4 changed files with 72 additions and 47 deletions
--- a/Do-not-use-deprecated-flask.h-and-av_permissions.patch
+++ b/Do-not-use-deprecated-flask.h-and-av_permissions.patch
@ -0,0 +1,58 @@
 From 1efff28faef83a620fd7f6eaac3fe64ee6691a33 Mon Sep 17 00:00:00 2001
 From: Jiri Kucera <jkucera@redhat.com>
 Date: Apr 10 2020 09:18:42 +0000
 Subject: Merge #7 `Do not use deprecated flask.h and av_permissions.h`
 ---
 diff --git a/userhelper.c b/userhelper.c
 index 4177c89..f2afde7 100644
 --- a/userhelper.c
 +++ b/userhelper.c
@@ -48,8 +48,6 @@
 #ifdef WITH_SELINUX
 #include <selinux/selinux.h>
 -#include <selinux/flask.h>
 -#include <selinux/av_permissions.h>
 #endif
 #include "shvar.h"
@@ -111,7 +109,7 @@ static int checkAccess(unsigned int selaccess) {
     struct av_decision avd;
     int retval = security_compute_av(user_context,
 				     user_context,
 -				     SECCLASS_PASSWD,
 +				     string_to_security_class("passwd"),
 				     selaccess,
 				     &avd);
@@ -2267,7 +2265,8 @@ main(int argc, char **argv)
 	const char *new_home_phone;
 	const char *new_shell;
 #ifdef WITH_SELINUX
 -	unsigned perm;
 +	security_class_t class;
 +	access_vector_t perm;
 #endif
 	/* State variable we pass around. */
@@ -2426,12 +2425,13 @@ main(int argc, char **argv)
 			user_name = g_strdup(argv[optind]);
 #ifdef WITH_SELINUX
 +			class = string_to_security_class("passwd");
 			if (c_flag) 
 -			  perm = PASSWD__PASSWD;
 +			  perm = string_to_av_perm(class, "passwd");
 			else if (s_flag)
 -			  perm = PASSWD__CHSH;
 +			  perm = string_to_av_perm(class, "chsh");
 			else
 -			  perm = PASSWD__CHFN;
 +			  perm = string_to_av_perm(class, "chfn");
 			if (is_selinux_enabled() > 0 &&
 			    checkAccess(perm)!= 0) {
--- a/usermode-1.113.tar.xz
+++ b/usermode-1.113.tar.xz
--- a/usermode-1.114.tar.xz
+++ b/usermode-1.114.tar.xz
--- a/usermode.spec
+++ b/usermode.spec
@ -1,18 +1,22 @@
 Name:          usermode
-Version:       1.114
+Version:       1.113
-Release:       3
+Release:       2
 Summary:       Tools for certain user account management tasks
 License:       GPLv2+
 URL:           https://pagure.io/usermode/
 Source:        https://releases.pagure.org/usermode/usermode-%{version}.tar.xz
 Source1:       config-util
-Requires:      pam passwd util-linux util-linux-user
+Patch0:        Do-not-use-deprecated-flask.h-and-av_permissions.patch
-BuildRequires: gcc
+
 Requires:      pam passwd util-linux
 BuildRequires: desktop-file-utils gettext intltool perl-XML-Parser util-linux
 BuildRequires: glib2-devel gtk2-devel libblkid-devel libSM-devel libselinux-devel libuser-devel
 BuildRequires: pam-devel startup-notification-devel
 Provides:      %{name}-gtk = %{version}-%{release}
 Obsoletes:     %{name}-gtk < %{version}-%{release}
 %description
 usermode contains the userhelper program, which can be used to allow configured
 programs to be run with superuser privileges by ordinary users, and several
@ -21,19 +25,6 @@ graphical tools for users:
 * usermount lets users mount, unmount, and format filesystems.
 * userpasswd allows users to change their passwords.
 %package gtk
 Summary: Graphical tools for certain user account management tasks
 Requires: %{name} = %{version}-%{release}
 %description gtk
 The usermode-gtk package contains several graphical tools for users:
 userinfo, usermount and userpasswd.  Userinfo allows users to change
 their finger information.  Usermount lets users mount, unmount, and
 format file systems.  Userpasswd allows users to change their
 passwords.
 Install the usermode-gtk package if you would like to provide users with
 graphical tools for certain account management tasks.
 %package help
 Summary: Man pages for usermode
@ -46,11 +37,11 @@ Package help includes man pages for usermode.
 %build
 %configure --with-selinux
-%make_build VENDOR=%{_vendor}
+%make_build VENDOR=openeuler
 %install
-%make_install VENDOR=%{_vendor}
+%make_install VENDOR=openeuler
 # make userformat symlink to usermount
 %{__ln_s} usermount %{buildroot}%{_bindir}/userformat
@ -58,9 +49,9 @@ Package help includes man pages for usermode.
 install -D -p -m 644 %{SOURCE1} %{buildroot}/etc/security/console.apps/config-util
-for i in %{_vendor}-userinfo.desktop %{_vendor}-userpasswd.desktop %{_vendor}-usermount.desktop; do
+for i in openeuler-userinfo.desktop openeuler-userpasswd.desktop openeuler-usermount.desktop; do
        echo 'NotShowIn=GNOME;KDE;' >>%{buildroot}%{_datadir}/applications/$i
-        desktop-file-install --vendor %{_vendor} --delete-original \
+        desktop-file-install --vendor openeuler --delete-original \
        --dir %{buildroot}%{_datadir}/applications \
        %{buildroot}%{_datadir}/applications/$i
 done
@ -70,41 +61,17 @@ done
 %files -f %{name}.lang
 %doc COPYING ChangeLog NEWS README
 %attr(4711,root,root) /usr/sbin/userhelper
-%{_bindir}/consolehelper
+%{_bindir}/*
 %{_datadir}/usermode
 %config(noreplace) /etc/security/console.apps/config-util
 %files gtk
 %{_bindir}/usermount
 %{_bindir}/userformat
 %{_bindir}/userinfo
 %{_bindir}/userpasswd
 %{_bindir}/consolehelper-gtk
 %{_bindir}/pam-panel-icon
 %{_datadir}/%{name}
 %{_datadir}/pixmaps/*
 %{_datadir}/applications/*
 %config(noreplace) /etc/security/console.apps/config-util
 %files help
 %{_mandir}/man1/*
 %{_mandir}/man8/*
 %changelog
 * Tue Mar 26 2024 wangqingsan <wangqingsan@huawei.com> - 1.114-3
 - modify openeuler to _vendor
 * Wed Jul 27 2022 yuanxing <yuanxing@kylinsec.com.cn> - 1.114-2
 - add util-linux-user require to solve the problem that useinfo cannot be used normally
 * Tue Feb 8 2022 yangzhuangzhuang <yangzhuangzhuang1@h-partners.com> - 1.114-1
 - update to 1.114
 * Thu Sep 16 2021 wangjie <wangjie375@huawei.com> - 1.113-4
 - segregated usermode-gtk
 * Thu May 27 2021 panxiaohe <panxiaohe@huawei.com> - 1.113-3
 - Add gcc to BuildRequires
 * Thu Jul 30 2020 shenyangyang <shenyangyang4@huawei.com> - 1.113-2
 - Do not use deprecated flask.h and av_permissions