Hello community, here is the log from the commit of package policycoreutils for openSUSE:Factory checked in at 2012-11-19 14:00:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/policycoreutils (Old) and /work/SRC/openSUSE:Factory/.policycoreutils.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "policycoreutils", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/policycoreutils/policycoreutils.changes 2012-08-10 19:02:51.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.policycoreutils.new/policycoreutils.changes 2012-11-19 14:00:24.000000000 +0100 @@ -1,0 +2,6 @@ +Sat Nov 17 06:58:05 UTC 2012 - [email protected] + +- Fix compilation with glibc 2.17 (add patch policycoreutils-glibc217.patch + extracted from Fedora) + +------------------------------------------------------------------- New: ---- policycoreutils-glibc217.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ policycoreutils.spec ++++++ --- /var/tmp/diff_new_pack.ize0wn/_old 2012-11-19 14:00:27.000000000 +0100 +++ /var/tmp/diff_new_pack.ize0wn/_new 2012-11-19 14:00:27.000000000 +0100 @@ -42,6 +42,7 @@ Patch2: policycoreutils-gui.patch.bz2 Patch4: policycoreutils-initscript.patch Patch5: policycoreutils-pam-common.patch +Patch6: policycoreutils-glibc217.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: audit-devel >= %{libaudit_ver} BuildRequires: dbus-1-glib-devel @@ -91,6 +92,7 @@ %patch2 -p1 %patch4 %patch5 +%patch6 -p2 # sleep 5 # touch po/policycoreutils.pot # sleep 5 ++++++ policycoreutils-glibc217.patch ++++++ diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c index 3bb3c4b..d16e331 100644 --- a/policycoreutils/sandbox/seunshare.c +++ b/policycoreutils/sandbox/seunshare.c @@ -31,6 +31,12 @@ #include <selinux/context.h> /* for context-mangling functions */ #include <dirent.h> + +/* + * Note setfsuid never returns an error code. But the compiler complains if + * I do not check, so I am checking for -1, which should never happen. + */ + #ifdef USE_NLS #include <locale.h> /* for setlocale() */ #include <libintl.h> /* for gettext() */ @@ -617,12 +623,15 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src, free(cmdbuf); cmdbuf = NULL; /* remove runtime temporary directory */ - setfsuid(0); + if (setfsuid(0) < 0) + rc++; + if (rmdir(tmpdir) == -1) fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno)); - setfsuid(pwd->pw_uid); + if (setfsuid(pwd->pw_uid) < 0) + rc++; - return 0; + return rc; } /** @@ -642,7 +651,9 @@ static char *create_tmpdir(const char *src, struct stat *src_st, /* get selinux context */ if (execcon) { - setfsuid(pwd->pw_uid); + if (setfsuid(pwd->pw_uid) < 0) + goto err; + if ((fd_s = open(src, O_RDONLY)) < 0) { fprintf(stderr, _("Failed to open directory %s: %s\n"), src, strerror(errno)); goto err; @@ -661,7 +672,8 @@ static char *create_tmpdir(const char *src, struct stat *src_st, } /* ok to not reach this if there is an error */ - setfsuid(0); + if (setfsuid(0) < 0) + goto err; } if (asprintf(&tmpdir, "/tmp/.sandbox-%s-XXXXXX", pwd->pw_name) == -1) { @@ -716,14 +728,16 @@ static char *create_tmpdir(const char *src, struct stat *src_st, } } - setfsuid(pwd->pw_uid); + if (setfsuid(pwd->pw_uid) < 0) + goto err; if (rsynccmd(src, tmpdir, &cmdbuf) < 0) { goto err; } /* ok to not reach this if there is an error */ - setfsuid(0); + if (setfsuid(0) < 0) + goto err; if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) { fprintf(stderr, _("Failed to populate runtime temporary directory\n")); @@ -916,7 +930,8 @@ int main(int argc, char **argv) { /* Changing fsuid is usually required when user-specified directory is * on an NFS mount. It's also desired to avoid leaking info about * existence of the files not accessible to the user. */ - setfsuid(uid); + if (setfsuid(uid) < 0) + return -1; /* verify homedir and tmpdir */ if (homedir_s && ( @@ -925,7 +940,7 @@ int main(int argc, char **argv) { if (tmpdir_s && ( verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 || check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1; - setfsuid(0); + if (setfsuid(0) < 0) return -1; /* create runtime tmpdir */ if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s, @@ -959,7 +974,7 @@ int main(int argc, char **argv) { } /* assume fsuid==ruid after this point */ - setfsuid(uid); + if (setfsuid(uid) < 0) goto childerr; /* mount homedir and tmpdir, in this order */ if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir, @@ -1005,7 +1020,7 @@ int main(int argc, char **argv) { /* selinux context */ if (execcon && setexeccon(execcon) != 0) { - fprintf(stderr, _("Could not set exec context to %s.\n"), execcon); + fprintf(stderr, _("Could not set exec context to %s. %s\n"), execcon, strerror(errno)); goto childerr; } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
