diff --git a/backport-libsemanage-optimize-policy-by-default.patch b/backport-libsemanage-optimize-policy-by-default.patch new file mode 100644 index 0000000000000000000000000000000000000000..e81ade051fea6e5ea16b57fd09880264c1c77ae4 --- /dev/null +++ b/backport-libsemanage-optimize-policy-by-default.patch @@ -0,0 +1,41 @@ +From 22e2743d22ed6159feee1831046872641cd5ad0c Mon Sep 17 00:00:00 2001 +From: changhan +Date: Fri, 18 Apr 2025 17:18:02 +0800 +Subject: [PATCH] libsemanage-optimize-policy-by-default + +Reference:https://github.com/SELinuxProject/selinux/commit/66da657a094a725d5f9d8e2441410afaa44bb7f3 + +--- + man/man5/semanage.conf.5 | 2 +- + src/conf-parse.y | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/man/man5/semanage.conf.5 b/man/man5/semanage.conf.5 +index 380b58b..b043fe5 100644 +--- a/man/man5/semanage.conf.5 ++++ b/man/man5/semanage.conf.5 +@@ -124,7 +124,7 @@ In order to compile the original HLL file into CIL, the same HLL file will need + .TP + .B optimize-policy + When set to "true", the kernel policy will be optimized upon rebuilds. +-It can be set to either "true" or "false" and by default it is set to "false". ++It can be set to either "true" or "false" and by default it is set to "true". + + .SH "SEE ALSO" + .TP +diff --git a/src/conf-parse.y b/src/conf-parse.y +index 343fbf8..12f94b7 100644 +--- a/src/conf-parse.y ++++ b/src/conf-parse.y +@@ -364,7 +364,7 @@ static int semanage_conf_init(semanage_conf_t * conf) + conf->bzip_small = 0; + conf->ignore_module_cache = 0; + conf->remove_hll = 0; +- conf->optimize_policy = 0; ++ conf->optimize_policy = 1; + + conf->save_previous = 0; + conf->save_linked = 0; +-- +2.33.0 + diff --git a/libsemanage.spec b/libsemanage.spec index 660f173f6c42c4fddc1ddfa24093580971778a19..a5ecd245d31ea5d0d584b85a35ee8cec5dcc2383 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Name: libsemanage Version: 3.5 -Release: 5 +Release: 6 License: LGPLv2+ Summary: SELinux binary policy manipulation library URL: https://github.com/SELinuxProject/selinux/wiki @@ -24,6 +24,7 @@ Patch6010: backport-libsemanage-handle-cil_set_handle_unknown-failure.patch Patch6011: backport-libsemanage-handle-shell-allocation-failure.patch Patch6012: backport-libsemanage-drop-duplicate-newlines-and-error-descriptions-in-error-messages.patch Patch6013: backport-libsemanage-simplify-file-deletion.patch +Patch6014: backport-libsemanage-optimize-policy-by-default.patch Patch9000: fix-test-failure-with-secilc.patch @@ -119,6 +120,9 @@ make test %changelog +* Sun Apr 20 2025 changhan - 3.5-6 +- backport libsemanage: optimize policy by default + * Sat Apr 19 2025 changhan - 3.5-5 - backport libsemanage: simplify file deletion