- For now this is really just to allow building statically while
hacking, for "real world" use this has implications on collections
support etc which is not handled by this patch.
This adds a new plugin specifically for a collection to load SELinux
policy. This implements the post_add and pre_remove plugin hooks. The
only time anything happens during the pre_remove hook is if post_add was
not called (i.e. if the transaction only removes policies).
This plugin extracts all the policy information from packages in the
sepolicy collection during the open te hook. It then determines which
policies should be installed/removed based on if the package is being
installed/removed and the type of the policy and the system policy. It
then executes semodule (or uses libsemanage if semodule cannot be
executed or installing in a chroot) to remove and install the necessary
policies. It then reloads the selinux state, reloads the file contexts,
and if necessary, relabels the file system.
This replaces the old matchpathcon interfaces with the new selabel
interfaces for relabeling files, storing an selabel handle in the
transaction set.
With this change, also comes an added distinction between --nocontexts
being specified and a failure to read the load file contexts.
Previously, there was no distinction, and both cases used the
RPMTRANS_FLAG_NOCONTEXTS flag.
However, with the new policy plugin, it is necessary to make such a
distinction. This is because matchpathcon_init (now selabel interfaces)
can fail at the beginning of the transaction, but succeed later after
new policy is installed. Because of this, we may need to enable/disable
RPMTRANS_FLAG_NOCONTEXTS multiple times. However, because this flag
could also mean --nocontexts, we cannot do that. By storing the selabel
handle in the rpmts, we can easily keep track if the handle has been
successfully created, rather than overloading RPMTRANS_FLAG_NOCONTEXTS
with two meanings.
This patch adds a generic plugin, exec.so, that should be sufficient for the
majority of Collection actions. After all packages in a Collection have been
installed/removed, this plugin executes the arguments by calling system(3),
allowing for a very generic and powerful method to perform many actions.
This also adds two sample macros as examples of the format, using the exec.so
plugin.
- move most of the hardwired classification logic from rpmfc C-code
to macro-based configuration, supporting drop-in addition of arbitrary
new attributes + dependency extractors based on regex matching of
libmagic file types and paths
- just the initial rough conversion of our built-in dependency types,
various open questions + todo-items remain, plus likely fair amount
of more-or-less subtle breakage
- Elf dependency extraction code code lifted from rpmfcELF() and refactored
to saner pieces. Having it in separate executable also frees librpmbuild
of libelf dependency, clean up the unnecessary linkage etc from
autofoo
- This lets internal dependency generator for elf files be
overridden without losing file coloring (which is required for
correct multilib handling). It also permits non-native elf files
(eg when cross-building) to be handled by providing a custom
elf dependency helper
- On the flip side, this inevitably slows down builds somewhat as
two fork-exec's are needed for every elf file, but unlike invoking
something like the python interpreter, this is a slim helper...
- All dependency extractors of the internal dependency generator are now
external helpers (how twisted is that, huh? :) and thus can be customized
and filtered through %__foo_provides|requires macros
- all uses of dgettext() and friends are already protected by
appropriate ifdef's, no need to provide dummy defines here
- setlocale() and <locale.h> are required by C89, C99 and POSIX .. assume
its there and if not, one can disable the whole thing with --disable-nls
- just two places where needed, dont pollute system.h needlessly
- include depending on HAVE_MMAP instead of separately checking for
sys/mman.h, if sys/mman.h doesn't exist or is broken HAVE_MMAP wont be set
- the AC_HEADER_TIME check is unnecessary for any remotely recent systems,
and the HAVE_SYS_TIME_H conditional in system.h is just broken as we
dont even check for <sys/time.h> header in configure
- dont include from system.h, the time.h and sys/time.h get already
included through our public headers where necessary
- vprintf(), vsnprintf() and snprintf() are in C99, no point checking
especially as we dont have fallbacks for them
- no point testing for inline capability as we dont try to work around
- whole lotta unnecessary wankery here (what have I been thinking)
- avoid using the non-standard strndup(), we checked for it in configure
but didn't provide an alternative so checking was just bogus
- move the includes out of system.h, not commonly needed
- <poll.h> is conditional as we actually provide a fallback through select(),
but for <sys/select.h> missing there's no fallback so doesn't make
much sense to test for (and both poll.h and sys/select.h are posix anyway...)
- only the lua posix extension "uses" this by providing putenv()
to Lua, make it conditional and return error if not supported by
the underlying operating system
- print chanced from statement to a function in python 3, for our
purposes sys.stdout.write() is sufficient and avoids dealing with
the incompatibilities between Python 2.x and 3.x
- suggested by David Malcolm / Ville Skyttä
- what we support now in payloads is XZ, not the former LZMA format, rename
user- and header-visible parts to match this
- rpmlib(PayloadIsXz) dependency versioned 5.2-1 to avoid unnecessary
incompatibility with what rpm5 has and what Mandriva is already using
- only provide the rpmlib dependency if actually built with xz support
- rpmFileIsCompressed() attempts to guess the magicless old lzma format
by file suffix, so it can handle both right now
- only needed by the testsuite
- optimally testsuite should skip parts needing fakechroot if it's not
there but at least this'll leave a trace into rpmtests.log...
- the previous implementation was pretty busted up, cap_size() is the
size of external representation, not sizeof(*cap_t) as pointed out by
Andrew Morgan
- check for cap_compare() in configure and use it if available (it's
a Linux-specific extension to the posix draft and only very recent
libcap has it)
- if cap_compare() isn't available, use internal variant that does it
the hard way by converting the capabilities to external presentation
and comparing those
- if built with --with-acl, check that files and directories don't have
any extra acl's set
- for now, any acl beyond the regular unix permission set is reported as
file mode difference as the acl's cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libacl instead of raw
xattrs for portability, BUT atm this uses non-portable acl_equiv_mode()
Linux libacl extension, the posix draft doesn't seem to have much in
the way of comparing entries :-/
- add minimal bits and pieces to check for capabilities in files on verify
- for now, any capability set is a verification failure as the capability
cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libcap instead of raw
xattrs for portability
- build-time generated rpmints.h causes issues with distcheck and is
not really worth the trouble
- we have all sorts of legacy junk to deal with, sticking them all into
rpmints.h would be just wrong...
- don't build internal copy of Lua
- move 3rd party extensions (posix and rexlib) to toplevel luaext/
directory, built by default (unless --without-lua specified)
- auto*foo checks for external Lua
- minimal tweaks to lposix.c and rpmlua.c to get them build with Lua 5.1
- tarball down to almost 1/4 of earlier size
- check if internal db is present in configure, point to INSTALL if not
- distcheck needs --with-external-db now to have any chance at working
- leaving to hg for now for easy reversal if getting second thoughts ;)
HAVE_LOCALE_H is used by system.h, ensure it is defined properly
(the issue only occurs when compiling without __OPTIMIZE__ (ie -O2)
otherwise libintl.h do include locale.h)
Patch from Pascal Rigaux