From 7e39ef9f883ed788ce98329383ab071398e28b6d Mon Sep 17 00:00:00 2001
From: Pádraig Brady <P@draigBrady.com>
Date: Wed, 27 Nov 2013 18:21:48 +0000
Subject: build: avoid more selinux build failures

Handle both newer selinux libraries with mode_to_security_class(),
and systems without selinux at all.  We could easily adjust
gnulib to provide the necessary stubs for use by this module,
but it's more efficient to just stub out the module completely,
when not using selinux.

* src/selinux.h: Define stubs for the two module functions,
when SELinux is not available.
* src/selinux.c: Exclude all logic in preference for the stubs
when selinux isn't used.  Also when newer selinux libs are used,
don't use our conflicting static version of mode_to_security_class().
m4/jm-macros.m4: Check for the system mode_to_security_class().
---
 src/selinux.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'src/selinux.c')

diff --git a/src/selinux.c b/src/selinux.c
index 405f5f61e..c87e89689 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -29,8 +29,11 @@
 #include "quote.h"
 #include "selinux.h"
 
+#if HAVE_SELINUX_SELINUX_H
+
+# if ! HAVE_MODE_TO_SECURITY_CLASS
 /*
-  This function has being added to libselinux-2.1.12-5, but is here
+  This function has been added to libselinux-2.1.12-5, but is here
   for support with older versions of SELinux
 
   Translates a mode into an Internal SELinux security_class definition.
@@ -58,6 +61,7 @@ mode_to_security_class (mode_t m)
   errno = EINVAL;
   return 0;
 }
+# endif
 
 /*
   This function takes a PATH and a MODE and then asks SELinux what the label
@@ -108,7 +112,7 @@ defaultcon (char const *path, mode_t mode)
 {
   int rc = -1;
   security_context_t scon = NULL, tcon = NULL;
-  context_t scontext = NULL, tcontext = NULL;
+  context_t scontext = 0, tcontext = 0;
   const char *contype;
   char *constr;
   char *newpath = NULL;
@@ -179,7 +183,7 @@ restorecon_private (char const *path, bool local)
   int rc = -1;
   struct stat sb;
   security_context_t scon = NULL, tcon = NULL;
-  context_t scontext = NULL, tcontext = NULL;
+  context_t scontext = 0, tcontext = 0;
   const char *contype;
   char *constr;
   int fd;
@@ -328,3 +332,4 @@ restorecon (char const *path, bool recurse, bool local)
   free (newpath);
   return ok;
 }
+#endif
-- 
cgit v1.2.3-54-g00ecf