Menu
▾
▴
selinux-commits — Commits to the subversion repo
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(24) |
Sep
(38) |
Oct
(29) |
Nov
(40) |
Dec
(4) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(88) |
Feb
(66) |
Mar
(44) |
Apr
(104) |
May
(35) |
Jun
(34) |
Jul
(12) |
Aug
(42) |
Sep
(84) |
Oct
(34) |
Nov
(30) |
Dec
(22) |
| 2008 |
Jan
(60) |
Feb
(54) |
Mar
(32) |
Apr
(14) |
May
(16) |
Jun
(26) |
Jul
(22) |
Aug
(12) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <ew...@us...> - 2007-09-27 20:09:37
|
Revision: 2601
http://selinux.svn.sourceforge.net/selinux/?rev=2601&view=rev
Author: ewalsh
Date: 2007-09-27 13:08:41 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.36
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-27 20:07:56 UTC (rev 2600)
+++ trunk/libselinux/ChangeLog 2007-09-27 20:08:41 UTC (rev 2601)
@@ -1,3 +1,6 @@
+2.0.36 2007-09-27
+ * Fix segfault resulting from missing file_contexts file.
+
2.0.35 2007-09-24
* Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
* Pass CFLAGS when using gcc for linking from Dennis Gilmore.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-27 20:07:56 UTC (rev 2600)
+++ trunk/libselinux/VERSION 2007-09-27 20:08:41 UTC (rev 2601)
@@ -1 +1 @@
-2.0.35
+2.0.36
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:39:41
|
Revision: 2599
http://selinux.svn.sourceforge.net/selinux/?rev=2599&view=rev
Author: ssmalley
Date: 2007-09-27 06:38:54 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libselinux to version 1.34.14
Modified Paths:
--------------
branches/stable/1_0/libselinux/ChangeLog
branches/stable/1_0/libselinux/VERSION
Modified: branches/stable/1_0/libselinux/ChangeLog
===================================================================
--- branches/stable/1_0/libselinux/ChangeLog 2007-09-27 13:37:46 UTC (rev 2598)
+++ branches/stable/1_0/libselinux/ChangeLog 2007-09-27 13:38:54 UTC (rev 2599)
@@ -1,3 +1,6 @@
+1.34.14 2007-09-27
+ * Refactored SWIG bindings from James Athey.
+
1.34.13 2007-09-24
* Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
* Pass CFLAGS when using gcc for linking from Dennis Gilmore.
Modified: branches/stable/1_0/libselinux/VERSION
===================================================================
--- branches/stable/1_0/libselinux/VERSION 2007-09-27 13:37:46 UTC (rev 2598)
+++ branches/stable/1_0/libselinux/VERSION 2007-09-27 13:38:54 UTC (rev 2599)
@@ -1 +1 @@
-1.34.13
+1.34.14
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:38:33
|
Revision: 2598
http://selinux.svn.sourceforge.net/selinux/?rev=2598&view=rev
Author: ssmalley
Date: 2007-09-27 06:37:46 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
applied refactored libselinux swig bindings from trunk
Modified Paths:
--------------
branches/stable/1_0/libselinux/src/Makefile
branches/stable/1_0/libselinux/src/fsetfilecon.c
branches/stable/1_0/libselinux/src/selinux.py
branches/stable/1_0/libselinux/src/selinuxswig.i
branches/stable/1_0/libselinux/src/selinuxswig_wrap.c
branches/stable/1_0/libsemanage/src/semanage.py
branches/stable/1_0/libsemanage/src/semanageswig_wrap.c
Added Paths:
-----------
branches/stable/1_0/libselinux/src/selinuxswig_python.i
Modified: branches/stable/1_0/libselinux/src/Makefile
===================================================================
--- branches/stable/1_0/libselinux/src/Makefile 2007-09-27 13:22:54 UTC (rev 2597)
+++ branches/stable/1_0/libselinux/src/Makefile 2007-09-27 13:37:46 UTC (rev 2598)
@@ -12,7 +12,7 @@
LIBA=libselinux.a
TARGET=libselinux.so
-SWIGIF= selinuxswig.i
+SWIGIF= selinuxswig_python.i
SWIGCOUT= selinuxswig_wrap.c
SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
SWIGSO=_selinux.so
Modified: branches/stable/1_0/libselinux/src/fsetfilecon.c
===================================================================
--- branches/stable/1_0/libselinux/src/fsetfilecon.c 2007-09-27 13:22:54 UTC (rev 2597)
+++ branches/stable/1_0/libselinux/src/fsetfilecon.c 2007-09-27 13:37:46 UTC (rev 2598)
@@ -13,7 +13,7 @@
0);
}
-hidden_def(setfilecon_raw)
+hidden_def(fsetfilecon_raw)
int fsetfilecon(int fd, security_context_t context)
{
Modified: branches/stable/1_0/libselinux/src/selinux.py
===================================================================
--- branches/stable/1_0/libselinux/src/selinux.py 2007-09-27 13:22:54 UTC (rev 2597)
+++ branches/stable/1_0/libselinux/src/selinux.py 2007-09-27 13:37:46 UTC (rev 2598)
@@ -51,45 +51,141 @@
is_selinux_enabled = _selinux.is_selinux_enabled
is_selinux_mls_enabled = _selinux.is_selinux_mls_enabled
getcon = _selinux.getcon
+getcon_raw = _selinux.getcon_raw
setcon = _selinux.setcon
+setcon_raw = _selinux.setcon_raw
getpidcon = _selinux.getpidcon
+getpidcon_raw = _selinux.getpidcon_raw
getprevcon = _selinux.getprevcon
+getprevcon_raw = _selinux.getprevcon_raw
getexeccon = _selinux.getexeccon
+getexeccon_raw = _selinux.getexeccon_raw
setexeccon = _selinux.setexeccon
+setexeccon_raw = _selinux.setexeccon_raw
getfscreatecon = _selinux.getfscreatecon
+getfscreatecon_raw = _selinux.getfscreatecon_raw
setfscreatecon = _selinux.setfscreatecon
+setfscreatecon_raw = _selinux.setfscreatecon_raw
getkeycreatecon = _selinux.getkeycreatecon
+getkeycreatecon_raw = _selinux.getkeycreatecon_raw
setkeycreatecon = _selinux.setkeycreatecon
+setkeycreatecon_raw = _selinux.setkeycreatecon_raw
getsockcreatecon = _selinux.getsockcreatecon
+getsockcreatecon_raw = _selinux.getsockcreatecon_raw
setsockcreatecon = _selinux.setsockcreatecon
+setsockcreatecon_raw = _selinux.setsockcreatecon_raw
getfilecon = _selinux.getfilecon
+getfilecon_raw = _selinux.getfilecon_raw
lgetfilecon = _selinux.lgetfilecon
+lgetfilecon_raw = _selinux.lgetfilecon_raw
fgetfilecon = _selinux.fgetfilecon
+fgetfilecon_raw = _selinux.fgetfilecon_raw
setfilecon = _selinux.setfilecon
+setfilecon_raw = _selinux.setfilecon_raw
lsetfilecon = _selinux.lsetfilecon
+lsetfilecon_raw = _selinux.lsetfilecon_raw
fsetfilecon = _selinux.fsetfilecon
+fsetfilecon_raw = _selinux.fsetfilecon_raw
getpeercon = _selinux.getpeercon
+getpeercon_raw = _selinux.getpeercon_raw
+class av_decision(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, av_decision, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, av_decision, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["allowed"] = _selinux.av_decision_allowed_set
+ __swig_getmethods__["allowed"] = _selinux.av_decision_allowed_get
+ if _newclass:allowed = _swig_property(_selinux.av_decision_allowed_get, _selinux.av_decision_allowed_set)
+ __swig_setmethods__["decided"] = _selinux.av_decision_decided_set
+ __swig_getmethods__["decided"] = _selinux.av_decision_decided_get
+ if _newclass:decided = _swig_property(_selinux.av_decision_decided_get, _selinux.av_decision_decided_set)
+ __swig_setmethods__["auditallow"] = _selinux.av_decision_auditallow_set
+ __swig_getmethods__["auditallow"] = _selinux.av_decision_auditallow_get
+ if _newclass:auditallow = _swig_property(_selinux.av_decision_auditallow_get, _selinux.av_decision_auditallow_set)
+ __swig_setmethods__["auditdeny"] = _selinux.av_decision_auditdeny_set
+ __swig_getmethods__["auditdeny"] = _selinux.av_decision_auditdeny_get
+ if _newclass:auditdeny = _swig_property(_selinux.av_decision_auditdeny_get, _selinux.av_decision_auditdeny_set)
+ __swig_setmethods__["seqno"] = _selinux.av_decision_seqno_set
+ __swig_getmethods__["seqno"] = _selinux.av_decision_seqno_get
+ if _newclass:seqno = _swig_property(_selinux.av_decision_seqno_get, _selinux.av_decision_seqno_set)
+ def __init__(self, *args):
+ this = _selinux.new_av_decision(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_av_decision
+ __del__ = lambda self : None;
+av_decision_swigregister = _selinux.av_decision_swigregister
+av_decision_swigregister(av_decision)
+
+security_compute_av = _selinux.security_compute_av
+security_compute_av_raw = _selinux.security_compute_av_raw
+security_compute_create = _selinux.security_compute_create
+security_compute_create_raw = _selinux.security_compute_create_raw
+security_compute_relabel = _selinux.security_compute_relabel
+security_compute_relabel_raw = _selinux.security_compute_relabel_raw
+security_compute_member = _selinux.security_compute_member
+security_compute_member_raw = _selinux.security_compute_member_raw
+security_compute_user = _selinux.security_compute_user
+security_compute_user_raw = _selinux.security_compute_user_raw
+security_load_policy = _selinux.security_load_policy
selinux_mkload_policy = _selinux.selinux_mkload_policy
selinux_init_load_policy = _selinux.selinux_init_load_policy
+class SELboolean(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, SELboolean, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, SELboolean, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["name"] = _selinux.SELboolean_name_set
+ __swig_getmethods__["name"] = _selinux.SELboolean_name_get
+ if _newclass:name = _swig_property(_selinux.SELboolean_name_get, _selinux.SELboolean_name_set)
+ __swig_setmethods__["value"] = _selinux.SELboolean_value_set
+ __swig_getmethods__["value"] = _selinux.SELboolean_value_get
+ if _newclass:value = _swig_property(_selinux.SELboolean_value_get, _selinux.SELboolean_value_set)
+ def __init__(self, *args):
+ this = _selinux.new_SELboolean(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_SELboolean
+ __del__ = lambda self : None;
+SELboolean_swigregister = _selinux.SELboolean_swigregister
+SELboolean_swigregister(SELboolean)
+
security_set_boolean_list = _selinux.security_set_boolean_list
security_load_booleans = _selinux.security_load_booleans
security_check_context = _selinux.security_check_context
+security_check_context_raw = _selinux.security_check_context_raw
security_canonicalize_context = _selinux.security_canonicalize_context
+security_canonicalize_context_raw = _selinux.security_canonicalize_context_raw
security_getenforce = _selinux.security_getenforce
security_setenforce = _selinux.security_setenforce
+security_disable = _selinux.security_disable
security_policyvers = _selinux.security_policyvers
security_get_boolean_names = _selinux.security_get_boolean_names
security_get_boolean_pending = _selinux.security_get_boolean_pending
security_get_boolean_active = _selinux.security_get_boolean_active
security_set_boolean = _selinux.security_set_boolean
security_commit_booleans = _selinux.security_commit_booleans
+string_to_security_class = _selinux.string_to_security_class
+string_to_av_perm = _selinux.string_to_av_perm
+print_access_vector = _selinux.print_access_vector
MATCHPATHCON_BASEONLY = _selinux.MATCHPATHCON_BASEONLY
MATCHPATHCON_NOTRANS = _selinux.MATCHPATHCON_NOTRANS
+MATCHPATHCON_VALIDATE = _selinux.MATCHPATHCON_VALIDATE
set_matchpathcon_flags = _selinux.set_matchpathcon_flags
matchpathcon_init = _selinux.matchpathcon_init
+matchpathcon_init_prefix = _selinux.matchpathcon_init_prefix
+matchpathcon_fini = _selinux.matchpathcon_fini
matchpathcon = _selinux.matchpathcon
+matchpathcon_index = _selinux.matchpathcon_index
+matchpathcon_filespec_add = _selinux.matchpathcon_filespec_add
+matchpathcon_filespec_destroy = _selinux.matchpathcon_filespec_destroy
+matchpathcon_filespec_eval = _selinux.matchpathcon_filespec_eval
+matchpathcon_checkmatches = _selinux.matchpathcon_checkmatches
matchmediacon = _selinux.matchmediacon
selinux_getenforcemode = _selinux.selinux_getenforcemode
+selinux_getpolicytype = _selinux.selinux_getpolicytype
selinux_policy_root = _selinux.selinux_policy_root
selinux_binary_policy_path = _selinux.selinux_binary_policy_path
selinux_failsafe_context_path = _selinux.selinux_failsafe_context_path
@@ -102,6 +198,7 @@
selinux_homedir_context_path = _selinux.selinux_homedir_context_path
selinux_media_context_path = _selinux.selinux_media_context_path
selinux_contexts_path = _selinux.selinux_contexts_path
+selinux_securetty_types_path = _selinux.selinux_securetty_types_path
selinux_booleans_path = _selinux.selinux_booleans_path
selinux_customizable_types_path = _selinux.selinux_customizable_types_path
selinux_users_path = _selinux.selinux_users_path
@@ -111,11 +208,26 @@
selinux_path = _selinux.selinux_path
selinux_check_passwd_access = _selinux.selinux_check_passwd_access
checkPasswdAccess = _selinux.checkPasswdAccess
+selinux_check_securetty_context = _selinux.selinux_check_securetty_context
+set_selinuxmnt = _selinux.set_selinuxmnt
rpm_execcon = _selinux.rpm_execcon
is_context_customizable = _selinux.is_context_customizable
selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context
selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context
-selinux_getpolicytype = _selinux.selinux_getpolicytype
getseuserbyname = _selinux.getseuserbyname
+selinux_file_context_cmp = _selinux.selinux_file_context_cmp
+selinux_file_context_verify = _selinux.selinux_file_context_verify
+selinux_lsetfilecon_default = _selinux.selinux_lsetfilecon_default
+selinux_default_type_path = _selinux.selinux_default_type_path
+get_default_type = _selinux.get_default_type
+SELINUX_DEFAULTUSER = _selinux.SELINUX_DEFAULTUSER
+get_ordered_context_list = _selinux.get_ordered_context_list
+get_ordered_context_list_with_level = _selinux.get_ordered_context_list_with_level
+get_default_context = _selinux.get_default_context
+get_default_context_with_level = _selinux.get_default_context_with_level
+get_default_context_with_role = _selinux.get_default_context_with_role
+get_default_context_with_rolelevel = _selinux.get_default_context_with_rolelevel
+query_user_context = _selinux.query_user_context
+manual_user_enter_context = _selinux.manual_user_enter_context
Modified: branches/stable/1_0/libselinux/src/selinuxswig.i
===================================================================
--- branches/stable/1_0/libselinux/src/selinuxswig.i 2007-09-27 13:22:54 UTC (rev 2597)
+++ branches/stable/1_0/libselinux/src/selinuxswig.i 2007-09-27 13:37:46 UTC (rev 2598)
@@ -1,7 +1,9 @@
-/* Author: Dan Walsh
+/* Authors: Dan Walsh
+ * James Athey
*
* Copyright (C) 2004-2005 Red Hat
- *
+ * Copyright (C) 2007 Tresys Technology, LLC
+ *
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
@@ -17,150 +19,47 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
-
%module selinux
%{
#include "selinux/selinux.h"
%}
-%apply int *OUTPUT { int * };
+%apply int *OUTPUT { int *enforce };
%apply int *OUTPUT { size_t * };
-%typemap(in, numinputs=0) security_context_t *(security_context_t temp=NULL) {
- $1 = &temp;
-}
-%typemap(argout) security_context_t * (char *temp=NULL) {
- if (*$1)
- temp = *$1;
- else
- temp = "";
- $result = SWIG_Python_AppendOutput($result, PyString_FromString(temp));
-}
+%typedef unsigned mode_t;
-%typemap(in) security_context_t {
- $1 = (security_context_t)PyString_AsString($input);
+%typemap(in, numinputs=0) (char ***names, int *len) (char **temp1, int temp2) {
+ $1 = &temp1;
+ $2 = &temp2;
}
-%typedef unsigned mode_t;
-
-extern int is_selinux_enabled(void);
-extern int is_selinux_mls_enabled(void);
-extern int getcon(security_context_t *con);
-extern int setcon(security_context_t con);
-extern int getpidcon(int pid, security_context_t *con);
-extern int getprevcon(security_context_t *con);
-extern int getexeccon(security_context_t *con);
-extern int setexeccon(security_context_t con);
-extern int getfscreatecon(security_context_t *con);
-extern int setfscreatecon(security_context_t context);
-extern int getkeycreatecon(security_context_t *con);
-extern int setkeycreatecon(security_context_t context);
-extern int getsockcreatecon(security_context_t *con);
-extern int setsockcreatecon(security_context_t context);
-extern int getfilecon(const char *path, security_context_t *con);
-extern int lgetfilecon(const char *path, security_context_t *con);
-extern int fgetfilecon(int fd, security_context_t *con);
-extern int setfilecon(const char *path, security_context_t con);
-extern int lsetfilecon(const char *path, security_context_t con);
-extern int fsetfilecon(int fd, security_context_t con);
-extern int getpeercon(int fd, security_context_t *con);
-extern int selinux_mkload_policy(int preservebools);
-extern int selinux_init_load_policy(int *enforce);
-extern int security_set_boolean_list(size_t boolcnt,
- SELboolean *boollist,
- int permanent);
-extern int security_load_booleans(char *path);
-extern int security_check_context(security_context_t con);
-extern int security_canonicalize_context(security_context_t con,
- security_context_t *canoncon);
-extern int security_getenforce(void);
-extern int security_setenforce(int value);
-extern int security_policyvers(void);
-extern int security_get_boolean_names(char ***names, int *len);
-extern int security_get_boolean_pending(const char *name);
-extern int security_get_boolean_active(const char *name);
-extern int security_set_boolean(const char *name, int value);
-extern int security_commit_booleans(void);
-
-/* Set flags controlling operation of matchpathcon_init or matchpathcon. */
-#define MATCHPATHCON_BASEONLY 1 /* Only process the base file_contexts file. */
-#define MATCHPATHCON_NOTRANS 2 /* Do not perform any context translation. */
-extern void set_matchpathcon_flags(unsigned int flags);
-extern int matchpathcon_init(const char *path);
-extern int matchpathcon(const char *path,
- mode_t mode,
- security_context_t *con);
-
-extern int matchmediacon(const char *media,
- security_context_t *con);
-
-extern int selinux_getenforcemode(int *enforce);
-extern const char *selinux_policy_root(void);
-extern const char *selinux_binary_policy_path(void);
-extern const char *selinux_failsafe_context_path(void);
-extern const char *selinux_removable_context_path(void);
-extern const char *selinux_default_context_path(void);
-extern const char *selinux_user_contexts_path(void);
-extern const char *selinux_file_context_path(void);
-extern const char *selinux_file_context_homedir_path(void);
-extern const char *selinux_file_context_local_path(void);
-extern const char *selinux_homedir_context_path(void);
-extern const char *selinux_media_context_path(void);
-extern const char *selinux_contexts_path(void);
-extern const char *selinux_booleans_path(void);
-extern const char *selinux_customizable_types_path(void);
-extern const char *selinux_users_path(void);
-extern const char *selinux_usersconf_path(void);
-extern const char *selinux_translations_path(void);
-extern const char *selinux_netfilter_context_path(void);
-extern const char *selinux_path(void);
-extern int selinux_check_passwd_access(access_vector_t requested);
-extern int checkPasswdAccess(access_vector_t requested);
-
-// This tells SWIG to treat char ** as a special case
-%typemap(python,in) char ** {
- /* Check if is a list */
- if (PyList_Check($input)) {
- int size = PyList_Size($input);
- int i = 0;
- $1 = (char **) malloc((size+1)*sizeof(char *));
- if ($1 == NULL) {
- PyErr_SetString(PyExc_MemoryError,"Out of memory");
- return NULL;
- }
- for (i = 0; i < size; i++) {
- PyObject *o = PyList_GetItem($input,i);
- if (PyString_Check(o))
- $1[i] = PyString_AsString(PyList_GetItem($input,i));
- else {
- PyErr_SetString(PyExc_TypeError,"list must contain strings");
- free($1);
- return NULL;
- }
- }
- $1[i] = 0;
- } else {
- PyErr_SetString(PyExc_TypeError,"not a list");
- return NULL;
- }
+%typemap(freearg) (char ***names, int *len) {
+ int i;
+ if (*$1) {
+ for (i = 0; i < *$2; i++) {
+ free((*$1)[i]);
+ }
+ free(*$1);
+ }
}
-extern int rpm_execcon(unsigned int verified,
- const char *filename,
- char **, char **);
-
-extern int is_context_customizable (security_context_t scontext);
-
-extern int selinux_trans_to_raw_context(char *trans,
- security_context_t *rawp);
-extern int selinux_raw_to_trans_context(char *raw,
- security_context_t *transp);
-
-%typemap(in, numinputs=0) char **(char *temp=NULL) {
+%typemap(in, numinputs=0) (security_context_t **) (security_context_t *temp) {
$1 = &temp;
}
-%typemap(argout) char ** {
- $result = SWIG_Python_AppendOutput($result, PyString_FromString(*$1));
+%typemap(freearg) (security_context_t **) {
+ if (*$1) freeconary(*$1);
}
-extern int selinux_getpolicytype(char **enforce);
-extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
+
+/* Ignore functions that don't make sense when wrapped */
+%ignore freecon;
+%ignore freeconary;
+
+/* Ignore functions that take a function pointer as an argument */
+%ignore set_matchpathcon_printf;
+%ignore set_matchpathcon_invalidcon;
+%ignore set_matchpathcon_canoncon;
+
+%include "../include/selinux/selinux.h"
+%include "../include/selinux/get_default_type.h"
+%include "../include/selinux/get_context_list.h"
Copied: branches/stable/1_0/libselinux/src/selinuxswig_python.i (from rev 2489, trunk/libselinux/src/selinuxswig_python.i)
===================================================================
--- branches/stable/1_0/libselinux/src/selinuxswig_python.i (rev 0)
+++ branches/stable/1_0/libselinux/src/selinuxswig_python.i 2007-09-27 13:37:46 UTC (rev 2598)
@@ -0,0 +1,138 @@
+/* Author: James Athey
+ *
+ * Copyright (C) 2007 Tresys Technology, LLC
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+%module selinux
+%{
+ #include "selinux/selinux.h"
+%}
+
+/* security_get_boolean_names() typemap */
+%typemap(argout) (char ***names, int *len) {
+ PyObject* list = PyList_New(*$2);
+ int i;
+ for (i = 0; i < *$2; i++) {
+ PyList_SetItem(list, i, PyString_FromString((*$1)[i]));
+ }
+ $result = SWIG_Python_AppendOutput($result, list);
+}
+
+/* Makes security_compute_user() return a Python list of contexts */
+%typemap(argout) (security_context_t **con) {
+ PyObject* plist;
+ int i, len = 0;
+
+ if (*$1) {
+ while((*$1)[len])
+ len++;
+ plist = PyList_New(len);
+ for (i = 0; i < len; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+
+ $result = SWIG_Python_AppendOutput($result, plist);
+}
+
+/* Makes functions in get_context_list.h return a Python list of contexts */
+%typemap(argout) (security_context_t **list) {
+ PyObject* plist;
+ int i;
+
+ if (*$1) {
+ plist = PyList_New(result);
+ for (i = 0; i < result; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+ /* Only return the Python list, don't need to return the length anymore */
+ $result = plist;
+}
+
+%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") security_context_t * "";
+%typemap(argout,noblock=1) security_context_t * {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ freecon(*$1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ %append_output(Py_None);
+ }
+}
+
+%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") char ** "";
+%typemap(argout,noblock=1) char ** {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ free(*$1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ %append_output(Py_None);
+ }
+}
+
+%typemap(in) char * const [] {
+ int i, size;
+ PyObject * s;
+
+ if (!PySequence_Check($input)) {
+ PyErr_SetString(PyExc_ValueError, "Expected a sequence");
+ return NULL;
+ }
+
+ size = PySequence_Size($input);
+
+ $1 = (char**) malloc(size + 1);
+
+ for(i = 0; i < size; i++) {
+ if (!PyString_Check(PySequence_GetItem($input, i))) {
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
+ return NULL;
+ }
+ }
+
+ for(i = 0; i < size; i++) {
+ s = PySequence_GetItem($input, i);
+ $1[i] = (char*) malloc(PyString_Size(s) + 1);
+ strcpy($1[i], PyString_AsString(s));
+ }
+ $1[size] = NULL;
+}
+
+%typemap(freearg,match="in") char * const [] {
+ int i = 0;
+ while($1[i]) {
+ free($1[i]);
+ i++;
+ }
+ free($1);
+}
+
+%include "selinuxswig.i"
Modified: branches/stable/1_0/libselinux/src/selinuxswig_wrap.c
===================================================================
--- branches/stable/1_0/libselinux/src/selinuxswig_wrap.c 2007-09-27 13:22:54 UTC (rev 2597)
+++ branches/stable/1_0/libselinux/src/selinuxswig_wrap.c 2007-09-27 13:37:46 UTC (rev 2598)
@@ -2449,15 +2449,17 @@
/* -------- TYPES TABLE (BEGIN) -------- */
#define SWIGTYPE_p_SELboolean swig_types[0]
-#define SWIGTYPE_p_access_vector_t swig_types[1]
+#define SWIGTYPE_p_av_decision swig_types[1]
#define SWIGTYPE_p_char swig_types[2]
-#define SWIGTYPE_p_int swig_types[3]
-#define SWIGTYPE_p_p_char swig_types[4]
-#define SWIGTYPE_p_p_p_char swig_types[5]
-#define SWIGTYPE_p_security_context_t swig_types[6]
-#define SWIGTYPE_p_unsigned_int swig_types[7]
-static swig_type_info *swig_types[9];
-static swig_module_info swig_module = {swig_types, 8, 0, 0, 0, 0};
+#define SWIGTYPE_p_ino_t swig_types[3]
+#define SWIGTYPE_p_int swig_types[4]
+#define SWIGTYPE_p_p_char swig_types[5]
+#define SWIGTYPE_p_p_p_char swig_types[6]
+#define SWIGTYPE_p_pid_t swig_types[7]
+#define SWIGTYPE_p_unsigned_int swig_types[8]
+#define SWIGTYPE_p_unsigned_short swig_types[9]
+static swig_type_info *swig_types[11];
+static swig_module_info swig_module = {swig_types, 10, 0, 0, 0, 0};
#define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name)
#define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name)
@@ -2487,6 +2489,9 @@
#include "selinux/selinux.h"
+ #include "selinux/selinux.h"
+
+
#define SWIG_From_long PyInt_FromLong
@@ -2497,6 +2502,74 @@
}
+SWIGINTERN swig_type_info*
+SWIG_pchar_descriptor(void)
+{
+ static int init = 0;
+ static swig_type_info* info = 0;
+ if (!init) {
+ info = SWIG_TypeQuery("_p_char");
+ init = 1;
+ }
+ return info;
+}
+
+
+SWIGINTERN int
+SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
+{
+ if (PyString_Check(obj)) {
+ char *cstr; Py_ssize_t len;
+ PyString_AsStringAndSize(obj, &cstr, &len);
+ if (cptr) {
+ if (alloc) {
+ /*
+ In python the user should not be able to modify the inner
+ string representation. To warranty that, if you define
+ SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string
+ buffer is always returned.
+
+ The default behavior is just to return the pointer value,
+ so, be careful.
+ */
+#if defined(SWIG_PYTHON_SAFE_CSTRINGS)
+ if (*alloc != SWIG_OLDOBJ)
+#else
+ if (*alloc == SWIG_NEWOBJ)
+#endif
+ {
+ *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
+ *alloc = SWIG_NEWOBJ;
+ }
+ else {
+ *cptr = cstr;
+ *alloc = SWIG_OLDOBJ;
+ }
+ } else {
+ *cptr = PyString_AsString(obj);
+ }
+ }
+ if (psize) *psize = len + 1;
+ return SWIG_OK;
+ } else {
+ swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
+ if (pchar_descriptor) {
+ void* vptr = 0;
+ if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) {
+ if (cptr) *cptr = (char *) vptr;
+ if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
+ if (alloc) *alloc = SWIG_OLDOBJ;
+ return SWIG_OK;
+ }
+ }
+ }
+ return SWIG_TypeError;
+}
+
+
+
+
+
#include <limits.h>
#ifndef LLONG_MIN
# define LLONG_MIN LONG_LONG_MIN
@@ -2644,75 +2717,7 @@
}
-SWIGINTERN swig_type_info*
-SWIG_pchar_descriptor(void)
-{
- static int init = 0;
- static swig_type_info* info = 0;
- if (!init) {
- info = SWIG_TypeQuery("_p_char");
- init = 1;
- }
- return info;
-}
-
-
SWIGINTERN int
-SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
-{
- if (PyString_Check(obj)) {
- char *cstr; Py_ssize_t len;
- PyString_AsStringAndSize(obj, &cstr, &len);
- if (cptr) {
- if (alloc) {
- /*
- In python the user should not be able to modify the inner
- string representation. To warranty that, if you define
- SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string
- buffer is always returned.
-
- The default behavior is just to return the pointer value,
- so, be careful.
- */
-#if defined(SWIG_PYTHON_SAFE_CSTRINGS)
- if (*alloc != SWIG_OLDOBJ)
-#else
- if (*alloc == SWIG_NEWOBJ)
-#endif
- {
- *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
- *alloc = SWIG_NEWOBJ;
- }
- else {
- *cptr = cstr;
- *alloc = SWIG_OLDOBJ;
- }
- } else {
- *cptr = PyString_AsString(obj);
- }
- }
- if (psize) *psize = len + 1;
- return SWIG_OK;
- } else {
- swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
- if (pchar_descriptor) {
- void* vptr = 0;
- if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) {
- if (cptr) *cptr = (char *) vptr;
- if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
- if (alloc) *alloc = SWIG_OLDOBJ;
- return SWIG_OK;
- }
- }
- }
- return SWIG_TypeError;
-}
-
-
-
-
-
-SWIGINTERN int
SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val)
{
if (PyInt_Check(obj)) {
@@ -2756,32 +2761,63 @@
}
-SWIGINTERNINLINE int
-SWIG_AsVal_size_t (PyObject * obj, size_t *val)
+SWIGINTERN int
+SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val)
{
unsigned long v;
- int res = SWIG_AsVal_unsigned_SS_long (obj, val ? &v : 0);
- if (SWIG_IsOK(res) && val) *val = (size_t)(v);
+ int res = SWIG_AsVal_unsigned_SS_long (obj, &v);
+ if (SWIG_IsOK(res)) {
+ if ((v > UINT_MAX)) {
+ return SWIG_OverflowError;
+ } else {
+ if (val) *val = (unsigned int)(v);
+ }
+ }
return res;
}
+SWIGINTERNINLINE PyObject*
+SWIG_From_unsigned_SS_long (unsigned long value)
+{
+ return (value > LONG_MAX) ?
+ PyLong_FromUnsignedLong(value) : PyInt_FromLong((long)(value));
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_unsigned_SS_int (unsigned int value)
+{
+ return SWIG_From_unsigned_SS_long (value);
+}
+
+
SWIGINTERN int
-SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val)
+SWIG_AsVal_unsigned_SS_short (PyObject * obj, unsigned short *val)
{
unsigned long v;
int res = SWIG_AsVal_unsigned_SS_long (obj, &v);
if (SWIG_IsOK(res)) {
- if ((v > UINT_MAX)) {
+ if ((v > USHRT_MAX)) {
return SWIG_OverflowError;
} else {
- if (val) *val = (unsigned int)(v);
+ if (val) *val = (unsigned short)(v);
}
}
return res;
}
+SWIGINTERNINLINE int
+SWIG_AsVal_size_t (PyObject * obj, size_t *val)
+{
+ unsigned long v;
+ int res = SWIG_AsVal_unsigned_SS_long (obj, val ? &v : 0);
+ if (SWIG_IsOK(res) && val) *val = (size_t)(v);
+ return res;
+}
+
+
SWIGINTERNINLINE PyObject *
SWIG_FromCharPtrAndSize(const char* carray, size_t size)
{
@@ -2805,6 +2841,13 @@
return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0));
}
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_unsigned_SS_short (unsigned short value)
+{
+ return SWIG_From_unsigned_SS_long (value);
+}
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -2838,75 +2881,172 @@
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getcon")) SWIG_fail;
result = (int)getcon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getcon_raw")) SWIG_fail;
+ result = (int)getcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- security_context_t arg1 ;
+ security_context_t arg1 = (security_context_t) 0 ;
int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
if (!PyArg_ParseTuple(args,(char *)"O:setcon",&obj0)) SWIG_fail;
- {
- arg1 = (security_context_t)PyString_AsString(obj0);
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setcon" "', argument " "1"" of type '" "security_context_t""'");
}
+ arg1 = (security_context_t)(buf1);
result = (int)setcon(arg1);
resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setcon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setcon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getpidcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- int arg1 ;
+ pid_t arg1 ;
security_context_t *arg2 = (security_context_t *) 0 ;
int result;
- int val1 ;
- int ecode1 = 0 ;
- security_context_t temp2 = NULL ;
- char *temp20 = NULL ;
+ void *argp1 ;
+ int res1 = 0 ;
+ security_context_t temp2 = 0 ;
PyObject * obj0 = 0 ;
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpidcon",&obj0)) SWIG_fail;
{
- arg2 = &temp2;
+ res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_pid_t, 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'");
+ }
+ if (!argp1) {
+ SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'");
+ } else {
+ arg1 = *((pid_t *)(argp1));
+ }
}
- if (!PyArg_ParseTuple(args,(char *)"O:getpidcon",&obj0)) SWIG_fail;
- ecode1 = SWIG_AsVal_int(obj0, &val1);
- if (!SWIG_IsOK(ecode1)) {
- SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpidcon" "', argument " "1"" of type '" "int""'");
- }
- arg1 = (int)(val1);
result = (int)getpidcon(arg1,arg2);
resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getpidcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ pid_t arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ void *argp1 ;
+ int res1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpidcon_raw",&obj0)) SWIG_fail;
{
- if (*arg2)
- temp20 = *arg2;
- else
- temp20 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
+ res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_pid_t, 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'");
+ }
+ if (!argp1) {
+ SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'");
+ } else {
+ arg1 = *((pid_t *)(argp1));
+ }
}
+ result = (int)getpidcon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
@@ -2917,204 +3057,442 @@
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getprevcon")) SWIG_fail;
result = (int)getprevcon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getprevcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getprevcon_raw")) SWIG_fail;
+ result = (int)getprevcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getexeccon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getexeccon")) SWIG_fail;
result = (int)getexeccon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getexeccon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getexeccon_raw")) SWIG_fail;
+ result = (int)getexeccon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setexeccon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- security_context_t arg1 ;
+ security_context_t arg1 = (security_context_t) 0 ;
int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
if (!PyArg_ParseTuple(args,(char *)"O:setexeccon",&obj0)) SWIG_fail;
- {
- arg1 = (security_context_t)PyString_AsString(obj0);
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setexeccon" "', argument " "1"" of type '" "security_context_t""'");
}
+ arg1 = (security_context_t)(buf1);
result = (int)setexeccon(arg1);
resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setexeccon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setexeccon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setexeccon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setexeccon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getfscreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getfscreatecon")) SWIG_fail;
result = (int)getfscreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getfscreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getfscreatecon_raw")) SWIG_fail;
+ result = (int)getfscreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setfscreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- security_context_t arg1 ;
+ security_context_t arg1 = (security_context_t) 0 ;
int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
if (!PyArg_ParseTuple(args,(char *)"O:setfscreatecon",&obj0)) SWIG_fail;
- {
- arg1 = (security_context_t)PyString_AsString(obj0);
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfscreatecon" "', argument " "1"" of type '" "security_context_t""'");
}
+ arg1 = (security_context_t)(buf1);
result = (int)setfscreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setfscreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setfscreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfscreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setfscreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getkeycreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getkeycreatecon")) SWIG_fail;
result = (int)getkeycreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getkeycreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getkeycreatecon_raw")) SWIG_fail;
+ result = (int)getkeycreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setkeycreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- security_context_t arg1 ;
+ security_context_t arg1 = (security_context_t) 0 ;
int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
if (!PyArg_ParseTuple(args,(char *)"O:setkeycreatecon",&obj0)) SWIG_fail;
- {
- arg1 = (security_context_t)PyString_AsString(obj0);
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setkeycreatecon" "', argument " "1"" of type '" "security_context_t""'");
}
+ arg1 = (security_context_t)(buf1);
result = (int)setkeycreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setkeycreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setkeycreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setkeycreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setkeycreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getsockcreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
int result;
- security_context_t temp1 = NULL ;
- char *temp10 = NULL ;
+ security_context_t temp1 = 0 ;
- {
- arg1 = &temp1;
- }
+ arg1 = &temp1;
if (!PyArg_ParseTuple(args,(char *)":getsockcreatecon")) SWIG_fail;
result = (int)getsockcreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg1)
- temp10 = *arg1;
- else
- temp10 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_getsockcreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getsockcreatecon_raw")) SWIG_fail;
+ result = (int)getsockcreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setsockcreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- security_context_t arg1 ;
+ security_context_t arg1 = (security_context_t) 0 ;
int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
if (!PyArg_ParseTuple(args,(char *)"O:setsockcreatecon",&obj0)) SWIG_fail;
- {
- arg1 = (security_context_t)PyString_AsString(obj0);
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setsockcreatecon" "', argument " "1"" of type '" "security_context_t""'");
}
+ arg1 = (security_context_t)(buf1);
result = (int)setsockcreatecon(arg1);
resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setsockcreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setsockcreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setsockcreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setsockcreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *arg1 = (char *) 0 ;
@@ -3123,13 +3501,10 @@
int res1 ;
char *buf1 = 0 ;
int alloc1 = 0 ;
- security_context_t temp2 = NULL ;
- char *temp20 = NULL ;
+ security_context_t temp2 = 0 ;
PyObject * obj0 = 0 ;
- {
- arg2 = &temp2;
- }
+ arg2 = &temp2;
if (!PyArg_ParseTuple(args,(char *)"O:getfilecon",&obj0)) SWIG_fail;
res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
if (!SWIG_IsOK(res1)) {
@@ -3138,13 +3513,14 @@
arg1 = (char *)(buf1);
result = (int)getfilecon((char const *)arg1,arg2);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg2)
- temp20 = *arg2;
- else
- temp20 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
@@ -3153,6 +3529,42 @@
}
+SWIGINTERN PyObject *_wrap_getfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getfilecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)getfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_lgetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *arg1 = (char *) 0 ;
@@ -3161,13 +3573,10 @@
int res1 ;
char *buf1 = 0 ;
int alloc1 = 0 ;
- security_context_t temp2 = NULL ;
- char *temp20 = NULL ;
+ security_context_t temp2 = 0 ;
PyObject * obj0 = 0 ;
- {
- arg2 = &temp2;
- }
+ arg2 = &temp2;
if (!PyArg_ParseTuple(args,(char *)"O:lgetfilecon",&obj0)) SWIG_fail;
res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
if (!SWIG_IsOK(res1)) {
@@ -3176,13 +3585,14 @@
arg1 = (char *)(buf1);
result = (int)lgetfilecon((char const *)arg1,arg2);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg2)
- temp20 = *arg2;
- else
- temp20 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
@@ -3191,6 +3601,42 @@
}
+SWIGINTERN PyObject *_wrap_lgetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:lgetfilecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "lgetfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)lgetfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_fgetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
int arg1 ;
@@ -3198,13 +3644,10 @@
int result;
int val1 ;
int ecode1 = 0 ;
- security_context_t temp2 = NULL ;
- char *temp20 = NULL ;
+ security_context_t temp2 = 0 ;
PyObject * obj0 = 0 ;
- {
- arg2 = &temp2;
- }
+ arg2 = &temp2;
if (!PyArg_ParseTuple(args,(char *)"O:fgetfilecon",&obj0)) SWIG_fail;
ecode1 = SWIG_AsVal_int(obj0, &val1);
if (!SWIG_IsOK(ecode1)) {
@@ -3213,27 +3656,64 @@
arg1 = (int)(val1);
result = (int)fgetfilecon(arg1,arg2);
resultobj = SWIG_From_int((int)(result));
- {
- if (*arg2)
- temp20 = *arg2;
- else
- temp20 = "";
- resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
}
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
return resultobj;
fail:
return NULL;
}
+SWIGINTERN PyObject *_wrap_fgetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:fgetfilecon_raw",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "fgetfilecon_raw" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)fgetfilecon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_setfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *arg1 = (char *) 0 ;
- security_context_t arg2 ;
+ security_context_t arg2 = (security_context_t) 0 ;
int result;
int res1 ;
char *buf1 = 0 ;
int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
PyObject * obj0 = 0 ;
PyObject * obj1 = 0 ;
@@ -3243,27 +3723,71 @@
SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfilecon" "', argument " "1"" of type '" "char const *""'");
}
arg1 = (char *)(buf1);
- {
- arg2 = (security_context_t)PyString_AsString(obj1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "setfilecon" "', argument " "2"" of type '" "security_context_t""'");
}
+ arg2 = (security_context_t)(buf2);
result = (int)setfilecon((char const *)arg1,arg2);
resultobj = SWIG_From_int((int)(result));
if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
return resultobj;
fail:
if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
return NULL;
}
+SWIGINTERN PyObject *_wrap_setfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:setfilecon_raw",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "setfilecon_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)setfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_lsetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObjec...
[truncated message content] |
|
From: <ssm...@us...> - 2007-09-27 13:22:57
|
Revision: 2595
http://selinux.svn.sourceforge.net/selinux/?rev=2595&view=rev
Author: ssmalley
Date: 2007-09-27 06:21:25 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
applied 2570 and 2573 (improve error reporting) from trunk
Modified Paths:
--------------
branches/stable/1_0/libsemanage/src/debug.c
branches/stable/1_0/libsemanage/src/direct_api.c
branches/stable/1_0/libsemanage/src/semanage_store.c
branches/stable/1_0/policycoreutils/semodule/semodule.c
Modified: branches/stable/1_0/libsemanage/src/debug.c
===================================================================
--- branches/stable/1_0/libsemanage/src/debug.c 2007-09-27 13:16:53 UTC (rev 2594)
+++ branches/stable/1_0/libsemanage/src/debug.c 2007-09-27 13:21:25 UTC (rev 2595)
@@ -23,6 +23,8 @@
#include <stdarg.h>
#include <stdlib.h>
#include <stdio.h>
+#include <errno.h>
+#include <string.h>
#include "handle.h"
#include "debug.h"
@@ -55,10 +57,12 @@
{
FILE *stream = NULL;
+ int errsv = 0;
switch (semanage_msg_get_level(handle)) {
case SEMANAGE_MSG_ERR:
+ errsv = errno;
case SEMANAGE_MSG_WARN:
stream = stderr;
break;
@@ -77,6 +81,9 @@
vfprintf(stream, fmt, ap);
va_end(ap);
+ if (errsv)
+ fprintf(stream, " %s.", strerror(errsv));
+
fprintf(stream, "\n");
varg = NULL;
Modified: branches/stable/1_0/libsemanage/src/direct_api.c
===================================================================
--- branches/stable/1_0/libsemanage/src/direct_api.c 2007-09-27 13:16:53 UTC (rev 2594)
+++ branches/stable/1_0/libsemanage/src/direct_api.c 2007-09-27 13:21:25 UTC (rev 2595)
@@ -32,6 +32,7 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <limits.h>
+#include <errno.h>
#include "user_internal.h"
#include "seuser_internal.h"
@@ -540,6 +541,7 @@
* checking is done because this is likely to fail because
* the file does not exist - which is not an error. */
unlink(linked_filename);
+ errno = 0;
}
/* ==================== File-backed ================== */
Modified: branches/stable/1_0/libsemanage/src/semanage_store.c
===================================================================
--- branches/stable/1_0/libsemanage/src/semanage_store.c 2007-09-27 13:16:53 UTC (rev 2594)
+++ branches/stable/1_0/libsemanage/src/semanage_store.c 2007-09-27 13:21:25 UTC (rev 2595)
@@ -432,7 +432,7 @@
* overwrite it. Returns 0 on success, -1 on error. */
static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
{
- int in, out, retval = 0, amount_read, n;
+ int in, out, retval = 0, amount_read, n, errsv = errno;
char tmp[PATH_MAX];
char buf[4192];
@@ -448,23 +448,32 @@
mode = S_IRUSR | S_IWUSR;
if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) {
+ errsv = errno;
close(in);
- return -1;
+ retval = -1;
+ goto out;
}
while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) {
- if (write(out, buf, amount_read) != amount_read) {
+ if (write(out, buf, amount_read) < 0) {
+ errsv = errno;
retval = -1;
}
}
- if (amount_read < 0)
+ if (amount_read < 0) {
+ errsv = errno;
retval = -1;
+ }
close(in);
- if (close(out) < 0)
+ if (close(out) < 0) {
+ errsv = errno;
retval = -1;
+ }
if (!retval && rename(tmp, dst) == -1)
return -1;
+out:
+ errno = errsv;
return retval;
}
@@ -553,12 +562,14 @@
{
const char *sandbox = semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL);
struct stat buf;
+ int errsv;
if (stat(sandbox, &buf) == -1) {
if (errno != ENOENT) {
ERR(sh, "Error scanning directory %s.", sandbox);
return -1;
}
+ errno = 0;
} else {
/* remove the old sandbox */
if (semanage_remove_directory(sandbox) != 0) {
@@ -577,7 +588,9 @@
return 0;
cleanup:
+ errsv = errno;
semanage_remove_directory(sandbox);
+ errno = errsv;
return -1;
}
@@ -968,14 +981,14 @@
if (!strncmp(buf, "HOME_DIR", 8) ||
!strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE")) {
/* This contains one of the template variables, write it to homedir.template */
- if (write(hd, buf, strlen(buf)) == 0) {
+ if (write(hd, buf, strlen(buf)) < 0) {
ERR(sh, "Write to %s failed.",
semanage_path(SEMANAGE_TMP,
SEMANAGE_HOMEDIR_TMPL));
goto cleanup;
}
} else {
- if (write(fc, buf, strlen(buf)) == 0) {
+ if (write(fc, buf, strlen(buf)) < 0) {
ERR(sh, "Write to %s failed.",
semanage_path(SEMANAGE_TMP, SEMANAGE_FC));
goto cleanup;
@@ -1074,6 +1087,7 @@
store_fc_loc);
goto cleanup;
}
+ errno = 0;
snprintf(store_seusers, PATH_MAX, "%s%s", storepath, running_seusers);
if (semanage_copy_file
@@ -1083,6 +1097,7 @@
store_seusers);
goto cleanup;
}
+ errno = 0;
snprintf(store_nc, PATH_MAX, "%s%s", storepath, running_nc);
if (semanage_copy_file(active_nc, store_nc, sh->conf->file_mode) == -1
@@ -1090,6 +1105,7 @@
ERR(sh, "Could not copy %s to %s.", active_nc, store_nc);
goto cleanup;
}
+ errno = 0;
if (!sh->do_reload)
goto skip_reload;
@@ -1111,8 +1127,10 @@
goto skip_reload;
}
} else if (errno == ENOENT &&
- strcmp(really_active_store, storepath) != 0)
+ strcmp(really_active_store, storepath) != 0) {
+ errno = 0;
goto skip_reload;
+ }
if (semanage_reload_policy(sh)) {
goto cleanup;
@@ -1212,6 +1230,7 @@
/* note that if an error occurs during the next three
* function then the store will be left in an
* inconsistent state */
+ int errsv = errno;
if (rename(active, sandbox) < 0)
ERR(sh, "Error while renaming %s back to %s.", active,
sandbox);
@@ -1220,16 +1239,19 @@
active);
else
semanage_install_active(sh);
+ errno = errsv;
retval = -1;
goto cleanup;
}
if (!sh->conf->save_previous) {
+ int errsv = errno;
retval = semanage_remove_directory(backup);
if (retval < 0) {
ERR(sh, "Could not delete previous directory %s.", backup);
goto cleanup;
}
+ errno = errsv;
}
cleanup:
@@ -1391,22 +1413,26 @@
* there. */
void semanage_release_trans_lock(semanage_handle_t * sh)
{
+ int errsv = errno;
if (sh->u.direct.translock_file_fd >= 0) {
flock(sh->u.direct.translock_file_fd, LOCK_UN);
close(sh->u.direct.translock_file_fd);
sh->u.direct.translock_file_fd = -1;
}
+ errno = errsv;
}
/* Releases the read lock. Does nothing if there was not one already
* there. */
void semanage_release_active_lock(semanage_handle_t * sh)
{
+ int errsv = errno;
if (sh->u.direct.activelock_file_fd >= 0) {
flock(sh->u.direct.activelock_file_fd, LOCK_UN);
close(sh->u.direct.activelock_file_fd);
sh->u.direct.activelock_file_fd = -1;
}
+ errno = errsv;
}
/* Read the current commit number from the commit number file which
@@ -1432,6 +1458,7 @@
if (errno == ENOENT) {
/* the commit number file does not exist yet,
* so assume that the number is 0 */
+ errno = 0;
return 0;
} else {
ERR(sh, "Could not open commit number file %s.",
Modified: branches/stable/1_0/policycoreutils/semodule/semodule.c
===================================================================
--- branches/stable/1_0/policycoreutils/semodule/semodule.c 2007-09-27 13:16:53 UTC (rev 2594)
+++ branches/stable/1_0/policycoreutils/semodule/semodule.c 2007-09-27 13:21:25 UTC (rev 2595)
@@ -329,8 +329,8 @@
if (build) {
if ((result = semanage_begin_transaction(sh)) < 0) {
- fprintf(stderr, "%s: Could not begin transaction\n",
- argv[0]);
+ fprintf(stderr, "%s: Could not begin transaction: %s\n",
+ argv[0], errno ? strerror(errno) : "");
goto cleanup;
}
}
@@ -343,8 +343,8 @@
if (mode == INSTALL_M || mode == UPGRADE_M || mode == BASE_M) {
if ((data_len = map_file(mode_arg, &data)) == 0) {
fprintf(stderr,
- "%s: Could not read file '%s':\n",
- argv[0], mode_arg);
+ "%s: Could not read file '%s': %s\n",
+ argv[0], mode_arg, errno ? strerror(errno) : "");
goto cleanup;
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:22:55
|
Revision: 2597
http://selinux.svn.sourceforge.net/selinux/?rev=2597&view=rev
Author: ssmalley
Date: 2007-09-27 06:22:54 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated policycoreutils to version 1.34.13
Modified Paths:
--------------
branches/stable/1_0/policycoreutils/ChangeLog
branches/stable/1_0/policycoreutils/VERSION
Modified: branches/stable/1_0/policycoreutils/ChangeLog
===================================================================
--- branches/stable/1_0/policycoreutils/ChangeLog 2007-09-27 13:22:12 UTC (rev 2596)
+++ branches/stable/1_0/policycoreutils/ChangeLog 2007-09-27 13:22:54 UTC (rev 2597)
@@ -1,3 +1,6 @@
+1.34.13 2007-09-27
+ * Improve semodule reporting of system errors from Stephen Smalley.
+
1.34.12 2007-09-27
* Disable dontaudits via semodule -D from Joshua Brindle.
Modified: branches/stable/1_0/policycoreutils/VERSION
===================================================================
--- branches/stable/1_0/policycoreutils/VERSION 2007-09-27 13:22:12 UTC (rev 2596)
+++ branches/stable/1_0/policycoreutils/VERSION 2007-09-27 13:22:54 UTC (rev 2597)
@@ -1 +1 @@
-1.34.12
+1.34.13
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:22:13
|
Revision: 2596
http://selinux.svn.sourceforge.net/selinux/?rev=2596&view=rev
Author: ssmalley
Date: 2007-09-27 06:22:12 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libsemanage to version 1.10.7
Modified Paths:
--------------
branches/stable/1_0/libsemanage/ChangeLog
branches/stable/1_0/libsemanage/VERSION
Modified: branches/stable/1_0/libsemanage/ChangeLog
===================================================================
--- branches/stable/1_0/libsemanage/ChangeLog 2007-09-27 13:21:25 UTC (rev 2595)
+++ branches/stable/1_0/libsemanage/ChangeLog 2007-09-27 13:22:12 UTC (rev 2596)
@@ -1,3 +1,6 @@
+1.10.7 2007-09-27
+ * Improve reporting of system errors, e.g. full filesystem or read-only filesystem from Stephen Smalley.
+
1.10.6 2007-09-27
* Allow dontaudits to be turned off via semanage interface when updating policy from Joshua Brindle.
Modified: branches/stable/1_0/libsemanage/VERSION
===================================================================
--- branches/stable/1_0/libsemanage/VERSION 2007-09-27 13:21:25 UTC (rev 2595)
+++ branches/stable/1_0/libsemanage/VERSION 2007-09-27 13:22:12 UTC (rev 2596)
@@ -1 +1 @@
-1.10.6
+1.10.7
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:18:31
|
Revision: 2594
http://selinux.svn.sourceforge.net/selinux/?rev=2594&view=rev
Author: ssmalley
Date: 2007-09-27 06:16:53 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated checkpolicy to version 1.34.4
Modified Paths:
--------------
branches/stable/1_0/checkpolicy/ChangeLog
branches/stable/1_0/checkpolicy/VERSION
Modified: branches/stable/1_0/checkpolicy/ChangeLog
===================================================================
--- branches/stable/1_0/checkpolicy/ChangeLog 2007-09-27 13:16:05 UTC (rev 2593)
+++ branches/stable/1_0/checkpolicy/ChangeLog 2007-09-27 13:16:53 UTC (rev 2594)
@@ -1,3 +1,8 @@
+1.34.4 2007-09-27
+ * Merged handle unknown policydb flag support from Eric Paris.
+ Adds new command line options -U {allow, reject, deny} for selecting
+ the flag when a base module or kernel policy is built.
+
1.34.3 2007-05-31
* Merged fix for segfault on duplicate require of sensitivity from Caleb Case.
* Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
Modified: branches/stable/1_0/checkpolicy/VERSION
===================================================================
--- branches/stable/1_0/checkpolicy/VERSION 2007-09-27 13:16:05 UTC (rev 2593)
+++ branches/stable/1_0/checkpolicy/VERSION 2007-09-27 13:16:53 UTC (rev 2594)
@@ -1 +1 @@
-1.34.3
+1.34.4
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:16:59
|
Revision: 2592
http://selinux.svn.sourceforge.net/selinux/?rev=2592&view=rev
Author: ssmalley
Date: 2007-09-27 06:15:25 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
applied r2565:2567 (handle_unknown support) from trunk
Modified Paths:
--------------
branches/stable/1_0/checkpolicy/checkmodule.c
branches/stable/1_0/checkpolicy/checkpolicy.c
branches/stable/1_0/checkpolicy/policy_parse.y
branches/stable/1_0/checkpolicy/test/dismod.c
branches/stable/1_0/checkpolicy/test/dispol.c
branches/stable/1_0/libsepol/include/sepol/policydb/policydb.h
branches/stable/1_0/libsepol/src/expand.c
branches/stable/1_0/libsepol/src/policydb.c
branches/stable/1_0/libsepol/src/write.c
Modified: branches/stable/1_0/checkpolicy/checkmodule.c
===================================================================
--- branches/stable/1_0/checkpolicy/checkmodule.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/checkpolicy/checkmodule.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -39,6 +39,7 @@
static sidtab_t sidtab;
extern int mlspol;
+extern int handle_unknown;
static char *txtfile = "policy.conf";
static char *binfile = "policy";
@@ -121,6 +122,7 @@
p->policy_type = policy_type;
p->policyvers = policyvers;
+ p->handle_unknown = handle_unknown;
pf.type = PF_USE_STDIO;
pf.fp = outfp;
@@ -135,13 +137,17 @@
static void usage(char *progname)
{
- printf("usage: %s [-V] [-b] [-m] [-M] [-o FILE] [INPUT]\n", progname);
+ printf("usage: %s [-V] [-b] [-U handle_unknown] [-m] [-M] [-o FILE] [INPUT]\n", progname);
printf("Build base and policy modules.\n");
printf("Options:\n");
printf(" INPUT build module from INPUT (else read from \"%s\")\n",
txtfile);
printf(" -V show policy versions created by this program\n");
printf(" -b treat input as a binary policy file\n");
+ printf(" -U OPTION How to handle unknown classes and permissions\n");
+ printf(" deny: Deny unknown kernel checks\n");
+ printf(" reject: Reject loading of policy with unknowns\n");
+ printf(" allow: Allow unknown kernel checks\n");
printf(" -m build a policy module instead of a base module\n");
printf(" -M enable MLS policy\n");
printf(" -o FILE write module to FILE (else just check syntax)\n");
@@ -156,7 +162,7 @@
int show_version = 0;
policydb_t modpolicydb;
- while ((ch = getopt(argc, argv, "ho:dbVmM")) != EOF) {
+ while ((ch = getopt(argc, argv, "ho:dbVU:mM")) != EOF) {
switch (ch) {
case 'h':
usage(argv[0]);
@@ -171,6 +177,20 @@
case 'V':
show_version = 1;
break;
+ case 'U':
+ if (!strcasecmp(optarg, "deny")) {
+ handle_unknown = DENY_UNKNOWN;
+ break;
+ }
+ if (!strcasecmp(optarg, "reject")) {
+ handle_unknown = REJECT_UNKNOWN;
+ break;
+ }
+ if (!strcasecmp(optarg, "allow")) {
+ handle_unknown = ALLOW_UNKNOWN;
+ break;
+ }
+ usage(argv[0]);
case 'm':
policy_type = POLICY_MOD;
policyvers = MOD_POLICYDB_VERSION_MAX;
@@ -189,6 +209,12 @@
exit(0);
}
+ if (handle_unknown && (policy_type != POLICY_BASE)) {
+ printf("Handling of unknown classes and permissions is only ");
+ printf("valid in the base module\n");
+ exit(1);
+ }
+
if (optind != argc) {
file = argv[optind++];
if (optind != argc)
@@ -214,6 +240,7 @@
modpolicydb.policy_type = policy_type;
modpolicydb.mls = mlspol;
+ modpolicydb.handle_unknown = handle_unknown;
if (read_source_policy(&modpolicydb, file, argv[0]) == -1) {
exit(1);
Modified: branches/stable/1_0/checkpolicy/checkpolicy.c
===================================================================
--- branches/stable/1_0/checkpolicy/checkpolicy.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/checkpolicy/checkpolicy.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -90,6 +90,7 @@
extern policydb_t *policydbp;
extern int mlspol;
+extern int handle_unknown;
static char *txtfile = "policy.conf";
static char *binfile = "policy";
@@ -99,7 +100,7 @@
void usage(char *progname)
{
printf
- ("usage: %s [-b] [-d] [-M] [-c policyvers (%d-%d)] [-o output_file] [input_file]\n",
+ ("usage: %s [-b] [-d] [-U handle_unknown (allow,deny,reject) [-M] [-c policyvers (%d-%d)] [-o output_file] [input_file]\n",
progname, POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
exit(1);
}
@@ -390,7 +391,7 @@
int show_version = 0;
struct policy_file pf;
- while ((ch = getopt(argc, argv, "o:dbMVc:")) != EOF) {
+ while ((ch = getopt(argc, argv, "o:dbU:MVc:")) != EOF) {
switch (ch) {
case 'o':
outfile = optarg;
@@ -405,6 +406,20 @@
case 'V':
show_version = 1;
break;
+ case 'U':
+ if (!strcasecmp(optarg, "deny")) {
+ handle_unknown = DENY_UNKNOWN;
+ break;
+ }
+ if (!strcasecmp(optarg, "allow")) {
+ handle_unknown = ALLOW_UNKNOWN;
+ break;
+ }
+ if (!strcasecmp(optarg, "reject")) {
+ handle_unknown = REJECT_UNKNOWN;
+ break;
+ }
+ usage(argv[0]);
case 'M':
mlspol = 1;
break;
@@ -515,6 +530,7 @@
/* Let sepol know if we are dealing with MLS support */
parse_policy.mls = mlspol;
+ parse_policy.handle_unknown = handle_unknown;
policydbp = &parse_policy;
Modified: branches/stable/1_0/checkpolicy/policy_parse.y
===================================================================
--- branches/stable/1_0/checkpolicy/policy_parse.y 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/checkpolicy/policy_parse.y 2007-09-27 13:15:25 UTC (rev 2592)
@@ -66,6 +66,7 @@
static unsigned int pass;
char *curfile = 0;
int mlspol = 0;
+int handle_unknown = 0;
extern unsigned long policydb_lineno;
extern unsigned long source_lineno;
Modified: branches/stable/1_0/checkpolicy/test/dismod.c
===================================================================
--- branches/stable/1_0/checkpolicy/test/dismod.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/checkpolicy/test/dismod.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -665,6 +665,17 @@
return 0;
}
+int display_handle_unknown(policydb_t * policydb, FILE * out_fp)
+{
+ if (policydb->handle_unknown == ALLOW_UNKNOWN)
+ fprintf(out_fp, "Allow unknown classes and perms\n");
+ else if (policydb->handle_unknown == DENY_UNKNOWN)
+ fprintf(out_fp, "Deny unknown classes and perms\n");
+ else if (policydb->handle_unknown == REJECT_UNKNOWN)
+ fprintf(out_fp, "Reject unknown classes and perms\n");
+ return 0;
+}
+
static int read_policy(char *filename, policydb_t * policy)
{
FILE *in_fp;
@@ -771,6 +782,7 @@
printf("a) Display avrule requirements\n");
printf("b) Display avrule declarations\n");
printf("l) Link in a module\n");
+ printf("u) Display the unknown handling setting\n");
printf("\n");
printf("f) set output file\n");
printf("m) display menu\n");
@@ -879,6 +891,10 @@
fprintf(out_fp, "avrule block declarations:\n");
display_avblock(6, 0, &policydb, out_fp);
break;
+ case 'u':
+ case 'U':
+ display_handle_unknown(&policydb, out_fp);
+ break;
case 'f':
printf
("\nFilename for output (<CR> for screen output): ");
Modified: branches/stable/1_0/checkpolicy/test/dispol.c
===================================================================
--- branches/stable/1_0/checkpolicy/test/dispol.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/checkpolicy/test/dispol.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -273,6 +273,17 @@
return 1;
}
+int display_handle_unknown(policydb_t * policydb, FILE * out_fp)
+{
+ if (policydb->handle_unknown == ALLOW_UNKNOWN)
+ fprintf(out_fp, "Allow unknown classes and permisions\n");
+ else if (policydb->handle_unknown == DENY_UNKNOWN)
+ fprintf(out_fp, "Deny unknown classes and permisions\n");
+ else if (policydb->handle_unknown == REJECT_UNKNOWN)
+ fprintf(out_fp, "Reject unknown classes and permisions\n");
+ return 0;
+}
+
int change_bool(char *name, int state, policydb_t * p, FILE * fp)
{
cond_bool_datum_t *bool;
@@ -298,6 +309,7 @@
printf("6) display conditional expressions\n");
printf("7) change a boolean value\n");
printf("\n");
+ printf("u) display unknown handling setting\n");
printf("f) set output file\n");
printf("m) display menu\n");
printf("q) quit\n");
@@ -409,6 +421,10 @@
change_bool(name, state, &policydb, out_fp);
free(name);
break;
+ case 'u':
+ case 'U':
+ display_handle_unknown(&policydb, out_fp);
+ break;
case 'f':
printf
("\nFilename for output (<CR> for screen output): ");
Modified: branches/stable/1_0/libsepol/include/sepol/policydb/policydb.h
===================================================================
--- branches/stable/1_0/libsepol/include/sepol/policydb/policydb.h 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/libsepol/include/sepol/policydb/policydb.h 2007-09-27 13:15:25 UTC (rev 2592)
@@ -469,6 +469,8 @@
ebitmap_t *attr_type_map; /* not saved in the binary policy */
unsigned policyvers;
+
+ unsigned handle_unknown;
} policydb_t;
struct sepol_policydb {
@@ -599,6 +601,13 @@
#define POLICYDB_CONFIG_MLS 1
+/* the config flags related to unknown classes/perms are bits 2 and 3 */
+#define DENY_UNKNOWN 0x00000000
+#define REJECT_UNKNOWN 0x00000002
+#define ALLOW_UNKNOWN 0x00000004
+
+#define POLICYDB_CONFIG_UNKNOWN_MASK (DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN)
+
#define OBJECT_R "object_r"
#define OBJECT_R_VAL 1
Modified: branches/stable/1_0/libsepol/src/expand.c
===================================================================
--- branches/stable/1_0/libsepol/src/expand.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/libsepol/src/expand.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -2249,6 +2249,7 @@
/* Copy mls state from base to out */
out->mls = base->mls;
+ out->handle_unknown = base->handle_unknown;
if ((state.typemap =
(uint32_t *) calloc(state.base->p_types.nprim,
Modified: branches/stable/1_0/libsepol/src/policydb.c
===================================================================
--- branches/stable/1_0/libsepol/src/policydb.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/libsepol/src/policydb.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -3077,6 +3077,8 @@
p->mls = 0;
}
+ p->handle_unknown = buf[bufindex] & POLICYDB_CONFIG_UNKNOWN_MASK;
+
bufindex++;
info = policydb_lookup_compat(r_policyvers, policy_type);
Modified: branches/stable/1_0/libsepol/src/write.c
===================================================================
--- branches/stable/1_0/libsepol/src/write.c 2007-09-27 13:12:37 UTC (rev 2591)
+++ branches/stable/1_0/libsepol/src/write.c 2007-09-27 13:15:25 UTC (rev 2592)
@@ -1534,6 +1534,8 @@
if (p->mls)
config |= POLICYDB_CONFIG_MLS;
+ config |= (POLICYDB_CONFIG_UNKNOWN_MASK & p->handle_unknown);
+
/* Write the magic number and string identifiers. */
items = 0;
if (p->policy_type == POLICY_KERN) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:16:09
|
Revision: 2593
http://selinux.svn.sourceforge.net/selinux/?rev=2593&view=rev
Author: ssmalley
Date: 2007-09-27 06:16:05 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libsepol to version 1.16.8
Modified Paths:
--------------
branches/stable/1_0/libsepol/ChangeLog
branches/stable/1_0/libsepol/VERSION
Modified: branches/stable/1_0/libsepol/ChangeLog
===================================================================
--- branches/stable/1_0/libsepol/ChangeLog 2007-09-27 13:15:25 UTC (rev 2592)
+++ branches/stable/1_0/libsepol/ChangeLog 2007-09-27 13:16:05 UTC (rev 2593)
@@ -1,3 +1,6 @@
+1.16.8 2007-09-27
+ * Merged support for the handle_unknown policydb flag from Eric Paris.
+
1.16.7 2007-09-27
* Allow dontaudits to be turned off during policy expansion from Joshua Brindle.
Modified: branches/stable/1_0/libsepol/VERSION
===================================================================
--- branches/stable/1_0/libsepol/VERSION 2007-09-27 13:15:25 UTC (rev 2592)
+++ branches/stable/1_0/libsepol/VERSION 2007-09-27 13:16:05 UTC (rev 2593)
@@ -1 +1 @@
-1.16.7
+1.16.8
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:14:17
|
Revision: 2591
http://selinux.svn.sourceforge.net/selinux/?rev=2591&view=rev
Author: ssmalley
Date: 2007-09-27 06:12:37 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated policycoreutils to version 1.34.12
Modified Paths:
--------------
branches/stable/1_0/policycoreutils/ChangeLog
branches/stable/1_0/policycoreutils/VERSION
Modified: branches/stable/1_0/policycoreutils/ChangeLog
===================================================================
--- branches/stable/1_0/policycoreutils/ChangeLog 2007-09-27 13:11:48 UTC (rev 2590)
+++ branches/stable/1_0/policycoreutils/ChangeLog 2007-09-27 13:12:37 UTC (rev 2591)
@@ -1,3 +1,6 @@
+1.34.12 2007-09-27
+ * Disable dontaudits via semodule -D from Joshua Brindle.
+
1.34.11 2007-08-23
* Fix genhomedircon matching of the USER template from Todd Miller.
* Fix chcat from Dan Walsh.
Modified: branches/stable/1_0/policycoreutils/VERSION
===================================================================
--- branches/stable/1_0/policycoreutils/VERSION 2007-09-27 13:11:48 UTC (rev 2590)
+++ branches/stable/1_0/policycoreutils/VERSION 2007-09-27 13:12:37 UTC (rev 2591)
@@ -1 +1 @@
-1.34.11
+1.34.12
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:11:50
|
Revision: 2590
http://selinux.svn.sourceforge.net/selinux/?rev=2590&view=rev
Author: ssmalley
Date: 2007-09-27 06:11:48 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libsemanage to version 1.10.6
Modified Paths:
--------------
branches/stable/1_0/libsemanage/ChangeLog
branches/stable/1_0/libsemanage/VERSION
Modified: branches/stable/1_0/libsemanage/ChangeLog
===================================================================
--- branches/stable/1_0/libsemanage/ChangeLog 2007-09-27 13:11:02 UTC (rev 2589)
+++ branches/stable/1_0/libsemanage/ChangeLog 2007-09-27 13:11:48 UTC (rev 2590)
@@ -1,3 +1,6 @@
+1.10.6 2007-09-27
+ * Allow dontaudits to be turned off via semanage interface when updating policy from Joshua Brindle.
+
1.10.5 2007-09-24
* Pass CFLAGS to CC even on link command, per Dennis Gilmore.
Modified: branches/stable/1_0/libsemanage/VERSION
===================================================================
--- branches/stable/1_0/libsemanage/VERSION 2007-09-27 13:11:02 UTC (rev 2589)
+++ branches/stable/1_0/libsemanage/VERSION 2007-09-27 13:11:48 UTC (rev 2590)
@@ -1 +1 @@
-1.10.5
+1.10.6
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:11:10
|
Revision: 2589
http://selinux.svn.sourceforge.net/selinux/?rev=2589&view=rev
Author: ssmalley
Date: 2007-09-27 06:11:02 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libsepol to version 1.16.7
Modified Paths:
--------------
branches/stable/1_0/libsepol/ChangeLog
branches/stable/1_0/libsepol/VERSION
Modified: branches/stable/1_0/libsepol/ChangeLog
===================================================================
--- branches/stable/1_0/libsepol/ChangeLog 2007-09-27 13:10:10 UTC (rev 2588)
+++ branches/stable/1_0/libsepol/ChangeLog 2007-09-27 13:11:02 UTC (rev 2589)
@@ -1,3 +1,6 @@
+1.16.7 2007-09-27
+ * Allow dontaudits to be turned off during policy expansion from Joshua Brindle.
+
1.16.6 2007-09-24
* Pass CFLAGS to CC even on link command, per Dennis Gilmore.
Modified: branches/stable/1_0/libsepol/VERSION
===================================================================
--- branches/stable/1_0/libsepol/VERSION 2007-09-27 13:10:10 UTC (rev 2588)
+++ branches/stable/1_0/libsepol/VERSION 2007-09-27 13:11:02 UTC (rev 2589)
@@ -1 +1 @@
-1.16.6
+1.16.7
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-27 13:10:14
|
Revision: 2588
http://selinux.svn.sourceforge.net/selinux/?rev=2588&view=rev
Author: ssmalley
Date: 2007-09-27 06:10:10 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
applied r2517:2518 (disable dontaudit support) from trunk
Modified Paths:
--------------
branches/stable/1_0/libsemanage/include/semanage/handle.h
branches/stable/1_0/libsemanage/src/handle.c
branches/stable/1_0/libsemanage/src/libsemanage.map
branches/stable/1_0/libsepol/include/sepol/handle.h
branches/stable/1_0/libsepol/src/expand.c
branches/stable/1_0/libsepol/src/handle.c
branches/stable/1_0/libsepol/src/handle.h
branches/stable/1_0/libsepol/src/libsepol.map
branches/stable/1_0/policycoreutils/semodule/semodule.c
Modified: branches/stable/1_0/libsemanage/include/semanage/handle.h
===================================================================
--- branches/stable/1_0/libsemanage/include/semanage/handle.h 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsemanage/include/semanage/handle.h 2007-09-27 13:10:10 UTC (rev 2588)
@@ -69,6 +69,9 @@
* 1 for yes, 0 for no (default) */
void semanage_set_create_store(semanage_handle_t * handle, int create_store);
+/* Set whether or not to disable dontaudits upon commit */
+void semanage_set_disable_dontaudit(semanage_handle_t * handle, int disable_dontaudit);
+
/* Check whether policy is managed via libsemanage on this system.
* Must be called prior to trying to connect.
* Return 1 if policy is managed via libsemanage on this system,
Modified: branches/stable/1_0/libsemanage/src/handle.c
===================================================================
--- branches/stable/1_0/libsemanage/src/handle.c 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsemanage/src/handle.c 2007-09-27 13:10:10 UTC (rev 2588)
@@ -109,6 +109,14 @@
return;
}
+void semanage_set_disable_dontaudit(semanage_handle_t * sh, int disable_dontaudit)
+{
+ assert(sh != NULL);
+
+ sepol_set_disable_dontaudit(sh->sepolh, disable_dontaudit);
+ return;
+}
+
int semanage_is_connected(semanage_handle_t * sh)
{
assert(sh != NULL);
Modified: branches/stable/1_0/libsemanage/src/libsemanage.map
===================================================================
--- branches/stable/1_0/libsemanage/src/libsemanage.map 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsemanage/src/libsemanage.map 2007-09-27 13:10:10 UTC (rev 2588)
@@ -13,6 +13,6 @@
semanage_iface_*; semanage_port_*; semanage_context_*;
semanage_node_*;
semanage_fcontext_*; semanage_access_check; semanage_set_create_store;
- semanage_is_connected;
+ semanage_is_connected; semanage_set_disable_dontaudit;
local: *;
};
Modified: branches/stable/1_0/libsepol/include/sepol/handle.h
===================================================================
--- branches/stable/1_0/libsepol/include/sepol/handle.h 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsepol/include/sepol/handle.h 2007-09-27 13:10:10 UTC (rev 2588)
@@ -7,6 +7,10 @@
/* Create and return a sepol handle. */
sepol_handle_t *sepol_handle_create(void);
+/* Set whether or not to disable dontaudits, 0 is default and does
+ * not disable dontaudits, 1 disables them */
+void sepol_set_disable_dontaudit(sepol_handle_t * sh, int disable_dontaudit);
+
/* Destroy a sepol handle. */
void sepol_handle_destroy(sepol_handle_t *);
Modified: branches/stable/1_0/libsepol/src/expand.c
===================================================================
--- branches/stable/1_0/libsepol/src/expand.c 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsepol/src/expand.c 2007-09-27 13:10:10 UTC (rev 2588)
@@ -1366,6 +1366,8 @@
} else if (specified & AVRULE_AUDITDENY) {
spec = AVTAB_AUDITDENY;
} else if (specified & AVRULE_DONTAUDIT) {
+ if (handle->disable_dontaudit)
+ return EXPAND_RULE_SUCCESS;
spec = AVTAB_AUDITDENY;
} else if (specified & AVRULE_NEVERALLOW) {
spec = AVTAB_NEVERALLOW;
Modified: branches/stable/1_0/libsepol/src/handle.c
===================================================================
--- branches/stable/1_0/libsepol/src/handle.c 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsepol/src/handle.c 2007-09-27 13:10:10 UTC (rev 2588)
@@ -1,4 +1,5 @@
#include <stdlib.h>
+#include <assert.h>
#include "handle.h"
#include "debug.h"
@@ -13,9 +14,18 @@
sh->msg_callback = sepol_msg_default_handler;
sh->msg_callback_arg = NULL;
+ /* by default do not disable dontaudits */
+ sh->disable_dontaudit = 0;
+
return sh;
}
+void sepol_set_disable_dontaudit(sepol_handle_t * sh, int disable_dontaudit)
+{
+ assert(sh !=NULL);
+ sh->disable_dontaudit = disable_dontaudit;
+}
+
void sepol_handle_destroy(sepol_handle_t * sh)
{
free(sh);
Modified: branches/stable/1_0/libsepol/src/handle.h
===================================================================
--- branches/stable/1_0/libsepol/src/handle.h 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsepol/src/handle.h 2007-09-27 13:10:10 UTC (rev 2588)
@@ -14,6 +14,9 @@
void (*msg_callback) (void *varg,
sepol_handle_t * handle, const char *fmt, ...);
void *msg_callback_arg;
+
+ int disable_dontaudit;
+
};
#endif
Modified: branches/stable/1_0/libsepol/src/libsepol.map
===================================================================
--- branches/stable/1_0/libsepol/src/libsepol.map 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/libsepol/src/libsepol.map 2007-09-27 13:10:10 UTC (rev 2588)
@@ -12,5 +12,6 @@
sepol_policydb_*; sepol_set_policydb_from_file;
sepol_policy_kern_*;
sepol_policy_file_*;
+ sepol_set_disable_dontaudit;
local: *;
};
Modified: branches/stable/1_0/policycoreutils/semodule/semodule.c
===================================================================
--- branches/stable/1_0/policycoreutils/semodule/semodule.c 2007-09-25 12:15:19 UTC (rev 2587)
+++ branches/stable/1_0/policycoreutils/semodule/semodule.c 2007-09-27 13:10:10 UTC (rev 2588)
@@ -44,6 +44,7 @@
static int no_reload;
static int create_store;
static int build;
+static int disable_dontaudit;
static semanage_handle_t *sh = NULL;
static char *store;
@@ -131,6 +132,7 @@
printf(" -n,--noreload do not reload policy after commit\n");
printf(" -h,--help print this message and quit\n");
printf(" -v,--verbose be verbose\n");
+ printf(" -D,--disable_dontaudit Remove dontaudits from policy\n");
}
/* Sets the global mode variable to new_mode, but only if no other
@@ -173,6 +175,7 @@
{"reload", 0, NULL, 'R'},
{"noreload", 0, NULL, 'n'},
{"build", 0, NULL, 'B'},
+ {"disable_dontaudit", 0, NULL, 'D'},
{NULL, 0, NULL, 0}
};
int i;
@@ -181,7 +184,7 @@
no_reload = 0;
create_store = 0;
while ((i =
- getopt_long(argc, argv, "s:b:hi:lvqr:u:RnB", opts,
+ getopt_long(argc, argv, "s:b:hi:lvqr:u:RnBD", opts,
NULL)) != -1) {
switch (i) {
case 'b':
@@ -218,6 +221,9 @@
case 'B':
build = 1;
break;
+ case 'D':
+ disable_dontaudit = 1;
+ break;
case '?':
default:{
usage(argv[0]);
@@ -441,6 +447,8 @@
semanage_set_reload(sh, 0);
if (build)
semanage_set_rebuild(sh, 1);
+ if (disable_dontaudit)
+ semanage_set_disable_dontaudit(sh, 1);
result = semanage_commit(sh);
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-25 12:15:21
|
Revision: 2587
http://selinux.svn.sourceforge.net/selinux/?rev=2587&view=rev
Author: ssmalley
Date: 2007-09-25 05:15:19 -0700 (Tue, 25 Sep 2007)
Log Message:
-----------
20070925
Added Paths:
-----------
tags/stable/20070925/
Copied: tags/stable/20070925 (from rev 2586, branches/stable/1_0)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-25 12:15:16
|
Revision: 2586
http://selinux.svn.sourceforge.net/selinux/?rev=2586&view=rev
Author: ssmalley
Date: 2007-09-25 05:15:14 -0700 (Tue, 25 Sep 2007)
Log Message:
-----------
20070925
Added Paths:
-----------
tags/devel/20070925/
Copied: tags/devel/20070925 (from rev 2585, trunk)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 17:07:04
|
Revision: 2576
http://selinux.svn.sourceforge.net/selinux/?rev=2576&view=rev
Author: ssmalley
Date: 2007-09-24 09:11:49 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: Old libselinux bug. We are leaking a file descriptor.
Date: Mon, 24 Sep 2007 11:41:29 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This bug causes dbus to leak file descriptors when autostarting confined
applications.
Should be able to remove
ifdef(`hide_broken_symptoms', `
dontaudit $2 $1_dbusd_t:netlink_selinux_socket { read write };
');
- From policy.
Modified Paths:
--------------
trunk/libselinux/src/avc_internal.c
Modified: trunk/libselinux/src/avc_internal.c
===================================================================
--- trunk/libselinux/src/avc_internal.c 2007-09-19 21:17:29 UTC (rev 2575)
+++ trunk/libselinux/src/avc_internal.c 2007-09-24 16:11:49 UTC (rev 2576)
@@ -61,7 +61,8 @@
rc = fd;
goto out;
}
-
+
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
close(fd);
rc = -1;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 17:04:08
|
Revision: 2577
http://selinux.svn.sourceforge.net/selinux/?rev=2577&view=rev
Author: ssmalley
Date: 2007-09-24 09:13:23 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: Patch for libselinux to build correctly on Sparc.
Date: Mon, 24 Sep 2007 11:54:34 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
https://bugzilla.redhat.com/show_bug.cgi?id=199367
sparc64 needs to use CFLAGS with CC to link properly using gcc the
attached patch fixes this issue
Patch submitted originally by Dennis Gilmore.
Further info from bugzilla.
(In reply to comment #7)
> It's ok by me, although I'm wondering what CFLAGS you are supplying
that matter
> here.
For multilib support, sparc needs libselinux (and libsepol) to be built
as sparc
(32bit) and sparc64 (64bit). sparc builds fine (-m32 is assumed by the
compiler), but when building for sparc64, we need all compile and link
operations to have -m64 passed for it, or else gcc will mismatch (it
will make
sparc64 object files, then try to link them as a 32bit library) and the
build fails.
The easiest way to ensure safe and consistent builds is to universally apply
CFLAGS whenever calling CC, which is what this patch does.
Modified Paths:
--------------
trunk/libselinux/src/Makefile
Modified: trunk/libselinux/src/Makefile
===================================================================
--- trunk/libselinux/src/Makefile 2007-09-24 16:11:49 UTC (rev 2576)
+++ trunk/libselinux/src/Makefile 2007-09-24 16:13:23 UTC (rev 2577)
@@ -57,10 +57,10 @@
$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
$(SWIGSO): $(SWIGLOBJ)
- $(CC) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
ln -sf $@ $(TARGET)
%.o: %.c policy.h
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:38:45
|
Revision: 2585
http://selinux.svn.sourceforge.net/selinux/?rev=2585&view=rev
Author: ssmalley
Date: 2007-09-24 09:38:39 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libsemanage to version 1.10.5
Modified Paths:
--------------
branches/stable/1_0/libsemanage/ChangeLog
branches/stable/1_0/libsemanage/VERSION
Modified: branches/stable/1_0/libsemanage/ChangeLog
===================================================================
--- branches/stable/1_0/libsemanage/ChangeLog 2007-09-24 16:38:11 UTC (rev 2584)
+++ branches/stable/1_0/libsemanage/ChangeLog 2007-09-24 16:38:39 UTC (rev 2585)
@@ -1,3 +1,6 @@
+1.10.5 2007-09-24
+ * Pass CFLAGS to CC even on link command, per Dennis Gilmore.
+
1.10.4 2007-04-25
* Merged man page updates from Dan Walsh to make whatis work better
Modified: branches/stable/1_0/libsemanage/VERSION
===================================================================
--- branches/stable/1_0/libsemanage/VERSION 2007-09-24 16:38:11 UTC (rev 2584)
+++ branches/stable/1_0/libsemanage/VERSION 2007-09-24 16:38:39 UTC (rev 2585)
@@ -1 +1 @@
-1.10.4
+1.10.5
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:38:13
|
Revision: 2584
http://selinux.svn.sourceforge.net/selinux/?rev=2584&view=rev
Author: ssmalley
Date: 2007-09-24 09:38:11 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libsepol to version 1.16.6
Modified Paths:
--------------
branches/stable/1_0/libsepol/ChangeLog
branches/stable/1_0/libsepol/VERSION
Modified: branches/stable/1_0/libsepol/ChangeLog
===================================================================
--- branches/stable/1_0/libsepol/ChangeLog 2007-09-24 16:37:42 UTC (rev 2583)
+++ branches/stable/1_0/libsepol/ChangeLog 2007-09-24 16:38:11 UTC (rev 2584)
@@ -1,3 +1,6 @@
+1.16.6 2007-09-24
+ * Pass CFLAGS to CC even on link command, per Dennis Gilmore.
+
1.16.5 2007-08-28
* Fixed module_package_read_offsets bug introduced by the prior patch.
Modified: branches/stable/1_0/libsepol/VERSION
===================================================================
--- branches/stable/1_0/libsepol/VERSION 2007-09-24 16:37:42 UTC (rev 2583)
+++ branches/stable/1_0/libsepol/VERSION 2007-09-24 16:38:11 UTC (rev 2584)
@@ -1 +1 @@
-1.16.5
+1.16.6
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:37:43
|
Revision: 2583
http://selinux.svn.sourceforge.net/selinux/?rev=2583&view=rev
Author: ssmalley
Date: 2007-09-24 09:37:42 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libsepol to version 2.0.11
Modified Paths:
--------------
trunk/libsepol/ChangeLog
trunk/libsepol/VERSION
Modified: trunk/libsepol/ChangeLog
===================================================================
--- trunk/libsepol/ChangeLog 2007-09-24 16:37:16 UTC (rev 2582)
+++ trunk/libsepol/ChangeLog 2007-09-24 16:37:42 UTC (rev 2583)
@@ -1,3 +1,6 @@
+2.0.11 2007-09-24
+ * Pass CFLAGS to CC even on link command, per Dennis Gilmore.
+
2.0.10 2007-09-18
* Merged support for the handle_unknown policydb flag from Eric Paris.
Modified: trunk/libsepol/VERSION
===================================================================
--- trunk/libsepol/VERSION 2007-09-24 16:37:16 UTC (rev 2582)
+++ trunk/libsepol/VERSION 2007-09-24 16:37:42 UTC (rev 2583)
@@ -1 +1 @@
-2.0.10
+2.0.11
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:37:18
|
Revision: 2582
http://selinux.svn.sourceforge.net/selinux/?rev=2582&view=rev
Author: ssmalley
Date: 2007-09-24 09:37:16 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libsemanage to version 2.0.9
Modified Paths:
--------------
trunk/libsemanage/ChangeLog
trunk/libsemanage/VERSION
Modified: trunk/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2007-09-24 16:35:08 UTC (rev 2581)
+++ trunk/libsemanage/ChangeLog 2007-09-24 16:37:16 UTC (rev 2582)
@@ -1,3 +1,6 @@
+2.0.9 2007-09-24
+ * Pass CFLAGS to CC even on link command, per Dennis Gilmore.
+
2.0.8 2007-09-19
* Clear errno on non-fatal errors to avoid reporting them upon a
later error that does not set errno.
Modified: trunk/libsemanage/VERSION
===================================================================
--- trunk/libsemanage/VERSION 2007-09-24 16:35:08 UTC (rev 2581)
+++ trunk/libsemanage/VERSION 2007-09-24 16:37:16 UTC (rev 2582)
@@ -1 +1 @@
-2.0.8
+2.0.9
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:35:11
|
Revision: 2581
http://selinux.svn.sourceforge.net/selinux/?rev=2581&view=rev
Author: ssmalley
Date: 2007-09-24 09:35:08 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
Pass CFLAGS to CC always, even on link command line.
Modified Paths:
--------------
branches/stable/1_0/libsemanage/src/Makefile
branches/stable/1_0/libsepol/src/Makefile
Modified: branches/stable/1_0/libsemanage/src/Makefile
===================================================================
--- branches/stable/1_0/libsemanage/src/Makefile 2007-09-24 16:33:53 UTC (rev 2580)
+++ branches/stable/1_0/libsemanage/src/Makefile 2007-09-24 16:35:08 UTC (rev 2581)
@@ -47,14 +47,14 @@
$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
$(SWIGSO): $(SWIGLOBJ)
- $(CC) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -l$(PYLIBVER) -L$(LIBDIR) -Wl,-soname,$@,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -l$(PYLIBVER) -L$(LIBDIR) -Wl,-soname,$@,-z,defs
$(LIBA): $(OBJS)
$(AR) rcs $@ $^
ranlib $@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
ln -sf $@ $(TARGET)
conf-scan.c: conf-scan.l conf-parse.h
Modified: branches/stable/1_0/libsepol/src/Makefile
===================================================================
--- branches/stable/1_0/libsepol/src/Makefile 2007-09-24 16:33:53 UTC (rev 2580)
+++ branches/stable/1_0/libsepol/src/Makefile 2007-09-24 16:35:08 UTC (rev 2581)
@@ -20,7 +20,7 @@
ranlib $@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -Wl,-soname,$(LIBSO),--version-script=libsepol.map,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -Wl,-soname,$(LIBSO),--version-script=libsepol.map,-z,defs
ln -sf $@ $(TARGET)
%.o: %.c
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:33:56
|
Revision: 2580
http://selinux.svn.sourceforge.net/selinux/?rev=2580&view=rev
Author: ssmalley
Date: 2007-09-24 09:33:53 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
Update other Makefiles in the same way as libselinux.
Modified Paths:
--------------
trunk/libsemanage/src/Makefile
trunk/libsepol/src/Makefile
Modified: trunk/libsemanage/src/Makefile
===================================================================
--- trunk/libsemanage/src/Makefile 2007-09-24 16:21:53 UTC (rev 2579)
+++ trunk/libsemanage/src/Makefile 2007-09-24 16:33:53 UTC (rev 2580)
@@ -47,14 +47,14 @@
$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
$(SWIGSO): $(SWIGLOBJ)
- $(CC) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -l$(PYLIBVER) -L$(LIBDIR) -Wl,-soname,$@,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -l$(PYLIBVER) -L$(LIBDIR) -Wl,-soname,$@,-z,defs
$(LIBA): $(OBJS)
$(AR) rcs $@ $^
ranlib $@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
ln -sf $@ $(TARGET)
conf-scan.c: conf-scan.l conf-parse.h
Modified: trunk/libsepol/src/Makefile
===================================================================
--- trunk/libsepol/src/Makefile 2007-09-24 16:21:53 UTC (rev 2579)
+++ trunk/libsepol/src/Makefile 2007-09-24 16:33:53 UTC (rev 2580)
@@ -20,7 +20,7 @@
ranlib $@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -Wl,-soname,$(LIBSO),--version-script=libsepol.map,-z,defs
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -Wl,-soname,$(LIBSO),--version-script=libsepol.map,-z,defs
ln -sf $@ $(TARGET)
%.o: %.c
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:22:46
|
Revision: 2579
http://selinux.svn.sourceforge.net/selinux/?rev=2579&view=rev
Author: ssmalley
Date: 2007-09-24 09:21:53 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libselinux to version 1.34.13
Modified Paths:
--------------
branches/stable/1_0/libselinux/ChangeLog
branches/stable/1_0/libselinux/VERSION
branches/stable/1_0/libselinux/src/Makefile
branches/stable/1_0/libselinux/src/avc_internal.c
Modified: branches/stable/1_0/libselinux/ChangeLog
===================================================================
--- branches/stable/1_0/libselinux/ChangeLog 2007-09-24 16:14:59 UTC (rev 2578)
+++ branches/stable/1_0/libselinux/ChangeLog 2007-09-24 16:21:53 UTC (rev 2579)
@@ -1,3 +1,7 @@
+1.34.13 2007-09-24
+ * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
+ * Pass CFLAGS when using gcc for linking from Dennis Gilmore.
+
1.34.12 2007-09-12
* Further fix for getfilecon() handling of zero-length contexts from Stephen Smalley.
Modified: branches/stable/1_0/libselinux/VERSION
===================================================================
--- branches/stable/1_0/libselinux/VERSION 2007-09-24 16:14:59 UTC (rev 2578)
+++ branches/stable/1_0/libselinux/VERSION 2007-09-24 16:21:53 UTC (rev 2579)
@@ -1 +1 @@
-1.34.12
+1.34.13
Modified: branches/stable/1_0/libselinux/src/Makefile
===================================================================
--- branches/stable/1_0/libselinux/src/Makefile 2007-09-24 16:14:59 UTC (rev 2578)
+++ branches/stable/1_0/libselinux/src/Makefile 2007-09-24 16:21:53 UTC (rev 2579)
@@ -45,10 +45,10 @@
$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
$(SWIGSO): $(SWIGLOBJ)
- $(CC) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
$(LIBSO): $(LOBJS)
- $(CC) $(LDFLAGS) -shared -o $@ $^ -ldl -lsepol -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -lsepol -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
ln -sf $@ $(TARGET)
%.o: %.c policy.h
Modified: branches/stable/1_0/libselinux/src/avc_internal.c
===================================================================
--- branches/stable/1_0/libselinux/src/avc_internal.c 2007-09-24 16:14:59 UTC (rev 2578)
+++ branches/stable/1_0/libselinux/src/avc_internal.c 2007-09-24 16:21:53 UTC (rev 2579)
@@ -60,7 +60,8 @@
rc = fd;
goto out;
}
-
+
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
close(fd);
rc = -1;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:15:17
|
Revision: 2578
http://selinux.svn.sourceforge.net/selinux/?rev=2578&view=rev
Author: ssmalley
Date: 2007-09-24 09:14:59 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.35
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-24 16:13:23 UTC (rev 2577)
+++ trunk/libselinux/ChangeLog 2007-09-24 16:14:59 UTC (rev 2578)
@@ -1,3 +1,7 @@
+2.0.35 2007-09-24
+ * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
+ * Pass CFLAGS when using gcc for linking from Dennis Gilmore.
+
2.0.34 2007-09-18
* Fix selabel option flag setting for 64-bit from Stephen Smalley.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-24 16:13:23 UTC (rev 2577)
+++ trunk/libselinux/VERSION 2007-09-24 16:14:59 UTC (rev 2578)
@@ -1 +1 @@
-2.0.34
+2.0.35
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
