From owner-p4-projects@FreeBSD.ORG Tue May 16 20:17:18 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6B0FB16A52B; Tue, 16 May 2006 20:17:18 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 473A816A513 for ; Tue, 16 May 2006 20:17:18 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBED743D4C for ; Tue, 16 May 2006 20:17:17 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k4GKH0Gl084253 for ; Tue, 16 May 2006 20:17:00 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k4GKH0k1084248 for perforce@freebsd.org; Tue, 16 May 2006 20:17:00 GMT (envelope-from millert@freebsd.org) Date: Tue, 16 May 2006 20:17:00 GMT Message-Id: <200605162017.k4GKH0k1084248@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 97294 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 May 2006 20:17:18 -0000 http://perforce.freebsd.org/chv.cgi?CH=97294 Change 97294 by millert@millert_p4 on 2006/05/16 20:16:28 Update for new SEBSD userland Affected files ... .. //depot/projects/trustedbsd/sebsd/usr.bin/login/Makefile#10 edit .. //depot/projects/trustedbsd/sebsd/usr.bin/login/login.c#13 edit .. //depot/projects/trustedbsd/sebsd/usr.sbin/cron/cron/Makefile#6 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/usr.bin/login/Makefile#10 (text+ko) ==== @@ -16,13 +16,12 @@ .endif .if !defined(NO_SEBSD) -CFLAGS+=-I${.CURDIR}/../../lib/libsebsd CFLAGS+=-I${.CURDIR}/../../contrib/sebsd/libselinux/include CFLAGS+=-I${.CURDIR}/../../sys CFLAGS+=-I${.CURDIR}/../../sys/security/sebsd CFLAGS+=-DSEBSD -DPADD+= ${LIBSEBSD} -LDADD+= -lsebsd +DPADD+= ${LIBSELINUX} +LDADD+= -lselinux -lsepol -lsecompat .endif .include ==== //depot/projects/trustedbsd/sebsd/usr.bin/login/login.c#13 (text+ko) ==== @@ -68,9 +68,6 @@ #include #include #include -#ifdef SEBSD -#include -#endif #include #include #include @@ -84,6 +81,7 @@ #include #ifdef SEBSD #include +#include #include #endif @@ -467,7 +465,6 @@ label_string = login_getcapstr(lc, "ttylabel", NULL, NULL); if (label_string != NULL) { mac_t label; - int error; if (mac_from_text(&label, label_string) == 0) { if (pathconf(ttyn, _PC_MAC_PRESENT) > 0 && @@ -546,12 +543,11 @@ if (is_selinux_enabled()) { char *labeltext, *queried, *oldttylabeltext, *tty_queried=NULL, **contexts; - size_t ncontexts; mac_t newttylabel; - int n; + int n, ncontexts; - if (get_ordered_context_list(username, NULL, &contexts, - &ncontexts) != 0 || ncontexts == 0) + ncontexts = get_ordered_context_list(username, NULL, &contexts); + if (ncontexts <= 0) goto nosebsd; queried = NULL; @@ -578,10 +574,8 @@ } } - if (!queried) - if (query_user_context(pamh, contexts, ncontexts, - &queried) != 0) { - + if (queried == NULL && + query_user_context(contexts, &queried) != 0) { syslog(LOG_ERR, "Reading SEBSD domain from user:" " %m"); bail(NO_SLEEP_EXIT, 1); ==== //depot/projects/trustedbsd/sebsd/usr.sbin/cron/cron/Makefile#6 (text+ko) ==== @@ -12,8 +12,8 @@ .if !defined(NO_SEBSD) CFLAGS+= -I${.CURDIR}/../../../sys CFLAGS+= -DSEBSD -DPADD+= ${LIBSEBSD} -LDADD+= -lsebsd +DPADD+= ${LIBSELINUX} +LDADD+= -lselinux -lsepol -lsecompat .endif .include