[Pkg-sysvinit-commits] r1503 - in sysvinit/trunk/debian: . patches

Petter Reinholdtsen pere at alioth.debian.org
Fri Jul 24 13:13:54 UTC 2009


Author: pere
Date: 2009-07-24 13:13:53 +0000 (Fri, 24 Jul 2009)
New Revision: 1503

Removed:
   sysvinit/trunk/debian/patches/40_selinux.dpatch
Modified:
   sysvinit/trunk/debian/changelog
   sysvinit/trunk/debian/patches/00list
Log:
Drop patch 40_selinux now included upstream.

Modified: sysvinit/trunk/debian/changelog
===================================================================
--- sysvinit/trunk/debian/changelog	2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/changelog	2009-07-24 13:13:53 UTC (rev 1503)
@@ -13,6 +13,7 @@
     - Drop patch 27_last_usageopts now included upstream.
     - Drop patch 28_last_full-time now included upstream.
     - Drop patch 30_strip now included upstream.
+    - Drop patch 40_selinux now included upstream.
     - Drop patch 41_utmp_64bit now included upstream.
     - Drop patch 42_utmpdump_retval now included upstream.
     - Drop patch 60_init_race now included upstream.

Modified: sysvinit/trunk/debian/patches/00list
===================================================================
--- sysvinit/trunk/debian/patches/00list	2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/patches/00list	2009-07-24 13:13:53 UTC (rev 1503)
@@ -6,7 +6,6 @@
 14_doc_fsf_addr
 21_ifdown_kfreebsd
 ##31_build_warnings
-##40_selinux
 ##45_pidof_symlink
 ##46_pidof_symlinkman
 ##47_pidof_chroot

Deleted: sysvinit/trunk/debian/patches/40_selinux.dpatch
===================================================================
--- sysvinit/trunk/debian/patches/40_selinux.dpatch	2009-07-24 13:12:11 UTC (rev 1502)
+++ sysvinit/trunk/debian/patches/40_selinux.dpatch	2009-07-24 13:13:53 UTC (rev 1503)
@@ -1,146 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 40_selinux.dpatch by Manoj Srivastava <srivasta at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Add Selinux capabilities.
-
-Modified based on Fedora patch from Bill Nottingham to avoid aborting
-if the SE policy was loaded in the initrd.  See
-<URL:https://bugzilla.redhat.com/show_bug.cgi?id=431113> for details.
-
- at DPATCH@
-diff -uBbwr sysvinit-2.86.ds1.orig/src/init.c sysvinit-2.86.ds1/src/init.c
---- sysvinit-2.86.ds1.orig/src/init.c	2006-10-19 14:57:57.000000000 -0500
-+++ sysvinit-2.86.ds1/src/init.c	2006-10-19 15:15:17.000000000 -0500
-@@ -43,6 +43,11 @@
- #include <sys/syslog.h>
- #include <sys/time.h>
- 
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#endif
-+
-+
- #ifdef __i386__
- #  if (__GLIBC__ >= 2)
-      /* GNU libc 2.x */
-@@ -2599,6 +2604,7 @@
- 	char			*p;
- 	int			f;
- 	int			isinit;
-+	int			enforce = 0;
- 
- 	/* Get my own name */
- 	if ((p = strrchr(argv[0], '/')) != NULL)
-@@ -2662,6 +2668,21 @@
- 		maxproclen += strlen(argv[f]) + 1;
- 	}
- 
-+#ifdef WITH_SELINUX
-+  	if (getenv("SELINUX_INIT") == NULL && !is_selinux_enabled()) {
-+	  putenv("SELINUX_INIT=YES");
-+	  if (selinux_init_load_policy(&enforce) == 0 ) {
-+	    execv(myname, argv);
-+	  } else {
-+	    if (enforce > 0) {
-+	      /* SELinux in enforcing mode but load_policy failed */
-+	      /* At this point, we probably can't open /dev/console, so log() won't work */
-+		    fprintf(stderr,"Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.\n");
-+	      exit(1);
-+	    }
-+	  }
-+	}
-+#endif  
- 	/* Start booting. */
- 	argv0 = argv[0];
- 	argv[1] = NULL;
-diff -uBbwr sysvinit-2.86.ds1.orig/src/Makefile sysvinit-2.86.ds1/src/Makefile
---- sysvinit-2.86.ds1.orig/src/Makefile	2006-10-19 14:57:57.000000000 -0500
-+++ sysvinit-2.86.ds1/src/Makefile	2006-10-19 15:09:30.000000000 -0500
-@@ -51,6 +51,18 @@
- INSTALL_DATA	= install -o $(BIN_OWNER) -g $(BIN_GROUP) -m 644
- MANDIR		= /usr/share/man
- 
-+ifeq ($(WITH_SELINUX),yes)
-+  SELINUX_DEF=-DWITH_SELINUX
-+  INIT_SELIBS=-lsepol -lselinux
-+  SULOGIN_SELIBS=-lselinux	
-+else
-+  SELINUX_DEF=
-+  INIT_SELIBS=
-+  SULOGIN_SELIBS=
-+endif
-+
-+
-+
- # Additional libs for GNU libc.
- ifneq ($(wildcard /usr/lib/libcrypt.a),)
- LCRYPT		= -lcrypt
-@@ -59,7 +71,7 @@
- all:		$(BIN) $(SBIN) $(USRBIN)
- 
- init:		init.o init_utmp.o
--		$(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o
-+		$(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o $(INIT_SELIBS)
- 
- halt:		halt.o ifdown.o hddown.o utmp.o reboot.h
- 		$(CC) $(LDFLAGS) -o $@ halt.o ifdown.o hddown.o utmp.o
-@@ -80,7 +92,7 @@
- 		$(CC) $(LDFLAGS) -o $@ runlevel.o
- 
- sulogin:	sulogin.o
--		$(CC) $(LDFLAGS) $(STATIC) -o $@ sulogin.o $(LCRYPT)
-+		$(CC) $(LDFLAGS) $(STATIC) $(SELINUX_DEF) -o $@ $^ $(LCRYPT) $(SULOGIN_SELIBS)
- 
- wall:		dowall.o wall.o
- 		$(CC) $(LDFLAGS) -o $@ dowall.o wall.o
-@@ -91,8 +103,11 @@
- bootlogd:	bootlogd.o
- 		$(CC) $(LDFLAGS) -o $@ bootlogd.o -lutil
- 
-+sulogin.o:	sulogin.c 
-+		$(CC) -c $(CFLAGS) $(SELINUX_DEF) sulogin.c
-+
- init.o:		init.c init.h set.h reboot.h initreq.h
--		$(CC) -c $(CFLAGS) init.c
-+		$(CC) -c $(CFLAGS) $(SELINUX_DEF)  init.c
- 
- utmp.o:		utmp.c init.h
- 		$(CC) -c $(CFLAGS) utmp.c
-diff -uBbwr sysvinit-2.86.ds1.orig/src/sulogin.c sysvinit-2.86.ds1/src/sulogin.c
---- sysvinit-2.86.ds1.orig/src/sulogin.c	2006-10-19 14:57:03.000000000 -0500
-+++ sysvinit-2.86.ds1/src/sulogin.c	2006-10-19 15:19:24.000000000 -0500
-@@ -28,6 +28,11 @@
- #  include <crypt.h>
- #endif
- 
-+#ifdef WITH_SELINUX
-+#  include <selinux/selinux.h>
-+#  include <selinux/get_context_list.h>
-+#endif
-+
- #define CHECK_DES	1
- #define CHECK_MD5	1
- 
-@@ -335,6 +340,21 @@
- 	signal(SIGINT, SIG_DFL);
- 	signal(SIGTSTP, SIG_DFL);
- 	signal(SIGQUIT, SIG_DFL);
-+#ifdef WITH_SELINUX
-+	if (is_selinux_enabled > 0) {
-+	  security_context_t scon=NULL;
-+	  char *seuser=NULL;
-+	  char *level=NULL;
-+	  if (getseuserbyname("root", &seuser, &level) == 0)
-+		  if (get_default_context_with_level(seuser, level, 0, &scon) > 0) {
-+			  if (setexeccon(scon) != 0) 
-+				  fprintf(stderr, "setexeccon faile\n");
-+			  freecon(scon);
-+		  }
-+		free(seuser);
-+		free(level);
-+	}
-+#endif
- 	execl(sushell, shell, NULL);
- 	perror(sushell);
- 




More information about the Pkg-sysvinit-commits mailing list