o utmp.o
-@@ -80,7 +92,7 @@
- $(CC) $(LDFLAGS) -o $@ runlevel.o
-
- sulogin: sulogin.o
-- $(CC) $(LDFLAGS) $(STATIC) -o $@ sulogin.o $(LCRYPT)
-+ $(CC) $(LDFLAGS) $(STATIC) $(SELINUX_DEF) -o $@ $^ $(LCRYPT) $(SULOGIN_SELIBS)
-
- wall: dowall.o wall.o
- $(CC) $(LDFLAGS) -o $@ dowall.o wall.o
-@@ -91,8 +103,11 @@
- bootlogd: bootlogd.o
- $(CC) $(LDFLAGS) -o $@ bootlogd.o -lutil
-
-+sulogin.o: sulogin.c
-+ $(CC) -c $(CFLAGS) $(SELINUX_DEF) sulogin.c
-+
- init.o: init.c init.h set.h reboot.h initreq.h
-- $(CC) -c $(CFLAGS) init.c
-+ $(CC) -c $(CFLAGS) $(SELINUX_DEF) init.c
-
- utmp.o: utmp.c init.h
- $(CC) -c $(CFLAGS) utmp.c
-diff -uBbwr sysvinit-2.86.ds1.orig/src/sulogin.c sysvinit-2.86.ds1/src/sulogin.c
---- sysvinit-2.86.ds1.orig/src/sulogin.c 2006-10-19 14:57:03.000000000 -0500
-+++ sysvinit-2.86.ds1/src/sulogin.c 2006-10-19 15:19:24.000000000 -0500
-@@ -28,6 +28,11 @@
- # include <crypt.h>
- #endif
-
-+#ifdef WITH_SELINUX
-+# include <selinux/selinux.h>
-+# include <selinux/get_context_list.h>
-+#endif
-+
- #define CHECK_DES 1
- #define CHECK_MD5 1
-
-@@ -335,6 +340,21 @@
- signal(SIGINT, SIG_DFL);
- signal(SIGTSTP, SIG_DFL);
- signal(SIGQUIT, SIG_DFL);
-+#ifdef WITH_SELINUX
-+ if (is_selinux_enabled > 0) {
-+ security_context_t scon=NULL;
-+ char *seuser=NULL;
-+ char *level=NULL;
-+ if (getseuserbyname("root", &seuser, &level) == 0)
-+ if (get_default_context_with_level(seuser, level, 0, &scon) > 0) {
-+ if (setexeccon(scon) != 0)
-+ fprintf(stderr, "setexeccon faile\n");
-+ freecon(scon);
-+ }
-+ free(seuser);
-+ free(level);
-+ }
-+#endif
- execl(sushell, shell, NULL);
- perror(sushell);
-
More information about the Pkg-sysvinit-commits
mailing list