From 33e7f16899cf4702af2b603a6cfb747bdfd954ec Mon Sep 17 00:00:00 2001 From: wanghuizhao Date: Sun, 24 Dec 2023 23:52:32 +0800 Subject: [PATCH] submit self-developed patch Signed-off-by: wanghuizhao (cherry picked from commit 3fddd93973eb7c8827d81810f03ffe13585d517a) --- policycoreutils.spec | 6 +- restorecond-remove-dependency-of-glib2.patch | 136 +++++++++++++++++++ 2 files changed, 141 insertions(+), 1 deletion(-) create mode 100644 restorecond-remove-dependency-of-glib2.patch diff --git a/policycoreutils.spec b/policycoreutils.spec index 12e8dc0..082701e 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -3,7 +3,7 @@ Name: policycoreutils Version: 3.3 -Release: 8 +Release: 9 Summary: Policy core utilities of selinux License: GPLv2 URL: https://github.com/SELinuxProject @@ -33,6 +33,7 @@ Patch6012: backport-restorecond-add-check-for-strdup-in-strings_list_add.patc Patch6013: backport-python-Use-isinstance-instead-of-type.patch Patch6014: backport-restorecond-compatible-with-the-use-of-EUID.patch Patch6015: backport-sepolicy-manpage.py-make-output-deterministic.patch +Patch6016: restorecond-remove-dependency-of-glib2.patch BuildRequires: gcc BuildRequires: pam-devel libsepol-static >= 3.3 libsemanage-static >= 3.3 libselinux-devel >= 3.3 libcap-devel audit-libs-devel gettext @@ -273,6 +274,9 @@ find %{buildroot}%{python3_sitelib} %{buildroot}%{python3_sitearch} \ %{_mandir}/* %changelog +* Tue Dec 26 2023 wanghuizhao -3.3-9 +- submit self-developed patch + * Thu Dec 14 2023 yixiangzhike -3.3-8 - backport patches from upstream diff --git a/restorecond-remove-dependency-of-glib2.patch b/restorecond-remove-dependency-of-glib2.patch new file mode 100644 index 0000000..8b04a04 --- /dev/null +++ b/restorecond-remove-dependency-of-glib2.patch @@ -0,0 +1,136 @@ +From 2eb9db473adf885dc0361b1967edd1781ff13b1e Mon Sep 17 00:00:00 2001 +From: wanghuizhao +Date: Sun, 24 Dec 2023 23:23:55 +0800 +Subject: [PATCH] restorecond: remove dependency of glib2 + +In order to remove the dependency of glib2, and in some scenarios, it is +not necessary to use the user mode, remove the user related option. + +Signed-off-by: wanghuizhao +--- + .../restorecond/Makefile | 21 +++++++++++++++++++ + .../restorecond/restorecond.c | 14 +++++++++++++ + 2 files changed, 35 insertions(+) + +diff --git a/restorecond/Makefile b/restorecond/Makefile +index 8e9a5ef..bebd39e 100644 +--- a/restorecond/Makefile ++++ b/restorecond/Makefile +@@ -13,21 +13,37 @@ SYSTEMDUSERUNITDIR ?= $(shell $(PKG_CONFIG) --variable=systemduserunitdir system + autostart_DATA = sealertauto.desktop + INITDIR ?= /etc/rc.d/init.d + SELINUXDIR = /etc/selinux ++CONFIG_NO_GLIB2 ?= n + ++ifeq ($(CONFIG_NO_GLIB2),n) + GIO_CFLAGS = -DHAVE_DBUS $(shell $(PKG_CONFIG) --cflags gio-2.0) + GIO_LIBS = $(shell $(PKG_CONFIG) --libs gio-2.0) ++endif + + CFLAGS ?= -g -Werror -Wall -W ++ ++ifeq ($(CONFIG_NO_GLIB2),y) ++ override CFLAGS += -DCONFIG_NO_GLIB2 ++ override LDLIBS += -lselinux ++else + override CFLAGS += $(GIO_CFLAGS) + + override LDLIBS += -lselinux $(GIO_LIBS) ++endif + + all: restorecond + ++ifeq ($(CONFIG_NO_GLIB2),y) ++restorecond.o utmpwatcher.o stringslist.o watch.o: restorecond.h ++ ++restorecond: restore.o restorecond.o utmpwatcher.o stringslist.o watch.o ++ $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS) ++else + restorecond.o utmpwatcher.o stringslist.o user.o watch.o: restorecond.h + + restorecond: restore.o restorecond.o utmpwatcher.o stringslist.o user.o watch.o + $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS) ++endif + + install: all + [ -d $(DESTDIR)$(MANDIR)/man8 ] || mkdir -p $(DESTDIR)$(MANDIR)/man8 +@@ -44,15 +60,20 @@ install: all + install -m 755 restorecond.init $(DESTDIR)$(INITDIR)/restorecond + -mkdir -p $(DESTDIR)$(SELINUXDIR) + install -m 644 restorecond.conf $(DESTDIR)$(SELINUXDIR)/restorecond.conf ++ifeq ($(CONFIG_NO_GLIB2),n) + install -m 644 restorecond_user.conf $(DESTDIR)$(SELINUXDIR)/restorecond_user.conf + -mkdir -p $(DESTDIR)$(AUTOSTARTDIR) + install -m 644 restorecond.desktop $(DESTDIR)$(AUTOSTARTDIR)/restorecond.desktop + -mkdir -p $(DESTDIR)$(DBUSSERVICEDIR) + install -m 644 org.selinux.Restorecond.service $(DESTDIR)$(DBUSSERVICEDIR)/org.selinux.Restorecond.service ++endif + -mkdir -p $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) + install -m 644 restorecond.service $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) ++ifeq ($(CONFIG_NO_GLIB2),n) + -mkdir -p $(DESTDIR)$(SYSTEMDUSERUNITDIR) + install -m 644 restorecond_user.service $(DESTDIR)$(SYSTEMDUSERUNITDIR) ++endif ++ + relabel: install + /sbin/restorecon $(DESTDIR)$(SBINDIR)/restorecond + +diff --git a/restorecond/restorecond.c b/restorecond/restorecond.c +index d5f70fc..fc0594b 100644 +--- a/restorecond/restorecond.c ++++ b/restorecond/restorecond.c +@@ -124,7 +124,11 @@ static void term_handler(int s __attribute__ ((unused))) + + static void usage(char *program) + { ++#ifndef CONFIG_NO_GLIB2 + printf("%s [-d] [-f restorecond_file ] [-u] [-v] \n", program); ++#else ++ printf("%s [-d] [-f restorecond_file ] [-v] \n", program); ++#endif + } + + void exitApp(const char *msg) +@@ -165,7 +169,11 @@ int main(int argc, char **argv) + sigaction(SIGTERM, &sa, NULL); + + atexit( done ); ++#ifndef CONFIG_NO_GLIB2 + while ((opt = getopt(argc, argv, "hdf:uv")) > 0) { ++#else ++ while ((opt = getopt(argc, argv, "hdf:v")) > 0) { ++#endif + switch (opt) { + case 'd': + debug_mode = 1; +@@ -173,9 +181,11 @@ int main(int argc, char **argv) + case 'f': + watch_file = optarg; + break; ++#ifndef CONFIG_NO_GLIB2 + case 'u': + run_as_user = 1; + break; ++#endif + case 'h': + usage(argv[0]); + exit(0); +@@ -200,11 +210,15 @@ int main(int argc, char **argv) + + homedir = pwd->pw_dir; + if (uid != 0) { ++#ifndef CONFIG_NO_GLIB2 + if (run_as_user) + return server(master_fd, user_watch_file); + if (start() != 0) + return server(master_fd, user_watch_file); + return 0; ++#else ++ exitApp("root_only"); ++#endif + } + + read_config(master_fd, watch_file); +-- +2.21.0 + -- Gitee