Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2330] trunk/libselinux
|
From: <ssm...@us...> - 2007-04-09 18:34:40
|
Revision: 2330
http://svn.sourceforge.net/selinux/?rev=2330&view=rev
Author: ssmalley
Date: 2007-04-09 11:34:19 -0700 (Mon, 09 Apr 2007)
Log Message:
-----------
Author: James Carter
Email: jw...@ty...
Subject: libselinux: add support for getting contexts for kernel initial SIDs from selinuxfs (resend)
Date: Mon, 09 Apr 2007 14:27:00 -0400
Add support to libselinux to get a userspace SID for a kernel initial
security identifier specified by name from the selinuxfs interface. It
is a convenience function that calls security_get_initial_context_raw()
and avc_context_to_sid_raw().
Signed-off-by: James Carter <jw...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/avc.h
trunk/libselinux/man/man3/avc_context_to_sid.3
trunk/libselinux/src/avc.c
Added Paths:
-----------
trunk/libselinux/man/man3/avc_get_initial_context.3
Modified: trunk/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2007-04-09 18:26:02 UTC (rev 2329)
+++ trunk/libselinux/include/selinux/avc.h 2007-04-09 18:34:19 UTC (rev 2330)
@@ -78,6 +78,17 @@
*/
int sidput(security_id_t sid);
+/**
+ * avc_get_initial_sid - get SID for an initial kernel security identifier
+ * @name: input name of initial kernel security identifier
+ * @sid: pointer to a SID reference
+ *
+ * Get the context for an initial kernel security identifier specified by
+ * @name using security_get_initial_context() and then call
+ * avc_context_to_sid() to get the corresponding SID.
+ */
+ int avc_get_initial_sid(const char * name, security_id_t * sid);
+
/*
* AVC entry
*/
Modified: trunk/libselinux/man/man3/avc_context_to_sid.3
===================================================================
--- trunk/libselinux/man/man3/avc_context_to_sid.3 2007-04-09 18:26:02 UTC (rev 2329)
+++ trunk/libselinux/man/man3/avc_context_to_sid.3 2007-04-09 18:34:19 UTC (rev 2330)
@@ -3,7 +3,7 @@
.\" Author: Eamon Walsh (ew...@ep...) 2004
.TH "avc_context_to_sid" "3" "27 May 2004" "" "SE Linux API documentation"
.SH "NAME"
-avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate SELinux security ID's.
+avc_context_to_sid, avc_sid_to_context, sidput, sidget, avc_get_initial_sid \- obtain and manipulate SELinux security ID's.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
@@ -16,6 +16,8 @@
.BI "int sidget(security_id_t " sid ");"
.sp
.BI "int sidput(security_id_t " sid ");"
+.BI "int avc_get_initial_sid(const char *" name ", security_id_t *" sid ");"
+.sp
.SH "DESCRIPTION"
Security ID's (SID's) are reference-counted, opaque representations of security contexts.
@@ -45,6 +47,9 @@
by 1. If the count ever reaches zero, the SID becomes
invalid and must not be used any further.
+.B avc_get_initial_sid
+returns a SID for the initial kernel security identifier specified by name
+
.SH "RETURN VALUE"
.B sidget
and
Added: trunk/libselinux/man/man3/avc_get_initial_context.3
===================================================================
--- trunk/libselinux/man/man3/avc_get_initial_context.3 (rev 0)
+++ trunk/libselinux/man/man3/avc_get_initial_context.3 2007-04-09 18:34:19 UTC (rev 2330)
@@ -0,0 +1 @@
+.so man3/avc_context_to_sid.3
Modified: trunk/libselinux/src/avc.c
===================================================================
--- trunk/libselinux/src/avc.c 2007-04-09 18:26:02 UTC (rev 2329)
+++ trunk/libselinux/src/avc.c 2007-04-09 18:34:19 UTC (rev 2330)
@@ -280,6 +280,21 @@
return rc;
}
+int avc_get_initial_sid(const char * name, security_id_t * sid)
+{
+ int rc;
+ security_context_t con;
+
+ rc = security_get_initial_context_raw(name, &con);
+ if (rc < 0)
+ return rc;
+ rc = avc_context_to_sid_raw(con, sid);
+
+ freecon(con);
+
+ return rc;
+}
+
int avc_init(const char *prefix,
const struct avc_memory_callback *mem_cb,
const struct avc_log_callback *log_cb,
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
