Add additional go bindings for get*con calls

- Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific
2014-02-14 09:21:36 -05:00 · 2014-02-14 09:21:36 -05:00 · 2492943f41
commit 2492943f41
parent ee8c867b33
2 changed files with 154 additions and 6 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -10,10 +10,10 @@ index fd4f0b1..51469bc 100644
 DISABLE_SETRANS ?= n
 diff --git a/libselinux/golang/Makefile b/libselinux/golang/Makefile
 new file mode 100644
-index 0000000..ad3e481
+index 0000000..b75677b
 --- /dev/null
 +++ b/libselinux/golang/Makefile
-@@ -0,0 +1,17 @@
+@@ -0,0 +1,22 @@
 +# Installation directories.
 +PREFIX ?= $(DESTDIR)/usr
 +LIBDIR ?= $(DESTDIR)/usr/lib
@ -25,18 +25,23 @@ index 0000000..ad3e481
 +	install -m 644 selinux.go $(GODIR)
 +
 +test:
 +	@mkdir selinux
 +	@cp selinux.go selinux
 +	GOPATH=$(pwd) go run test.go 
 +	@rm -rf selinux
 +
 +clean:
-+
+	@rm -f *~
 +	@rm -rf selinux
 +indent:
 +
 +relabel:
 diff --git a/libselinux/golang/selinux.go b/libselinux/golang/selinux.go
 new file mode 100644
-index 0000000..9e7fdb3
+index 0000000..6cee26a
 --- /dev/null
 +++ b/libselinux/golang/selinux.go
-@@ -0,0 +1,302 @@
+@@ -0,0 +1,378 @@
 +package selinux
 +
 +/*
@ -86,6 +91,74 @@ index 0000000..9e7fdb3
 +	return int(rc), err
 +}
 +
 +func Getfilecon(path string) (string, error) {
 +	var scon C.security_context_t
 +	var fcon string
 +        rc, err := C.lgetfilecon(C.CString(path),&scon)
 +	if (rc >= 0) {
 +		fcon = C.GoString(scon)	
 +		err = nil
 +	}
 +	return fcon, err
 +}
 +
 +func Setfscreatecon(scon string) (int, error) {
 +	var (
 +		rc C.int
 +		err error
 +	)
 +	if (scon != "") {
 +		rc, err = C.setfscreatecon(C.CString(scon))
 +	} else {
 +		rc, err = C.setfscreatecon(nil)
 +	}
 +	return int(rc), err
 +}
 +
 +func Getfscreatecon() (string, error) {
 +	var scon C.security_context_t
 +	var fcon string
 +        rc, err := C.getfscreatecon(&scon)
 +	if (rc >= 0) {
 +		fcon = C.GoString(scon)	
 +		err = nil
 +		C.freecon(scon)
 +	}
 +	return fcon, err
 +}
 +
 +func Getcon() (string) {
 +	var pcon C.security_context_t
 +	C.getcon(&pcon)
 +	scon := C.GoString(pcon)
 +	C.freecon(pcon)
 +	return scon
 +}
 +
 +func Getpidcon(pid int) (string, error) {
 +	var pcon C.security_context_t
 +	var scon string
 +	rc, err := C.getpidcon(C.pid_t(pid), &pcon)
 +	if (rc >= 0) {
 +		scon = C.GoString(pcon)
 +		C.freecon(pcon)
 +		err = nil
 +	}
 +	return scon, err
 +}
 +
 +func Getpeercon(socket int) (string, error) {
 +	var pcon C.security_context_t
 +	var scon string
 +	rc, err := C.getpeercon(C.int(socket), &pcon)
 +	if (rc >= 0) {
 +		scon = C.GoString(pcon)
 +		C.freecon(pcon)
 +		err = nil
 +	}
 +	return scon, err
 +}
 +
 +func Setexeccon(scon string) (int, error) {
 +	var val *C.char
 +	if ! Selinux_enabled() {
@ -338,7 +411,77 @@ index 0000000..9e7fdb3
 +	fmt.Println(flabel)
 +	pid := os.Getpid()
 +	fmt.Printf("PID:%d MCS:%s\n", pid, Int_to_mcs(pid, 1023))
 +	fmt.Println(Getcon())
 +	fmt.Println(Getfilecon("/etc/passwd"))
 +	fmt.Println(Getpidcon(1))
 +	Setfscreatecon("unconfined_u:unconfined_r:unconfined_t:s0")
 +	fmt.Println(Getfscreatecon())
 +	Setfscreatecon("")
 +	fmt.Println(Getfscreatecon())
 +	fmt.Println(Getpidcon(1))
 +}
 diff --git a/libselinux/golang/test.go b/libselinux/golang/test.go
 new file mode 100644
 index 0000000..fed6de8
 --- /dev/null
 +++ b/libselinux/golang/test.go
@@ -0,0 +1,9 @@
 +package main
 +
 +import (
 +	"./selinux"
 +)
 +
 +func main() {
 +	selinux.Test()
 +}
 diff --git a/libselinux/man/man3/getfscreatecon.3 b/libselinux/man/man3/getfscreatecon.3
 index c7675be..677ece4 100644
 --- a/libselinux/man/man3/getfscreatecon.3
 +++ b/libselinux/man/man3/getfscreatecon.3
@@ -49,6 +49,11 @@ Signal handlers that perform a
 must take care to
 save, reset, and restore the fscreate context to avoid unexpected behavior.
 .
 +
 +.br
 +.B Note:
 +Contexts are thread specific.
 +
 .SH "RETURN VALUE"
 On error \-1 is returned.
 On success 0 is returned.
 diff --git a/libselinux/man/man3/getkeycreatecon.3 b/libselinux/man/man3/getkeycreatecon.3
 index d6a118c..b503535 100644
 --- a/libselinux/man/man3/getkeycreatecon.3
 +++ b/libselinux/man/man3/getkeycreatecon.3
@@ -48,6 +48,10 @@ Signal handlers that perform a
 .BR setkeycreatecon ()
 must take care to
 save, reset, and restore the keycreate context to avoid unexpected behavior.
 +
 +.br
 +.B Note:
 +Contexts are thread specific.
 .
 .SH "RETURN VALUE"
 On error \-1 is returned.
 diff --git a/libselinux/man/man3/getsockcreatecon.3 b/libselinux/man/man3/getsockcreatecon.3
 index 99e9436..673738c 100644
 --- a/libselinux/man/man3/getsockcreatecon.3
 +++ b/libselinux/man/man3/getsockcreatecon.3
@@ -49,6 +49,11 @@ Signal handlers that perform a
 must take care to
 save, reset, and restore the sockcreate context to avoid unexpected behavior.
 .
 +
 +.br
 +.B Note:
 +Contexts are thread specific.
 +
 .SH "RETURN VALUE"
 On error \-1 is returned.
 On success 0 is returned.
 diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
 index 02dd829..6dfdb46 100644
 --- a/libselinux/src/Makefile
--- a/libselinux.spec
+++ b/libselinux.spec
@ -10,7 +10,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.2.2
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@ -243,6 +243,11 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so
 %changelog
 * Fri Feb 14 2014 Dan Walsh <dwalsh@redhat.com>  - 2.2.2-4
 - Add additional go bindings for get*con calls
 - Add go bindings test command
 - Modify man pages of set*con calls to mention that they are thread specific
 * Fri Jan 24 2014 Dan Walsh <dwalsh@redhat.com>  - 2.2.2-3
 - Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go
 - Add Int_to_mcs function to generate MCS labels from integers.