Re: [PATCH] SELinux support

[Karel Klic]

Hi Glenn,

On 03/18/2010 01:10 AM, Glenn Morris wrote:
> I tried it on a (virtual) Fedora 12 installation, and it doesn't seem
> to work. file-selinux-context always returns nil. (Disclaimer: I know
> nothing about SELinux.)
>
> /usr/sbin/getenforce       ->  Enforcing
>
> checking for libselinux... yes
> checking LIBSELINUX_LIBS... -lselinux
>    Does Emacs use -lselinux?                    yes
>
> ldd emacs | grep selinux      ->  libselinux.so.1 =>  /lib64/libselinux.so.1
>
> ls -l --context /etc/printcap
> -rw-r--r--. root root system_u:object_r:cupsd_rw_etc_t:s0 /etc/printcap
>
> (file-selinux-context "/etc/printcap")      ->  (nil nil nil nil)


That is strange, it works well here on Fedora 12. The only difference is 
in i686 / x86_64 architecture. I'll try x86_64 tomorrow.

I just modified emacs-1-selinux-config.patch (attached) to apply cleanly 
on the most recent bzr.

Here is my story:

$ getenforce
Enforcing
$ bzr clone http://bzr.savannah.gnu.org/r/emacs/trunk/ emacs-bzr-cur
$ cd emacs-bzr-cur
$ patch -p1 -b -z .selinux-config <emacs-1-selinux-config.patch
$ patch -p1 -b -z .selinux-get-set-context-fun 
<emacs-2-selinux-get-set-context-fun.patch
$ patch -p1 -b -z .selinux-backups-on-save 
<emacs-3-selinux-backups-on-save.patch
$ autoreconf
$ ./configure
  Does Emacs use -lselinux?                               yes
$ make
$ cd src
$ ldd ./emacs | grep selinux
        libselinux.so.1 => /lib/libselinux.so.1 (0x0061e000)
$ ./emacs --batch --eval "(prin1 (file-selinux-context \"/etc/printcap\"))"
("system_u" "object_r" "cupsd_rw_etc_t" "s0")

Karel

emacs-1-selinux-config.patch
Description: Text Data