add matchmediacon

2004-09-10 17:27:19 +00:00 · 2004-09-10 17:27:19 +00:00 · 9a368c5f7b
commit 9a368c5f7b
parent aca62f6df6
2 changed files with 166 additions and 3 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -0,0 +1,160 @@
+--- libselinux-1.17.9/include/selinux/selinux.h.rhat	2004-09-08 10:51:34.000000000 -0400
+++ libselinux-1.17.9/include/selinux/selinux.h	2004-09-10 13:24:34.747534140 -0400
+@@ -173,6 +173,13 @@
+ 		 mode_t mode,
+ 		 security_context_t *con);
+ 
+/* Match the specified media and against the media contexts 
+   /proc/ide/hdc/media
+   configuration and set *con to refer to the resulting context.
+   Caller must free con via freecon. */
+extern int matchmediacon(const char *path,
+		 security_context_t *con);
+
+ /*
+   selinux_getenforcemode reads the /etc/selinux/config file and determines 
+   whether the machine should be started in enforcing (1), permissive (0) or 
+@@ -194,6 +201,7 @@
+ extern const char *selinux_default_context_path(void);
+ extern const char *selinux_user_contexts_path(void);
+ extern const char *selinux_file_context_path(void);
+extern const char *selinux_media_context_path(void);
+ extern const char *selinux_contexts_path(void);
+ extern const char *selinux_booleans_path(void);
+ 
+--- libselinux-1.17.9/src/selinux_config.c.rhat	2004-09-08 10:51:34.000000000 -0400
+++ libselinux-1.17.9/src/selinux_config.c	2004-09-10 13:24:34.751533684 -0400
+@@ -24,7 +24,8 @@
+ #define FAILSAFE_CONTEXT  5
+ #define DEFAULT_TYPE      6
+ #define BOOLEANS          7
+-#define NEL               8
+#define MEDIA_CONTEXTS    8
+#define NEL               9
+ 
+ /* New layout is relative to SELINUXDIR/policytype. */
+ static char *file_paths[NEL];
+@@ -200,6 +201,10 @@
+ }
+ hidden_def(selinux_file_context_path)
+ 
+const char *selinux_media_context_path() {
+  return get_path(MEDIA_CONTEXTS);
+}
+
+ const char *selinux_contexts_path() {
+   return get_path(CONTEXTS_DIR);
+ }
+--- /dev/null	2004-09-10 04:39:39.953683832 -0400
+++ libselinux-1.17.9/src/matchmediacon.c	2004-09-10 13:24:34.750533798 -0400
+@@ -0,0 +1,65 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <regex.h>
+#include <stdarg.h>
+
+int matchmediacon(const char *media, 
+		 security_context_t *con)
+{
+	const char *path = selinux_media_context_path();
+	FILE *infile;
+	char *ptr, *ptr2;
+	char *target;
+	int found=-1;
+	char current_line[PATH_MAX];
+	if ((infile = fopen(path, "r")) == NULL)
+		return -1;
+	while (!feof_unlocked (infile)) {
+		if (!fgets_unlocked(current_line, sizeof(current_line), infile)) {
+			return -1;
+		}
+		if (current_line[strlen(current_line) - 1])
+			current_line[strlen(current_line) - 1] = 0;
+		/* Skip leading whitespace before the partial context. */
+		ptr = current_line;
+		while (*ptr && isspace(*ptr))
+			ptr++;
+		
+		if (!(*ptr))
+			continue;
+
+
+		/* Find the end of the media context. */
+		ptr2 = ptr;
+		while (*ptr2 && !isspace(*ptr2))
+			ptr2++;
+		if (!(*ptr2))
+			continue;
+		
+		*ptr2++=NULL;
+		if (strcmp (media, ptr) == 0) {
+			found = 1;
+			break;
+		}
+	}
+	if (!found) 
+		return -1;
+
+	/* Skip whitespace. */
+	while (*ptr2 && isspace(*ptr2))
+		ptr2++;
+	if (!(*ptr2)) {
+		return -1;
+	}
+	
+	*con = strdup(ptr2);
+	return 0;
+}
+--- libselinux-1.17.9/src/compat_file_path.h.rhat	2004-09-08 10:51:34.000000000 -0400
+++ libselinux-1.17.9/src/compat_file_path.h	2004-09-10 13:24:34.748534026 -0400
+@@ -7,3 +7,4 @@
+ S_(FAILSAFE_CONTEXT, SECURITYDIR "/failsafe_context")
+ S_(DEFAULT_TYPE, SECURITYDIR "/default_type")
+ S_(BOOLEANS, SECURITYDIR "/booleans")
+S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media")
+--- libselinux-1.17.9/src/file_path_suffixes.h.rhat	2004-09-08 10:51:34.000000000 -0400
+++ libselinux-1.17.9/src/file_path_suffixes.h	2004-09-10 13:24:34.749533912 -0400
+@@ -7,3 +7,4 @@
+ S_(FAILSAFE_CONTEXT, "/contexts/failsafe_context")
+ S_(DEFAULT_TYPE, "/contexts/default_type")
+ S_(BOOLEANS, "/booleans")
+S_(MEDIA_CONTEXTS, "/contexts/files/media")
+--- /dev/null	2004-09-10 04:39:39.953683832 -0400
+++ libselinux-1.17.9/utils/matchmediacon.c	2004-09-10 13:25:04.099192223 -0400
+@@ -0,0 +1,28 @@
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <selinux/selinux.h>
+#include <errno.h>
+#include <string.h>
+
+int main(int argc, char **argv) 
+{
+	char *buf;
+	int rc, i;
+
+	if (argc < 2) {
+		fprintf(stderr, "usage:  %s media...\n", argv[0]);
+		exit(1);
+	}
+
+	for (i = 1; i < argc; i++) {
+		rc = matchmediacon(argv[i], &buf);
+		if (rc < 0) {
+			fprintf(stderr, "%s: matchmediacon(%s) failed: %s\n", argv[0], argv[i]);
+			exit(2);
+		}
+		printf("%s\t%s\n", argv[i], buf);
+		freecon(buf);
+	}
+	exit(0);
+}
--- a/libselinux.spec
+++ b/libselinux.spec
@ -1,11 +1,11 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.17.9
-Release: 1
+Release: 2
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
-#Patch: libselinux-rhat.patch
+Patch: libselinux-rhat.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot

 %description
@ -34,7 +34,7 @@ needed for developing SELinux applications.

 %prep
 %setup -q
-#%patch -p1 -b .rhat
+%patch -p1 -b .rhat

 %build
 make CFLAGS="%{optflags}"
@ -69,6 +69,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*

 %changelog
+* Wed Sep 8 2004 Dan Walsh <dwalsh@redhat.com> 1.17.9-2
+- Add matchmediacon
+
 * Wed Sep 8 2004 Dan Walsh <dwalsh@redhat.com> 1.17.9-1
 - Update from NSA
 	* Added get_default_context_with_role.