Age | Commit message (Collapse) | Author | Files | Lines |
|
This replaces the old matchpathcon interfaces with the new selabel
interfaces for relabeling files, storing an selabel handle in the
transaction set.
With this change, also comes an added distinction between --nocontexts
being specified and a failure to read the load file contexts.
Previously, there was no distinction, and both cases used the
RPMTRANS_FLAG_NOCONTEXTS flag.
However, with the new policy plugin, it is necessary to make such a
distinction. This is because matchpathcon_init (now selabel interfaces)
can fail at the beginning of the transaction, but succeed later after
new policy is installed. Because of this, we may need to enable/disable
RPMTRANS_FLAG_NOCONTEXTS multiple times. However, because this flag
could also mean --nocontexts, we cannot do that. By storing the selabel
handle in the rpmts, we can easily keep track if the handle has been
successfully created, rather than overloading RPMTRANS_FLAG_NOCONTEXTS
with two meanings.
|
|
This patch adds a simple plugin system that makes simple problems easy to
solve, and difficult problems, such as SELinux, possible.
When the transaction gets to the point where a collection action should occur,
it expands a macro of the form %__collection_<collection name> to get the path
to a plugin and any additional options. The plugin is dlopen'ed, and the
appropriate function is called in the plugin, with the additional arguments
passed in.
This also adds a --nocollections option to disable performing Collection
actions.
|
|
|
|
- these seem to be already included where needed through rpm's public
header needs
|
|
|
|
|
|
- most of the places get it through <rpm/rpmstring.h> already
|
|
- <string.h> is required by C standard, we dont support ancient
non-conformant compilers anyway
|
|
- also loose the related ancient compatibility goo
|
|
|
|
- all uses of dgettext() and friends are already protected by
appropriate ifdef's, no need to provide dummy defines here
- setlocale() and <locale.h> are required by C89, C99 and POSIX .. assume
its there and if not, one can disable the whole thing with --disable-nls
|
|
- just a few places need, avoid polluting everything with it
- make fsm->fcaps void * to avoid having to deal with fcap_t not defined
|
|
|
|
- only two real users inside rpm
- remove mcheck foo from rpminject and rpmsort, we're not interested...
|
|
- no point conditionalizing what we cant live without
|
|
- just two places where needed, dont pollute system.h needlessly
- include depending on HAVE_MMAP instead of separately checking for
sys/mman.h, if sys/mman.h doesn't exist or is broken HAVE_MMAP wont be set
|
|
|
|
- systems not defining these constants are broken beyond our caring
|
|
- the AC_HEADER_TIME check is unnecessary for any remotely recent systems,
and the HAVE_SYS_TIME_H conditional in system.h is just broken as we
dont even check for <sys/time.h> header in configure
- dont include from system.h, the time.h and sys/time.h get already
included through our public headers where necessary
|
|
- there's no fallback for missing netdb.h so there's little point
conditionalizing it
- avoid yet more system.h pollution
|
|
- move the includes out of system.h, not commonly needed
- <poll.h> is conditional as we actually provide a fallback through select(),
but for <sys/select.h> missing there's no fallback so doesn't make
much sense to test for (and both poll.h and sys/select.h are posix anyway...)
|
|
- these are specified by POSIX 2001, it's not really rpm's job to
provide them if the system doesn't
|
|
- lchown() is POSIX 2001, we dont care about older / nonconformant stuff
|
|
- getwd(), getcwd(), basename() and realpath() are all POSIX 2001
defined, we dont care about older stuff
|
|
- setenv() and unsetenv() are required by POSIX 2001, we dont care about
older systems
|
|
- include unconditionally as we dont try to deal with utime() missing
|
|
- only cpio.c needs, move it there
- if none of the standard headers define these, its not our headache anymore
|
|
- only macro.c needs, no point polluting includes everywhere
|
|
- no much point conditionalizing something we can't live without
- just three places need, no point polluting include space everywhere
|
|
|
|
|
|
|
|
- no much point conditionalizing something we can't live without
- just two places need, no point polluting include space everywhere
|
|
|
|
- only rpmmalloc.c needs, no need to pollute system.h
|
|
|
|
- only signature.c needs, no need to pollute system.h
|
|
|
|
- some of this stuff was used in 4.4.x but not anymore
- additionally we dont even use getdomainnname(), check for gethostname()
instead
|
|
- practially all the data in rpmfi needs to be treated as const, these
are just a funky special case which point to header memory for the
couple of cases where KEEPHEADER is still used
|
|
- Consistent across platforms and will allow some things macros dont and
memory checkers these days are smart enough to get decent output anyway
- Minimal namespacing with r-prefix, add compatibility macros to system.h
for now so we dont have to change the entire codebase for this
- Also make rpmutil.h where the declarations and gcc __attribute__ macros
are available everywhere
|
|
- POSIX doesn't require PATH_MAX to be defined as constant, and Hurd
doesn't define it...
- deal with it just once in system.h for now, the proper fix is to get
rid of needing it at all (ie add a mallocing realpath() clone to librpmio)
- patch from Adam Tkac
|
|
- new rpmfiFCaps() API to retrieve the info from rpmfi set
- fsm internals quite similar to selinux handling
- plenty of #ifdef's, another possibility would be adding cap_foo dummies to
system.h like for selinux
|
|
- if built with --with-acl, check that files and directories don't have
any extra acl's set
- for now, any acl beyond the regular unix permission set is reported as
file mode difference as the acl's cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libacl instead of raw
xattrs for portability, BUT atm this uses non-portable acl_equiv_mode()
Linux libacl extension, the posix draft doesn't seem to have much in
the way of comparing entries :-/
|
|
- add minimal bits and pieces to check for capabilities in files on verify
- for now, any capability set is a verification failure as the capability
cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libcap instead of raw
xattrs for portability
|
|
- timezone is no more used so it's no more needed
|
|
|
|
|
|
- _free() is just a wrapper to free() which additionally returns NULL
- add _constfree() for use in the cases where const is used to protect
malloced "read-only" data in long-lived otherwise exposed structures etc
|
|
Patch from Pascal Rigaux
|