[Pkg-shadow-devel] Bug#941005: Bug#941005: shadow uses obsolete SELinux API

Serge E. Hallyn serge at hallyn.com
Tue Sep 24 03:09:47 BST 2019


Thanks.  If you feel so inclined, please feel free to file an issue for it
at github.com/shadow-maint/shadow.  I'll aim to fix this in the next week
or two.  (A lot of travel coming up)

On Mon, Sep 23, 2019 at 01:16:10PM +0200, Laurent Bigonville wrote:
> Source: shadow
> Version: 1:4.7-2
> Severity: normal
> User: selinux-devel at lists.alioth.debian.org
> Usertags: selinux
> 
> Hello,
> 
> It seems that the shadow source package is using obsolete SELinux API,
> for example:
> 
> In file included from passwd.c:46:
> /usr/include/selinux/flask.h:5:2: warning: #warning "Please remove any #include's of this header in your source code." [-Wcpp]
>  #warning "Please remove any #include's of this header in your source code."
>   ^~~~~~~
> /usr/include/selinux/flask.h:6:2: warning: #warning "Instead, use string_to_security_class() to map the class name to a value." [-Wcpp]
>  #warning "Instead, use string_to_security_class() to map the class name to a value."
>   ^~~~~~~
> In file included from passwd.c:47:
> /usr/include/selinux/av_permissions.h:1:2: warning: #warning "Please remove any #include of this header in your source code." [-Wcpp]
>  #warning "Please remove any #include of this header in your source code."
>   ^~~~~~~
> /usr/include/selinux/av_permissions.h:2:2: warning: #warning "Instead, use string_to_av_perm() to map the permission name to a value." [-Wcpp]
>  #warning "Instead, use string_to_av_perm() to map the permission name to a value."
> 
> That should be fixed as it could lead to security issues (or at least
> weakened security) for people using SELinux
> 
> Kind regards,
> 
> Laurent Bigonville
> 
> -- System Information:
> Debian Release: bullseye/sid
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores)
> Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> _______________________________________________
> Pkg-shadow-devel mailing list
> Pkg-shadow-devel at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel



More information about the Pkg-shadow-devel mailing list