From e0704aaff6d4d6e239c2ffc5f5f1d062f03d674e Mon Sep 17 00:00:00 2001
From: Xin Ouyang <Xin.Ouyang@windriver.com>
Date: Tue, 10 Apr 2012 14:21:40 +0800
Subject: libsemanage: Use alternate root while cross-compiling.

---
 ...bsemanage-semanage.conf-for-cross-compile.patch | 122 +++++++++++++++++++++
 recipes-security/selinux/libsemanage_2.1.6.bb      |   1 +
 2 files changed, 123 insertions(+)
 create mode 100644 recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch

diff --git a/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch
new file mode 100644
index 0000000..b644455
--- /dev/null
+++ b/recipes-security/selinux/libsemanage/libsemanage-semanage.conf-for-cross-compile.patch
@@ -0,0 +1,122 @@
+From 2667fb6409c4677600910227457ea8a89510efd9 Mon Sep 17 00:00:00 2001
+From: Xin Ouyang <Xin.Ouyang@windriver.com>
+Date: Mon, 5 Mar 2012 17:09:47 +0800
+Subject: [PATCH] libsemanage: semanage.conf with semanage_set_root.
+
+Allow applications to use semanage.conf in the alternate root, if
+semanage_set_root called.
+---
+ src/handle.c         |   21 +++++++++++++++++++++
+ src/handle.h         |    2 ++
+ src/semanage_store.c |   12 ------------
+ src/semanage_store.h |    1 -
+ 4 files changed, 23 insertions(+), 13 deletions(-)
+
+diff --git a/src/handle.c b/src/handle.c
+index 7adc1cc..ec61d6e 100644
+--- a/src/handle.c
++++ b/src/handle.c
+@@ -37,10 +37,12 @@
+ #include "semanage_store.h"
+ 
+ #define SEMANAGE_COMMIT_READ_WAIT 5
++#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
+ 
+ #include <string.h>
+ #include <selinux/selinux.h>
+ static char *private_selinux_path = NULL;
++static char *private_semanage_conf_path = NULL;
+ static char *private_file_context_path = NULL;
+ static char *private_file_context_local_path = NULL;
+ static char *private_file_context_homedir_path = NULL;
+@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
+ 
+ void semanage_free_root() {
+ 	free(private_selinux_path); private_selinux_path = NULL;
++	free(private_semanage_conf_path); private_semanage_conf_path = NULL;
+ 	free(private_file_context_path); private_file_context_path = NULL;
+ 	free(private_file_context_local_path); private_file_context_local_path = NULL;
+ 	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
+@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
+ 		goto error;
+ 	}
+ 
++	if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
++		goto error;
++	}
++
+ 	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
+ 		goto error;
+ 	}
+@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
+ 	return selinux_path();
+ }
+ 
++/* Return a fully-qualified path + filename to the semanage
++ * configuration file.  The caller must not alter the string returned
++ * (and hence why this function return type is const).
++ *
++ */
++const char *semanage_conf_path(void)
++{
++	if (private_semanage_conf_path
++			&& access(private_semanage_conf_path, R_OK) == 0)
++		return private_semanage_conf_path;
++
++	return SEMANAGE_CONF_PATH;
++}
++
+ semanage_handle_t *semanage_handle_create(void)
+ {
+ 	semanage_handle_t *sh = NULL;
+diff --git a/src/handle.h b/src/handle.h
+index 723d811..bb12594 100644
+--- a/src/handle.h
++++ b/src/handle.h
+@@ -105,6 +105,8 @@ struct semanage_handle {
+ 	dbase_config_t dbase[DBASE_COUNT];
+ };
+ 
++const char *semanage_conf_path(void);
++
+ /* === Local modifications === */
+ static inline
+     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
+diff --git a/src/semanage_store.c b/src/semanage_store.c
+index a223aa7..0e7b71a 100644
+--- a/src/semanage_store.c
++++ b/src/semanage_store.c
+@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
+ 	return semanage_paths[store][path_name];
+ }
+ 
+-/* Return a fully-qualified path + filename to the semanage
+- * configuration file.  The caller must not alter the string returned
+- * (and hence why this function return type is const).
+- *
+- * This is going to be hard coded to /etc/selinux/semanage.conf for
+- * the time being. FIXME
+- */
+-const char *semanage_conf_path(void)
+-{
+-	return "/etc/selinux/semanage.conf";
+-}
+-
+ /**************** functions that create module store ***************/
+ 
+ /* Check that the semanage store exists.  If 'create' is non-zero then
+diff --git a/src/semanage_store.h b/src/semanage_store.h
+index b451308..98e011d 100644
+--- a/src/semanage_store.h
++++ b/src/semanage_store.h
+@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
+ /* FIXME: this needs to be made a module store specific init and the
+  * global configuration moved to another file.
+  */
+-const char *semanage_conf_path(void);
+ int semanage_check_init(const char *root);
+ 
+ extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
+-- 
+1.7.5.4
+
diff --git a/recipes-security/selinux/libsemanage_2.1.6.bb b/recipes-security/selinux/libsemanage_2.1.6.bb
index faddbe0..70e0c49 100644
--- a/recipes-security/selinux/libsemanage_2.1.6.bb
+++ b/recipes-security/selinux/libsemanage_2.1.6.bb
@@ -18,6 +18,7 @@ DEPENDS += "libsepol libselinux ustr bzip2 python"
 
 SRC_URI += "file://Fix-segfault-for-standard-policy.patch"
 SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch"
+SRC_URI += "file://libsemanage-semanage.conf-for-cross-compile.patch"
 
 PACKAGES += "${PN}-python"
 FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
-- 
cgit v1.2.3-54-g00ecf