diff --git a/recipes-security/selinux/checkpolicy_3.7.bb b/recipes-security/selinux/checkpolicy_3.8.bb similarity index 100% rename from recipes-security/selinux/checkpolicy_3.7.bb rename to recipes-security/selinux/checkpolicy_3.8.bb diff --git a/recipes-security/selinux/libselinux-python_3.7.bb b/recipes-security/selinux/libselinux-python_3.8.bb similarity index 96% rename from recipes-security/selinux/libselinux-python_3.7.bb rename to recipes-security/selinux/libselinux-python_3.8.bb index 5099e55..3c5c489 100644 --- a/recipes-security/selinux/libselinux-python_3.7.bb +++ b/recipes-security/selinux/libselinux-python_3.8.bb @@ -15,7 +15,6 @@ SRC_URI += "\ file://0001-Makefile-fix-python-modules-install-path-for-multili.patch \ file://0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch \ file://0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch \ - file://0001-libselinux-fix-swig-bindings-for-4.3.0.patch \ " S = "${WORKDIR}/git/libselinux" diff --git a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch index b307b6f..28a2cc0 100644 --- a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch +++ b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch @@ -1,4 +1,4 @@ -From dff260851ccecf9723a6ddfce0103e09f3ba4613 Mon Sep 17 00:00:00 2001 +From 626d07afcb8e8b3a68158e8a3ea1654620769644 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Mon, 13 Apr 2020 12:44:23 +0800 Subject: [PATCH] Makefile: fix python modules install path for multilib @@ -11,10 +11,10 @@ Signed-off-by: Yi Zhao 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile -index d3b981f..265f1be 100644 +index 213c7d3..92227cb 100644 --- a/src/Makefile +++ b/src/Makefile -@@ -191,7 +191,7 @@ install: all +@@ -193,7 +193,7 @@ install: all ln -sf --relative $(DESTDIR)$(SHLIBDIR)/$(LIBSO) $(DESTDIR)$(LIBDIR)/$(TARGET) install-pywrap: pywrap diff --git a/recipes-security/selinux/libselinux/0001-libselinux-fix-swig-bindings-for-4.3.0.patch b/recipes-security/selinux/libselinux/0001-libselinux-fix-swig-bindings-for-4.3.0.patch deleted file mode 100644 index 277c36c..0000000 --- a/recipes-security/selinux/libselinux/0001-libselinux-fix-swig-bindings-for-4.3.0.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 8e0e718bae53fff30831b92cd784151d475a20da Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Wed, 16 Oct 2024 20:48:11 +0200 -Subject: [PATCH] libselinux: fix swig bindings for 4.3.0 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -https://github.com/swig/swig/blob/master/CHANGES.current - -"[Python] #2907 Fix returning null from functions with output -parameters. Ensures OUTPUT and INOUT typemaps are handled -consistently wrt return type. - -New declaration of SWIG_Python_AppendOutput is now: - - SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void); - -The 3rd parameter is new and the new $isvoid special variable -should be passed to it, indicating whether or not the wrapped -function returns void. - -Also consider replacing with: - - SWIG_AppendOutput(PyObject* result, PyObject* obj); - -which calls SWIG_Python_AppendOutput with same parameters but adding $isvoid -for final parameter." - -Fixes: https://github.com/SELinuxProject/selinux/issues/447 - - selinuxswig_python_wrap.c: In function ‘_wrap_security_compute_user’: - selinuxswig_python_wrap.c:11499:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 11499 | resultobj = SWIG_Python_AppendOutput(resultobj, plist); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c: In function ‘_wrap_security_compute_user_raw’: - selinuxswig_python_wrap.c:11570:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 11570 | resultobj = SWIG_Python_AppendOutput(resultobj, plist); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c: In function ‘_wrap_security_get_boolean_names’: - selinuxswig_python_wrap.c:12470:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 12470 | resultobj = SWIG_Python_AppendOutput(resultobj, list); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - error: command '/usr/bin/gcc' failed with exit code 1 - -Suggested-by: Jitka Plesnikova -Signed-off-by: Petr Lautrbach -Acked-by: James Carter - -Upstream-Status: Backport -[https://github.com/SELinuxProject/selinux/commit/8e0e718bae53fff30831b92cd784151d475a20da] - -Signed-off-by: Yi Zhao ---- - src/selinuxswig_python.i | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/selinuxswig_python.i b/src/selinuxswig_python.i -index 17e03b9e..03ed296d 100644 ---- a/src/selinuxswig_python.i -+++ b/src/selinuxswig_python.i -@@ -71,7 +71,7 @@ def install(src, dest): - for (i = 0; i < *$2; i++) { - PyList_SetItem(list, i, PyString_FromString((*$1)[i])); - } -- $result = SWIG_Python_AppendOutput($result, list); -+ $result = SWIG_AppendOutput($result, list); - } - - /* return a sid along with the result */ -@@ -108,7 +108,7 @@ def install(src, dest): - plist = PyList_New(0); - } - -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - - /* Makes functions in get_context_list.h return a Python list of contexts */ --- -2.25.1 - diff --git a/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch b/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch index 7ebe64f..ae0da8b 100644 --- a/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch +++ b/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch @@ -1,4 +1,4 @@ -From 303d8dfe53fcd02ea5818f976369cdb629bc1114 Mon Sep 17 00:00:00 2001 +From 1048b80be8fe800fa343f26db833a6e89b5ba9ab Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Fri, 25 Oct 2019 13:37:14 +0200 Subject: [PATCH] Do not use PYCEXT, and rely on the installed file name @@ -27,7 +27,7 @@ Signed-off-by: Changqing Li 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Makefile b/src/Makefile -index 265f1be..47e51d6 100644 +index 92227cb..7c71c65 100644 --- a/src/Makefile +++ b/src/Makefile @@ -15,7 +15,6 @@ INCLUDEDIR ?= $(PREFIX)/include @@ -38,7 +38,7 @@ index 265f1be..47e51d6 100644 RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]') RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" + RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]') RUBYINSTALL ?= $(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]') -@@ -193,7 +192,7 @@ install: all +@@ -195,7 +194,7 @@ install: all install-pywrap: pywrap CFLAGS="$(CPPFLAGS) $(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) -m pip install --prefix=$(PREFIX) --root $(DESTDIR) --ignore-installed --no-deps $(PYTHON_SETUP_ARGS) . install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py diff --git a/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch b/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch index 0cd8f20..39edb6c 100644 --- a/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch +++ b/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch @@ -1,4 +1,4 @@ -From 6c2af45ec8cff9b282d599dc098db0ca127bdc59 Mon Sep 17 00:00:00 2001 +From f33b426680492629d3d8ed664049cbe584f26f18 Mon Sep 17 00:00:00 2001 From: Renato Caldas Date: Thu, 29 Jun 2023 13:59:11 +0100 Subject: [PATCH] libselinux: restore: drop the obsolete LSF transitional API. @@ -14,10 +14,10 @@ Signed-off-by: Renato Caldas 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c -index 38f10f1..5b3d035 100644 +index bc6ed93..3bc0d8d 100644 --- a/src/selinux_restorecon.c +++ b/src/selinux_restorecon.c -@@ -436,7 +436,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, +@@ -438,7 +438,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, file_spec_t *prevfl, *fl; uint32_t h; int ret; @@ -26,7 +26,7 @@ index 38f10f1..5b3d035 100644 __pthread_mutex_lock(&fl_mutex); -@@ -450,7 +450,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, +@@ -452,7 +452,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, for (prevfl = &fl_head[h], fl = fl_head[h].next; fl; prevfl = fl, fl = fl->next) { if (ino == fl->ino) { diff --git a/recipes-security/selinux/libselinux_3.7.bb b/recipes-security/selinux/libselinux_3.8.bb similarity index 100% rename from recipes-security/selinux/libselinux_3.7.bb rename to recipes-security/selinux/libselinux_3.8.bb diff --git a/recipes-security/selinux/libsemanage/0001-libsemanage-fix-swig-bindings-for-4.3.0.patch b/recipes-security/selinux/libsemanage/0001-libsemanage-fix-swig-bindings-for-4.3.0.patch deleted file mode 100644 index cba77c9..0000000 --- a/recipes-security/selinux/libsemanage/0001-libsemanage-fix-swig-bindings-for-4.3.0.patch +++ /dev/null @@ -1,422 +0,0 @@ -From e38815d7b44cac435195c82a54d2bf2517bc4b1a Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Wed, 16 Oct 2024 20:48:12 +0200 -Subject: [PATCH] libsemanage: fix swig bindings for 4.3.0 - -https://github.com/swig/swig/blob/master/CHANGES.current - -"[Python] #2907 Fix returning null from functions with output -parameters. Ensures OUTPUT and INOUT typemaps are handled -consistently wrt return type. - -New declaration of SWIG_Python_AppendOutput is now: - - SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void); - -The 3rd parameter is new and the new $isvoid special variable -should be passed to it, indicating whether or not the wrapped -function returns void. - -Also consider replacing with: - - SWIG_AppendOutput(PyObject* result, PyObject* obj); - -which calls SWIG_Python_AppendOutput with same parameters but adding $isvoid -for final parameter." - -Fixes: https://github.com/SELinuxProject/selinux/issues/447 - -Suggested-by: Jitka Plesnikova -Signed-off-by: Petr Lautrbach -Acked-by: James Carter - -Upstream-Status: Backport -[https://github.com/SELinuxProject/selinux/commit/e38815d7b44cac435195c82a54d2bf2517bc4b1a] - -Signed-off-by: Yi Zhao ---- - src/semanageswig_python.i | 64 +++++++++++++-------------- - src/semanageswig_ruby.i | 32 +++++++------- - 2 files changed, 48 insertions(+), 48 deletions(-) - -diff --git a/src/semanageswig_python.i b/src/semanageswig_python.i -index 5f011396..0e27424f 100644 ---- a/src/semanageswig_python.i -+++ b/src/semanageswig_python.i -@@ -111,7 +111,7 @@ - } - - %typemap(argout) char** { -- $result = SWIG_Python_AppendOutput($result, SWIG_FromCharPtr(*$1)); -+ $result = SWIG_AppendOutput($result, SWIG_FromCharPtr(*$1)); - free(*$1); - } - -@@ -134,7 +134,7 @@ - NULL, NULL, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -148,7 +148,7 @@ - } - - %typemap(argout) semanage_module_info_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - /** module key typemaps **/ -@@ -160,7 +160,7 @@ - } - - %typemap(argout) semanage_module_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - /** context typemaps **/ -@@ -172,7 +172,7 @@ - } - - %typemap(argout) semanage_context_t** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - /** boolean typemaps **/ -@@ -197,7 +197,7 @@ - (void (*) (void*)) &semanage_bool_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -207,11 +207,11 @@ - } - - %typemap(argout) semanage_bool_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_bool_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_bool_key_t **(semanage_bool_key_t *temp=NULL) { -@@ -240,7 +240,7 @@ - (void (*) (void*)) &semanage_fcontext_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -250,11 +250,11 @@ - } - - %typemap(argout) semanage_fcontext_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_fcontext_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_fcontext_key_t **(semanage_fcontext_key_t *temp=NULL) { -@@ -284,7 +284,7 @@ - (void (*) (void*)) &semanage_iface_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -294,11 +294,11 @@ - } - - %typemap(argout) semanage_iface_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_iface_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_iface_key_t **(semanage_iface_key_t *temp=NULL) { -@@ -328,7 +328,7 @@ - (void (*) (void*)) &semanage_seuser_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -338,11 +338,11 @@ - } - - %typemap(argout) semanage_seuser_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_seuser_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_seuser_key_t **(semanage_seuser_key_t *temp=NULL) { -@@ -371,7 +371,7 @@ - (void (*) (void*)) &semanage_user_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -381,11 +381,11 @@ - } - - %typemap(argout) semanage_user_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_user_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_user_key_t **(semanage_user_key_t *temp=NULL) { -@@ -414,7 +414,7 @@ - (void (*) (void*)) &semanage_port_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -424,11 +424,11 @@ - } - - %typemap(argout) semanage_port_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_port_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_port_key_t **(semanage_port_key_t *temp=NULL) { -@@ -457,7 +457,7 @@ - (void (*) (void*)) &semanage_ibpkey_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -467,11 +467,11 @@ - } - - %typemap(argout) semanage_ibpkey_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_ibpkey_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_ibpkey_key_t **(semanage_ibpkey_key_t *temp=NULL) { -@@ -500,7 +500,7 @@ - (void (*) (void*)) &semanage_ibendport_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -510,11 +510,11 @@ - } - - %typemap(argout) semanage_ibendport_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_ibendport_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_ibendport_key_t **(semanage_ibendport_key_t *temp=NULL) { -@@ -543,7 +543,7 @@ - (void (*) (void*)) &semanage_node_free, &plist) < 0) - $result = SWIG_From_int(STATUS_ERR); - else -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - } - } -@@ -553,12 +553,12 @@ - } - - %typemap(argout) semanage_node_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - - %typemap(argout) semanage_node_key_t ** { -- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_node_key_t **(semanage_node_key_t *temp=NULL) { -diff --git a/src/semanageswig_ruby.i b/src/semanageswig_ruby.i -index e030e4ae..9010b545 100644 ---- a/src/semanageswig_ruby.i -+++ b/src/semanageswig_ruby.i -@@ -38,7 +38,7 @@ - } - - %typemap(argout) semanage_module_info_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - /** context typemaps **/ -@@ -50,7 +50,7 @@ - } - - %typemap(argout) semanage_context_t** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - /** boolean typemaps **/ -@@ -66,11 +66,11 @@ - } - - %typemap(argout) semanage_bool_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_bool_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_bool_key_t **(semanage_bool_key_t *temp=NULL) { -@@ -90,11 +90,11 @@ - } - - %typemap(argout) semanage_fcontext_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_fcontext_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_fcontext_key_t **(semanage_fcontext_key_t *temp=NULL) { -@@ -114,11 +114,11 @@ - } - - %typemap(argout) semanage_iface_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_iface_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_iface_key_t **(semanage_iface_key_t *temp=NULL) { -@@ -138,11 +138,11 @@ - } - - %typemap(argout) semanage_seuser_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_seuser_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_seuser_key_t **(semanage_seuser_key_t *temp=NULL) { -@@ -162,11 +162,11 @@ - } - - %typemap(argout) semanage_user_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_user_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_user_key_t **(semanage_user_key_t *temp=NULL) { -@@ -186,11 +186,11 @@ - } - - %typemap(argout) semanage_port_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(argout) semanage_port_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_port_key_t **(semanage_port_key_t *temp=NULL) { -@@ -210,12 +210,12 @@ - } - - %typemap(argout) semanage_node_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - - %typemap(argout) semanage_node_key_t ** { -- $result = SWIG_Ruby_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); -+ $result = SWIG_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); - } - - %typemap(in, numinputs=0) semanage_node_key_t **(semanage_node_key_t *temp=NULL) { --- -2.25.1 - diff --git a/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch b/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch index daaeb3b..3cab867 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-Fix-execve-segfaults-on-Ubuntu.patch @@ -1,4 +1,4 @@ -From a91134e98ba4b3b6645d12bb68a07976b60f86c8 Mon Sep 17 00:00:00 2001 +From 418a2736fd7da15758ab84f9448e7517e3ad82c1 Mon Sep 17 00:00:00 2001 From: Xin Ouyang Date: Mon, 26 Mar 2012 15:15:16 +0800 Subject: [PATCH] libsemanage: Fix execve segfaults on Ubuntu. @@ -17,10 +17,10 @@ Signed-off-by: Yi Zhao 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/semanage_store.c b/src/semanage_store.c -index 27c5d34..519f298 100644 +index 2ca2e90..914d720 100644 --- a/src/semanage_store.c +++ b/src/semanage_store.c -@@ -1470,7 +1470,7 @@ static int semanage_exec_prog(semanage_handle_t * sh, +@@ -1445,7 +1445,7 @@ static int semanage_exec_prog(semanage_handle_t * sh, if (forkval == 0) { /* child process. file descriptors will be closed * because they were set as close-on-exec. */ diff --git a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch index e9df8be..8abf847 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch @@ -1,4 +1,4 @@ -From c96010440e7a2a87787a535fd0f9ccf26a2b4a5e Mon Sep 17 00:00:00 2001 +From 0fddb654b4193e91b8534cbbeaa5fd9b6aa1ead2 Mon Sep 17 00:00:00 2001 From: Wenzong Fan Date: Mon, 20 Jan 2014 03:53:48 -0500 Subject: [PATCH] libsemanage: allow to disable audit support @@ -13,7 +13,7 @@ Signed-off-by: Wenzong Fan 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/src/Makefile b/src/Makefile -index d525996..2f5e159 100644 +index 8dfbd76..4012f28 100644 --- a/src/Makefile +++ b/src/Makefile @@ -27,6 +27,14 @@ ifeq ($(DEBUG),1) @@ -41,7 +41,7 @@ index d525996..2f5e159 100644 $(LIBPC): $(LIBPC).in ../VERSION diff --git a/src/seusers_local.c b/src/seusers_local.c -index 795a33d..6539cdf 100644 +index eb3f82b..45da825 100644 --- a/src/seusers_local.c +++ b/src/seusers_local.c @@ -8,7 +8,11 @@ typedef struct semanage_seuser record_t; @@ -72,7 +72,7 @@ index 795a33d..6539cdf 100644 int semanage_seuser_modify_local(semanage_handle_t * handle, const semanage_seuser_key_t * key, -@@ -164,8 +170,11 @@ int semanage_seuser_modify_local(semanage_handle_t * handle, +@@ -165,8 +171,11 @@ int semanage_seuser_modify_local(semanage_handle_t * handle, (void) semanage_seuser_query(handle, key, &previous); handle->msg_callback = callback; rc = dbase_modify(handle, dconfig, key, new); @@ -84,7 +84,7 @@ index 795a33d..6539cdf 100644 err: if (previous) semanage_seuser_free(previous); -@@ -181,8 +190,12 @@ int semanage_seuser_del_local(semanage_handle_t * handle, +@@ -182,8 +191,12 @@ int semanage_seuser_del_local(semanage_handle_t * handle, dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); rc = dbase_del(handle, dconfig, key); semanage_seuser_query(handle, key, &seuser); @@ -98,7 +98,7 @@ index 795a33d..6539cdf 100644 semanage_seuser_free(seuser); return rc; diff --git a/tests/Makefile b/tests/Makefile -index 69f49a3..f914492 100644 +index 241ff17..fa03fb6 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -4,10 +4,18 @@ CILS = $(sort $(wildcard *.cil)) @@ -114,7 +114,7 @@ index 69f49a3..f914492 100644 +endif + EXECUTABLE = libsemanage-tests - CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter + CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute override CFLAGS += -I../src -I../include -override LDLIBS += -lcunit -lbz2 -laudit -lselinux -lsepol +override LDLIBS += -lcunit -lbz2 $(LIBAUDIT) -lselinux -lsepol diff --git a/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch b/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch index d880e1e..4b1d3cc 100644 --- a/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch +++ b/recipes-security/selinux/libsemanage/libsemanage-disable-expand-check-on-policy-load.patch @@ -1,4 +1,4 @@ -From 7af73c1684ce0e30ce0cd58b51708bde1e3a1984 Mon Sep 17 00:00:00 2001 +From af4948d5a1cfb41338a7539dcd80735b5c250e58 Mon Sep 17 00:00:00 2001 From: Joe MacDonald Date: Wed, 7 May 2014 11:36:27 -0400 Subject: [PATCH] libsemanage: disable expand-check on policy load diff --git a/recipes-security/selinux/libsemanage_3.7.bb b/recipes-security/selinux/libsemanage_3.8.bb similarity index 92% rename from recipes-security/selinux/libsemanage_3.7.bb rename to recipes-security/selinux/libsemanage_3.8.bb index 7e6c91f..ef22957 100644 --- a/recipes-security/selinux/libsemanage_3.7.bb +++ b/recipes-security/selinux/libsemanage_3.8.bb @@ -5,7 +5,7 @@ as by programs like load_policy that need to perform specific transformations \ on binary policies such as customizing policy boolean settings." SECTION = "base" LICENSE = "LGPL-2.1-or-later" -LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=a6f89e2100d9b6cdffcea4f398e37343" +LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=03068f550c635f6520e0f0252da412fc" require selinux_common.inc @@ -14,7 +14,6 @@ inherit lib_package python3native SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ file://libsemanage-allow-to-disable-audit-support.patch \ file://libsemanage-disable-expand-check-on-policy-load.patch \ - file://0001-libsemanage-fix-swig-bindings-for-4.3.0.patch \ " DEPENDS = "libsepol libselinux python3 bison-native swig-native" diff --git a/recipes-security/selinux/libsepol_3.7.bb b/recipes-security/selinux/libsepol_3.8.bb similarity index 100% rename from recipes-security/selinux/libsepol_3.7.bb rename to recipes-security/selinux/libsepol_3.8.bb diff --git a/recipes-security/selinux/mcstrans_3.7.bb b/recipes-security/selinux/mcstrans_3.8.bb similarity index 97% rename from recipes-security/selinux/mcstrans_3.7.bb rename to recipes-security/selinux/mcstrans_3.8.bb index 4a8482f..4c8aed3 100644 --- a/recipes-security/selinux/mcstrans_3.7.bb +++ b/recipes-security/selinux/mcstrans_3.8.bb @@ -31,7 +31,7 @@ do_install:append() { if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/tmpfiles.d - echo "d ${localstatedir}/run/setrans - - - -" \ + echo "d ${runtimedir}/setrans - - - -" \ > ${D}${sysconfdir}/tmpfiles.d/setrans.conf else install -d ${D}${sysconfdir}/default/volatiles diff --git a/recipes-security/selinux/policycoreutils_3.7.bb b/recipes-security/selinux/policycoreutils_3.8.bb similarity index 100% rename from recipes-security/selinux/policycoreutils_3.7.bb rename to recipes-security/selinux/policycoreutils_3.8.bb diff --git a/recipes-security/selinux/restorecond_3.7.bb b/recipes-security/selinux/restorecond_3.8.bb similarity index 100% rename from recipes-security/selinux/restorecond_3.7.bb rename to recipes-security/selinux/restorecond_3.8.bb diff --git a/recipes-security/selinux/secilc_3.7.bb b/recipes-security/selinux/secilc_3.8.bb similarity index 100% rename from recipes-security/selinux/secilc_3.7.bb rename to recipes-security/selinux/secilc_3.8.bb diff --git a/recipes-security/selinux/selinux-dbus_3.7.bb b/recipes-security/selinux/selinux-dbus_3.8.bb similarity index 100% rename from recipes-security/selinux/selinux-dbus_3.7.bb rename to recipes-security/selinux/selinux-dbus_3.8.bb diff --git a/recipes-security/selinux/selinux-gui_3.7.bb b/recipes-security/selinux/selinux-gui_3.8.bb similarity index 100% rename from recipes-security/selinux/selinux-gui_3.7.bb rename to recipes-security/selinux/selinux-gui_3.8.bb diff --git a/recipes-security/selinux/selinux-python_3.7.bb b/recipes-security/selinux/selinux-python_3.8.bb similarity index 100% rename from recipes-security/selinux/selinux-python_3.7.bb rename to recipes-security/selinux/selinux-python_3.8.bb diff --git a/recipes-security/selinux/selinux-sandbox_3.7.bb b/recipes-security/selinux/selinux-sandbox_3.8.bb similarity index 100% rename from recipes-security/selinux/selinux-sandbox_3.7.bb rename to recipes-security/selinux/selinux-sandbox_3.8.bb diff --git a/recipes-security/selinux/selinux_common.inc b/recipes-security/selinux/selinux_common.inc index 8dd6c2e..30109b9 100644 --- a/recipes-security/selinux/selinux_common.inc +++ b/recipes-security/selinux/selinux_common.inc @@ -1,7 +1,7 @@ HOMEPAGE = "https://github.com/SELinuxProject" SRC_URI = "git://github.com/SELinuxProject/selinux.git;branch=main;protocol=https" -SRCREV = "2eb286bc0841791043567437ba5413f3014fb94e" +SRCREV = "71aec30d068789e856e7cc429b620ae1cfa890f1" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" diff --git a/recipes-security/selinux/semodule-utils_3.7.bb b/recipes-security/selinux/semodule-utils_3.8.bb similarity index 100% rename from recipes-security/selinux/semodule-utils_3.7.bb rename to recipes-security/selinux/semodule-utils_3.8.bb