From 2fb6e0cf79df2056e9750e29669c4633555e74b8 Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Tue, 15 Oct 2024 06:24:53 +0000 Subject: automatic import of glibc --- ...nings-due-to-deprecated-libselinux-symbol.patch | 104 +++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 Disable-warnings-due-to-deprecated-libselinux-symbol.patch (limited to 'Disable-warnings-due-to-deprecated-libselinux-symbol.patch') diff --git a/Disable-warnings-due-to-deprecated-libselinux-symbol.patch b/Disable-warnings-due-to-deprecated-libselinux-symbol.patch new file mode 100644 index 0000000..25e6d57 --- /dev/null +++ b/Disable-warnings-due-to-deprecated-libselinux-symbol.patch @@ -0,0 +1,104 @@ +From 04726be814c6fd6d9cf974e15d684dd3ac1a180e Mon Sep 17 00:00:00 2001 +From: Arjun Shankar +Date: Thu, 23 Jul 2020 12:20:38 +0200 +Subject: [PATCH] Disable warnings due to deprecated libselinux symbols used by + nss and nscd + +The SELinux API deprecated several symbols in its 3.1 release, including +security_context_t, matchpathcon, avc_init, and sidput, which are used in +makedb and nscd. While the usage of these should eventually be replaced by +newer interfaces, this commit disables GCC warnings due to the use of the +above symbols. + +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell +--- + nscd/selinux.c | 15 +++++++++++++++ + nss/makedb.c | 9 +++++++++ + 2 files changed, 24 insertions(+) + +diff --git a/nscd/selinux.c b/nscd/selinux.c +index a4ea8008e2..1ebf924826 100644 +--- a/nscd/selinux.c ++++ b/nscd/selinux.c +@@ -33,6 +33,7 @@ + #ifdef HAVE_LIBAUDIT + # include + #endif ++#include + + #include "dbg_log.h" + #include "selinux.h" +@@ -320,6 +321,12 @@ avc_free_lock (void *lock) + } + + ++/* avc_init (along with several other symbols) was marked as deprecated by the ++ SELinux API starting from version 3.1. We use it here, but should ++ eventually switch to the newer API. */ ++DIAG_PUSH_NEEDS_COMMENT ++DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); ++ + /* Initialize the user space access vector cache (AVC) for NSCD along with + log/thread/lock callbacks. */ + void +@@ -335,7 +342,14 @@ nscd_avc_init (void) + audit_init (); + #endif + } ++DIAG_POP_NEEDS_COMMENT ++ + ++/* security_context_t and sidput (along with several other symbols) were marked ++ as deprecated by the SELinux API starting from version 3.1. We use them ++ here, but should eventually switch to the newer API. */ ++DIAG_PUSH_NEEDS_COMMENT ++DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); + + /* Check the permission from the caller (via getpeercon) to nscd. + Returns 0 if access is allowed, 1 if denied, and -1 on error. +@@ -422,6 +436,7 @@ out: + + return rc; + } ++DIAG_POP_NEEDS_COMMENT + + + /* Wrapper to get AVC statistics. */ +diff --git a/nss/makedb.c b/nss/makedb.c +index 8e389a1683..8e1e8ec9ad 100644 +--- a/nss/makedb.c ++++ b/nss/makedb.c +@@ -38,6 +38,7 @@ + #include + #include + #include "nss_db/nss_db.h" ++#include + + /* Get libc version number. */ + #include "../version.h" +@@ -841,6 +842,13 @@ print_database (int fd) + + + #ifdef HAVE_SELINUX ++ ++/* security_context_t and matchpathcon (along with several other symbols) were ++ marked as deprecated by the SELinux API starting from version 3.1. We use ++ them here, but should eventually switch to the newer API. */ ++DIAG_PUSH_NEEDS_COMMENT ++DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); ++ + static void + set_file_creation_context (const char *outname, mode_t mode) + { +@@ -870,6 +878,7 @@ set_file_creation_context (const char *outname, mode_t mode) + freecon (ctx); + } + } ++DIAG_POP_NEEDS_COMMENT + + static void + reset_file_creation_context (void) +-- +2.23.0 + -- cgit v1.2.3