Hello community, here is the log from the commit of package libselinux for openSUSE:Factory checked in at 2020-10-06 17:06:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libselinux (Old) and /work/SRC/openSUSE:Factory/.libselinux.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libselinux" Tue Oct 6 17:06:38 2020 rev:62 rq:832090 version:3.1 Changes: -------- --- /work/SRC/openSUSE:Factory/libselinux/libselinux-bindings.changes 2020-03-11 18:31:18.990860755 +0100 +++ /work/SRC/openSUSE:Factory/.libselinux.new.4249/libselinux-bindings.changes 2020-10-06 17:09:19.149434456 +0200 @@ -1,0 +2,19 @@ +Tue Jul 14 08:24:20 UTC 2020 - Johannes Segitz <[email protected]> + +- Update to version 3.1: + * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were + removed. All userspace object managers should have been updated to use the + dynamic class/perm mapping support. + + Use string_to_security_class(3) and string_to_av_perm(3) to map the class + and permission names to their policy values, or selinux_set_mapping(3) to + create a mapping from class and permission index values used by the + application to the policy values. + * Removed restrictions in libsepol and checkpolicy that required all declared + initial SIDs to be assigned a context. + * Support for new policy capability genfs_seclabel_symlinks + * selinuxfs is mounted with noexec and nosuid + * `security_compute_user()` was deprecated + * Refreshed python3.8-compat.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libselinux/libselinux.changes 2020-06-05 20:08:29.885403395 +0200 +++ /work/SRC/openSUSE:Factory/.libselinux.new.4249/libselinux.changes 2020-10-06 17:09:19.693434926 +0200 @@ -1,0 +2,18 @@ +Tue Jul 14 08:24:20 UTC 2020 - Johannes Segitz <[email protected]> + +- Update to version 3.1: + * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were + removed. All userspace object managers should have been updated to use the + dynamic class/perm mapping support. + + Use string_to_security_class(3) and string_to_av_perm(3) to map the class + and permission names to their policy values, or selinux_set_mapping(3) to + create a mapping from class and permission index values used by the + application to the policy values. + * Removed restrictions in libsepol and checkpolicy that required all declared + initial SIDs to be assigned a context. + * Support for new policy capability genfs_seclabel_symlinks + * selinuxfs is mounted with noexec and nosuid + * `security_compute_user()` was deprecated + +------------------------------------------------------------------- Old: ---- libselinux-3.0.tar.gz New: ---- libselinux-3.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libselinux-bindings.spec ++++++ --- /var/tmp/diff_new_pack.EZzqyj/_old 2020-10-06 17:09:21.925436854 +0200 +++ /var/tmp/diff_new_pack.EZzqyj/_new 2020-10-06 17:09:21.929436857 +0200 @@ -17,9 +17,9 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} -%define libsepol_ver 3.0 +%define libsepol_ver 3.1 Name: libselinux-bindings -Version: 3.0 +Version: 3.1 Release: 0 Summary: SELinux runtime library and simple utilities License: SUSE-Public-Domain @@ -83,10 +83,10 @@ %build %define _lto_cflags %{nil} -make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src V=1 -make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src swigify V=1 -make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src pywrap V=1 -make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src rubywrap V=1 +make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src V=1 +make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src swigify V=1 +make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src pywrap V=1 +make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src rubywrap V=1 %install make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a -C src install V=1 ++++++ libselinux.spec ++++++ --- /var/tmp/diff_new_pack.EZzqyj/_old 2020-10-06 17:09:21.949436875 +0200 +++ /var/tmp/diff_new_pack.EZzqyj/_new 2020-10-06 17:09:21.953436878 +0200 @@ -16,15 +16,15 @@ # -%define libsepol_ver 3.0 +%define libsepol_ver 3.1 Name: libselinux -Version: 3.0 +Version: 3.1 Release: 0 Summary: SELinux runtime library and utilities License: SUSE-Public-Domain Group: Development/Libraries/C and C++ URL: https://github.com/SELinuxProject/selinux/wiki/Releases -Source: https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz +Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/%{name}-%{version}.tar.gz Source1: selinux-ready Source2: baselibs.conf # PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype @@ -100,7 +100,7 @@ %build %define _lto_cflags %{nil} -make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags}" +make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags} -fno-semantic-interposition" %install mkdir -p %{buildroot}/%{_lib} ++++++ libselinux-3.0.tar.gz -> libselinux-3.1.tar.gz ++++++ ++++ 5516 lines of diff (skipped) ++++++ python3.8-compat.patch ++++++ --- /var/tmp/diff_new_pack.EZzqyj/_old 2020-10-06 17:09:22.149437047 +0200 +++ /var/tmp/diff_new_pack.EZzqyj/_new 2020-10-06 17:09:22.153437051 +0200 @@ -1,5 +1,7 @@ ---- a/src/Makefile -+++ b/src/Makefile +Index: libselinux-3.1/src/Makefile +=================================================================== +--- libselinux-3.1.orig/src/Makefile ++++ libselinux-3.1/src/Makefile @@ -13,7 +13,11 @@ LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= /lib INCLUDEDIR ?= $(PREFIX)/include @@ -10,5 +12,5 @@ PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX)) +endif PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))") - PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t in imp.get_suffixes() if t == imp.C_EXTENSION][0])') + PYCEXT ?= $(shell $(PYTHON) -c 'import importlib.machinery;print(importlib.machinery.EXTENSION_SUFFIXES[0])') RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
