This was the last fix stopping rpm-5.1.5 release afaik.
The other critical problem (from arekm) with multiple RPMTAG_DESCRIPTION
tags appearing in header content if i18n is used I tried to reproduce
and failed.
Are there any other critical fixes for rpm-5.1.5?
Note that there's always 5.1.6 (and 5.2, which is what I want to get
back to ...)
73 de Jeff
On Oct 6, 2008, at 3:11 PM, Jeff Johnson wrote:
> RPM Package Manager, CVS Repository
> http://rpm5.org/cvs/
>
> ____________________________________________________________________________
>
> Server: rpm5.org Name: Jeff Johnson
> Root: /v/rpm/cvs Email: jbj@rpm5.org
> Module: rpm Date: 06-Oct-2008 21:11:38
> Branch: rpm-5_1 Handle: 2008100619113701
>
> Modified files: (Branch: rpm-5_1)
> rpm CHANGES
> rpm/lib fsm.c librpm.vers rpminstall.c rpmts.c
> rpmts.h
> transaction.c
> rpm/python rpmts-py.c
> rpm/rpmio iosm.c iosm.h
>
> Log:
> - jbj: selinux: resurrect lsetfilecon using libselinux API.
>
> Summary:
> Revision Changes Path
> 1.2288.2.123+1 -0 rpm/CHANGES
> 2.169.2.2 +23 -17 rpm/lib/fsm.c
> 1.39.2.1 +0 -2 rpm/lib/librpm.vers
> 1.207.2.2 +0 -10 rpm/lib/rpminstall.c
> 2.145.2.1 +4 -18 rpm/lib/rpmts.c
> 2.98.2.1 +0 -18 rpm/lib/rpmts.h
> 1.371.2.1 +15 -0 rpm/lib/transaction.c
> 1.86.2.2 +0 -10 rpm/python/rpmts-py.c
> 1.22.2.2 +25 -21 rpm/rpmio/iosm.c
> 1.12.2.1 +0 -1 rpm/rpmio/iosm.h
>
> ____________________________________________________________________________
>
> patch -p0 <<'@@ .'
> Index: rpm/CHANGES
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.2288.2.122 -r1.2288.2.123 CHANGES
> --- rpm/CHANGES 4 Oct 2008 19:36:26 -0000 1.2288.2.122
> +++ rpm/CHANGES 6 Oct 2008 19:11:37 -0000 1.2288.2.123
> @@ -1,4 +1,5 @@
> 5.1.4 -> 5.1.5:
> + - jbj: selinux: resurrect lsetfilecon using libselinux API.
> - jbj: use macro, not /bin/bash, in scriptlet_requires.
> - jbj: don't run empty transactions, avoiding obscure error msg.
> - jbj: permit a negative index as alias for the last problem
> added to set.
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/fsm.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r2.169.2.1 -r2.169.2.2 fsm.c
> --- rpm/lib/fsm.c 17 Sep 2008 20:10:36 -0000 2.169.2.1
> +++ rpm/lib/fsm.c 6 Oct 2008 19:11:37 -0000 2.169.2.2
> @@ -132,7 +132,6 @@
> FSMI_t iter = p;
> if (iter) {
> iter->fi = rpmfiUnlink(iter->fi, "mapIterator");
> - iter->sx = rpmsxFree(iter->sx);
> /*@-internalglobs@*/ /* XXX rpmswExit() */
> iter->ts = rpmtsFree(iter->ts);
> /*@=internalglobs@*/
> @@ -674,10 +673,7 @@
> }
> fsm->iter = mapInitIterator(fi, reverse);
> fsm->iter->ts = rpmtsLink(ts, "mapIterator");
> - fsm->nofcontexts = (ts != NULL && rpmtsSELinuxEnabled(ts) == 1
> &&
> - !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS));
> - /* XXX Set file contexts on non-packaged dirs iff selinux
> enabled. */
> - fsm->iter->sx = (!fsm->nofcontexts ? rpmtsREContext(ts) : NULL);
> + fsm->nofcontexts = (rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS);
> fsm->nofdigests =
> (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOFDIGESTS))
> ? 0 : 1;
> @@ -737,7 +733,6 @@
> &fsm->op_digest);
>
> fsm->lmtab = _free(fsm->lmtab);
> - fsm->iter->sx = rpmsxFree(fsm->iter->sx);
> fsm->iter->ts = rpmtsFree(fsm->iter->ts);
> fsm->iter = mapFreeIterator(fsm->iter);
> if (fsm->cfd != NULL) {
> @@ -748,28 +743,33 @@
> return rc;
> }
>
> +/*
> + * Set file security context (if not disabled).
> + * @param fsm file state machine data
> + * @return 0 always
> + */
> static int fsmMapFContext(IOSM_t fsm)
> /*@modifies fsm @*/
> {
> - rpmfi fi = fsmGetFi(fsm);
> -
> - /*
> - * Find file security context (if not disabled).
> - */
> fsm->fcontext = NULL;
> if (!fsm->nofcontexts) {
> + struct stat * st = &fsm->sb;
> security_context_t scon = NULL;
> + int xx = matchpathcon(fsm->path, st->st_mode, &scon);
>
> /*@-moduncon@*/
> - if (matchpathcon(fsm->path, fsm->sb.st_mode, &scon) == 0 && scon !
> = NULL)
> + if (!xx && scon != NULL)
> fsm->fcontext = scon;
> +#ifdef DYING /* XXX SELinux file contexts not set from package
> content. */
> else {
> + rpmfi fi = fsmGetFi(fsm);
> int i = fsm->ix;
>
> /* Get file security context from package. */
> if (fi && i >= 0 && i < (int)fi->fc)
> fsm->fcontext = (fi->fcontexts ? fi->fcontexts[i] : NULL);
> }
> +#endif
> /*@=moduncon@*/
> }
> return 0;
> @@ -1473,23 +1473,29 @@
> st->st_mode = S_IFDIR | (fi->dperms & 07777);
> rc = fsmNext(fsm, IOSM_MKDIR);
> if (!rc) {
> + security_context_t scon = NULL;
> /* XXX FIXME? only new dir will have context set. */
> /* Get file security context from patterns. */
> - if (fsm->iter->sx != NULL) {
> - fsm->fcontext = rpmsxFContext(fsm->iter->sx,
> - fsm->path, st->st_mode);
> + if (!fsm->nofcontexts
> + && !matchpathcon(fsm->path, st->st_mode, &scon)
> + && scon != NULL)
> + {
> + fsm->fcontext = scon;
> rc = fsmNext(fsm, IOSM_LSETFCON);
> - }
> + } else
> + fsm->fcontext = NULL;
> if (fsm->fcontext == NULL)
> rpmlog(RPMLOG_DEBUG,
> D_("%s directory created with perms %04o, no context.\n"),
> fsm->path, (unsigned)(st->st_mode & 07777));
> - else
> + else {
> rpmlog(RPMLOG_DEBUG,
> D_("%s directory created with perms %04o, context %s.\n"),
> fsm->path, (unsigned)(st->st_mode & 07777),
> fsm->fcontext);
> fsm->fcontext = NULL;
> + scon = _free(scon);
> + }
> }
> *te = '/';
> }
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/librpm.vers
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.39 -r1.39.2.1 librpm.vers
> --- rpm/lib/librpm.vers 18 Mar 2008 22:02:50 -0000 1.39
> +++ rpm/lib/librpm.vers 6 Oct 2008 19:11:37 -0000 1.39.2.1
> @@ -363,7 +363,6 @@
> rpmtsPRCO;
> rpmtsProblems;
> rpmtsRebuildDB;
> - rpmtsREContext;
> rpmtsRelocateElement;
> rpmtsRootDir;
> rpmtsRun;
> @@ -377,7 +376,6 @@
> rpmtsSetFlags;
> rpmtsSetGoal;
> rpmtsSetNotifyCallback;
> - rpmtsSetREContext;
> rpmtsSetRelocateElement;
> rpmtsSetRootDir;
> rpmtsSetScriptFd;
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/rpminstall.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.207.2.1 -r1.207.2.2 rpminstall.c
> --- rpm/lib/rpminstall.c 4 Oct 2008 18:13:43 -0000 1.207.2.1
> +++ rpm/lib/rpminstall.c 6 Oct 2008 19:11:37 -0000 1.207.2.2
> @@ -484,16 +484,6 @@
> if (rpmExpandNumeric("%{?_repackage_all_erasures}"))
> ia->transFlags |= RPMTRANS_FLAG_REPACKAGE;
>
> - /* Initialize security context patterns (if not already done).
> */
> - if (rpmtsSELinuxEnabled(ts) && !(ia->transFlags &
> RPMTRANS_FLAG_NOCONTEXTS))
> - {
> - const char *fn = rpmGetPath("%{?_install_file_context_path}",
> NULL);
> -/*@-moduncon@*/
> - if (fn != NULL && *fn != '\0')
> - xx = matchpathcon_init(fn);
> -/*@=moduncon@*/
> - fn = _free(fn);
> - }
> (void) rpmtsSetFlags(ts, ia->transFlags);
> (void) rpmtsSetDFlags(ts, ia->depFlags);
>
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/rpmts.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r2.145 -r2.145.2.1 rpmts.c
> --- rpm/lib/rpmts.c 2 Apr 2008 18:35:26 -0000 2.145
> +++ rpm/lib/rpmts.c 6 Oct 2008 19:11:37 -0000 2.145.2.1
> @@ -845,7 +845,10 @@
>
> int rpmtsSELinuxEnabled(rpmts ts)
> {
> - return (ts != NULL ? (ts->selinuxEnabled > 0) : 0);
> + int selinuxEnabled = 0;
> + if (ts)
> + selinuxEnabled = (ts->selinuxEnabled > 0);
> + return selinuxEnabled;
> }
>
> int rpmtsChrootDone(rpmts ts)
> @@ -865,23 +868,6 @@
> return ochrootDone;
> }
>
> -rpmsx rpmtsREContext(rpmts ts)
> -{
> - return ( (ts && ts->sx ? rpmsxLink(ts->sx, __func__) : NULL) );
> -}
> -
> -int rpmtsSetREContext(rpmts ts, rpmsx sx)
> -{
> - int rc = -1;
> - if (ts != NULL) {
> - ts->sx = rpmsxFree(ts->sx);
> - ts->sx = rpmsxLink(sx, __func__);
> - if (ts->sx != NULL)
> - rc = 0;
> - }
> - return rc;
> -}
> -
> uint32_t rpmtsGetTid(rpmts ts)
> {
> uint32_t tid = 0; /* XXX -1 is time(2) error return. */
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/rpmts.h
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r2.98 -r2.98.2.1 rpmts.h
> --- rpm/lib/rpmts.h 12 Mar 2008 09:35:39 -0000 2.98
> +++ rpm/lib/rpmts.h 6 Oct 2008 19:11:37 -0000 2.98.2.1
> @@ -741,24 +741,6 @@
> /*@modifies ts @*/;
>
> /** \ingroup rpmts
> - * Get file security context patterns.
> - * @param ts transaction set
> - * @return file security context patterns
> - */
> -/*@null@*/
> -rpmsx rpmtsREContext(const rpmts ts)
> - /*@modifies ts @*/;
> -
> -/** \ingroup rpmts
> - * Get file security context patterns.
> - * @param ts transaction set
> - * @param sx security context patterns
> - * @return 0 on success
> - */
> -int rpmtsSetREContext(rpmts ts, rpmsx sx)
> - /*@modifies ts, sx @*/;
> -
> -/** \ingroup rpmts
> * Get transaction id, i.e. transaction time stamp.
> * @param ts transaction set
> * @return transaction id
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/lib/transaction.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.371 -r1.371.2.1 transaction.c
> --- rpm/lib/transaction.c 12 Mar 2008 18:11:08 -0000 1.371
> +++ rpm/lib/transaction.c 6 Oct 2008 19:11:37 -0000 1.371.2.1
> @@ -1176,6 +1176,18 @@
> if (rpmtsFlags(ts) & RPMTRANS_FLAG_JUSTDB)
> (void) rpmtsSetFlags(ts, (rpmtsFlags(ts) | _noTransScripts |
> _noTransTriggers));
>
> + /* if SELinux isn't enabled or init fails, don't bother... */
> + if (!rpmtsSELinuxEnabled(ts))
> + (void) rpmtsSetFlags(ts, (rpmtsFlags(ts) |
> RPMTRANS_FLAG_NOCONTEXTS));
> +
> + if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) {
> + const char * fn = rpmGetPath("%{?_install_file_context_path}",
> NULL);
> + int xx = matchpathcon_init(fn);
> + if (xx == -1)
> + (void) rpmtsSetFlags(ts, (rpmtsFlags(ts) |
> RPMTRANS_FLAG_NOCONTEXTS));
> + fn = _free(fn);
> + }
> +
> ts->probs = rpmpsFree(ts->probs);
> ts->probs = rpmpsCreate();
>
> @@ -1948,6 +1960,9 @@
> pi = rpmtsiFree(pi);
> }
>
> + if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
> + matchpathcon_fini();
> +
> lock = rpmtsFreeLock(lock);
>
> /*@-nullstate@*/ /* FIX: ts->flList may be NULL */
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/python/rpmts-py.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.86.2.1 -r1.86.2.2 rpmts-py.c
> --- rpm/python/rpmts-py.c 18 May 2008 14:27:42 -0000 1.86.2.1
> +++ rpm/python/rpmts-py.c 6 Oct 2008 19:11:38 -0000 1.86.2.2
> @@ -1243,16 +1243,6 @@
> (void) rpmtsSetNotifyCallback(s->ts, rpmtsCallback, (void *)
> &cbInfo);
> }
>
> - /* Initialize security context patterns (if not already done).
> */
> - if (rpmtsSELinuxEnabled(s->ts)
> - && !(rpmtsFlags(s->ts) & RPMTRANS_FLAG_NOCONTEXTS))
> - {
> - const char *fn = rpmGetPath("%{?_install_file_context_path}",
> NULL);
> - if (fn != NULL && *fn != '\0')
> - rc = matchpathcon_init(fn);
> - fn = _free(fn);
> - }
> -
> if (_rpmts_debug)
> fprintf(stderr, "*** rpmts_Run(%p) ts %p ignore %x\n", s, s->ts, s-
> >ignoreSet);
>
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/rpmio/iosm.c
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.22.2.1 -r1.22.2.2 iosm.c
> --- rpm/rpmio/iosm.c 17 Sep 2008 20:10:37 -0000 1.22.2.1
> +++ rpm/rpmio/iosm.c 6 Oct 2008 19:11:38 -0000 1.22.2.2
> @@ -723,14 +723,7 @@
> /*@=mods@*/
> #if defined(_USE_RPMTS)
> iosm->iter->ts = rpmtsLink(ts, "mapIterator");
> - iosm->nofcontexts = (ts != NULL && rpmtsSELinuxEnabled(ts) ==
> 1 &&
> - !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS));
> -#if defined(_USE_RPMSX)
> - /* XXX Set file contexts on non-packaged dirs iff selinux
> enabled. */
> - iosm->iter->sx = (!iosm->nofcontexts ? rpmtsREContext(ts) :
> NULL);
> -#else
> - iosm->iter->sx = NULL;
> -#endif
> + iosm->nofcontexts = (rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS);
> iosm->nofdigests =
> (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOFDIGESTS))
> ? 0 : 1;
> @@ -742,7 +735,6 @@
> /*@-assignexpose -temptrans @*/
> iosm->iter->ts = (void *)_ts;
> /*@=assignexpose =temptrans @*/
> - iosm->iter->sx = NULL;
> iosm->nofcontexts = 1;
> iosm->nofdigests = 1;
> iosm->commit = 1;
> @@ -806,14 +798,10 @@
> iosm->lmtab = _free(iosm->lmtab);
>
> #if defined(_USE_RPMTS)
> -#if defined(_USE_RPMSX)
> - iosm->iter->sx = rpmsxFree(sx);
> -#endif
> (void) rpmswAdd(rpmtsOp(iosmGetTs(iosm), RPMTS_OP_DIGEST),
> &iosm->op_digest);
> iosm->iter->ts = rpmtsFree(iter->ts);
> #else
> - iosm->iter->sx = NULL;
> iosm->iter->ts = NULL;
> #endif
> iosm->iter = mapFreeIterator(iosm->iter);
> @@ -825,28 +813,36 @@
> return rc;
> }
>
> +/*
> + * Set file security context (if not disabled).
> + * @param iosm file state machine data
> + * @return 0 always
> + */
> static int iosmMapFContext(IOSM_t iosm)
> /*@modifies iosm @*/
> {
> - rpmfi fi = iosmGetFi(iosm);
> -
> /*
> * Find file security context (if not disabled).
> */
> iosm->fcontext = NULL;
> if (!iosm->nofcontexts) {
> + struct stat * st = &iosm->sb;
> security_context_t scon = NULL;
> + int xx = matchpathcon(iosm->path, st->st_mode, &scon);
>
> /*@-moduncon@*/
> - if (matchpathcon(iosm->path, iosm->sb.st_mode, &scon) == 0 &&
> scon != NULL)
> + if (!xx && scon != NULL)
> iosm->fcontext = scon;
> +#ifdef DYING /* XXX SELinux file contexts not set from package
> content. */
> else {
> + rpmfi fi = iosmGetFi(iosm);
> int i = iosm->ix;
>
> /* Get file security context from package. */
> if (fi && i >= 0 && i < (int)fi->fc)
> iosm->fcontext = (fi->fcontexts ? fi->fcontexts[i] : NULL);
> }
> +#endif
> /*@=moduncon@*/
> }
> return 0;
> @@ -1551,24 +1547,32 @@
> rc = iosmNext(iosm, IOSM_MKDIR);
> if (!rc) {
> #if defined(_USE_RPMSX)
> + security_context_t scon = NULL;
> /* XXX FIXME? only new dir will have context set. */
> /* Get file security context from patterns. */
> - if (iosm->iter->sx != NULL) {
> - iosm->fcontext = rpmsxFContext(iosm->iter->sx,
> - iosm->path, st->st_mode);
> + if (!fsm->nofcontexts
> + && !matchpathcon(iosm->path, st->st_mode, &scon)
> + && scon != NULL)
> + {
> + iosm->fcontext = scon;
> rc = iosmNext(iosm, IOSM_LSETFCON);
> - }
> + } else
> #endif
> + iosm->fcontext = NULL;
> if (iosm->fcontext == NULL)
> rpmlog(RPMLOG_DEBUG,
> D_("%s directory created with perms %04o, no context.\n"),
> iosm->path, (unsigned)(st->st_mode & 07777));
> - else
> + else {
> rpmlog(RPMLOG_DEBUG,
> D_("%s directory created with perms %04o, context %s.\n"),
> iosm->path, (unsigned)(st->st_mode & 07777),
> iosm->fcontext);
> +#if defined(_USE_RPMSX)
> iosm->fcontext = NULL;
> + scon = _free(scon);
> +#endif
> + }
> }
> *te = '/';
> }
> @@ .
> patch -p0 <<'@@ .'
> Index: rpm/rpmio/iosm.h
>
> =
> =
> =
> =
> =
> =
> ======================================================================
> $ cvs diff -u -r1.12 -r1.12.2.1 iosm.h
> --- rpm/rpmio/iosm.h 10 Mar 2008 19:15:46 -0000 1.12
> +++ rpm/rpmio/iosm.h 6 Oct 2008 19:11:38 -0000 1.12.2.1
> @@ -188,7 +188,6 @@
> struct iosmIterator_s {
> void * ts; /*!< transaction set. */
> void * fi; /*!< transaction element file info. */
> - void * sx; /*!< SELinux file context container. */
> int reverse; /*!< reversed traversal? */
> int isave; /*!< last returned iterator index. */
> int i; /*!< iterator index. */
> @@ .
> ______________________________________________________________________
> RPM Package Manager http://rpm5.org
> CVS Sources Repository rpm-cvs@rpm5.org
Received on Mon Oct 6 21:21:44 2008