Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

libselinux: add build time option to drop hard dependency on libpcre2 #431

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from

Conversation

cgzones
Copy link
Contributor

@cgzones cgzones commented Apr 4, 2024

Currently libselinux links to libpcre2. The regex library is used in
the file backend of the selabel database for file context path matching.

Some client applications using libselinux might not use that selabel
functionality, but they still require to load libpcre2. Examples are
dbus-broker and sshd (where openssh only uses the selabel interfaces to
create ~/.ssh with the default context).

Add a build time option, USE_PCRE2_DLSYM, to drop the hard dependency on
libpcre2 and only load it, if actually needed, at runtime via dlopen(3).
Since loading the database for the file backend takes a couple of
milliseconds performance is not a concern.

cgzones added 4 commits April 4, 2024 17:59
Declare the read-only arguments for comparison and writing const.

Signed-off-by: Christian Göttsche <[email protected]>
The function regex_data_create() is only used inside of regex.c, thus do
not expose it in the header file regex.h.

Signed-off-by: Christian Göttsche <[email protected]>
Bump the maximum python version to 3.12 and the maximum ruby version to
3.3 in the GitHub CI.

Also bump the setup-python action to v5.

Signed-off-by: Christian Göttsche <[email protected]>
Currently libselinux links to libpcre2.  The regex library is used in
the file backend of the selabel database for file context path matching.

Some client applications using libselinux might not use that selabel
functionality, but they still require to load libpcre2.  Examples are
dbus-broker and sshd (where openssh only uses the selabel interfaces to
create ~/.ssh with the default context).

Add a build time option, USE_PCRE2_DLSYM, to drop the hard dependency on
libpcre2 and only load it, if actually needed, at runtime via dlopen(3).
Since loading the database for the file backend takes a couple of
milliseconds performance is not a concern.

Signed-off-by: Christian Göttsche <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant