Eric Blake wrote: > On 05/28/2014 01:54 PM, Jim Fehlig wrote: > >> Commit 292d3f2d fixed the build with libselinux 2.3, but missed >> some suggestions by eblake >> >> https://www.redhat.com/archives/libvir-list/2014-May/msg00977.html >> >> This patch changes the macro introduced in 292d3f2d to either be >> empty in the case of newer libselinux, or contain 'const' in the >> case of older libselinux. The macro is then used directly in >> tests/securityselinuxhelper.c. >> --- >> m4/virt-selinux.m4 | 7 +++++-- >> tests/securityselinuxhelper.c | 24 ++++-------------------- >> 2 files changed, 9 insertions(+), 22 deletions(-) >> >> diff --git a/m4/virt-selinux.m4 b/m4/virt-selinux.m4 >> index 1d899d5..a6f89ba 100644 >> --- a/m4/virt-selinux.m4 >> +++ b/m4/virt-selinux.m4 >> @@ -39,8 +39,11 @@ int setcon(const security_context_t context); >> [gt_cv_setcon_param='security_context_t'], >> [gt_cv_setcon_param='const char*'])]) >> if test "$gt_cv_setcon_param" = 'const char*'; then >> - AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1, >> - [SELinux uses newer char * for security context]) >> + AC_DEFINE([VIR_SELINUX_CTX_CONST], [const], >> + [SELinux uses newer const char * for security context]) >> + else >> + AC_DEFINE([VIR_SELINUX_CTX_CONST], [], >> + [SELinux uses newer const char * for security context]) >> fi >> > > That feels complex to have two competing AC_DEFINE. By using a single > AC_DEFINE_UNQUOTED and judicious contents of the _cv_ shell variable, > you can get by with one. Oh, and while we are at it, we should be using > the libvirt prefix of lv_, not the gettext prefix of gt_. > > >> -#ifdef SELINUX_CTX_CHAR_PTR >> -int setcon_raw(const char *context) >> -#else >> -int setcon_raw(security_context_t context) >> > > [Note that setcon_raw(security_context_t context) and setcon_raw(const > security_context_t context) are compatible; the compiler treats 'const > typedef_to_pointer' the same as 'type *const' (a pointer that can't be > changed once initialized, but whose contents can be altered at will) and > NOT as 'const type *' (a pointer that can be changed at will, but where > the contents of the current pointer value cannot be changed). That's > probably why newer libselinux ditched the typedef and went with a > verbatim 'const char *', even though it was not compile-time > back-compatible.] > > >> -#endif >> +int setcon_raw(VIR_SELINUX_CTX_CONST char *context) >> > > So it actually works for libselinx 2.3 (I'm assuming your testing > covered it) and 2.2 (I tested that). Okay, it is indeed nicer. ACK > with this squashed in, if it still passes for you: > Still passes my tests, which include libselinux 2.1, 2.2, and 2.3. Pushed now. Thanks for the help! Regards, Jim -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list