xdm: Changes to 'debian-unstable'
debian/changelog | 7 +++++
debian/patches/selinux_support.diff | 43 ++++++++++++++++++++++++------------
2 files changed, 36 insertions(+), 14 deletions(-)
New commits:
commit 2f149e05d3ac39467c1a243ebc7d482464fbab9c
Author: Julien Cristau <jcristau@debian.org>
Date: Mon Aug 11 13:49:59 2008 +0200
Update SELinux patch to get the correct login context (closes: #493524).
Thanks, Russell Coker!
diff --git a/debian/changelog b/debian/changelog
index 00d164a..c3d722e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+xdm (1:1.1.8-4) UNRELEASED; urgency=low
+
+ * Update SELinux patch to get the correct login context (closes: #493524).
+ Thanks, Russell Coker!
+
+ -- Julien Cristau <jcristau@debian.org> Mon, 11 Aug 2008 13:31:29 +0200
+
xdm (1:1.1.8-3) unstable; urgency=medium
* debian/rules: make sure the install stamp is created, and don't try to
diff --git a/debian/patches/selinux_support.diff b/debian/patches/selinux_support.diff
index 31a16cf..44f557e 100644
--- a/debian/patches/selinux_support.diff
+++ b/debian/patches/selinux_support.diff
@@ -1,10 +1,15 @@
-# HG changeset patch
-# User ejka@imfi.kspu.ru
-# Node ID 4403c371616cc416a83156451f1afd293aff0e16
-# Parent 28b3145223134d9d9a32202d0bae2036572e560a
-Ported 099s_selinux_support.diff (changes: remove Imakefile hunks, add
---with-selinux flag to configure.ac.
+From: Manoj Srivastava <srivasta@golden-gryphon.com>
+Subject: xdm: add SELinux support
+History:
+Initial patch submitted in Debian bug#233551
+Forward-ported to modular X by Eugene Konev (changes: remove Imakefile hunks,
+add --with-selinux flag to configure.ac).
+Updated to latest SE Linux code by Russell Coker 3rd Aug 2008, with bugfix from
+Julien Cristau (Debian bug#493524).
+
+Index: xdm/configure.ac
+===================================================================
--- xdm.orig/configure.ac
+++ xdm/configure.ac
@@ -116,6 +116,23 @@
@@ -31,6 +36,8 @@ Ported 099s_selinux_support.diff (changes: remove Imakefile hunks, add
# FIXME: Find better test for which OS'es use su -m - for now, just try to
# mirror the Imakefile setting of:
# if defined(OpenBSDArchitecture) || defined(NetBSDArchitecture) || defined(FreeBSDArchitecture) || defined(DarwinArchitecture)
+Index: xdm/session.c
+===================================================================
--- xdm.orig/session.c
+++ xdm/session.c
@@ -36,6 +36,10 @@
@@ -56,7 +63,7 @@ Ported 099s_selinux_support.diff (changes: remove Imakefile hunks, add
#ifndef GREET_USER_STATIC
# include <dlfcn.h>
# ifndef RTLD_NOW
-@@ -77,6 +86,34 @@
+@@ -77,6 +86,42 @@
# endif
#endif
@@ -66,14 +73,22 @@ Ported 099s_selinux_support.diff (changes: remove Imakefile hunks, add
+xdm_selinux_setup (const char *login)
+ {
+ security_context_t scontext;
++ int ret = -1;
++ char *seuser=NULL;
++ char *level=NULL;
++
+ /* If SELinux is not enabled, then we don't do anything. */
-+ if ( ! is_selinux_enabled ())
-+ return TRUE;
++ if ( is_selinux_enabled () <= 0)
++ return TRUE;
+
-+ if (get_default_context((char*) login,0, &scontext) < 0) {
-+ LogError ("SELinux: unable to obtain default security context for %s\n",
-+ login);
-+ return FALSE;
++ if (getseuserbyname(login, &seuser, &level) == 0) {
++ ret=get_default_context_with_level(seuser, level, 0, &scontext);
++ free(seuser);
++ free(level);
++ }
++ if (ret < 0 || scontext == NULL) {
++ LogError ("SELinux: unable to obtain default security context for %s\n", login);
++ return FALSE;
+ }
+
+ if (setexeccon (scontext) != 0) {
@@ -91,7 +106,7 @@ Ported 099s_selinux_support.diff (changes: remove Imakefile hunks, add
static int runAndWait (char **args, char **environ);
#ifdef HAVE_GRP_H
-@@ -785,6 +822,17 @@
+@@ -785,6 +830,17 @@
bzero(passwd, strlen(passwd));
SetUserAuthorization (d, verify);
Reply to: