selinux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: William Roberts <bill.c.roberts@gmail.com>
To: Ondrej Mosnacek <omosnace@redhat.com>
Cc: SElinux list <selinux@vger.kernel.org>,
	William Roberts <william.c.roberts@intel.com>
Subject: Re: [PATCH] libsemange: add missing header sepol/policydb.h
Date: Fri, 28 Feb 2020 06:43:34 -0600	[thread overview]
Message-ID: <CAFftDdr0uCE106AYCgs27nubTntevz40WiFzMr7rn4sFrdWazQ@mail.gmail.com> (raw)
In-Reply-To: <CAFqZXNv4g8fdreQgSqrEumjPVYhT5btjiMcSYezZm7LaEJRW_A@mail.gmail.com>

On Fri, Feb 28, 2020 at 2:17 AM Ondrej Mosnacek <omosnace@redhat.com> wrote:
>
> On Thu, Feb 27, 2020 at 11:47 PM <bill.c.roberts@gmail.com> wrote:
> > From: William Roberts <william.c.roberts@intel.com>
> >
> > Fix below compilation issue:
> > direct_api.c: In function ‘semanage_direct_commit’:
> > direct_api.c:1466:13: error: implicit declaration of function ‘sepol_policydb_optimize’; did you mean ‘sepol_policydb_to_image’? [-Werror=implicit-function-declaration]
> >     retval = sepol_policydb_optimize(out);
>
> It is probably a good idea to include it explicitly, but it is already
> included indirectly via <sepol/module.h>, so I'm not sure how you got
> the above error. Maybe your build flags weren't set properly and the
> compiler was including older system headers instead of the local ones?

AFAIK, the userspace selinux builds, it always pulls the system
headers and libraries unless you configure your build system
otherwise.

It looks like an issue with an older system installed sepol, I updated
sepol and the issue went away.

This bug appears if you have libsepol versions < 3.0 installed, and
then build libsemanage from tip of tree.

It appears that the routine sepol_policydb_optimize was brought in
version libsepol-3.0, so libsemanage has a hard dependency on libsepol
>= 3.0

Since libsemanage is already querying pkgconfig, perhaps we should run
pkgconfig --modversion libsepol and verify the version is
greater than or equal to 3.0 so we can give a better error message?

Not sure why adding this patch got libsemanage to build and link though....

>
> (BTW, there is a typo in the subject line - 'libsemange' is missing an 'a'.)
>
> >
> > Signed-off-by: William Roberts <william.c.roberts@intel.com>
> > ---
> >  libsemanage/src/direct_api.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
> > index 1088a0ac6165..92f0a17b0156 100644
> > --- a/libsemanage/src/direct_api.c
> > +++ b/libsemanage/src/direct_api.c
> > @@ -23,6 +23,7 @@
> >  #include <sepol/handle.h>
> >  #include <sepol/cil/cil.h>
> >  #include <selinux/selinux.h>
> > +#include <sepol/policydb.h>
> >
> >  #include <assert.h>
> >  #include <fcntl.h>
> > --
> > 2.17.1
> >
>
> --
> Ondrej Mosnacek <omosnace at redhat dot com>
> Software Engineer, Security Technologies
> Red Hat, Inc.
>

  reply	other threads:[~2020-02-28 12:43 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-27 22:47 [PATCH] libsemange: add missing header sepol/policydb.h bill.c.roberts
2020-02-28  8:17 ` Ondrej Mosnacek
2020-02-28 12:43   ` William Roberts [this message]
2020-02-28 13:32     ` [PATCH] libsemanage: check libsepol version bill.c.roberts
2020-03-01 19:24       ` Nicolas Iooss
2020-03-01 19:53         ` William Roberts
2020-03-01 20:21           ` Nicolas Iooss
2020-03-01 20:33             ` William Roberts
     [not found]               ` <CAJfZ7=kocVtoWs2fo8JkH+7FicnORGGVQEH51tG95u2nGoaPTw@mail.gmail.com>
     [not found]                 ` <CAFftDdpkV9furWPR1VzuSV6ew93+Rij3bF7gw2Lup9aa8VMrSw@mail.gmail.com>
2020-03-01 21:43                   ` Nicolas Iooss
2020-03-01 22:19                     ` William Roberts
2020-03-02 15:24                     ` Stephen Smalley
2020-03-02 15:32                       ` William Roberts

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAFftDdr0uCE106AYCgs27nubTntevz40WiFzMr7rn4sFrdWazQ@mail.gmail.com \
    --to=bill.c.roberts@gmail.com \
    --cc=omosnace@redhat.com \
    --cc=selinux@vger.kernel.org \
    --cc=william.c.roberts@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).