Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2155] trunk/libsemanage/src
|
From: <mad...@us...> - 2007-01-08 20:32:34
|
Revision: 2155
http://svn.sourceforge.net/selinux/?rev=2155&view=rev
Author: madmethod
Date: 2007-01-08 12:32:26 -0800 (Mon, 08 Jan 2007)
Log Message:
-----------
This patch adds two options to the semanage config file to control whether the previous module directory and linked module are saved after a successful commit to the policy store. The default is to delete both.
On my system this reduces the size of the module directory from 78mb to 22mb.
Signed-off-by: Karl MacMillan <kma...@me...>
Acked-By: Joshua Brindle <jbr...@tr...>
Modified Paths:
--------------
trunk/libsemanage/src/conf-parse.y
trunk/libsemanage/src/conf-scan.l
trunk/libsemanage/src/direct_api.c
trunk/libsemanage/src/semanage_conf.h
trunk/libsemanage/src/semanage_store.c
Modified: trunk/libsemanage/src/conf-parse.y
===================================================================
--- trunk/libsemanage/src/conf-parse.y 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/conf-parse.y 2007-01-08 20:32:26 UTC (rev 2155)
@@ -56,7 +56,7 @@
char *s;
}
-%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
+%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED
%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
%token PROG_PATH PROG_ARGS
@@ -78,6 +78,8 @@
| version
| expand_check
| file_mode
+ | save_previous
+ | save_linked
;
module_store: MODULE_STORE '=' ARG {
@@ -112,6 +114,30 @@
}
;
+save_previous: SAVE_PREVIOUS '=' ARG {
+ if (strcasecmp($3, "true") == 0)
+ current_conf->save_previous = 1;
+ else if (strcasecmp($3, "false") == 0)
+ current_conf->save_previous = 0;
+ else {
+ yyerror("save-previous can only be 'true' or 'false'");
+ }
+ }
+ ;
+
+
+save_linked: SAVE_LINKED '=' ARG {
+ if (strcasecmp($3, "true") == 0)
+ current_conf->save_linked = 1;
+ else if (strcasecmp($3, "false") == 0)
+ current_conf->save_linked = 0;
+ else {
+ yyerror("save-linked can only be 'true' or 'false'");
+ }
+ }
+ ;
+
+
command_block:
command_start external_opts BLOCK_END {
if (new_external->path == NULL) {
@@ -187,6 +213,9 @@
conf->expand_check = 1;
conf->file_mode = 0644;
+ conf->save_previous = 0;
+ conf->save_linked = 0;
+
if ((conf->load_policy =
calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) {
return -1;
@@ -284,6 +313,7 @@
int semanage_error(char *msg)
{
+ fprintf(stderr, "error parsing semanage configuration file: %s\n", msg);
parse_errors++;
return 0;
}
Modified: trunk/libsemanage/src/conf-scan.l
===================================================================
--- trunk/libsemanage/src/conf-scan.l 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/conf-scan.l 2007-01-08 20:32:26 UTC (rev 2155)
@@ -42,6 +42,8 @@
policy-version return VERSION;
expand-check return EXPAND_CHECK;
file-mode return FILE_MODE;
+save-previous return SAVE_PREVIOUS;
+save-linked return SAVE_LINKED;
"[load_policy]" return LOAD_POLICY_START;
"[setfiles]" return SETFILES_START;
"[genhomedircon]" return GENHOMEDIRCON_START;
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/direct_api.c 2007-01-08 20:32:26 UTC (rev 2155)
@@ -509,18 +509,38 @@
if (retval < 0)
goto cleanup;
- /* write the linked base */
+ /* write the linked base if we want to save or we have a
+ * verification program that wants it. */
linked_filename = semanage_path(SEMANAGE_TMP, SEMANAGE_LINKED);
if (linked_filename == NULL) {
retval = -1;
goto cleanup;
}
- retval = semanage_write_module(sh, linked_filename, base);
- if (retval < 0)
- goto cleanup;
- retval = semanage_verify_linked(sh);
- if (retval < 0)
- goto cleanup;
+ if (sh->conf->save_linked || sh->conf->linked_prog) {
+ retval = semanage_write_module(sh, linked_filename, base);
+ if (retval < 0)
+ goto cleanup;
+ retval = semanage_verify_linked(sh);
+ if (retval < 0)
+ goto cleanup;
+ /* remove the linked policy if we only wrote it for the
+ * verification program. */
+ if (!sh->conf->save_linked) {
+ retval = unlink(linked_filename);
+ if (retval < 0) {
+ ERR(sh, "could not remove linked base %s",
+ linked_filename);
+ goto cleanup;
+ }
+ }
+ } else {
+ /* Try to delete the linked copy - this is needed if
+ * the save_link option has changed to prevent the
+ * old linked copy from being copied forever. No error
+ * checking is done because this is likely to fail because
+ * the file does not exist - which is not an error. */
+ unlink(linked_filename);
+ }
/* ==================== File-backed ================== */
Modified: trunk/libsemanage/src/semanage_conf.h
===================================================================
--- trunk/libsemanage/src/semanage_conf.h 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/semanage_conf.h 2007-01-08 20:32:26 UTC (rev 2155)
@@ -35,6 +35,8 @@
int server_port;
int policyvers; /* version for server generated policies */
int expand_check;
+ int save_previous;
+ int save_linked;
mode_t file_mode;
struct external_prog *load_policy;
struct external_prog *setfiles;
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/semanage_store.c 2007-01-08 20:32:26 UTC (rev 2155)
@@ -1224,6 +1224,14 @@
goto cleanup;
}
+ if (!sh->conf->save_previous) {
+ retval = semanage_remove_directory(backup);
+ if (retval < 0) {
+ ERR(sh, "Could not delete previous directory %s.", backup);
+ goto cleanup;
+ }
+ }
+
cleanup:
semanage_release_active_lock(sh);
return retval;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
