Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libselinux: add build time option to drop hard dependency on libpcre2 #431

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

libselinux: add build time option to drop hard dependency on libpcre2 #431

wants to merge 4 commits into from

Commits on Apr 4, 2024

  1. libselinux: constify regex interfaces 

    Declare the read-only arguments for comparison and writing const.

Signed-off-by: Christian Göttsche <[email protected]>
    @cgzones
    cgzones committed Apr 4, 2024
    Configuration menu
    Copy the full SHA
    b8530c6 View commit details
    Browse the repository at this point in the history

  2. libselinux: hide regex_data_create() 

    The function regex_data_create() is only used inside of regex.c, thus do
not expose it in the header file regex.h.

Signed-off-by: Christian Göttsche <[email protected]>
    @cgzones
    cgzones committed Apr 4, 2024
    Configuration menu
    Copy the full SHA
    8647894 View commit details
    Browse the repository at this point in the history

  3. github: bump python and ruby versions 

    Bump the maximum python version to 3.12 and the maximum ruby version to
3.3 in the GitHub CI.

Also bump the setup-python action to v5.

Signed-off-by: Christian Göttsche <[email protected]>
    @cgzones
    cgzones committed Apr 4, 2024
    Configuration menu
    Copy the full SHA
    ca15903 View commit details
    Browse the repository at this point in the history

  4. libselinux: add build time option to drop hard dependency on libpcre2 

    Currently libselinux links to libpcre2.  The regex library is used in
the file backend of the selabel database for file context path matching.

Some client applications using libselinux might not use that selabel
functionality, but they still require to load libpcre2.  Examples are
dbus-broker and sshd (where openssh only uses the selabel interfaces to
create ~/.ssh with the default context).

Add a build time option, USE_PCRE2_DLSYM, to drop the hard dependency on
libpcre2 and only load it, if actually needed, at runtime via dlopen(3).
Since loading the database for the file backend takes a couple of
milliseconds performance is not a concern.

Signed-off-by: Christian Göttsche <[email protected]>
    @cgzones
    cgzones committed Apr 4, 2024
    Configuration menu
    Copy the full SHA
    8731a53 View commit details
    Browse the repository at this point in the history