* SELinux userspace does not build on Fedora 44
@ 2026-05-07 1:38 Kalevi Kolttonen
2026-05-07 9:33 ` Petr Lautrbach
0 siblings, 1 reply; 3+ messages in thread
From: Kalevi Kolttonen @ 2026-05-07 1:38 UTC (permalink / raw)
To: selinux-list
Hello!
I have problems compiling SELinux userspace on Fedora 44.
I mean the main branch. The compiler is:
gcc (GCC) 16.1.1 20260501 (Red Hat 16.1.1-1)
Copyright (C) 2026 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
The first error is:
-------------------------------------------------------------------------------
selinux_config.c: In function ‘selinux_set_policy_root’:
selinux_config.c:284:29: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
284 | char *policy_type = strrchr(path, '/');
| ^~~~~~~
cc1: all warnings being treated as errors
make[2]: *** [Makefile:179: selinux_config.o] Error 1
-------------------------------------------------------------------------------
It can be fixed by this:
-------------------------------------------------------------------------------
--- selinux/libselinux/src/selinux_config.c 2026-05-02 01:09:23.084896619 +0300
+++ selinux-buildaus/libselinux/src/selinux_config.c 2026-05-07 03:52:10.344519900 +0300
@@ -281,7 +281,7 @@
int selinux_set_policy_root(const char *path)
{
int i;
- char *policy_type = strrchr(path, '/');
+ const char *policy_type = strrchr(path, '/');
if (!policy_type) {
errno = EINVAL;
return -1;
-------------------------------------------------------------------------------
The second error is:
-------------------------------------------------------------------------------
direct_api.c: In function ‘semanage_direct_install_file’:
direct_api.c:1781:27: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
1781 | separator = strrchr(filename, '.');
| ^
direct_api.c:1791:19: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
1791 | separator = strrchr(filename, '.');
| ^
cc1: all warnings being treated as errors
make[2]: *** [Makefile:114: direct_api.o] Error 1
-------------------------------------------------------------------------------
It can be fixed by this. Note: I did not add 'const' qualifier to
'separator' because the string is modified in the function.
-------------------------------------------------------------------------------
--- selinux/libsemanage/src/direct_api.c 2026-05-02 01:09:23.095896604 +0300
+++ selinux-buildaus/libsemanage/src/direct_api.c 2026-05-07 04:01:26.969729078 +0300
@@ -1755,7 +1755,7 @@
int retval = -1;
char *path = NULL;
- const char *filename;
+ char *filename;
const char *lang_ext = NULL;
char *module_name = NULL;
char *separator;
-------------------------------------------------------------------------------
The third error is:
-------------------------------------------------------------------------------
semanage_store.c: In function ‘semanage_exec_prog’:
semanage_store.c:1307:16: error: variable ‘a’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
1307 | char **a;
| ^
semanage_store.c:1265:15: error: variable ‘new_s’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
1265 | char *new_s = realloc(s, len + 2);
| ^~~~~
semanage_store.c:1265:15: error: variable ‘new_s’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
cc1: all warnings being treated as errors
make[2]: *** [Makefile:114: semanage_store.o] Error 1
-------------------------------------------------------------------------------
I see a vfork() there I but am unable to determine whether this
error is for real or not. As temporary work-around I added:
-Wno-clobbered
to the Makefile.
-------------------------------------------------------------------------------
The fourth error is:
-------------------------------------------------------------------------------
utilities.c: In function ‘semanage_str_replace’:
utilities.c:248:16: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
248 | for (p = strstr(src, search); p != NULL; p = strstr(p + slen, search)) {
| ^
utilities.c:265:16: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
265 | for (p = strstr(src, search); p != NULL; p = strstr(psrc, search)) {
| ^
utilities.c:265:52: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
265 | for (p = strstr(src, search); p != NULL; p = strstr(psrc, search)) {
| ^
utilities.c: In function ‘semanage_basename’:
utilities.c:358:19: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
358 | char *p = strrchr(filename, '/');
| ^~~~~~~
-------------------------------------------------------------------------------
I did the following to fix:
-------------------------------------------------------------------------------
--- selinux/libsemanage/src/utilities.c 2026-05-02 01:09:23.099896599 +0300
+++ selinux-buildaus/libsemanage/src/utilities.c 2026-05-07 04:24:08.992732849 +0300
@@ -234,7 +234,8 @@
const char *src, size_t lim)
{
size_t count = 0, slen, rlen, newsize;
- char *p, *pres, *result;
+ const char *p;
+ char *pres, *result;
const char *psrc;
slen = strlen(search);
@@ -353,8 +354,8 @@
#ifdef __GNUC__
__attribute__((nonnull))
#endif
-char *semanage_basename(const char *filename)
+const char *semanage_basename(const char *filename)
{
- char *p = strrchr(filename, '/');
- return p ? p + 1 : (char *)filename;
+ const char *p = strrchr(filename, '/');
+ return p ? p + 1 : filename;
}
-------------------------------------------------------------------------------
--- selinux/libsemanage/src/utilities.h 2026-05-02 01:09:23.099896599 +0300
+++ selinux-buildaus/libsemanage/src/utilities.h 2026-05-07 04:25:03.279160082 +0300
@@ -167,6 +167,6 @@
#ifdef __GNUC__
__attribute__((nonnull))
#endif
-char *semanage_basename(const char *filename);
+const char *semanage_basename(const char *filename);
#endif
-------------------------------------------------------------------------------
The fifth error:
-------------------------------------------------------------------------------
secon.c: In function ‘my_getXcon_raw’:
secon.c:365:29: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
365 | char *tmp = strchr(ptr, '\n');
| ^~~~~~
cc1: all warnings being treated as errors
make[2]: *** [<builtin>: secon.o] Error 1
-------------------------------------------------------------------------------
Fix:
-------------------------------------------------------------------------------
--- selinux/policycoreutils/secon/secon.c 2026-05-02 01:09:23.152597184 +0300
+++ selinux-buildaus/policycoreutils/secon/secon.c 2026-05-07 04:30:27.330279405 +0300
@@ -348,7 +348,7 @@
{
char buf[4096];
FILE *fp = NULL;
- const char *ptr = NULL;
+ char *ptr = NULL;
snprintf(buf, sizeof(buf), "%s/%ld/attr/%s", "/proc", (long int)pid,
val);
-------------------------------------------------------------------------------
After these changes, the build completed, but I am not at all
sure whether the fixes are correct.
br,
KK
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SELinux userspace does not build on Fedora 44
2026-05-07 1:38 SELinux userspace does not build on Fedora 44 Kalevi Kolttonen
@ 2026-05-07 9:33 ` Petr Lautrbach
2026-05-07 9:54 ` Kalevi Kolttonen
0 siblings, 1 reply; 3+ messages in thread
From: Petr Lautrbach @ 2026-05-07 9:33 UTC (permalink / raw)
To: Kalevi Kolttonen, selinux-list
Kalevi Kolttonen <kalevi@kolttonen.fi> writes:
> Hello!
>
> I have problems compiling SELinux userspace on Fedora 44.
> I mean the main branch. The compiler is:
>
> gcc (GCC) 16.1.1 20260501 (Red Hat 16.1.1-1)
> Copyright (C) 2026 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>
>
> The first error is:
>
> -------------------------------------------------------------------------------
> selinux_config.c: In function ‘selinux_set_policy_root’:
> selinux_config.c:284:29: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 284 | char *policy_type = strrchr(path, '/');
> | ^~~~~~~
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:179: selinux_config.o] Error 1
> -------------------------------------------------------------------------------
>
> It can be fixed by this:
>
> -------------------------------------------------------------------------------
> --- selinux/libselinux/src/selinux_config.c 2026-05-02 01:09:23.084896619 +0300
> +++ selinux-buildaus/libselinux/src/selinux_config.c 2026-05-07 03:52:10.344519900 +0300
> @@ -281,7 +281,7 @@
> int selinux_set_policy_root(const char *path)
> {
> int i;
> - char *policy_type = strrchr(path, '/');
> + const char *policy_type = strrchr(path, '/');
> if (!policy_type) {
> errno = EINVAL;
> return -1;
> -------------------------------------------------------------------------------
>
> The second error is:
>
> -------------------------------------------------------------------------------
> direct_api.c: In function ‘semanage_direct_install_file’:
> direct_api.c:1781:27: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 1781 | separator = strrchr(filename, '.');
> | ^
> direct_api.c:1791:19: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 1791 | separator = strrchr(filename, '.');
> | ^
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:114: direct_api.o] Error 1
> -------------------------------------------------------------------------------
>
> It can be fixed by this. Note: I did not add 'const' qualifier to
> 'separator' because the string is modified in the function.
>
> -------------------------------------------------------------------------------
> --- selinux/libsemanage/src/direct_api.c 2026-05-02 01:09:23.095896604 +0300
> +++ selinux-buildaus/libsemanage/src/direct_api.c 2026-05-07 04:01:26.969729078 +0300
> @@ -1755,7 +1755,7 @@
>
> int retval = -1;
> char *path = NULL;
> - const char *filename;
> + char *filename;
> const char *lang_ext = NULL;
> char *module_name = NULL;
> char *separator;
> -------------------------------------------------------------------------------
>
> The third error is:
>
> -------------------------------------------------------------------------------
> semanage_store.c: In function ‘semanage_exec_prog’:
> semanage_store.c:1307:16: error: variable ‘a’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
> 1307 | char **a;
> | ^
> semanage_store.c:1265:15: error: variable ‘new_s’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
> 1265 | char *new_s = realloc(s, len + 2);
> | ^~~~~
> semanage_store.c:1265:15: error: variable ‘new_s’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:114: semanage_store.o] Error 1
> -------------------------------------------------------------------------------
>
> I see a vfork() there I but am unable to determine whether this
> error is for real or not. As temporary work-around I added:
>
> -Wno-clobbered
>
> to the Makefile.
>
>
> -------------------------------------------------------------------------------
>
> The fourth error is:
>
> -------------------------------------------------------------------------------
>
> utilities.c: In function ‘semanage_str_replace’:
> utilities.c:248:16: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 248 | for (p = strstr(src, search); p != NULL; p = strstr(p + slen, search)) {
> | ^
> utilities.c:265:16: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 265 | for (p = strstr(src, search); p != NULL; p = strstr(psrc, search)) {
> | ^
> utilities.c:265:52: error: assignment discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 265 | for (p = strstr(src, search); p != NULL; p = strstr(psrc, search)) {
> | ^
> utilities.c: In function ‘semanage_basename’:
> utilities.c:358:19: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 358 | char *p = strrchr(filename, '/');
> | ^~~~~~~
>
> -------------------------------------------------------------------------------
>
> I did the following to fix:
>
> -------------------------------------------------------------------------------
> --- selinux/libsemanage/src/utilities.c 2026-05-02 01:09:23.099896599 +0300
> +++ selinux-buildaus/libsemanage/src/utilities.c 2026-05-07 04:24:08.992732849 +0300
> @@ -234,7 +234,8 @@
> const char *src, size_t lim)
> {
> size_t count = 0, slen, rlen, newsize;
> - char *p, *pres, *result;
> + const char *p;
> + char *pres, *result;
> const char *psrc;
>
> slen = strlen(search);
> @@ -353,8 +354,8 @@
> #ifdef __GNUC__
> __attribute__((nonnull))
> #endif
> -char *semanage_basename(const char *filename)
> +const char *semanage_basename(const char *filename)
> {
> - char *p = strrchr(filename, '/');
> - return p ? p + 1 : (char *)filename;
> + const char *p = strrchr(filename, '/');
> + return p ? p + 1 : filename;
> }
> -------------------------------------------------------------------------------
> --- selinux/libsemanage/src/utilities.h 2026-05-02 01:09:23.099896599 +0300
> +++ selinux-buildaus/libsemanage/src/utilities.h 2026-05-07 04:25:03.279160082 +0300
> @@ -167,6 +167,6 @@
> #ifdef __GNUC__
> __attribute__((nonnull))
> #endif
> -char *semanage_basename(const char *filename);
> +const char *semanage_basename(const char *filename);
>
> #endif
> -------------------------------------------------------------------------------
>
> The fifth error:
>
> -------------------------------------------------------------------------------
> secon.c: In function ‘my_getXcon_raw’:
> secon.c:365:29: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
> 365 | char *tmp = strchr(ptr, '\n');
> | ^~~~~~
> cc1: all warnings being treated as errors
> make[2]: *** [<builtin>: secon.o] Error 1
> -------------------------------------------------------------------------------
>
> Fix:
>
> -------------------------------------------------------------------------------
> --- selinux/policycoreutils/secon/secon.c 2026-05-02 01:09:23.152597184 +0300
> +++ selinux-buildaus/policycoreutils/secon/secon.c 2026-05-07 04:30:27.330279405 +0300
> @@ -348,7 +348,7 @@
> {
> char buf[4096];
> FILE *fp = NULL;
> - const char *ptr = NULL;
> + char *ptr = NULL;
>
> snprintf(buf, sizeof(buf), "%s/%ld/attr/%s", "/proc", (long int)pid,
> val);
> -------------------------------------------------------------------------------
>
> After these changes, the build completed, but I am not at all
> sure whether the fixes are correct.
>
Look at these patches and provide Tested-by if they work for you:
https://patchwork.kernel.org/project/selinux/list/?series=1086260
https://patchwork.kernel.org/project/selinux/patch/20260427123304.74899-1-lautrbach@redhat.com/
As a workaround you set build flags used in Fedora to avoid -Werror:
$ sudo dnf install redhat-rpm-config
$ source <( rpm --eval '%{set_build_flags}' )
$ make DESTDIR=/home/user/tmp/obj install install-rubywrap install-pywrap
Petr
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SELinux userspace does not build on Fedora 44
2026-05-07 9:33 ` Petr Lautrbach
@ 2026-05-07 9:54 ` Kalevi Kolttonen
0 siblings, 0 replies; 3+ messages in thread
From: Kalevi Kolttonen @ 2026-05-07 9:54 UTC (permalink / raw)
To: Petr Lautrbach; +Cc: selinux-list
On Thu, May 07, 2026 at 11:33:49AM +0200, Petr Lautrbach wrote:
> Look at these patches and provide Tested-by if they work for you:
>
> https://patchwork.kernel.org/project/selinux/list/?series=1086260
> https://patchwork.kernel.org/project/selinux/patch/20260427123304.74899-1-lautrbach@redhat.com/
Yes, applying those 4 patches did the trick. Thanks. Feel free to
add my confirmation.
Tested-by: Kalevi Kolttonen <kalevi@kolttonen.fi>
br,
KK
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-05-07 9:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-07 1:38 SELinux userspace does not build on Fedora 44 Kalevi Kolttonen
2026-05-07 9:33 ` Petr Lautrbach
2026-05-07 9:54 ` Kalevi Kolttonen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.