add matchmediacon
This commit is contained in:
		
							parent
							
								
									aca62f6df6
								
							
						
					
					
						commit
						9a368c5f7b
					
				
							
								
								
									
										160
									
								
								libselinux-rhat.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										160
									
								
								libselinux-rhat.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,160 @@ | |||||||
|  | --- libselinux-1.17.9/include/selinux/selinux.h.rhat	2004-09-08 10:51:34.000000000 -0400
 | ||||||
|  | +++ libselinux-1.17.9/include/selinux/selinux.h	2004-09-10 13:24:34.747534140 -0400
 | ||||||
|  | @@ -173,6 +173,13 @@
 | ||||||
|  |  		 mode_t mode, | ||||||
|  |  		 security_context_t *con); | ||||||
|  |   | ||||||
|  | +/* Match the specified media and against the media contexts 
 | ||||||
|  | +   /proc/ide/hdc/media
 | ||||||
|  | +   configuration and set *con to refer to the resulting context.
 | ||||||
|  | +   Caller must free con via freecon. */
 | ||||||
|  | +extern int matchmediacon(const char *path,
 | ||||||
|  | +		 security_context_t *con);
 | ||||||
|  | +
 | ||||||
|  |  /* | ||||||
|  |    selinux_getenforcemode reads the /etc/selinux/config file and determines  | ||||||
|  |    whether the machine should be started in enforcing (1), permissive (0) or  | ||||||
|  | @@ -194,6 +201,7 @@
 | ||||||
|  |  extern const char *selinux_default_context_path(void); | ||||||
|  |  extern const char *selinux_user_contexts_path(void); | ||||||
|  |  extern const char *selinux_file_context_path(void); | ||||||
|  | +extern const char *selinux_media_context_path(void);
 | ||||||
|  |  extern const char *selinux_contexts_path(void); | ||||||
|  |  extern const char *selinux_booleans_path(void); | ||||||
|  |   | ||||||
|  | --- libselinux-1.17.9/src/selinux_config.c.rhat	2004-09-08 10:51:34.000000000 -0400
 | ||||||
|  | +++ libselinux-1.17.9/src/selinux_config.c	2004-09-10 13:24:34.751533684 -0400
 | ||||||
|  | @@ -24,7 +24,8 @@
 | ||||||
|  |  #define FAILSAFE_CONTEXT  5 | ||||||
|  |  #define DEFAULT_TYPE      6 | ||||||
|  |  #define BOOLEANS          7 | ||||||
|  | -#define NEL               8
 | ||||||
|  | +#define MEDIA_CONTEXTS    8
 | ||||||
|  | +#define NEL               9
 | ||||||
|  |   | ||||||
|  |  /* New layout is relative to SELINUXDIR/policytype. */ | ||||||
|  |  static char *file_paths[NEL]; | ||||||
|  | @@ -200,6 +201,10 @@
 | ||||||
|  |  } | ||||||
|  |  hidden_def(selinux_file_context_path) | ||||||
|  |   | ||||||
|  | +const char *selinux_media_context_path() {
 | ||||||
|  | +  return get_path(MEDIA_CONTEXTS);
 | ||||||
|  | +}
 | ||||||
|  | +
 | ||||||
|  |  const char *selinux_contexts_path() { | ||||||
|  |    return get_path(CONTEXTS_DIR); | ||||||
|  |  } | ||||||
|  | --- /dev/null	2004-09-10 04:39:39.953683832 -0400
 | ||||||
|  | +++ libselinux-1.17.9/src/matchmediacon.c	2004-09-10 13:24:34.750533798 -0400
 | ||||||
|  | @@ -0,0 +1,65 @@
 | ||||||
|  | +#include <unistd.h>
 | ||||||
|  | +#include <fcntl.h>
 | ||||||
|  | +#include <sys/stat.h>
 | ||||||
|  | +#include <string.h>
 | ||||||
|  | +#include "selinux_internal.h"
 | ||||||
|  | +#include <stdio.h>
 | ||||||
|  | +#include <stdlib.h>
 | ||||||
|  | +#include <ctype.h>
 | ||||||
|  | +#include <errno.h>
 | ||||||
|  | +#include <limits.h>
 | ||||||
|  | +#include <regex.h>
 | ||||||
|  | +#include <stdarg.h>
 | ||||||
|  | +
 | ||||||
|  | +int matchmediacon(const char *media, 
 | ||||||
|  | +		 security_context_t *con)
 | ||||||
|  | +{
 | ||||||
|  | +	const char *path = selinux_media_context_path();
 | ||||||
|  | +	FILE *infile;
 | ||||||
|  | +	char *ptr, *ptr2;
 | ||||||
|  | +	char *target;
 | ||||||
|  | +	int found=-1;
 | ||||||
|  | +	char current_line[PATH_MAX];
 | ||||||
|  | +	if ((infile = fopen(path, "r")) == NULL)
 | ||||||
|  | +		return -1;
 | ||||||
|  | +	while (!feof_unlocked (infile)) {
 | ||||||
|  | +		if (!fgets_unlocked(current_line, sizeof(current_line), infile)) {
 | ||||||
|  | +			return -1;
 | ||||||
|  | +		}
 | ||||||
|  | +		if (current_line[strlen(current_line) - 1])
 | ||||||
|  | +			current_line[strlen(current_line) - 1] = 0;
 | ||||||
|  | +		/* Skip leading whitespace before the partial context. */
 | ||||||
|  | +		ptr = current_line;
 | ||||||
|  | +		while (*ptr && isspace(*ptr))
 | ||||||
|  | +			ptr++;
 | ||||||
|  | +		
 | ||||||
|  | +		if (!(*ptr))
 | ||||||
|  | +			continue;
 | ||||||
|  | +
 | ||||||
|  | +
 | ||||||
|  | +		/* Find the end of the media context. */
 | ||||||
|  | +		ptr2 = ptr;
 | ||||||
|  | +		while (*ptr2 && !isspace(*ptr2))
 | ||||||
|  | +			ptr2++;
 | ||||||
|  | +		if (!(*ptr2))
 | ||||||
|  | +			continue;
 | ||||||
|  | +		
 | ||||||
|  | +		*ptr2++=NULL;
 | ||||||
|  | +		if (strcmp (media, ptr) == 0) {
 | ||||||
|  | +			found = 1;
 | ||||||
|  | +			break;
 | ||||||
|  | +		}
 | ||||||
|  | +	}
 | ||||||
|  | +	if (!found) 
 | ||||||
|  | +		return -1;
 | ||||||
|  | +
 | ||||||
|  | +	/* Skip whitespace. */
 | ||||||
|  | +	while (*ptr2 && isspace(*ptr2))
 | ||||||
|  | +		ptr2++;
 | ||||||
|  | +	if (!(*ptr2)) {
 | ||||||
|  | +		return -1;
 | ||||||
|  | +	}
 | ||||||
|  | +	
 | ||||||
|  | +	*con = strdup(ptr2);
 | ||||||
|  | +	return 0;
 | ||||||
|  | +}
 | ||||||
|  | --- libselinux-1.17.9/src/compat_file_path.h.rhat	2004-09-08 10:51:34.000000000 -0400
 | ||||||
|  | +++ libselinux-1.17.9/src/compat_file_path.h	2004-09-10 13:24:34.748534026 -0400
 | ||||||
|  | @@ -7,3 +7,4 @@
 | ||||||
|  |  S_(FAILSAFE_CONTEXT, SECURITYDIR "/failsafe_context") | ||||||
|  |  S_(DEFAULT_TYPE, SECURITYDIR "/default_type") | ||||||
|  |  S_(BOOLEANS, SECURITYDIR "/booleans") | ||||||
|  | +S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media")
 | ||||||
|  | --- libselinux-1.17.9/src/file_path_suffixes.h.rhat	2004-09-08 10:51:34.000000000 -0400
 | ||||||
|  | +++ libselinux-1.17.9/src/file_path_suffixes.h	2004-09-10 13:24:34.749533912 -0400
 | ||||||
|  | @@ -7,3 +7,4 @@
 | ||||||
|  |  S_(FAILSAFE_CONTEXT, "/contexts/failsafe_context") | ||||||
|  |  S_(DEFAULT_TYPE, "/contexts/default_type") | ||||||
|  |  S_(BOOLEANS, "/booleans") | ||||||
|  | +S_(MEDIA_CONTEXTS, "/contexts/files/media")
 | ||||||
|  | --- /dev/null	2004-09-10 04:39:39.953683832 -0400
 | ||||||
|  | +++ libselinux-1.17.9/utils/matchmediacon.c	2004-09-10 13:25:04.099192223 -0400
 | ||||||
|  | @@ -0,0 +1,28 @@
 | ||||||
|  | +#include <unistd.h>
 | ||||||
|  | +#include <stdio.h>
 | ||||||
|  | +#include <stdlib.h>
 | ||||||
|  | +#include <selinux/selinux.h>
 | ||||||
|  | +#include <errno.h>
 | ||||||
|  | +#include <string.h>
 | ||||||
|  | +
 | ||||||
|  | +int main(int argc, char **argv) 
 | ||||||
|  | +{
 | ||||||
|  | +	char *buf;
 | ||||||
|  | +	int rc, i;
 | ||||||
|  | +
 | ||||||
|  | +	if (argc < 2) {
 | ||||||
|  | +		fprintf(stderr, "usage:  %s media...\n", argv[0]);
 | ||||||
|  | +		exit(1);
 | ||||||
|  | +	}
 | ||||||
|  | +
 | ||||||
|  | +	for (i = 1; i < argc; i++) {
 | ||||||
|  | +		rc = matchmediacon(argv[i], &buf);
 | ||||||
|  | +		if (rc < 0) {
 | ||||||
|  | +			fprintf(stderr, "%s: matchmediacon(%s) failed: %s\n", argv[0], argv[i]);
 | ||||||
|  | +			exit(2);
 | ||||||
|  | +		}
 | ||||||
|  | +		printf("%s\t%s\n", argv[i], buf);
 | ||||||
|  | +		freecon(buf);
 | ||||||
|  | +	}
 | ||||||
|  | +	exit(0);
 | ||||||
|  | +}
 | ||||||
| @ -1,11 +1,11 @@ | |||||||
| Summary: SELinux library and simple utilities | Summary: SELinux library and simple utilities | ||||||
| Name: libselinux | Name: libselinux | ||||||
| Version: 1.17.9 | Version: 1.17.9 | ||||||
| Release: 1 | Release: 2 | ||||||
| License: Public domain (uncopyrighted) | License: Public domain (uncopyrighted) | ||||||
| Group: System Environment/Libraries | Group: System Environment/Libraries | ||||||
| Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz | Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz | ||||||
| #Patch: libselinux-rhat.patch | Patch: libselinux-rhat.patch | ||||||
| BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot | BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot | ||||||
| 
 | 
 | ||||||
| %description | %description | ||||||
| @ -34,7 +34,7 @@ needed for developing SELinux applications. | |||||||
| 
 | 
 | ||||||
| %prep | %prep | ||||||
| %setup -q | %setup -q | ||||||
| #%patch -p1 -b .rhat | %patch -p1 -b .rhat | ||||||
| 
 | 
 | ||||||
| %build | %build | ||||||
| make CFLAGS="%{optflags}" | make CFLAGS="%{optflags}" | ||||||
| @ -69,6 +69,9 @@ rm -rf ${RPM_BUILD_ROOT} | |||||||
| %{_mandir}/man8/* | %{_mandir}/man8/* | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Wed Sep 8 2004 Dan Walsh <dwalsh@redhat.com> 1.17.9-2 | ||||||
|  | - Add matchmediacon | ||||||
|  | 
 | ||||||
| * Wed Sep 8 2004 Dan Walsh <dwalsh@redhat.com> 1.17.9-1 | * Wed Sep 8 2004 Dan Walsh <dwalsh@redhat.com> 1.17.9-1 | ||||||
| - Update from NSA | - Update from NSA | ||||||
| 	* Added get_default_context_with_role. | 	* Added get_default_context_with_role. | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user