- Add selinux_getpolicytype()
This commit is contained in:
parent
af1839bde5
commit
8389437eda
@ -1,169 +1,128 @@
|
|||||||
diff -Nurp libselinux-1.29.7.orig/src/canonicalize_context.c libselinux-1.29.7/src/canonicalize_context.c
|
diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.30.12/include/selinux/selinux.h
|
||||||
--- libselinux-1.29.7.orig/src/canonicalize_context.c 2006-01-20 23:37:52.000000000 +0800
|
--- nsalibselinux/include/selinux/selinux.h 2006-05-18 12:11:17.000000000 -0400
|
||||||
+++ libselinux-1.29.7/src/canonicalize_context.c 2006-05-31 20:42:47.000000000 +0800
|
+++ libselinux-1.30.12/include/selinux/selinux.h 2006-06-09 15:29:18.000000000 -0400
|
||||||
@@ -18,6 +18,9 @@ int security_canonicalize_context_raw(se
|
@@ -361,6 +361,13 @@
|
||||||
size_t size;
|
extern int selinux_getenforcemode(int *enforce);
|
||||||
int fd, ret;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
/*
|
||||||
+ return -1;
|
+ selinux_getpolicytype reads the /etc/selinux/config file and determines
|
||||||
|
+ what the default policy for the machine is. Calling application must
|
||||||
|
+ free policytype.
|
||||||
|
+ */
|
||||||
|
+extern int selinux_getpolicytype(char **policytype);
|
||||||
+
|
+
|
||||||
snprintf(path, sizeof path, "%s/context", selinux_mnt);
|
+/*
|
||||||
fd = open(path, O_RDWR);
|
selinux_policy_root reads the /etc/selinux/config file and returns
|
||||||
if (fd < 0)
|
the directory path under which the compiled policy file and context
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/check_context.c libselinux-1.29.7/src/check_context.c
|
configuration files exist.
|
||||||
--- libselinux-1.29.7.orig/src/check_context.c 2006-01-20 23:37:52.000000000 +0800
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.30.12/src/selinux_config.c
|
||||||
+++ libselinux-1.29.7/src/check_context.c 2006-05-31 20:43:24.000000000 +0800
|
--- nsalibselinux/src/selinux_config.c 2006-05-23 06:19:32.000000000 -0400
|
||||||
@@ -14,6 +14,9 @@ int security_check_context_raw(security_
|
+++ libselinux-1.30.12/src/selinux_config.c 2006-06-09 15:42:35.000000000 -0400
|
||||||
char path[PATH_MAX];
|
@@ -124,6 +124,37 @@
|
||||||
int fd, ret;
|
}
|
||||||
|
hidden_def(selinux_getenforcemode)
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
+int selinux_getpolicytype(char **intype) {
|
||||||
+ return -1;
|
+ int ret=-1;
|
||||||
|
+ char *type=NULL;
|
||||||
|
+ char *end=NULL;
|
||||||
|
+ FILE *cfg = fopen(SELINUXCONFIG,"r");
|
||||||
|
+ char buf[4097];
|
||||||
|
+ int len=sizeof(SELINUXTYPETAG)-1;
|
||||||
|
+ if (!cfg) {
|
||||||
|
+ cfg = fopen(SECURITYCONFIG,"r");
|
||||||
|
+ }
|
||||||
|
+ if (cfg) {
|
||||||
|
+ while (fgets_unlocked(buf, 4096, cfg)) {
|
||||||
|
+ if (strncmp(buf,SELINUXTYPETAG,len))
|
||||||
|
+ continue;
|
||||||
|
+ type = strdupa(buf+sizeof(SELINUXTYPETAG)-1);
|
||||||
|
+ end = type + strlen(type)-1;
|
||||||
|
+ while ((end > type) &&
|
||||||
|
+ (isspace(*end) || iscntrl(*end))) {
|
||||||
|
+ *end = 0;
|
||||||
|
+ end--;
|
||||||
|
+ }
|
||||||
|
+ *intype=type;
|
||||||
|
+ ret=0;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ fclose(cfg);
|
||||||
|
+ }
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+hidden_def(selinux_getpolicytype)
|
||||||
+
|
+
|
||||||
snprintf(path, sizeof path, "%s/context", selinux_mnt);
|
static char *selinux_policyroot = NULL;
|
||||||
fd = open(path, O_RDWR);
|
static char *selinux_rootpath = NULL;
|
||||||
if (fd < 0)
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/compute_av.c libselinux-1.29.7/src/compute_av.c
|
|
||||||
--- libselinux-1.29.7.orig/src/compute_av.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/compute_av.c 2006-05-31 20:44:00.000000000 +0800
|
|
||||||
@@ -21,6 +21,9 @@ int security_compute_av_raw(security_con
|
|
||||||
size_t len;
|
|
||||||
int fd, ret;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.12/src/selinux_internal.h
|
||||||
+ return -1;
|
--- nsalibselinux/src/selinux_internal.h 2006-05-23 06:19:32.000000000 -0400
|
||||||
+
|
+++ libselinux-1.30.12/src/selinux_internal.h 2006-06-09 15:29:18.000000000 -0400
|
||||||
snprintf(path, sizeof path, "%s/access", selinux_mnt);
|
@@ -64,6 +64,7 @@
|
||||||
fd = open(path, O_RDWR);
|
hidden_proto(selinux_usersconf_path);
|
||||||
if (fd < 0)
|
hidden_proto(selinux_translations_path);
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/compute_create.c libselinux-1.29.7/src/compute_create.c
|
hidden_proto(selinux_getenforcemode);
|
||||||
--- libselinux-1.29.7.orig/src/compute_create.c 2006-01-20 23:37:52.000000000 +0800
|
+hidden_proto(selinux_getpolicytype);
|
||||||
+++ libselinux-1.29.7/src/compute_create.c 2006-05-31 20:44:53.000000000 +0800
|
hidden_proto(selinux_raw_to_trans_context);
|
||||||
@@ -20,6 +20,9 @@ int security_compute_create_raw(security
|
hidden_proto(selinux_trans_to_raw_context);
|
||||||
size_t size;
|
|
||||||
int fd, ret;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-1.30.12/src/selinux.py
|
||||||
+ return -1;
|
--- nsalibselinux/src/selinux.py 2006-05-15 09:43:24.000000000 -0400
|
||||||
+
|
+++ libselinux-1.30.12/src/selinux.py 2006-06-09 15:29:18.000000000 -0400
|
||||||
snprintf(path, sizeof path, "%s/create", selinux_mnt);
|
@@ -102,6 +102,7 @@
|
||||||
fd = open(path, O_RDWR);
|
is_context_customizable = _selinux.is_context_customizable
|
||||||
if (fd < 0)
|
selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/compute_member.c libselinux-1.29.7/src/compute_member.c
|
selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context
|
||||||
--- libselinux-1.29.7.orig/src/compute_member.c 2006-01-20 23:37:52.000000000 +0800
|
+selinux_getpolicytype = _selinux.selinux_getpolicytype
|
||||||
+++ libselinux-1.29.7/src/compute_member.c 2006-05-31 20:45:36.000000000 +0800
|
getseuserbyname = _selinux.getseuserbyname
|
||||||
@@ -20,6 +20,9 @@ int security_compute_member_raw(security
|
|
||||||
size_t size;
|
|
||||||
int fd, ret;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
snprintf(path, sizeof path, "%s/member", selinux_mnt);
|
|
||||||
fd = open(path, O_RDWR);
|
|
||||||
if (fd < 0)
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/compute_relabel.c libselinux-1.29.7/src/compute_relabel.c
|
|
||||||
--- libselinux-1.29.7.orig/src/compute_relabel.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/compute_relabel.c 2006-05-31 20:46:04.000000000 +0800
|
|
||||||
@@ -20,6 +20,9 @@ int security_compute_relabel_raw(securit
|
|
||||||
size_t size;
|
|
||||||
int fd, ret;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-1.30.12/src/selinuxswig.i
|
||||||
+ return -1;
|
--- nsalibselinux/src/selinuxswig.i 2006-05-15 09:43:24.000000000 -0400
|
||||||
+
|
+++ libselinux-1.30.12/src/selinuxswig.i 2006-06-09 15:29:18.000000000 -0400
|
||||||
snprintf(path, sizeof path, "%s/relabel", selinux_mnt);
|
@@ -126,4 +126,5 @@
|
||||||
fd = open(path, O_RDWR);
|
%typemap(argout) char ** {
|
||||||
if (fd < 0)
|
$result = SWIG_Python_AppendOutput($result, PyString_FromString(*$1));
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/compute_user.c libselinux-1.29.7/src/compute_user.c
|
}
|
||||||
--- libselinux-1.29.7.orig/src/compute_user.c 2006-01-20 23:37:52.000000000 +0800
|
+extern int selinux_getpolicytype(char **enforce);
|
||||||
+++ libselinux-1.29.7/src/compute_user.c 2006-05-31 20:46:32.000000000 +0800
|
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
|
||||||
@@ -21,6 +21,9 @@ int security_compute_user_raw(security_c
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-1.30.12/src/selinuxswig_wrap.c
|
||||||
int fd, ret;
|
--- nsalibselinux/src/selinuxswig_wrap.c 2006-05-15 09:43:24.000000000 -0400
|
||||||
unsigned int i, nel;
|
+++ libselinux-1.30.12/src/selinuxswig_wrap.c 2006-06-09 15:29:18.000000000 -0400
|
||||||
|
@@ -4153,6 +4153,27 @@
|
||||||
|
}
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
snprintf(path, sizeof path, "%s/user", selinux_mnt);
|
|
||||||
fd = open(path, O_RDWR);
|
|
||||||
if (fd < 0)
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/disable.c libselinux-1.29.7/src/disable.c
|
|
||||||
--- libselinux-1.29.7.orig/src/disable.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/disable.c 2006-05-31 20:47:27.000000000 +0800
|
|
||||||
@@ -15,6 +15,9 @@ int security_disable(void)
|
|
||||||
char path[PATH_MAX];
|
|
||||||
char buf[20];
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
+SWIGINTERN PyObject *_wrap_selinux_getpolicytype(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
|
||||||
+ return -1;
|
+ PyObject *resultobj = 0;
|
||||||
|
+ char **arg1 = (char **) 0 ;
|
||||||
|
+ int result;
|
||||||
|
+ char *temp1 ;
|
||||||
+
|
+
|
||||||
snprintf(path, sizeof path, "%s/disable", selinux_mnt);
|
+ {
|
||||||
fd = open(path, O_WRONLY);
|
+ arg1 = &temp1;
|
||||||
if (fd < 0)
|
+ }
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/enabled.c libselinux-1.29.7/src/enabled.c
|
+ if (!PyArg_ParseTuple(args,(char *)":selinux_getpolicytype")) SWIG_fail;
|
||||||
--- libselinux-1.29.7.orig/src/enabled.c 2006-01-20 23:37:52.000000000 +0800
|
+ result = (int)selinux_getpolicytype(arg1);
|
||||||
+++ libselinux-1.29.7/src/enabled.c 2006-05-31 20:48:30.000000000 +0800
|
+ resultobj = SWIG_From_int((int)(result));
|
||||||
@@ -65,6 +65,9 @@ int is_selinux_mls_enabled(void)
|
+ {
|
||||||
char buf[20], path[PATH_MAX];
|
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(*arg1));
|
||||||
int fd, ret, enabled = 0;
|
+ }
|
||||||
|
+ return resultobj;
|
||||||
+ if (!selinux_mnt)
|
+fail:
|
||||||
+ return enabled;
|
+ return NULL;
|
||||||
|
+}
|
||||||
+
|
+
|
||||||
snprintf(path, sizeof path, "%s/mls", selinux_mnt);
|
|
||||||
fd = open(path, O_RDONLY);
|
|
||||||
if (fd < 0)
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/getenforce.c libselinux-1.29.7/src/getenforce.c
|
|
||||||
--- libselinux-1.29.7.orig/src/getenforce.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/getenforce.c 2006-05-31 20:48:56.000000000 +0800
|
|
||||||
@@ -15,6 +15,9 @@ int security_getenforce(void)
|
|
||||||
char path[PATH_MAX];
|
|
||||||
char buf[20];
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
|
||||||
+ return -1;
|
|
||||||
+
|
+
|
||||||
snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
|
SWIGINTERN PyObject *_wrap_getseuserbyname(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
|
||||||
fd = open(path, O_RDONLY);
|
PyObject *resultobj = 0;
|
||||||
if (fd < 0)
|
char *arg1 = (char *) 0 ;
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/load_policy.c libselinux-1.29.7/src/load_policy.c
|
@@ -4253,6 +4274,7 @@
|
||||||
--- libselinux-1.29.7.orig/src/load_policy.c 2006-01-20 23:37:52.000000000 +0800
|
{ (char *)"is_context_customizable", _wrap_is_context_customizable, METH_VARARGS, NULL},
|
||||||
+++ libselinux-1.29.7/src/load_policy.c 2006-05-31 20:49:33.000000000 +0800
|
{ (char *)"selinux_trans_to_raw_context", _wrap_selinux_trans_to_raw_context, METH_VARARGS, NULL},
|
||||||
@@ -20,6 +20,9 @@ int security_load_policy(void *data, siz
|
{ (char *)"selinux_raw_to_trans_context", _wrap_selinux_raw_to_trans_context, METH_VARARGS, NULL},
|
||||||
char path[PATH_MAX];
|
+ { (char *)"selinux_getpolicytype", _wrap_selinux_getpolicytype, METH_VARARGS, NULL},
|
||||||
int fd, ret;
|
{ (char *)"getseuserbyname", _wrap_getseuserbyname, METH_VARARGS, NULL},
|
||||||
|
{ NULL, NULL, 0, NULL }
|
||||||
+ if (!selinux_mnt)
|
};
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
snprintf(path, sizeof path, "%s/load", selinux_mnt);
|
|
||||||
fd = open(path, O_RDWR);
|
|
||||||
if (fd < 0)
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/policyvers.c libselinux-1.29.7/src/policyvers.c
|
|
||||||
--- libselinux-1.29.7.orig/src/policyvers.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/policyvers.c 2006-05-31 20:50:22.000000000 +0800
|
|
||||||
@@ -19,6 +19,9 @@ int security_policyvers(void)
|
|
||||||
char buf[20];
|
|
||||||
unsigned vers = DEFAULT_POLICY_VERSION;
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
snprintf(path, sizeof path, "%s/policyvers", selinux_mnt);
|
|
||||||
fd = open(path, O_RDONLY);
|
|
||||||
if (fd < 0) {
|
|
||||||
diff -Nurp libselinux-1.29.7.orig/src/setenforce.c libselinux-1.29.7/src/setenforce.c
|
|
||||||
--- libselinux-1.29.7.orig/src/setenforce.c 2006-01-20 23:37:52.000000000 +0800
|
|
||||||
+++ libselinux-1.29.7/src/setenforce.c 2006-05-31 20:50:51.000000000 +0800
|
|
||||||
@@ -15,6 +15,9 @@ int security_setenforce(int value)
|
|
||||||
char path[PATH_MAX];
|
|
||||||
char buf[20];
|
|
||||||
|
|
||||||
+ if (!selinux_mnt)
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
|
|
||||||
fd = open(path, O_RDWR);
|
|
||||||
if (fd < 0)
|
|
||||||
|
@ -2,10 +2,11 @@
|
|||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 1.30.12
|
Version: 1.30.12
|
||||||
Release: 1
|
Release: 2
|
||||||
License: Public domain (uncopyrighted)
|
License: Public domain (uncopyrighted)
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
|
||||||
|
Patch: libselinux-rhat.patch
|
||||||
|
|
||||||
BuildRequires: libsepol-devel >= %{libsepolver} swig
|
BuildRequires: libsepol-devel >= %{libsepolver} swig
|
||||||
Requires: libsepol >= %{libsepolver} setransd
|
Requires: libsepol >= %{libsepolver} setransd
|
||||||
@ -47,6 +48,7 @@ needed for developing SELinux applications.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch -p1 -b .rhat
|
||||||
|
|
||||||
%build
|
%build
|
||||||
make clean
|
make clean
|
||||||
@ -115,6 +117,9 @@ exit 0
|
|||||||
%{_libdir}/python*/site-packages/selinux.py*
|
%{_libdir}/python*/site-packages/selinux.py*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jun 8 2006 Dan Walsh <dwalsh@redhat.com> 1.30.12-2
|
||||||
|
- Add selinux_getpolicytype()
|
||||||
|
|
||||||
* Thu Jun 1 2006 Dan Walsh <dwalsh@redhat.com> 1.30.12-1
|
* Thu Jun 1 2006 Dan Walsh <dwalsh@redhat.com> 1.30.12-1
|
||||||
- Upgrade to latest from NSA
|
- Upgrade to latest from NSA
|
||||||
* Merged !selinux_mnt checks from Ian Kent.
|
* Merged !selinux_mnt checks from Ian Kent.
|
||||||
|
Loading…
Reference in New Issue
Block a user