RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 12-Jul-2007 12:57:51
Branch: HEAD Handle: 2007071211574901
Modified files:
rpm system.h
rpm/build files.c
rpm/lib fsm.c rpmfi.c rpminstall.c
rpm/python rpmts-py.c
Log:
- selinux: use matchpthcon() instead or rpmsx.
Summary:
Revision Changes Path
1.249 +10 -14 rpm/build/files.c
2.120 +4 -6 rpm/lib/fsm.c
2.67 +9 -8 rpm/lib/rpmfi.c
1.148 +3 -9 rpm/lib/rpminstall.c
1.66 +2 -8 rpm/python/rpmts-py.c
2.67 +3 -0 rpm/system.h
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/build/files.c
============================================================================
$ cvs diff -u -r1.248 -r1.249 files.c
--- rpm/build/files.c 10 Jul 2007 19:04:54 -0000 1.248
+++ rpm/build/files.c 12 Jul 2007 10:57:49 -0000 1.249
@@ -23,9 +23,6 @@
#define _RPMFI_INTERNAL
#include "rpmfi.h"
-#include "rpmsx.h"
-
-
#define _RPMTE_INTERNAL
#include "rpmte.h"
@@ -1270,12 +1267,12 @@
int apathlen = 0;
int dpathlen = 0;
int skipLen = 0;
- rpmsx sx = NULL;
+ security_context_t scon = NULL;
const char * sxfn;
size_t fnlen;
FileListRec flp;
char buf[BUFSIZ];
- int i;
+ int i, xx;
/* Sort the big list */
qsort(fl->fileList, fl->fileListRecsUsed,
@@ -1290,7 +1287,7 @@
sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
if (sxfn != NULL && *sxfn != '\0')
- sx = rpmsxNew(sxfn);
+ xx = matchpathcon_init(sxfn);
for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
const char *s;
@@ -1507,18 +1504,17 @@
&(flp->flags), 1);
/* Add file security context to package. */
-/*@-branchstate@*/
- if (sx != NULL) {
+ {
mode_t fmode = (uint_16)flp->fl_mode;
- s = rpmsxFContext(sx, flp->fileURL, fmode);
- if (s == NULL) s = "";
+ static const char *nocon = "";
+ if (matchpathcon(flp->fileURL, fmode, &scon) || scon == NULL)
+ scon = nocon;
(void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
- &s, 1);
+ &scon, 1);
+ if (scon != nocon)
+ freecon(scon);
}
-/*@=branchstate@*/
-
}
- sx = rpmsxFree(sx);
sxfn = _free(sxfn);
(void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/fsm.c
============================================================================
$ cvs diff -u -r2.119 -r2.120 fsm.c
--- rpm/lib/fsm.c 10 Jul 2007 13:05:33 -0000 2.119
+++ rpm/lib/fsm.c 12 Jul 2007 10:57:50 -0000 2.120
@@ -666,13 +666,11 @@
if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
{
- rpmsx sx = rpmtsREContext(ts);
+ security_context_t scon = NULL;
- if (sx != NULL) {
- /* Get file security context from patterns. */
- fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
- sx = rpmsxFree(sx);
- } else {
+ if (matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL)
+ fsm->fcontext = scon;
+ else {
int i = fsm->ix;
/* Get file security context from package. */
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmfi.c
============================================================================
$ cvs diff -u -r2.66 -r2.67 rpmfi.c
--- rpm/lib/rpmfi.c 10 Jul 2007 18:31:24 -0000 2.66
+++ rpm/lib/rpmfi.c 12 Jul 2007 10:57:50 -0000 2.67
@@ -17,8 +17,6 @@
#define _RPMFI_INTERNAL
#include "rpmfi.h"
-#include "rpmsx.h"
-
#define _RPMTE_INTERNAL /* relocations */
#include "rpmte.h"
#include "rpmts.h"
@@ -1749,7 +1747,6 @@
{
int scareMem = 0;
rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
- rpmsx sx = NULL;
const char ** av = NULL;
int ac;
size_t nb;
@@ -1764,7 +1761,11 @@
}
/* Read security context patterns. */
- sx = rpmsxNew(NULL);
+ { const char *fn = rpmGetPath("%{?__file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0')
+ matchpathcon_init(fn);
+ fn = _free(fn);
+ }
/* Compute size of argv array blob, concatenating file contexts. */
nb = ac * sizeof(*fcnb);
@@ -1775,10 +1776,10 @@
while (rpmfiNext(fi) >= 0) {
const char * fn = rpmfiFN(fi);
mode_t fmode = rpmfiFMode(fi);
- const char * scon;
+ security_context_t scon;
- scon = rpmsxFContext(sx, fn, fmode);
- if (scon != NULL) {
+ scon = NULL;
+ if (matchpathcon(fn, fmode, &scon) == 0 && scon != NULL) {
fcnb[ac] = strlen(scon) + 1;
/*@-branchstate@*/
if (fcnb[ac] > 0) {
@@ -1787,6 +1788,7 @@
fctxtlen += fcnb[ac];
}
/*@=branchstate@*/
+ freecon(scon);
}
ac++;
}
@@ -1811,7 +1813,6 @@
exit:
fi = rpmfiFree(fi);
- sx = rpmsxFree(sx);
/*@-branchstate@*/
if (fcontextp)
*fcontextp = av;
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpminstall.c
============================================================================
$ cvs diff -u -r1.147 -r1.148 rpminstall.c
--- rpm/lib/rpminstall.c 9 Jun 2007 19:07:57 -0000 1.147
+++ rpm/lib/rpminstall.c 12 Jul 2007 10:57:50 -0000 1.148
@@ -310,17 +310,11 @@
/* Initialize security context patterns (if not already done). */
if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
- rpmsx sx = rpmtsREContext(ts);
- if (sx == NULL) {
- fn = rpmGetPath("%{?_install_file_context_path}", NULL);
- if (fn != NULL && *fn != '\0') {
- sx = rpmsxNew(fn);
- (void) rpmtsSetREContext(ts, sx);
- }
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0')
+ xx = matchpathcon_init(fn);
fn = _free(fn);
}
- sx = rpmsxFree(sx);
- }
(void) rpmtsSetFlags(ts, ia->transFlags);
(void) rpmtsSetDFlags(ts, ia->depFlags);
@@ .
patch -p0 <<'@@ .'
Index: rpm/python/rpmts-py.c
============================================================================
$ cvs diff -u -r1.65 -r1.66 rpmts-py.c
--- rpm/python/rpmts-py.c 25 May 2007 17:36:31 -0000 1.65
+++ rpm/python/rpmts-py.c 12 Jul 2007 10:57:50 -0000 1.66
@@ -1254,17 +1254,11 @@
/* Initialize security context patterns (if not already done). */
if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
- rpmsx sx = rpmtsREContext(s->ts);
- if (sx == NULL) {
const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
- if (fn != NULL && *fn != '\0') {
- sx = rpmsxNew(fn);
- (void) rpmtsSetREContext(s->ts, sx);
- }
+ if (fn != NULL && *fn != '\0')
+ rc = matchpathcon_init(fn);
fn = _free(fn);
}
- sx = rpmsxFree(sx);
- }
if (_rpmts_debug)
fprintf(stderr, "*** rpmts_Run(%p) ts %p ignore %x\n", s, s->ts, s->ignoreSet);
@@ .
patch -p0 <<'@@ .'
Index: rpm/system.h
============================================================================
$ cvs diff -u -r2.66 -r2.67 system.h
--- rpm/system.h 27 Jun 2007 09:45:14 -0000 2.66
+++ rpm/system.h 12 Jul 2007 10:57:49 -0000 2.67
@@ -315,6 +315,9 @@
#define is_selinux_enabled() (-1)
#define rpm_execcon(_v, _fn, _av, _envp) (0)
+
+#define matchpathcon_init(_fn) (-1)
+#define matchpathcon(_fn, _fmode, _s) (-1)
#endif
#if defined(WITH_SELINUX) && defined(__LCLINT__)
@@ .
Received on Thu Jul 12 12:57:51 2007