Replace SELinux deprecated functions

2024-07-08 02:59:14 +00:00 · 2024-07-08 02:59:14 +00:00 · b1d425c574
commit b1d425c574
parent 1b57a0636b
4 changed files with 165 additions and 1 deletions
--- a/backport-Fix-implicit-cast-from-const-to-non-const.patch
+++ b/backport-Fix-implicit-cast-from-const-to-non-const.patch
@ -0,0 +1,25 @@
+From c64e990a7e70f2a4a04c93603150f2f109e85c6b Mon Sep 17 00:00:00 2001
+From: Christopher Byrne <salah.coronya@gmail.com>
+Date: Dec 21 2023 07:53:58 +0000
+Subject: src/oddjobd.c: Fix implicit cast from const to non-const
+
+
+Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
+
+---
+
+diff --git a/src/oddjobd.c b/src/oddjobd.c
+index fa61f8a..3aa8a8f 100644
+--- a/src/oddjobd.c
+++ b/src/oddjobd.c
+@@ -242,8 +242,7 @@ static void check_selinux_applicable(void);
+ static dbus_bool_t
+ check_one_ac_selinux(struct oddjob_acl *acl, const char *selinux_context)
+ {
+-	char *ctx;
+-	const char *user, *role, *type, *range;
+	const char *ctx, *user, *role, *type, *range;
+ 	dbus_bool_t ret;
+ 	context_t context;
+ 
+
--- a/backport-Replace-deprecated-libxml2-calls.patch
+++ b/backport-Replace-deprecated-libxml2-calls.patch
@ -0,0 +1,35 @@
+From cad3310a7390aad3e16492e8ed922f388f8895ae Mon Sep 17 00:00:00 2001
+From: Christopher Byrne <salah.coronya@gmail.com>
+Date: Dec 21 2023 07:53:58 +0000
+Subject: src/oddjobd.c: Replace deprecated libxml2 calls
+
+
+xmlInitGlobals is now an alias for xmlInitParser and xmlCleaupGlobals is
+now a no-op.
+
+Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
+
+---
+
+diff --git a/src/oddjobd.c b/src/oddjobd.c
+index fb63c02..b27b678 100644
+--- a/src/oddjobd.c
+++ b/src/oddjobd.c
+@@ -1357,7 +1357,7 @@ load_config(struct oddjob_config *config,
+ 			filename);
+ 	}
+ 
+-	xmlInitGlobals();
+	xmlInitParser();
+ 	doc = xmlParseFile(filename);
+ 	if (doc == NULL) {
+ 		fprintf(stderr, "Error parsing configuration from \"%s\".\n",
+@@ -1380,7 +1380,6 @@ load_config(struct oddjob_config *config,
+ 	}
+ 
+ 	xmlFreeDoc(doc);
+-	xmlCleanupGlobals();
+ 
+ 	return parsed;
+ }
+
--- a/backport-build-Replace-SELinux-deprecated-functions.patch
+++ b/backport-build-Replace-SELinux-deprecated-functions.patch
@ -0,0 +1,96 @@
+From 930b92690761038f33b80566896d2abf5950a55e Mon Sep 17 00:00:00 2001
+From: Christopher Byrne <salah.coronya@gmail.com>
+Date: Dec 21 2023 07:53:58 +0000
+Subject: src, build: Replace SELinux deprecated functions
+
+
+matchpathcon_init and matchpathcon have been replaced with
+selabel_open and selabel_lookup. security_context_t is now just char*
+
+Fixes: https://pagure.io/oddjob/issue/10
+
+Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
+
+---
+
+diff --git a/src/oddjobd.c b/src/oddjobd.c
+index b27b678..fa61f8a 100644
+--- a/src/oddjobd.c
+++ b/src/oddjobd.c
+@@ -1947,7 +1947,7 @@ oddjobd_exec_method(struct oddjob_dbus_context *ctx,
+ 		/* Set up the SELinux execution context. */
+ 		if (globals.selinux_enabled) {
+ 			const char *client_secontext;
+-			security_context_t helper_context, exec_context;
+			char *helper_context, *exec_context;
+ 
+ 			client_secontext = oddjob_dbus_message_get_selinux_context(msg);
+ 			if (client_secontext == NULL) {
+diff --git a/src/selinux.c b/src/selinux.c
+index d2482cf..454eb3f 100644
+--- a/src/selinux.c
+++ b/src/selinux.c
+@@ -45,12 +45,7 @@
+ #ifdef SELINUX_LABELS
+ 
+ #include <selinux/selinux.h>
+-
+-#ifndef HAVE_MATCHPATHCON_INIT
+-static void
+-matchpathcon_init(const char *path) {
+-}
+-#endif
+#include <selinux/label.h>
+ 
+ static dbus_bool_t
+ oddjob_check_selinux_enabled(void)
+@@ -58,9 +53,6 @@ oddjob_check_selinux_enabled(void)
+ 	static int selinux_enabled = -1;
+ 	if (selinux_enabled == -1) {
+ 		selinux_enabled = is_selinux_enabled();
+-		if (selinux_enabled == 1) {
+-			matchpathcon_init(NULL);
+-		}
+ 	}
+ 	return (selinux_enabled == 1);
+ }
+@@ -68,24 +60,28 @@ oddjob_check_selinux_enabled(void)
+ void
+ oddjob_set_selinux_file_creation_context(const char *path, mode_t mode)
+ {
+-	security_context_t context;
+	struct selabel_handle *handle;
+	char *context;
+ 
+ 	if (!oddjob_check_selinux_enabled()) {
+ 		return;
+ 	}
+ 
+-	context = NULL;
+-	if (matchpathcon(path, mode, &context) == 0) {
+-		if (context != NULL) {
+-			if (strcmp(context, "<<none>>") == 0) {
+-				oddjob_unset_selinux_file_creation_context();
+	handle = selabel_open(SELABEL_CTX_FILE,NULL,0);
+	if (handle) {
+		if (selabel_lookup(handle,&context,path,mode) == 0) {
+			if (context != NULL) {
+				if (strcmp(context, "<<none>>") == 0) {
+					oddjob_unset_selinux_file_creation_context();
+				} else {
+					setfscreatecon(context);
+				}
+				freecon(context);
+ 			} else {
+-				setfscreatecon(context);
+-			}
+-			freecon(context);
+-		} else {
+ 			oddjob_unset_selinux_file_creation_context();
+			}
+ 		}
+		selabel_close(handle);
+ 	}
+ }
+ 
+
--- a/oddjob.spec
+++ b/oddjob.spec
@ -1,12 +1,15 @@
 Name:    oddjob
 Version: 0.34.7
-Release: 3
+Release: 4
 URL:     https://pagure.io/oddjob
 Source0: https://releases.pagure.org/oddjob/oddjob-%{version}.tar.gz
 Summary: A D-Bus service which runs odd jobs on behalf of client applications
 License: BSD

 Patch0:       0000-add-expected_stdout-for-test-018.patch
+Patch1:	      backport-build-Replace-SELinux-deprecated-functions.patch
+Patch2:	      backport-Replace-deprecated-libxml2-calls.patch
+Patch3:	      backport-Fix-implicit-cast-from-const-to-non-const.patch

 BuildRequires:   gcc dbus-devel >= 0.22, dbus-x11, libselinux-devel, libxml2-devel docbook-dtds, xmlto
 BuildRequires:   pam-devel, python3-devel, pkgconfig cyrus-sasl-devel, krb5-devel, openldap-devel
@ -105,6 +108,11 @@ exit 0
 %{_mandir}/*/*

 %changelog
+* Wed Jul 31 2024 yanglongkang <yanglongkang@h-partners.com> - 0.34.7-4
+- Replace SELinux deprecated functions
+- Replace deprecated libxml2 calls
+- Fix implicit cast from const to non const
+
 * Fri Nov 25 2022 yanglongkang <yanglongkang@h-partners.com> - 0.34.7-3
 - rename the patch