Go to file
Baichuan Kong ad2208ec22 restorecond: Fix redundant console log output error
When starting restorecond without any option the following redundant
console log is outputed:

/dev/log 100.0%
/var/volatile/run/syslogd.pid 100.0%
...

This is caused by two global variables of same name r_opts. When
executes r_opts = opts in restore_init(), it originally intends
to assign the address of struct r_opts in "restorecond.c" to the
pointer *r_opts in "restore.c".

However, the address is assigned to the struct r_opts and covers
the value of low eight bytes in it. That causes unexpected value
of member varibale 'nochange' and 'verbose' in struct r_opts, thus
affects value of 'restorecon_flags' and executes unexpected operations
when restorecon the files such as the redundant console log output or
file label nochange.

Cause restorecond/restore.c is copied from policycoreutils/setfiles,
which share the same pattern. It also has potential risk to generate
same problems, So fix it in case.

Signed-off-by: Baichuan Kong <kongbaichuan@huawei.com>
2019-11-15 08:12:16 -05:00
.circleci CircleCI: run scan-build and publish its results automatically 2019-09-26 09:45:47 -04:00
checkpolicy Replace www.nsa.gov references by github.com/SELinuxProject 2019-11-08 09:20:29 -05:00
dbus Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
gui Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
libselinux libselinux,libsemanage: check in python_exception.i files 2019-11-13 08:34:46 +01:00
libsemanage libselinux,libsemanage: check in python_exception.i files 2019-11-13 08:34:46 +01:00
libsepol libsepol/cil: Report disabling an optional block only at high verbose levels 2019-11-06 12:32:06 -05:00
mcstrans Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
policycoreutils restorecond: Fix redundant console log output error 2019-11-15 08:12:16 -05:00
python python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions" 2019-11-08 09:20:35 -05:00
restorecond restorecond: Fix redundant console log output error 2019-11-15 08:12:16 -05:00
sandbox Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
scripts libsepol, libsemanage: add a macro to silence static analyzer warnings in tests 2019-09-30 08:43:41 -04:00
secilc Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
semodule-utils Update VERSIONs to 3.0-rc1 for release. 2019-10-28 13:06:11 +01:00
.gitignore restorecond: Add gitignore 2016-11-16 11:20:05 -05:00
.travis.yml scripts: introduce env_use_destdir.sh helper 2019-01-21 12:13:41 +01:00
CONTRIBUTING.md Fix many misspellings 2019-09-18 22:47:35 +02:00
CleanSpec.mk Add empty top level Android.mk / CleanSpec.mk files 2015-04-16 07:54:09 -04:00
Makefile build: setup buildpaths if DESTDIR is specified 2018-02-14 20:02:03 +01:00
README README: Update Fedora python 3 dependencies 2019-02-20 16:43:27 +01:00
lgtm.yml Add configuration file for lgtm.com 2019-09-18 08:24:11 -04:00

README

Please submit all bug reports and patches to selinux@vger.kernel.org.
Subscribe by sending "subscribe selinux" in the body of an email
to majordomo@vger.kernel.org.

Build dependencies on Fedora:
yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python3-devel python3-setools swig xmlto redhat-rpm-config

To build and install everything under a private directory, run:
make DESTDIR=~/obj install install-pywrap

To install as the default system libraries and binaries
(overwriting any previously installed ones - dangerous!),
on x86_64, run:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
or on x86 (32-bit), run:
make install install-pywrap relabel

This may render your system unusable if the upstream SELinux userspace
lacks library functions or other dependencies relied upon by your
distribution.  If it breaks, you get to keep both pieces.

To install libsepol on macOS (mainly for policy analysis):
cd libsepol; make PREFIX=/usr/local install

This requires GNU coreutils (brew install coreutils).