build: avoid more selinux build failures

Handle both newer selinux libraries with mode_to_security_class(),
and systems without selinux at all.  We could easily adjust
gnulib to provide the necessary stubs for use by this module,
but it's more efficient to just stub out the module completely,
when not using selinux.

* src/selinux.h: Define stubs for the two module functions,
when SELinux is not available.
* src/selinux.c: Exclude all logic in preference for the stubs
when selinux isn't used.  Also when newer selinux libs are used,
don't use our conflicting static version of mode_to_security_class().
m4/jm-macros.m4: Check for the system mode_to_security_class().

m4/jm-macros.m4

@@ -44,9 +44,11 @@ AC_DEFUN([coreutils_MACROS],
   # used by shred
   AC_CHECK_FUNCS_ONCE([directio])
 
-  # Used by install.c.
   coreutils_saved_libs=$LIBS
     LIBS="$LIBS $LIB_SELINUX"
+    # Used by selinux.c.
+    AC_CHECK_FUNCS([mode_to_security_class], [], [])
+    # Used by install.c.
     AC_CHECK_FUNCS([matchpathcon_init_prefix], [],
     [
       case "$ac_cv_search_setfilecon:$ac_cv_header_selinux_selinux_h" in

src/selinux.c

@@ -29,8 +29,11 @@
 #include "quote.h"
 #include "selinux.h"
 
+#if HAVE_SELINUX_SELINUX_H
+
+# if ! HAVE_MODE_TO_SECURITY_CLASS
 /*
-  This function has being added to libselinux-2.1.12-5, but is here
+  This function has been added to libselinux-2.1.12-5, but is here
   for support with older versions of SELinux
 
   Translates a mode into an Internal SELinux security_class definition.
@@ -58,6 +61,7 @@ mode_to_security_class (mode_t m)
   errno = EINVAL;
   return 0;
 }
+# endif
 
 /*
   This function takes a PATH and a MODE and then asks SELinux what the label
@@ -108,7 +112,7 @@ defaultcon (char const *path, mode_t mode)
 {
   int rc = -1;
   security_context_t scon = NULL, tcon = NULL;
-  context_t scontext = NULL, tcontext = NULL;
+  context_t scontext = 0, tcontext = 0;
   const char *contype;
   char *constr;
   char *newpath = NULL;
@@ -179,7 +183,7 @@ restorecon_private (char const *path, bool local)
   int rc = -1;
   struct stat sb;
   security_context_t scon = NULL, tcon = NULL;
-  context_t scontext = NULL, tcontext = NULL;
+  context_t scontext = 0, tcontext = 0;
   const char *contype;
   char *constr;
   int fd;
@@ -328,3 +332,4 @@ restorecon (char const *path, bool recurse, bool local)
   free (newpath);
   return ok;
 }
+#endif

src/selinux.h

@@ -19,7 +19,21 @@
 #ifndef COREUTILS_SELINUX_H
 # define COREUTILS_SELINUX_H
 
+# if HAVE_SELINUX_SELINUX_H
+
 extern bool restorecon (char const *path, bool recurse, bool preserve);
 extern int defaultcon (char const *path, mode_t mode);
 
+# else
+
+static inline bool
+restorecon (char const *path, bool recurse, bool preserve)
+{ errno = ENOTSUP; return false; }
+
+static inline int
+defaultcon (char const *path, mode_t mode)
+{ errno = ENOTSUP; return -1; }
+
+# endif
+
 #endif