On Fri, Feb 28, 2020 at 2:17 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > On Thu, Feb 27, 2020 at 11:47 PM <bill.c.roberts@xxxxxxxxx> wrote: > > From: William Roberts <william.c.roberts@xxxxxxxxx> > > > > Fix below compilation issue: > > direct_api.c: In function ‘semanage_direct_commit’: > > direct_api.c:1466:13: error: implicit declaration of function ‘sepol_policydb_optimize’; did you mean ‘sepol_policydb_to_image’? [-Werror=implicit-function-declaration] > > retval = sepol_policydb_optimize(out); > > It is probably a good idea to include it explicitly, but it is already > included indirectly via <sepol/module.h>, so I'm not sure how you got > the above error. Maybe your build flags weren't set properly and the > compiler was including older system headers instead of the local ones? AFAIK, the userspace selinux builds, it always pulls the system headers and libraries unless you configure your build system otherwise. It looks like an issue with an older system installed sepol, I updated sepol and the issue went away. This bug appears if you have libsepol versions < 3.0 installed, and then build libsemanage from tip of tree. It appears that the routine sepol_policydb_optimize was brought in version libsepol-3.0, so libsemanage has a hard dependency on libsepol >= 3.0 Since libsemanage is already querying pkgconfig, perhaps we should run pkgconfig --modversion libsepol and verify the version is greater than or equal to 3.0 so we can give a better error message? Not sure why adding this patch got libsemanage to build and link though.... > > (BTW, there is a typo in the subject line - 'libsemange' is missing an 'a'.) > > > > > Signed-off-by: William Roberts <william.c.roberts@xxxxxxxxx> > > --- > > libsemanage/src/direct_api.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c > > index 1088a0ac6165..92f0a17b0156 100644 > > --- a/libsemanage/src/direct_api.c > > +++ b/libsemanage/src/direct_api.c > > @@ -23,6 +23,7 @@ > > #include <sepol/handle.h> > > #include <sepol/cil/cil.h> > > #include <selinux/selinux.h> > > +#include <sepol/policydb.h> > > > > #include <assert.h> > > #include <fcntl.h> > > -- > > 2.17.1 > > > > -- > Ondrej Mosnacek <omosnace at redhat dot com> > Software Engineer, Security Technologies > Red Hat, Inc. >
