!106 rpm selinux plugin check context file exist

From: @HuaxinLuGitee Reviewed-by: @overweight Signed-off-by: @overweight
2021-12-06 01:23:38 +00:00 · 2021-12-06 01:23:38 +00:00 · 2a79300d10
commit 2a79300d10
parent 1999e4b751 7138bd335b
2 changed files with 34 additions and 1 deletions
--- a/rpm-selinux-plugin-check-context-file-exist.patch
+++ b/rpm-selinux-plugin-check-context-file-exist.patch
@ -0,0 +1,26 @@
+From 55708fd5822a3e4bf5537002a648f32cb0a6e07e Mon Sep 17 00:00:00 2001
+From: luhuaxin <1539327763@qq.com>
+Date: Tue, 26 Oct 2021 18:39:46 +0800
+Subject: [PATCH] rpm selinux plugin check context file exist
+
+---
+ plugins/selinux.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/selinux.c b/plugins/selinux.c
+index 1254517..fb8b7a2 100644
+--- a/plugins/selinux.c
+++ b/plugins/selinux.c
+@@ -63,7 +63,8 @@ static rpmRC selinux_tsm_pre(rpmPlugin plugin, rpmts ts)
+     rpmRC rc = RPMRC_OK;
+ 
+     /* If SELinux isn't enabled on the system, dont mess with it */
+-    if (!is_selinux_enabled()) {
+    if (!is_selinux_enabled() || selinux_file_context_path() == NULL ||
+        access(selinux_file_context_path(), F_OK)) {
+ 	rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
+     }
+ 
+-- 
+2.23.0
+
--- a/rpm.spec
+++ b/rpm.spec
@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.15.1
-Release:       31
+Release:       32
 Summary:       RPM Package Manager
 License:       GPLv2+
 URL:           http://www.rpm.org/
@ -59,6 +59,7 @@ Patch48: backport-Do-not-allow-extra-packets-to-follow-a-signature.patch
 Patch49: backport-0001-CVE-2021-3521.patch
 Patch50: backport-0002-CVE-2021-3521.patch
 Patch51: backport-0003-CVE-2021-3521.patch
+Patch52: rpm-selinux-plugin-check-context-file-exist.patch

 BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel libdb-devel 
 BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel
@ -321,6 +322,12 @@ make check || (cat tests/rpmtests.log; exit 0)
 %{_mandir}/man1/gendiff.1*

 %changelog
+* Fri Dec 3 2021 luhuaxin<1539327763@qq.com> - 4.15.1-32
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:rpm selinux plugin check context file exist
+
 * Wed Nov 03 2021 tianwei <tianwei12@huawei.com> - 4.15.1-31
 - Type:cve
 - ID:NA