Re: [PATCH 2/2] libselinux: set DISABLE_RPM default to y.

On 09/28/2016 12:00 PM, william.c.robe...@intel.com wrote: > From: William Roberts > > Change the default build behavior to always use DISABLE_RPM. > To get the old behavior call make with DISABLE_RPM=n. > > eg.) > make DISABLE_RPM=n Thanks, applied both. We'll

Re: [PATCH] libselinux: android: fix lax service context lookup

On 09/28/2016 12:25 PM, William Roberts wrote: > On Wed, Sep 28, 2016 at 12:17 PM, Stephen Smalley wrote: >> On 09/28/2016 12:04 PM, Janis Danisevskis wrote: >>> We use the same lookup function for service contexts >>> that we use for property contexts. However, property >>>

Re: [PATCH] libselinux: android: fix lax service context lookup

On Wed, Sep 28, 2016 at 5:17 PM, Stephen Smalley wrote: > On 09/28/2016 12:04 PM, Janis Danisevskis wrote: > > We use the same lookup function for service contexts > > that we use for property contexts. However, property > > contexts are namespace based and only compare the >

Re: [PATCH] libselinux: android: fix lax service context lookup

On Wed, Sep 28, 2016 at 12:42 PM, Stephen Smalley wrote: > On 09/28/2016 12:25 PM, William Roberts wrote: >> On Wed, Sep 28, 2016 at 12:17 PM, Stephen Smalley wrote: >>> On 09/28/2016 12:04 PM, Janis Danisevskis wrote: We use the same lookup function

[PATCH v3] libselinux: add ANDROID_HOST=y build option

From: William Roberts To build the selinux host configuration, specify ANDROID_HOST=y on the Make command line. eg) make ANDROID_HOST=y --- libselinux/Makefile | 6 +- libselinux/src/Makefile | 8 libselinux/utils/Makefile | 4 3 files

Re: [PATCH] libselinux: android: fix lax service context lookup

On 09/28/2016 12:43 PM, William Roberts wrote: > On Wed, Sep 28, 2016 at 12:42 PM, Stephen Smalley wrote: >> On 09/28/2016 12:25 PM, William Roberts wrote: >>> On Wed, Sep 28, 2016 at 12:17 PM, Stephen Smalley >>> wrote: On 09/28/2016 12:04 PM, Janis

Re: [PATCH 3/3] libselinux: drop DISABLE_BOOL=y option

On 09/28/2016 11:26 AM, william.c.robe...@intel.com wrote: > From: William Roberts > > Build option DISABLE_BOOL=y is not being used, and is broken, drop it. > > Signed-off-by: William Roberts Thanks, applied all three. At some point

[PATCH] libselinux: fix unused variable error

From: William Roberts When building for Android, this error manifests itself: label_file.c:570:7: error: unused variable ‘subs_file’ [-Werror=unused-variable] char subs_file[PATH_MAX + 1]; Fix it by moving the variable into the ifdef'd usage block.

[PATCH 1/2] libselinux: rename EMFLAGS to DISABLE_FLAGS

From: William Roberts Change EMFLAGS variable, used for setting additional CFLAGS to DISABLE_FLAGS, to indicate its usage better. Signed-off-by: William Roberts --- libselinux/Makefile | 6 +++--- libselinux/src/Makefile | 6

[PATCH 2/2] libselinux: set DISABLE_RPM default to y.

From: William Roberts Change the default build behavior to always use DISABLE_RPM. To get the old behavior call make with DISABLE_RPM=n. eg.) make DISABLE_RPM=n Signed-off-by: William Roberts --- libselinux/Makefile | 2 +- 1 file

Re: [PATCH] libselinux: fix unused variable error

On Wed, Sep 28, 2016 at 11:53 AM, wrote: > From: William Roberts > > When building for Android, this error manifests itself: > > label_file.c:570:7: error: unused variable ‘subs_file’ > [-Werror=unused-variable] > char

Re: [PATCH] libselinux: fix unused variable error

On 09/28/2016 11:53 AM, william.c.robe...@intel.com wrote: > From: William Roberts > > When building for Android, this error manifests itself: > > label_file.c:570:7: error: unused variable ‘subs_file’ > [-Werror=unused-variable] > char subs_file[PATH_MAX + 1]; >

Re: [RFC] Build ANDROID_HOST=y on mac

William Roberts wrote: On Sep 28, 2016 16:54, "Joshua Brindle" wrote: Joshua Brindle wrote: William Roberts wrote: From commit 35d702 on https://github.com/williamcroberts/selinux/tree/fix-mac I have a branch that is building on my elcapitan mac, requesting any

Re: [RFC] Build ANDROID_HOST=y on mac

On Sep 28, 2016 17:07, "Joshua Brindle" wrote: > > William Roberts wrote: >> >> On Sep 28, 2016 16:54, "Joshua Brindle" wrote: >>> >>> Joshua Brindle wrote: William Roberts wrote: > > From commit 35d702 on >

Re: [RFC] Build ANDROID_HOST=y on mac

Joshua Brindle wrote: William Roberts wrote: From commit 35d702 on https://github.com/williamcroberts/selinux/tree/fix-mac I have a branch that is building on my elcapitan mac, requesting any comments anyone wishes to make, before I send them out. If you wish to test, this is the procedure

[RFC] Build ANDROID_HOST=y on mac

>From commit 35d702 on https://github.com/williamcroberts/selinux/tree/fix-mac I have a branch that is building on my elcapitan mac, requesting any comments anyone wishes to make, before I send them out. If you wish to test, this is the procedure 1. Build libsepol (assumes at root of tree)

Re: [RFC] Build ANDROID_HOST=y on mac

William Roberts wrote: From commit 35d702 on https://github.com/williamcroberts/selinux/tree/fix-mac I have a branch that is building on my elcapitan mac, requesting any comments anyone wishes to make, before I send them out. If you wish to test, this is the procedure 1. Build libsepol

[PATCH] libselinux: android: fix lax service context lookup

We use the same lookup function for service contexts that we use for property contexts. However, property contexts are namespace based and only compare the prefix. This may lead to service associations with a wrong label. This patch introduces a stricter lookup function for services contexts. Now

Re: [PATCH] libselinux: android: fix lax service context lookup

On 09/28/2016 12:35 PM, Janis Danisevskis wrote: > > > On Wed, Sep 28, 2016 at 5:17 PM, Stephen Smalley > wrote: > > On 09/28/2016 12:04 PM, Janis Danisevskis wrote: > > We use the same lookup function for service contexts > > that we

[PATCH 2/3] libselinux: drop DISABLE_AVC=y

From: William Roberts Remove build config DISABLE_AVC, it is unused and broken. Signed-off-by: William Roberts --- libselinux/Makefile | 6 +- libselinux/src/Makefile | 3 --- libselinux/src/mapping.h | 7 ---

Re: [PATCH 1/3] libselinux: Add architecture string to file_context.bin

The only change with respect to the first set of patches is the new default "reg_arch_matches = 0". On Wed, Sep 28, 2016 at 11:28 AM, Janis Danisevskis wrote: > Serialized precompiled regular expressins are architecture > dependent when using PCRE2. This patch > - bumps the

[PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

The "-r" flag of sefcontext_compile now causes it to omit the precompiled regular expressions from the output. Signed-off-by: Janis Danisevskis --- libselinux/utils/sefcontext_compile.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git