79 lines
3.1 KiB
Diff
79 lines
3.1 KiB
Diff
diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.45/include/selinux/av_permissions.h
|
|
--- nsalibselinux/include/selinux/av_permissions.h 2007-11-15 15:52:46.000000000 -0500
|
|
+++ libselinux-2.0.45/include/selinux/av_permissions.h 2007-11-30 17:27:14.000000000 -0500
|
|
@@ -900,6 +900,8 @@
|
|
#define PACKET__SEND 0x00000001UL
|
|
#define PACKET__RECV 0x00000002UL
|
|
#define PACKET__RELABELTO 0x00000004UL
|
|
+#define PACKET__FLOW_IN 0x00000008UL
|
|
+#define PACKET__FLOW_OUT 0x00000010UL
|
|
#define KEY__VIEW 0x00000001UL
|
|
#define KEY__READ 0x00000002UL
|
|
#define KEY__WRITE 0x00000004UL
|
|
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-2.0.45/man/man8/matchpathcon.8
|
|
--- nsalibselinux/man/man8/matchpathcon.8 2007-08-03 16:02:56.000000000 -0400
|
|
+++ libselinux-2.0.45/man/man8/matchpathcon.8 2007-12-06 11:22:40.000000000 -0500
|
|
@@ -6,7 +6,12 @@
|
|
.B matchpathcon [-V] [-N] [-n] [-f file_contexts_file ] [-p prefix ] filepath...
|
|
.SH "DESCRIPTION"
|
|
.B matchpathcon
|
|
-Prints the file path and the default security context associated with it.
|
|
+Queries the system and prints the default security context associated with the filepath.
|
|
+
|
|
+Note: Identical paths can have different security contexts, depending on the file type. (regular file, directory, link file, char file ...)
|
|
+
|
|
+matchpathcon will check the system default context using the file type if the file exists. If the file does not exist, it will get the context of a regular file.
|
|
+
|
|
.SH OPTIONS
|
|
.B \-n
|
|
Do not display path.
|
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.45/src/matchpathcon.c
|
|
--- nsalibselinux/src/matchpathcon.c 2007-09-28 09:48:58.000000000 -0400
|
|
+++ libselinux-2.0.45/src/matchpathcon.c 2007-11-30 17:27:14.000000000 -0500
|
|
@@ -2,6 +2,7 @@
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <stdio.h>
|
|
+#include <syslog.h>
|
|
#include "selinux_internal.h"
|
|
#include "label_internal.h"
|
|
#include "callbacks.h"
|
|
@@ -57,7 +58,7 @@
|
|
{
|
|
va_list ap;
|
|
va_start(ap, fmt);
|
|
- vfprintf(stderr, fmt, ap);
|
|
+ vsyslog(LOG_ERR, fmt, ap);
|
|
va_end(ap);
|
|
}
|
|
|
|
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.45/utils/matchpathcon.c
|
|
--- nsalibselinux/utils/matchpathcon.c 2007-07-16 14:20:45.000000000 -0400
|
|
+++ libselinux-2.0.45/utils/matchpathcon.c 2007-11-30 17:27:14.000000000 -0500
|
|
@@ -17,10 +17,24 @@
|
|
exit(1);
|
|
}
|
|
|
|
+static void
|
|
+#ifdef __GNUC__
|
|
+ __attribute__ ((format(printf, 1, 2)))
|
|
+#endif
|
|
+ myprintf(const char *fmt, ...)
|
|
+{
|
|
+ va_list ap;
|
|
+ va_start(ap, fmt);
|
|
+ vfprintf(stderr, fmt, ap);
|
|
+ va_end(ap);
|
|
+}
|
|
+
|
|
int printmatchpathcon(char *path, int header, int mode)
|
|
{
|
|
char *buf;
|
|
- int rc = matchpathcon(path, mode, &buf);
|
|
+ int rc;
|
|
+ set_matchpathcon_printf(myprintf);
|
|
+ rc = matchpathcon(path, mode, &buf);
|
|
if (rc < 0) {
|
|
fprintf(stderr, "matchpathcon(%s) failed: %s\n", path,
|
|
strerror(errno));
|