1 --- pwdutils-3.2.19.orig/lib/public.h 2005-06-22 11:05:53.000000000 +0200
2 +++ pwdutils-3.2.19/lib/public.h 2012-05-26 07:35:09.397451177 +0200
7 -extern int selinux_check_access (const char *__chuser,
8 +extern int pwdu_selinux_check_access (const char *__chuser,
9 unsigned int __selaccess) __attribute_warn_unused_result__;
10 extern int set_default_context (const char *filename,
11 char **prev_context) __attribute_warn_unused_result__;
12 --- pwdutils-3.2.19.orig/lib/selinux_utils.c 2006-11-29 14:19:06.000000000 +0100
13 +++ pwdutils-3.2.19/lib/selinux_utils.c 2012-05-26 07:35:09.397451177 +0200
17 #include <sys/types.h>
18 -#include <selinux/flask.h>
19 #include <selinux/selinux.h>
20 #include <selinux/context.h>
26 -selinux_check_access (const char *chuser, unsigned int selaccess)
27 +pwdu_selinux_check_access (const char *chuser, unsigned int selaccess)
30 - security_context_t user_context;
33 if (getprevcon (&user_context) == 0)
35 @@ -50,7 +49,7 @@ pwdu_selinux_check_access (const char *c
36 struct av_decision avd;
37 int retval = security_compute_av (user_context,
40 + string_to_security_class("passwd"),
44 @@ -67,7 +66,7 @@ pwdu_selinux_check_access (const char *c
46 set_default_context (const char *filename, char **prev_context)
48 - security_context_t scontext = NULL;
49 + char *scontext = NULL;
51 if (is_selinux_enabled () <= 0)
53 @@ -105,7 +104,7 @@ set_default_context (const char *filenam
57 -restore_default_context (security_context_t prev_context)
58 +restore_default_context (char *prev_context)
62 --- pwdutils-3.2.19.orig/src/chfn.c 2006-11-29 14:19:39.000000000 +0100
63 +++ pwdutils-3.2.19/src/chfn.c 2012-05-26 07:35:09.394117844 +0200
67 #include <selinux/selinux.h>
68 -#include <selinux/av_permissions.h>
72 @@ -578,12 +577,12 @@ main (int argc, char *argv[])
73 if (is_selinux_enabled () > 0)
76 - (selinux_check_access (pw_data->pw.pw_name, PASSWD__CHFN) != 0))
77 + (pwdu_selinux_check_access (pw_data->pw.pw_name, string_to_av_perm(string_to_security_class("passwd"), "chfn")) != 0))
79 - security_context_t user_context;
81 if (getprevcon (&user_context) < 0)
83 - (security_context_t) strdup (_("Unknown user context"));
84 + strdup (_("Unknown user context"));
86 _("%s: %s is not authorized to change the finger information for %s.\n"),
87 program, user_context, locale_name);
88 --- pwdutils-3.2.19.orig/src/chsh.c 2006-11-29 14:19:43.000000000 +0100
89 +++ pwdutils-3.2.19/src/chsh.c 2012-05-26 07:35:09.397451177 +0200
93 #include <selinux/selinux.h>
94 -#include <selinux/av_permissions.h>
98 @@ -443,12 +442,12 @@ main (int argc, char *argv[])
99 if (is_selinux_enabled () > 0)
102 - (selinux_check_access (pw_data->pw.pw_name, PASSWD__CHSH) != 0))
103 + (pwdu_selinux_check_access (pw_data->pw.pw_name, string_to_av_perm(string_to_security_class("passwd"), "chsh")) != 0))
105 - security_context_t user_context;
106 + char *user_context;
107 if (getprevcon (&user_context) < 0)
109 - (security_context_t) strdup (_("Unknown user context"));
110 + strdup (_("Unknown user context"));
112 _("%s: %s is not authorized to change the shell of `%s'.\n"),
113 program, user_context, locale_name);
114 --- pwdutils-3.2.19.orig/src/passwd.c 2012-05-08 14:12:35.000000000 +0200
115 +++ pwdutils-3.2.19/src/passwd.c 2012-05-26 07:35:09.390784511 +0200
117 #include <security/pam_misc.h>
119 #include <selinux/selinux.h>
120 -#include <selinux/av_permissions.h>
122 #ifdef HAVE_LIBNSCD_H
124 @@ -704,12 +703,12 @@ passwd_main (const char *program, int ar
125 if (is_selinux_enabled () > 0)
128 - (selinux_check_access (pw->pw_name, PASSWD__PASSWD) != 0))
129 + (pwdu_selinux_check_access (pw->pw_name, string_to_av_perm(string_to_security_class("passwd"), "passwd")) != 0))
131 - security_context_t user_context;
132 + char *user_context;
133 if (getprevcon (&user_context) < 0)
135 - (security_context_t) strdup (_("Unknown user context"));
136 + strdup (_("Unknown user context"));
139 _("%s: %s is not authorized to change the password of %s\n"),