teknoraver / rpms / rpm

Forked from rpms/rpm 5 months ago
Clone

Blame rpm-4.4.2.2-matchpathcon.patch

Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/python/Makefile.am.matchpathcon rpm-4.4.2.2-rc2/python/Makefile.am
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/python/Makefile.am.matchpathcon	2007-09-11 09:28:15.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/python/Makefile.am	2007-09-27 11:05:29.000000000 +0300
Panu Matilainen 65c42a
@@ -34,7 +34,8 @@ mylibs= \
Panu Matilainen 65c42a
 	$(top_builddir)/rpmdb/librpmdb.la \
Panu Matilainen 65c42a
 	$(top_builddir)/rpmio/librpmio.la \
Panu Matilainen 65c42a
 	@WITH_POPT_LIB@ \
Panu Matilainen 65c42a
-	@WITH_LIBELF_LIB@
Panu Matilainen 65c42a
+	@WITH_LIBELF_LIB@ \
Panu Matilainen 65c42a
+	@WITH_SELINUX_LIB@
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 LDADD =
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/python/rpmts-py.c.matchpathcon rpm-4.4.2.2-rc2/python/rpmts-py.c
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/python/rpmts-py.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/python/rpmts-py.c	2007-09-27 11:25:29.000000000 +0300
Panu Matilainen 65c42a
@@ -1187,17 +1187,13 @@ rpmts_Run(rpmtsObject * s, PyObject * ar
Panu Matilainen 65c42a
     }
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     /* Initialize security context patterns (if not already done). */
Panu Matilainen 65c42a
-    if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Panu Matilainen 65c42a
-	rpmsx sx = rpmtsREContext(s->ts);
Panu Matilainen 65c42a
-	if (sx == NULL) {
Panu Matilainen 65c42a
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Panu Matilainen 65c42a
-	    if (fn != NULL && *fn != '\0') {
Panu Matilainen 65c42a
-		sx = rpmsxNew(fn);
Panu Matilainen 65c42a
-		(void) rpmtsSetREContext(s->ts, sx);
Panu Matilainen 65c42a
-	    }
Panu Matilainen 65c42a
-	    fn = _free(fn);
Panu Matilainen 65c42a
+    if (rpmtsSELinuxEnabled(s->ts) &&
Panu Matilainen 65c42a
+	!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Panu Matilainen 65c42a
+	const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Panu Matilainen 65c42a
+	if (fn != NULL && *fn != '\0') {
Panu Matilainen 65c42a
+                matchpathcon_init(fn);
Panu Matilainen 65c42a
 	}
Panu Matilainen 65c42a
-	sx = rpmsxFree(sx);
Panu Matilainen 65c42a
+	fn = _free(fn);
Panu Matilainen 65c42a
     } 
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 if (_rpmts_debug)
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/build/Makefile.am.matchpathcon rpm-4.4.2.2-rc2/build/Makefile.am
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/build/Makefile.am.matchpathcon	2007-09-11 09:28:12.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/build/Makefile.am	2007-09-27 11:05:29.000000000 +0300
Panu Matilainen 65c42a
@@ -35,6 +35,7 @@ librpmbuild_la_LDFLAGS = -release 4.4 $(
Panu Matilainen 65c42a
 	$(top_builddir)/lib/librpm.la \
Panu Matilainen 65c42a
 	$(top_builddir)/rpmdb/librpmdb.la \
Panu Matilainen 65c42a
 	$(top_builddir)/rpmio/librpmio.la \
Panu Matilainen 65c42a
+	@WITH_SELINUX_LIB@ \
Panu Matilainen 65c42a
 	@WITH_LIBELF_LIB@
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 rpmfile.h:
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/build/files.c.matchpathcon rpm-4.4.2.2-rc2/build/files.c
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/build/files.c.matchpathcon	2007-09-11 09:28:12.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/build/files.c	2007-09-27 11:05:29.000000000 +0300
Panu Matilainen 65c42a
@@ -23,7 +23,7 @@
Panu Matilainen 65c42a
 #define	_RPMFI_INTERNAL
Panu Matilainen 65c42a
 #include "rpmfi.h"
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
-#include "rpmsx.h"
Panu Matilainen 65c42a
+#include <selinux/selinux.h>
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 #define	_RPMTE_INTERNAL
Panu Matilainen 65c42a
 #include "rpmte.h"
Panu Matilainen 65c42a
@@ -1136,7 +1136,7 @@ static void genCpioListAndHeader(/*@part
Panu Matilainen 65c42a
     int apathlen = 0;
Panu Matilainen 65c42a
     int dpathlen = 0;
Panu Matilainen 65c42a
     int skipLen = 0;
Panu Matilainen 65c42a
-    rpmsx sx = NULL;
Panu Matilainen 65c42a
+    security_context_t scon = NULL;
Panu Matilainen 65c42a
     const char * sxfn;
Panu Matilainen 65c42a
     size_t fnlen;
Panu Matilainen 65c42a
     FileListRec flp;
Panu Matilainen 65c42a
@@ -1156,7 +1156,7 @@ static void genCpioListAndHeader(/*@part
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
Panu Matilainen 65c42a
     if (sxfn != NULL && *sxfn != '\0')
Panu Matilainen 65c42a
-   	sx = rpmsxNew(sxfn);
Panu Matilainen 65c42a
+   	matchpathcon_init(sxfn);
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
Panu Matilainen 65c42a
 	const char *s;
Panu Matilainen 65c42a
@@ -1338,18 +1338,19 @@ static void genCpioListAndHeader(/*@part
Panu Matilainen 65c42a
 			       &(flp->flags), 1);
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 	/* Add file security context to package. */
Panu Matilainen 65c42a
-/*@-branchstate@*/
Panu Matilainen 65c42a
-	if (sx != NULL) {
Panu Matilainen 65c42a
-	    mode_t fmode = (uint_16)flp->fl_mode;
Panu Matilainen 65c42a
-	    s = rpmsxFContext(sx, flp->fileURL, fmode);
Panu Matilainen 65c42a
-	    if (s == NULL) s = "";
Panu Matilainen 65c42a
-	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
Panu Matilainen 65c42a
-			       &s, 1);
Panu Matilainen 65c42a
-	}
Panu Matilainen 65c42a
-/*@=branchstate@*/
Panu Matilainen 65c42a
+	mode_t fmode = (uint_16)flp->fl_mode;
Panu Matilainen 65c42a
+	int rc = matchpathcon(flp->fileURL, fmode, &scon);
Panu Matilainen 65c42a
+        if ( rc == 0 && scon != NULL) {
Panu Matilainen 65c42a
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &scon, 1);
Panu Matilainen 65c42a
+	    freecon(scon);
Panu Matilainen 65c42a
+        }
Panu Matilainen 65c42a
+        else  {
Panu Matilainen 65c42a
+            const char *nocon = "";
Panu Matilainen 65c42a
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &nocon, 1);
Panu Matilainen 65c42a
+        }
Panu Matilainen 65c42a
+
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     }
Panu Matilainen 65c42a
-    sx = rpmsxFree(sx);
Panu Matilainen 65c42a
     sxfn = _free(sxfn);
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     (void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/lib/fsm.c.matchpathcon rpm-4.4.2.2-rc2/lib/fsm.c
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/lib/fsm.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/lib/fsm.c	2007-09-27 11:28:30.000000000 +0300
Panu Matilainen 65c42a
@@ -634,12 +634,11 @@ static int fsmMapFContext(FSM_t fsm)
Panu Matilainen 65c42a
     if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
Panu Matilainen 65c42a
 	!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
Panu Matilainen 65c42a
     {
Panu Matilainen 65c42a
-	rpmsx sx = rpmtsREContext(ts);
Panu Matilainen 65c42a
+	security_context_t scon = NULL;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
-	if (sx != NULL) {
Panu Matilainen 65c42a
+	if ( matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL) {
Panu Matilainen 65c42a
 	    /* Get file security context from patterns. */
Panu Matilainen 65c42a
-	    fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
Panu Matilainen 65c42a
-	    sx = rpmsxFree(sx);
Panu Matilainen 65c42a
+	    fsm->fcontext = scon;
Panu Matilainen 65c42a
 	} else {
Panu Matilainen 65c42a
 	    int i = fsm->ix;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
@@ -1277,7 +1276,7 @@ static int fsmMkdirs(/*@special@*/ /*@pa
Panu Matilainen 65c42a
 /*@-compdef@*/
Panu Matilainen 65c42a
     rpmts ts = fsmGetTs(fsm);
Panu Matilainen 65c42a
 /*@=compdef@*/
Panu Matilainen 65c42a
-    rpmsx sx = rpmtsREContext(ts);
Panu Matilainen 65c42a
+    security_context_t scon = NULL;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     fsm->path = NULL;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
@@ -1341,10 +1340,15 @@ static int fsmMkdirs(/*@special@*/ /*@pa
Panu Matilainen 65c42a
 		if (!rc) {
Panu Matilainen 65c42a
 		    /* XXX FIXME? only new dir will have context set. */
Panu Matilainen 65c42a
 		    /* Get file security context from patterns. */
Panu Matilainen 65c42a
-		    if (sx != NULL) {
Panu Matilainen 65c42a
-			fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
Panu Matilainen 65c42a
-			rc = fsmNext(fsm, FSM_LSETFCON);
Panu Matilainen 65c42a
+		    if (rpmtsSELinuxEnabled(ts) &&
Panu Matilainen 65c42a
+			! rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS) {
Panu Matilainen 65c42a
+			if (matchpathcon(fsm->path, st->st_mode, &scon) == 0 &&
Panu Matilainen 65c42a
+			    scon != NULL) {
Panu Matilainen 65c42a
+				fsm->fcontext = scon;
Panu Matilainen 65c42a
+				rc = fsmNext(fsm, FSM_LSETFCON);
Panu Matilainen 65c42a
+			}
Panu Matilainen 65c42a
 		    }
Panu Matilainen 65c42a
+			
Panu Matilainen 65c42a
 		    if (fsm->fcontext == NULL)
Panu Matilainen 65c42a
 			rpmMessage(RPMMESS_DEBUG,
Panu Matilainen 65c42a
 			    _("%s directory created with perms %04o, no context.\n"),
Panu Matilainen 65c42a
@@ -1377,7 +1381,6 @@ static int fsmMkdirs(/*@special@*/ /*@pa
Panu Matilainen 65c42a
     }
Panu Matilainen 65c42a
 /*@=boundswrite@*/
Panu Matilainen 65c42a
     dnli = dnlFreeIterator(dnli);
Panu Matilainen 65c42a
-    sx = rpmsxFree(sx);
Panu Matilainen 65c42a
     /*@=observertrans =dependenttrans@*/
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     fsm->path = path;
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/lib/rpmfi.c.matchpathcon rpm-4.4.2.2-rc2/lib/rpmfi.c
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/lib/rpmfi.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/lib/rpmfi.c	2007-09-27 11:05:29.000000000 +0300
Panu Matilainen 65c42a
@@ -16,7 +16,7 @@
Panu Matilainen 65c42a
 #define	_RPMFI_INTERNAL
Panu Matilainen 65c42a
 #include "rpmfi.h"
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
-#include "rpmsx.h"
Panu Matilainen 65c42a
+#include <selinux/selinux.h>
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 #define	_RPMTE_INTERNAL	/* relocations */
Panu Matilainen 65c42a
 #include "rpmte.h"
Panu Matilainen 65c42a
@@ -1697,8 +1697,8 @@ void rpmfiBuildREContexts(Header h,
Panu Matilainen 65c42a
 {
Panu Matilainen 65c42a
     int scareMem = 0;
Panu Matilainen 65c42a
     rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
Panu Matilainen 65c42a
-    rpmsx sx = NULL;
Panu Matilainen 65c42a
     const char ** av = NULL;
Panu Matilainen 65c42a
+    const char * myfn = rpmGetPath("%{?__file_context_path}", NULL);
Panu Matilainen 65c42a
     int ac;
Panu Matilainen 65c42a
     size_t nb;
Panu Matilainen 65c42a
     char * t;
Panu Matilainen 65c42a
@@ -1712,7 +1712,7 @@ void rpmfiBuildREContexts(Header h,
Panu Matilainen 65c42a
     }
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     /* Read security context patterns. */
Panu Matilainen 65c42a
-    sx = rpmsxNew(NULL);
Panu Matilainen 65c42a
+    matchpathcon_init(myfn);
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     /* Compute size of argv array blob, concatenating file contexts. */
Panu Matilainen 65c42a
     nb = ac * sizeof(*fcnb);
Panu Matilainen 65c42a
@@ -1723,10 +1723,9 @@ void rpmfiBuildREContexts(Header h,
Panu Matilainen 65c42a
     while (rpmfiNext(fi) >= 0) {
Panu Matilainen 65c42a
 	const char * fn = rpmfiFN(fi);
Panu Matilainen 65c42a
 	mode_t fmode = rpmfiFMode(fi);
Panu Matilainen 65c42a
-	const char * scon;
Panu Matilainen 65c42a
+	security_context_t scon;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
-	scon = rpmsxFContext(sx, fn, fmode);
Panu Matilainen 65c42a
-	if (scon != NULL) {
Panu Matilainen 65c42a
+	if (matchpathcon(fn, fmode, &scon) == 0) {
Panu Matilainen 65c42a
 	    fcnb[ac] = strlen(scon) + 1;
Panu Matilainen 65c42a
 /*@-branchstate@*/
Panu Matilainen 65c42a
 	    if (fcnb[ac] > 0) {
Panu Matilainen 65c42a
@@ -1734,6 +1733,7 @@ void rpmfiBuildREContexts(Header h,
Panu Matilainen 65c42a
 		memcpy(fctxt+fctxtlen, scon, fcnb[ac]);
Panu Matilainen 65c42a
 		fctxtlen += fcnb[ac];
Panu Matilainen 65c42a
 	    }
Panu Matilainen 65c42a
+            freecon(scon); 
Panu Matilainen 65c42a
 /*@=branchstate@*/
Panu Matilainen 65c42a
 	}
Panu Matilainen 65c42a
 	ac++;
Panu Matilainen 65c42a
@@ -1759,7 +1759,6 @@ void rpmfiBuildREContexts(Header h,
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
 exit:
Panu Matilainen 65c42a
     fi = rpmfiFree(fi);
Panu Matilainen 65c42a
-    sx = rpmsxFree(sx);
Panu Matilainen 65c42a
     /*@-branchstate@*/
Panu Matilainen 65c42a
     if (fcontextp)
Panu Matilainen 65c42a
 	*fcontextp = av;
Panu Matilainen 65c42a
diff -up rpm-4.4.2.2-rc2/lib/rpminstall.c.matchpathcon rpm-4.4.2.2-rc2/lib/rpminstall.c
Panu Matilainen 65c42a
--- rpm-4.4.2.2-rc2/lib/rpminstall.c.matchpathcon	2007-09-11 09:28:15.000000000 +0300
Panu Matilainen 65c42a
+++ rpm-4.4.2.2-rc2/lib/rpminstall.c	2007-09-27 11:27:46.000000000 +0300
Panu Matilainen 65c42a
@@ -309,17 +309,12 @@ int rpmInstall(rpmts ts,
Panu Matilainen 65c42a
 	ia->transFlags |= RPMTRANS_FLAG_REPACKAGE;
Panu Matilainen 65c42a
 
Panu Matilainen 65c42a
     /* Initialize security context patterns (if not already done). */
Panu Matilainen 65c42a
-    if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Panu Matilainen 65c42a
-	rpmsx sx = rpmtsREContext(ts);
Panu Matilainen 65c42a
-	if (sx == NULL) {
Panu Matilainen 65c42a
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Panu Matilainen 65c42a
-	    if (fn != NULL && *fn != '\0') {
Panu Matilainen 65c42a
-		sx = rpmsxNew(fn);
Panu Matilainen 65c42a
-		(void) rpmtsSetREContext(ts, sx);
Panu Matilainen 65c42a
-	    }
Panu Matilainen 65c42a
-	    fn = _free(fn);
Panu Matilainen 65c42a
-	}
Panu Matilainen 65c42a
-	sx = rpmsxFree(sx);
Panu Matilainen 65c42a
+    if (rpmtsSELinuxEnabled(ts) &&
Panu Matilainen 65c42a
+	!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Panu Matilainen 65c42a
+            const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Panu Matilainen 65c42a
+            if (fn != NULL && *fn != '\0') {
Panu Matilainen 65c42a
+                    matchpathcon_init(fn);
Panu Matilainen 65c42a
+            }
Panu Matilainen 65c42a
     }
Panu Matilainen 65c42a
     (void) rpmtsSetFlags(ts, ia->transFlags);
Panu Matilainen 65c42a