Eric Blake wrote:
On 05/27/2014 10:05 PM, Jim Fehlig wrote:
The attached patch is an attempt to fix recent build failures I've noticed with libselinux 2.3
CC securityselinuxhelper.lo securityselinuxhelper.c:159:5: error: conflicting types for 'setcon_raw' int setcon_raw(security_context_t context) ^
Noticing that security_context_t changed to 'const char *', my first thought was to use AC_CHECK_TYPE to check for security_conext_t, but alas the typedef remains in 2.3 with the comment "No longer used; here for compatibility with legacy callers".
I then pursued the approach in this patch of defining a config var based on 'pkg-config --modversion', which works in a test script, but not in the context of the LIBVIRT_CHECK_SELINUX macro. Probably due to some missed quoting, but I'm reaching the m4 knowledge barrier. Before attempting to bypass that, I'd like to see what others think of this approach. Is there a simpler solution?
So the difference is deciding whether the const is present? It should be possible to write an AC_COMPILE_IF test that passes or fails based on whether you have a compatible redeclaration of the function.
if test "$with_selinux" = "yes"; then + AC_MSG_CHECKING([SELinux version]) + ver=$(pkg-config --modversion libselinux) + major_ver=`echo $ver | awk -F. '{print $1}'` + minor_ver=`echo $ver | awk -F. '{print $2}'` + SELINUX_VER=`expr $major_ver + $minor_ver` + AC_MSG_RESULT([$SELINUX_VER]) + if test $SELINUX_VER -ge 2003; then + AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1, + [SELinux uses char * for security context]) + fi
Eww. Version-check tests are inherently fragile;
Understood. That's why this was my second approach.
we want to do a feature check (does a const char * compile) not a version check. I'll take some time tomorrow to propose an alternative. My idea is to define a new macro VIR_SELINUX_CTX_CONST to either '' or 'const' depending on which version builds,
But I didn't think of that. Much better indeed. Regards, Jim