kloczek
commented
4 years ago Is it possible to make new release soon?
Open kloczek opened 5 years ago
kloczek
commented
4 years ago Is it possible to make new release soon?
stephensmalley
commented
4 years ago Despite the fixes tag, that PR does not fix this specific issue (using testsuite with shared libsemanage); it merely eliminates the hidden_def/hidden_proto stuff from libselinux.
kloczek
commented
4 years ago Looks like actually all those changes are for libselinux and not for libsemanage.
https://github.com/SELinuxProject/selinux/blob/master/libsemanage/src/libsemanage.map still contains regexp which is causing the issue on using LTO. Is this why you are still keeping that ticket open?
kloczek
commented
4 years ago No sorry I was wrong. Looks like it has been fixed but that fix was not properly connected with this ticket :P
BTW: do you have any plans to separate each SELinux component into sepated repos? It it really pain in a*s extracting patche from whole tree which should be applied to only single component :/
kloczek
commented
4 years ago So I've extracted four necessary patches and on top of that I'm using fedora Fix-RESOURCE_LEAK-and-USE_AFTER_FREE-cov patch and mine two for disable using statsic libraries and to switch use secilc in test suite and it does not work. Test suite is failin and on using taht library with usermode I see that produced libsemanage DSO does not provide some symbols:
$ usermod
usermod: symbol lookup error: usermod: undefined symbol: semanage_seuser_key_create, version LIBSEMANAGE_1.0Here is full build log with fetching SELInux patches end executing test suite in rpm %check. Build is with use LTO.
kloczek
commented
4 years ago Nope .. sorry above is without LTO. Despite that it fails.
kloczek
commented
4 years ago Here it is with LTO (but result is the same):
stephensmalley
commented
4 years ago AFAIK, nothing has changed to decouple the unit tests from the static library. That's separate and independent of enabling LTO. I'm a little unclear on your usermod error since that symbol appears to be in the .map file and present in my own builds. There is a 3.1-rc1 release candidate at https://github.com/SELinuxProject/selinux/releases/tag/20200518 but again this does not include any change that would allow building/running the current libsemanage unit tests without the static library. There are other tests e.g. the ones over in python/semanage or policycoreutils/semodule and elsewhere that exercise the shared libsemanage.
kloczek
commented
4 years ago OK so despite statis libraries I can confirm that 3.1 rc-1 with LTO looks like libsemanage is now OK :)
PS: I really don't like current versionimng and git tagging convention because it causes some complication on packaging layer. What abouit use instead 3.1-rc1 use something like 3.0.99 and so on (many projects is using that type versiomning for devel/beta/rc/non-stable releases).
kloczek
commented
2 years ago Just back to try to build libsemanage using only shared libraries and here is my current patch which allows build libsemanage but sill fails in test siuite
--- a/libsemanage/src/Makefile~ 2019-03-15 10:32:30.000000000 +0000
+++ b/libsemanage/src/Makefile 2019-07-13 19:43:11.810422982 +0100
@@ -65,7 +65,7 @@
SWIGRUBY = swig -Wall -ruby -o $(SWIGRUBYCOUT) -outdir ./
-all: $(LIBA) $(LIBSO) $(LIBPC)
+all: $(LIBSO) $(LIBPC)
pywrap: all $(SWIGSO)
@@ -134,7 +134,6 @@
install: all
test -d $(DESTDIR)$(LIBDIR) || install -m 755 -d $(DESTDIR)$(LIBDIR)
- install -m 644 $(LIBA) $(DESTDIR)$(LIBDIR)
install -m 755 $(LIBSO) $(DESTDIR)$(LIBDIR)
test -d $(DESTDIR)$(LIBDIR)/pkgconfig || install -m 755 -d $(DESTDIR)$(LIBDIR)/pkgconfig
install -m 644 $(LIBPC) $(DESTDIR)$(LIBDIR)/pkgconfig
@@ -155,7 +154,7 @@
/sbin/restorecon $(DESTDIR)$(LIBDIR)/$(LIBSO)
clean:
- -rm -f $(LIBPC) $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(SWIGRUBYSO) $(TARGET) conf-parse.c conf-parse.h conf-scan.c *.o *.lo *~
+ -rm -f $(LIBPC) $(OBJS) $(LOBJS) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(SWIGRUBYSO) $(TARGET) conf-parse.c conf-parse.h conf-scan.c *.o *.lo *~
distclean: clean
rm -f $(GENERATED) $(SWIGFILES)
--- a/libsemanage/tests/Makefile~ 2019-11-28 12:46:48.000000000 +0000
+++ b/libsemanage/tests/Makefile 2020-02-22 21:50:19.645095244 +0000
@@ -14,7 +14,7 @@
all: $(EXECUTABLE) $(POLICIES)
-$(EXECUTABLE): $(OBJECTS) ../src/libsemanage.a
+$(EXECUTABLE): $(OBJECTS) ../src/libsemanage.so
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
%.policy: %.cil
@@ -24,5 +24,5 @@
rm -rf $(OBJECTS) $(POLICIES) $(EXECUTABLE)
test: all
- ./$(EXECUTABLE)
+ LD_LIBRARY_PATH=../srs ./$(EXECUTABLE)Second patch is to use system secil:
--- a/libsemanage/tests/Makefile~ 2020-05-18 15:04:21.000000000 +0100
+++ b/libsemanage/tests/Makefile 2020-05-18 15:06:35.984312988 +0100
@@ -18,7 +18,7 @@
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
%.policy: %.cil
- ../../secilc/secilc $*.cil -o $*.policy -f /dev/null
+ secilc $*.cil -o $*.policy -f /dev/null
clean distclean:
rm -rf $(OBJECTS) $(POLICIES) $(EXECUTABLE)With both patches test suite fails on:
I've been trying to use libsemanage with shared libsemanage because I don't need libsemanage.a and it will be good to fire tests against actual libsemanage used on the system. Looks like it uses symbols not provided by shared libsemanage.