Hello community, here is the log from the commit of package libsepol for openSUSE:Factory checked in at 2012-10-27 13:23:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsepol (Old) and /work/SRC/openSUSE:Factory/.libsepol.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsepol", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/libsepol/libsepol.changes 2012-08-10 19:02:09.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libsepol.new/libsepol.changes 2012-10-27 13:23:45.000000000 +0200 @@ -1,0 +2,6 @@ +Thu Oct 25 10:47:00 UTC 2012 - [email protected] + +- skip roles which are out of scope when expanding attributes +- needed for building selinux-policy + +------------------------------------------------------------------- New: ---- libsepol-2.1.4-role_fix_callback.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsepol.spec ++++++ --- /var/tmp/diff_new_pack.95672b/_old 2012-10-27 13:23:46.000000000 +0200 +++ /var/tmp/diff_new_pack.95672b/_new 2012-10-27 13:23:46.000000000 +0200 @@ -25,6 +25,7 @@ Group: System/Libraries Source: http://userspace.selinuxproject.org/releases/20120216/%{name}-%{version}.tar.gz Source2: baselibs.conf +Patch: libsepol-2.1.4-role_fix_callback.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: pkg-config %define debug_package_requires libsepol1 = %{version}-%{release} @@ -99,6 +100,7 @@ %prep %setup -q +%patch -p1 %build make %{?_smp_mflags} CC="%{__cc}" CFLAGS="$RPM_OPT_FLAGS" ++++++ libsepol-2.1.4-role_fix_callback.patch ++++++ From: Harry Ciao <[email protected]> To: <[email protected]> Subject: [v1 PATCH 1/1] role_fix_callback skips out-of-scope roles during expansion. Date: Sat, 25 Feb 2012 09:40:08 +0800 Message-ID: <[email protected]> X-Mailer: git-send-email 1.7.0.4 MIME-Version: 1.0 Content-Type: text/plain Sender: [email protected] Precedence: bulk X-Mailing-List: selinux-tycho.nsa.gov Content-Transfer-Encoding: 8bit If a role identifier is out of scope it would be skipped over during expansion, accordingly, be it a role attribute, it should be skipped over as well when role_fix_callback tries to propagate its capability to all its sub-roles. Signed-off-by: Harry Ciao <[email protected]> --- libsepol/src/expand.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c index 493e478..befb720 100644 --- libsepol/src/expand.c +++ libsepol/src/expand.c @@ -688,6 +688,11 @@ static int role_fix_callback(hashtab_key_t key, hashtab_datum_t datum, return 0; } + if (!is_id_enabled(id, state->base, SYM_ROLES)) { + /* identifier's scope is not enabled */ + return 0; + } + if (role->flavor != ROLE_ATTRIB) return 0; -- 1.7.0.4 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
