[gentoo-commits] repo/gentoo:master commit in: sys-libs/libselinux/, sys-libs/libselinux/files/
commit: 079ce1fb1893c226c1cdbbff9e85e0450cae8839 Author: Jason Zaman gentoo org> AuthorDate: Sun Sep 1 09:31:58 2019 + Commit: Jason Zaman gentoo org> CommitDate: Sun Sep 1 09:32:32 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=079ce1fb sys-libs/libselinux: Add compatibility with swig-4 Swig-4 changed how the native lib is imported, so backport 2efa06857575e4118e91ca250b6b92da68b130d5 to fix. Closes: https://bugs.gentoo.org/691720 Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Jason Zaman gentoo.org> ...Use-Python-distutils-to-install-SELinux-p.patch | 205 + ...selinux-2.9.ebuild => libselinux-2.9-r1.ebuild} | 7 +- sys-libs/libselinux/libselinux-2.9.ebuild | 4 +- 3 files changed, 212 insertions(+), 4 deletions(-) diff --git a/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch b/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch new file mode 100644 index 000..896876a00d6 --- /dev/null +++ b/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch @@ -0,0 +1,205 @@ +From 2efa06857575e4118e91ca250b6b92da68b130d5 Mon Sep 17 00:00:00 2001 +From: Petr Lautrbach +Date: Fri, 7 Jun 2019 17:35:44 +0200 +Subject: [PATCH] libselinux: Use Python distutils to install SELinux python + bindings + +Follow officially documented way how to build C extension modules using +distutils - https://docs.python.org/3.8/extending/building.html#building + +Fixes: + +- selinux python module fails to load when it's built using SWIG-4.0: + +>>> import selinux +Traceback (most recent call last): + File "", line 1, in + File "/usr/lib64/python3.7/site-packages/selinux/__init__.py", line 13, in +from . import _selinux +ImportError: cannot import name '_selinux' from 'selinux' (/usr/lib64/python3.7/site-packages/selinux/__init__.py) + +SWIG-4.0 changed (again?) its behavior so that it uses: from . import _selinux +which looks for _selinux module in the same directory as where __init__.py is - +$(PYLIBDIR)/site-packages/selinux. But _selinux module is installed into +$(PYLIBDIR)/site-packages/ since a9604c30a5e2f ("libselinux: Change the location +of _selinux.so"). + +- audit2why python module fails to build with Python 3.8 + +cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DOVERRIDE_GETTID=0 -I../include -D_GNU_SOURCE -DDISABLE_RPM -DNO_ANDROID_BACKEND -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -L. -shared -o python-3.8audit2why.so python-3.8audit2why.lo -lselinux -l:libsepol.a -Wl,-soname,audit2why.so,--version-script=audit2why.map,-z,defs +/usr/bin/ld: python-3.8audit2why.lo: in function `finish': +/builddir/build/BUILD/libselinux-2.9/src/audit2why.c:166: undefined reference to `PyArg_ParseTuple' +/usr/bin/ld: python-3.8audit2why.lo: in function `_Py_INCREF': +/usr/include/python3.8/object.h:449: undefined reference to `_Py_NoneStruct' +/usr/bin/ld: /usr/include/python3.8/object.h:449: undefined reference to `_Py_NoneStruct' +/usr/bin/ld: python-3.8audit2why.lo: in function `check_booleans': +/builddir/build/BUILD/libselinux-2.9/src/audit2why.c:84: undefined reference to `PyExc_RuntimeError' +... + +It's related to the following Python change +https://docs.python.org/dev/whatsnew/3.8.html#debug-build-uses-the-same-abi-as-release-build + +Python distutils adds correct link options automatically. + +- selinux python module doesn't provide any Python metadata + +When selinux python module was built manually, it didn't provide any metadata. +distutils takes care about that so that selinux Python module is visible for +pip: + +$ pip3 list | grep selinux +selinux 2.9 + +Signed-off-by: Petr Lautrbach +--- + libselinux/src/.gitignore | 2 +- + libselinux/src/Makefile | 36 + libselinux/src/setup.py | 24 + 3 files changed, 33 insertions(+), 29 deletions(-) + create mode 100644 libselinux/src/setup.py + +diff --git libselinux/src/.gitignore libselinux/src/.gitignore +index 4dcc3b3b..428afe5a 100644 +--- libselinux/src/.gitignore libselinux/src/.gitignore +@@ -1,4 +1,4 @@ + selinux.py +-selinuxswig_wrap.c ++selinuxswig_python_wrap.c + selinuxswig_python_exception.i + selinuxswig_ruby_wrap.c +diff --git libselinux/src/Makefile libselinux/src/Makefile +index e9ed0383..2b1696a0 100644 +--- libselinux/src/Makefile libselinux/src/Makefile +@@ -36,7 +36,7 @@ TARGET=libselinux.so + LIBPC=libselinux.pc + SWIGIF= selinuxswig_python.i selinuxswig_pyt
[gentoo-commits] repo/gentoo:master commit in: sys-libs/libselinux/, sys-libs/libselinux/files/
commit: 3e43d2c4b1dc59de43f7e8108208e9f985e83fea Author: Jason Zaman gentoo org> AuthorDate: Fri Oct 7 15:10:37 2016 + Commit: Jason Zaman gentoo org> CommitDate: Fri Oct 7 15:16:37 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e43d2c4 sys-libs/libselinux: Drop patch that was already included Package-Manager: portage-2.3.0 ...2.6-0005-use-ruby-include-with-rubylibver.patch | 39 -- sys-libs/libselinux/libselinux-2.6_rc2.ebuild | 1 - sys-libs/libselinux/libselinux-.ebuild | 1 - 3 files changed, 41 deletions(-) diff --git a/sys-libs/libselinux/files/libselinux-2.6-0005-use-ruby-include-with-rubylibver.patch b/sys-libs/libselinux/files/libselinux-2.6-0005-use-ruby-include-with-rubylibver.patch deleted file mode 100644 index a2f704d.. --- a/sys-libs/libselinux/files/libselinux-2.6-0005-use-ruby-include-with-rubylibver.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 024a8628e698e8c90f7876a35c820f30c6957031 Mon Sep 17 00:00:00 2001 -From: Jason Zaman -Date: Sun, 2 Oct 2016 02:06:35 +0800 -Subject: [PATCH] libselinux: versioned ruby pkg-config and query vendorarchdir - properly - -Gentoo and Arch have pkg-config entries for "ruby-$(RUBYLIBVER)" but not -for "ruby". Check if that exists first then fall back to plain ruby if -it does not. - -The ruby install paths were incorrect. Fedora 20 installed to -/usr/lib64/ruby/vendor_ruby/, Arch needs it to be vendor_ruby as well, -site_ruby does not work. Thanks to Nicolas Iooss for the correct way to -query for the path. - -Signed-off-by: Jason Zaman - libselinux/src/Makefile | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile -index 7169230..f9e3de1 100644 libselinux/src/Makefile -+++ libselinux/src/Makefile -@@ -16,9 +16,8 @@ PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_i - PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX)) - PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER) - RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")') --RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM') --RUBYINC ?= $(shell $(PKG_CONFIG) --cflags ruby) --RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM) -+RUBYINC ?= $(shell $(PKG_CONFIG) --exists ruby-$(RUBYLIBVER) && $(PKG_CONFIG) --cflags ruby-$(RUBYLIBVER) || $(PKG_CONFIG) --cflags ruby) -+RUBYINSTALL ?= $(DESTDIR)$(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]') - LIBBASE ?= $(shell basename $(LIBDIR)) - - VERSION = $(shell cat ../VERSION) --- -2.7.3 - diff --git a/sys-libs/libselinux/libselinux-2.6_rc2.ebuild b/sys-libs/libselinux/libselinux-2.6_rc2.ebuild index 0c6c842..4e99ff9 100644 --- a/sys-libs/libselinux/libselinux-2.6_rc2.ebuild +++ b/sys-libs/libselinux/libselinux-2.6_rc2.ebuild @@ -47,7 +47,6 @@ DEPEND="${RDEPEND} src_prepare() { if [[ ${PV} != ]] ; then # If needed for live builds, place them in /etc/portage/patches - eapply "${FILESDIR}/libselinux-2.6-0005-use-ruby-include-with-rubylibver.patch" eapply "${FILESDIR}/libselinux-2.6-0007-build-related-fixes-bug-500674.patch" fi diff --git a/sys-libs/libselinux/libselinux-.ebuild b/sys-libs/libselinux/libselinux-.ebuild index 0c6c842..4e99ff9 100644 --- a/sys-libs/libselinux/libselinux-.ebuild +++ b/sys-libs/libselinux/libselinux-.ebuild @@ -47,7 +47,6 @@ DEPEND="${RDEPEND} src_prepare() { if [[ ${PV} != ]] ; then # If needed for live builds, place them in /etc/portage/patches - eapply "${FILESDIR}/libselinux-2.6-0005-use-ruby-include-with-rubylibver.patch" eapply "${FILESDIR}/libselinux-2.6-0007-build-related-fixes-bug-500674.patch" fi
[gentoo-commits] repo/gentoo:master commit in: sys-libs/libselinux/, sys-libs/libselinux/files/
commit: 0c355bd1ab54f5bd9bdfa4b75bccddbb30ee1713 Author: Jason Zaman gentoo org> AuthorDate: Fri Oct 7 03:57:18 2016 + Commit: Jason Zaman gentoo org> CommitDate: Fri Oct 7 04:18:16 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c355bd1 sys-libs/libselinux: bump to 2.6_rc2 Package-Manager: portage-2.3.0 sys-libs/libselinux/Manifest | 2 +- ...nux-selinux_restorecon-fix-realpath-logic.patch | 76 -- ...2.6_rc1-r1.ebuild => libselinux-2.6_rc2.ebuild} | 3 +- sys-libs/libselinux/libselinux-.ebuild | 2 +- 4 files changed, 3 insertions(+), 80 deletions(-) diff --git a/sys-libs/libselinux/Manifest b/sys-libs/libselinux/Manifest index c2a779e..1cc61aa 100644 --- a/sys-libs/libselinux/Manifest +++ b/sys-libs/libselinux/Manifest @@ -1,2 +1,2 @@ DIST libselinux-2.5.tar.gz 189019 SHA256 94c9e97706280bedcc288f784f67f2b9d3d6136c192b2c9f812115edba58514f SHA512 1c6718aa6fa05c8635427cd6f5a89ce47fb6bb9bd2fec417293122826695d1ebb0e0b86e83711abb5c4fe71c67dce6f2e18745592833d1711f0ab2d01246b8c7 WHIRLPOOL 96192b856d32a82b9b4413137085e69ad52cbf2e0d274603a90d904e9a318a80c83f337aef26f54c685a689972432955f0f9de67949e0bb4f844611df22d3589 -DIST libselinux-2.6-rc1.tar.gz 203034 SHA256 4ef2bbb1bdb1d0c43ed14b237066364b07bd1d2ae0a16dcd475bbf7793723928 SHA512 72a8a1d244fea3902cecff69fda48c1bc8d7ce1789902126565272782105bd43205e517af8a4cac5cc5cab47c48f0cd3b287c42a408ae3889b51b19b0b38632b WHIRLPOOL b9012b74a3f073e25b63d83003194f23f7177cdd0e33443de87ff7491e0ecffa72eea07be04247cafd3045773427dbf98f592e02346c8fa32bc161be624cc2b4 +DIST libselinux-2.6-rc2.tar.gz 203126 SHA256 c0e297a046a2e07f9dbe14ef0ea8a36b44afeaf798fd51189638939eea741be7 SHA512 6e2c03a8bd41f08e5d45693862e13db7373dec639bd6962d1398644b1b1b1351d845fd93f8a952be3387af8242e17badd0a2e8e2b31d542f1d9e227d45e38d39 WHIRLPOOL 636702cdf5c7ea151fcc904712da3b419d0a50bf45d45dbe83ecb7b1dc418a8a179356f2af5a7d92179c82e1da7ec0f809b6c320dff0fa56ab588a852cc35dfe diff --git a/sys-libs/libselinux/files/libselinux-2.6-0001-libselinux-selinux_restorecon-fix-realpath-logic.patch b/sys-libs/libselinux/files/libselinux-2.6-0001-libselinux-selinux_restorecon-fix-realpath-logic.patch deleted file mode 100644 index 3a0d7fb.. --- a/sys-libs/libselinux/files/libselinux-2.6-0001-libselinux-selinux_restorecon-fix-realpath-logic.patch +++ /dev/null @@ -1,76 +0,0 @@ -From aa0c824bb2eeb8960ba02133faade72c837ea951 Mon Sep 17 00:00:00 2001 -From: Stephen Smalley -Date: Wed, 5 Oct 2016 10:45:35 -0400 -Subject: [PATCH] libselinux: selinux_restorecon: fix realpath logic - -The realpath logic in selinux_restorecon() was taken from the -Android libselinux fork. However, bionic dirname() and basename() -do not modify their argument and therefore are safe to call on a -const string. POSIX dirname() and basename() can modify their argument. -There is a GNU basename() that does not modify its argument, but not -for dirname(). -For portability, create copies of the original pathname for each call -and keep them around until finished using the result. - -Fixes "restorecon -r goes up the tree?" bug reported by Jason Zaman. - -Reported-by: Jason Zaman -Signed-off-by: Stephen Smalley - libselinux/src/selinux_restorecon.c | 26 +- - 1 file changed, 21 insertions(+), 5 deletions(-) - -diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c -index 0945138..e38d1d0 100644 libselinux/src/selinux_restorecon.c -+++ libselinux/src/selinux_restorecon.c -@@ -797,25 +797,41 @@ int selinux_restorecon(const char *pathname_orig, -* realpath of containing dir, then appending last component name. -*/ - if (flags.userealpath) { -- pathbname = basename((char *)pathname_orig); -+ char *basename_cpy = strdup(pathname_orig); -+ if (!basename_cpy) -+ goto realpatherr; -+ pathbname = basename(basename_cpy); - if (!strcmp(pathbname, "/") || !strcmp(pathbname, ".") || - !strcmp(pathbname, "..")) { - pathname = realpath(pathname_orig, NULL); -- if (!pathname) -+ if (!pathname) { -+ free(basename_cpy); - goto realpatherr; -+ } - } else { -- pathdname = dirname((char *)pathname_orig); -+ char *dirname_cpy = strdup(pathname_orig); -+ if (!dirname_cpy) { -+ free(basename_cpy); -+ goto realpatherr; -+ } -+ pathdname = dirname(dirname_cpy); - pathdnamer = realpath(pathdname, NULL); -- if (!pathdnamer) -+ free(dirname_cpy); -+