diff options
| -rw-r--r-- | nscd/selinux.c | 15 | ||||
| -rw-r--r-- | nss/makedb.c | 9 |
2 files changed, 24 insertions, 0 deletions
diff --git a/nscd/selinux.c b/nscd/selinux.c index a4ea8008e2..1ebf924826 100644 --- a/nscd/selinux.c +++ b/nscd/selinux.c @@ -33,6 +33,7 @@ #ifdef HAVE_LIBAUDIT # include <libaudit.h> #endif +#include <libc-diag.h> #include "dbg_log.h" #include "selinux.h" @@ -320,6 +321,12 @@ avc_free_lock (void *lock) } +/* avc_init (along with several other symbols) was marked as deprecated by the + SELinux API starting from version 3.1. We use it here, but should + eventually switch to the newer API. */ +DIAG_PUSH_NEEDS_COMMENT +DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); + /* Initialize the user space access vector cache (AVC) for NSCD along with log/thread/lock callbacks. */ void @@ -335,7 +342,14 @@ nscd_avc_init (void) audit_init (); #endif } +DIAG_POP_NEEDS_COMMENT + +/* security_context_t and sidput (along with several other symbols) were marked + as deprecated by the SELinux API starting from version 3.1. We use them + here, but should eventually switch to the newer API. */ +DIAG_PUSH_NEEDS_COMMENT +DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); /* Check the permission from the caller (via getpeercon) to nscd. Returns 0 if access is allowed, 1 if denied, and -1 on error. @@ -422,6 +436,7 @@ out: return rc; } +DIAG_POP_NEEDS_COMMENT /* Wrapper to get AVC statistics. */ diff --git a/nss/makedb.c b/nss/makedb.c index 8e389a1683..8e1e8ec9ad 100644 --- a/nss/makedb.c +++ b/nss/makedb.c @@ -38,6 +38,7 @@ #include <sys/stat.h> #include <sys/uio.h> #include "nss_db/nss_db.h" +#include <libc-diag.h> /* Get libc version number. */ #include "../version.h" @@ -841,6 +842,13 @@ print_database (int fd) #ifdef HAVE_SELINUX + +/* security_context_t and matchpathcon (along with several other symbols) were + marked as deprecated by the SELinux API starting from version 3.1. We use + them here, but should eventually switch to the newer API. */ +DIAG_PUSH_NEEDS_COMMENT +DIAG_IGNORE_NEEDS_COMMENT (10, "-Wdeprecated-declarations"); + static void set_file_creation_context (const char *outname, mode_t mode) { @@ -870,6 +878,7 @@ set_file_creation_context (const char *outname, mode_t mode) freecon (ctx); } } +DIAG_POP_NEEDS_COMMENT static void reset_file_creation_context (void) |