Hello community,
here is the log from the commit of package libselinux for openSUSE:Leap:15.2
checked in at 2020-03-20 05:52:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/libselinux (Old)
and /work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libselinux"
Fri Mar 20 05:52:44 2020 rev:23 rq:785973 version:3.0
Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/libselinux/libselinux-bindings.changes
2020-01-15 15:25:05.558565529 +0100
+++
/work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160/libselinux-bindings.changes
2020-03-20 05:52:57.468065537 +0100
@@ -1,0 +2,51 @@
+Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Update to version 3.0
+ * Ignore the stem when looking up all matches in file context
+ * Save digest of all partial matches for directory
+ * Use Python distutils to install SELinux python bindings
+ * ensure that digest_len is not zero
+ * fix string conversion of unknown perms
+ * mark all exported function "extern"
+
+-------------------------------------------------------------------
+Mon Dec 16 16:04:41 UTC 2019 - Johannes Segitz <[email protected]>
+
+- Added swig4_moduleimport.patch to prevent import errors due to
+ SWIG 4
+
+-------------------------------------------------------------------
+Wed Oct 30 17:21:00 CET 2019 - Matej Cepl <[email protected]>
+
+- Add python3.8-compat.patch which makes build possible even with
+ Python 3.8, which doesn’t automatically adds -lpython<ver>
+
+-------------------------------------------------------------------
+Tue May 28 08:28:03 UTC 2019 - Martin Liška <[email protected]>
+
+- Disable LTO (boo#1133244).
+
+-------------------------------------------------------------------
+Fri May 24 11:22:19 UTC 2019 - <[email protected]>
+
+- Set License: to correct value (bsc#1135710)
+
+-------------------------------------------------------------------
+Wed Mar 20 15:05:35 UTC 2019 - [email protected]
+
+- Update to version 2.9
+ * Add security_reject_unknown(3) man page
+ * Change matchpathcon usage to match with matchpathcon manpage
+ * Do not define gettid() if glibc >= 2.30 is used
+ * Fix RESOURCE_LEAK defects reported by coverity scan
+ * Fix line wrapping in selabel_file.5
+ * Do not dereference symlink with statfs in selinux_restorecon
+ * Fix overly strict validation of file_contexts.bin
+ * Fix selinux_restorecon() on non-SELinux hosts
+ * Fix the whatis line for the selinux_boolean_sub.3 manpage
+ * Fix printf format string specifier for uint64_t
+ * Fix handling of unknown classes/perms
+ * Set an appropriate errno in booleans.c
+- Dropped python3.patch, is now upstream
+
+-------------------------------------------------------------------
--- /work/SRC/openSUSE:Leap:15.2/libselinux/libselinux.changes 2020-01-15
15:25:05.606565556 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160/libselinux.changes
2020-03-20 05:52:57.552065593 +0100
@@ -1,0 +2,56 @@
+Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <[email protected]>
+
+- Update to version 3.0
+ * Ignore the stem when looking up all matches in file context
+ * Save digest of all partial matches for directory
+ * Use Python distutils to install SELinux python bindings
+ * ensure that digest_len is not zero
+ * fix string conversion of unknown perms
+ * mark all exported function "extern"
+ Dropped Use-Python-distutils-to-install-SELinux.patch, included
+ upstream
+
+-------------------------------------------------------------------
+Wed Nov 13 08:03:39 UTC 2019 - Johannes Segitz <[email protected]>
+
+- Added Use-Python-distutils-to-install-SELinux.patch to use
+ Python's distutils instead of building and installing python
+ bindings manually
+
+-------------------------------------------------------------------
+Mon Jun 3 09:34:17 UTC 2019 - <[email protected]>
+
+- In selinux-ready
+ * Removed check for selinux-policy package as we don't ship one
+ (bsc#1136845)
+ * Add check that restorecond is installed and enabled
+
+-------------------------------------------------------------------
+Fri May 24 11:22:19 UTC 2019 - <[email protected]>
+
+- Set License: to correct value (bsc#1135710)
+
+-------------------------------------------------------------------
+Thu Apr 25 07:14:10 UTC 2019 - Martin Liška <[email protected]>
+
+- Disable LTO (boo#1133244).
+
+-------------------------------------------------------------------
+Wed Mar 20 15:05:35 UTC 2019 - [email protected]
+
+- Update to version 2.9
+ * Add security_reject_unknown(3) man page
+ * Change matchpathcon usage to match with matchpathcon manpage
+ * Do not define gettid() if glibc >= 2.30 is used
+ * Fix RESOURCE_LEAK defects reported by coverity scan
+ * Fix line wrapping in selabel_file.5
+ * Do not dereference symlink with statfs in selinux_restorecon
+ * Fix overly strict validation of file_contexts.bin
+ * Fix selinux_restorecon() on non-SELinux hosts
+ * Fix the whatis line for the selinux_boolean_sub.3 manpage
+ * Fix printf format string specifier for uint64_t
+ * Fix handling of unknown classes/perms
+ * Set an appropriate errno in booleans.c
+- Dropped python3.patch, is now upstream
+
+-------------------------------------------------------------------
Old:
----
libselinux-2.8.tar.gz
python3.patch
New:
----
libselinux-3.0.tar.gz
python3.8-compat.patch
swig4_moduleimport.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libselinux-bindings.spec ++++++
--- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.012065899 +0100
+++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.016065902 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libselinux-bindings
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,26 +12,29 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
-%define libsepol_ver 2.8
+%define libsepol_ver 3.0
Name: libselinux-bindings
-Version: 2.8
+Version: 3.0
Release: 0
Summary: SELinux runtime library and simple utilities
-License: GPL-2.0-only AND SUSE-Public-Domain
+License: SUSE-Public-Domain
Group: Development/Libraries/C and C++
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
# embedded is the MD5
Source: libselinux-%{version}.tar.gz
Source1: selinux-ready
Source2: baselibs.conf
-Patch3: python3.patch
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
Patch4: readv-proto.patch
+# PATCH-FIX-UPSTREAM python3.8-compat.patch [email protected]
+# Make linking working even when default pkg-config doesn’t provide
-lpython<ver>
+Patch5: python3.8-compat.patch
+Patch6: swig4_moduleimport.patch
BuildRequires: libsepol-devel-static >= %{libsepol_ver}
BuildRequires: pcre-devel
BuildRequires: python-rpm-macros
@@ -46,7 +49,6 @@
%package -n python3-selinux
%define oldpython python
Summary: Python bindings for the SELinux runtime library
-License: SUSE-Public-Domain
Group: Development/Libraries/Python
Requires: libselinux1 = %{version}
Requires: python3
@@ -64,7 +66,6 @@
%package -n ruby-selinux
Summary: Ruby bindings for the SELinux runtime library
-License: SUSE-Public-Domain
Group: Development/Languages/Ruby
Requires: libselinux1 = %{version}
Requires: ruby
@@ -78,10 +79,10 @@
%prep
%setup -q -n libselinux-%{version}
-%patch3 -p1
-%patch4 -p1
+%autopatch -p1
%build
+%define _lto_cflags %{nil}
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src V=1
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src swigify
V=1
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src pywrap V=1
++++++ libselinux.spec ++++++
--- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.028065910 +0100
+++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.028065910 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libselinux
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,22 +12,21 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
-%define libsepol_ver 2.8
+%define libsepol_ver 3.0
Name: libselinux
-Version: 2.8
+Version: 3.0
Release: 0
Summary: SELinux runtime library and utilities
-License: GPL-2.0-only AND SUSE-Public-Domain
+License: SUSE-Public-Domain
Group: Development/Libraries/C and C++
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
-Source: libselinux-%{version}.tar.gz
+Source:
https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz
Source1: selinux-ready
Source2: baselibs.conf
-Patch3: python3.patch
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
Patch4: readv-proto.patch
BuildRequires: fdupes
@@ -95,10 +94,10 @@
%prep
%setup -q
-%patch3 -p1
%patch4 -p1
%build
+%define _lto_cflags %{nil}
make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags}"
%install
@@ -120,6 +119,8 @@
rm -f %{buildroot}%{_sbindir}/selinuxdisable
rm -f %{buildroot}%{_sbindir}/getseuser
rm -f %{buildroot}%{_sbindir}/selinux_check_securetty_context
+rm -f %{buildroot}%{_sbindir}/selabel_get_digests_all_partial_matches
+rm -f %{buildroot}%{_sbindir}/validatetrans
mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon
mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
install -m 0755 %{SOURCE1} %{buildroot}%{_sbindir}/selinux-ready
@@ -149,7 +150,9 @@
%{_sbindir}/selinuxexeccon
%{_sbindir}/sefcontext_compile
%{_mandir}/man5/*
+%{_mandir}/ru/man5/*
%{_mandir}/man8/*
+%{_mandir}/ru/man8/*
%files -n libselinux1
/%{_lib}/libselinux.so.*
++++++ libselinux-2.8.tar.gz -> libselinux-3.0.tar.gz ++++++
++++ 7489 lines of diff (skipped)
++++++ python3.8-compat.patch ++++++
--- a/src/Makefile
+++ b/src/Makefile
@@ -13,7 +13,11 @@ LIBDIR ?= $(PREFIX)/lib
SHLIBDIR ?= /lib
INCLUDEDIR ?= $(PREFIX)/include
PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
+ifeq ($(shell $(PKG_CONFIG) --exists $(PYPREFIX)-embed && echo true), true)
+PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX)-embed)
+else
PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX))
+endif
PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *;
print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))")
PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t in
imp.get_suffixes() if t == imp.C_EXTENSION][0])')
RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"]
+ " -I" + RbConfig::CONFIG["rubyhdrdir"]')
++++++ selinux-ready ++++++
--- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.172066006 +0100
+++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.176066008 +0100
@@ -196,17 +196,17 @@
check_runlevel()
{
- if [ "$(systemctl is-enabled restorecond.service)" == "enabled" ]; then
+ if [ "$(systemctl is-enabled restorecond.service 2>/dev/null)" ==
"enabled" ]; then
printf "\tcheck_runlevel: OK. restorecond is enabled on your
system\n"
return 0;
fi
- printf "\tcheck_runlevel: ERR. please execute 'yast2 runlevel' and
enable restorecond.\n"
+ printf "\tcheck_runlevel: ERR. please enable restorecond with systemctl
enable restorecond.service.\n"
return 1
}
check_packages()
{
- PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1
libsemanage1 selinux-policy"
+ PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1
libsemanage1 restorecond"
FAIL=0
for i in $PKGLST
++++++ swig4_moduleimport.patch ++++++
Index: libselinux-2.9/src/selinuxswig_python.i
===================================================================
--- libselinux-2.9.orig/src/selinuxswig_python.i 2019-03-15
10:32:30.000000000 +0000
+++ libselinux-2.9/src/selinuxswig_python.i 2019-12-16 15:03:46.133451617
+0000
@@ -6,7 +6,7 @@
#define DISABLE_RPM
#endif
-%module selinux
+%module(moduleimport="import $module") selinux
%{
#include "selinux/selinux.h"
%}
