libsemanage: Use alternate root while cross-compiling.

author: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-04-10 14:21:40 +0800
committer: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-04-10 14:21:40 +0800
commit: e0704aaff6d4d6e239c2ffc5f5f1d062f03d674e (patch)
tree: 25e8e5f0f5b23af7df37b444850dc1dab449a8c8
parent: 83d3a960e51f62be72cde29e2bf7f65fa0ce97bf (diff)
download: meta-selinux-e0704aaff6d4d6e239c2ffc5f5f1d062f03d674e.tar.gz
2 files changed, 123 insertions, 0 deletions
diff --git a/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch
new file mode 100644
index 0000000..b644455
--- /dev/null
+++ b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch
@@ -0,0 +1,122 @@
+From 2667fb6409c4677600910227457ea8a89510efd9 Mon Sep 17 00:00:00 2001
+From: Xin Ouyang <Xin.Ouyang@windriver.com>
+Date: Mon, 5 Mar 2012 17:09:47 +0800
+Subject: [PATCH] libsemanage: semanage.conf with semanage_set_root.
+Allow applications to use semanage.conf in the alternate root, if
+semanage_set_root called.
+---
+ src/handle.c         |   21 +++++++++++++++++++++
+ src/handle.h         |    2 ++
+ src/semanage_store.c |   12 ------------
+ src/semanage_store.h |    1 -
+ 4 files changed, 23 insertions(+), 13 deletions(-)
+diff --git a/src/handle.c b/src/handle.c
+index 7adc1cc..ec61d6e 100644
+--- a/src/handle.c
+++ b/src/handle.c
+@@ -37,10 +37,12 @@
+ #include "semanage_store.h"
+ 
+ #define SEMANAGE_COMMIT_READ_WAIT 5
+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
+ 
+ #include <string.h>
+ #include <selinux/selinux.h>
+ static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
+ static char *private_file_context_path = NULL;
+ static char *private_file_context_local_path = NULL;
+ static char *private_file_context_homedir_path = NULL;
+@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
+ 
+ void semanage_free_root() {
+        free(private_selinux_path); private_selinux_path = NULL;
+       free(private_semanage_conf_path); private_semanage_conf_path = NULL;
+        free(private_file_context_path); private_file_context_path = NULL;
+        free(private_file_context_local_path); private_file_context_local_path = NULL;
+        free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
+@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
+                goto error;
+        }
+ 
+       if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
+               goto error;
+       }
+
+        if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
+                goto error;
+        }
+@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
+        return selinux_path();
+ }
+ 
+/* Return a fully-qualified path + filename to the semanage
+ * configuration file.  The caller must not alter the string returned
+ * (and hence why this function return type is const).
+ *
+ */
+const char *semanage_conf_path(void)
+{
+       if (private_semanage_conf_path
+                       && access(private_semanage_conf_path, R_OK) == 0)
+               return private_semanage_conf_path;
+
+       return SEMANAGE_CONF_PATH;
+}
+
+ semanage_handle_t *semanage_handle_create(void)
+ {
+        semanage_handle_t *sh = NULL;
+diff --git a/src/handle.h b/src/handle.h
+index 723d811..bb12594 100644
+--- a/src/handle.h
+++ b/src/handle.h
+@@ -105,6 +105,8 @@ struct semanage_handle {
+        dbase_config_t dbase[DBASE_COUNT];
+ };
+ 
+const char *semanage_conf_path(void);
+
+ /* === Local modifications === */
+ static inline
+     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
+diff --git a/src/semanage_store.c b/src/semanage_store.c
+index a223aa7..0e7b71a 100644
+--- a/src/semanage_store.c
+++ b/src/semanage_store.c
+@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
+        return semanage_paths[store][path_name];
+ }
+ 
+-/* Return a fully-qualified path + filename to the semanage
+- * configuration file.  The caller must not alter the string returned
+- * (and hence why this function return type is const).
+- *
+- * This is going to be hard coded to /etc/selinux/semanage.conf for
+- * the time being. FIXME
+- */
+-const char *semanage_conf_path(void)
+-{
+-       return "/etc/selinux/semanage.conf";
+-}
+-
+ /**************** functions that create module store ***************/
+ 
+ /* Check that the semanage store exists.  If 'create' is non-zero then
+diff --git a/src/semanage_store.h b/src/semanage_store.h
+index b451308..98e011d 100644
+--- a/src/semanage_store.h
+++ b/src/semanage_store.h
+@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
+ /* FIXME: this needs to be made a module store specific init and the
+  * global configuration moved to another file.
+  */
+-const char *semanage_conf_path(void);
+ int semanage_check_init(const char *root);
+ 
+ extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
+-- 
+1.7.5.4
diff --git a/recipes-security/selinux/libsemanage_2.1.6.bb b/recipes-security/selinux/libsemanage_2.1.6.bb
index faddbe0..70e0c49 100644
--- a/recipes-security/selinux/libsemanage_2.1.6.bb
+++ b/recipes-security/selinux/libsemanage_2.1.6.bb
@@ -18,6 +18,7 @@ DEPENDS += "libsepol libselinux ustr bzip2 python"
 SRC_URI += "file://Fix-segfault-for-standard-policy.patch"
 SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch"
+SRC_URI += "file://libsemanage-semanage.conf-for-cross-compile.patch"
 PACKAGES += "${PN}-python"
 FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
author	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-04-10 14:21:40 +0800
committer	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-04-10 14:21:40 +0800
commit	e0704aaff6d4d6e239c2ffc5f5f1d062f03d674e (patch)
tree	25e8e5f0f5b23af7df37b444850dc1dab449a8c8
parent	83d3a960e51f62be72cde29e2bf7f65fa0ce97bf (diff)
download	meta-selinux-e0704aaff6d4d6e239c2ffc5f5f1d062f03d674e.tar.gz

diff --git a/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch new file mode 100644 index 0000000..b644455 --- /dev/null +++ b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch
@@ -0,0 +1,122 @@
		1	From 2667fb6409c4677600910227457ea8a89510efd9 Mon Sep 17 00:00:00 2001
		2	From: Xin Ouyang <Xin.Ouyang@windriver.com>
		3	Date: Mon, 5 Mar 2012 17:09:47 +0800
		4	Subject: [PATCH] libsemanage: semanage.conf with semanage_set_root.
		5
		6	Allow applications to use semanage.conf in the alternate root, if
		7	semanage_set_root called.
		8	---
		9	src/handle.c \| 21 +++++++++++++++++++++
		10	src/handle.h \| 2 ++
		11	src/semanage_store.c \| 12 ------------
		12	src/semanage_store.h \| 1 -
		13	4 files changed, 23 insertions(+), 13 deletions(-)
		14
		15	diff --git a/src/handle.c b/src/handle.c
		16	index 7adc1cc..ec61d6e 100644
		17	--- a/src/handle.c
		18	+++ b/src/handle.c
		19	@@ -37,10 +37,12 @@
		20	#include "semanage_store.h"
		21
		22	#define SEMANAGE_COMMIT_READ_WAIT 5
		23	+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
		24
		25	#include <string.h>
		26	#include <selinux/selinux.h>
		27	static char *private_selinux_path = NULL;
		28	+static char *private_semanage_conf_path = NULL;
		29	static char *private_file_context_path = NULL;
		30	static char *private_file_context_local_path = NULL;
		31	static char *private_file_context_homedir_path = NULL;
		32	@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
		33
		34	void semanage_free_root() {
		35	free(private_selinux_path); private_selinux_path = NULL;
		36	+ free(private_semanage_conf_path); private_semanage_conf_path = NULL;
		37	free(private_file_context_path); private_file_context_path = NULL;
		38	free(private_file_context_local_path); private_file_context_local_path = NULL;
		39	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
		40	@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
		41	goto error;
		42	}
		43
		44	+ if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
		45	+ goto error;
		46	+ }
		47	+
		48	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
		49	goto error;
		50	}
		51	@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
		52	return selinux_path();
		53	}
		54
		55	+/* Return a fully-qualified path + filename to the semanage
		56	+ * configuration file. The caller must not alter the string returned
		57	+ * (and hence why this function return type is const).
		58	+ *
		59	+ */
		60	+const char *semanage_conf_path(void)
		61	+{
		62	+ if (private_semanage_conf_path
		63	+ && access(private_semanage_conf_path, R_OK) == 0)
		64	+ return private_semanage_conf_path;
		65	+
		66	+ return SEMANAGE_CONF_PATH;
		67	+}
		68	+
		69	semanage_handle_t *semanage_handle_create(void)
		70	{
		71	semanage_handle_t *sh = NULL;
		72	diff --git a/src/handle.h b/src/handle.h
		73	index 723d811..bb12594 100644
		74	--- a/src/handle.h
		75	+++ b/src/handle.h
		76	@@ -105,6 +105,8 @@ struct semanage_handle {
		77	dbase_config_t dbase[DBASE_COUNT];
		78	};
		79
		80	+const char *semanage_conf_path(void);
		81	+
		82	/* === Local modifications === */
		83	static inline
		84	dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
		85	diff --git a/src/semanage_store.c b/src/semanage_store.c
		86	index a223aa7..0e7b71a 100644
		87	--- a/src/semanage_store.c
		88	+++ b/src/semanage_store.c
		89	@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
		90	return semanage_paths[store][path_name];
		91	}
		92
		93	-/* Return a fully-qualified path + filename to the semanage
		94	- * configuration file. The caller must not alter the string returned
		95	- * (and hence why this function return type is const).
		96	- *
		97	- * This is going to be hard coded to /etc/selinux/semanage.conf for
		98	- * the time being. FIXME
		99	- */
		100	-const char *semanage_conf_path(void)
		101	-{
		102	- return "/etc/selinux/semanage.conf";
		103	-}
		104	-
		105	/************** functions that create module store *************/
		106
		107	/* Check that the semanage store exists. If 'create' is non-zero then
		108	diff --git a/src/semanage_store.h b/src/semanage_store.h
		109	index b451308..98e011d 100644
		110	--- a/src/semanage_store.h
		111	+++ b/src/semanage_store.h
		112	@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
		113	/* FIXME: this needs to be made a module store specific init and the
		114	* global configuration moved to another file.
		115	*/
		116	-const char *semanage_conf_path(void);
		117	int semanage_check_init(const char *root);
		118
		119	extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
		120	--
		121	1.7.5.4
		122


diff --git a/recipes-security/selinux/libsemanage_2.1.6.bb b/recipes-security/selinux/libsemanage_2.1.6.bb index faddbe0..70e0c49 100644 --- a/recipes-security/selinux/libsemanage_2.1.6.bb +++ b/recipes-security/selinux/libsemanage_2.1.6.bb
@@ -18,6 +18,7 @@ DEPENDS += "libsepol libselinux ustr bzip2 python"
18		18
19	SRC_URI += "file://Fix-segfault-for-standard-policy.patch"	19	SRC_URI += "file://Fix-segfault-for-standard-policy.patch"
20	SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch"	20	SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch"
		21	SRC_URI += "file://libsemanage-semanage.conf-for-cross-compile.patch"
21		22
22	PACKAGES += "${PN}-python"	23	PACKAGES += "${PN}-python"
23	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"	24	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"