Hello community, here is the log from the commit of package libselinux for openSUSE:Leap:15.2 checked in at 2020-03-20 05:52:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/libselinux (Old) and /work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libselinux" Fri Mar 20 05:52:44 2020 rev:23 rq:785973 version:3.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/libselinux/libselinux-bindings.changes 2020-01-15 15:25:05.558565529 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160/libselinux-bindings.changes 2020-03-20 05:52:57.468065537 +0100 @@ -1,0 +2,51 @@ +Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <jseg...@suse.de> + +- Update to version 3.0 + * Ignore the stem when looking up all matches in file context + * Save digest of all partial matches for directory + * Use Python distutils to install SELinux python bindings + * ensure that digest_len is not zero + * fix string conversion of unknown perms + * mark all exported function "extern" + +------------------------------------------------------------------- +Mon Dec 16 16:04:41 UTC 2019 - Johannes Segitz <jseg...@suse.de> + +- Added swig4_moduleimport.patch to prevent import errors due to + SWIG 4 + +------------------------------------------------------------------- +Wed Oct 30 17:21:00 CET 2019 - Matej Cepl <mc...@suse.com> + +- Add python3.8-compat.patch which makes build possible even with + Python 3.8, which doesn’t automatically adds -lpython<ver> + +------------------------------------------------------------------- +Tue May 28 08:28:03 UTC 2019 - Martin Liška <mli...@suse.cz> + +- Disable LTO (boo#1133244). + +------------------------------------------------------------------- +Fri May 24 11:22:19 UTC 2019 - <jseg...@suse.com> + +- Set License: to correct value (bsc#1135710) + +------------------------------------------------------------------- +Wed Mar 20 15:05:35 UTC 2019 - jseg...@suse.com + +- Update to version 2.9 + * Add security_reject_unknown(3) man page + * Change matchpathcon usage to match with matchpathcon manpage + * Do not define gettid() if glibc >= 2.30 is used + * Fix RESOURCE_LEAK defects reported by coverity scan + * Fix line wrapping in selabel_file.5 + * Do not dereference symlink with statfs in selinux_restorecon + * Fix overly strict validation of file_contexts.bin + * Fix selinux_restorecon() on non-SELinux hosts + * Fix the whatis line for the selinux_boolean_sub.3 manpage + * Fix printf format string specifier for uint64_t + * Fix handling of unknown classes/perms + * Set an appropriate errno in booleans.c +- Dropped python3.patch, is now upstream + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Leap:15.2/libselinux/libselinux.changes 2020-01-15 15:25:05.606565556 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.libselinux.new.3160/libselinux.changes 2020-03-20 05:52:57.552065593 +0100 @@ -1,0 +2,56 @@ +Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <jseg...@suse.de> + +- Update to version 3.0 + * Ignore the stem when looking up all matches in file context + * Save digest of all partial matches for directory + * Use Python distutils to install SELinux python bindings + * ensure that digest_len is not zero + * fix string conversion of unknown perms + * mark all exported function "extern" + Dropped Use-Python-distutils-to-install-SELinux.patch, included + upstream + +------------------------------------------------------------------- +Wed Nov 13 08:03:39 UTC 2019 - Johannes Segitz <jseg...@suse.de> + +- Added Use-Python-distutils-to-install-SELinux.patch to use + Python's distutils instead of building and installing python + bindings manually + +------------------------------------------------------------------- +Mon Jun 3 09:34:17 UTC 2019 - <jseg...@suse.com> + +- In selinux-ready + * Removed check for selinux-policy package as we don't ship one + (bsc#1136845) + * Add check that restorecond is installed and enabled + +------------------------------------------------------------------- +Fri May 24 11:22:19 UTC 2019 - <jseg...@suse.com> + +- Set License: to correct value (bsc#1135710) + +------------------------------------------------------------------- +Thu Apr 25 07:14:10 UTC 2019 - Martin Liška <mli...@suse.cz> + +- Disable LTO (boo#1133244). + +------------------------------------------------------------------- +Wed Mar 20 15:05:35 UTC 2019 - jseg...@suse.com + +- Update to version 2.9 + * Add security_reject_unknown(3) man page + * Change matchpathcon usage to match with matchpathcon manpage + * Do not define gettid() if glibc >= 2.30 is used + * Fix RESOURCE_LEAK defects reported by coverity scan + * Fix line wrapping in selabel_file.5 + * Do not dereference symlink with statfs in selinux_restorecon + * Fix overly strict validation of file_contexts.bin + * Fix selinux_restorecon() on non-SELinux hosts + * Fix the whatis line for the selinux_boolean_sub.3 manpage + * Fix printf format string specifier for uint64_t + * Fix handling of unknown classes/perms + * Set an appropriate errno in booleans.c +- Dropped python3.patch, is now upstream + +------------------------------------------------------------------- Old: ---- libselinux-2.8.tar.gz python3.patch New: ---- libselinux-3.0.tar.gz python3.8-compat.patch swig4_moduleimport.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libselinux-bindings.spec ++++++ --- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.012065899 +0100 +++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.016065902 +0100 @@ -1,7 +1,7 @@ # # spec file for package libselinux-bindings # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,26 +12,29 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %{?!python_module:%define python_module() python-%{**} python3-%{**}} -%define libsepol_ver 2.8 +%define libsepol_ver 3.0 Name: libselinux-bindings -Version: 2.8 +Version: 3.0 Release: 0 Summary: SELinux runtime library and simple utilities -License: GPL-2.0-only AND SUSE-Public-Domain +License: SUSE-Public-Domain Group: Development/Libraries/C and C++ URL: https://github.com/SELinuxProject/selinux/wiki/Releases # embedded is the MD5 Source: libselinux-%{version}.tar.gz Source1: selinux-ready Source2: baselibs.conf -Patch3: python3.patch # PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype Patch4: readv-proto.patch +# PATCH-FIX-UPSTREAM python3.8-compat.patch mc...@suse.com +# Make linking working even when default pkg-config doesn’t provide -lpython<ver> +Patch5: python3.8-compat.patch +Patch6: swig4_moduleimport.patch BuildRequires: libsepol-devel-static >= %{libsepol_ver} BuildRequires: pcre-devel BuildRequires: python-rpm-macros @@ -46,7 +49,6 @@ %package -n python3-selinux %define oldpython python Summary: Python bindings for the SELinux runtime library -License: SUSE-Public-Domain Group: Development/Libraries/Python Requires: libselinux1 = %{version} Requires: python3 @@ -64,7 +66,6 @@ %package -n ruby-selinux Summary: Ruby bindings for the SELinux runtime library -License: SUSE-Public-Domain Group: Development/Languages/Ruby Requires: libselinux1 = %{version} Requires: ruby @@ -78,10 +79,10 @@ %prep %setup -q -n libselinux-%{version} -%patch3 -p1 -%patch4 -p1 +%autopatch -p1 %build +%define _lto_cflags %{nil} make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src swigify V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src pywrap V=1 ++++++ libselinux.spec ++++++ --- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.028065910 +0100 +++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.028065910 +0100 @@ -1,7 +1,7 @@ # # spec file for package libselinux # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,22 +12,21 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%define libsepol_ver 2.8 +%define libsepol_ver 3.0 Name: libselinux -Version: 2.8 +Version: 3.0 Release: 0 Summary: SELinux runtime library and utilities -License: GPL-2.0-only AND SUSE-Public-Domain +License: SUSE-Public-Domain Group: Development/Libraries/C and C++ URL: https://github.com/SELinuxProject/selinux/wiki/Releases -Source: libselinux-%{version}.tar.gz +Source: https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz Source1: selinux-ready Source2: baselibs.conf -Patch3: python3.patch # PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype Patch4: readv-proto.patch BuildRequires: fdupes @@ -95,10 +94,10 @@ %prep %setup -q -%patch3 -p1 %patch4 -p1 %build +%define _lto_cflags %{nil} make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags}" %install @@ -120,6 +119,8 @@ rm -f %{buildroot}%{_sbindir}/selinuxdisable rm -f %{buildroot}%{_sbindir}/getseuser rm -f %{buildroot}%{_sbindir}/selinux_check_securetty_context +rm -f %{buildroot}%{_sbindir}/selabel_get_digests_all_partial_matches +rm -f %{buildroot}%{_sbindir}/validatetrans mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist install -m 0755 %{SOURCE1} %{buildroot}%{_sbindir}/selinux-ready @@ -149,7 +150,9 @@ %{_sbindir}/selinuxexeccon %{_sbindir}/sefcontext_compile %{_mandir}/man5/* +%{_mandir}/ru/man5/* %{_mandir}/man8/* +%{_mandir}/ru/man8/* %files -n libselinux1 /%{_lib}/libselinux.so.* ++++++ libselinux-2.8.tar.gz -> libselinux-3.0.tar.gz ++++++ ++++ 7489 lines of diff (skipped) ++++++ python3.8-compat.patch ++++++ --- a/src/Makefile +++ b/src/Makefile @@ -13,7 +13,11 @@ LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= /lib INCLUDEDIR ?= $(PREFIX)/include PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX)) +ifeq ($(shell $(PKG_CONFIG) --exists $(PYPREFIX)-embed && echo true), true) +PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX)-embed) +else PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX)) +endif PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))") PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t in imp.get_suffixes() if t == imp.C_EXTENSION][0])') RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]') ++++++ selinux-ready ++++++ --- /var/tmp/diff_new_pack.pF3uFi/_old 2020-03-20 05:52:58.172066006 +0100 +++ /var/tmp/diff_new_pack.pF3uFi/_new 2020-03-20 05:52:58.176066008 +0100 @@ -196,17 +196,17 @@ check_runlevel() { - if [ "$(systemctl is-enabled restorecond.service)" == "enabled" ]; then + if [ "$(systemctl is-enabled restorecond.service 2>/dev/null)" == "enabled" ]; then printf "\tcheck_runlevel: OK. restorecond is enabled on your system\n" return 0; fi - printf "\tcheck_runlevel: ERR. please execute 'yast2 runlevel' and enable restorecond.\n" + printf "\tcheck_runlevel: ERR. please enable restorecond with systemctl enable restorecond.service.\n" return 1 } check_packages() { - PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 selinux-policy" + PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 restorecond" FAIL=0 for i in $PKGLST ++++++ swig4_moduleimport.patch ++++++ Index: libselinux-2.9/src/selinuxswig_python.i =================================================================== --- libselinux-2.9.orig/src/selinuxswig_python.i 2019-03-15 10:32:30.000000000 +0000 +++ libselinux-2.9/src/selinuxswig_python.i 2019-12-16 15:03:46.133451617 +0000 @@ -6,7 +6,7 @@ #define DISABLE_RPM #endif -%module selinux +%module(moduleimport="import $module") selinux %{ #include "selinux/selinux.h" %}