[Selinux-commits] SF.net SVN: selinux: [2326] trunk

[<ssm...@us...>]

Revision: 2326
          http://svn.sourceforge.net/selinux/?rev=2326&view=rev
Author:   ssmalley
Date:     2007-04-09 11:13:11 -0700 (Mon, 09 Apr 2007)

Log Message:
-----------
Revert

Modified Paths:
--------------
    trunk/libselinux/include/selinux/selinux.h
    trunk/libselinux/man/man3/security_compute_av.3
    trunk/libselinux/man/man3/security_get_initial_context.3
    trunk/libselinux/src/Makefile
    trunk/libselinux/src/load_policy.c
    trunk/libselinux/src/selinux_internal.h
    trunk/libsepol/src/Makefile

Modified: trunk/libselinux/include/selinux/selinux.h
===================================================================
--- trunk/libselinux/include/selinux/selinux.h	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/include/selinux/selinux.h	2007-04-09 18:13:11 UTC (rev 2326)
@@ -189,13 +189,6 @@
 /* Load a policy configuration. */
 	extern int security_load_policy(void *data, size_t len);
 
-/* Get the context of an initial kernel security identifier by name.  
-   Caller must free via freecon */
-	extern int security_get_initial_context(const char * name, 
-						security_context_t * con);
-	extern int security_get_initial_context_raw(const char * name, 
-						    security_context_t * con);
-
 /*
  * Make a policy image and load it.
  * This function provides a higher level interface for loading policy

Modified: trunk/libselinux/man/man3/security_compute_av.3
===================================================================
--- trunk/libselinux/man/man3/security_compute_av.3	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/man/man3/security_compute_av.3	2007-04-09 18:13:11 UTC (rev 2326)
@@ -1,7 +1,6 @@
 .TH "security_compute_av" "3" "1 January 2004" "ru...@co..." "SE Linux API documentation"
 .SH "NAME"
-security_compute_av, security_compute_create, security_compute_relabel,
-security_compute_user, security_get_initial_context \- query
+security_compute_av, security_compute_create, security_compute_relabel, security_compute_user \- query
 the SELinux policy database in the kernel.
 
 .SH "SYNOPSIS"
@@ -17,9 +16,6 @@
 .sp
 .BI "int security_compute_user(security_context_t "scon ", const char *" username ", security_context_t **" con );
 .sp
-.BI "int security_get_initial_context(const char *" name ", security_context_t
-"con );
-.sp
 .BI "int checkPasswdAccess(access_vector_t " requested );
 
 .SH "DESCRIPTION"
@@ -48,9 +44,6 @@
 source context. Is mainly used by
 .B get_ordered_context_list.
 
-.B security_get_initial_context
-is used to get the context of an initial kernel security identifier by name.
-
 .B checkPasswdAccess
 This functions is a helper functions that allows you to check for a permission in the passwd class. checkPasswdAccess uses getprevcon() for the source and target security contexts.
 

Modified: trunk/libselinux/man/man3/security_get_initial_context.3
===================================================================
--- trunk/libselinux/man/man3/security_get_initial_context.3	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/man/man3/security_get_initial_context.3	2007-04-09 18:13:11 UTC (rev 2326)
@@ -1 +0,0 @@
-.so man3/security_compute_av.3

Modified: trunk/libselinux/src/Makefile
===================================================================
--- trunk/libselinux/src/Makefile	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/Makefile	2007-04-09 18:13:11 UTC (rev 2326)
@@ -18,27 +18,10 @@
 SWIGSO=_selinux.so
 SWIGFILES=$(SWIGSO) selinux.py 
 LIBSO=$(TARGET).$(LIBVERSION)
-
-LSEPOL=-lsepol
-SRCS=$(filter-out $(SWIGCOUT),$(wildcard *.c))
-ifeq ($(EMBEDDED),1)
-UNUSED_SRCS=avc.c avc_internal.c avc_sidtab.c
-SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out $(SWIGCOUT),$(wildcard *.c)))
-endif
-ifeq ($(DISABLE_SEPOL),1)
-UNUSED_SRCS+=booleans.c
-LSEPOL=
-SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out $(SWIGCOUT),$(wildcard *.c)))
-endif
-
-OBJS= $(patsubst %.c,%.o,$(SRCS))
-LOBJS= $(patsubst %.c,%.lo,$(SRCS))
+OBJS= $(patsubst %.c,%.o,$(filter-out $(SWIGCOUT),$(wildcard *.c))) 
+LOBJS= $(patsubst %.c,%.lo,$(filter-out $(SWIGCOUT),$(wildcard *.c)))
 CFLAGS ?= -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute
 override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-ifeq ($(DISABLE_SEPOL),1)
-override CFLAGS += -DDISABLE_SEPOL
-endif
-
 RANLIB=ranlib
 
 ARCH := $(patsubst i%86,i386,$(shell uname -m))
@@ -65,7 +48,7 @@
 	$(CC) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
 
 $(LIBSO): $(LOBJS)
-	$(CC) $(LDFLAGS) -shared -o $@ $^ -ldl $(LSEPOL) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+	$(CC) $(LDFLAGS) -shared -o $@ $^ -ldl -lsepol -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
 	ln -sf $@ $(TARGET) 
 
 %.o:  %.c policy.h

Modified: trunk/libselinux/src/load_policy.c
===================================================================
--- trunk/libselinux/src/load_policy.c	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/load_policy.c	2007-04-09 18:13:11 UTC (rev 2326)
@@ -41,56 +41,7 @@
 
 int load_setlocaldefs hidden = 1;
 
-/* 
-  This function is used only if DISABLE_SEPOL is defined.
-  Size of libsepol is big, so you may want to disable libsepol for embedded devices.
-  This function is selinux_mkload_policy with limitations.
-  Limitations:
-  - Binary policy file name is assumed as "policy.<value in /selinux/policyvers>".
-  - Preserve boolean is not supported, so it is recommended not to use boolean,
-    if you want to disable sepol.
-  - system.users and local.users are not supported.
-*/
-static int selinux_mkload_policy_nosepol(int preservebools) {
-	int rc = -1;
-	char path[PATH_MAX];
-	size_t size;
-	void *data;
-	int fd;	
-	struct stat sb;
-
-	if (preservebools) {
-		return -1;
-	}
-
-	snprintf(path, sizeof(path), "%s", selinux_binary_policy_path());
-
-	fd = open(path, O_RDONLY);
-	if (fd < 0)
-		return -1;
-	
-	if (fstat(fd, &sb) < 0)
-		goto close;
-
-	size = sb.st_size;
-	data = mmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);
-	if (data == MAP_FAILED)
-		goto close;
-
-	rc = security_load_policy(data, size);
-
- close:
-	close(fd);
-	return rc;
-	
-}
-
-#ifndef DISABLE_SEPOL
-/*
-  selinux_mkload_policy with full features.
-  This is used usually(when DISABLE_SEPOL is not defined).
-*/
-static int selinux_mkload_policy_sepol(int preservebools)
+int selinux_mkload_policy(int preservebools)
 {
 	int vers = sepol_policy_kern_vers_max();
 	int kernvers = security_policyvers();
@@ -203,16 +154,7 @@
 	close(fd);
 	return rc;
 }
-#endif /*ifndef DISABLE_SEPOL*/
 
-int selinux_mkload_policy(int preservebools) {
-#ifdef DISABLE_SEPOL
-	return selinux_mkload_policy_nosepol(preservebools);
-#else
-	return selinux_mkload_policy_sepol(preservebools);
-#endif
-}
-
 hidden_def(selinux_mkload_policy)
 
 /*

Modified: trunk/libselinux/src/selinux_internal.h
===================================================================
--- trunk/libselinux/src/selinux_internal.h	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libselinux/src/selinux_internal.h	2007-04-09 18:13:11 UTC (rev 2326)
@@ -76,8 +76,6 @@
 hidden_proto(selinux_getpolicytype);
 hidden_proto(selinux_raw_to_trans_context);
 hidden_proto(selinux_trans_to_raw_context);
-hidden_proto(security_get_initial_context);
-hidden_proto(security_get_initial_context_raw);
 
 extern int load_setlocaldefs hidden;
 extern int require_seusers hidden;

Modified: trunk/libsepol/src/Makefile
===================================================================
--- trunk/libsepol/src/Makefile	2007-04-09 18:02:21 UTC (rev 2325)
+++ trunk/libsepol/src/Makefile	2007-04-09 18:13:11 UTC (rev 2326)
@@ -8,18 +8,11 @@
 LIBA=libsepol.a 
 TARGET=libsepol.so
 LIBSO=$(TARGET).$(LIBVERSION)
-
-SRCS=$(wildcard *.c)
-ifeq ($(EMBEDDED),1)
-UNUSED_SRCS=link.c nodes.c roles.c iface_record.c module.c port_record.c user_record.c interfaces.c  node_record.c ports.c users.c
-SRCS= $(filter-out $(UNUSED_SRCS), $(wildcard *.c))
-endif
-OBJS= $(patsubst %.c,%.o,$(SRCS))
-LOBJS= $(patsubst %.c,%.lo,$(SRCS))
+OBJS= $(patsubst %.c,%.o,$(wildcard *.c))
+LOBJS= $(patsubst %.c,%.lo,$(wildcard *.c))
 CFLAGS ?= -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute
 override CFLAGS += -I. -I../include -D_GNU_SOURCE
 
-
 all: $(LIBA) $(LIBSO)
 
 $(LIBA):  $(OBJS)


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.