build: fix build with libselinux 2.3

Several function signatures changed in libselinux 2.3, now taking a 'const char *' instead of 'security_context_t'. The latter is defined in selinux/selinux.h as typedef char *security_context_t; Signed-off-by: N Eric Blake <eblake@redhat.com> (cherry picked from commit 292d3f2d)

build: fix build with libselinux 2.3
Several function signatures changed in libselinux 2.3, now taking a 'const char *' instead of 'security_context_t'. The latter is defined in selinux/selinux.h as typedef char *security_context_t; Signed-off-by: N Eric Blake <eblake@redhat.com> (cherry picked from commit 292d3f2d)
26f47e6a · Cédric Bosdonnat · Eric Blake · 38dce339 · 26f47e6a · 26f47e6a
隐藏空白更改
内联并排

Showing with 32 addition and 1 deletion

m4/virt-selinux.m4 m4/virt-selinux.m4 +16 -1

tests/securityselinuxhelper.c tests/securityselinuxhelper.c +16 -0

未找到文件。
--- a/m4/virt-selinux.m4
+++ b/m4/virt-selinux.m4
 dnl The libselinux.so library
 dnl
-dnl Copyright (C) 2012-2013 Red Hat, Inc.
+dnl Copyright (C) 2012-2014 Red Hat, Inc.
 dnl
 dnl This library is free software; you can redistribute it and/or
 dnl modify it under the terms of the GNU Lesser General Public
@@ -28,6 +28,21 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
    [with_selinux_mount=check])
  if test "$with_selinux" = "yes"; then
+    # libselinux changed signatures between 2.2 and 2.3
+    AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
+    [AC_COMPILE_IFELSE(
+      [AC_LANG_PROGRAM(
+         [[
+#include <selinux/selinux.h>
+int setcon(const security_context_t context);
+         ]])],
+         [gt_cv_setcon_param='security_context_t'],
+         [gt_cv_setcon_param='const char*'])])
+    if test "$gt_cv_setcon_param" = 'const char*'; then
+       AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
+                          [SELinux uses newer char * for security context])
+    fi
    AC_MSG_CHECKING([SELinux mount point])
    if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
      if test -d /sys/fs/selinux ; then

--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -156,7 +156,11 @@ int getpidcon(pid_t pid, security_context_t *context)
    return getpidcon_raw(pid, context);
 }
+#ifdef SELINUX_CTX_CHAR_PTR
+int setcon_raw(const char *context)
+#else
 int setcon_raw(security_context_t context)
+#endif
 {
    if (!is_selinux_enabled()) {
        errno = EINVAL;
@@ -165,13 +169,21 @@ int setcon_raw(security_context_t context)
    return setenv("FAKE_SELINUX_CONTEXT", context, 1);
 }
+#ifdef SELINUX_CTX_CHAR_PTR
+int setcon(const char *context)
+#else
 int setcon(security_context_t context)
+#endif
 {
    return setcon_raw(context);
 }
+#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon_raw(const char *path, const char *con)
+#else
 int setfilecon_raw(const char *path, security_context_t con)
+#endif
 {
    const char *constr = con;
    if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
@@ -182,7 +194,11 @@ int setfilecon_raw(const char *path, security_context_t con)
                    constr, strlen(constr), 0);
 }
+#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon(const char *path, const char *con)
+#else
 int setfilecon(const char *path, security_context_t con)
+#endif
 {
    return setfilecon_raw(path, con);
 }