Hello community, here is the log from the commit of package restorecond for openSUSE:Factory checked in at 2020-10-06 17:07:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/restorecond (Old) and /work/SRC/openSUSE:Factory/.restorecond.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "restorecond" Tue Oct 6 17:07:49 2020 rev:7 rq:832096 version:3.1 Changes: -------- --- /work/SRC/openSUSE:Factory/restorecond/restorecond.changes 2020-05-20 18:37:41.524259592 +0200 +++ /work/SRC/openSUSE:Factory/.restorecond.new.4249/restorecond.changes 2020-10-06 17:09:35.461448545 +0200 @@ -1,0 +2,12 @@ +Wed Jul 15 14:27:05 UTC 2020 - Johannes Segitz <[email protected]> + +- Use proper macros for SYSTEMDSYSTEMUNITDIR and SYSTEMDUSERUNITDIR + +------------------------------------------------------------------- +Tue Jul 14 08:32:09 UTC 2020 - Johannes Segitz <[email protected]> + +- Update to version 3.1 + * `restorecond_user.service` - new systemd user service which runs + `restorecond -u` + +------------------------------------------------------------------- Old: ---- restorecond-3.0.tar.gz New: ---- restorecond-3.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ restorecond.spec ++++++ --- /var/tmp/diff_new_pack.17N8Du/_old 2020-10-06 17:09:36.101449098 +0200 +++ /var/tmp/diff_new_pack.17N8Du/_new 2020-10-06 17:09:36.105449101 +0200 @@ -16,15 +16,15 @@ # -%define libselinux_ver 3.0 +%define libselinux_ver 3.1 Name: restorecond -Version: 3.0 +Version: 3.1 Release: 0 Summary: Daemon to restore SELinux contexts License: GPL-2.0-or-later Group: Productivity/Security URL: https://github.com/SELinuxProject/selinux.git -Source0: https://github.com/SELinuxProject/selinux/releases/download/20191204/restorecond-%{version}.tar.gz +Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/restorecond-%{version}.tar.gz BuildRequires: dbus-1-glib-devel BuildRequires: libselinux-devel >= %{libselinux_ver} Requires: libselinux1 >= %{libselinux_ver} @@ -41,7 +41,7 @@ %make_build LSPP_PRIV=y all %install -make DESTDIR=%{buildroot} SHLIBDIR=/%{_lib} install +make DESTDIR=%{buildroot} SHLIBDIR=/%{_lib} SYSTEMDSYSTEMUNITDIR=%{_unitdir} SYSTEMDUSERUNITDIR=%{_userunitdir} install rm %{buildroot}%{_sysconfdir}/rc.d/init.d/restorecond ln -s /sbin/service %{buildroot}%{_sbindir}/rcrestorecond @@ -62,6 +62,7 @@ %config(noreplace) %{_sysconfdir}/selinux/restorecond_user.conf %{_sysconfdir}/xdg/autostart/restorecond.desktop %{_unitdir}/restorecond.service +%{_userunitdir}/restorecond_user.service %{_sbindir}/restorecond %{_sbindir}/rcrestorecond ++++++ restorecond-3.0.tar.gz -> restorecond-3.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/restorecond-3.0/Makefile new/restorecond-3.1/Makefile --- old/restorecond-3.0/Makefile 2019-11-28 13:46:48.000000000 +0100 +++ new/restorecond-3.1/Makefile 2020-07-10 17:17:15.000000000 +0200 @@ -7,19 +7,20 @@ MANDIR = $(PREFIX)/share/man AUTOSTARTDIR = /etc/xdg/autostart DBUSSERVICEDIR = $(PREFIX)/share/dbus-1/services -SYSTEMDDIR ?= $(PREFIX)/lib/systemd +SYSTEMDSYSTEMUNITDIR ?= $(shell $(PKG_CONFIG) --variable=systemdsystemunitdir systemd) +SYSTEMDUSERUNITDIR ?= $(shell $(PKG_CONFIG) --variable=systemduserunitdir systemd) autostart_DATA = sealertauto.desktop INITDIR ?= /etc/rc.d/init.d SELINUXDIR = /etc/selinux -DBUSFLAGS = -DHAVE_DBUS $(shell $(PKG_CONFIG) --cflags dbus-glib-1) -DBUSLIB = $(shell $(PKG_CONFIG) --libs dbus-glib-1) +GIO_CFLAGS = -DHAVE_DBUS $(shell $(PKG_CONFIG) --cflags gio-2.0) +GIO_LIBS = $(shell $(PKG_CONFIG) --libs gio-2.0) CFLAGS ?= -g -Werror -Wall -W -override CFLAGS += $(DBUSFLAGS) +override CFLAGS += $(GIO_CFLAGS) -override LDLIBS += -lselinux $(DBUSLIB) +override LDLIBS += -lselinux $(GIO_LIBS) all: restorecond @@ -48,8 +49,10 @@ install -m 644 restorecond.desktop $(DESTDIR)$(AUTOSTARTDIR)/restorecond.desktop -mkdir -p $(DESTDIR)$(DBUSSERVICEDIR) install -m 644 org.selinux.Restorecond.service $(DESTDIR)$(DBUSSERVICEDIR)/org.selinux.Restorecond.service - -mkdir -p $(DESTDIR)$(SYSTEMDDIR)/system - install -m 644 restorecond.service $(DESTDIR)$(SYSTEMDDIR)/system/ + -mkdir -p $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) + install -m 644 restorecond.service $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) + -mkdir -p $(DESTDIR)$(SYSTEMDUSERUNITDIR) + install -m 644 restorecond_user.service $(DESTDIR)$(SYSTEMDUSERUNITDIR) relabel: install /sbin/restorecon $(DESTDIR)$(SBINDIR)/restorecond diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/restorecond-3.0/VERSION new/restorecond-3.1/VERSION --- old/restorecond-3.0/VERSION 2019-11-28 13:46:48.000000000 +0100 +++ new/restorecond-3.1/VERSION 2020-07-10 17:17:15.000000000 +0200 @@ -1 +1 @@ -3.0 +3.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/restorecond-3.0/org.selinux.Restorecond.service new/restorecond-3.1/org.selinux.Restorecond.service --- old/restorecond-3.0/org.selinux.Restorecond.service 2019-11-28 13:46:48.000000000 +0100 +++ new/restorecond-3.1/org.selinux.Restorecond.service 2020-07-10 17:17:15.000000000 +0200 @@ -1,3 +1,4 @@ [D-BUS Service] Name=org.selinux.Restorecond Exec=/usr/sbin/restorecond -u +SystemdService=restorecond_user.service diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/restorecond-3.0/restorecond_user.service new/restorecond-3.1/restorecond_user.service --- old/restorecond-3.0/restorecond_user.service 1970-01-01 01:00:00.000000000 +0100 +++ new/restorecond-3.1/restorecond_user.service 2020-07-10 17:17:15.000000000 +0200 @@ -0,0 +1,10 @@ +[Unit] +Description=Restorecon maintaining path file context (user service) +Documentation=man:restorecond(8) +ConditionPathExists=/etc/selinux/restorecond_user.conf +ConditionSecurity=selinux + +[Service] +Type=dbus +BusName=org.selinux.Restorecond +ExecStart=/usr/sbin/restorecond -u diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/restorecond-3.0/user.c new/restorecond-3.1/user.c --- old/restorecond-3.0/user.c 2019-11-28 13:46:48.000000000 +0100 +++ new/restorecond-3.1/user.c 2020-07-10 17:17:15.000000000 +0200 @@ -2,6 +2,7 @@ * restorecond * * Copyright (C) 2006-2009 Red Hat + * Copyright (C) 2020 Nicolas Iooss * see file 'COPYING' for use and warranty information * * This program is free software; you can redistribute it and/or @@ -21,7 +22,7 @@ * * Authors: * Dan Walsh <[email protected]> - * + * Nicolas Iooss <[email protected]> */ #define _GNU_SOURCE @@ -33,73 +34,76 @@ #include <string.h> #include <unistd.h> #include <ctype.h> +#include <sys/file.h> #include <sys/types.h> #include <sys/stat.h> #include <syslog.h> #include <limits.h> #include <fcntl.h> +#include <selinux/selinux.h> + #include "restorecond.h" #include "stringslist.h" #include <glib.h> -#ifdef HAVE_DBUS -#include <dbus/dbus.h> -#include <dbus/dbus-glib.h> -#include <dbus/dbus-glib-lowlevel.h> - -static DBusHandlerResult signal_filter (DBusConnection *connection, DBusMessage *message, void *user_data); - -static const char *PATH="/org/selinux/Restorecond"; -//static const char *BUSNAME="org.selinux.Restorecond"; -static const char *INTERFACE="org.selinux.RestorecondIface"; -static const char *RULE="type='signal',interface='org.selinux.RestorecondIface'"; +#include <glib-unix.h> static int local_lock_fd = -1; -static DBusHandlerResult -signal_filter (DBusConnection *connection __attribute__ ((__unused__)), DBusMessage *message, void *user_data) +#ifdef HAVE_DBUS +#include <gio/gio.h> + +static const char *DBUS_NAME = "org.selinux.Restorecond"; + +static void on_name_acquired(GDBusConnection *connection G_GNUC_UNUSED, + const gchar *name, + gpointer user_data G_GNUC_UNUSED) +{ + if (debug_mode) + g_print("D-Bus name acquired: %s\n", name); +} + +static void on_name_lost(GDBusConnection *connection G_GNUC_UNUSED, + const gchar *name, + gpointer user_data) { - /* User data is the event loop we are running in */ - GMainLoop *loop = user_data; + /* Exit when the D-Bus connection closes */ + GMainLoop *loop = user_data; - /* A signal from the bus saying we are about to be disconnected */ - if (dbus_message_is_signal - (message, INTERFACE, "Stop")) { - - /* Tell the main loop to quit */ - g_main_loop_quit (loop); - /* We have handled this message, don't pass it on */ - return DBUS_HANDLER_RESULT_HANDLED; - } - /* A Ping signal on the com.burtonini.dbus.Signal interface */ - else if (dbus_message_is_signal (message, INTERFACE, "Start")) { - DBusError error; - dbus_error_init (&error); - g_print("Start received\n"); - return DBUS_HANDLER_RESULT_HANDLED; - } - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + if (debug_mode) + g_print("D-Bus name lost (%s), exiting\n", name); + g_main_loop_quit(loop); } -static int dbus_server(GMainLoop *loop) { - DBusConnection *bus; - DBusError error; - dbus_error_init (&error); - bus = dbus_bus_get (DBUS_BUS_SESSION, &error); - if (bus) { - dbus_connection_setup_with_g_main (bus, NULL); - - /* listening to messages from all objects as no path is specified */ - dbus_bus_add_match (bus, RULE, &error); // see signals from the given interfacey - dbus_connection_add_filter (bus, signal_filter, loop, NULL); +/** + * Try starting a D-Bus server on the session bus. + * Returns -1 if the connection failed, so that a local server can be launched + */ +static int dbus_server(GMainLoop *loop) +{ + GDBusConnection *bus; + guint client_id; + + bus = g_bus_get_sync(G_BUS_TYPE_SESSION, NULL, NULL); + if (!bus) + return -1; + + client_id = g_bus_own_name_on_connection( + bus, + DBUS_NAME, + G_BUS_NAME_OWNER_FLAGS_NONE, + on_name_acquired, + on_name_lost, + loop, + NULL); + g_object_unref(bus); + if (client_id == 0) + return -1; + return 0; - } - return -1; } #endif -#include <selinux/selinux.h> -#include <sys/file.h> /* size of the event structure, not counting name */ #define EVENT_SIZE (sizeof (struct inotify_event)) @@ -167,29 +171,42 @@ int start() { #ifdef HAVE_DBUS - DBusConnection *bus; - DBusError error; - DBusMessage *message; + GDBusConnection *bus; + GError *err = NULL; + GVariant *result; /* Get a connection to the session bus */ - dbus_error_init (&error); - bus = dbus_bus_get (DBUS_BUS_SESSION, &error); + bus = g_bus_get_sync(G_BUS_TYPE_SESSION, NULL, &err); if (!bus) { if (debug_mode) - g_warning ("Failed to connect to the D-BUS daemon: %s", error.message); - dbus_error_free (&error); + g_warning("Failed to connect to the D-BUS daemon: %s", err->message); + g_error_free(err); return 1; } - - /* Create a new signal "Start" on the interface, - * from the object */ - message = dbus_message_new_signal (PATH, - INTERFACE, "Start"); - /* Send the signal */ - dbus_connection_send (bus, message, NULL); - /* Free the signal now we have finished with it */ - dbus_message_unref (message); + /* Start restorecond D-Bus service by pinging its bus name + * + * https://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-peer + */ + result = g_dbus_connection_call_sync(bus, + DBUS_NAME, /* bus name */ + "/", /* object path */ + "org.freedesktop.DBus.Peer", /* interface */ + "Ping", /* method */ + NULL, /* parameters */ + NULL, /* reply_type */ + G_DBUS_CALL_FLAGS_NONE, + -1, /* timeout_msec */ + NULL, + &err); + if (!result) { + g_object_unref(bus); + if (debug_mode) + g_warning("Failed to start %s: %s", DBUS_NAME, err->message); + g_error_free(err); + return 1; + } + g_object_unref(bus); #endif /* HAVE_DBUS */ return 0; } @@ -234,35 +251,54 @@ local_lock_fd = -1; } +static int sigterm_handler(gpointer user_data) +{ + GMainLoop *loop = user_data; + + if (debug_mode) + g_print("Received SIGTERM, exiting\n"); + g_main_loop_quit(loop); + return FALSE; +} + + int server(int master_fd, const char *watch_file) { - GMainLoop *loop; + GMainLoop *loop; - loop = g_main_loop_new (NULL, FALSE); + loop = g_main_loop_new (NULL, FALSE); #ifdef HAVE_DBUS - if (dbus_server(loop) != 0) + if (dbus_server(loop) != 0) #endif /* HAVE_DBUS */ - if (local_server()) - goto end; + if (local_server()) + goto end; - read_config(master_fd, watch_file); + read_config(master_fd, watch_file); - if (watch_list_isempty()) goto end; + if (watch_list_isempty()) + goto end; - set_matchpathcon_flags(MATCHPATHCON_NOTRANS); + set_matchpathcon_flags(MATCHPATHCON_NOTRANS); - GIOChannel *c = g_io_channel_unix_new(master_fd); + GIOChannel *c = g_io_channel_unix_new(master_fd); - g_io_add_watch_full( c, - G_PRIORITY_HIGH, - G_IO_IN|G_IO_ERR|G_IO_HUP, - io_channel_callback, NULL, NULL); + g_io_add_watch_full(c, + G_PRIORITY_HIGH, + G_IO_IN|G_IO_ERR|G_IO_HUP, + io_channel_callback, NULL, NULL); - g_main_loop_run (loop); + /* Handle SIGTERM */ + g_unix_signal_add_full(G_PRIORITY_DEFAULT, + SIGTERM, + sigterm_handler, + loop, + NULL); + + g_main_loop_run (loop); end: - end_local_server(); - g_main_loop_unref (loop); - return 0; + end_local_server(); + g_main_loop_unref (loop); + return 0; }
