From 23660c5dba67014d64225ec0e0991e76d80b6276 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jul 07 2009 16:26:11 +0000
Subject: - Update to upstream

Add per-service seuser support from Dan Walsh.
Let load_policy gracefully handle selinuxfs being mounted from Stephen
    Smalley.
Check /proc/filesystems before /proc/mounts for selinuxfs from Eric Paris.

---

diff --git a/.cvsignore b/.cvsignore
index 8cace8f..de70f03 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -166,3 +166,5 @@ libselinux-2.0.79.tgz
 libselinux-2.0.80.tgz
 libselinux-2.0.81.tgz
 libselinux-2.0.82.tgz
+libselinux-2.0.83.tgz
+libselinux-2.0.84.tgz
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 9d1595d..2561b7d 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,24 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-2.0.82/include/selinux/selinux.h
---- nsalibselinux/include/selinux/selinux.h	2009-06-23 15:36:07.000000000 -0400
-+++ libselinux-2.0.82/include/selinux/selinux.h	2009-06-23 15:49:12.000000000 -0400
-@@ -547,6 +547,14 @@
-    Caller must free the returned strings via free. */
- extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
- 
-+/* Get the SELinux username and level to use for a given Linux username and service. 
-+   These values may then be passed into the get_ordered_context_list*
-+   and get_default_context* functions to obtain a context for the user.
-+   Returns 0 on success or -1 otherwise.
-+   Caller must free the returned strings via free. */
-+extern int getseuser(const char *username, const char *service, 
-+		     char **r_seuser, char **r_level);
-+
- /* Compare two file contexts, return 0 if equivalent. */
- int selinux_file_context_cmp(const security_context_t a,
- 			     const security_context_t b);
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.82/man/man8/selinuxconlist.8
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.83/man/man8/selinuxconlist.8
 --- nsalibselinux/man/man8/selinuxconlist.8	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.82/man/man8/selinuxconlist.8	2009-06-23 15:49:12.000000000 -0400
++++ libselinux-2.0.83/man/man8/selinuxconlist.8	2009-07-07 12:22:39.298209000 -0400
 @@ -0,0 +1,18 @@
 +.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
 +.SH "NAME"
@@ -38,9 +20,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 lib
 +
 +.SH "SEE ALSO"
 +secon(8), selinuxdefcon(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.82/man/man8/selinuxdefcon.8
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.83/man/man8/selinuxdefcon.8
 --- nsalibselinux/man/man8/selinuxdefcon.8	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.82/man/man8/selinuxdefcon.8	2009-06-23 15:49:12.000000000 -0400
++++ libselinux-2.0.83/man/man8/selinuxdefcon.8	2009-07-07 12:22:39.309211000 -0400
 @@ -0,0 +1,19 @@
 +.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
 +.SH "NAME"
@@ -61,9 +43,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libs
 +
 +.SH "SEE ALSO"
 +secon(8), selinuxconlist(8)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.82/src/callbacks.c
---- nsalibselinux/src/callbacks.c	2009-04-08 09:06:23.000000000 -0400
-+++ libselinux-2.0.82/src/callbacks.c	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.83/src/callbacks.c
+--- nsalibselinux/src/callbacks.c	2009-07-07 11:10:42.003951000 -0400
++++ libselinux-2.0.83/src/callbacks.c	2009-07-07 12:22:39.312210000 -0400
 @@ -16,6 +16,7 @@
  {
  	int rc;
@@ -72,9 +54,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.
  	va_start(ap, fmt);
  	rc = vfprintf(stderr, fmt, ap);
  	va_end(ap);
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/exception.sh libselinux-2.0.82/src/exception.sh
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/exception.sh libselinux-2.0.83/src/exception.sh
 --- nsalibselinux/src/exception.sh	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-2.0.82/src/exception.sh	2009-06-23 15:49:12.000000000 -0400
++++ libselinux-2.0.83/src/exception.sh	2009-07-07 12:22:39.318209000 -0400
 @@ -0,0 +1,12 @@
 +function except() {
 +echo "
@@ -88,9 +70,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/exception.sh libselinux-2
 +"
 +}
 +for i in `grep "extern *int" ../include/selinux/selinux.h | awk '{ print $3 }' | cut -d '(' -f 1`; do except $i ; done 
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.82/src/Makefile
---- nsalibselinux/src/Makefile	2009-06-23 15:36:07.000000000 -0400
-+++ libselinux-2.0.82/src/Makefile	2009-06-23 15:50:58.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.83/src/Makefile
+--- nsalibselinux/src/Makefile	2009-07-07 11:10:41.995958000 -0400
++++ libselinux-2.0.83/src/Makefile	2009-07-07 12:22:39.322212000 -0400
 @@ -82,6 +82,9 @@
  	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -lpthread -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
  	ln -sf $@ $(TARGET) 
@@ -121,9 +103,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.8
  
  distclean: clean
  	rm -f $(GENERATED) $(SWIGFILES)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.82/src/matchpathcon.c
---- nsalibselinux/src/matchpathcon.c	2009-03-06 14:41:45.000000000 -0500
-+++ libselinux-2.0.82/src/matchpathcon.c	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.83/src/matchpathcon.c
+--- nsalibselinux/src/matchpathcon.c	2008-08-28 09:34:24.000000000 -0400
++++ libselinux-2.0.83/src/matchpathcon.c	2009-07-07 12:22:39.328209000 -0400
 @@ -2,6 +2,7 @@
  #include <string.h>
  #include <errno.h>
@@ -141,9 +123,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
  	va_end(ap);
  }
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.82/src/selinux.py
---- nsalibselinux/src/selinux.py	2009-03-06 14:41:45.000000000 -0500
-+++ libselinux-2.0.82/src/selinux.py	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.83/src/selinux.py
+--- nsalibselinux/src/selinux.py	2009-01-13 08:09:54.000000000 -0500
++++ libselinux-2.0.83/src/selinux.py	2009-07-07 12:22:39.337212000 -0400
 @@ -1,12 +1,26 @@
  # This file was automatically generated by SWIG (http://www.swig.org).
 -# Version 1.3.35
@@ -2355,9 +2337,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0
 +selinux_lsetfilecon_default = _selinux.selinux_lsetfilecon_default
  
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.82/src/selinuxswig.i
---- nsalibselinux/src/selinuxswig.i	2009-03-12 08:48:48.000000000 -0400
-+++ libselinux-2.0.82/src/selinuxswig.i	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.83/src/selinuxswig.i
+--- nsalibselinux/src/selinuxswig.i	2009-07-07 11:10:42.024956000 -0400
++++ libselinux-2.0.83/src/selinuxswig.i	2009-07-07 12:22:39.343210000 -0400
 @@ -4,11 +4,14 @@
  
  %module selinux
@@ -2391,9 +2373,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-
 +%include "../include/selinux/get_default_type.h"
 +%include "../include/selinux/label.h"
 +%include "../include/selinux/selinux.h"
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.82/src/selinuxswig_python.i
---- nsalibselinux/src/selinuxswig_python.i	2009-03-06 14:41:45.000000000 -0500
-+++ libselinux-2.0.82/src/selinuxswig_python.i	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.83/src/selinuxswig_python.i
+--- nsalibselinux/src/selinuxswig_python.i	2009-01-13 08:09:54.000000000 -0500
++++ libselinux-2.0.83/src/selinuxswig_python.i	2009-07-07 12:22:39.355211000 -0400
 @@ -21,6 +21,15 @@
                               map(restorecon, [os.path.join(dirname, fname)
                                                for fname in fnames]), None)
@@ -2416,9 +2398,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs
  
 +%include "selinuxswig_exception.i"
  %include "selinuxswig.i"
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.82/src/selinuxswig_wrap.c
---- nsalibselinux/src/selinuxswig_wrap.c	2009-03-06 14:41:45.000000000 -0500
-+++ libselinux-2.0.82/src/selinuxswig_wrap.c	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.83/src/selinuxswig_wrap.c
+--- nsalibselinux/src/selinuxswig_wrap.c	2009-01-13 08:09:54.000000000 -0500
++++ libselinux-2.0.83/src/selinuxswig_wrap.c	2009-07-07 12:22:39.385216000 -0400
 @@ -1,6 +1,6 @@
  /* ----------------------------------------------------------------------------
   * This file was automatically generated by SWIG (http://www.swig.org).
@@ -16804,80 +16786,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libsel
 +#endif
  }
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-2.0.82/src/seusers.c
---- nsalibselinux/src/seusers.c	2009-03-06 14:41:45.000000000 -0500
-+++ libselinux-2.0.82/src/seusers.c	2009-06-23 15:49:12.000000000 -0400
-@@ -243,3 +243,67 @@
- 	*r_level = NULL;
- 	return 0;
- }
-+
-+int getseuser(const char *username, const char *service, 
-+	      char **r_seuser, char **r_level) {
-+	int ret = -1;
-+	int len = 0;
-+	char *seuser = NULL;
-+	char *level = NULL;
-+	char *buffer = NULL;
-+	size_t size = 0;
-+	size_t lineno = 0;
-+	char *rec = NULL;
-+	char *path=NULL;
-+	if (asprintf(&path,"%s/logins/%s", selinux_policy_root(), username) <  0)
-+		goto err;
-+	FILE *fp = fopen(path, "r");
-+	free(path);
-+	if (fp == NULL) goto err;
-+	__fsetlocking(fp, FSETLOCKING_BYCALLER);
-+	while (getline(&buffer, &size, fp) > 0) {
-+		++lineno;
-+
-+		if (strncmp(buffer, "*:", 2) == 0) {
-+			free(rec);
-+			rec = strdup(buffer);
-+			continue;
-+		}
-+		len = strlen(service);
-+		if ((strncmp(buffer, service, len) == 0) &&
-+		    (buffer[len] == ':')) {
-+			free(rec);
-+			rec = strdup(buffer);
-+			break;
-+		}
-+	}
-+
-+	if (! rec)  goto err;
-+	seuser = strchr(rec, ':');
-+	if (! seuser) goto err;
-+
-+	seuser++;
-+	level = strchr(seuser, ':');
-+	*level = 0;
-+	level++;
-+	*r_seuser = strdup(seuser);
-+	if (! *r_seuser) goto err;
-+
-+	len = strlen(level);
-+	if (len && level[len-1] == '\n')
-+		level[len-1] = 0;
-+
-+	*r_level = strdup(level);
-+	if (! *r_level) {
-+		free(*r_seuser);
-+		goto err;
-+	}
-+	ret = 0;
-+
-+	err:
-+	free(buffer);
-+	if (fp) fclose(fp);
-+	free(rec);
-+
-+	return (ret ? getseuserbyname(username, r_seuser, r_level) : ret);
-+}
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.82/utils/matchpathcon.c
---- nsalibselinux/utils/matchpathcon.c	2009-05-18 13:53:14.000000000 -0400
-+++ libselinux-2.0.82/utils/matchpathcon.c	2009-06-23 15:49:12.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.83/utils/matchpathcon.c
+--- nsalibselinux/utils/matchpathcon.c	2009-07-07 11:10:42.033956000 -0400
++++ libselinux-2.0.83/utils/matchpathcon.c	2009-07-07 12:22:39.395209000 -0400
 @@ -22,9 +22,13 @@
  	char *buf;
  	int rc = matchpathcon(path, mode, &buf);
diff --git a/libselinux.spec b/libselinux.spec
index a2b0742..7216455 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -4,8 +4,8 @@
 
 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 2.0.82
-Release: 2%{?dist}
+Version: 2.0.84
+Release: 1%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@@ -165,6 +165,13 @@ exit 0
 %{ruby_sitearch}/selinux.so
 
 %changelog
+* Tue Jul 7 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.84-1
+- Update to upstream 
+	* Add per-service seuser support from Dan Walsh.
+	* Let load_policy gracefully handle selinuxfs being mounted from Stephen Smalley.
+	* Check /proc/filesystems before /proc/mounts for selinuxfs from Eric
+	Paris.
+
 * Wed Jun 24 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.82-2
 - Add provices ruby(selinux)
 
diff --git a/sources b/sources
index 83fb405..62acbb3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-d5539180258f0a66bceb466aab806589  libselinux-2.0.82.tgz
+952674efe604477d00b787c262da17e2  libselinux-2.0.84.tgz