X Strike Force X.Org X11 SVN commit: r300 - trunk/debian/patches

To: debian-x@lists.debian.org
Subject: X Strike Force X.Org X11 SVN commit: r300 - trunk/debian/patches
From: X Strike Force SVN Repository Admin <branden+svnadmin@deadbeast.net>
Date: Sat, 2 Jul 2005 15:35:41 -0500 (EST)
Message-id: <[🔎] 20050702203541.8A5275C091@necrotic.deadbeast.net>
Mail-followup-to: debian-x@lists.debian.org

Author: dnusinow
Date: 2005-07-02 15:35:40 -0500 (Sat, 02 Jul 2005)
New Revision: 300

Modified:
   trunk/debian/patches/099s_selinux_support.diff
Log:
- Patch audit.  
  - Add comments to 099s_selinux_support.diff from xfree86 tree. I've gotta
	stop forgetting these :-p


Modified: trunk/debian/patches/099s_selinux_support.diff
===================================================================
--- trunk/debian/patches/099s_selinux_support.diff	2005-07-02 20:30:49 UTC (rev 299)
+++ trunk/debian/patches/099s_selinux_support.diff	2005-07-02 20:35:40 UTC (rev 300)
@@ -1,3 +1,34 @@
+$Id$
+
+Add support for SELinux.  Note that this patch only adds source-level
+support, and does not actually enable it.
+
+This patch by Manoj Srivastava.  As he notes in Debian #233551:
+
+    As implemented, the patch merely provides a capability, which
+    has to be explicitly turned on at compile time with -DHasSELinux=YES.
+    If one does not compile with -DHasSELinux=YES, the patch is a no-op.
+    Since none of the code is compiled in, there is no change in
+    behaviour, nor is there any performance hit.
+
+    If you do turn on the SELinux compatibility with -DHasSELinux,
+    you would need libselinux at build time.  In other words, the
+    mainline X build does not build depend on SELinux; the dependency is
+    only invoked if you explicitly pass a parameter to imake.
+
+    Even when SELinux compatibility is compiled in, on a non
+    SELinux kernel it is dead code; there is no change in functionality,
+    apart from a single check to see if SELinux is available at each
+    login. The SELinux code paths are not exercised on non-SELinux
+    kernels.
+
+The more permanent way to enable SELinux support is to #define HasSELinux
+YES in the relevant distribution-specific section of linux.cf.  If that is
+done for Debian, the source package will need to add a build-dependency on
+the libselinux1-dev package.
+
+Not submitted upstream to XFree86 or X.Org.
+
 diff -ruN xc-old/config/cf/Imake.tmpl xc/config/cf/Imake.tmpl
 --- xc-old/config/cf/Imake.tmpl	2005-07-02 15:45:07.000000000 -0400
 +++ xc/config/cf/Imake.tmpl	2005-07-02 15:56:55.000000000 -0400

Reply to:

Prev by Date: X Strike Force X.Org X11 SVN commit: r299 - in trunk/debian: . patches
Next by Date: X Strike Force X.Org X11 SVN commit: r301 - in trunk/debian: . patches
Previous by thread: X Strike Force X.Org X11 SVN commit: r299 - in trunk/debian: . patches
Next by thread: X Strike Force X.Org X11 SVN commit: r301 - in trunk/debian: . patches
Index(es):
- Date
- Thread