Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2326] trunk
|
From: <ssm...@us...> - 2007-04-09 18:13:13
|
Revision: 2326
http://svn.sourceforge.net/selinux/?rev=2326&view=rev
Author: ssmalley
Date: 2007-04-09 11:13:11 -0700 (Mon, 09 Apr 2007)
Log Message:
-----------
Revert
Modified Paths:
--------------
trunk/libselinux/include/selinux/selinux.h
trunk/libselinux/man/man3/security_compute_av.3
trunk/libselinux/man/man3/security_get_initial_context.3
trunk/libselinux/src/Makefile
trunk/libselinux/src/load_policy.c
trunk/libselinux/src/selinux_internal.h
trunk/libsepol/src/Makefile
Modified: trunk/libselinux/include/selinux/selinux.h
===================================================================
--- trunk/libselinux/include/selinux/selinux.h 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/include/selinux/selinux.h 2007-04-09 18:13:11 UTC (rev 2326)
@@ -189,13 +189,6 @@
/* Load a policy configuration. */
extern int security_load_policy(void *data, size_t len);
-/* Get the context of an initial kernel security identifier by name.
- Caller must free via freecon */
- extern int security_get_initial_context(const char * name,
- security_context_t * con);
- extern int security_get_initial_context_raw(const char * name,
- security_context_t * con);
-
/*
* Make a policy image and load it.
* This function provides a higher level interface for loading policy
Modified: trunk/libselinux/man/man3/security_compute_av.3
===================================================================
--- trunk/libselinux/man/man3/security_compute_av.3 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/man/man3/security_compute_av.3 2007-04-09 18:13:11 UTC (rev 2326)
@@ -1,7 +1,6 @@
.TH "security_compute_av" "3" "1 January 2004" "ru...@co..." "SE Linux API documentation"
.SH "NAME"
-security_compute_av, security_compute_create, security_compute_relabel,
-security_compute_user, security_get_initial_context \- query
+security_compute_av, security_compute_create, security_compute_relabel, security_compute_user \- query
the SELinux policy database in the kernel.
.SH "SYNOPSIS"
@@ -17,9 +16,6 @@
.sp
.BI "int security_compute_user(security_context_t "scon ", const char *" username ", security_context_t **" con );
.sp
-.BI "int security_get_initial_context(const char *" name ", security_context_t
-"con );
-.sp
.BI "int checkPasswdAccess(access_vector_t " requested );
.SH "DESCRIPTION"
@@ -48,9 +44,6 @@
source context. Is mainly used by
.B get_ordered_context_list.
-.B security_get_initial_context
-is used to get the context of an initial kernel security identifier by name.
-
.B checkPasswdAccess
This functions is a helper functions that allows you to check for a permission in the passwd class. checkPasswdAccess uses getprevcon() for the source and target security contexts.
Modified: trunk/libselinux/man/man3/security_get_initial_context.3
===================================================================
--- trunk/libselinux/man/man3/security_get_initial_context.3 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/man/man3/security_get_initial_context.3 2007-04-09 18:13:11 UTC (rev 2326)
@@ -1 +0,0 @@
-.so man3/security_compute_av.3
Modified: trunk/libselinux/src/Makefile
===================================================================
--- trunk/libselinux/src/Makefile 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/Makefile 2007-04-09 18:13:11 UTC (rev 2326)
@@ -18,27 +18,10 @@
SWIGSO=_selinux.so
SWIGFILES=$(SWIGSO) selinux.py
LIBSO=$(TARGET).$(LIBVERSION)
-
-LSEPOL=-lsepol
-SRCS=$(filter-out $(SWIGCOUT),$(wildcard *.c))
-ifeq ($(EMBEDDED),1)
-UNUSED_SRCS=avc.c avc_internal.c avc_sidtab.c
-SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out $(SWIGCOUT),$(wildcard *.c)))
-endif
-ifeq ($(DISABLE_SEPOL),1)
-UNUSED_SRCS+=booleans.c
-LSEPOL=
-SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out $(SWIGCOUT),$(wildcard *.c)))
-endif
-
-OBJS= $(patsubst %.c,%.o,$(SRCS))
-LOBJS= $(patsubst %.c,%.lo,$(SRCS))
+OBJS= $(patsubst %.c,%.o,$(filter-out $(SWIGCOUT),$(wildcard *.c)))
+LOBJS= $(patsubst %.c,%.lo,$(filter-out $(SWIGCOUT),$(wildcard *.c)))
CFLAGS ?= -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute
override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-ifeq ($(DISABLE_SEPOL),1)
-override CFLAGS += -DDISABLE_SEPOL
-endif
-
RANLIB=ranlib
ARCH := $(patsubst i%86,i386,$(shell uname -m))
@@ -65,7 +48,7 @@
$(CC) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -ldl $(LSEPOL) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ $(CC) $(LDFLAGS) -shared -o $@ $^ -ldl -lsepol -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
ln -sf $@ $(TARGET)
%.o: %.c policy.h
Modified: trunk/libselinux/src/load_policy.c
===================================================================
--- trunk/libselinux/src/load_policy.c 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/load_policy.c 2007-04-09 18:13:11 UTC (rev 2326)
@@ -41,56 +41,7 @@
int load_setlocaldefs hidden = 1;
-/*
- This function is used only if DISABLE_SEPOL is defined.
- Size of libsepol is big, so you may want to disable libsepol for embedded devices.
- This function is selinux_mkload_policy with limitations.
- Limitations:
- - Binary policy file name is assumed as "policy.<value in /selinux/policyvers>".
- - Preserve boolean is not supported, so it is recommended not to use boolean,
- if you want to disable sepol.
- - system.users and local.users are not supported.
-*/
-static int selinux_mkload_policy_nosepol(int preservebools) {
- int rc = -1;
- char path[PATH_MAX];
- size_t size;
- void *data;
- int fd;
- struct stat sb;
-
- if (preservebools) {
- return -1;
- }
-
- snprintf(path, sizeof(path), "%s", selinux_binary_policy_path());
-
- fd = open(path, O_RDONLY);
- if (fd < 0)
- return -1;
-
- if (fstat(fd, &sb) < 0)
- goto close;
-
- size = sb.st_size;
- data = mmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);
- if (data == MAP_FAILED)
- goto close;
-
- rc = security_load_policy(data, size);
-
- close:
- close(fd);
- return rc;
-
-}
-
-#ifndef DISABLE_SEPOL
-/*
- selinux_mkload_policy with full features.
- This is used usually(when DISABLE_SEPOL is not defined).
-*/
-static int selinux_mkload_policy_sepol(int preservebools)
+int selinux_mkload_policy(int preservebools)
{
int vers = sepol_policy_kern_vers_max();
int kernvers = security_policyvers();
@@ -203,16 +154,7 @@
close(fd);
return rc;
}
-#endif /*ifndef DISABLE_SEPOL*/
-int selinux_mkload_policy(int preservebools) {
-#ifdef DISABLE_SEPOL
- return selinux_mkload_policy_nosepol(preservebools);
-#else
- return selinux_mkload_policy_sepol(preservebools);
-#endif
-}
-
hidden_def(selinux_mkload_policy)
/*
Modified: trunk/libselinux/src/selinux_internal.h
===================================================================
--- trunk/libselinux/src/selinux_internal.h 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/selinux_internal.h 2007-04-09 18:13:11 UTC (rev 2326)
@@ -76,8 +76,6 @@
hidden_proto(selinux_getpolicytype);
hidden_proto(selinux_raw_to_trans_context);
hidden_proto(selinux_trans_to_raw_context);
-hidden_proto(security_get_initial_context);
-hidden_proto(security_get_initial_context_raw);
extern int load_setlocaldefs hidden;
extern int require_seusers hidden;
Modified: trunk/libsepol/src/Makefile
===================================================================
--- trunk/libsepol/src/Makefile 2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libsepol/src/Makefile 2007-04-09 18:13:11 UTC (rev 2326)
@@ -8,18 +8,11 @@
LIBA=libsepol.a
TARGET=libsepol.so
LIBSO=$(TARGET).$(LIBVERSION)
-
-SRCS=$(wildcard *.c)
-ifeq ($(EMBEDDED),1)
-UNUSED_SRCS=link.c nodes.c roles.c iface_record.c module.c port_record.c user_record.c interfaces.c node_record.c ports.c users.c
-SRCS= $(filter-out $(UNUSED_SRCS), $(wildcard *.c))
-endif
-OBJS= $(patsubst %.c,%.o,$(SRCS))
-LOBJS= $(patsubst %.c,%.lo,$(SRCS))
+OBJS= $(patsubst %.c,%.o,$(wildcard *.c))
+LOBJS= $(patsubst %.c,%.lo,$(wildcard *.c))
CFLAGS ?= -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute
override CFLAGS += -I. -I../include -D_GNU_SOURCE
-
all: $(LIBA) $(LIBSO)
$(LIBA): $(OBJS)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
