Re: [libvirt] [PATCH RFC] build: fix build with libselinux 2.3

On 05/27/2014 10:05 PM, Jim Fehlig wrote: > The attached patch is an attempt to fix recent build failures I've > noticed with libselinux 2.3 > > CC securityselinuxhelper.lo > securityselinuxhelper.c:159:5: error: conflicting types for 'setcon_raw' > int setcon_raw(security_context_t context) > ^ > > Noticing that security_context_t changed to 'const char *', my first > thought was to use AC_CHECK_TYPE to check for security_conext_t, but > alas the typedef remains in 2.3 with the comment "No longer used; here > for compatibility with legacy callers". > > I then pursued the approach in this patch of defining a config var based > on 'pkg-config --modversion', which works in a test script, but not in > the context of the LIBVIRT_CHECK_SELINUX macro. Probably due to some > missed quoting, but I'm reaching the m4 knowledge barrier. Before > attempting to bypass that, I'd like to see what others think of this > approach. Is there a simpler solution? > So the difference is deciding whether the const is present? It should be possible to write an AC_COMPILE_IF test that passes or fails based on whether you have a compatible redeclaration of the function. > if test "$with_selinux" = "yes"; then > + AC_MSG_CHECKING([SELinux version]) > + ver=$(pkg-config --modversion libselinux) > + major_ver=`echo $ver | awk -F. '{print $1}'` > + minor_ver=`echo $ver | awk -F. '{print $2}'` > + SELINUX_VER=`expr $major_ver + $minor_ver` > + AC_MSG_RESULT([$SELINUX_VER]) > + if test $SELINUX_VER -ge 2003; then > + AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1, > + [SELinux uses char * for security context]) > + fi > Eww. Version-check tests are inherently fragile;

we want to do a feature check (does a const char * compile) not a version check. I'll take some time tomorrow to propose an alternative. My idea is to define a new macro VIR_SELINUX_CTX_CONST to either '' or 'const' depending on which version builds,