Menu
▾
▴
selinux-commits — Commits to the subversion repo
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(24) |
Sep
(38) |
Oct
(29) |
Nov
(40) |
Dec
(4) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(88) |
Feb
(66) |
Mar
(44) |
Apr
(104) |
May
(35) |
Jun
(34) |
Jul
(12) |
Aug
(42) |
Sep
(84) |
Oct
(34) |
Nov
(30) |
Dec
(22) |
| 2008 |
Jan
(60) |
Feb
(54) |
Mar
(32) |
Apr
(14) |
May
(16) |
Jun
(26) |
Jul
(22) |
Aug
(12) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <ssm...@us...> - 2006-10-17 14:23:45
|
Revision: 2051
http://svn.sourceforge.net/selinux/?rev=2051&view=rev
Author: ssmalley
Date: 2006-10-17 07:22:47 -0700 (Tue, 17 Oct 2006)
Log Message:
-----------
Author: Yuichi Nakamura
Email: yn...@hi...
Subject: audit2allow -l is unusable in FC5
Date: 2006-09-06 1:15:11
On Tue, 5 Sep 2006 17:35:24 -0700 (PDT)
Steve G wrote:
> >There is no log saying "avc granted load_policy",
> >instead, there is audit log "audit(1157498697.581:88): policy loaded
> >auid=4294967295 ".
> Yes this is correct. This is the new way as of kernel 2.6.17. There was some
> overlap where an audit was in the policy and the kernel, but we only need one
> message. The audit2allow program should be updated to recognize the above as a
> load policy event.
I see, so avc.py should be fixed.
I wrote simple patch.
Yuichi Nakamura
Modified Paths:
--------------
trunk/policycoreutils/audit2allow/avc.py
Modified: trunk/policycoreutils/audit2allow/avc.py
===================================================================
--- trunk/policycoreutils/audit2allow/avc.py 2006-10-06 00:17:46 UTC (rev 2050)
+++ trunk/policycoreutils/audit2allow/avc.py 2006-10-17 14:22:47 UTC (rev 2051)
@@ -357,6 +357,15 @@
break
else:
dict.append(i)
+
+ if not found:
+ regexp = "audit\(\d+\.\d+:\d+\): policy loaded"
+ m = re.match(regexp, line)
+ if m !=None:
+ found =1
+ dict.append("load_policy")
+ dict.append("granted")
+
if found:
self.translate(dict)
found = 0
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-10-06 00:17:54
|
Revision: 2050
http://svn.sourceforge.net/selinux/?rev=2050&view=rev
Author: madmethod
Date: 2006-10-05 17:17:46 -0700 (Thu, 05 Oct 2006)
Log Message:
-----------
tag for libselinux 1.30.30
Added Paths:
-----------
tags/libselinux_1_30_30/
tags/libselinux_1_30_30/libselinux/
tags/libselinux_1_30_30/libselinux/ChangeLog
tags/libselinux_1_30_30/libselinux/VERSION
tags/libselinux_1_30_30/libselinux/include/selinux/avc.h
tags/libselinux_1_30_30/libselinux/src/avc.c
Removed Paths:
-------------
tags/libselinux_1_30_30/libselinux/ChangeLog
tags/libselinux_1_30_30/libselinux/VERSION
tags/libselinux_1_30_30/libselinux/include/selinux/avc.h
tags/libselinux_1_30_30/libselinux/src/avc.c
Copied: tags/libselinux_1_30_30/libselinux (from rev 2047, trunk/libselinux)
Deleted: tags/libselinux_1_30_30/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-29 15:44:05 UTC (rev 2047)
+++ tags/libselinux_1_30_30/libselinux/ChangeLog 2006-10-06 00:17:46 UTC (rev 2050)
@@ -1,558 +0,0 @@
-1.30.29 2006-09-29
- * Merged av_permissions.h update from Steve Grubb,
- adding setsockcreate and polmatch definitions.
-
-1.30.28 2006-09-13
- * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
- * Merged c++ class identifier fix from Joe Nall.
-
-1.30.27 2006-08-24
- * Merged patch to not log avc stats upon a reset from Steve Grubb.
- * Applied patch to revert compat_net setting upon policy load.
-
-1.30.26 2006-08-11
- * Merged file context homedir and local path functions from
- Chris PeBenito.
-
-1.30.25 2006-08-11
- * Rework functions that access /proc/pid/attr to access the
- per-thread nodes, and unify the code to simplify maintenance.
-
-1.30.24 2006-08-10
- * Merged return value fix for *getfilecon() from Dan Walsh.
-
-1.30.23 2006-08-10
- * Merged sockcreate interfaces from Eric Paris.
-
-1.30.22 2006-08-03
- * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
-
-1.30.21 2006-08-03
- * Merged netfilter_contexts support patch from Chris PeBenito.
-
-1.30.20 2006-08-01
- * Merged context_*_set errno patch from Jim Meyering.
-
-1.30.19 2006-06-29
- * Lindent.
-
-1.30.18 2006-06-27
- * Merged {get,set}procattrcon patch set from Eric Paris.
- * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
-
-1.30.17 2006-06-27
- * Regenerated Flask headers from refpolicy.
-
-1.30.16 2006-06-26
- * Merged patch from Dan Walsh with:
- - Added selinux_file_context_{cmp,verify}.
- - Added selinux_lsetfilecon_default.
- - Delay translation of contexts in matchpathcon.
-
-1.30.15 2006-06-16
- * Merged patch from Dan Walsh with:
- * Added selinux_getpolicytype() function.
- * Modified setrans code to skip processing if !mls_enabled.
-
-1.30.14 2006-06-16
- * Set errno in the !selinux_mnt case.
-
-1.30.13 2006-06-02
- * Allocate large buffers from the heap, not on stack.
- Affects is_context_customizable, selinux_init_load_policy,
- and selinux_getenforcemode.
-
-1.30.12 2006-06-02
- * Merged !selinux_mnt checks from Ian Kent.
-
-1.30.11 2006-05-24
- * Merged matchmediacon and trans_to_raw_context fixes from
- Serge Hallyn.
-
-1.30.10 2006-05-22
- * Merged simple setrans client cache from Dan Walsh.
- Merged avcstat patch from Russell Coker.
-
-1.30.9 2006-05-22
- * Modified selinux_mkload_policy() to also set /selinux/compat_net
- appropriately for the loaded policy.
-
-1.30.8 2006-05-17
- * Added matchpathcon_fini() function to free memory allocated by
- matchpathcon_init().
-
-1.30.7 2006-05-16
- * Merged setrans client cleanup patch from Steve Grubb.
-
-1.30.6 2006-05-08
- * Merged getfscreatecon man page fix from Dan Walsh.
- * Updated booleans(8) man page to drop references to the old
- booleans file and to note that setsebool can be used to set
- the boot-time defaults via -P.
-
-1.30.5 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.30.4 2006-05-05
- * Merged setrans client support from Dan Walsh.
- This removes use of libsetrans.
- * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
- * Merged swig typemap fixes from Glauber de Oliveira Costa.
-
-1.30.3 2006-04-12
- * Added distclean target to Makefile.
- * Regenerated swig files.
-
-1.30.2 2006-04-11
- * Changed matchpathcon_init to verify that the spec file is
- a regular file.
- * Merged python binding t_output_helper removal patch from Dan Walsh.
-
-1.30.1 2006-03-20
- * Merged Makefile PYLIBVER definition patch from Dan Walsh.
-
-1.30 2006-03-14
- * Updated version for release.
-
-1.29.8 2006-02-27
- * Altered rpm_execcon fallback logic for permissive mode to also
- handle case where /selinux/enforce is not available.
-
-1.29.7 2006-01-20
- * Merged install-pywrap Makefile patch from Joshua Brindle.
-
-1.29.6 2006-01-18
- * Merged pywrap Makefile patch from Dan Walsh.
-
-1.29.5 2006-01-11
- * Added getseuser test program.
-
-1.29.4 2006-01-06
- * Added format attribute to myprintf in matchpathcon.c and
- removed obsoleted rootlen variable in init_selinux_config().
-
-1.29.3 2006-01-04
- * Merged several fixes and improvements from Ulrich Drepper
- (Red Hat), including:
- - corrected use of getline
- - further calls to __fsetlocking for local files
- - use of strdupa and asprintf
- - proper handling of dirent in booleans code
- - use of -z relro
- - several other optimizations
- * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
-
-1.29.2 2005-12-14
- * Merged call to finish_context_translations from Dan Walsh.
- This eliminates a memory leak from failing to release memory
- allocated by libsetrans.
-
-1.29.1 2005-12-08
- * Merged patch for swig interfaces from Dan Walsh.
-
-1.28 2005-12-07
- * Updated version for release.
-
-1.27.28 2005-12-01
- * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
- modified matchpathcon implementation to make context validation/
- canonicalization optional at matchpathcon_init time, deferring it
- to a successful matchpathcon by default unless the new flag is set
- by the caller.
-
-1.27.27 2005-12-01
- * Added matchpathcon_init_prefix() interface, and
- reworked matchpathcon implementation to support selective
- loading of file contexts entries based on prefix matching
- between the pathname regex stems and the specified path
- prefix (stem must be a prefix of the specified path prefix).
-
-1.27.26 2005-11-29
- * Merged getsebool patch from Dan Walsh.
-
-1.27.25 2005-11-29
- * Added -f file_contexts option to matchpathcon util.
- Fixed warning message in matchpathcon_init().
-
-1.27.24 2005-11-29
- * Merged Makefile python definitions patch from Dan Walsh.
-
-1.27.23 2005-11-28
- * Merged swigify patch from Dan Walsh.
-
-1.27.22 2005-11-15
- * Merged make failure in rpm_execcon non-fatal in permissive mode
- patch from Ivan Gyurdiev.
-
-1.27.21 2005-11-08
- * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
- and modified matchpathcon_init() to skip context translation
- if it is set by the caller.
-
-1.27.20 2005-11-07
- * Added security_canonicalize_context() interface and
- set_matchpathcon_canoncon() interface for obtaining
- canonical contexts. Changed matchpathcon internals
- to obtain canonical contexts by default. Provided
- fallback for kernels that lack extended selinuxfs context
- interface.
-
-1.27.19 2005-11-04
- * Merged seusers parser changes from Ivan Gyurdiev.
- * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
- * Changed seusers parser to reject empty fields.
-
-1.27.18 2005-11-03
- * Merged seusers empty level handling patch from Jonathan Kim (TCS).
-
-1.27.17 2005-10-27
- * Changed default entry for seusers to use __default__ to avoid
- ambiguity with users named "default".
-
-1.27.16 2005-10-27
- * Fixed init_selinux_config() handling of missing /etc/selinux/config
- or missing SELINUXTYPE= definition.
- * Merged selinux_translations_path() patch from Dan Walsh.
-
-1.27.15 2005-10-25
- * Added hidden_proto/def for get_default_context_with_role.
-
-1.27.14 2005-10-25
- * Merged selinux_path() and selinux_homedir_context_path()
- functions from Joshua Brindle.
-
-1.27.13 2005-10-19
- * Merged fixes for make DESTDIR= builds from Joshua Brindle.
-
-1.27.12 2005-10-18
- * Merged get_default_context_with_rolelevel and man pages from
- Dan Walsh (Red Hat).
-
-1.27.11 2005-10-18
- * Updated call to sepol_policydb_to_image for sepol changes.
-
-1.27.10 2005-10-17
- * Changed getseuserbyname to ignore empty lines and to handle
- no matching entry in the same manner as no seusers file.
-
-1.27.9 2005-10-13
- * Changed selinux_mkload_policy to try downgrading the
- latest policy version available to the kernel-supported version.
-
-1.27.8 2005-10-11
- * Changed selinux_mkload_policy to fall back to the maximum
- policy version supported by libsepol if the kernel policy version
- falls outside of the supported range.
-
-1.27.7 2005-10-06
- * Changed getseuserbyname to fall back to the Linux username and
- NULL level if seusers config file doesn't exist unless
- REQUIRESEUSERS=1 is set in /etc/selinux/config.
- * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
-
-1.27.6 2005-10-06
- * Added selinux_init_load_policy() function as an even higher level
- interface for the initial policy load by /sbin/init. This obsoletes
- the load_policy() function in the sysvinit-selinux.patch.
-
-1.27.5 2005-10-06
- * Added selinux_mkload_policy() function as a higher level interface
- for loading policy than the security_load_policy() interface.
-
-1.27.4 2005-10-05
- * Merged fix for matchpathcon (regcomp error checking) from Johan
- Fischer. Also added use of regerror to obtain the error string
- for inclusion in the error message.
-
-1.27.3 2005-10-03
- * Changed getseuserbyname to not require (and ignore if present)
- the MLS level in seusers.conf if MLS is disabled, setting *level
- to NULL in this case.
-
-1.27.2 2005-09-30
- * Merged getseuserbyname patch from Dan Walsh.
-
-1.27.1 2005-09-19
- * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
- This allows file_contexts with MLS fields to be processed on
- non-MLS-enabled systems with policies that are otherwise
- identical (e.g. same type definitions).
- * Merged get_ordered_context_list_with_level() function from
- Dan Walsh, and added get_default_context_with_level().
- This allows MLS level selection for users other than the
- default level.
-
-1.26 2005-09-06
- * Updated version for release.
-
-1.25.7 2005-09-01
- * Merged modified form of patch to avoid dlopen/dlclose by
- the static libselinux from Dan Walsh. Users of the static libselinux
- will not have any context translation by default.
-
-1.25.6 2005-08-31
- * Added public functions to export context translation to
- users of libselinux (selinux_trans_to_raw_context,
- selinux_raw_to_trans_context).
-
-1.25.5 2005-08-26
- * Remove special definition for context_range_set; use
- common code.
-
-1.25.4 2005-08-25
- * Hid translation-related symbols entirely and ensured that
- raw functions have hidden definitions for internal use.
- * Allowed setting NULL via context_set* functions.
- * Allowed whitespace in MLS component of context.
- * Changed rpm_execcon to use translated functions to workaround
- lack of MLS level on upgraded systems.
-
-1.25.3 2005-08-23
- * Merged context translation patch, originally by TCS,
- with modifications by Dan Walsh (Red Hat).
-
-1.25.2 2005-08-11
- * Merged several fixes for error handling paths in the
- AVC sidtab, matchpathcon, booleans, context, and get_context_list
- code from Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.25.1 2005-08-10
- * Removed setupns; migrated to pam.
- * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
- Original symbol is temporarily retained for compatibility until
- all callers are updated.
-
-1.24 2005-06-20
- * Updated version for release.
-
-1.23.12 2005-06-13
- * Merged security_setupns() from Chad Sellers.
-
-1.23.11 2005-05-19
- * Merged avcstat and selinux man page from Dan Walsh.
- * Changed security_load_booleans to process booleans.local
- even if booleans file doesn't exist.
-
-1.23.10 2005-04-29
- * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
-
-1.23.9 2005-04-26
- * Rewrote get_ordered_context_list and helpers, including
- changing logic to allow variable MLS fields.
-
-1.23.8 2005-04-25
- * Merged matchpathcon and man page patch from Dan Walsh.
-
-1.23.7 2005-04-12
- * Changed boolean functions to return -1 with errno ENOENT
- rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
- mounted).
-
-1.23.6 2005-04-08
- * Fixed bug in matchpathcon_filespec_destroy.
-
-1.23.5 2005-04-05
- * Fixed bug in rpm_execcon error handling path.
-
-1.23.4 2005-04-04
- * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
- * Merged fix for getconlist utility from Andreas Steinmetz.
-
-1.23.3 2005-03-29
- * Merged security_set_boolean_list patch from Dan Walsh.
- This introduces booleans.local support for setsebool.
-
-1.23.2 2005-03-17
- * Merged destructors patch from Tomas Mraz.
-
-1.23.1 2005-03-16
- * Added set_matchpathcon_flags() function for setting flags
- controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
- means only process the base file_contexts file, not
- file_contexts.homedirs or file_contexts.local, and is for use by
- setfiles -c.
- * Updated matchpathcon.3 man page.
-
-1.22 2005-03-09
- * Updated version for release.
-
-1.21.13 2005-03-08
- * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
-
-1.21.12 2005-03-01
- * Changed matchpathcon_common to ignore any non-format bits in the mode.
-
-1.21.11 2005-02-22
- * Merged several fixes from Ulrich Drepper.
-
-1.21.10 2005-02-17
- * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
- * Added selinux_users_path() for path to directory containing
- system.users and local.users.
-
-1.21.9 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.21.8 2005-02-07
- * Regenerated av_permissions.h.
-
-1.21.7 2005-02-01
- * Modified avc_dump_av to explicitly check for any permissions that
- cannot be mapped to string names and display them as a hex value.
-
-1.21.6 2005-01-31
- * Regenerated av_permissions.h.
-
-1.21.5 2005-01-28
- * Generalized matchpathcon internals, exported more interfaces,
- and moved additional code from setfiles into libselinux so that
- setfiles can directly use matchpathcon.
-
-1.21.4 2005-01-27
- * Prevent overflow of spec array in matchpathcon.
-
-1.21.3 2005-01-26
- * Fixed several uses of internal functions to avoid relocations.
- * Changed rpm_execcon to check is_selinux_enabled() and fallback to
- a regular execve if not enabled (or unable to determine due to a lack
- of /proc, e.g. chroot'd environment).
-
-
-1.21.2 2005-01-24
- * Merged minor fix for avcstat from Dan Walsh.
-
-1.21.1 2005-01-19
- * Merged patch from Dan Walsh, including:
- - new is_context_customizable function
- - changed matchpathcon to also use file_contexts.local if present
- - man page cleanups
-
-1.20 2005-01-04
- * Changed matchpathcon to return -1 with errno ENOENT for
- <<none>> entries, and also for an empty file_contexts configuration.
- * Removed some trivial utils that were not useful or redundant.
- * Changed BINDIR default to /usr/sbin to match change in Fedora.
- * Added security_compute_member.
- * Added man page for setcon.
- * Merged more man pages from Dan Walsh.
- * Merged avcstat from James Morris.
- * Merged build fix for mips from Manoj Srivastava.
- * Merged C++ support from John Ramsdell of MITRE.
- * Merged setcon() function from Darrel Goeddel of TCS.
- * Merged setsebool/togglesebool enhancement from Steve Grubb.
- * Merged cleanup patches from Steve Grubb.
-
-1.18 2004-11-01
- * Merged cleanup patches from Steve Grubb.
- * Added rpm_execcon.
- * Merged setenforce and removable context patch from Dan Walsh.
- * Merged build fix for alpha from Ulrich Drepper.
- * Removed copyright/license from selinux_netlink.h - definitions only.
- * Merged matchmediacon from Dan Walsh.
- * Regenerated headers for new nscd permissions.
- * Added get_default_context_with_role.
- * Added set_matchpathcon_printf.
- * Reworked av_inherit.h to allow easier re-use by kernel.
- * Changed avc_has_perm_noaudit to not fail on netlink errors.
- * Changed avc netlink code to check pid based on patch by Steve Grubb.
- * Merged second optimization patch from Ulrich Drepper.
- * Changed matchpathcon to skip invalid file_contexts entries.
- * Made string tables private to libselinux.
- * Merged strcat->stpcpy patch from Ulrich Drepper.
- * Merged matchpathcon man page from Dan Walsh.
- * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
- * Autobind netlink socket.
- * Dropped compatibility code from security_compute_user.
- * Merged fix for context_range_set from Chad Hanson.
- * Merged allocation failure checking patch from Chad Hanson.
- * Merged avc netlink error message patch from Colin Walters.
-
-1.16 2004-08-19
- * Regenerated headers for nscd class.
- * Merged man pages from Dan Walsh.
- * Merged context_new bug fix for MLS ranges from Chad Hanson.
- * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
- * Renamed change_bool and show_bools to setsebool and getsebool.
- * Merged security_load_booleans() function from Dan Walsh.
- * Added selinux_booleans_path() function.
- * Changed avc_init function prototype to use const.
- * Regenerated headers for crontab permission.
- * Added checkAccess from Dan Walsh.
- * Merged getenforce patch from Dan Walsh.
- * Regenerated headers for dbus classes.
-
-1.14 2004-06-16
- * Regenerated headers for fine-grained netlink classes.
- * Merged selinux_config bug fix from Dan Walsh.
- * Added userspace AVC man pages.
- * Added man links for API calls to existing man pages documenting them.
- * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
- * Merged patch to determine config file paths at runtime to support
- reorganized layout.
- * Regenerated flask headers with stable ordering.
- * Merged patch for man pages from Russell Coker.
-
-1.12 2004-05-10
- * Updated flask files to include new SE-X security classes.
- * Added security_disable function for runtime disable of SELinux prior
- to initial policy load (for /sbin/init).
- * Changed get_ordered_context_list to omit any reachable contexts
- that are not explicitly listed in default_contexts, unless there
- are no matches.
- * Merged man pages from Russell Coker and Dan Walsh.
- * Merged memory leak fixes from Dan Walsh.
- * Merged policyvers errno patch from Chris PeBenito.
-
-1.10 2004-04-05
- * Merged getenforce patch from Dan Walsh.
- * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
- the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
- Based on a patch by Russell Coker.
- * Merged matchpathcon buffer size fix from Dan Walsh.
-
-1.8 2004-03-09
- * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
- * Added matchpathcon function.
- * Updated userspace AVC to handle netlink selinux notifications.
-
-1.6 2004-02-18
- * Merged conditional policy extensions from Tresys Technology.
- * Added userspace avc and SID table implementation.
- * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
- * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
- * Changed to use getpwnam_r rather than getpwnam internally to
- avoid clobbering any existing pwd struct obtained by the caller.
- * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
- and handle allocation ala getfilecon.
- * Changed is_selinux_enabled to return -1 on errors.
- * Changed to discover selinuxfs mount point via /proc/mounts
- so that the mount point can be changed without rebuilding.
-
-1.4 2003-12-01
- * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
- * Regenerate headers for new permissions.
- * Merged static lib build patch from Bastian Blank and Joerg Hoh.
- * Export SELINUXMNT definition, add SELINUXPOLICY definition.
- * Add functions to provide access to enforce and policyvers.
- * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
- * Fixed type for 'size' in *getfilecon.
- * Dropped -lattr and changed #include's to <sys/xattr.h>
- * Merged patch to move shared library to /lib from Dan Walsh.
- * Changed get_ordered_context_list to support a failsafe context.
- * Added selinuxenabled utility.
- * Merged const patch from Thorsten Kukuk.
-
-1.2 2003-09-30
- * Change is_selinux_enabled to fail if policy isn't loaded.
- * Changed Makefiles to allow non-root rpm builds.
- * Added -lattr for libselinux.so to ensure proper binding.
-
-1.1 2003-08-13
- * Ensure that context strings are padded with a null byte
- in case the kernel didn't include one.
- * Regenerate headers, update helpers.c for code cleanup.
- * Pass soname flag to linker (Colin Walters).
- * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
-
-1.0 2003-07-11
- * Initial public release.
Copied: tags/libselinux_1_30_30/libselinux/ChangeLog (from rev 2049, trunk/libselinux/ChangeLog)
===================================================================
--- tags/libselinux_1_30_30/libselinux/ChangeLog (rev 0)
+++ tags/libselinux_1_30_30/libselinux/ChangeLog 2006-10-06 00:17:46 UTC (rev 2050)
@@ -0,0 +1,562 @@
+1.30.30 2006-10-05
+ * Merged patch from Darrel Goeddel to always use untranslated
+ contexts in the userspace AVC.
+
+1.30.29 2006-09-29
+ * Merged av_permissions.h update from Steve Grubb,
+ adding setsockcreate and polmatch definitions.
+
+1.30.28 2006-09-13
+ * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+ * Merged c++ class identifier fix from Joe Nall.
+
+1.30.27 2006-08-24
+ * Merged patch to not log avc stats upon a reset from Steve Grubb.
+ * Applied patch to revert compat_net setting upon policy load.
+
+1.30.26 2006-08-11
+ * Merged file context homedir and local path functions from
+ Chris PeBenito.
+
+1.30.25 2006-08-11
+ * Rework functions that access /proc/pid/attr to access the
+ per-thread nodes, and unify the code to simplify maintenance.
+
+1.30.24 2006-08-10
+ * Merged return value fix for *getfilecon() from Dan Walsh.
+
+1.30.23 2006-08-10
+ * Merged sockcreate interfaces from Eric Paris.
+
+1.30.22 2006-08-03
+ * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
+
+1.30.21 2006-08-03
+ * Merged netfilter_contexts support patch from Chris PeBenito.
+
+1.30.20 2006-08-01
+ * Merged context_*_set errno patch from Jim Meyering.
+
+1.30.19 2006-06-29
+ * Lindent.
+
+1.30.18 2006-06-27
+ * Merged {get,set}procattrcon patch set from Eric Paris.
+ * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
+
+1.30.17 2006-06-27
+ * Regenerated Flask headers from refpolicy.
+
+1.30.16 2006-06-26
+ * Merged patch from Dan Walsh with:
+ - Added selinux_file_context_{cmp,verify}.
+ - Added selinux_lsetfilecon_default.
+ - Delay translation of contexts in matchpathcon.
+
+1.30.15 2006-06-16
+ * Merged patch from Dan Walsh with:
+ * Added selinux_getpolicytype() function.
+ * Modified setrans code to skip processing if !mls_enabled.
+
+1.30.14 2006-06-16
+ * Set errno in the !selinux_mnt case.
+
+1.30.13 2006-06-02
+ * Allocate large buffers from the heap, not on stack.
+ Affects is_context_customizable, selinux_init_load_policy,
+ and selinux_getenforcemode.
+
+1.30.12 2006-06-02
+ * Merged !selinux_mnt checks from Ian Kent.
+
+1.30.11 2006-05-24
+ * Merged matchmediacon and trans_to_raw_context fixes from
+ Serge Hallyn.
+
+1.30.10 2006-05-22
+ * Merged simple setrans client cache from Dan Walsh.
+ Merged avcstat patch from Russell Coker.
+
+1.30.9 2006-05-22
+ * Modified selinux_mkload_policy() to also set /selinux/compat_net
+ appropriately for the loaded policy.
+
+1.30.8 2006-05-17
+ * Added matchpathcon_fini() function to free memory allocated by
+ matchpathcon_init().
+
+1.30.7 2006-05-16
+ * Merged setrans client cleanup patch from Steve Grubb.
+
+1.30.6 2006-05-08
+ * Merged getfscreatecon man page fix from Dan Walsh.
+ * Updated booleans(8) man page to drop references to the old
+ booleans file and to note that setsebool can be used to set
+ the boot-time defaults via -P.
+
+1.30.5 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.30.4 2006-05-05
+ * Merged setrans client support from Dan Walsh.
+ This removes use of libsetrans.
+ * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
+ * Merged swig typemap fixes from Glauber de Oliveira Costa.
+
+1.30.3 2006-04-12
+ * Added distclean target to Makefile.
+ * Regenerated swig files.
+
+1.30.2 2006-04-11
+ * Changed matchpathcon_init to verify that the spec file is
+ a regular file.
+ * Merged python binding t_output_helper removal patch from Dan Walsh.
+
+1.30.1 2006-03-20
+ * Merged Makefile PYLIBVER definition patch from Dan Walsh.
+
+1.30 2006-03-14
+ * Updated version for release.
+
+1.29.8 2006-02-27
+ * Altered rpm_execcon fallback logic for permissive mode to also
+ handle case where /selinux/enforce is not available.
+
+1.29.7 2006-01-20
+ * Merged install-pywrap Makefile patch from Joshua Brindle.
+
+1.29.6 2006-01-18
+ * Merged pywrap Makefile patch from Dan Walsh.
+
+1.29.5 2006-01-11
+ * Added getseuser test program.
+
+1.29.4 2006-01-06
+ * Added format attribute to myprintf in matchpathcon.c and
+ removed obsoleted rootlen variable in init_selinux_config().
+
+1.29.3 2006-01-04
+ * Merged several fixes and improvements from Ulrich Drepper
+ (Red Hat), including:
+ - corrected use of getline
+ - further calls to __fsetlocking for local files
+ - use of strdupa and asprintf
+ - proper handling of dirent in booleans code
+ - use of -z relro
+ - several other optimizations
+ * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
+
+1.29.2 2005-12-14
+ * Merged call to finish_context_translations from Dan Walsh.
+ This eliminates a memory leak from failing to release memory
+ allocated by libsetrans.
+
+1.29.1 2005-12-08
+ * Merged patch for swig interfaces from Dan Walsh.
+
+1.28 2005-12-07
+ * Updated version for release.
+
+1.27.28 2005-12-01
+ * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
+ modified matchpathcon implementation to make context validation/
+ canonicalization optional at matchpathcon_init time, deferring it
+ to a successful matchpathcon by default unless the new flag is set
+ by the caller.
+
+1.27.27 2005-12-01
+ * Added matchpathcon_init_prefix() interface, and
+ reworked matchpathcon implementation to support selective
+ loading of file contexts entries based on prefix matching
+ between the pathname regex stems and the specified path
+ prefix (stem must be a prefix of the specified path prefix).
+
+1.27.26 2005-11-29
+ * Merged getsebool patch from Dan Walsh.
+
+1.27.25 2005-11-29
+ * Added -f file_contexts option to matchpathcon util.
+ Fixed warning message in matchpathcon_init().
+
+1.27.24 2005-11-29
+ * Merged Makefile python definitions patch from Dan Walsh.
+
+1.27.23 2005-11-28
+ * Merged swigify patch from Dan Walsh.
+
+1.27.22 2005-11-15
+ * Merged make failure in rpm_execcon non-fatal in permissive mode
+ patch from Ivan Gyurdiev.
+
+1.27.21 2005-11-08
+ * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
+ and modified matchpathcon_init() to skip context translation
+ if it is set by the caller.
+
+1.27.20 2005-11-07
+ * Added security_canonicalize_context() interface and
+ set_matchpathcon_canoncon() interface for obtaining
+ canonical contexts. Changed matchpathcon internals
+ to obtain canonical contexts by default. Provided
+ fallback for kernels that lack extended selinuxfs context
+ interface.
+
+1.27.19 2005-11-04
+ * Merged seusers parser changes from Ivan Gyurdiev.
+ * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
+ * Changed seusers parser to reject empty fields.
+
+1.27.18 2005-11-03
+ * Merged seusers empty level handling patch from Jonathan Kim (TCS).
+
+1.27.17 2005-10-27
+ * Changed default entry for seusers to use __default__ to avoid
+ ambiguity with users named "default".
+
+1.27.16 2005-10-27
+ * Fixed init_selinux_config() handling of missing /etc/selinux/config
+ or missing SELINUXTYPE= definition.
+ * Merged selinux_translations_path() patch from Dan Walsh.
+
+1.27.15 2005-10-25
+ * Added hidden_proto/def for get_default_context_with_role.
+
+1.27.14 2005-10-25
+ * Merged selinux_path() and selinux_homedir_context_path()
+ functions from Joshua Brindle.
+
+1.27.13 2005-10-19
+ * Merged fixes for make DESTDIR= builds from Joshua Brindle.
+
+1.27.12 2005-10-18
+ * Merged get_default_context_with_rolelevel and man pages from
+ Dan Walsh (Red Hat).
+
+1.27.11 2005-10-18
+ * Updated call to sepol_policydb_to_image for sepol changes.
+
+1.27.10 2005-10-17
+ * Changed getseuserbyname to ignore empty lines and to handle
+ no matching entry in the same manner as no seusers file.
+
+1.27.9 2005-10-13
+ * Changed selinux_mkload_policy to try downgrading the
+ latest policy version available to the kernel-supported version.
+
+1.27.8 2005-10-11
+ * Changed selinux_mkload_policy to fall back to the maximum
+ policy version supported by libsepol if the kernel policy version
+ falls outside of the supported range.
+
+1.27.7 2005-10-06
+ * Changed getseuserbyname to fall back to the Linux username and
+ NULL level if seusers config file doesn't exist unless
+ REQUIRESEUSERS=1 is set in /etc/selinux/config.
+ * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
+
+1.27.6 2005-10-06
+ * Added selinux_init_load_policy() function as an even higher level
+ interface for the initial policy load by /sbin/init. This obsoletes
+ the load_policy() function in the sysvinit-selinux.patch.
+
+1.27.5 2005-10-06
+ * Added selinux_mkload_policy() function as a higher level interface
+ for loading policy than the security_load_policy() interface.
+
+1.27.4 2005-10-05
+ * Merged fix for matchpathcon (regcomp error checking) from Johan
+ Fischer. Also added use of regerror to obtain the error string
+ for inclusion in the error message.
+
+1.27.3 2005-10-03
+ * Changed getseuserbyname to not require (and ignore if present)
+ the MLS level in seusers.conf if MLS is disabled, setting *level
+ to NULL in this case.
+
+1.27.2 2005-09-30
+ * Merged getseuserbyname patch from Dan Walsh.
+
+1.27.1 2005-09-19
+ * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
+ This allows file_contexts with MLS fields to be processed on
+ non-MLS-enabled systems with policies that are otherwise
+ identical (e.g. same type definitions).
+ * Merged get_ordered_context_list_with_level() function from
+ Dan Walsh, and added get_default_context_with_level().
+ This allows MLS level selection for users other than the
+ default level.
+
+1.26 2005-09-06
+ * Updated version for release.
+
+1.25.7 2005-09-01
+ * Merged modified form of patch to avoid dlopen/dlclose by
+ the static libselinux from Dan Walsh. Users of the static libselinux
+ will not have any context translation by default.
+
+1.25.6 2005-08-31
+ * Added public functions to export context translation to
+ users of libselinux (selinux_trans_to_raw_context,
+ selinux_raw_to_trans_context).
+
+1.25.5 2005-08-26
+ * Remove special definition for context_range_set; use
+ common code.
+
+1.25.4 2005-08-25
+ * Hid translation-related symbols entirely and ensured that
+ raw functions have hidden definitions for internal use.
+ * Allowed setting NULL via context_set* functions.
+ * Allowed whitespace in MLS component of context.
+ * Changed rpm_execcon to use translated functions to workaround
+ lack of MLS level on upgraded systems.
+
+1.25.3 2005-08-23
+ * Merged context translation patch, originally by TCS,
+ with modifications by Dan Walsh (Red Hat).
+
+1.25.2 2005-08-11
+ * Merged several fixes for error handling paths in the
+ AVC sidtab, matchpathcon, booleans, context, and get_context_list
+ code from Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.25.1 2005-08-10
+ * Removed setupns; migrated to pam.
+ * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
+ Original symbol is temporarily retained for compatibility until
+ all callers are updated.
+
+1.24 2005-06-20
+ * Updated version for release.
+
+1.23.12 2005-06-13
+ * Merged security_setupns() from Chad Sellers.
+
+1.23.11 2005-05-19
+ * Merged avcstat and selinux man page from Dan Walsh.
+ * Changed security_load_booleans to process booleans.local
+ even if booleans file doesn't exist.
+
+1.23.10 2005-04-29
+ * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
+
+1.23.9 2005-04-26
+ * Rewrote get_ordered_context_list and helpers, including
+ changing logic to allow variable MLS fields.
+
+1.23.8 2005-04-25
+ * Merged matchpathcon and man page patch from Dan Walsh.
+
+1.23.7 2005-04-12
+ * Changed boolean functions to return -1 with errno ENOENT
+ rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
+ mounted).
+
+1.23.6 2005-04-08
+ * Fixed bug in matchpathcon_filespec_destroy.
+
+1.23.5 2005-04-05
+ * Fixed bug in rpm_execcon error handling path.
+
+1.23.4 2005-04-04
+ * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
+ * Merged fix for getconlist utility from Andreas Steinmetz.
+
+1.23.3 2005-03-29
+ * Merged security_set_boolean_list patch from Dan Walsh.
+ This introduces booleans.local support for setsebool.
+
+1.23.2 2005-03-17
+ * Merged destructors patch from Tomas Mraz.
+
+1.23.1 2005-03-16
+ * Added set_matchpathcon_flags() function for setting flags
+ controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
+ means only process the base file_contexts file, not
+ file_contexts.homedirs or file_contexts.local, and is for use by
+ setfiles -c.
+ * Updated matchpathcon.3 man page.
+
+1.22 2005-03-09
+ * Updated version for release.
+
+1.21.13 2005-03-08
+ * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
+
+1.21.12 2005-03-01
+ * Changed matchpathcon_common to ignore any non-format bits in the mode.
+
+1.21.11 2005-02-22
+ * Merged several fixes from Ulrich Drepper.
+
+1.21.10 2005-02-17
+ * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
+ * Added selinux_users_path() for path to directory containing
+ system.users and local.users.
+
+1.21.9 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.21.8 2005-02-07
+ * Regenerated av_permissions.h.
+
+1.21.7 2005-02-01
+ * Modified avc_dump_av to explicitly check for any permissions that
+ cannot be mapped to string names and display them as a hex value.
+
+1.21.6 2005-01-31
+ * Regenerated av_permissions.h.
+
+1.21.5 2005-01-28
+ * Generalized matchpathcon internals, exported more interfaces,
+ and moved additional code from setfiles into libselinux so that
+ setfiles can directly use matchpathcon.
+
+1.21.4 2005-01-27
+ * Prevent overflow of spec array in matchpathcon.
+
+1.21.3 2005-01-26
+ * Fixed several uses of internal functions to avoid relocations.
+ * Changed rpm_execcon to check is_selinux_enabled() and fallback to
+ a regular execve if not enabled (or unable to determine due to a lack
+ of /proc, e.g. chroot'd environment).
+
+
+1.21.2 2005-01-24
+ * Merged minor fix for avcstat from Dan Walsh.
+
+1.21.1 2005-01-19
+ * Merged patch from Dan Walsh, including:
+ - new is_context_customizable function
+ - changed matchpathcon to also use file_contexts.local if present
+ - man page cleanups
+
+1.20 2005-01-04
+ * Changed matchpathcon to return -1 with errno ENOENT for
+ <<none>> entries, and also for an empty file_contexts configuration.
+ * Removed some trivial utils that were not useful or redundant.
+ * Changed BINDIR default to /usr/sbin to match change in Fedora.
+ * Added security_compute_member.
+ * Added man page for setcon.
+ * Merged more man pages from Dan Walsh.
+ * Merged avcstat from James Morris.
+ * Merged build fix for mips from Manoj Srivastava.
+ * Merged C++ support from John Ramsdell of MITRE.
+ * Merged setcon() function from Darrel Goeddel of TCS.
+ * Merged setsebool/togglesebool enhancement from Steve Grubb.
+ * Merged cleanup patches from Steve Grubb.
+
+1.18 2004-11-01
+ * Merged cleanup patches from Steve Grubb.
+ * Added rpm_execcon.
+ * Merged setenforce and removable context patch from Dan Walsh.
+ * Merged build fix for alpha from Ulrich Drepper.
+ * Removed copyright/license from selinux_netlink.h - definitions only.
+ * Merged matchmediacon from Dan Walsh.
+ * Regenerated headers for new nscd permissions.
+ * Added get_default_context_with_role.
+ * Added set_matchpathcon_printf.
+ * Reworked av_inherit.h to allow easier re-use by kernel.
+ * Changed avc_has_perm_noaudit to not fail on netlink errors.
+ * Changed avc netlink code to check pid based on patch by Steve Grubb.
+ * Merged second optimization patch from Ulrich Drepper.
+ * Changed matchpathcon to skip invalid file_contexts entries.
+ * Made string tables private to libselinux.
+ * Merged strcat->stpcpy patch from Ulrich Drepper.
+ * Merged matchpathcon man page from Dan Walsh.
+ * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
+ * Autobind netlink socket.
+ * Dropped compatibility code from security_compute_user.
+ * Merged fix for context_range_set from Chad Hanson.
+ * Merged allocation failure checking patch from Chad Hanson.
+ * Merged avc netlink error message patch from Colin Walters.
+
+1.16 2004-08-19
+ * Regenerated headers for nscd class.
+ * Merged man pages from Dan Walsh.
+ * Merged context_new bug fix for MLS ranges from Chad Hanson.
+ * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
+ * Renamed change_bool and show_bools to setsebool and getsebool.
+ * Merged security_load_booleans() function from Dan Walsh.
+ * Added selinux_booleans_path() function.
+ * Changed avc_init function prototype to use const.
+ * Regenerated headers for crontab permission.
+ * Added checkAccess from Dan Walsh.
+ * Merged getenforce patch from Dan Walsh.
+ * Regenerated headers for dbus classes.
+
+1.14 2004-06-16
+ * Regenerated headers for fine-grained netlink classes.
+ * Merged selinux_config bug fix from Dan Walsh.
+ * Added userspace AVC man pages.
+ * Added man links for API calls to existing man pages documenting them.
+ * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
+ * Merged patch to determine config file paths at runtime to support
+ reorganized layout.
+ * Regenerated flask headers with stable ordering.
+ * Merged patch for man pages from Russell Coker.
+
+1.12 2004-05-10
+ * Updated flask files to include new SE-X security classes.
+ * Added security_disable function for runtime disable of SELinux prior
+ to initial policy load (for /sbin/init).
+ * Changed get_ordered_context_list to omit any reachable contexts
+ that are not explicitly listed in default_contexts, unless there
+ are no matches.
+ * Merged man pages from Russell Coker and Dan Walsh.
+ * Merged memory leak fixes from Dan Walsh.
+ * Merged policyvers errno patch from Chris PeBenito.
+
+1.10 2004-04-05
+ * Merged getenforce patch from Dan Walsh.
+ * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
+ the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
+ Based on a patch by Russell Coker.
+ * Merged matchpathcon buffer size fix from Dan Walsh.
+
+1.8 2004-03-09
+ * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
+ * Added matchpathcon function.
+ * Updated userspace AVC to handle netlink selinux notifications.
+
+1.6 2004-02-18
+ * Merged conditional policy extensions from Tresys Technology.
+ * Added userspace avc and SID table implementation.
+ * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
+ * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
+ * Changed to use getpwnam_r rather than getpwnam internally to
+ avoid clobbering any existing pwd struct obtained by the caller.
+ * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
+ and handle allocation ala getfilecon.
+ * Changed is_selinux_enabled to return -1 on errors.
+ * Changed to discover selinuxfs mount point via /proc/mounts
+ so that the mount point can be changed without rebuilding.
+
+1.4 2003-12-01
+ * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
+ * Regenerate headers for new permissions.
+ * Merged static lib build patch from Bastian Blank and Joerg Hoh.
+ * Export SELINUXMNT definition, add SELINUXPOLICY definition.
+ * Add functions to provide access to enforce and policyvers.
+ * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
+ * Fixed type for 'size' in *getfilecon.
+ * Dropped -lattr and changed #include's to <sys/xattr.h>
+ * Merged patch to move shared library to /lib from Dan Walsh.
+ * Changed get_ordered_context_list to support a failsafe context.
+ * Added selinuxenabled utility.
+ * Merged const patch from Thorsten Kukuk.
+
+1.2 2003-09-30
+ * Change is_selinux_enabled to fail if policy isn't loaded.
+ * Changed Makefiles to allow non-root rpm builds.
+ * Added -lattr for libselinux.so to ensure proper binding.
+
+1.1 2003-08-13
+ * Ensure that context strings are padded with a null byte
+ in case the kernel didn't include one.
+ * Regenerate headers, update helpers.c for code cleanup.
+ * Pass soname flag to linker (Colin Walters).
+ * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
+
+1.0 2003-07-11
+ * Initial public release.
Deleted: tags/libselinux_1_30_30/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-09-29 15:44:05 UTC (rev 2047)
+++ tags/libselinux_1_30_30/libselinux/VERSION 2006-10-06 00:17:46 UTC (rev 2050)
@@ -1 +0,0 @@
-1.30.29
Copied: tags/libselinux_1_30_30/libselinux/VERSION (from rev 2049, trunk/libselinux/VERSION)
===================================================================
--- tags/libselinux_1_30_30/libselinux/VERSION (rev 0)
+++ tags/libselinux_1_30_30/libselinux/VERSION 2006-10-06 00:17:46 UTC (rev 2050)
@@ -0,0 +1 @@
+1.30.30
Deleted: tags/libselinux_1_30_30/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2006-09-29 15:44:05 UTC (rev 2047)
+++ tags/libselinux_1_30_30/libselinux/include/selinux/avc.h 2006-10-06 00:17:46 UTC (rev 2050)
@@ -1,365 +0,0 @@
-/*
- * Access vector cache interface for object managers.
- *
- * Author : Eamon Walsh <ew...@ep...>
- */
-#ifndef _SELINUX_AVC_H_
-#define _SELINUX_AVC_H_
-
-#include <sys/types.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <selinux/selinux.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * SID format and operations
- */
- struct security_id {
- security_context_t ctx;
- unsigned int refcnt;
- };
- typedef struct security_id *security_id_t;
-
-#define SECSID_WILD (security_id_t)NULL /* unspecified SID */
-
-/**
- * avc_sid_to_context - get copy of context corresponding to SID.
- * @sid: input SID
- * @ctx: pointer to context reference
- *
- * Return a copy of the security context corresponding to the input
- * @sid in the memory referenced by @ctx. The caller is expected to
- * free the context with freecon(). Return %0 on success, -%1 on
- * failure, with @errno set to %ENOMEM if insufficient memory was
- * available to make the copy, or %EINVAL if the input SID is invalid.
- */
- int avc_sid_to_context(security_id_t sid, security_context_t * ctx);
-
-/**
- * avc_context_to_sid - get SID for context.
- * @ctx: input security context
- * @sid: pointer to SID reference
- *
- * Look up security context @ctx in SID table, making
- * a new entry if @ctx is not found. Increment the
- * reference counter for the SID. Store a pointer
- * to the SID structure into the memory referenced by @sid,
- * returning %0 on success or -%1 on error with @errno set.
- */
- int avc_context_to_sid(security_context_t ctx, security_id_t * sid);
-
-/**
- * sidget - increment SID reference counter.
- * @sid: SID reference
- *
- * Increment the reference counter for @sid, indicating that
- * @sid is in use by an (additional) object. Return the
- * new reference count, or zero if @sid is invalid (has zero
- * reference count). Note that avc_context_to_sid() also
- * increments reference counts.
- */
- int sidget(security_id_t sid);
-
-/**
- * sidput - decrement SID reference counter.
- * @sid: SID reference
- *
- * Decrement the reference counter for @sid, indicating that
- * a reference to @sid is no longer in use. Return the
- * new reference count. When the reference count reaches
- * zero, the SID is invalid, and avc_context_to_sid() must
- * be called to obtain a new SID for the security context.
- */
- int sidput(security_id_t sid);
-
-/*
- * AVC entry
- */
- struct avc_entry;
- struct avc_entry_ref {
- struct avc_entry *ae;
- };
-
-/**
- * avc_entry_ref_init - initialize an AVC entry reference.
- * @aeref: pointer to avc entry reference structure
- *
- * Use this macro to initialize an avc entry reference structure
- * before first use. These structures are passed to avc_has_perm(),
- * which stores cache entry references in them. They can increase
- * performance on repeated queries.
- */
-#define avc_entry_ref_init(aeref) ((aeref)->ae = NULL)
-
-/*
- * User-provided callbacks for memory, auditing, and locking
- */
-
-/* These structures are passed by reference to avc_init(). Passing
- * a NULL reference will cause the AVC to use a default. The default
- * memory callbacks are malloc() and free(). The default logging method
- * is to print on stderr. If no thread callbacks are passed, a separate
- * listening thread won't be started for kernel policy change messages.
- * If no locking callbacks are passed, no locking will take place.
- */
- struct avc_memory_callback {
- /* malloc() equivalent. */
- void *(*func_malloc) (size_t size);
- /* free() equivalent. */
- void (*func_free) (void *ptr);
- /* Note that these functions should set errno on failure.
- If not, some avc routines may return -1 without errno set. */
- };
-
- struct avc_log_callback {
- /* log the printf-style format and arguments. */
- void (*func_log) (const char *fmt, ...);
- /* store a string representation of auditdata (corresponding
- to the given security class) into msgbuf. */
- void (*func_audit) (void *auditdata, security_class_t cls,
- char *msgbuf, size_t msgbufsize);
- };
-
- struct avc_thread_callback {
- /* create and start a thread, returning an opaque pointer to it;
- the thread should run the given function. */
- void *(*func_create_thread) (void (*run) (void));
- /* cancel a given thread and free its resources. */
- void (*func_stop_thread) (void *thread);
- };
-
- struct avc_lock_callback {
- /* create a lock and return an opaque pointer to it. */
- void *(*func_alloc_lock) (void);
- /* obtain a given lock, blocking if necessary. */
- void (*func_get_lock) (void *lock);
- /* release a given lock. */
- void (*func_release_lock) (void *lock);
- /* destroy a given lock (free memory, etc.) */
- void (*func_free_lock) (void *lock);
- };
-
-/*
- * AVC operations
- */
-
-/**
- * avc_init - Initialize the AVC.
- * @msgprefix: prefix for log messages
- * @mem_callbacks: user-supplied memory callbacks
- * @log_callbacks: user-supplied logging callbacks
- * @thread_callbacks: user-supplied threading callbacks
- * @lock_callbacks: user-supplied locking callbacks
- *
- * Initialize the access vector cache. Return %0 on
- * success or -%1 with @errno set on failure.
- * If @msgprefix is NULL, use "uavc". If any callback
- * structure references are NULL, use default methods
- * for those callbacks (see the definition of the callback
- * structures above).
- */
- int avc_init(const char *msgprefix,
- const struct avc_memory_callback *mem_callbacks,
- const struct avc_log_callback *log_callbacks,
- const struct avc_thread_callback *thread_callbacks,
- const struct avc_lock_callback *lock_callbacks);
-
-/**
- * avc_cleanup - Remove unused SIDs and AVC entries.
- *
- * Search the SID table for SID structures with zero
- * reference counts, and remove them along with all
- * AVC entries that reference them. This can be used
- * to return memory to the system.
- */
- void avc_cleanup(void);
-
-/**
- * avc_reset - Flush the cache and reset statistics.
- *
- * Remove all entries from the cache and reset all access
- * statistics (as returned by avc_cache_stats()) to zero.
- * The SID mapping is not affected. Return %0 on success,
- * -%1 with @errno set on error.
- */
- int avc_reset(void);
-
-/**
- * avc_destroy - Free all AVC structures.
- *
- * Destroy all AVC structures and free all allocated
- * memory. User-supplied locking, memory, and audit
- * callbacks will be retained, but security-event
- * callbacks will not. All SID's will be invalidated.
- * User must call avc_init() if further use of AVC is desired.
- */
- void avc_destroy(void);
-
-/**
- * avc_has_perm_noaudit - Check permissions but perform no auditing.
- * @ssid: source security identifier
- * @tsid: target security identifier
- * @tclass: target security class
- * @requested: requested permissions, interpreted based on @tclass
- * @aeref: AVC entry reference
- * @avd: access vector decisions
- *
- * Check the AVC to determine whether the @requested permissions are granted
- * for the SID pair (@ssid, @tsid), interpreting the permissions
- * based on @tclass, and call the security server on a cache miss to obtain
- * a new decision and add it to the cache. Update @aeref to refer to an AVC
- * entry with the resulting decisions, and return a copy of the decisions
- * in @avd. Return %0 if all @requested permissions are granted, -%1 with
- * @errno set to %EACCES if any permissions are denied, or to another value
- * upon other errors. This function is typically called by avc_has_perm(),
- * but may also be called directly to separate permission checking from
- * auditing, e.g. in cases where a lock must be held for the check but
- * should be released for the auditing.
- */
- int avc_has_perm_noaudit(security_id_t ssid,
- security_id_t tsid,
- security_class_t tclass,
- access_vector_t requested,
- struct avc_entry_ref *aeref,
- struct av_decision *avd);
-
-/**
- * avc_has_perm - Check permissions and perform any appropriate auditing.
- * @ssid: source security identifier
- * @tsid: target security identifier
- * @tclass: target security class
- * @requested: requested permissions, interpreted based on @tclass
- * @aeref: AVC entry reference
- * @auditdata: auxiliary audit data
- *
- * Check the AVC to determine whether the @requested permissions are granted
- * for the SID pair (@ssid, @tsid), interpreting the permissions
- * based on @tclass, and call the security server on a cache miss to obtain
- * a new decision and add it to the cache. Update @aeref to refer to an AVC
- * entry with the resulting decisions. Audit the granting or denial of
- * permissions in accordance with the policy. Return %0 if all @requested
- * permissions are granted, -%1 with @errno set to %EACCES if any permissions
- * are denied or to another value upon other errors.
- */
- int avc_has_perm(security_id_t ssid, security_id_t tsid,
- security_class_t tclass, access_vector_t requested,
- struct avc_entry_ref *aeref, void *auditdata);
-
-/**
- * avc_audit - Audit the granting or denial of permissions.
- * @ssid: source security identifier
- * @tsid: target security identifier
- * @tclass: target security class
- * @requested: requested permissions
- * @avd: access vector decisions
- * @result: result from avc_has_perm_noaudit
- * @auditdata: auxiliary audit data
- *
- * Audit the granting or denial of permissions in accordance
- * with the policy. This function is typically called by
- * avc_has_perm() after a permission check, but can also be
- * called directly by callers who use avc_has_perm_noaudit()
- * in order to separate the permission check from the auditing.
- * For example, this separation is useful when the permission check must
- * be performed under a lock, to allow the lock to be released
- * before calling the auditing code.
- */
- void avc_audit(security_id_t ssid, security_id_t tsid,
- security_class_t tclass, access_vector_t requested,
- struct av_decision *avd, int result, void *auditdata);
-
-/*
- * security event callback facility
- */
-
-/* security events */
-#define AVC_CALLBACK_GRANT 1
-#define AVC_CALLBACK_TRY_REVOKE 2
-#define AVC_CALLBACK_REVOKE 4
-#define AVC_CALLBACK_RESET 8
-#define AVC_CALLBACK_AUDITALLOW_ENABLE 16
-#define AVC_CALLBACK_AUDITALLOW_DISABLE 32
-#define AVC_CALLBACK_AUDITDENY_ENABLE 64
-#define AVC_CALLBACK_AUDITDENY_DISABLE 128
-
-/**
- * avc_add_callback - Register a callback for security events.
- * @callback: callback function
- * @events: bitwise OR of desired security events
- * @ssid: source security identifier or %SECSID_WILD
- * @tsid: target security identifier or %SECSID_WILD
- * @tclass: target security class
- * @perms: permissions
- *
- * Register a callback function for events in the set @events
- * related to the SID pair (@ssid, @tsid) and
- * and the permissions @perms, interpreting
- * @perms based on @tclass. Returns %0 on success or
- * -%1 if insufficient memory exists to add the callback.
- */
- int avc_add_callback(int (*callback)
- (u_int32_t event, security_id_t ssid,
- security_id_t tsid, security_class_t tclass,
- access_vector_t perms,
- access_vector_t * out_retained),
- u_int32_t events, security_id_t ssid,
- security_id_t tsid, security_class_t tclass,
- access_vector_t perms);
-
-/*
- * AVC statistics
- */
-
-/* If set, cache statistics are tracked. This may
- * become a compile-time option in the future.
- */
-#define AVC_CACHE_STATS 1
-
- struct avc_cache_stats {
- unsigned entry_lookups;
- unsigned entry_hits;
- unsigned entry_misses;
- unsigned entry_discards;
- unsigned cav_lookups;
- unsigned cav_hits;
- unsigned cav_probes;
- unsigned cav_misses;
- };
-
-/**
- * avc_cache_stats - get cache access statistics.
- * @stats: reference to statistics structure
- *
- * Fill the supplied structure with information about AVC
- * activity since the last call to avc_init() or
- * avc_reset(). See the structure definition for
- * details.
- */
- void avc_cache_stats(struct avc_cache_stats *stats);
-
-/**
- * avc_av_stats - log av table statistics.
- *
- * Log a message with information about the size and
- * distribution of the access vector table. The audit
- * callback is used to print the message.
- */
- void avc_av_stats(void);
-
-/**
- * avc_sid_stats - log SID table statistics.
- *
- * Log a message with information about the size and
- * distribution of the SID table. The audit callback
- * is used to print the message.
- */
- void avc_sid_stats(void);
-
-#ifdef __cplusplus
-}
-#endif
-#endif /* _SELINUX_AVC_H_ */
Copied: tags/libselinux_1_30_30/libselinux/include/selinux/avc.h (from rev 2048, trunk/libselinux/include/selinux/avc.h)
===================================================================
--- tags/libselinux_1_30_30/libselinux/include/selinux/avc.h (rev 0)
+++ tags/libselinux_1_30_30/libselinux/include/selinux/avc.h 2006-10-06 00:17:46 UTC (rev 2050)
@@ -0,0 +1,367 @@
+/*
+ * Access vector cache interface for object managers.
+ *
+ * Author : Eamon Walsh <ew...@ep...>
+ */
+#ifndef _SELINUX_AVC_H_
+#define _SELINUX_AVC_H_
+
+#include <sys/types.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <selinux/selinux.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * SID format and operations
+ */
+ struct security_id {
+ security_context_t ctx;
+ unsigned int refcnt;
+ };
+ typedef struct security_id *security_id_t;
+
+#define SECSID_WILD (security_id_t)NULL /* unspecified SID */
+
+/**
+ * avc_sid_to_context - get copy of context corresponding to SID.
+ * @sid: input SID
+ * @ctx: pointer to context reference
+ *
+ * Return a copy of the security context corresponding to the input
+ * @sid in the memory referenced by @ctx. The caller is expected to
+ * free the context with freecon(). Return %0 on success, -%1 on
+ * failure, with @errno set to %ENOMEM if insufficient memory was
+ * available to make the copy, or %EINVAL if the input SID is invalid.
+ */
+ int avc_sid_to_context(security_id_t sid, security_context_t * ctx);
+ int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx);
+
+/**
+ * avc_context_to_sid - get SID for context.
+ * @ctx: input security context
+ * @sid: pointer to SID reference
+ *
+ * Look up security context @ctx in SID table, making
+ * a new entry if @ctx is not found. Increment the
+ * reference counter for the SID. Store a pointer
+ * to the SID structure into the memory referenced by @sid,
+ * returning %0 on success or -%1 on error with @errno set.
+ */
+ int avc_context_to_sid(security_context_t ctx, security_id_t * sid);
+ int avc_context_to_sid_raw(security_context_t ctx, security_id_t * sid);
+
+/**
+ * sidget - increment SID reference counter.
+ * @sid: SID reference
+ *
+ * Increment the reference counter for @sid, indicating that
+ * @sid is in use by an (additional) object. Return the
+ * new reference count, or zero if @sid is invalid (has zero
+ * reference count). Note that avc_context_to_sid() also
+ * increments reference counts.
+ */
+ int sidget(security_id_t sid);
+
+/**
+ * sidput - decrement SID reference counter.
+ * @sid: SID reference
+ *
+ * Decrement the reference counter for @sid, indicating that
+ * a reference to @sid is no longer in use. Return the
+ * new reference count. When the reference count reaches
+ * zero, the SID is invalid, and avc_context_to_sid() must
+ * be called to obtain a new SID for the security context.
+ */
+ int sidput(security_id_t sid);
+
+/*
+ * AVC entry
+ */
+ struct avc_entry;
+ struct avc_entry_ref {
+ struct avc_entry *ae;
+ };
+
+/**
+ * avc_entry_ref_init - initialize an AVC entry reference.
+ * @aeref: pointer to avc entry reference structure
+ *
+ * Use this macro to initialize an avc entry reference structure
+ * before first use. These structures are passed to avc_has_perm(),
+ * which stores cache entry references in them. They can increase
+ * performance on repeated queries.
+ */
+#define avc_entry_ref_init(aeref) ((aeref)->ae = NULL)
+
+/*
+ * User-provided callbacks for memory, auditing, and locking
+ */
+
+/* These structures are passed by reference to avc_init(). Passing
+ * a NULL reference will cause the AVC to use a default. The default
+ * memory callbacks are malloc() and free(). The default logging method
+ * is to print on stderr. If no thread callbacks are passed, a separate
+ * listening thread won't be started for kernel policy change messages.
+ * If no locking callbacks are passed, no locking will take place.
+ */
+ struct avc_memory_callback {
+ /* malloc() equivalent. */
+ void *(*func_malloc) (size_t size);
+ /* free() equivalent. */
+ void (*func_free) (void *ptr);
+ /* Note that these functions should set errno on failure.
+ If not, some avc routines may return -1 without errno set. */
+ };
+
+ struct avc_log_callback {
+ /* log the printf-style format and arguments. */
+ void (*func_log) (const char *fmt, ...);
+ /* store a string representation of auditdata (corresponding
+ to the given security class) into msgbuf. */
+ void (*func_audit) (void *auditdata, security_class_t cls,
+ char *msgbuf, size_t msgbufsize);
+ };
+
+ struct avc_thread_callback {
+ /* create and start a thread, returning an opaque pointer to it;
+ the thread should run the given function. */
+ void *(*func_create_thread) (void (*run) (void));
+ /* cancel a given thread and free its resources. */
+ void (*func_stop_thread) (void *thread);
+ };
+
+ struct avc_lock_callback {
+ /* create a lock and re...
[truncated message content] |
|
From: <mad...@us...> - 2006-10-06 00:17:06
|
Revision: 2049
http://svn.sourceforge.net/selinux/?rev=2049&view=rev
Author: madmethod
Date: 2006-10-05 17:17:01 -0700 (Thu, 05 Oct 2006)
Log Message:
-----------
version bump for libselinux 1.30.30
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-10-06 00:15:24 UTC (rev 2048)
+++ trunk/libselinux/ChangeLog 2006-10-06 00:17:01 UTC (rev 2049)
@@ -1,3 +1,7 @@
+1.30.30 2006-10-05
+ * Merged patch from Darrel Goeddel to always use untranslated
+ contexts in the userspace AVC.
+
1.30.29 2006-09-29
* Merged av_permissions.h update from Steve Grubb,
adding setsockcreate and polmatch definitions.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-10-06 00:15:24 UTC (rev 2048)
+++ trunk/libselinux/VERSION 2006-10-06 00:17:01 UTC (rev 2049)
@@ -1 +1 @@
-1.30.29
+1.30.30
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-10-06 00:15:28
|
Revision: 2048
http://svn.sourceforge.net/selinux/?rev=2048&view=rev
Author: madmethod
Date: 2006-10-05 17:15:24 -0700 (Thu, 05 Oct 2006)
Log Message:
-----------
Author: Darrel Goeddel
Email: dgo...@Tr...
Subject: libselinux: always store raw contexts in the avc sidtab
Date: Thu, 05 Oct 2006 12:08:44 -0500
Always store raw contexts in the avc sidtab. This is accomplished by
providing functions to deal with raw contexts when converting contexts
to sids and vice versa. The security_compute_av is also switch to the raw
version because the contexts will now all be raw. When the raw context is
being converted to a sid, there will be no overhead. When a translated context
is converted, there will be a translation to raw for storage. There conversion
back from sid to context via avc_context_to_sid() will translate the context,
while avc_context_to_sid_raw() will not. These functions make it easy to
optimize some code paths be removing translations for contexts that will never
be presented to the user.
Signed-off-by: Darrel Goeddel <dgo...@tr...>
Acked-By: Joshua Brindle <jbr...@tr...>
Acked-By: Stephen Smalley <sd...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/avc.h
trunk/libselinux/src/avc.c
Modified: trunk/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2006-09-29 15:44:05 UTC (rev 2047)
+++ trunk/libselinux/include/selinux/avc.h 2006-10-06 00:15:24 UTC (rev 2048)
@@ -38,6 +38,7 @@
* available to make the copy, or %EINVAL if the input SID is invalid.
*/
int avc_sid_to_context(security_id_t sid, security_context_t * ctx);
+ int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx);
/**
* avc_context_to_sid - get SID for context.
@@ -51,6 +52,7 @@
* returning %0 on success or -%1 on error with @errno set.
*/
int avc_context_to_sid(security_context_t ctx, security_id_t * sid);
+ int avc_context_to_sid_raw(security_context_t ctx, security_id_t * sid);
/**
* sidget - increment SID reference counter.
Modified: trunk/libselinux/src/avc.c
===================================================================
--- trunk/libselinux/src/avc.c 2006-09-29 15:44:05 UTC (rev 2047)
+++ trunk/libselinux/src/avc.c 2006-10-06 00:15:24 UTC (rev 2048)
@@ -203,7 +203,7 @@
& (AVC_CACHE_SLOTS - 1);
}
-int avc_context_to_sid(security_context_t ctx, security_id_t * sid)
+int avc_context_to_sid_raw(security_context_t ctx, security_id_t * sid)
{
int rc;
avc_get_lock(avc_lock);
@@ -214,8 +214,23 @@
return rc;
}
-int avc_sid_to_context(security_id_t sid, security_context_t * ctx)
+int avc_context_to_sid(security_context_t ctx, security_id_t * sid)
{
+ int ret;
+ security_context_t rctx;
+
+ if (selinux_trans_to_raw_context(ctx, &rctx))
+ return -1;
+
+ ret = avc_context_to_sid_raw(rctx, sid);
+
+ freecon(rctx);
+
+ return ret;
+}
+
+int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx)
+{
int rc;
*ctx = NULL;
avc_get_lock(avc_lock);
@@ -230,6 +245,21 @@
return rc;
}
+int avc_sid_to_context(security_id_t sid, security_context_t * ctx)
+{
+ int ret;
+ security_context_t rctx;
+
+ ret = avc_sid_to_context_raw(sid, &rctx);
+
+ if (ret == 0) {
+ ret = selinux_raw_to_trans_context(rctx, ctx);
+ freecon(rctx);
+ }
+
+ return ret;
+}
+
int sidget(security_id_t sid)
{
int rc;
@@ -935,8 +965,9 @@
rc = -1;
goto out;
}
- rc = security_compute_av(ssid->ctx, tsid->ctx, tclass,
- requested, &entry.avd);
+ rc = security_compute_av_raw(ssid->ctx, tsid->ctx,
+ tclass, requested,
+ &entry.avd);
if (rc)
goto out;
rc = avc_insert(ssid, tsid, tclass, &entry, aeref);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 15:44:17
|
Revision: 2047
http://svn.sourceforge.net/selinux/?rev=2047&view=rev
Author: ssmalley
Date: 2006-09-29 08:44:05 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Tag new versions
Added Paths:
-----------
tags/libselinux_1_30_29/
tags/libselinux_1_30_29/libselinux/
tags/libselinux_1_30_29/libselinux/ChangeLog
tags/libselinux_1_30_29/libselinux/VERSION
tags/libselinux_1_30_29/libselinux/src/setrans_client.c
tags/libsemanage_1_6_17/
tags/libsemanage_1_6_17/libsemanage/
tags/libsemanage_1_6_17/libsemanage/ChangeLog
tags/libsemanage_1_6_17/libsemanage/VERSION
tags/policycoreutils_1_30_30/
tags/policycoreutils_1_30_30/policycoreutils/
tags/policycoreutils_1_30_30/policycoreutils/ChangeLog
tags/policycoreutils_1_30_30/policycoreutils/VERSION
tags/policycoreutils_1_30_30/policycoreutils/newrole/newrole.c
Removed Paths:
-------------
tags/libselinux_1_30_29/libselinux/ChangeLog
tags/libselinux_1_30_29/libselinux/VERSION
tags/libselinux_1_30_29/libselinux/src/setrans_client.c
tags/libsemanage_1_6_17/libsemanage/ChangeLog
tags/libsemanage_1_6_17/libsemanage/VERSION
tags/policycoreutils_1_30_30/policycoreutils/ChangeLog
tags/policycoreutils_1_30_30/policycoreutils/VERSION
tags/policycoreutils_1_30_30/policycoreutils/newrole/newrole.c
Copied: tags/libselinux_1_30_29/libselinux (from rev 2044, trunk/libselinux)
Deleted: tags/libselinux_1_30_29/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-29 15:33:28 UTC (rev 2044)
+++ tags/libselinux_1_30_29/libselinux/ChangeLog 2006-09-29 15:44:05 UTC (rev 2047)
@@ -1,557 +0,0 @@
- * Merged av_permissions.h update from Steve Grubb,
- adding setsockcreate and polmatch definitions.
-
-1.30.28 2006-09-13
- * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
- * Merged c++ class identifier fix from Joe Nall.
-
-1.30.27 2006-08-24
- * Merged patch to not log avc stats upon a reset from Steve Grubb.
- * Applied patch to revert compat_net setting upon policy load.
-
-1.30.26 2006-08-11
- * Merged file context homedir and local path functions from
- Chris PeBenito.
-
-1.30.25 2006-08-11
- * Rework functions that access /proc/pid/attr to access the
- per-thread nodes, and unify the code to simplify maintenance.
-
-1.30.24 2006-08-10
- * Merged return value fix for *getfilecon() from Dan Walsh.
-
-1.30.23 2006-08-10
- * Merged sockcreate interfaces from Eric Paris.
-
-1.30.22 2006-08-03
- * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
-
-1.30.21 2006-08-03
- * Merged netfilter_contexts support patch from Chris PeBenito.
-
-1.30.20 2006-08-01
- * Merged context_*_set errno patch from Jim Meyering.
-
-1.30.19 2006-06-29
- * Lindent.
-
-1.30.18 2006-06-27
- * Merged {get,set}procattrcon patch set from Eric Paris.
- * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
-
-1.30.17 2006-06-27
- * Regenerated Flask headers from refpolicy.
-
-1.30.16 2006-06-26
- * Merged patch from Dan Walsh with:
- - Added selinux_file_context_{cmp,verify}.
- - Added selinux_lsetfilecon_default.
- - Delay translation of contexts in matchpathcon.
-
-1.30.15 2006-06-16
- * Merged patch from Dan Walsh with:
- * Added selinux_getpolicytype() function.
- * Modified setrans code to skip processing if !mls_enabled.
-
-1.30.14 2006-06-16
- * Set errno in the !selinux_mnt case.
-
-1.30.13 2006-06-02
- * Allocate large buffers from the heap, not on stack.
- Affects is_context_customizable, selinux_init_load_policy,
- and selinux_getenforcemode.
-
-1.30.12 2006-06-02
- * Merged !selinux_mnt checks from Ian Kent.
-
-1.30.11 2006-05-24
- * Merged matchmediacon and trans_to_raw_context fixes from
- Serge Hallyn.
-
-1.30.10 2006-05-22
- * Merged simple setrans client cache from Dan Walsh.
- Merged avcstat patch from Russell Coker.
-
-1.30.9 2006-05-22
- * Modified selinux_mkload_policy() to also set /selinux/compat_net
- appropriately for the loaded policy.
-
-1.30.8 2006-05-17
- * Added matchpathcon_fini() function to free memory allocated by
- matchpathcon_init().
-
-1.30.7 2006-05-16
- * Merged setrans client cleanup patch from Steve Grubb.
-
-1.30.6 2006-05-08
- * Merged getfscreatecon man page fix from Dan Walsh.
- * Updated booleans(8) man page to drop references to the old
- booleans file and to note that setsebool can be used to set
- the boot-time defaults via -P.
-
-1.30.5 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.30.4 2006-05-05
- * Merged setrans client support from Dan Walsh.
- This removes use of libsetrans.
- * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
- * Merged swig typemap fixes from Glauber de Oliveira Costa.
-
-1.30.3 2006-04-12
- * Added distclean target to Makefile.
- * Regenerated swig files.
-
-1.30.2 2006-04-11
- * Changed matchpathcon_init to verify that the spec file is
- a regular file.
- * Merged python binding t_output_helper removal patch from Dan Walsh.
-
-1.30.1 2006-03-20
- * Merged Makefile PYLIBVER definition patch from Dan Walsh.
-
-1.30 2006-03-14
- * Updated version for release.
-
-1.29.8 2006-02-27
- * Altered rpm_execcon fallback logic for permissive mode to also
- handle case where /selinux/enforce is not available.
-
-1.29.7 2006-01-20
- * Merged install-pywrap Makefile patch from Joshua Brindle.
-
-1.29.6 2006-01-18
- * Merged pywrap Makefile patch from Dan Walsh.
-
-1.29.5 2006-01-11
- * Added getseuser test program.
-
-1.29.4 2006-01-06
- * Added format attribute to myprintf in matchpathcon.c and
- removed obsoleted rootlen variable in init_selinux_config().
-
-1.29.3 2006-01-04
- * Merged several fixes and improvements from Ulrich Drepper
- (Red Hat), including:
- - corrected use of getline
- - further calls to __fsetlocking for local files
- - use of strdupa and asprintf
- - proper handling of dirent in booleans code
- - use of -z relro
- - several other optimizations
- * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
-
-1.29.2 2005-12-14
- * Merged call to finish_context_translations from Dan Walsh.
- This eliminates a memory leak from failing to release memory
- allocated by libsetrans.
-
-1.29.1 2005-12-08
- * Merged patch for swig interfaces from Dan Walsh.
-
-1.28 2005-12-07
- * Updated version for release.
-
-1.27.28 2005-12-01
- * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
- modified matchpathcon implementation to make context validation/
- canonicalization optional at matchpathcon_init time, deferring it
- to a successful matchpathcon by default unless the new flag is set
- by the caller.
-
-1.27.27 2005-12-01
- * Added matchpathcon_init_prefix() interface, and
- reworked matchpathcon implementation to support selective
- loading of file contexts entries based on prefix matching
- between the pathname regex stems and the specified path
- prefix (stem must be a prefix of the specified path prefix).
-
-1.27.26 2005-11-29
- * Merged getsebool patch from Dan Walsh.
-
-1.27.25 2005-11-29
- * Added -f file_contexts option to matchpathcon util.
- Fixed warning message in matchpathcon_init().
-
-1.27.24 2005-11-29
- * Merged Makefile python definitions patch from Dan Walsh.
-
-1.27.23 2005-11-28
- * Merged swigify patch from Dan Walsh.
-
-1.27.22 2005-11-15
- * Merged make failure in rpm_execcon non-fatal in permissive mode
- patch from Ivan Gyurdiev.
-
-1.27.21 2005-11-08
- * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
- and modified matchpathcon_init() to skip context translation
- if it is set by the caller.
-
-1.27.20 2005-11-07
- * Added security_canonicalize_context() interface and
- set_matchpathcon_canoncon() interface for obtaining
- canonical contexts. Changed matchpathcon internals
- to obtain canonical contexts by default. Provided
- fallback for kernels that lack extended selinuxfs context
- interface.
-
-1.27.19 2005-11-04
- * Merged seusers parser changes from Ivan Gyurdiev.
- * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
- * Changed seusers parser to reject empty fields.
-
-1.27.18 2005-11-03
- * Merged seusers empty level handling patch from Jonathan Kim (TCS).
-
-1.27.17 2005-10-27
- * Changed default entry for seusers to use __default__ to avoid
- ambiguity with users named "default".
-
-1.27.16 2005-10-27
- * Fixed init_selinux_config() handling of missing /etc/selinux/config
- or missing SELINUXTYPE= definition.
- * Merged selinux_translations_path() patch from Dan Walsh.
-
-1.27.15 2005-10-25
- * Added hidden_proto/def for get_default_context_with_role.
-
-1.27.14 2005-10-25
- * Merged selinux_path() and selinux_homedir_context_path()
- functions from Joshua Brindle.
-
-1.27.13 2005-10-19
- * Merged fixes for make DESTDIR= builds from Joshua Brindle.
-
-1.27.12 2005-10-18
- * Merged get_default_context_with_rolelevel and man pages from
- Dan Walsh (Red Hat).
-
-1.27.11 2005-10-18
- * Updated call to sepol_policydb_to_image for sepol changes.
-
-1.27.10 2005-10-17
- * Changed getseuserbyname to ignore empty lines and to handle
- no matching entry in the same manner as no seusers file.
-
-1.27.9 2005-10-13
- * Changed selinux_mkload_policy to try downgrading the
- latest policy version available to the kernel-supported version.
-
-1.27.8 2005-10-11
- * Changed selinux_mkload_policy to fall back to the maximum
- policy version supported by libsepol if the kernel policy version
- falls outside of the supported range.
-
-1.27.7 2005-10-06
- * Changed getseuserbyname to fall back to the Linux username and
- NULL level if seusers config file doesn't exist unless
- REQUIRESEUSERS=1 is set in /etc/selinux/config.
- * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
-
-1.27.6 2005-10-06
- * Added selinux_init_load_policy() function as an even higher level
- interface for the initial policy load by /sbin/init. This obsoletes
- the load_policy() function in the sysvinit-selinux.patch.
-
-1.27.5 2005-10-06
- * Added selinux_mkload_policy() function as a higher level interface
- for loading policy than the security_load_policy() interface.
-
-1.27.4 2005-10-05
- * Merged fix for matchpathcon (regcomp error checking) from Johan
- Fischer. Also added use of regerror to obtain the error string
- for inclusion in the error message.
-
-1.27.3 2005-10-03
- * Changed getseuserbyname to not require (and ignore if present)
- the MLS level in seusers.conf if MLS is disabled, setting *level
- to NULL in this case.
-
-1.27.2 2005-09-30
- * Merged getseuserbyname patch from Dan Walsh.
-
-1.27.1 2005-09-19
- * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
- This allows file_contexts with MLS fields to be processed on
- non-MLS-enabled systems with policies that are otherwise
- identical (e.g. same type definitions).
- * Merged get_ordered_context_list_with_level() function from
- Dan Walsh, and added get_default_context_with_level().
- This allows MLS level selection for users other than the
- default level.
-
-1.26 2005-09-06
- * Updated version for release.
-
-1.25.7 2005-09-01
- * Merged modified form of patch to avoid dlopen/dlclose by
- the static libselinux from Dan Walsh. Users of the static libselinux
- will not have any context translation by default.
-
-1.25.6 2005-08-31
- * Added public functions to export context translation to
- users of libselinux (selinux_trans_to_raw_context,
- selinux_raw_to_trans_context).
-
-1.25.5 2005-08-26
- * Remove special definition for context_range_set; use
- common code.
-
-1.25.4 2005-08-25
- * Hid translation-related symbols entirely and ensured that
- raw functions have hidden definitions for internal use.
- * Allowed setting NULL via context_set* functions.
- * Allowed whitespace in MLS component of context.
- * Changed rpm_execcon to use translated functions to workaround
- lack of MLS level on upgraded systems.
-
-1.25.3 2005-08-23
- * Merged context translation patch, originally by TCS,
- with modifications by Dan Walsh (Red Hat).
-
-1.25.2 2005-08-11
- * Merged several fixes for error handling paths in the
- AVC sidtab, matchpathcon, booleans, context, and get_context_list
- code from Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.25.1 2005-08-10
- * Removed setupns; migrated to pam.
- * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
- Original symbol is temporarily retained for compatibility until
- all callers are updated.
-
-1.24 2005-06-20
- * Updated version for release.
-
-1.23.12 2005-06-13
- * Merged security_setupns() from Chad Sellers.
-
-1.23.11 2005-05-19
- * Merged avcstat and selinux man page from Dan Walsh.
- * Changed security_load_booleans to process booleans.local
- even if booleans file doesn't exist.
-
-1.23.10 2005-04-29
- * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
-
-1.23.9 2005-04-26
- * Rewrote get_ordered_context_list and helpers, including
- changing logic to allow variable MLS fields.
-
-1.23.8 2005-04-25
- * Merged matchpathcon and man page patch from Dan Walsh.
-
-1.23.7 2005-04-12
- * Changed boolean functions to return -1 with errno ENOENT
- rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
- mounted).
-
-1.23.6 2005-04-08
- * Fixed bug in matchpathcon_filespec_destroy.
-
-1.23.5 2005-04-05
- * Fixed bug in rpm_execcon error handling path.
-
-1.23.4 2005-04-04
- * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
- * Merged fix for getconlist utility from Andreas Steinmetz.
-
-1.23.3 2005-03-29
- * Merged security_set_boolean_list patch from Dan Walsh.
- This introduces booleans.local support for setsebool.
-
-1.23.2 2005-03-17
- * Merged destructors patch from Tomas Mraz.
-
-1.23.1 2005-03-16
- * Added set_matchpathcon_flags() function for setting flags
- controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
- means only process the base file_contexts file, not
- file_contexts.homedirs or file_contexts.local, and is for use by
- setfiles -c.
- * Updated matchpathcon.3 man page.
-
-1.22 2005-03-09
- * Updated version for release.
-
-1.21.13 2005-03-08
- * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
-
-1.21.12 2005-03-01
- * Changed matchpathcon_common to ignore any non-format bits in the mode.
-
-1.21.11 2005-02-22
- * Merged several fixes from Ulrich Drepper.
-
-1.21.10 2005-02-17
- * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
- * Added selinux_users_path() for path to directory containing
- system.users and local.users.
-
-1.21.9 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.21.8 2005-02-07
- * Regenerated av_permissions.h.
-
-1.21.7 2005-02-01
- * Modified avc_dump_av to explicitly check for any permissions that
- cannot be mapped to string names and display them as a hex value.
-
-1.21.6 2005-01-31
- * Regenerated av_permissions.h.
-
-1.21.5 2005-01-28
- * Generalized matchpathcon internals, exported more interfaces,
- and moved additional code from setfiles into libselinux so that
- setfiles can directly use matchpathcon.
-
-1.21.4 2005-01-27
- * Prevent overflow of spec array in matchpathcon.
-
-1.21.3 2005-01-26
- * Fixed several uses of internal functions to avoid relocations.
- * Changed rpm_execcon to check is_selinux_enabled() and fallback to
- a regular execve if not enabled (or unable to determine due to a lack
- of /proc, e.g. chroot'd environment).
-
-
-1.21.2 2005-01-24
- * Merged minor fix for avcstat from Dan Walsh.
-
-1.21.1 2005-01-19
- * Merged patch from Dan Walsh, including:
- - new is_context_customizable function
- - changed matchpathcon to also use file_contexts.local if present
- - man page cleanups
-
-1.20 2005-01-04
- * Changed matchpathcon to return -1 with errno ENOENT for
- <<none>> entries, and also for an empty file_contexts configuration.
- * Removed some trivial utils that were not useful or redundant.
- * Changed BINDIR default to /usr/sbin to match change in Fedora.
- * Added security_compute_member.
- * Added man page for setcon.
- * Merged more man pages from Dan Walsh.
- * Merged avcstat from James Morris.
- * Merged build fix for mips from Manoj Srivastava.
- * Merged C++ support from John Ramsdell of MITRE.
- * Merged setcon() function from Darrel Goeddel of TCS.
- * Merged setsebool/togglesebool enhancement from Steve Grubb.
- * Merged cleanup patches from Steve Grubb.
-
-1.18 2004-11-01
- * Merged cleanup patches from Steve Grubb.
- * Added rpm_execcon.
- * Merged setenforce and removable context patch from Dan Walsh.
- * Merged build fix for alpha from Ulrich Drepper.
- * Removed copyright/license from selinux_netlink.h - definitions only.
- * Merged matchmediacon from Dan Walsh.
- * Regenerated headers for new nscd permissions.
- * Added get_default_context_with_role.
- * Added set_matchpathcon_printf.
- * Reworked av_inherit.h to allow easier re-use by kernel.
- * Changed avc_has_perm_noaudit to not fail on netlink errors.
- * Changed avc netlink code to check pid based on patch by Steve Grubb.
- * Merged second optimization patch from Ulrich Drepper.
- * Changed matchpathcon to skip invalid file_contexts entries.
- * Made string tables private to libselinux.
- * Merged strcat->stpcpy patch from Ulrich Drepper.
- * Merged matchpathcon man page from Dan Walsh.
- * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
- * Autobind netlink socket.
- * Dropped compatibility code from security_compute_user.
- * Merged fix for context_range_set from Chad Hanson.
- * Merged allocation failure checking patch from Chad Hanson.
- * Merged avc netlink error message patch from Colin Walters.
-
-1.16 2004-08-19
- * Regenerated headers for nscd class.
- * Merged man pages from Dan Walsh.
- * Merged context_new bug fix for MLS ranges from Chad Hanson.
- * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
- * Renamed change_bool and show_bools to setsebool and getsebool.
- * Merged security_load_booleans() function from Dan Walsh.
- * Added selinux_booleans_path() function.
- * Changed avc_init function prototype to use const.
- * Regenerated headers for crontab permission.
- * Added checkAccess from Dan Walsh.
- * Merged getenforce patch from Dan Walsh.
- * Regenerated headers for dbus classes.
-
-1.14 2004-06-16
- * Regenerated headers for fine-grained netlink classes.
- * Merged selinux_config bug fix from Dan Walsh.
- * Added userspace AVC man pages.
- * Added man links for API calls to existing man pages documenting them.
- * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
- * Merged patch to determine config file paths at runtime to support
- reorganized layout.
- * Regenerated flask headers with stable ordering.
- * Merged patch for man pages from Russell Coker.
-
-1.12 2004-05-10
- * Updated flask files to include new SE-X security classes.
- * Added security_disable function for runtime disable of SELinux prior
- to initial policy load (for /sbin/init).
- * Changed get_ordered_context_list to omit any reachable contexts
- that are not explicitly listed in default_contexts, unless there
- are no matches.
- * Merged man pages from Russell Coker and Dan Walsh.
- * Merged memory leak fixes from Dan Walsh.
- * Merged policyvers errno patch from Chris PeBenito.
-
-1.10 2004-04-05
- * Merged getenforce patch from Dan Walsh.
- * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
- the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
- Based on a patch by Russell Coker.
- * Merged matchpathcon buffer size fix from Dan Walsh.
-
-1.8 2004-03-09
- * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
- * Added matchpathcon function.
- * Updated userspace AVC to handle netlink selinux notifications.
-
-1.6 2004-02-18
- * Merged conditional policy extensions from Tresys Technology.
- * Added userspace avc and SID table implementation.
- * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
- * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
- * Changed to use getpwnam_r rather than getpwnam internally to
- avoid clobbering any existing pwd struct obtained by the caller.
- * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
- and handle allocation ala getfilecon.
- * Changed is_selinux_enabled to return -1 on errors.
- * Changed to discover selinuxfs mount point via /proc/mounts
- so that the mount point can be changed without rebuilding.
-
-1.4 2003-12-01
- * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
- * Regenerate headers for new permissions.
- * Merged static lib build patch from Bastian Blank and Joerg Hoh.
- * Export SELINUXMNT definition, add SELINUXPOLICY definition.
- * Add functions to provide access to enforce and policyvers.
- * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
- * Fixed type for 'size' in *getfilecon.
- * Dropped -lattr and changed #include's to <sys/xattr.h>
- * Merged patch to move shared library to /lib from Dan Walsh.
- * Changed get_ordered_context_list to support a failsafe context.
- * Added selinuxenabled utility.
- * Merged const patch from Thorsten Kukuk.
-
-1.2 2003-09-30
- * Change is_selinux_enabled to fail if policy isn't loaded.
- * Changed Makefiles to allow non-root rpm builds.
- * Added -lattr for libselinux.so to ensure proper binding.
-
-1.1 2003-08-13
- * Ensure that context strings are padded with a null byte
- in case the kernel didn't include one.
- * Regenerate headers, update helpers.c for code cleanup.
- * Pass soname flag to linker (Colin Walters).
- * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
-
-1.0 2003-07-11
- * Initial public release.
Copied: tags/libselinux_1_30_29/libselinux/ChangeLog (from rev 2046, trunk/libselinux/ChangeLog)
===================================================================
--- tags/libselinux_1_30_29/libselinux/ChangeLog (rev 0)
+++ tags/libselinux_1_30_29/libselinux/ChangeLog 2006-09-29 15:44:05 UTC (rev 2047)
@@ -0,0 +1,558 @@
+1.30.29 2006-09-29
+ * Merged av_permissions.h update from Steve Grubb,
+ adding setsockcreate and polmatch definitions.
+
+1.30.28 2006-09-13
+ * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+ * Merged c++ class identifier fix from Joe Nall.
+
+1.30.27 2006-08-24
+ * Merged patch to not log avc stats upon a reset from Steve Grubb.
+ * Applied patch to revert compat_net setting upon policy load.
+
+1.30.26 2006-08-11
+ * Merged file context homedir and local path functions from
+ Chris PeBenito.
+
+1.30.25 2006-08-11
+ * Rework functions that access /proc/pid/attr to access the
+ per-thread nodes, and unify the code to simplify maintenance.
+
+1.30.24 2006-08-10
+ * Merged return value fix for *getfilecon() from Dan Walsh.
+
+1.30.23 2006-08-10
+ * Merged sockcreate interfaces from Eric Paris.
+
+1.30.22 2006-08-03
+ * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
+
+1.30.21 2006-08-03
+ * Merged netfilter_contexts support patch from Chris PeBenito.
+
+1.30.20 2006-08-01
+ * Merged context_*_set errno patch from Jim Meyering.
+
+1.30.19 2006-06-29
+ * Lindent.
+
+1.30.18 2006-06-27
+ * Merged {get,set}procattrcon patch set from Eric Paris.
+ * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
+
+1.30.17 2006-06-27
+ * Regenerated Flask headers from refpolicy.
+
+1.30.16 2006-06-26
+ * Merged patch from Dan Walsh with:
+ - Added selinux_file_context_{cmp,verify}.
+ - Added selinux_lsetfilecon_default.
+ - Delay translation of contexts in matchpathcon.
+
+1.30.15 2006-06-16
+ * Merged patch from Dan Walsh with:
+ * Added selinux_getpolicytype() function.
+ * Modified setrans code to skip processing if !mls_enabled.
+
+1.30.14 2006-06-16
+ * Set errno in the !selinux_mnt case.
+
+1.30.13 2006-06-02
+ * Allocate large buffers from the heap, not on stack.
+ Affects is_context_customizable, selinux_init_load_policy,
+ and selinux_getenforcemode.
+
+1.30.12 2006-06-02
+ * Merged !selinux_mnt checks from Ian Kent.
+
+1.30.11 2006-05-24
+ * Merged matchmediacon and trans_to_raw_context fixes from
+ Serge Hallyn.
+
+1.30.10 2006-05-22
+ * Merged simple setrans client cache from Dan Walsh.
+ Merged avcstat patch from Russell Coker.
+
+1.30.9 2006-05-22
+ * Modified selinux_mkload_policy() to also set /selinux/compat_net
+ appropriately for the loaded policy.
+
+1.30.8 2006-05-17
+ * Added matchpathcon_fini() function to free memory allocated by
+ matchpathcon_init().
+
+1.30.7 2006-05-16
+ * Merged setrans client cleanup patch from Steve Grubb.
+
+1.30.6 2006-05-08
+ * Merged getfscreatecon man page fix from Dan Walsh.
+ * Updated booleans(8) man page to drop references to the old
+ booleans file and to note that setsebool can be used to set
+ the boot-time defaults via -P.
+
+1.30.5 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.30.4 2006-05-05
+ * Merged setrans client support from Dan Walsh.
+ This removes use of libsetrans.
+ * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
+ * Merged swig typemap fixes from Glauber de Oliveira Costa.
+
+1.30.3 2006-04-12
+ * Added distclean target to Makefile.
+ * Regenerated swig files.
+
+1.30.2 2006-04-11
+ * Changed matchpathcon_init to verify that the spec file is
+ a regular file.
+ * Merged python binding t_output_helper removal patch from Dan Walsh.
+
+1.30.1 2006-03-20
+ * Merged Makefile PYLIBVER definition patch from Dan Walsh.
+
+1.30 2006-03-14
+ * Updated version for release.
+
+1.29.8 2006-02-27
+ * Altered rpm_execcon fallback logic for permissive mode to also
+ handle case where /selinux/enforce is not available.
+
+1.29.7 2006-01-20
+ * Merged install-pywrap Makefile patch from Joshua Brindle.
+
+1.29.6 2006-01-18
+ * Merged pywrap Makefile patch from Dan Walsh.
+
+1.29.5 2006-01-11
+ * Added getseuser test program.
+
+1.29.4 2006-01-06
+ * Added format attribute to myprintf in matchpathcon.c and
+ removed obsoleted rootlen variable in init_selinux_config().
+
+1.29.3 2006-01-04
+ * Merged several fixes and improvements from Ulrich Drepper
+ (Red Hat), including:
+ - corrected use of getline
+ - further calls to __fsetlocking for local files
+ - use of strdupa and asprintf
+ - proper handling of dirent in booleans code
+ - use of -z relro
+ - several other optimizations
+ * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
+
+1.29.2 2005-12-14
+ * Merged call to finish_context_translations from Dan Walsh.
+ This eliminates a memory leak from failing to release memory
+ allocated by libsetrans.
+
+1.29.1 2005-12-08
+ * Merged patch for swig interfaces from Dan Walsh.
+
+1.28 2005-12-07
+ * Updated version for release.
+
+1.27.28 2005-12-01
+ * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
+ modified matchpathcon implementation to make context validation/
+ canonicalization optional at matchpathcon_init time, deferring it
+ to a successful matchpathcon by default unless the new flag is set
+ by the caller.
+
+1.27.27 2005-12-01
+ * Added matchpathcon_init_prefix() interface, and
+ reworked matchpathcon implementation to support selective
+ loading of file contexts entries based on prefix matching
+ between the pathname regex stems and the specified path
+ prefix (stem must be a prefix of the specified path prefix).
+
+1.27.26 2005-11-29
+ * Merged getsebool patch from Dan Walsh.
+
+1.27.25 2005-11-29
+ * Added -f file_contexts option to matchpathcon util.
+ Fixed warning message in matchpathcon_init().
+
+1.27.24 2005-11-29
+ * Merged Makefile python definitions patch from Dan Walsh.
+
+1.27.23 2005-11-28
+ * Merged swigify patch from Dan Walsh.
+
+1.27.22 2005-11-15
+ * Merged make failure in rpm_execcon non-fatal in permissive mode
+ patch from Ivan Gyurdiev.
+
+1.27.21 2005-11-08
+ * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
+ and modified matchpathcon_init() to skip context translation
+ if it is set by the caller.
+
+1.27.20 2005-11-07
+ * Added security_canonicalize_context() interface and
+ set_matchpathcon_canoncon() interface for obtaining
+ canonical contexts. Changed matchpathcon internals
+ to obtain canonical contexts by default. Provided
+ fallback for kernels that lack extended selinuxfs context
+ interface.
+
+1.27.19 2005-11-04
+ * Merged seusers parser changes from Ivan Gyurdiev.
+ * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
+ * Changed seusers parser to reject empty fields.
+
+1.27.18 2005-11-03
+ * Merged seusers empty level handling patch from Jonathan Kim (TCS).
+
+1.27.17 2005-10-27
+ * Changed default entry for seusers to use __default__ to avoid
+ ambiguity with users named "default".
+
+1.27.16 2005-10-27
+ * Fixed init_selinux_config() handling of missing /etc/selinux/config
+ or missing SELINUXTYPE= definition.
+ * Merged selinux_translations_path() patch from Dan Walsh.
+
+1.27.15 2005-10-25
+ * Added hidden_proto/def for get_default_context_with_role.
+
+1.27.14 2005-10-25
+ * Merged selinux_path() and selinux_homedir_context_path()
+ functions from Joshua Brindle.
+
+1.27.13 2005-10-19
+ * Merged fixes for make DESTDIR= builds from Joshua Brindle.
+
+1.27.12 2005-10-18
+ * Merged get_default_context_with_rolelevel and man pages from
+ Dan Walsh (Red Hat).
+
+1.27.11 2005-10-18
+ * Updated call to sepol_policydb_to_image for sepol changes.
+
+1.27.10 2005-10-17
+ * Changed getseuserbyname to ignore empty lines and to handle
+ no matching entry in the same manner as no seusers file.
+
+1.27.9 2005-10-13
+ * Changed selinux_mkload_policy to try downgrading the
+ latest policy version available to the kernel-supported version.
+
+1.27.8 2005-10-11
+ * Changed selinux_mkload_policy to fall back to the maximum
+ policy version supported by libsepol if the kernel policy version
+ falls outside of the supported range.
+
+1.27.7 2005-10-06
+ * Changed getseuserbyname to fall back to the Linux username and
+ NULL level if seusers config file doesn't exist unless
+ REQUIRESEUSERS=1 is set in /etc/selinux/config.
+ * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
+
+1.27.6 2005-10-06
+ * Added selinux_init_load_policy() function as an even higher level
+ interface for the initial policy load by /sbin/init. This obsoletes
+ the load_policy() function in the sysvinit-selinux.patch.
+
+1.27.5 2005-10-06
+ * Added selinux_mkload_policy() function as a higher level interface
+ for loading policy than the security_load_policy() interface.
+
+1.27.4 2005-10-05
+ * Merged fix for matchpathcon (regcomp error checking) from Johan
+ Fischer. Also added use of regerror to obtain the error string
+ for inclusion in the error message.
+
+1.27.3 2005-10-03
+ * Changed getseuserbyname to not require (and ignore if present)
+ the MLS level in seusers.conf if MLS is disabled, setting *level
+ to NULL in this case.
+
+1.27.2 2005-09-30
+ * Merged getseuserbyname patch from Dan Walsh.
+
+1.27.1 2005-09-19
+ * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
+ This allows file_contexts with MLS fields to be processed on
+ non-MLS-enabled systems with policies that are otherwise
+ identical (e.g. same type definitions).
+ * Merged get_ordered_context_list_with_level() function from
+ Dan Walsh, and added get_default_context_with_level().
+ This allows MLS level selection for users other than the
+ default level.
+
+1.26 2005-09-06
+ * Updated version for release.
+
+1.25.7 2005-09-01
+ * Merged modified form of patch to avoid dlopen/dlclose by
+ the static libselinux from Dan Walsh. Users of the static libselinux
+ will not have any context translation by default.
+
+1.25.6 2005-08-31
+ * Added public functions to export context translation to
+ users of libselinux (selinux_trans_to_raw_context,
+ selinux_raw_to_trans_context).
+
+1.25.5 2005-08-26
+ * Remove special definition for context_range_set; use
+ common code.
+
+1.25.4 2005-08-25
+ * Hid translation-related symbols entirely and ensured that
+ raw functions have hidden definitions for internal use.
+ * Allowed setting NULL via context_set* functions.
+ * Allowed whitespace in MLS component of context.
+ * Changed rpm_execcon to use translated functions to workaround
+ lack of MLS level on upgraded systems.
+
+1.25.3 2005-08-23
+ * Merged context translation patch, originally by TCS,
+ with modifications by Dan Walsh (Red Hat).
+
+1.25.2 2005-08-11
+ * Merged several fixes for error handling paths in the
+ AVC sidtab, matchpathcon, booleans, context, and get_context_list
+ code from Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.25.1 2005-08-10
+ * Removed setupns; migrated to pam.
+ * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
+ Original symbol is temporarily retained for compatibility until
+ all callers are updated.
+
+1.24 2005-06-20
+ * Updated version for release.
+
+1.23.12 2005-06-13
+ * Merged security_setupns() from Chad Sellers.
+
+1.23.11 2005-05-19
+ * Merged avcstat and selinux man page from Dan Walsh.
+ * Changed security_load_booleans to process booleans.local
+ even if booleans file doesn't exist.
+
+1.23.10 2005-04-29
+ * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
+
+1.23.9 2005-04-26
+ * Rewrote get_ordered_context_list and helpers, including
+ changing logic to allow variable MLS fields.
+
+1.23.8 2005-04-25
+ * Merged matchpathcon and man page patch from Dan Walsh.
+
+1.23.7 2005-04-12
+ * Changed boolean functions to return -1 with errno ENOENT
+ rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
+ mounted).
+
+1.23.6 2005-04-08
+ * Fixed bug in matchpathcon_filespec_destroy.
+
+1.23.5 2005-04-05
+ * Fixed bug in rpm_execcon error handling path.
+
+1.23.4 2005-04-04
+ * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
+ * Merged fix for getconlist utility from Andreas Steinmetz.
+
+1.23.3 2005-03-29
+ * Merged security_set_boolean_list patch from Dan Walsh.
+ This introduces booleans.local support for setsebool.
+
+1.23.2 2005-03-17
+ * Merged destructors patch from Tomas Mraz.
+
+1.23.1 2005-03-16
+ * Added set_matchpathcon_flags() function for setting flags
+ controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
+ means only process the base file_contexts file, not
+ file_contexts.homedirs or file_contexts.local, and is for use by
+ setfiles -c.
+ * Updated matchpathcon.3 man page.
+
+1.22 2005-03-09
+ * Updated version for release.
+
+1.21.13 2005-03-08
+ * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
+
+1.21.12 2005-03-01
+ * Changed matchpathcon_common to ignore any non-format bits in the mode.
+
+1.21.11 2005-02-22
+ * Merged several fixes from Ulrich Drepper.
+
+1.21.10 2005-02-17
+ * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
+ * Added selinux_users_path() for path to directory containing
+ system.users and local.users.
+
+1.21.9 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.21.8 2005-02-07
+ * Regenerated av_permissions.h.
+
+1.21.7 2005-02-01
+ * Modified avc_dump_av to explicitly check for any permissions that
+ cannot be mapped to string names and display them as a hex value.
+
+1.21.6 2005-01-31
+ * Regenerated av_permissions.h.
+
+1.21.5 2005-01-28
+ * Generalized matchpathcon internals, exported more interfaces,
+ and moved additional code from setfiles into libselinux so that
+ setfiles can directly use matchpathcon.
+
+1.21.4 2005-01-27
+ * Prevent overflow of spec array in matchpathcon.
+
+1.21.3 2005-01-26
+ * Fixed several uses of internal functions to avoid relocations.
+ * Changed rpm_execcon to check is_selinux_enabled() and fallback to
+ a regular execve if not enabled (or unable to determine due to a lack
+ of /proc, e.g. chroot'd environment).
+
+
+1.21.2 2005-01-24
+ * Merged minor fix for avcstat from Dan Walsh.
+
+1.21.1 2005-01-19
+ * Merged patch from Dan Walsh, including:
+ - new is_context_customizable function
+ - changed matchpathcon to also use file_contexts.local if present
+ - man page cleanups
+
+1.20 2005-01-04
+ * Changed matchpathcon to return -1 with errno ENOENT for
+ <<none>> entries, and also for an empty file_contexts configuration.
+ * Removed some trivial utils that were not useful or redundant.
+ * Changed BINDIR default to /usr/sbin to match change in Fedora.
+ * Added security_compute_member.
+ * Added man page for setcon.
+ * Merged more man pages from Dan Walsh.
+ * Merged avcstat from James Morris.
+ * Merged build fix for mips from Manoj Srivastava.
+ * Merged C++ support from John Ramsdell of MITRE.
+ * Merged setcon() function from Darrel Goeddel of TCS.
+ * Merged setsebool/togglesebool enhancement from Steve Grubb.
+ * Merged cleanup patches from Steve Grubb.
+
+1.18 2004-11-01
+ * Merged cleanup patches from Steve Grubb.
+ * Added rpm_execcon.
+ * Merged setenforce and removable context patch from Dan Walsh.
+ * Merged build fix for alpha from Ulrich Drepper.
+ * Removed copyright/license from selinux_netlink.h - definitions only.
+ * Merged matchmediacon from Dan Walsh.
+ * Regenerated headers for new nscd permissions.
+ * Added get_default_context_with_role.
+ * Added set_matchpathcon_printf.
+ * Reworked av_inherit.h to allow easier re-use by kernel.
+ * Changed avc_has_perm_noaudit to not fail on netlink errors.
+ * Changed avc netlink code to check pid based on patch by Steve Grubb.
+ * Merged second optimization patch from Ulrich Drepper.
+ * Changed matchpathcon to skip invalid file_contexts entries.
+ * Made string tables private to libselinux.
+ * Merged strcat->stpcpy patch from Ulrich Drepper.
+ * Merged matchpathcon man page from Dan Walsh.
+ * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
+ * Autobind netlink socket.
+ * Dropped compatibility code from security_compute_user.
+ * Merged fix for context_range_set from Chad Hanson.
+ * Merged allocation failure checking patch from Chad Hanson.
+ * Merged avc netlink error message patch from Colin Walters.
+
+1.16 2004-08-19
+ * Regenerated headers for nscd class.
+ * Merged man pages from Dan Walsh.
+ * Merged context_new bug fix for MLS ranges from Chad Hanson.
+ * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
+ * Renamed change_bool and show_bools to setsebool and getsebool.
+ * Merged security_load_booleans() function from Dan Walsh.
+ * Added selinux_booleans_path() function.
+ * Changed avc_init function prototype to use const.
+ * Regenerated headers for crontab permission.
+ * Added checkAccess from Dan Walsh.
+ * Merged getenforce patch from Dan Walsh.
+ * Regenerated headers for dbus classes.
+
+1.14 2004-06-16
+ * Regenerated headers for fine-grained netlink classes.
+ * Merged selinux_config bug fix from Dan Walsh.
+ * Added userspace AVC man pages.
+ * Added man links for API calls to existing man pages documenting them.
+ * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
+ * Merged patch to determine config file paths at runtime to support
+ reorganized layout.
+ * Regenerated flask headers with stable ordering.
+ * Merged patch for man pages from Russell Coker.
+
+1.12 2004-05-10
+ * Updated flask files to include new SE-X security classes.
+ * Added security_disable function for runtime disable of SELinux prior
+ to initial policy load (for /sbin/init).
+ * Changed get_ordered_context_list to omit any reachable contexts
+ that are not explicitly listed in default_contexts, unless there
+ are no matches.
+ * Merged man pages from Russell Coker and Dan Walsh.
+ * Merged memory leak fixes from Dan Walsh.
+ * Merged policyvers errno patch from Chris PeBenito.
+
+1.10 2004-04-05
+ * Merged getenforce patch from Dan Walsh.
+ * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
+ the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
+ Based on a patch by Russell Coker.
+ * Merged matchpathcon buffer size fix from Dan Walsh.
+
+1.8 2004-03-09
+ * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
+ * Added matchpathcon function.
+ * Updated userspace AVC to handle netlink selinux notifications.
+
+1.6 2004-02-18
+ * Merged conditional policy extensions from Tresys Technology.
+ * Added userspace avc and SID table implementation.
+ * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
+ * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
+ * Changed to use getpwnam_r rather than getpwnam internally to
+ avoid clobbering any existing pwd struct obtained by the caller.
+ * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
+ and handle allocation ala getfilecon.
+ * Changed is_selinux_enabled to return -1 on errors.
+ * Changed to discover selinuxfs mount point via /proc/mounts
+ so that the mount point can be changed without rebuilding.
+
+1.4 2003-12-01
+ * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
+ * Regenerate headers for new permissions.
+ * Merged static lib build patch from Bastian Blank and Joerg Hoh.
+ * Export SELINUXMNT definition, add SELINUXPOLICY definition.
+ * Add functions to provide access to enforce and policyvers.
+ * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
+ * Fixed type for 'size' in *getfilecon.
+ * Dropped -lattr and changed #include's to <sys/xattr.h>
+ * Merged patch to move shared library to /lib from Dan Walsh.
+ * Changed get_ordered_context_list to support a failsafe context.
+ * Added selinuxenabled utility.
+ * Merged const patch from Thorsten Kukuk.
+
+1.2 2003-09-30
+ * Change is_selinux_enabled to fail if policy isn't loaded.
+ * Changed Makefiles to allow non-root rpm builds.
+ * Added -lattr for libselinux.so to ensure proper binding.
+
+1.1 2003-08-13
+ * Ensure that context strings are padded with a null byte
+ in case the kernel didn't include one.
+ * Regenerate headers, update helpers.c for code cleanup.
+ * Pass soname flag to linker (Colin Walters).
+ * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
+
+1.0 2003-07-11
+ * Initial public release.
Deleted: tags/libselinux_1_30_29/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-09-29 15:33:28 UTC (rev 2044)
+++ tags/libselinux_1_30_29/libselinux/VERSION 2006-09-29 15:44:05 UTC (rev 2047)
@@ -1 +0,0 @@
-1.30.28
Copied: tags/libselinux_1_30_29/libselinux/VERSION (from rev 2046, trunk/libselinux/VERSION)
===================================================================
--- tags/libselinux_1_30_29/libselinux/VERSION (rev 0)
+++ tags/libselinux_1_30_29/libselinux/VERSION 2006-09-29 15:44:05 UTC (rev 2047)
@@ -0,0 +1 @@
+1.30.29
Deleted: tags/libselinux_1_30_29/libselinux/src/setrans_client.c
===================================================================
--- trunk/libselinux/src/setrans_client.c 2006-09-29 15:33:28 UTC (rev 2044)
+++ tags/libselinux_1_30_29/libselinux/src/setrans_client.c 2006-09-29 15:44:05 UTC (rev 2047)
@@ -1,322 +0,0 @@
-/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-
-#include <errno.h>
-#include <stdlib.h>
-#include <netdb.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <unistd.h>
-#include "dso.h"
-#include "selinux_internal.h"
-#include "setrans_internal.h"
-
-static int mls_enabled = -1;
-
-// Simple cache
-static __thread security_context_t prev_t2r_trans = NULL;
-static __thread security_context_t prev_t2r_raw = NULL;
-static __thread security_context_t prev_r2t_trans = NULL;
-static __thread security_context_t prev_r2t_raw = NULL;
-
-int cache_trans hidden = 1;
-
-/*
- * setransd_open
- *
- * This function opens a socket to the setransd.
- * Returns: on success, a file descriptor ( >= 0 ) to the socket
- * on error, a negative value
- */
-static int setransd_open(void)
-{
- struct sockaddr_un addr;
- int fd;
-
- fd = socket(PF_UNIX, SOCK_STREAM, 0);
- if (fd < 0) {
- return -1;
- }
-
- memset(&addr, 0, sizeof(addr));
- addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, SETRANS_UNIX_SOCKET, sizeof(addr.sun_path));
- if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
- close(fd);
- return -1;
- }
-
- return fd;
-}
-
-/* Returns: 0 on success, <0 on failure */
-static int
-send_request(int fd, uint32_t function, const char *data1, const char *data2)
-{
- struct msghdr msgh;
- struct iovec iov[5];
- uint32_t data1_size;
- uint32_t data2_size;
- ssize_t count, expected;
- unsigned int i;
-
- if (fd < 0)
- return -1;
-
- if (!data1)
- data1 = "";
- if (!data2)
- data2 = "";
-
- data1_size = strlen(data1) + 1;
- data2_size = strlen(data2) + 1;
-
- iov[0].iov_base = &function;
- iov[0].iov_len = sizeof(function);
- iov[1].iov_base = &data1_size;
- iov[1].iov_len = sizeof(data1_size);
- iov[2].iov_base = &data2_size;
- iov[2].iov_len = sizeof(data2_size);
- iov[3].iov_base = (char *)data1;
- iov[3].iov_len = data1_size;
- iov[4].iov_base = (char *)data2;
- iov[4].iov_len = data2_size;
- memset(&msgh, 0, sizeof(msgh));
- msgh.msg_iov = iov;
- msgh.msg_iovlen = sizeof(iov)/sizeof(iov[0]);
-
- expected = 0;
- for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++)
- expected += iov[i].iov_len;
-
- while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0) && (errno == EINTR)) ;
- if (count < 0 || count != expected)
- return -1;
-
- return 0;
-}
-
-/* Returns: 0 on success, <0 on failure */
-static int
-receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
-{
- struct iovec resp_hdr[3];
- uint32_t func;
- uint32_t data_size;
- char *data;
- struct iovec resp_data;
- ssize_t count;
-
- if (fd < 0)
- return -1;
-
- resp_hdr[0].iov_base = &func;
- resp_hdr[0].iov_len = sizeof(func);
- resp_hdr[1].iov_base = &data_size;
- resp_hdr[1].iov_len = sizeof(data_size);
- resp_hdr[2].iov_base = ret_val;
- resp_hdr[2].iov_len = sizeof(*ret_val);
-
- while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR)) ;
- if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
- return -1;
- }
-
- if (func != function || !data_size || data_size > MAX_DATA_BUF) {
- return -1;
- }
-
- data = malloc(data_size);
- if (!data) {
- return -1;
- }
-
- resp_data.iov_base = data;
- resp_data.iov_len = data_size;
-
- while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR)) ;
- if (count < 0 || (uint32_t) count != data_size ||
- data[data_size - 1] != '\0') {
- free(data);
- return -1;
- }
- *outdata = data;
- return 0;
-}
-
-static int raw_to_trans_context(char *raw, char **transp)
-{
- int ret;
- int32_t ret_val;
- int fd;
-
- *transp = NULL;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
-
- ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
- if (ret)
- goto out;
-
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-static int trans_to_raw_context(char *trans, char **rawp)
-{
- int ret;
- int32_t ret_val;
- int fd;
-
- *rawp = NULL;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
- ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
- if (ret)
- goto out;
-
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-hidden void fini_context_translations(void)
-{
- if (cache_trans) {
- free(prev_r2t_trans);
- free(prev_r2t_raw);
- free(prev_t2r_trans);
- free(prev_t2r_raw);
- }
-}
-
-hidden int init_context_translations(void)
-{
- int ret, fd;
- int32_t ret_val;
- char *out = NULL;
-
- mls_enabled = is_selinux_mls_enabled();
- if (!mls_enabled)
- return 0;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
-
- ret = send_request(fd, SETRANS_INIT, NULL, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, SETRANS_INIT, &out, &ret_val);
- free(out);
- if (!ret)
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-int selinux_trans_to_raw_context(security_context_t trans,
- security_context_t * rawp)
-{
- if (!trans) {
- *rawp = NULL;
- return 0;
- }
-
- if (!mls_enabled) {
- *rawp = strdup(trans);
- goto out;
- }
-
- if (cache_trans) {
- if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
- *rawp = strdup(prev_t2r_raw);
- } else {
- free(prev_t2r_trans);
- prev_t2r_trans = NULL;
- free(prev_t2r_raw);
- prev_t2r_raw = NULL;
- if (trans_to_raw_context(trans, rawp))
- *rawp = strdup(trans);
- if (*rawp) {
- prev_t2r_trans = strdup(trans);
- if (!prev_t2r_trans)
- goto out;
- prev_t2r_raw = strdup(*rawp);
- if (!prev_t2r_raw) {
- free(prev_t2r_trans);
- prev_t2r_trans = NULL;
- }
- }
- }
- } else if (trans_to_raw_context(trans, rawp))
- *rawp = strdup(trans);
- out:
- return *rawp ? 0 : -1;
-}
-
-hidden_def(selinux_trans_to_raw_context)
-
-int selinux_raw_to_trans_context(security_context_t raw,
- security_context_t * transp)
-{
- if (!raw) {
- *transp = NULL;
- return 0;
- }
-
- if (!mls_enabled) {
- *transp = strdup(raw);
- goto out;
- }
-
- if (cache_trans) {
- if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
- *transp = strdup(prev_r2t_trans);
- } else {
- free(prev_r2t_raw);
- prev_r2t_raw = NULL;
- free(prev_r2t_trans);
- prev_r2t_trans = NULL;
- if (raw_to_trans_context(raw, transp))
- *transp = strdup(raw);
- if (*transp) {
- prev_r2t_raw = strdup(raw);
- if (!prev_r2t_raw)
- goto out;
- prev_r2t_trans = strdup(*transp);
- if (!prev_r2t_trans) {
- free(prev_r2t_raw);
- prev_r2t_raw = NULL;
- }
- }
- }
- } else if (raw_to_trans_context(raw, transp))
- *transp = strdup(raw);
- out:
- return *transp ? 0 : -1;
-}
-
-hidden_def(selinux_raw_to_trans_context)
Copied: tags/libselinux_1_30_29/libselinux/src/setrans_client.c (from rev 2045, trunk/libselinux/src/setrans_client.c)
===================================================================
--- tags/libselinux_1_30_29/libselinux/src/setrans_client.c (rev 0)
+++ tags/libselinux_1_30_29/libselinux/src/setrans_client.c 2006-09-29 15:44:05 UTC (rev 2047)
@@ -0,0 +1,323 @@
+/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+#include <stdlib.h>
+#include <netdb.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "dso.h"
+#include "selinux_internal.h"
+#include "setrans_internal.h"
+
+static int mls_enabled = -1;
+
+// Simple cache
+static __thread security_context_t prev_t2r_trans = NULL;
+static __thread security_context_t prev_t2r_raw = NULL;
+static __thread security_context_t prev_r2t_trans = NULL;
+static __thread security_context_t prev_r2t_raw = NULL;
+
+int cache_trans hidden = 1;
+
+/*
+ * setransd_open
+ *
+ * This function opens a socket to the setransd.
+ * Returns: on success, a file descriptor ( >= 0 ) to the socket
+ * on error, a negative value
+ */
+static int setransd_open(void)
+{
+ struct sockaddr_un addr;
+ int fd;
+
+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ if (fd < 0) {
+ return -1;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, SETRANS_UNIX_SOCKET, sizeof(addr.sun_path));
+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
+ close(fd);
+ return -1;
+ }
+
+ return fd;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+send_request(int fd, uint32_t function, const char *data1, const char *data2)
+{
+ struct msghdr msgh;
+ struct iovec iov[5];
+ uint32_t data1_size;
+ uint32_t data2_size;
+ ssize_t count, expected;
+ unsigned int i;
+
+ if (fd < 0)
+ return -1;
+
+ if (!data1)
+ data1 = "";
+ if (!data2)
+ data2 = "";
+
+ data1_size = strlen(data1) + 1;
+ data2_size = strlen(data2) + 1;
+
+ iov[0].iov_base = &function;
+ iov[0].iov_len = sizeof(function);
+ iov[1].iov_base = &data1_size;
+ iov[1].iov_len = sizeof(data1_size);
+ iov[2].iov_base = &data2_size;
+ iov[2].iov_len = sizeof(data2_size);
+ iov[3].iov_base = (char *)data1;
+ iov[3].iov_len = data1_size;
+ iov[4].iov_base = (char *)data2;
+ iov[4].iov_len = data2_size;
+ memset(&msgh, 0, sizeof(msgh));
+ msgh.msg_iov = iov;
+ msgh.msg_iovlen = sizeof(iov) / sizeof(iov[0]);
+
+ expected = 0;
+ for (i = 0; i < sizeof(iov) / sizeof(iov[0]); i++)
+ expected += iov[i].iov_len;
+
+ while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0)
+ && (errno == EINTR)) ;
+ if (count < 0 || count != expected)
+ return -1;
+
+ return 0;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
+{
+ struct iovec resp_hdr[3];
+ uint32_t func;
+ uint32_t data_size;
+ char *data;
+ struct iovec resp_data;
+ ssize_t count;
+
+ if (fd < 0)
+ return -1;
+
+ resp_hdr[0].iov_base = &func;
+ resp_hdr[0].iov_len = sizeof(func);
+ resp_hdr[1].iov_base = &data_size;
+ resp_hdr[1].iov_len = sizeof(data_size);
+ resp_hdr[2].iov_base = ret_val;
+ resp_hdr[2].iov_len = sizeof(*ret_val);
+
+ while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR)) ;
+ if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
+ return -1;
+ }
+
+ if (func != function || !data_size || data_size > MAX_DATA_BUF) {
+ return -1;
+ }
+
+ data = malloc(data_size);
+ if (!data) {
+ return -1;
+ }
+
+ resp_data.iov_base = data;
+ resp_data.iov_len = data_size;
+
+ while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR)) ;
+ if (count < 0 || (uint32_t) count != data_size ||
+ data[data_size - 1] != '\0') {
+ free(data);
+ return -1;
+ }
+ *outdata = data;
+ return 0;
+}
+
+static int raw_to_trans_context(char *raw, char **transp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *transp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+
+ ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+static int trans_to_raw_context(char *trans, char **rawp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *rawp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+ ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden void fini_context_translations(void)
+{
+ if (cache_trans) {
+ free(prev_r2t_trans);
+ free(prev_r2t_raw);
+ free(prev_t2r_trans);
+ free(prev_t2r_raw);
+ }
+}
+
+hidden int init_context_translations(void)
+{
+ int ret, fd;
+ int32_t ret_val;
+ char *out = NULL;
+
+ mls_enabled = is_selinux_mls_enabled();
+ if (!mls_enabled)
+ return 0;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+
+ ret = send_request(fd, SETRANS_INIT, NULL, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, SETRANS_INIT, &out, &ret_val);
+ free(out);
+ if (!ret)
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+int selinux_trans_to_raw_context(security_context_t trans,
+ security_context_t * rawp)
+{
+ if (!trans) {
+ *rawp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *rawp = strdup(trans);
+ goto out;
+ }
+
+ if (cache_trans) {
+ if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
+ *rawp = strdup(prev_t2r_raw);
+ } else {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ free(prev_t2r_raw);
+ prev_t2r_raw = NULL;
+ if (trans_to_raw_context(trans, rawp))
+ *rawp = strdup(trans);
+ if (*rawp) {
+ prev_t2r_trans = strdup(trans);
+ if (!prev_t2r_trans)
+ goto out;
+ prev_t2r_raw = strdup(*rawp);
+ if (!prev_t2r_raw) {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ }
+ }
+ }
+ } else if (trans_to_raw_context(trans, rawp))
+ *rawp = strdup(trans);
+ out:
+ return *rawp ? 0 : -1;
+}
+
+hidden_def(selinux_trans_to_raw_context)
+
+int selinux_raw_to_trans_context(security_context_t raw,
+ security_context_t * transp)
+{
+ if (!raw) {
+ *transp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *transp = strdup(raw);
+ goto out;
+ }
+
+ if (cache_trans) {
+ if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
+ *transp = strdup(prev_r2t_trans);
+ } else {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ free(prev_r2t_trans);
+ prev_r2t_trans = NULL;
+ if (raw_to_trans_context(raw, transp))
+ *transp = strdup(raw);
+ if (*transp) {
+ prev_r2t_raw = strdup(raw);
+ if (!prev_r2t_raw)
+ goto out;
+ prev_r2t_trans = strdup(*transp);
+ if (!prev_r2t_trans) {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ }
+ }
+ }
+ } else if (raw_to_trans_context(raw, transp))
+ *transp = strdup(raw);
+ out:
+ return *transp ? 0 : -1;
+}
+
+hidden_def(selinux_raw_to_trans_context)
Copied: tags/libsemanage_1_6_17/libsemanage (from rev 2044, trunk/libsemanage)
Deleted: tags/libsemanage_1_6_17/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2006-09-29 15:33:28 UTC (rev 2044)
+++ tags/libsemanage_1_6_17/libsemanage/ChangeLog 2006-09-29 15:44:05 UTC (rev 2047)
@@ -1,526 +0,0 @@
- * Merged patch to skip reload if no active store exists and
- the store path doesn't match the active store path from Dan Walsh.
- * Merged patch to not destroy sepol handle on error path of
- connect from James Athey.
- * Merged patch to add genhomedircon path to semanage.conf from
- James Athey.
-
-1.6.16 2006-08-14
- * Make most copy errors fatal, but allow exceptions for
- file_contexts.local, seusers, and netfilter_contexts if
- the source file does not exist in the store.
-
-1.6.15 2006-08-11
- * Merged separate local file contexts patch from Chris PeBenito.
-
-1.6.14 2006-08-11
- * Merged patch to make most copy errors non-fatal from Dan Walsh.
-
-1.6.13 2006-08-03
- * Merged netfilter contexts support from Chris PeBenito.
-
-1.6.12 2006-07-11
- * Merged support for read operations on read-only fs from
- Caleb Case (Tresys Technology).
-
-1.6.11 2006-06-29
- * Lindent.
-
-1.6.10 2006-06-26
- * Merged setfiles location check patch from Dan Walsh.
-
-1.6.9 2006-06-16
- * Merged several fixes from Serge Hallyn:
- dbase_file_cache: deref of uninit data on error path.
- dbase_policydb_cache: clear fp to avoid double fclose
- semanage_fc_sort: destroy temp on error paths
-
-1.6.8 2006-06-02
- * Updated default location for setfiles to /sbin to
- match policycoreutils. This can also be adjusted via
- semanage.conf using the syntax:
- [setfiles]
- path = /path/to/setfiles
- args = -q -c $@ $<
- [end]
-
-1.6.7 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.6.6 2006-04-14
- * Merged updated file context sorting patch from Christopher
- Ashworth, with bug fix for escaped character flag.
-
-1.6.5 2006-04-13
- * Merged file context sorting code from Christopher Ashworth
- (Tresys Technology), based on fc_sort.c code in refpolicy.
-
-1.6.4 2006-04-12
- * Merged python binding t_output_helper removal patch from Dan Walsh.
- * Regenerated swig files.
-
-1.6.3 2006-03-30
- * Merged corrected fix for descriptor leak from Dan Walsh.
-
-1.6.2 2006-03-20
- * Merged Makefile PYLIBVER definition patch from Dan Walsh.
-
-1.6.1 2006-03-20
- * Merged man page reorganization from Ivan Gyurdiev.
-
-1.6 2006-03-14
- * Updated version for release.
-
-1.5.31 2006-03-09
- * Merged abort early on merge errors patch from Ivan Gyurdiev.
-
-1.5.30 2006-03-08
- * Cleaned up error handling in semanage_split_fc based on a patch
- by Serge Hallyn (IBM) and suggestions by Ivan Gyurdiev.
-
-1.5.29 2006-02-21
- * Merged MLS handling fixes from Ivan Gyurdiev.
-
-1.5.28 2006-02-16
- * Merged bug fix for fcontext validate handler from Ivan Gyurdiev.
-
-1.5.27 2006-02-16
- * Merged base_merge_components changes from Ivan Gyurdiev.
-
-1.5.26 2006-02-15
- * Merged paths array patch from Ivan Gyurdiev.
- * Merg...
[truncated message content] |
|
From: <ssm...@us...> - 2006-09-29 15:37:52
|
Revision: 2046
http://svn.sourceforge.net/selinux/?rev=2046&view=rev
Author: ssmalley
Date: 2006-09-29 08:37:44 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Bump versions
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
trunk/libsemanage/ChangeLog
trunk/libsemanage/VERSION
trunk/policycoreutils/ChangeLog
trunk/policycoreutils/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/libselinux/ChangeLog 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1,3 +1,4 @@
+1.30.29 2006-09-29
* Merged av_permissions.h update from Steve Grubb,
adding setsockcreate and polmatch definitions.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/libselinux/VERSION 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1 +1 @@
-1.30.28
+1.30.29
Modified: trunk/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/libsemanage/ChangeLog 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1,3 +1,4 @@
+1.6.17 2006-09-29
* Merged patch to skip reload if no active store exists and
the store path doesn't match the active store path from Dan Walsh.
* Merged patch to not destroy sepol handle on error path of
Modified: trunk/libsemanage/VERSION
===================================================================
--- trunk/libsemanage/VERSION 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/libsemanage/VERSION 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1 +1 @@
-1.6.16
+1.6.17
Modified: trunk/policycoreutils/ChangeLog
===================================================================
--- trunk/policycoreutils/ChangeLog 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/policycoreutils/ChangeLog 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1,3 +1,4 @@
+1.30.30 2006-09-29
* Merged newrole auditing of failures due to user actions from
Michael Thompson.
Modified: trunk/policycoreutils/VERSION
===================================================================
--- trunk/policycoreutils/VERSION 2006-09-29 15:34:57 UTC (rev 2045)
+++ trunk/policycoreutils/VERSION 2006-09-29 15:37:44 UTC (rev 2046)
@@ -1 +1 @@
-1.30.29
+1.30.30
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 15:35:01
|
Revision: 2045
http://svn.sourceforge.net/selinux/?rev=2045&view=rev
Author: ssmalley
Date: 2006-09-29 08:34:57 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
make indent
Modified Paths:
--------------
trunk/libselinux/src/setrans_client.c
trunk/policycoreutils/newrole/newrole.c
Modified: trunk/libselinux/src/setrans_client.c
===================================================================
--- trunk/libselinux/src/setrans_client.c 2006-09-29 15:33:28 UTC (rev 2044)
+++ trunk/libselinux/src/setrans_client.c 2006-09-29 15:34:57 UTC (rev 2045)
@@ -88,13 +88,14 @@
iov[4].iov_len = data2_size;
memset(&msgh, 0, sizeof(msgh));
msgh.msg_iov = iov;
- msgh.msg_iovlen = sizeof(iov)/sizeof(iov[0]);
+ msgh.msg_iovlen = sizeof(iov) / sizeof(iov[0]);
expected = 0;
- for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++)
+ for (i = 0; i < sizeof(iov) / sizeof(iov[0]); i++)
expected += iov[i].iov_len;
- while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0) && (errno == EINTR)) ;
+ while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0)
+ && (errno == EINTR)) ;
if (count < 0 || count != expected)
return -1;
Modified: trunk/policycoreutils/newrole/newrole.c
===================================================================
--- trunk/policycoreutils/newrole/newrole.c 2006-09-29 15:33:28 UTC (rev 2044)
+++ trunk/policycoreutils/newrole/newrole.c 2006-09-29 15:34:57 UTC (rev 2045)
@@ -411,31 +411,33 @@
return -1;
}
if (asprintf(&msg, "newrole: old-context=%s new-context=%s",
- old_context ? old_context : "?",
- new_context ? new_context : "?") < 0) {
+ old_context ? old_context : "?",
+ new_context ? new_context : "?") < 0) {
fprintf(stderr, _("Error allocating memory.\n"));
rc = -1;
goto out;
}
rc = audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE,
- msg, NULL, NULL, ttyn, success);
+ msg, NULL, NULL, ttyn, success);
if (rc <= 0) {
fprintf(stderr, _("Error sending audit message.\n"));
rc = -1;
goto out;
}
rc = 0;
-out:
+ out:
free(msg);
close(audit_fd);
return rc;
}
#else
static inline
-int send_audit_message(int success __attribute__((unused)),
- security_context_t old_context __attribute__((unused)),
- security_context_t new_context __attribute__((unused)),
- const char *ttyn __attribute__((unused)))
+ int send_audit_message(int success __attribute__ ((unused)),
+ security_context_t old_context
+ __attribute__ ((unused)),
+ security_context_t new_context
+ __attribute__ ((unused)), const char *ttyn
+ __attribute__ ((unused)))
{
return 0;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 15:33:35
|
Revision: 2044
http://svn.sourceforge.net/selinux/?rev=2044&view=rev
Author: ssmalley
Date: 2006-09-29 08:33:28 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: libsemanage patch to handle installation problem
Date: Fri, 29 Sep 2006 10:43:34 -0400
During install if selinux-policy-mls or selinux-policy-strict get
installed before targeted, libsemanage will
try to load those policies when it should not.
Dan
Modified Paths:
--------------
trunk/libsemanage/ChangeLog
trunk/libsemanage/src/semanage_store.c
Modified: trunk/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2006-09-29 15:27:26 UTC (rev 2043)
+++ trunk/libsemanage/ChangeLog 2006-09-29 15:33:28 UTC (rev 2044)
@@ -1,3 +1,5 @@
+ * Merged patch to skip reload if no active store exists and
+ the store path doesn't match the active store path from Dan Walsh.
* Merged patch to not destroy sepol handle on error path of
connect from James Athey.
* Merged patch to add genhomedircon path to semanage.conf from
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2006-09-29 15:27:26 UTC (rev 2043)
+++ trunk/libsemanage/src/semanage_store.c 2006-09-29 15:33:28 UTC (rev 2044)
@@ -1110,7 +1110,9 @@
/* They are not the same store */
goto skip_reload;
}
- }
+ } else if (errno == ENOENT &&
+ strcmp(really_active_store, storepath) != 0)
+ goto skip_reload;
if (semanage_reload_policy(sh)) {
goto cleanup;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 15:27:31
|
Revision: 2043
http://svn.sourceforge.net/selinux/?rev=2043&view=rev
Author: ssmalley
Date: 2006-09-29 08:27:26 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Author: Michael C Thompson
Email: tho...@us...
Subject: -v3 newrole auditing of failures due to user actions
Date: Thu, 28 Sep 2006 16:50:26 -0500
This patch introduces two new point in the code where audit records are
generated for newrole. Both points are when the attempt to newrole fails.
The first point is when the default type could not be determine for the
specified role - this is audited because, as sgrubb pointed out, it is
currently non-tracked path to probe the policy.
The second point is when the desired context to change to is invalid.
There record format remains unchanged. Failing to validate the desired
context will result in the old and new contexts being recorded intact to
the log. For the default type, the old and new contexts have not yet
been obtained, so they are recorded in the log as XXX_context=?
Changes since version 2 of the patch:
* Added __attribute__((unused)) to "no-op" inline
Changes since version 1 of the patch:
* removed wrapping #ifdefs around send_audit_message()
* provided a "no-op" style function
* removed -D_GNU_SOURCE from the Makefile (as its defined in the code)
* fixed the error path of the send_audit_message function
The solution that I have for the "no-op" function is not that pretty,
but the Makefile is configured with -Werror and a function which doesn't
use its parameters causes warnings. Is there a better solution to this
problem?
Signed-off-by: Michael Thompson <tho...@us...>
Modified Paths:
--------------
trunk/policycoreutils/ChangeLog
trunk/policycoreutils/newrole/Makefile
trunk/policycoreutils/newrole/newrole.c
Modified: trunk/policycoreutils/ChangeLog
===================================================================
--- trunk/policycoreutils/ChangeLog 2006-09-29 15:00:58 UTC (rev 2042)
+++ trunk/policycoreutils/ChangeLog 2006-09-29 15:27:26 UTC (rev 2043)
@@ -1,3 +1,6 @@
+ * Merged newrole auditing of failures due to user actions from
+ Michael Thompson.
+
1.30.29 2006-09-13
* Man page corrections from Dan Walsh
* Change all python invocations to /usr/bin/python -E
Modified: trunk/policycoreutils/newrole/Makefile
===================================================================
--- trunk/policycoreutils/newrole/Makefile 2006-09-29 15:00:58 UTC (rev 2042)
+++ trunk/policycoreutils/newrole/Makefile 2006-09-29 15:27:26 UTC (rev 2043)
@@ -27,7 +27,7 @@
LDLIBS += -laudit
endif
ifeq (${LOG_AUDIT_PRIV},y)
- override CFLAGS += -DLOG_AUDIT_PRIV -D_GNU_SOURCE
+ override CFLAGS += -DLOG_AUDIT_PRIV
LDLIBS += -lcap
MODE := 4555
else
Modified: trunk/policycoreutils/newrole/newrole.c
===================================================================
--- trunk/policycoreutils/newrole/newrole.c 2006-09-29 15:00:58 UTC (rev 2042)
+++ trunk/policycoreutils/newrole/newrole.c 2006-09-29 15:27:26 UTC (rev 2043)
@@ -396,6 +396,51 @@
}
#endif
+#ifdef LOG_AUDIT_PRIV
+/* Send audit message */
+static
+int send_audit_message(int success, security_context_t old_context,
+ security_context_t new_context, const char *ttyn)
+{
+ char *msg = NULL;
+ int rc;
+ int audit_fd = audit_open();
+
+ if (audit_fd < 0) {
+ fprintf(stderr, _("Error connecting to audit system.\n"));
+ return -1;
+ }
+ if (asprintf(&msg, "newrole: old-context=%s new-context=%s",
+ old_context ? old_context : "?",
+ new_context ? new_context : "?") < 0) {
+ fprintf(stderr, _("Error allocating memory.\n"));
+ rc = -1;
+ goto out;
+ }
+ rc = audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE,
+ msg, NULL, NULL, ttyn, success);
+ if (rc <= 0) {
+ fprintf(stderr, _("Error sending audit message.\n"));
+ rc = -1;
+ goto out;
+ }
+ rc = 0;
+out:
+ free(msg);
+ close(audit_fd);
+ return rc;
+}
+#else
+static inline
+int send_audit_message(int success __attribute__((unused)),
+ security_context_t old_context __attribute__((unused)),
+ security_context_t new_context __attribute__((unused)),
+ const char *ttyn __attribute__((unused)))
+{
+ return 0;
+}
+#endif
+
/************************************************************************
*
* All code used for both PAM and shadow passwd goes in this section.
@@ -536,6 +581,7 @@
if (role_s && !type_s) {
if (get_default_type(role_s, &type_s)) {
fprintf(stderr, _("Couldn't get default type.\n"));
+ send_audit_message(0, old_context, new_context, ttyn);
exit(-1);
}
#ifdef CANTSPELLGDB
@@ -715,6 +761,7 @@
if (security_check_context(new_context) < 0) {
fprintf(stderr, _("%s is not a valid context\n"), new_context);
+ send_audit_message(0, old_context, new_context, ttyn);
exit(-1);
}
@@ -873,32 +920,8 @@
new_context);
exit(-1);
}
-#ifdef LOG_AUDIT_PRIV
- /* Send audit message */
- {
- char *msg;
- int rc;
- int audit_fd = audit_open();
- if (audit_fd < 0) {
- fprintf(stderr,
- _("Error connecting to audit system.\n"));
- exit(-1);
- }
- if (asprintf(&msg, "newrole: old-context=%s new-context=%s",
- old_context, new_context) < 0) {
- fprintf(stderr, _("Error allocating memory.\n"));
- exit(-1);
- }
- rc = audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE,
- msg, NULL, NULL, ttyn, 1);
- if (rc <= 0) {
- fprintf(stderr, _("Error sending audit message.\n"));
- exit(-1);
- }
- free(msg);
- close(audit_fd);
- }
-#endif
+ if (send_audit_message(1, old_context, new_context, ttyn))
+ exit(-1);
freecon(old_context);
execv(pw->pw_shell, argv + optind - 1);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 15:01:05
|
Revision: 2042
http://svn.sourceforge.net/selinux/?rev=2042&view=rev
Author: ssmalley
Date: 2006-09-29 08:00:58 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Author: "James Athey"
Email: ja...@tr...
Subject: libsemanage: add genhomedircon path to semanage.conf parsing
Date: Thu, 28 Sep 2006 17:31:46 -0400
This patch adds the ability to specify a path to genhomedircon in semanage.conf, similar to specifying a path to setfiles or load_policy. For example:
[genhomedircon]
path = /usr/local/sbin/genhomedircon_modified
args = -t $@
[end]
Modified Paths:
--------------
trunk/libsemanage/ChangeLog
trunk/libsemanage/src/direct_api.c
Modified: trunk/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2006-09-29 14:59:14 UTC (rev 2041)
+++ trunk/libsemanage/ChangeLog 2006-09-29 15:00:58 UTC (rev 2042)
@@ -1,3 +1,5 @@
+ * Merged patch to not destroy sepol handle on error path of
+ connect from James Athey.
* Merged patch to add genhomedircon path to semanage.conf from
James Athey.
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2006-09-29 14:59:14 UTC (rev 2041)
+++ trunk/libsemanage/src/direct_api.c 2006-09-29 15:00:58 UTC (rev 2042)
@@ -218,7 +218,6 @@
err:
ERR(sh, "could not establish direct connection");
- sepol_handle_destroy(sh->sepolh);
return STATUS_ERR;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 14:59:20
|
Revision: 2041
http://svn.sourceforge.net/selinux/?rev=2041&view=rev
Author: ssmalley
Date: 2006-09-29 07:59:14 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Author: "James Athey"
Email: ja...@tr...
Subject: libsemanage: add genhomedircon path to semanage.conf parsing
Date: Thu, 28 Sep 2006 17:31:46 -0400
This patch adds the ability to specify a path to genhomedircon in semanage.conf, similar to specifying a path to setfiles or load_policy. For example:
[genhomedircon]
path = /usr/local/sbin/genhomedircon_modified
args = -t $@
[end]
Modified Paths:
--------------
trunk/libsemanage/ChangeLog
trunk/libsemanage/src/conf-parse.y
trunk/libsemanage/src/conf-scan.l
Modified: trunk/libsemanage/ChangeLog
===================================================================
--- trunk/libsemanage/ChangeLog 2006-09-29 14:54:01 UTC (rev 2040)
+++ trunk/libsemanage/ChangeLog 2006-09-29 14:59:14 UTC (rev 2041)
@@ -1,3 +1,6 @@
+ * Merged patch to add genhomedircon path to semanage.conf from
+ James Athey.
+
1.6.16 2006-08-14
* Make most copy errors fatal, but allow exceptions for
file_contexts.local, seusers, and netfilter_contexts if
Modified: trunk/libsemanage/src/conf-parse.y
===================================================================
--- trunk/libsemanage/src/conf-parse.y 2006-09-29 14:54:01 UTC (rev 2040)
+++ trunk/libsemanage/src/conf-parse.y 2006-09-29 14:59:14 UTC (rev 2041)
@@ -1,6 +1,7 @@
-/* Author: Jason Tang <jt...@tr...>
+/* Authors: Jason Tang <jt...@tr...>
+ * James Athey <ja...@tr...>
*
- * Copyright (C) 2004-2005 Tresys Technology, LLC
+ * Copyright (C) 2004-2006 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -56,7 +57,7 @@
}
%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
-%token LOAD_POLICY_START SETFILES_START
+%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
%token PROG_PATH PROG_ARGS
%token <s> ARG
@@ -137,6 +138,14 @@
YYABORT;
}
}
+ | GENHOMEDIRCON_START {
+ semanage_conf_external_prog_destroy(current_conf->genhomedircon);
+ current_conf->genhomedircon = NULL;
+ if (new_external_prog(¤t_conf->genhomedircon) == -1) {
+ parse_errors++;
+ YYABORT;
+ }
+ }
;
verify_block: verify_start external_opts BLOCK_END {
Modified: trunk/libsemanage/src/conf-scan.l
===================================================================
--- trunk/libsemanage/src/conf-scan.l 2006-09-29 14:54:01 UTC (rev 2040)
+++ trunk/libsemanage/src/conf-scan.l 2006-09-29 14:59:14 UTC (rev 2041)
@@ -1,6 +1,7 @@
-/* Author: Jason Tang <jt...@tr...>
+/* Authors: Jason Tang <jt...@tr...>
+ * James Athey <ja...@tr...>
*
- * Copyright (C) 2004-2005 Tresys Technology, LLC
+ * Copyright (C) 2004-2006 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -43,6 +44,7 @@
file-mode return FILE_MODE;
"[load_policy]" return LOAD_POLICY_START;
"[setfiles]" return SETFILES_START;
+"[genhomedircon]" return GENHOMEDIRCON_START;
"[verify module]" return VERIFY_MOD_START;
"[verify linked]" return VERIFY_LINKED_START;
"[verify kernel]" return VERIFY_KERNEL_START;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2006-09-29 14:54:10
|
Revision: 2040
http://svn.sourceforge.net/selinux/?rev=2040&view=rev
Author: ssmalley
Date: 2006-09-29 07:54:01 -0700 (Fri, 29 Sep 2006)
Log Message:
-----------
Author: Steve Grubb
Email: sg...@re...
Subject: updated racoon patch
Date: Mon, 25 Sep 2006 09:47:52 -0400
On Monday 25 September 2006 08:43, Steve Grubb wrote:
> This doesn't build. Where does the POLMATCH define come from? I can't find
> it anywhere.
Found that libselinux-devel and 2.6.18 kernel are not in sync. Please apply
this patch:
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/include/selinux/av_permissions.h
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-28 18:28:44 UTC (rev 2039)
+++ trunk/libselinux/ChangeLog 2006-09-29 14:54:01 UTC (rev 2040)
@@ -1,3 +1,6 @@
+ * Merged av_permissions.h update from Steve Grubb,
+ adding setsockcreate and polmatch definitions.
+
1.30.28 2006-09-13
* Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
* Merged c++ class identifier fix from Joe Nall.
Modified: trunk/libselinux/include/selinux/av_permissions.h
===================================================================
--- trunk/libselinux/include/selinux/av_permissions.h 2006-09-28 18:28:44 UTC (rev 2039)
+++ trunk/libselinux/include/selinux/av_permissions.h 2006-09-29 14:54:01 UTC (rev 2040)
@@ -468,6 +468,7 @@
#define PROCESS__EXECSTACK 0x04000000UL
#define PROCESS__EXECHEAP 0x08000000UL
#define PROCESS__SETKEYCREATE 0x10000000UL
+#define PROCESS__SETSOCKCREATE 0x20000000UL
#define IPC__CREATE 0x00000001UL
#define IPC__DESTROY 0x00000002UL
@@ -910,6 +911,7 @@
#define ASSOCIATION__SENDTO 0x00000001UL
#define ASSOCIATION__RECVFROM 0x00000002UL
#define ASSOCIATION__SETCONTEXT 0x00000004UL
+#define ASSOCIATION__POLMATCH 0x00000008UL
#define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL
#define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-28 18:29:13
|
Revision: 2039
http://svn.sourceforge.net/selinux/?rev=2039&view=rev
Author: madmethod
Date: 2006-09-28 11:28:44 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
tag for libsepol 1.12.28
Added Paths:
-----------
tags/libsepol_1_12_28/
tags/libsepol_1_12_28/libsepol/
tags/libsepol_1_12_28/libsepol/ChangeLog
tags/libsepol_1_12_28/libsepol/VERSION
tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h
tags/libsepol_1_12_28/libsepol/src/Makefile
tags/libsepol_1_12_28/libsepol/src/expand.c
tags/libsepol_1_12_28/libsepol/src/link.c
tags/libsepol_1_12_28/libsepol/src/policydb.c
Removed Paths:
-------------
tags/libsepol_1_12_28/libsepol/ChangeLog
tags/libsepol_1_12_28/libsepol/VERSION
tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h
tags/libsepol_1_12_28/libsepol/src/Makefile
tags/libsepol_1_12_28/libsepol/src/expand.c
tags/libsepol_1_12_28/libsepol/src/link.c
tags/libsepol_1_12_28/libsepol/src/policydb.c
Copied: tags/libsepol_1_12_28/libsepol (from rev 2032, trunk/libsepol)
Deleted: tags/libsepol_1_12_28/libsepol/ChangeLog
===================================================================
--- trunk/libsepol/ChangeLog 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_28/libsepol/ChangeLog 2006-09-28 18:28:44 UTC (rev 2039)
@@ -1,566 +0,0 @@
-1.12.26 2006-09-05
- * Merged range transition enhancements and user format changes
- Darrel Goeddel
-
-1.12.25 2006-08-24
- * Merged conditionally expand neverallows patch from Jeremy Mowery.
- * Merged refactor expander patch from Jeremy Mowery.
-
-1.12.24 2006-08-03
- * Merged libsepol unit tests from Joshua Brindle.
-
-1.12.23 2006-08-03
- * Merged symtab datum patch from Karl MacMillan.
-
-1.12.22 2006-08-03
- * Merged netfilter contexts support from Chris PeBenito.
-
-1.12.21 2006-07-28
- * Merged helpful hierarchy check errors patch from Joshua Brindle.
-
-1.12.20 2006-07-25
- * Merged semodule_deps patch from Karl MacMillan.
- This adds source module names to the avrule decls.
-
-1.12.19 2006-06-29
- * Lindent.
-
-1.12.18 2006-06-26
- * Merged optionals in base take 2 patch set from Joshua Brindle.
-
-1.12.17 2006-05-30
- * Revert 1.12.16.
-
-1.12.16 2006-05-30
- * Merged cleaner fix for bool_ids overflow from Karl MacMillan,
- replacing the prior patch.
-
-1.12.15 2006-05-30
- * Merged fixes for several memory leaks in the error paths during
- policy read from Serge Hallyn.
-
-1.12.14 2006-05-25
- * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list,
- based on bug report and suggested fix by Cedric Roux.
-
-1.12.13 2006-05-24
- * Merged sens_copy_callback, check_role_hierarchy_callback,
- and node_from_record fixes from Serge Hallyn.
-
-1.12.12 2006-05-22
- * Added sepol_policydb_compat_net() interface for testing whether
- a policy requires the compatibility support for network checks
- to be enabled in the kernel.
-
-1.12.11 2006-05-17
- * Merged patch to initialize sym_val_to_name arrays from Kevin Carr.
- Reworked to use calloc in the first place, and converted some other
- malloc/memset pairs to calloc calls.
-
-1.12.10 2006-05-08
- * Merged patch to revert role/user decl upgrade from Karl MacMillan.
-
-1.12.9 2006-05-08
- * Dropped tests from all Makefile target.
-
-1.12.8 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.12.7 2006-05-05
- * Merged libsepol test framework patch from Karl MacMillan.
-
-1.12.6 2006-04-28
- * Fixed cond_normalize to traverse the entire cond list at link time.
-
-1.12.5 2006-04-03
- * Merged fix for leak of optional package sections from Ivan Gyurdiev.
-
-1.12.4 2006-03-29
- * Generalize test for bitmap overflow in ebitmap_set_bit.
-
-1.12.3 2006-03-27
- * Fixed attr_convert_callback and expand_convert_type_set
- typemap bug.
-
-1.12.2 2006-03-24
- * Fixed avrule_block_write num_decls endian bug.
-
-1.12.1 2006-03-20
- * Fixed sepol_module_package_write buffer overflow bug.
-
-1.12 2006-03-14
- * Updated version for release.
-
-1.11.20 2006-03-08
- * Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
- * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
-
-1.11.19 2006-02-21
- * Merged sepol_policydb_mls_enabled interface and error handling
- changes from Ivan Gyurdiev.
-
-1.11.18 2006-02-16
- * Merged node_expand_addr bugfix and node_compare* change from
- Ivan Gyurdiev.
-
-1.11.17 2006-02-15
- * Merged nodes, ports: always prepend patch from Ivan Gyurdiev.
- * Merged bug fix patch from Ivan Gyurdiev.
-
-1.11.16 2006-02-14
- * Added a defined flag to level_datum_t for use by checkpolicy.
-
-1.11.15 2006-02-14
- * Merged nodecon support patch from Ivan Gyurdiev.
- * Merged cleanups patch from Ivan Gyurdiev.
-
-1.11.14 2006-02-13
- * Merged optionals in base patch from Joshua Brindle.
-
-1.11.13 2006-02-07
- * Merged seuser/user_extra support patch from Joshua Brindle.
- * Merged fix patch from Ivan Gyurdiev.
-
-1.11.12 2006-02-02
- * Merged clone record on set_con patch from Ivan Gyurdiev.
-
-1.11.11 2006-02-01
- * Merged assertion copying bugfix from Joshua Brindle.
- * Merged sepol_av_to_string patch from Joshua Brindle.
-
-1.11.10 2006-01-30
- * Merged cond_expr mapping and package section count bug fixes
- from Joshua Brindle.
- * Merged improve port/fcontext API patch from Ivan Gyurdiev.
- * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
-
-1.11.9 2006-01-12
- * Merged size_t -> unsigned int patch from Ivan Gyurdiev.
-
-1.11.8 2006-01-09
- * Merged 2nd const in APIs patch from Ivan Gyurdiev.
-
-1.11.7 2006-01-06
- * Merged const in APIs patch from Ivan Gyurdiev.
- * Merged compare2 function patch from Ivan Gyurdiev.
-
-1.11.6 2006-01-06
- * Fixed hierarchy checker to only check allow rules.
-
-1.11.5 2006-01-05
- * Merged further fixes from Russell Coker, specifically:
- - av_to_string overflow checking
- - sepol_context_to_string error handling
- - hierarchy checking memory leak fixes and optimizations
- - avrule_block_read variable initialization
- * Marked deprecated code in genbools and genusers.
-
-1.11.4 2006-01-05
- * Merged bugfix for sepol_port_modify from Russell Coker.
-
-1.11.3 2006-01-05
- * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
- * Merged port ordering patch from Ivan Gyurdiev.
-
-1.11.2 2006-01-04
- * Merged patch series from Ivan Gyurdiev.
- This includes patches to:
- - support ordering of records in compare function
- - enable port interfaces
- - add interfaces for context validity and range checks
- - add include guards
-
-1.11.1 2005-12-16
- * Fixed mls_range_cpy bug.
-
-1.10 2005-12-07
- * Updated version for release.
-
-1.9.42 2005-12-05
- * Dropped handle from user_del_role interface.
-
-1.9.41 2005-11-28
- * Merged remove defrole from sepol patch from Ivan Gyurdiev.
-
-1.9.40 2005-11-15
- * Merged module function and map file cleanup from Ivan Gyurdiev.
- * Merged MLS and genusers cleanups from Ivan Gyurdiev.
-
-1.9.39 2005-11-09
- Prepare for removal of booleans* and *.users files.
- * Cleaned up sepol_genbools to not regenerate the image if
- there were no changes in the boolean values, including the
- degenerate case where there are no booleans or booleans.local
- files.
- * Cleaned up sepol_genusers to not warn on missing local.users.
-
-1.9.38 2005-11-08
- * Removed sepol_port_* from libsepol.map, as the port interfaces
- are not yet stable.
-
-1.9.37 2005-11-04
- * Merged context destroy cleanup patch from Ivan Gyurdiev.
-
-1.9.36 2005-11-03
- * Merged context_to_string interface change patch from Ivan Gyurdiev.
-
-1.9.35 2005-11-01
- * Added src/dso.h and src/*_internal.h.
- Added hidden_def for exported symbols used within libsepol.
- Added hidden for symbols that should not be exported by
- the wildcards in libsepol.map.
-
-1.9.34 2005-10-31
- * Merged record interface, record bugfix, and set_roles patches
- from Ivan Gyurdiev.
-
-1.9.33 2005-10-27
- * Merged count specification change from Ivan Gyurdiev.
-
-1.9.32 2005-10-26
- * Added further checking and error reporting to
- sepol_module_package_read and _info.
-
-1.9.31 2005-10-26
- * Merged sepol handle passing, DEBUG conversion, and memory leak
- fix patches from Ivan Gyurdiev.
-
-1.9.30 2005-10-25
- * Removed processing of system.users from sepol_genusers and
- dropped delusers logic.
-
-1.9.29 2005-10-25
- * Removed policydb_destroy from error path of policydb_read,
- since create/init/destroy/free of policydb is handled by the
- caller now.
- * Fixed sepol_module_package_read to handle a failed policydb_read
- properly.
-
-1.9.28 2005-10-25
- * Merged query/exists and count patches from Ivan Gyurdiev.
-
-1.9.27 2005-10-25
- * Merged fix for pruned types in expand code from Joshua Brindle.
- * Merged new module package format code from Joshua Brindle.
-
-1.9.26 2005-10-24
- * Merged context interface cleanup, record conversion code,
- key passing, and bug fix patches from Ivan Gyurdiev.
-
-1.9.25 2005-10-21
- * Merged users cleanup patch from Ivan Gyurdiev.
-
-1.9.24 2005-10-21
- * Merged user record memory leak fix from Ivan Gyurdiev.
- * Merged reorganize users patch from Ivan Gyurdiev.
-
-1.9.23 2005-10-19
- * Added check flag to expand_module() to control assertion
- and hierarchy checking on expansion.
-
-1.9.22 2005-10-19
- * Reworked check_assertions() and hierarchy_check_constraints()
- to take handles and use callback-based error reporting.
- * Changed expand_module() to call check_assertions() and
- hierarchy_check_constraints() prior to returning the expanded
- policy.
-
-1.9.21 2005-10-18
- * Changed sepol_module_package_set_file_contexts to copy the
- file contexts data since it is internally managed.
-
-1.9.20 2005-10-18
- * Added sepol_policy_file_set_handle interface to associate
- a handle with a policy file.
- * Added handle argument to policydb_from_image/to_image.
- * Added sepol_module_package_set_file_contexts interface.
- * Dropped sepol_module_package_create_file interface.
- * Reworked policydb_read/write, policydb_from_image/to_image,
- and sepol_module_package_read/write to use callback-based error
- reporting system rather than DEBUG.
-
-1.9.19 2005-10-17
- * Reworked link_packages, link_modules, and expand_module to use
- callback-based error reporting system rather than error buffering.
-
-1.9.18 2005-10-14
- * Merged conditional expression mapping fix in the module linking
- code from Joshua Brindle.
-
-1.9.17 2005-10-13
- * Hid sepol_module_package type definition, and added get interfaces.
-
-1.9.16 2005-10-13
- * Merged new callback-based error reporting system from Ivan
- Gyurdiev.
-
-1.9.15 2005-10-13
- * Merged support for require blocks inside conditionals from
- Joshua Brindle (Tresys).
-
-1.9.14 2005-10-07
- * Fixed use of policydb_from_image/to_image to ensure proper
- init of policydb.
-
-1.9.13 2005-10-07
- * Isolated policydb internal headers under <sepol/policydb/*.h>.
- These headers should only be used by users of the static libsepol.
- Created new <sepol/policydb.h> with new public types and interfaces
- for shared libsepol.
- Created new <sepol/module.h> with public types and interfaces moved
- or wrapped from old module.h, link.h, and expand.h, adjusted for
- new public types for policydb and policy_file.
- Added public interfaces to libsepol.map.
- Some implementation changes visible to users of the static libsepol:
- 1) policydb_read no longer calls policydb_init.
- Caller must do so first.
- 2) policydb_init no longer takes policy_type argument.
- Caller must set policy_type separately.
- 3) expand_module automatically enables the global branch.
- Caller no longer needs to do so.
- 4) policydb_write uses the policy_type and policyvers from the
- policydb itself, and sepol_set_policyvers() has been removed.
-
-1.9.12 2005-10-06
- * Merged function renaming and static cleanup from Ivan Gyurdiev.
-
-1.9.11 2005-10-05
- * Merged bug fix for check_assertions handling of no assertions
- from Joshua Brindle (Tresys).
-
-1.9.10 2005-10-04
- * Merged iterate patch from Ivan Gyurdiev.
-
-1.9.9 2005-10-03
- * Merged MLS in modules patch from Joshua Brindle (Tresys).
-
-1.9.8 2005-09-30
- * Merged pointer typedef elimination patch from Ivan Gyurdiev.
- * Merged user list function, new mls functions, and bugfix patch
- from Ivan Gyurdiev.
-
-1.9.7 2005-09-28
- * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
-
-1.9.6 2005-09-23
- * Merged bug fix patches from Joshua Brindle (Tresys).
-
-1.9.5 2005-09-21
- * Merged boolean record and memory leak fix patches from Ivan
- Gyurdiev.
-
-1.9.4 2005-09-19
- * Merged interface record patch from Ivan Gyurdiev.
-
-1.9.3 2005-09-14
- * Merged fix for sepol_enable/disable_debug from Ivan
- Gyurdiev.
-
-1.9.2 2005-09-14
- * Merged stddef.h patch and debug conversion patch from
- Ivan Gyurdiev.
-
-1.9.1 2005-09-09
- * Fixed expand_avtab and expand_cond_av_list to keep separate
- entries with identical keys but different enabled flags.
-
-1.8 2005-09-06
- * Updated version for release.
-
-1.7.24 2005-08-31
- * Fixed symtab_insert return value for duplicate declarations.
-
-1.7.23 2005-08-31
- * Merged fix for memory error in policy_module_destroy from
- Jason Tang (Tresys).
-
-1.7.22 2005-08-26
- * Merged fix for memory leak in sepol_context_to_sid from
- Jason Tang (Tresys).
-
-1.7.21 2005-08-25
- * Merged fixes for resource leaks on error paths and
- change to scope_destroy from Joshua Brindle (Tresys).
-
-1.7.20 2005-08-23
- * Merged more fixes for resource leaks on error paths
- from Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.7.19 2005-08-19
- * Changed to treat all type conflicts as fatal errors.
-
-1.7.18 2005-08-18
- * Merged several error handling fixes from
- Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.7.17 2005-08-15
- * Fixed further memory leaks found by valgrind.
-
-1.7.16 2005-08-15
- * Fixed several memory leaks found by valgrind.
-
-1.7.15 2005-08-12
- * Fixed empty list test in cond_write_av_list. Bug found by
- Coverity, reported by Serge Hallyn (IBM).
- * Merged patch to policydb_write to check errors
- when writing the type->attribute reverse map from
- Serge Hallyn (IBM). Bug found by Coverity.
- * Fixed policydb_destroy to properly handle NULL type_attr_map
- or attr_type_map.
-
-1.7.14 2005-08-12
- * Fixed use of uninitialized data by expand_avtab_node by
- clearing type_val_to_struct in policydb_index_others.
-
-1.7.13 2005-08-11
- * Improved memory use by SELinux by both reducing the avtab
- node size and reducing the number of avtab nodes (by not
- expanding attributes in TE rules when possible). Added
- expand_avtab and expand_cond_av_list functions for use by
- assertion checker, hierarchy checker, compatibility code,
- and dispol. Added new inline ebitmap operators and converted
- existing users of ebitmaps to the new operators for greater
- efficiency.
- Note: The binary policy format version has been incremented to
- version 20 as a result of these changes.
-
-1.7.12 2005-08-10
- * Fixed bug in constraint_node_clone handling of name sets.
-
-1.7.11 2005-08-08
- * Fix range_trans_clone to map the type values properly.
-
-1.7.10 2005-08-02
- * Merged patch to move module read/write code from libsemanage
- to libsepol from Jason Tang (Tresys).
-
-1.7.9 2005-08-02
- * Enabled further compiler warning flags and fixed them.
-
-1.7.8 2005-08-02
- * Merged user, context, port records patch from Ivan Gyurdiev.
- * Merged key extract function patch from Ivan Gyurdiev.
-
-1.7.7 2005-07-27
- * Merged mls_context_to_sid bugfix from Ivan Gyurdiev.
-
-1.7.6 2005-07-26
- * Merged context reorganization, memory leak fixes,
- port and interface loading, replacements for genusers and
- genbools, debug traceback, and bugfix patches from Ivan Gyurdiev.
- * Merged uninitialized variable bugfix from Dan Walsh.
-
-1.7.5 2005-07-18
- * Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat).
- * Removed genpolbools and genpolusers utilities.
-
-1.7.4 2005-07-18
- * Merged hierarchy check fix from Joshua Brindle (Tresys).
-
-1.7.3 2005-07-13
- * Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat).
-
-1.7.2 2005-07-11
- * Merged genbools debugging message cleanup from Red Hat.
-
-1.7.1 2005-07-06
- * Merged loadable module support from Tresys Technology.
-
-1.6 2005-06-20
- * Updated version for release.
-
-1.5.10 2005-05-19
- * License changed to LGPL v2.1, see COPYING.
-
-1.5.9 2005-05-16
- * Added sepol_genbools_policydb and sepol_genusers_policydb for
- audit2why.
-
-1.5.8 2005-05-13
- * Added sepol_ prefix to Flask types to avoid
- namespace collision with libselinux.
-
-1.5.7 2005-05-13
- * Added sepol_compute_av_reason() for audit2why.
-
-1.5.6 2005-04-25
- * Fixed bug in role hierarchy checker.
-
-1.5.5 2005-04-13
- * Merged hierarchical type/role patch from Tresys Technology.
- * Merged MLS fixes from Darrel Goeddel of TCS.
-
-1.5.4 2005-04-13
- * Changed sepol_genusers to not delete users by default,
- and added a sepol_set_delusers function to enable deletion.
- Also, removed special case handling of system_u and user_u.
-
-1.5.3 2005-03-29
- * Merged booleans.local patch from Dan Walsh.
-
-1.5.2 2005-03-16
- * Added man page for sepol_check_context.
-
-1.5.1 2005-03-15
- * Added man page for sepol_genusers function.
- * Merged man pages for genpolusers and chkcon from Manoj Srivastava.
-
-1.4 2005-03-09
- * Updated version for release.
-
-1.3.8 2005-03-08
- * Cleaned up error handling in sepol_genusers and sepol_genbools.
-
-1.3.7 2005-02-28
- * Merged sepol_debug and fclose patch from Dan Walsh.
-
-1.3.6 2005-02-22
- * Changed sepol_genusers to also use getline and correctly handle
- EOL.
-
-1.3.5 2005-02-17
- * Merged range_transition support from Darrel Goeddel (TCS).
-
-1.3.4 2005-02-16
- * Added sepol_genusers function.
-
-1.3.3 2005-02-14
- * Merged endianness and compute_av patches from Darrel Goeddel (TCS).
-
-1.3.2 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.3.1 2005-01-26
- * Merged enhanced MLS support from Darrel Goeddel (TCS).
-
-1.2.1 2005-01-19
- * Merged build fix patch from Manoj Srivastava.
-
-1.2 2004-10-07
- * MLS build fixes.
- * Added sepol_set_policydb_from_file and sepol_check_context for setfiles.
-
-1.0 2004-08-19
- * Initial public release.
-
-0.4 2004-08-13
- * Merged patch from Dan Walsh to ignore case on booleans.
- * Changed sepol_genbools* to preserve the original policy version.
- * Replaced exported global variables with set functions.
- * Moved genpolbools utility from checkpolicy to libsepol.
- * Added man pages for sepol_genbools* and genpolbools.
-
-0.3 2004-08-10
- * Added ChangeLog, COPYING, spec file.
- * Added sepol_genbools_array() for load_policy.
- * Created libsepol.map to limit exported symbols in shared library.
-
-0.2 2004-08-09
- * Exported other functions for checkpolicy and friends.
- * Renamed service and sidtab functions to avoid libselinux conflict.
- * Removed original code from checkpolicy, which now uses libsepol.
- * Code cleanup: kill legacy references to kernel types/functions.
-
-0.1 2004-08-06
- * Moved checkpolicy core logic into a library.
- * Exported sepol_genbools() for load_policy.
Copied: tags/libsepol_1_12_28/libsepol/ChangeLog (from rev 2038, trunk/libsepol/ChangeLog)
===================================================================
--- tags/libsepol_1_12_28/libsepol/ChangeLog (rev 0)
+++ tags/libsepol_1_12_28/libsepol/ChangeLog 2006-09-28 18:28:44 UTC (rev 2039)
@@ -0,0 +1,573 @@
+1.12.28 2006-09-28
+ * Build libsepol's static object files with -fpic
+
+1.12.27 2006-09-28
+ * Merged mls user and range_transition support in modules
+ from Darrel Goeddel
+
+1.12.26 2006-09-05
+ * Merged range transition enhancements and user format changes
+ Darrel Goeddel
+
+1.12.25 2006-08-24
+ * Merged conditionally expand neverallows patch from Jeremy Mowery.
+ * Merged refactor expander patch from Jeremy Mowery.
+
+1.12.24 2006-08-03
+ * Merged libsepol unit tests from Joshua Brindle.
+
+1.12.23 2006-08-03
+ * Merged symtab datum patch from Karl MacMillan.
+
+1.12.22 2006-08-03
+ * Merged netfilter contexts support from Chris PeBenito.
+
+1.12.21 2006-07-28
+ * Merged helpful hierarchy check errors patch from Joshua Brindle.
+
+1.12.20 2006-07-25
+ * Merged semodule_deps patch from Karl MacMillan.
+ This adds source module names to the avrule decls.
+
+1.12.19 2006-06-29
+ * Lindent.
+
+1.12.18 2006-06-26
+ * Merged optionals in base take 2 patch set from Joshua Brindle.
+
+1.12.17 2006-05-30
+ * Revert 1.12.16.
+
+1.12.16 2006-05-30
+ * Merged cleaner fix for bool_ids overflow from Karl MacMillan,
+ replacing the prior patch.
+
+1.12.15 2006-05-30
+ * Merged fixes for several memory leaks in the error paths during
+ policy read from Serge Hallyn.
+
+1.12.14 2006-05-25
+ * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list,
+ based on bug report and suggested fix by Cedric Roux.
+
+1.12.13 2006-05-24
+ * Merged sens_copy_callback, check_role_hierarchy_callback,
+ and node_from_record fixes from Serge Hallyn.
+
+1.12.12 2006-05-22
+ * Added sepol_policydb_compat_net() interface for testing whether
+ a policy requires the compatibility support for network checks
+ to be enabled in the kernel.
+
+1.12.11 2006-05-17
+ * Merged patch to initialize sym_val_to_name arrays from Kevin Carr.
+ Reworked to use calloc in the first place, and converted some other
+ malloc/memset pairs to calloc calls.
+
+1.12.10 2006-05-08
+ * Merged patch to revert role/user decl upgrade from Karl MacMillan.
+
+1.12.9 2006-05-08
+ * Dropped tests from all Makefile target.
+
+1.12.8 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.12.7 2006-05-05
+ * Merged libsepol test framework patch from Karl MacMillan.
+
+1.12.6 2006-04-28
+ * Fixed cond_normalize to traverse the entire cond list at link time.
+
+1.12.5 2006-04-03
+ * Merged fix for leak of optional package sections from Ivan Gyurdiev.
+
+1.12.4 2006-03-29
+ * Generalize test for bitmap overflow in ebitmap_set_bit.
+
+1.12.3 2006-03-27
+ * Fixed attr_convert_callback and expand_convert_type_set
+ typemap bug.
+
+1.12.2 2006-03-24
+ * Fixed avrule_block_write num_decls endian bug.
+
+1.12.1 2006-03-20
+ * Fixed sepol_module_package_write buffer overflow bug.
+
+1.12 2006-03-14
+ * Updated version for release.
+
+1.11.20 2006-03-08
+ * Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
+ * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
+
+1.11.19 2006-02-21
+ * Merged sepol_policydb_mls_enabled interface and error handling
+ changes from Ivan Gyurdiev.
+
+1.11.18 2006-02-16
+ * Merged node_expand_addr bugfix and node_compare* change from
+ Ivan Gyurdiev.
+
+1.11.17 2006-02-15
+ * Merged nodes, ports: always prepend patch from Ivan Gyurdiev.
+ * Merged bug fix patch from Ivan Gyurdiev.
+
+1.11.16 2006-02-14
+ * Added a defined flag to level_datum_t for use by checkpolicy.
+
+1.11.15 2006-02-14
+ * Merged nodecon support patch from Ivan Gyurdiev.
+ * Merged cleanups patch from Ivan Gyurdiev.
+
+1.11.14 2006-02-13
+ * Merged optionals in base patch from Joshua Brindle.
+
+1.11.13 2006-02-07
+ * Merged seuser/user_extra support patch from Joshua Brindle.
+ * Merged fix patch from Ivan Gyurdiev.
+
+1.11.12 2006-02-02
+ * Merged clone record on set_con patch from Ivan Gyurdiev.
+
+1.11.11 2006-02-01
+ * Merged assertion copying bugfix from Joshua Brindle.
+ * Merged sepol_av_to_string patch from Joshua Brindle.
+
+1.11.10 2006-01-30
+ * Merged cond_expr mapping and package section count bug fixes
+ from Joshua Brindle.
+ * Merged improve port/fcontext API patch from Ivan Gyurdiev.
+ * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
+
+1.11.9 2006-01-12
+ * Merged size_t -> unsigned int patch from Ivan Gyurdiev.
+
+1.11.8 2006-01-09
+ * Merged 2nd const in APIs patch from Ivan Gyurdiev.
+
+1.11.7 2006-01-06
+ * Merged const in APIs patch from Ivan Gyurdiev.
+ * Merged compare2 function patch from Ivan Gyurdiev.
+
+1.11.6 2006-01-06
+ * Fixed hierarchy checker to only check allow rules.
+
+1.11.5 2006-01-05
+ * Merged further fixes from Russell Coker, specifically:
+ - av_to_string overflow checking
+ - sepol_context_to_string error handling
+ - hierarchy checking memory leak fixes and optimizations
+ - avrule_block_read variable initialization
+ * Marked deprecated code in genbools and genusers.
+
+1.11.4 2006-01-05
+ * Merged bugfix for sepol_port_modify from Russell Coker.
+
+1.11.3 2006-01-05
+ * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
+ * Merged port ordering patch from Ivan Gyurdiev.
+
+1.11.2 2006-01-04
+ * Merged patch series from Ivan Gyurdiev.
+ This includes patches to:
+ - support ordering of records in compare function
+ - enable port interfaces
+ - add interfaces for context validity and range checks
+ - add include guards
+
+1.11.1 2005-12-16
+ * Fixed mls_range_cpy bug.
+
+1.10 2005-12-07
+ * Updated version for release.
+
+1.9.42 2005-12-05
+ * Dropped handle from user_del_role interface.
+
+1.9.41 2005-11-28
+ * Merged remove defrole from sepol patch from Ivan Gyurdiev.
+
+1.9.40 2005-11-15
+ * Merged module function and map file cleanup from Ivan Gyurdiev.
+ * Merged MLS and genusers cleanups from Ivan Gyurdiev.
+
+1.9.39 2005-11-09
+ Prepare for removal of booleans* and *.users files.
+ * Cleaned up sepol_genbools to not regenerate the image if
+ there were no changes in the boolean values, including the
+ degenerate case where there are no booleans or booleans.local
+ files.
+ * Cleaned up sepol_genusers to not warn on missing local.users.
+
+1.9.38 2005-11-08
+ * Removed sepol_port_* from libsepol.map, as the port interfaces
+ are not yet stable.
+
+1.9.37 2005-11-04
+ * Merged context destroy cleanup patch from Ivan Gyurdiev.
+
+1.9.36 2005-11-03
+ * Merged context_to_string interface change patch from Ivan Gyurdiev.
+
+1.9.35 2005-11-01
+ * Added src/dso.h and src/*_internal.h.
+ Added hidden_def for exported symbols used within libsepol.
+ Added hidden for symbols that should not be exported by
+ the wildcards in libsepol.map.
+
+1.9.34 2005-10-31
+ * Merged record interface, record bugfix, and set_roles patches
+ from Ivan Gyurdiev.
+
+1.9.33 2005-10-27
+ * Merged count specification change from Ivan Gyurdiev.
+
+1.9.32 2005-10-26
+ * Added further checking and error reporting to
+ sepol_module_package_read and _info.
+
+1.9.31 2005-10-26
+ * Merged sepol handle passing, DEBUG conversion, and memory leak
+ fix patches from Ivan Gyurdiev.
+
+1.9.30 2005-10-25
+ * Removed processing of system.users from sepol_genusers and
+ dropped delusers logic.
+
+1.9.29 2005-10-25
+ * Removed policydb_destroy from error path of policydb_read,
+ since create/init/destroy/free of policydb is handled by the
+ caller now.
+ * Fixed sepol_module_package_read to handle a failed policydb_read
+ properly.
+
+1.9.28 2005-10-25
+ * Merged query/exists and count patches from Ivan Gyurdiev.
+
+1.9.27 2005-10-25
+ * Merged fix for pruned types in expand code from Joshua Brindle.
+ * Merged new module package format code from Joshua Brindle.
+
+1.9.26 2005-10-24
+ * Merged context interface cleanup, record conversion code,
+ key passing, and bug fix patches from Ivan Gyurdiev.
+
+1.9.25 2005-10-21
+ * Merged users cleanup patch from Ivan Gyurdiev.
+
+1.9.24 2005-10-21
+ * Merged user record memory leak fix from Ivan Gyurdiev.
+ * Merged reorganize users patch from Ivan Gyurdiev.
+
+1.9.23 2005-10-19
+ * Added check flag to expand_module() to control assertion
+ and hierarchy checking on expansion.
+
+1.9.22 2005-10-19
+ * Reworked check_assertions() and hierarchy_check_constraints()
+ to take handles and use callback-based error reporting.
+ * Changed expand_module() to call check_assertions() and
+ hierarchy_check_constraints() prior to returning the expanded
+ policy.
+
+1.9.21 2005-10-18
+ * Changed sepol_module_package_set_file_contexts to copy the
+ file contexts data since it is internally managed.
+
+1.9.20 2005-10-18
+ * Added sepol_policy_file_set_handle interface to associate
+ a handle with a policy file.
+ * Added handle argument to policydb_from_image/to_image.
+ * Added sepol_module_package_set_file_contexts interface.
+ * Dropped sepol_module_package_create_file interface.
+ * Reworked policydb_read/write, policydb_from_image/to_image,
+ and sepol_module_package_read/write to use callback-based error
+ reporting system rather than DEBUG.
+
+1.9.19 2005-10-17
+ * Reworked link_packages, link_modules, and expand_module to use
+ callback-based error reporting system rather than error buffering.
+
+1.9.18 2005-10-14
+ * Merged conditional expression mapping fix in the module linking
+ code from Joshua Brindle.
+
+1.9.17 2005-10-13
+ * Hid sepol_module_package type definition, and added get interfaces.
+
+1.9.16 2005-10-13
+ * Merged new callback-based error reporting system from Ivan
+ Gyurdiev.
+
+1.9.15 2005-10-13
+ * Merged support for require blocks inside conditionals from
+ Joshua Brindle (Tresys).
+
+1.9.14 2005-10-07
+ * Fixed use of policydb_from_image/to_image to ensure proper
+ init of policydb.
+
+1.9.13 2005-10-07
+ * Isolated policydb internal headers under <sepol/policydb/*.h>.
+ These headers should only be used by users of the static libsepol.
+ Created new <sepol/policydb.h> with new public types and interfaces
+ for shared libsepol.
+ Created new <sepol/module.h> with public types and interfaces moved
+ or wrapped from old module.h, link.h, and expand.h, adjusted for
+ new public types for policydb and policy_file.
+ Added public interfaces to libsepol.map.
+ Some implementation changes visible to users of the static libsepol:
+ 1) policydb_read no longer calls policydb_init.
+ Caller must do so first.
+ 2) policydb_init no longer takes policy_type argument.
+ Caller must set policy_type separately.
+ 3) expand_module automatically enables the global branch.
+ Caller no longer needs to do so.
+ 4) policydb_write uses the policy_type and policyvers from the
+ policydb itself, and sepol_set_policyvers() has been removed.
+
+1.9.12 2005-10-06
+ * Merged function renaming and static cleanup from Ivan Gyurdiev.
+
+1.9.11 2005-10-05
+ * Merged bug fix for check_assertions handling of no assertions
+ from Joshua Brindle (Tresys).
+
+1.9.10 2005-10-04
+ * Merged iterate patch from Ivan Gyurdiev.
+
+1.9.9 2005-10-03
+ * Merged MLS in modules patch from Joshua Brindle (Tresys).
+
+1.9.8 2005-09-30
+ * Merged pointer typedef elimination patch from Ivan Gyurdiev.
+ * Merged user list function, new mls functions, and bugfix patch
+ from Ivan Gyurdiev.
+
+1.9.7 2005-09-28
+ * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
+
+1.9.6 2005-09-23
+ * Merged bug fix patches from Joshua Brindle (Tresys).
+
+1.9.5 2005-09-21
+ * Merged boolean record and memory leak fix patches from Ivan
+ Gyurdiev.
+
+1.9.4 2005-09-19
+ * Merged interface record patch from Ivan Gyurdiev.
+
+1.9.3 2005-09-14
+ * Merged fix for sepol_enable/disable_debug from Ivan
+ Gyurdiev.
+
+1.9.2 2005-09-14
+ * Merged stddef.h patch and debug conversion patch from
+ Ivan Gyurdiev.
+
+1.9.1 2005-09-09
+ * Fixed expand_avtab and expand_cond_av_list to keep separate
+ entries with identical keys but different enabled flags.
+
+1.8 2005-09-06
+ * Updated version for release.
+
+1.7.24 2005-08-31
+ * Fixed symtab_insert return value for duplicate declarations.
+
+1.7.23 2005-08-31
+ * Merged fix for memory error in policy_module_destroy from
+ Jason Tang (Tresys).
+
+1.7.22 2005-08-26
+ * Merged fix for memory leak in sepol_context_to_sid from
+ Jason Tang (Tresys).
+
+1.7.21 2005-08-25
+ * Merged fixes for resource leaks on error paths and
+ change to scope_destroy from Joshua Brindle (Tresys).
+
+1.7.20 2005-08-23
+ * Merged more fixes for resource leaks on error paths
+ from Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.7.19 2005-08-19
+ * Changed to treat all type conflicts as fatal errors.
+
+1.7.18 2005-08-18
+ * Merged several error handling fixes from
+ Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.7.17 2005-08-15
+ * Fixed further memory leaks found by valgrind.
+
+1.7.16 2005-08-15
+ * Fixed several memory leaks found by valgrind.
+
+1.7.15 2005-08-12
+ * Fixed empty list test in cond_write_av_list. Bug found by
+ Coverity, reported by Serge Hallyn (IBM).
+ * Merged patch to policydb_write to check errors
+ when writing the type->attribute reverse map from
+ Serge Hallyn (IBM). Bug found by Coverity.
+ * Fixed policydb_destroy to properly handle NULL type_attr_map
+ or attr_type_map.
+
+1.7.14 2005-08-12
+ * Fixed use of uninitialized data by expand_avtab_node by
+ clearing type_val_to_struct in policydb_index_others.
+
+1.7.13 2005-08-11
+ * Improved memory use by SELinux by both reducing the avtab
+ node size and reducing the number of avtab nodes (by not
+ expanding attributes in TE rules when possible). Added
+ expand_avtab and expand_cond_av_list functions for use by
+ assertion checker, hierarchy checker, compatibility code,
+ and dispol. Added new inline ebitmap operators and converted
+ existing users of ebitmaps to the new operators for greater
+ efficiency.
+ Note: The binary policy format version has been incremented to
+ version 20 as a result of these changes.
+
+1.7.12 2005-08-10
+ * Fixed bug in constraint_node_clone handling of name sets.
+
+1.7.11 2005-08-08
+ * Fix range_trans_clone to map the type values properly.
+
+1.7.10 2005-08-02
+ * Merged patch to move module read/write code from libsemanage
+ to libsepol from Jason Tang (Tresys).
+
+1.7.9 2005-08-02
+ * Enabled further compiler warning flags and fixed them.
+
+1.7.8 2005-08-02
+ * Merged user, context, port records patch from Ivan Gyurdiev.
+ * Merged key extract function patch from Ivan Gyurdiev.
+
+1.7.7 2005-07-27
+ * Merged mls_context_to_sid bugfix from Ivan Gyurdiev.
+
+1.7.6 2005-07-26
+ * Merged context reorganization, memory leak fixes,
+ port and interface loading, replacements for genusers and
+ genbools, debug traceback, and bugfix patches from Ivan Gyurdiev.
+ * Merged uninitialized variable bugfix from Dan Walsh.
+
+1.7.5 2005-07-18
+ * Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat).
+ * Removed genpolbools and genpolusers utilities.
+
+1.7.4 2005-07-18
+ * Merged hierarchy check fix from Joshua Brindle (Tresys).
+
+1.7.3 2005-07-13
+ * Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat).
+
+1.7.2 2005-07-11
+ * Merged genbools debugging message cleanup from Red Hat.
+
+1.7.1 2005-07-06
+ * Merged loadable module support from Tresys Technology.
+
+1.6 2005-06-20
+ * Updated version for release.
+
+1.5.10 2005-05-19
+ * License changed to LGPL v2.1, see COPYING.
+
+1.5.9 2005-05-16
+ * Added sepol_genbools_policydb and sepol_genusers_policydb for
+ audit2why.
+
+1.5.8 2005-05-13
+ * Added sepol_ prefix to Flask types to avoid
+ namespace collision with libselinux.
+
+1.5.7 2005-05-13
+ * Added sepol_compute_av_reason() for audit2why.
+
+1.5.6 2005-04-25
+ * Fixed bug in role hierarchy checker.
+
+1.5.5 2005-04-13
+ * Merged hierarchical type/role patch from Tresys Technology.
+ * Merged MLS fixes from Darrel Goeddel of TCS.
+
+1.5.4 2005-04-13
+ * Changed sepol_genusers to not delete users by default,
+ and added a sepol_set_delusers function to enable deletion.
+ Also, removed special case handling of system_u and user_u.
+
+1.5.3 2005-03-29
+ * Merged booleans.local patch from Dan Walsh.
+
+1.5.2 2005-03-16
+ * Added man page for sepol_check_context.
+
+1.5.1 2005-03-15
+ * Added man page for sepol_genusers function.
+ * Merged man pages for genpolusers and chkcon from Manoj Srivastava.
+
+1.4 2005-03-09
+ * Updated version for release.
+
+1.3.8 2005-03-08
+ * Cleaned up error handling in sepol_genusers and sepol_genbools.
+
+1.3.7 2005-02-28
+ * Merged sepol_debug and fclose patch from Dan Walsh.
+
+1.3.6 2005-02-22
+ * Changed sepol_genusers to also use getline and correctly handle
+ EOL.
+
+1.3.5 2005-02-17
+ * Merged range_transition support from Darrel Goeddel (TCS).
+
+1.3.4 2005-02-16
+ * Added sepol_genusers function.
+
+1.3.3 2005-02-14
+ * Merged endianness and compute_av patches from Darrel Goeddel (TCS).
+
+1.3.2 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.3.1 2005-01-26
+ * Merged enhanced MLS support from Darrel Goeddel (TCS).
+
+1.2.1 2005-01-19
+ * Merged build fix patch from Manoj Srivastava.
+
+1.2 2004-10-07
+ * MLS build fixes.
+ * Added sepol_set_policydb_from_file and sepol_check_context for setfiles.
+
+1.0 2004-08-19
+ * Initial public release.
+
+0.4 2004-08-13
+ * Merged patch from Dan Walsh to ignore case on booleans.
+ * Changed sepol_genbools* to preserve the original policy version.
+ * Replaced exported global variables with set functions.
+ * Moved genpolbools utility from checkpolicy to libsepol.
+ * Added man pages for sepol_genbools* and genpolbools.
+
+0.3 2004-08-10
+ * Added ChangeLog, COPYING, spec file.
+ * Added sepol_genbools_array() for load_policy.
+ * Created libsepol.map to limit exported symbols in shared library.
+
+0.2 2004-08-09
+ * Exported other functions for checkpolicy and friends.
+ * Renamed service and sidtab functions to avoid libselinux conflict.
+ * Removed original code from checkpolicy, which now uses libsepol.
+ * Code cleanup: kill legacy references to kernel types/functions.
+
+0.1 2004-08-06
+ * Moved checkpolicy core logic into a library.
+ * Exported sepol_genbools() for load_policy.
Deleted: tags/libsepol_1_12_28/libsepol/VERSION
===================================================================
--- trunk/libsepol/VERSION 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_28/libsepol/VERSION 2006-09-28 18:28:44 UTC (rev 2039)
@@ -1 +0,0 @@
-1.12.26
Copied: tags/libsepol_1_12_28/libsepol/VERSION (from rev 2038, trunk/libsepol/VERSION)
===================================================================
--- tags/libsepol_1_12_28/libsepol/VERSION (rev 0)
+++ tags/libsepol_1_12_28/libsepol/VERSION 2006-09-28 18:28:44 UTC (rev 2039)
@@ -0,0 +1 @@
+1.12.28
Deleted: tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h
===================================================================
--- trunk/libsepol/include/sepol/policydb/policydb.h 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h 2006-09-28 18:28:44 UTC (rev 2039)
@@ -1,608 +0,0 @@
-
-/* Author : Stephen Smalley, <sd...@ep...> */
-
-/*
- * Updated: Joshua Brindle <jbr...@tr...>
- * Karl MacMillan <kma...@tr...>
- * Jason Tang <jt...@tr...>
- *
- * Module support
- *
- * Updated: Trusted Computer Solutions, Inc. <dgo...@tr...>
- *
- * Support for enhanced MLS infrastructure.
- *
- * Updated: Frank Mayer <ma...@tr...> and Karl MacMillan <kma...@tr...>
- *
- * Added conditional policy language extensions
- *
- * Updated: Red Hat, Inc. James Morris <jm...@re...>
- *
- * Fine-grained netlink support
- * IPv6 support
- * Code cleanup
- *
- * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
- * Copyright (C) 2003 - 2004 Tresys Technology, LLC
- * Copyright (C) 2003 - 2004 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
-
-/* FLASK */
-
-/*
- * A policy database (policydb) specifies the
- * configuration data for the security policy.
- */
-
-#ifndef _SEPOL_POLICYDB_POLICYDB_H_
-#define _SEPOL_POLICYDB_POLICYDB_H_
-
-#include <stdio.h>
-#include <stddef.h>
-
-#include <sepol/policydb.h>
-
-#include <sepol/policydb/flask_types.h>
-#include <sepol/policydb/symtab.h>
-#include <sepol/policydb/avtab.h>
-#include <sepol/policydb/context.h>
-#include <sepol/policydb/constraint.h>
-#include <sepol/policydb/sidtab.h>
-
-#define ERRMSG_LEN 1024
-
-#define POLICYDB_SUCCESS 0
-#define POLICYDB_ERROR -1
-#define POLICYDB_UNSUPPORTED -2
-
-/*
- * A datum type is defined for each kind of symbol
- * in the configuration data: individual permissions,
- * common prefixes for access vectors, classes,
- * users, roles, types, sensitivities, categories, etc.
- */
-
-/* type set preserves data needed by modules such as *, ~ and attributes */
-typedef struct type_set {
- ebitmap_t types;
- ebitmap_t negset;
-#define TYPE_STAR 1
-#define TYPE_COMP 2
- uint32_t flags;
-} type_set_t;
-
-typedef struct role_set {
- ebitmap_t roles;
-#define ROLE_STAR 1
-#define ROLE_COMP 2
- uint32_t flags;
-} role_set_t;
-
-/* Permission attributes */
-typedef struct perm_datum {
- symtab_datum_t s;
-} perm_datum_t;
-
-/* Attributes of a common prefix for access vectors */
-typedef struct common_datum {
- symtab_datum_t s;
- symtab_t permissions; /* common permissions */
-} common_datum_t;
-
-/* Class attributes */
-typedef struct class_datum {
- symtab_datum_t s;
- char *comkey; /* common name */
- common_datum_t *comdatum; /* common datum */
- symtab_t permissions; /* class-specific permission symbol table */
- constraint_node_t *constraints; /* constraints on class permissions */
- constraint_node_t *validatetrans; /* special transition rules */
-} class_datum_t;
-
-/* Role attributes */
-typedef struct role_datum {
- symtab_datum_t s;
- ebitmap_t dominates; /* set of roles dominated by this role */
- type_set_t types; /* set of authorized types for role */
- ebitmap_t cache; /* This is an expanded set used for context validation during parsing */
-} role_datum_t;
-
-typedef struct role_trans {
- uint32_t role; /* current role */
- uint32_t type; /* program executable type */
- uint32_t new_role; /* new role */
- struct role_trans *next;
-} role_trans_t;
-
-typedef struct role_allow {
- uint32_t role; /* current role */
- uint32_t new_role; /* new role */
- struct role_allow *next;
-} role_allow_t;
-
-/* Type attributes */
-typedef struct type_datum {
- symtab_datum_t s;
- uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */
-#define TYPE_TYPE 0 /* regular type or alias in kernel policies */
-#define TYPE_ATTRIB 1 /* attribute */
-#define TYPE_ALIAS 2 /* alias in modular policy */
- uint32_t flavor;
- ebitmap_t types; /* types with this attribute */
-} type_datum_t;
-
-/* User attributes */
-typedef struct user_datum {
- symtab_datum_t s;
- role_set_t roles; /* set of authorized roles for user */
- mls_semantic_range_t range; /* MLS range (min. - max.) for user */
- mls_semantic_level_t dfltlevel; /* default login MLS level for user */
- ebitmap_t cache; /* This is an expanded set used for context validation during parsing */
- mls_range_t exp_range; /* expanded range used for validation */
- mls_level_t exp_dfltlevel; /* expanded range used for validation */
-} user_datum_t;
-
-/* Sensitivity attributes */
-typedef struct level_datum {
- mls_level_t *level; /* sensitivity and associated categories */
- unsigned char isalias; /* is this sensitivity an alias for another? */
- unsigned char defined;
-} level_datum_t;
-
-/* Category attributes */
-typedef struct cat_datum {
- symtab_datum_t s;
- unsigned char isalias; /* is this category an alias for another? */
-} cat_datum_t;
-
-typedef struct range_trans {
- uint32_t source_type;
- uint32_t target_type;
- uint32_t target_class;
- mls_range_t target_range;
- struct range_trans *next;
-} range_trans_t;
-
-/* Boolean data type */
-typedef struct cond_bool_datum {
- symtab_datum_t s;
- int state;
-} cond_bool_datum_t;
-
-struct cond_node;
-
-typedef struct cond_node cond_list_t;
-struct cond_av_list;
-
-typedef struct class_perm_node {
- uint32_t class;
- uint32_t data; /* permissions or new type */
- struct class_perm_node *next;
-} class_perm_node_t;
-
-typedef struct avrule {
-/* these typedefs are almost exactly the same as those in avtab.h - they are
- * here because of the need to include neverallow and dontaudit messages */
-#define AVRULE_ALLOWED 1
-#define AVRULE_AUDITALLOW 2
-#define AVRULE_AUDITDENY 4
-#define AVRULE_DONTAUDIT 8
-#define AVRULE_NEVERALLOW 128
-#define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW)
-#define AVRULE_TRANSITION 16
-#define AVRULE_MEMBER 32
-#define AVRULE_CHANGE 64
-#define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE)
- uint32_t specified;
-#define RULE_SELF 1
- uint32_t flags;
- type_set_t stypes;
- type_set_t ttypes;
- class_perm_node_t *perms;
- unsigned long line; /* line number from policy.conf where
- * this rule originated */
- struct avrule *next;
-} avrule_t;
-
-typedef struct role_trans_rule {
- role_set_t roles; /* current role */
- type_set_t types; /* program executable type */
- uint32_t new_role; /* new role */
- struct role_trans_rule *next;
-} role_trans_rule_t;
-
-typedef struct role_allow_rule {
- role_set_t roles; /* current role */
- role_set_t new_roles; /* new roles */
- struct role_allow_rule *next;
-} role_allow_rule_t;
-
-typedef struct range_trans_rule {
- type_set_t stypes;
- type_set_t ttypes;
- ebitmap_t tclasses;
- mls_semantic_range_t trange;
- struct range_trans_rule *next;
-} range_trans_rule_t;
-
-/*
- * The configuration data includes security contexts for
- * initial SIDs, unlabeled file systems, TCP and UDP port numbers,
- * network interfaces, and nodes. This structure stores the
- * relevant data for one such entry. Entries of the same kind
- * (e.g. all initial SIDs) are linked together into a list.
- */
-typedef struct ocontext {
- union {
- char *name; /* name of initial SID, fs, netif, fstype, path */
- struct {
- uint8_t protocol;
- uint16_t low_port;
- uint16_t high_port;
- } port; /* TCP or UDP port information */
- struct {
- uint32_t addr;
- uint32_t mask;
- } node; /* node information */
- struct {
- uint32_t addr[4];
- uint32_t mask[4];
- } node6; /* IPv6 node information */
- } u;
- union {
- uint32_t sclass; /* security class for genfs */
- uint32_t behavior; /* labeling behavior for fs_use */
- } v;
- context_struct_t context[2]; /* security context(s) */
- sepol_security_id_t sid[2]; /* SID(s) */
- struct ocontext *next;
-} ocontext_t;
-
-typedef struct genfs {
- char *fstype;
- struct ocontext *head;
- struct genfs *next;
-} genfs_t;
-
-/* symbol table array indices */
-#define SYM_COMMONS 0
-#define SYM_CLASSES 1
-#define SYM_ROLES 2
-#define SYM_TYPES 3
-#define SYM_USERS 4
-#define SYM_BOOLS 5
-#define SYM_LEVELS 6
-#define SYM_CATS 7
-#define SYM_NUM 8
-
-/* object context array indices */
-#define OCON_ISID 0 /* initial SIDs */
-#define OCON_FS 1 /* unlabeled file systems */
-#define OCON_PORT 2 /* TCP and UDP port numbers */
-#define OCON_NETIF 3 /* network interfaces */
-#define OCON_NODE 4 /* nodes */
-#define OCON_FSUSE 5 /* fs_use */
-#define OCON_NODE6 6 /* IPv6 nodes */
-#define OCON_NUM 7
-
-/* section: module information */
-
-/* scope_index_t holds all of the symbols that are in scope in a
- * particular situation. The bitmaps are indices (and thus must
- * subtract one) into the global policydb->scope array. */
-typedef struct scope_index {
- ebitmap_t scope[SYM_NUM];
-#define p_classes_scope scope[SYM_CLASSES]
-#define p_roles_scope scope[SYM_ROLES]
-#define p_types_scope scope[SYM_TYPES]
-#define p_users_scope scope[SYM_USERS]
-#define p_bools_scope scope[SYM_BOOLS]
-#define p_sens_scope scope[SYM_LEVELS]
-#define p_cat_scope scope[SYM_CATS]
-
- /* this array maps from class->value to the permissions within
- * scope. if bit (perm->value - 1) is set in map
- * class_perms_map[class->value - 1] then that permission is
- * enabled for this class within this decl. */
- ebitmap_t *class_perms_map;
- /* total number of classes in class_perms_map array */
- uint32_t class_perms_len;
-} scope_index_t;
-
-/* a list of declarations for a particular avrule_decl */
-
-/* These two structs declare a block of policy that has TE and RBAC
- * statements and declarations. The root block (the global policy)
- * can never have an ELSE branch. */
-typedef struct avrule_decl {
- uint32_t decl_id;
- uint32_t enabled; /* whether this block is enabled */
-
- cond_list_t *cond_list;
- avrule_t *avrules;
- role_trans_rule_t *role_tr_rules;
- role_allow_rule_t *role_allow_rules;
- range_trans_rule_t *range_tr_rules;
- scope_index_t required; /* symbols needed to activate this block */
- scope_index_t declared; /* symbols declared within this block */
-
- /* for additive statements (type attribute, roles, and users) */
- symtab_t symtab[SYM_NUM];
-
- /* In a linked module this will contain the name of the module
- * from which this avrule_decl originated. */
- char *module_name;
-
- struct avrule_decl *next;
-} avrule_decl_t;
-
-typedef struct avrule_block {
- avrule_decl_t *branch_list;
- avrule_decl_t *enabled; /* pointer to which branch is enabled. this is
- used in linking and never written to disk */
-#define AVRULE_OPTIONAL 1
- uint32_t flags; /* any flags for this block, currently just optional */
- struct avrule_block *next;
-} avrule_block_t;
-
-/* Every identifier has its own scope datum. The datum describes if
- * the item is to be included into the final policy during
- * expansion. */
-typedef struct scope_datum {
-/* Required for this decl */
-#define SCOPE_REQ 1
-/* Declared in this decl */
-#define SCOPE_DECL 2
- uint32_t scope;
- uint32_t *decl_ids;
- uint32_t decl_ids_len;
- /* decl_ids is a list of avrule_decl's that declare/require
- * this symbol. If scope==SCOPE_DECL then this is a list of
- * declarations. If the symbol may only be declared once
- * (types, bools) then decl_ids_len will be exactly 1. For
- * implicitly declared things (roles, users) then decl_ids_len
- * will be at least 1. */
-} scope_datum_t;
-
-/* The policy database */
-typedef struct policydb {
-#define POLICY_KERN SEPOL_POLICY_KERN
-#define POLICY_BASE SEPOL_POLICY_BASE
-#define POLICY_MOD SEPOL_POLICY_MOD
- uint32_t policy_type;
- char *name;
- char *version;
-
- /* Set when the policydb is modified such that writing is unsupported */
- int unsupported_format;
-
- /* Whether this policydb is mls, should always be set */
- int mls;
-
- /* symbol tables */
- symtab_t symtab[SYM_NUM];
-#define p_commons symtab[SYM_COMMONS]
-#define p_classes symtab[SYM_CLASSES]
-#define p_roles symtab[SYM_ROLES]
-#define p_types symtab[SYM_TYPES]
-#define p_users symtab[SYM_USERS]
-#define p_bools symtab[SYM_BOOLS]
-#define p_levels symtab[SYM_LEVELS]
-#define p_cats symtab[SYM_CATS]
-
- /* symbol names indexed by (value - 1) */
- char **sym_val_to_name[SYM_NUM];
-#define p_common_val_to_name sym_val_to_name[SYM_COMMONS]
-#define p_class_val_to_name sym_val_to_name[SYM_CLASSES]
-#define p_role_val_to_name sym_val_to_name[SYM_ROLES]
-#define p_type_val_to_name sym_val_to_name[SYM_TYPES]
-#define p_user_val_to_name sym_val_to_name[SYM_USERS]
-#define p_bool_val_to_name sym_val_to_name[SYM_BOOLS]
-#define p_sens_val_to_name sym_val_to_name[SYM_LEVELS]
-#define p_cat_val_to_name sym_val_to_name[SYM_CATS]
-
- /* class, role, and user attributes indexed by (value - 1) */
- class_datum_t **class_val_to_struct;
- role_datum_t **role_val_to_struct;
- user_datum_t **user_val_to_struct;
- type_datum_t **type_val_to_struct;
-
- /* module stuff section -- used in parsing and for modules */
-
- /* keep track of the scope for every identifier. these are
- * hash tables, where the key is the identifier name and value
- * a scope_datum_t. as a convenience, one may use the
- * p_*_macros (cf. struct scope_index_t declaration). */
- symtab_t scope[SYM_NUM];
-
- /* module rule storage */
- avrule_block_t *global;
- /* avrule_decl index used for link/expand */
- avrule_decl_t **decl_val_to_struct;
-
- /* compiled storage of rules - use for the kernel policy */
-
- /* type enforcement access vectors and transitions */
- avtab_t te_avtab;
-
- /* bools indexed by (value - 1) */
- cond_bool_datum_t **bool_val_to_struct;
- /* type enforcement conditional access vectors and transitions */
- avtab_t te_cond_avtab;
- /* linked list indexing te_cond_avtab by conditional */
- cond_list_t *cond_list;
-
- /* role transitions */
- role_trans_t *role_tr;
-
- /* role allows */
- role_allow_t *role_allow;
-
- /* security contexts of initial SIDs, unlabeled file systems,
- TCP or UDP port numbers, network interfaces and nodes */
- ocontext_t *ocontexts[OCON_NUM];
-
- /* security contexts for files in filesystems that cannot support
- a persistent label mapping or use another
- fixed labeling behavior. */
- genfs_t *genfs;
-
- /* range transitions */
- range_trans_t *range_tr;
-
- ebitmap_t *type_attr_map;
-
- ebitmap_t *attr_type_map; /* not saved in the binary policy */
-
- unsigned policyvers;
-} policydb_t;
-
-struct sepol_policydb {
- struct policydb p;
-};
-
-extern int policydb_init(policydb_t * p);
-
-extern int policydb_from_image(sepol_handle_t * handle,
- void *data, size_t len, policydb_t * policydb);
-
-extern int policydb_to_image(sepol_handle_t * handle,
- policydb_t * policydb, void **newdata,
- size_t * newlen);
-
-extern int policydb_index_classes(policydb_t * p);
-
-extern int policydb_index_bools(policydb_t * p);
-
-extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p,
- unsigned int verbose);
-
-extern int policydb_reindex_users(policydb_t * p);
-
-extern void policydb_destroy(policydb_t * p);
-
-extern int policydb_load_isids(policydb_t * p, sidtab_t * s);
-
-/* Deprecated */
-extern int policydb_context_isvalid(const policydb_t * p,
- const context_struct_t * c);
-
-extern void symtabs_destroy(symtab_t * symtab);
-extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p);
-typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d,
- void *args);
-extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num);
-
-extern void class_perm_node_init(class_perm_node_t * x);
-extern void type_set_init(type_set_t * x);
-extern void type_set_destroy(type_set_t * x);
-extern int type_set_cpy(type_set_t * dst, type_set_t * src);
-extern int type_set_or_eq(type_set_t * dst, type_set_t * other);
-extern void role_set_init(role_set_t * x);
-extern void role_set_destroy(role_set_t * x);
-extern void avrule_init(avrule_t * x);
-extern void avrule_destroy(avrule_t * x);
-extern void avrule_list_destroy(avrule_t * x);
-extern void role_trans_rule_init(role_trans_rule_t * x);
-extern void role_trans_rule_list_destroy(role_trans_rule_t * x);
-
-extern void role_datum_init(role_datum_t * x);
-extern void role_datum_destroy(role_datum_t * x);
-extern void role_allow_rule_init(role_allow_rule_t * x);
-extern void role_allow_rule_destroy(role_allow_rule_t * x);
-extern void role_allow_rule_list_destroy(role_allow_rule_t * x);
-extern void range_trans_rule_init(range_trans_rule_t *x);
-extern void range_trans_rule_destroy(range_trans_rule_t *x);
-extern void range_trans_rule_list_destroy(range_trans_rule_t *x);
-extern void type_datum_init(type_datum_t * x);
-extern void type_datum_destroy(type_datum_t * x);
-extern void user_datum_init(user_datum_t * x);
-extern void user_datum_destroy(user_datum_t * x);
-
-extern int check_assertions(sepol_handle_t * handle,
- policydb_t * p, avrule_t * avrules);
-
-extern int symtab_insert(policydb_t * x, uint32_t sym,
- hashtab_key_t key, hashtab_datum_t datum,
- uint32_t scope, uint32_t avrule_decl_id,
- uint32_t * value);
-
-/* A policy "file" may be a memory region referenced by a (data, len) pair
- or a file referenced by a FILE pointer. */
-typedef struct policy_file {
-#define PF_USE_MEMORY 0
-#define PF_USE_STDIO 1
-#define PF_LEN 2 /* total up length in len field */
- unsigned type;
- char *data;
- size_t len;
- size_t size;
- FILE *fp;
- struct sepol_handle *handle;
- unsigned char buffer[BUFSIZ];
-} policy_file_t;
-
-struct sepol_policy_file {
- struct policy_file pf;
-};
-
-extern int policydb_read(policydb_t * p, struct policy_file *fp,
- unsigned int verbose);
-extern int avrule_read_list(policydb_t * p, avrule_t ** avrules,
- struct policy_file *fp);
-
-extern int policydb_write(struct policydb *p, struct policy_file *pf);
-
-#define PERM_SYMTAB_SIZE 32
-
-/* Identify specific policy version changes */
-#define POLICYDB_VERSION_BASE 15
-#define POLICYDB_VERSION_BOOL 16
-#define POLICYDB_VERSION_IPV6 17
-#define POLICYDB_VERSION_NLCLASS 18
-#define POLICYDB_VERSION_VALIDATETRANS 19
-#define POLICYDB_VERSION_MLS 19
-#define POLICYDB_VERSION_AVTAB 20
-#define POLICYDB_VERSION_RANGETRANS 21
-
-/* Range of policy versions we understand*/
-#define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE
-#define POLICYDB_VERSION_MAX POLICYDB_VERSION_RANGETRANS
-
-/* Module versions and specific changes*/
-#define MOD_POLICYDB_VERSION_BASE 4
-#define MOD_POLICYDB_VERSION_VALIDATETRANS 5
-#define MOD_POLICYDB_VERSION_MLS 5
-#define MOD_POLICYDB_VERSION_RANGETRANS 6
-#define MOD_POLICYDB_VERSION_MLS_USERS 6
-
-#define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE
-#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_MLS_USERS
-
-#define POLICYDB_CONFIG_MLS 1
-
-#define OBJECT_R "object_r"
-#define OBJECT_R_VAL 1
-
-#define POLICYDB_MAGIC SELINUX_MAGIC
-#define POLICYDB_STRING "SE Linux"
-#define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
-#define POLICYDB_MOD_STRING "SE Linux Module"
-
-#endif /* _POLICYDB_H_ */
-
-/* FLASK */
Copied: tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h (from rev 2033, trunk/libsepol/include/sepol/policydb/policydb.h)
===================================================================
--- tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h (rev 0)
+++ tags/libsepol_1_12_28/libsepol/include/sepol/policydb/policydb.h 2006-09-28 18:28:44 UTC (rev 2039)
@@ -0,0 +1,612 @@
+
+/* Author : Stephen Smalley, <sd...@ep...> */
+
+/*
+ * Updated: Joshua Brindle <jbr...@tr...>
+ * Karl MacMillan <kma...@tr...>
+ * Jason Tang <jt...@tr...>
+ *
+ * Module support
+ *
+ * Updated: Trusted Computer Solutions, Inc. <dgo...@tr...>
+ *
+ * Support for enhanced MLS infrastructure.
+ *
+ * Updated: Frank Mayer <ma...@tr...> and Karl MacMillan <kma...@tr...>
+ *
+ * Added conditional policy language extensions
+ *
+ * Updated: Red Hat, Inc. James Morris <jm...@re...>
+ *
+ * Fine-grained netlink support
+ * IPv6 support
+ * Code cleanup
+ *
+ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
+ * Copyright (C) 2003 - 2004 Tresys Technology, LLC
+ * Copyright (C) 2003 - 2004 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+/* FLASK */
+
+/*
+ * A policy database (policydb) specifies the
+ * configuration data for the security policy.
+ */
+
+#ifn...
[truncated message content] |
|
From: <mad...@us...> - 2006-09-28 18:27:47
|
Revision: 2038
http://svn.sourceforge.net/selinux/?rev=2038&view=rev
Author: madmethod
Date: 2006-09-28 11:27:35 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
bump to libsepol 1.12.28
Modified Paths:
--------------
trunk/libsepol/ChangeLog
trunk/libsepol/VERSION
Modified: trunk/libsepol/ChangeLog
===================================================================
--- trunk/libsepol/ChangeLog 2006-09-28 18:25:10 UTC (rev 2037)
+++ trunk/libsepol/ChangeLog 2006-09-28 18:27:35 UTC (rev 2038)
@@ -1,3 +1,6 @@
+1.12.28 2006-09-28
+ * Build libsepol's static object files with -fpic
+
1.12.27 2006-09-28
* Merged mls user and range_transition support in modules
from Darrel Goeddel
Modified: trunk/libsepol/VERSION
===================================================================
--- trunk/libsepol/VERSION 2006-09-28 18:25:10 UTC (rev 2037)
+++ trunk/libsepol/VERSION 2006-09-28 18:27:35 UTC (rev 2038)
@@ -1 +1 @@
-1.12.27
+1.12.28
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-28 18:25:22
|
Revision: 2037
http://svn.sourceforge.net/selinux/?rev=2037&view=rev
Author: madmethod
Date: 2006-09-28 11:25:10 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
Author: "Jeremy A. Mowery"
Email: jm...@tr...
Subject: libsepol: compile archive with -fpic
Date: Tue, 26 Sep 2006 13:54:51 -0400
The libsepol archive is compiled normally without the -fpic flag. This
causes problems with other things that use libsepol.a with dynamic
relocation on 64-bit machines. The setools project uses libsepol.a in a
shared object library; checkpolicy is prevented from being built as a
position independent executable. The following patch modifies
libsepol's Makefile to build the archive using position independent
code.
Modified Paths:
--------------
trunk/libsepol/src/Makefile
Modified: trunk/libsepol/src/Makefile
===================================================================
--- trunk/libsepol/src/Makefile 2006-09-28 12:18:30 UTC (rev 2036)
+++ trunk/libsepol/src/Makefile 2006-09-28 18:25:10 UTC (rev 2037)
@@ -24,7 +24,7 @@
ln -sf $@ $(TARGET)
%.o: %.c
- $(CC) $(CFLAGS) -c -o $@ $<
+ $(CC) $(CFLAGS) -fpic -c -o $@ $<
%.lo: %.c
$(CC) $(CFLAGS) -fpic -DSHARED -c -o $@ $<
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-28 12:19:13
|
Revision: 2036
http://svn.sourceforge.net/selinux/?rev=2036&view=rev
Author: madmethod
Date: 2006-09-28 05:18:30 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
tag for libsepol 1.12.27
Added Paths:
-----------
tags/libsepol_1_12_27/
tags/libsepol_1_12_27/libsepol/
tags/libsepol_1_12_27/libsepol/ChangeLog
tags/libsepol_1_12_27/libsepol/VERSION
tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h
tags/libsepol_1_12_27/libsepol/src/expand.c
tags/libsepol_1_12_27/libsepol/src/link.c
tags/libsepol_1_12_27/libsepol/src/policydb.c
Removed Paths:
-------------
tags/libsepol_1_12_27/libsepol/ChangeLog
tags/libsepol_1_12_27/libsepol/VERSION
tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h
tags/libsepol_1_12_27/libsepol/src/expand.c
tags/libsepol_1_12_27/libsepol/src/link.c
tags/libsepol_1_12_27/libsepol/src/policydb.c
Copied: tags/libsepol_1_12_27/libsepol (from rev 2032, trunk/libsepol)
Deleted: tags/libsepol_1_12_27/libsepol/ChangeLog
===================================================================
--- trunk/libsepol/ChangeLog 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_27/libsepol/ChangeLog 2006-09-28 12:18:30 UTC (rev 2036)
@@ -1,566 +0,0 @@
-1.12.26 2006-09-05
- * Merged range transition enhancements and user format changes
- Darrel Goeddel
-
-1.12.25 2006-08-24
- * Merged conditionally expand neverallows patch from Jeremy Mowery.
- * Merged refactor expander patch from Jeremy Mowery.
-
-1.12.24 2006-08-03
- * Merged libsepol unit tests from Joshua Brindle.
-
-1.12.23 2006-08-03
- * Merged symtab datum patch from Karl MacMillan.
-
-1.12.22 2006-08-03
- * Merged netfilter contexts support from Chris PeBenito.
-
-1.12.21 2006-07-28
- * Merged helpful hierarchy check errors patch from Joshua Brindle.
-
-1.12.20 2006-07-25
- * Merged semodule_deps patch from Karl MacMillan.
- This adds source module names to the avrule decls.
-
-1.12.19 2006-06-29
- * Lindent.
-
-1.12.18 2006-06-26
- * Merged optionals in base take 2 patch set from Joshua Brindle.
-
-1.12.17 2006-05-30
- * Revert 1.12.16.
-
-1.12.16 2006-05-30
- * Merged cleaner fix for bool_ids overflow from Karl MacMillan,
- replacing the prior patch.
-
-1.12.15 2006-05-30
- * Merged fixes for several memory leaks in the error paths during
- policy read from Serge Hallyn.
-
-1.12.14 2006-05-25
- * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list,
- based on bug report and suggested fix by Cedric Roux.
-
-1.12.13 2006-05-24
- * Merged sens_copy_callback, check_role_hierarchy_callback,
- and node_from_record fixes from Serge Hallyn.
-
-1.12.12 2006-05-22
- * Added sepol_policydb_compat_net() interface for testing whether
- a policy requires the compatibility support for network checks
- to be enabled in the kernel.
-
-1.12.11 2006-05-17
- * Merged patch to initialize sym_val_to_name arrays from Kevin Carr.
- Reworked to use calloc in the first place, and converted some other
- malloc/memset pairs to calloc calls.
-
-1.12.10 2006-05-08
- * Merged patch to revert role/user decl upgrade from Karl MacMillan.
-
-1.12.9 2006-05-08
- * Dropped tests from all Makefile target.
-
-1.12.8 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.12.7 2006-05-05
- * Merged libsepol test framework patch from Karl MacMillan.
-
-1.12.6 2006-04-28
- * Fixed cond_normalize to traverse the entire cond list at link time.
-
-1.12.5 2006-04-03
- * Merged fix for leak of optional package sections from Ivan Gyurdiev.
-
-1.12.4 2006-03-29
- * Generalize test for bitmap overflow in ebitmap_set_bit.
-
-1.12.3 2006-03-27
- * Fixed attr_convert_callback and expand_convert_type_set
- typemap bug.
-
-1.12.2 2006-03-24
- * Fixed avrule_block_write num_decls endian bug.
-
-1.12.1 2006-03-20
- * Fixed sepol_module_package_write buffer overflow bug.
-
-1.12 2006-03-14
- * Updated version for release.
-
-1.11.20 2006-03-08
- * Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
- * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
-
-1.11.19 2006-02-21
- * Merged sepol_policydb_mls_enabled interface and error handling
- changes from Ivan Gyurdiev.
-
-1.11.18 2006-02-16
- * Merged node_expand_addr bugfix and node_compare* change from
- Ivan Gyurdiev.
-
-1.11.17 2006-02-15
- * Merged nodes, ports: always prepend patch from Ivan Gyurdiev.
- * Merged bug fix patch from Ivan Gyurdiev.
-
-1.11.16 2006-02-14
- * Added a defined flag to level_datum_t for use by checkpolicy.
-
-1.11.15 2006-02-14
- * Merged nodecon support patch from Ivan Gyurdiev.
- * Merged cleanups patch from Ivan Gyurdiev.
-
-1.11.14 2006-02-13
- * Merged optionals in base patch from Joshua Brindle.
-
-1.11.13 2006-02-07
- * Merged seuser/user_extra support patch from Joshua Brindle.
- * Merged fix patch from Ivan Gyurdiev.
-
-1.11.12 2006-02-02
- * Merged clone record on set_con patch from Ivan Gyurdiev.
-
-1.11.11 2006-02-01
- * Merged assertion copying bugfix from Joshua Brindle.
- * Merged sepol_av_to_string patch from Joshua Brindle.
-
-1.11.10 2006-01-30
- * Merged cond_expr mapping and package section count bug fixes
- from Joshua Brindle.
- * Merged improve port/fcontext API patch from Ivan Gyurdiev.
- * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
-
-1.11.9 2006-01-12
- * Merged size_t -> unsigned int patch from Ivan Gyurdiev.
-
-1.11.8 2006-01-09
- * Merged 2nd const in APIs patch from Ivan Gyurdiev.
-
-1.11.7 2006-01-06
- * Merged const in APIs patch from Ivan Gyurdiev.
- * Merged compare2 function patch from Ivan Gyurdiev.
-
-1.11.6 2006-01-06
- * Fixed hierarchy checker to only check allow rules.
-
-1.11.5 2006-01-05
- * Merged further fixes from Russell Coker, specifically:
- - av_to_string overflow checking
- - sepol_context_to_string error handling
- - hierarchy checking memory leak fixes and optimizations
- - avrule_block_read variable initialization
- * Marked deprecated code in genbools and genusers.
-
-1.11.4 2006-01-05
- * Merged bugfix for sepol_port_modify from Russell Coker.
-
-1.11.3 2006-01-05
- * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
- * Merged port ordering patch from Ivan Gyurdiev.
-
-1.11.2 2006-01-04
- * Merged patch series from Ivan Gyurdiev.
- This includes patches to:
- - support ordering of records in compare function
- - enable port interfaces
- - add interfaces for context validity and range checks
- - add include guards
-
-1.11.1 2005-12-16
- * Fixed mls_range_cpy bug.
-
-1.10 2005-12-07
- * Updated version for release.
-
-1.9.42 2005-12-05
- * Dropped handle from user_del_role interface.
-
-1.9.41 2005-11-28
- * Merged remove defrole from sepol patch from Ivan Gyurdiev.
-
-1.9.40 2005-11-15
- * Merged module function and map file cleanup from Ivan Gyurdiev.
- * Merged MLS and genusers cleanups from Ivan Gyurdiev.
-
-1.9.39 2005-11-09
- Prepare for removal of booleans* and *.users files.
- * Cleaned up sepol_genbools to not regenerate the image if
- there were no changes in the boolean values, including the
- degenerate case where there are no booleans or booleans.local
- files.
- * Cleaned up sepol_genusers to not warn on missing local.users.
-
-1.9.38 2005-11-08
- * Removed sepol_port_* from libsepol.map, as the port interfaces
- are not yet stable.
-
-1.9.37 2005-11-04
- * Merged context destroy cleanup patch from Ivan Gyurdiev.
-
-1.9.36 2005-11-03
- * Merged context_to_string interface change patch from Ivan Gyurdiev.
-
-1.9.35 2005-11-01
- * Added src/dso.h and src/*_internal.h.
- Added hidden_def for exported symbols used within libsepol.
- Added hidden for symbols that should not be exported by
- the wildcards in libsepol.map.
-
-1.9.34 2005-10-31
- * Merged record interface, record bugfix, and set_roles patches
- from Ivan Gyurdiev.
-
-1.9.33 2005-10-27
- * Merged count specification change from Ivan Gyurdiev.
-
-1.9.32 2005-10-26
- * Added further checking and error reporting to
- sepol_module_package_read and _info.
-
-1.9.31 2005-10-26
- * Merged sepol handle passing, DEBUG conversion, and memory leak
- fix patches from Ivan Gyurdiev.
-
-1.9.30 2005-10-25
- * Removed processing of system.users from sepol_genusers and
- dropped delusers logic.
-
-1.9.29 2005-10-25
- * Removed policydb_destroy from error path of policydb_read,
- since create/init/destroy/free of policydb is handled by the
- caller now.
- * Fixed sepol_module_package_read to handle a failed policydb_read
- properly.
-
-1.9.28 2005-10-25
- * Merged query/exists and count patches from Ivan Gyurdiev.
-
-1.9.27 2005-10-25
- * Merged fix for pruned types in expand code from Joshua Brindle.
- * Merged new module package format code from Joshua Brindle.
-
-1.9.26 2005-10-24
- * Merged context interface cleanup, record conversion code,
- key passing, and bug fix patches from Ivan Gyurdiev.
-
-1.9.25 2005-10-21
- * Merged users cleanup patch from Ivan Gyurdiev.
-
-1.9.24 2005-10-21
- * Merged user record memory leak fix from Ivan Gyurdiev.
- * Merged reorganize users patch from Ivan Gyurdiev.
-
-1.9.23 2005-10-19
- * Added check flag to expand_module() to control assertion
- and hierarchy checking on expansion.
-
-1.9.22 2005-10-19
- * Reworked check_assertions() and hierarchy_check_constraints()
- to take handles and use callback-based error reporting.
- * Changed expand_module() to call check_assertions() and
- hierarchy_check_constraints() prior to returning the expanded
- policy.
-
-1.9.21 2005-10-18
- * Changed sepol_module_package_set_file_contexts to copy the
- file contexts data since it is internally managed.
-
-1.9.20 2005-10-18
- * Added sepol_policy_file_set_handle interface to associate
- a handle with a policy file.
- * Added handle argument to policydb_from_image/to_image.
- * Added sepol_module_package_set_file_contexts interface.
- * Dropped sepol_module_package_create_file interface.
- * Reworked policydb_read/write, policydb_from_image/to_image,
- and sepol_module_package_read/write to use callback-based error
- reporting system rather than DEBUG.
-
-1.9.19 2005-10-17
- * Reworked link_packages, link_modules, and expand_module to use
- callback-based error reporting system rather than error buffering.
-
-1.9.18 2005-10-14
- * Merged conditional expression mapping fix in the module linking
- code from Joshua Brindle.
-
-1.9.17 2005-10-13
- * Hid sepol_module_package type definition, and added get interfaces.
-
-1.9.16 2005-10-13
- * Merged new callback-based error reporting system from Ivan
- Gyurdiev.
-
-1.9.15 2005-10-13
- * Merged support for require blocks inside conditionals from
- Joshua Brindle (Tresys).
-
-1.9.14 2005-10-07
- * Fixed use of policydb_from_image/to_image to ensure proper
- init of policydb.
-
-1.9.13 2005-10-07
- * Isolated policydb internal headers under <sepol/policydb/*.h>.
- These headers should only be used by users of the static libsepol.
- Created new <sepol/policydb.h> with new public types and interfaces
- for shared libsepol.
- Created new <sepol/module.h> with public types and interfaces moved
- or wrapped from old module.h, link.h, and expand.h, adjusted for
- new public types for policydb and policy_file.
- Added public interfaces to libsepol.map.
- Some implementation changes visible to users of the static libsepol:
- 1) policydb_read no longer calls policydb_init.
- Caller must do so first.
- 2) policydb_init no longer takes policy_type argument.
- Caller must set policy_type separately.
- 3) expand_module automatically enables the global branch.
- Caller no longer needs to do so.
- 4) policydb_write uses the policy_type and policyvers from the
- policydb itself, and sepol_set_policyvers() has been removed.
-
-1.9.12 2005-10-06
- * Merged function renaming and static cleanup from Ivan Gyurdiev.
-
-1.9.11 2005-10-05
- * Merged bug fix for check_assertions handling of no assertions
- from Joshua Brindle (Tresys).
-
-1.9.10 2005-10-04
- * Merged iterate patch from Ivan Gyurdiev.
-
-1.9.9 2005-10-03
- * Merged MLS in modules patch from Joshua Brindle (Tresys).
-
-1.9.8 2005-09-30
- * Merged pointer typedef elimination patch from Ivan Gyurdiev.
- * Merged user list function, new mls functions, and bugfix patch
- from Ivan Gyurdiev.
-
-1.9.7 2005-09-28
- * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
-
-1.9.6 2005-09-23
- * Merged bug fix patches from Joshua Brindle (Tresys).
-
-1.9.5 2005-09-21
- * Merged boolean record and memory leak fix patches from Ivan
- Gyurdiev.
-
-1.9.4 2005-09-19
- * Merged interface record patch from Ivan Gyurdiev.
-
-1.9.3 2005-09-14
- * Merged fix for sepol_enable/disable_debug from Ivan
- Gyurdiev.
-
-1.9.2 2005-09-14
- * Merged stddef.h patch and debug conversion patch from
- Ivan Gyurdiev.
-
-1.9.1 2005-09-09
- * Fixed expand_avtab and expand_cond_av_list to keep separate
- entries with identical keys but different enabled flags.
-
-1.8 2005-09-06
- * Updated version for release.
-
-1.7.24 2005-08-31
- * Fixed symtab_insert return value for duplicate declarations.
-
-1.7.23 2005-08-31
- * Merged fix for memory error in policy_module_destroy from
- Jason Tang (Tresys).
-
-1.7.22 2005-08-26
- * Merged fix for memory leak in sepol_context_to_sid from
- Jason Tang (Tresys).
-
-1.7.21 2005-08-25
- * Merged fixes for resource leaks on error paths and
- change to scope_destroy from Joshua Brindle (Tresys).
-
-1.7.20 2005-08-23
- * Merged more fixes for resource leaks on error paths
- from Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.7.19 2005-08-19
- * Changed to treat all type conflicts as fatal errors.
-
-1.7.18 2005-08-18
- * Merged several error handling fixes from
- Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.7.17 2005-08-15
- * Fixed further memory leaks found by valgrind.
-
-1.7.16 2005-08-15
- * Fixed several memory leaks found by valgrind.
-
-1.7.15 2005-08-12
- * Fixed empty list test in cond_write_av_list. Bug found by
- Coverity, reported by Serge Hallyn (IBM).
- * Merged patch to policydb_write to check errors
- when writing the type->attribute reverse map from
- Serge Hallyn (IBM). Bug found by Coverity.
- * Fixed policydb_destroy to properly handle NULL type_attr_map
- or attr_type_map.
-
-1.7.14 2005-08-12
- * Fixed use of uninitialized data by expand_avtab_node by
- clearing type_val_to_struct in policydb_index_others.
-
-1.7.13 2005-08-11
- * Improved memory use by SELinux by both reducing the avtab
- node size and reducing the number of avtab nodes (by not
- expanding attributes in TE rules when possible). Added
- expand_avtab and expand_cond_av_list functions for use by
- assertion checker, hierarchy checker, compatibility code,
- and dispol. Added new inline ebitmap operators and converted
- existing users of ebitmaps to the new operators for greater
- efficiency.
- Note: The binary policy format version has been incremented to
- version 20 as a result of these changes.
-
-1.7.12 2005-08-10
- * Fixed bug in constraint_node_clone handling of name sets.
-
-1.7.11 2005-08-08
- * Fix range_trans_clone to map the type values properly.
-
-1.7.10 2005-08-02
- * Merged patch to move module read/write code from libsemanage
- to libsepol from Jason Tang (Tresys).
-
-1.7.9 2005-08-02
- * Enabled further compiler warning flags and fixed them.
-
-1.7.8 2005-08-02
- * Merged user, context, port records patch from Ivan Gyurdiev.
- * Merged key extract function patch from Ivan Gyurdiev.
-
-1.7.7 2005-07-27
- * Merged mls_context_to_sid bugfix from Ivan Gyurdiev.
-
-1.7.6 2005-07-26
- * Merged context reorganization, memory leak fixes,
- port and interface loading, replacements for genusers and
- genbools, debug traceback, and bugfix patches from Ivan Gyurdiev.
- * Merged uninitialized variable bugfix from Dan Walsh.
-
-1.7.5 2005-07-18
- * Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat).
- * Removed genpolbools and genpolusers utilities.
-
-1.7.4 2005-07-18
- * Merged hierarchy check fix from Joshua Brindle (Tresys).
-
-1.7.3 2005-07-13
- * Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat).
-
-1.7.2 2005-07-11
- * Merged genbools debugging message cleanup from Red Hat.
-
-1.7.1 2005-07-06
- * Merged loadable module support from Tresys Technology.
-
-1.6 2005-06-20
- * Updated version for release.
-
-1.5.10 2005-05-19
- * License changed to LGPL v2.1, see COPYING.
-
-1.5.9 2005-05-16
- * Added sepol_genbools_policydb and sepol_genusers_policydb for
- audit2why.
-
-1.5.8 2005-05-13
- * Added sepol_ prefix to Flask types to avoid
- namespace collision with libselinux.
-
-1.5.7 2005-05-13
- * Added sepol_compute_av_reason() for audit2why.
-
-1.5.6 2005-04-25
- * Fixed bug in role hierarchy checker.
-
-1.5.5 2005-04-13
- * Merged hierarchical type/role patch from Tresys Technology.
- * Merged MLS fixes from Darrel Goeddel of TCS.
-
-1.5.4 2005-04-13
- * Changed sepol_genusers to not delete users by default,
- and added a sepol_set_delusers function to enable deletion.
- Also, removed special case handling of system_u and user_u.
-
-1.5.3 2005-03-29
- * Merged booleans.local patch from Dan Walsh.
-
-1.5.2 2005-03-16
- * Added man page for sepol_check_context.
-
-1.5.1 2005-03-15
- * Added man page for sepol_genusers function.
- * Merged man pages for genpolusers and chkcon from Manoj Srivastava.
-
-1.4 2005-03-09
- * Updated version for release.
-
-1.3.8 2005-03-08
- * Cleaned up error handling in sepol_genusers and sepol_genbools.
-
-1.3.7 2005-02-28
- * Merged sepol_debug and fclose patch from Dan Walsh.
-
-1.3.6 2005-02-22
- * Changed sepol_genusers to also use getline and correctly handle
- EOL.
-
-1.3.5 2005-02-17
- * Merged range_transition support from Darrel Goeddel (TCS).
-
-1.3.4 2005-02-16
- * Added sepol_genusers function.
-
-1.3.3 2005-02-14
- * Merged endianness and compute_av patches from Darrel Goeddel (TCS).
-
-1.3.2 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.3.1 2005-01-26
- * Merged enhanced MLS support from Darrel Goeddel (TCS).
-
-1.2.1 2005-01-19
- * Merged build fix patch from Manoj Srivastava.
-
-1.2 2004-10-07
- * MLS build fixes.
- * Added sepol_set_policydb_from_file and sepol_check_context for setfiles.
-
-1.0 2004-08-19
- * Initial public release.
-
-0.4 2004-08-13
- * Merged patch from Dan Walsh to ignore case on booleans.
- * Changed sepol_genbools* to preserve the original policy version.
- * Replaced exported global variables with set functions.
- * Moved genpolbools utility from checkpolicy to libsepol.
- * Added man pages for sepol_genbools* and genpolbools.
-
-0.3 2004-08-10
- * Added ChangeLog, COPYING, spec file.
- * Added sepol_genbools_array() for load_policy.
- * Created libsepol.map to limit exported symbols in shared library.
-
-0.2 2004-08-09
- * Exported other functions for checkpolicy and friends.
- * Renamed service and sidtab functions to avoid libselinux conflict.
- * Removed original code from checkpolicy, which now uses libsepol.
- * Code cleanup: kill legacy references to kernel types/functions.
-
-0.1 2004-08-06
- * Moved checkpolicy core logic into a library.
- * Exported sepol_genbools() for load_policy.
Copied: tags/libsepol_1_12_27/libsepol/ChangeLog (from rev 2034, trunk/libsepol/ChangeLog)
===================================================================
--- tags/libsepol_1_12_27/libsepol/ChangeLog (rev 0)
+++ tags/libsepol_1_12_27/libsepol/ChangeLog 2006-09-28 12:18:30 UTC (rev 2036)
@@ -0,0 +1,570 @@
+1.12.27 2006-09-28
+ * Merged mls user and range_transition support in modules
+ from Darrel Goeddel
+
+1.12.26 2006-09-05
+ * Merged range transition enhancements and user format changes
+ Darrel Goeddel
+
+1.12.25 2006-08-24
+ * Merged conditionally expand neverallows patch from Jeremy Mowery.
+ * Merged refactor expander patch from Jeremy Mowery.
+
+1.12.24 2006-08-03
+ * Merged libsepol unit tests from Joshua Brindle.
+
+1.12.23 2006-08-03
+ * Merged symtab datum patch from Karl MacMillan.
+
+1.12.22 2006-08-03
+ * Merged netfilter contexts support from Chris PeBenito.
+
+1.12.21 2006-07-28
+ * Merged helpful hierarchy check errors patch from Joshua Brindle.
+
+1.12.20 2006-07-25
+ * Merged semodule_deps patch from Karl MacMillan.
+ This adds source module names to the avrule decls.
+
+1.12.19 2006-06-29
+ * Lindent.
+
+1.12.18 2006-06-26
+ * Merged optionals in base take 2 patch set from Joshua Brindle.
+
+1.12.17 2006-05-30
+ * Revert 1.12.16.
+
+1.12.16 2006-05-30
+ * Merged cleaner fix for bool_ids overflow from Karl MacMillan,
+ replacing the prior patch.
+
+1.12.15 2006-05-30
+ * Merged fixes for several memory leaks in the error paths during
+ policy read from Serge Hallyn.
+
+1.12.14 2006-05-25
+ * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list,
+ based on bug report and suggested fix by Cedric Roux.
+
+1.12.13 2006-05-24
+ * Merged sens_copy_callback, check_role_hierarchy_callback,
+ and node_from_record fixes from Serge Hallyn.
+
+1.12.12 2006-05-22
+ * Added sepol_policydb_compat_net() interface for testing whether
+ a policy requires the compatibility support for network checks
+ to be enabled in the kernel.
+
+1.12.11 2006-05-17
+ * Merged patch to initialize sym_val_to_name arrays from Kevin Carr.
+ Reworked to use calloc in the first place, and converted some other
+ malloc/memset pairs to calloc calls.
+
+1.12.10 2006-05-08
+ * Merged patch to revert role/user decl upgrade from Karl MacMillan.
+
+1.12.9 2006-05-08
+ * Dropped tests from all Makefile target.
+
+1.12.8 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.12.7 2006-05-05
+ * Merged libsepol test framework patch from Karl MacMillan.
+
+1.12.6 2006-04-28
+ * Fixed cond_normalize to traverse the entire cond list at link time.
+
+1.12.5 2006-04-03
+ * Merged fix for leak of optional package sections from Ivan Gyurdiev.
+
+1.12.4 2006-03-29
+ * Generalize test for bitmap overflow in ebitmap_set_bit.
+
+1.12.3 2006-03-27
+ * Fixed attr_convert_callback and expand_convert_type_set
+ typemap bug.
+
+1.12.2 2006-03-24
+ * Fixed avrule_block_write num_decls endian bug.
+
+1.12.1 2006-03-20
+ * Fixed sepol_module_package_write buffer overflow bug.
+
+1.12 2006-03-14
+ * Updated version for release.
+
+1.11.20 2006-03-08
+ * Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
+ * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
+
+1.11.19 2006-02-21
+ * Merged sepol_policydb_mls_enabled interface and error handling
+ changes from Ivan Gyurdiev.
+
+1.11.18 2006-02-16
+ * Merged node_expand_addr bugfix and node_compare* change from
+ Ivan Gyurdiev.
+
+1.11.17 2006-02-15
+ * Merged nodes, ports: always prepend patch from Ivan Gyurdiev.
+ * Merged bug fix patch from Ivan Gyurdiev.
+
+1.11.16 2006-02-14
+ * Added a defined flag to level_datum_t for use by checkpolicy.
+
+1.11.15 2006-02-14
+ * Merged nodecon support patch from Ivan Gyurdiev.
+ * Merged cleanups patch from Ivan Gyurdiev.
+
+1.11.14 2006-02-13
+ * Merged optionals in base patch from Joshua Brindle.
+
+1.11.13 2006-02-07
+ * Merged seuser/user_extra support patch from Joshua Brindle.
+ * Merged fix patch from Ivan Gyurdiev.
+
+1.11.12 2006-02-02
+ * Merged clone record on set_con patch from Ivan Gyurdiev.
+
+1.11.11 2006-02-01
+ * Merged assertion copying bugfix from Joshua Brindle.
+ * Merged sepol_av_to_string patch from Joshua Brindle.
+
+1.11.10 2006-01-30
+ * Merged cond_expr mapping and package section count bug fixes
+ from Joshua Brindle.
+ * Merged improve port/fcontext API patch from Ivan Gyurdiev.
+ * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
+
+1.11.9 2006-01-12
+ * Merged size_t -> unsigned int patch from Ivan Gyurdiev.
+
+1.11.8 2006-01-09
+ * Merged 2nd const in APIs patch from Ivan Gyurdiev.
+
+1.11.7 2006-01-06
+ * Merged const in APIs patch from Ivan Gyurdiev.
+ * Merged compare2 function patch from Ivan Gyurdiev.
+
+1.11.6 2006-01-06
+ * Fixed hierarchy checker to only check allow rules.
+
+1.11.5 2006-01-05
+ * Merged further fixes from Russell Coker, specifically:
+ - av_to_string overflow checking
+ - sepol_context_to_string error handling
+ - hierarchy checking memory leak fixes and optimizations
+ - avrule_block_read variable initialization
+ * Marked deprecated code in genbools and genusers.
+
+1.11.4 2006-01-05
+ * Merged bugfix for sepol_port_modify from Russell Coker.
+
+1.11.3 2006-01-05
+ * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
+ * Merged port ordering patch from Ivan Gyurdiev.
+
+1.11.2 2006-01-04
+ * Merged patch series from Ivan Gyurdiev.
+ This includes patches to:
+ - support ordering of records in compare function
+ - enable port interfaces
+ - add interfaces for context validity and range checks
+ - add include guards
+
+1.11.1 2005-12-16
+ * Fixed mls_range_cpy bug.
+
+1.10 2005-12-07
+ * Updated version for release.
+
+1.9.42 2005-12-05
+ * Dropped handle from user_del_role interface.
+
+1.9.41 2005-11-28
+ * Merged remove defrole from sepol patch from Ivan Gyurdiev.
+
+1.9.40 2005-11-15
+ * Merged module function and map file cleanup from Ivan Gyurdiev.
+ * Merged MLS and genusers cleanups from Ivan Gyurdiev.
+
+1.9.39 2005-11-09
+ Prepare for removal of booleans* and *.users files.
+ * Cleaned up sepol_genbools to not regenerate the image if
+ there were no changes in the boolean values, including the
+ degenerate case where there are no booleans or booleans.local
+ files.
+ * Cleaned up sepol_genusers to not warn on missing local.users.
+
+1.9.38 2005-11-08
+ * Removed sepol_port_* from libsepol.map, as the port interfaces
+ are not yet stable.
+
+1.9.37 2005-11-04
+ * Merged context destroy cleanup patch from Ivan Gyurdiev.
+
+1.9.36 2005-11-03
+ * Merged context_to_string interface change patch from Ivan Gyurdiev.
+
+1.9.35 2005-11-01
+ * Added src/dso.h and src/*_internal.h.
+ Added hidden_def for exported symbols used within libsepol.
+ Added hidden for symbols that should not be exported by
+ the wildcards in libsepol.map.
+
+1.9.34 2005-10-31
+ * Merged record interface, record bugfix, and set_roles patches
+ from Ivan Gyurdiev.
+
+1.9.33 2005-10-27
+ * Merged count specification change from Ivan Gyurdiev.
+
+1.9.32 2005-10-26
+ * Added further checking and error reporting to
+ sepol_module_package_read and _info.
+
+1.9.31 2005-10-26
+ * Merged sepol handle passing, DEBUG conversion, and memory leak
+ fix patches from Ivan Gyurdiev.
+
+1.9.30 2005-10-25
+ * Removed processing of system.users from sepol_genusers and
+ dropped delusers logic.
+
+1.9.29 2005-10-25
+ * Removed policydb_destroy from error path of policydb_read,
+ since create/init/destroy/free of policydb is handled by the
+ caller now.
+ * Fixed sepol_module_package_read to handle a failed policydb_read
+ properly.
+
+1.9.28 2005-10-25
+ * Merged query/exists and count patches from Ivan Gyurdiev.
+
+1.9.27 2005-10-25
+ * Merged fix for pruned types in expand code from Joshua Brindle.
+ * Merged new module package format code from Joshua Brindle.
+
+1.9.26 2005-10-24
+ * Merged context interface cleanup, record conversion code,
+ key passing, and bug fix patches from Ivan Gyurdiev.
+
+1.9.25 2005-10-21
+ * Merged users cleanup patch from Ivan Gyurdiev.
+
+1.9.24 2005-10-21
+ * Merged user record memory leak fix from Ivan Gyurdiev.
+ * Merged reorganize users patch from Ivan Gyurdiev.
+
+1.9.23 2005-10-19
+ * Added check flag to expand_module() to control assertion
+ and hierarchy checking on expansion.
+
+1.9.22 2005-10-19
+ * Reworked check_assertions() and hierarchy_check_constraints()
+ to take handles and use callback-based error reporting.
+ * Changed expand_module() to call check_assertions() and
+ hierarchy_check_constraints() prior to returning the expanded
+ policy.
+
+1.9.21 2005-10-18
+ * Changed sepol_module_package_set_file_contexts to copy the
+ file contexts data since it is internally managed.
+
+1.9.20 2005-10-18
+ * Added sepol_policy_file_set_handle interface to associate
+ a handle with a policy file.
+ * Added handle argument to policydb_from_image/to_image.
+ * Added sepol_module_package_set_file_contexts interface.
+ * Dropped sepol_module_package_create_file interface.
+ * Reworked policydb_read/write, policydb_from_image/to_image,
+ and sepol_module_package_read/write to use callback-based error
+ reporting system rather than DEBUG.
+
+1.9.19 2005-10-17
+ * Reworked link_packages, link_modules, and expand_module to use
+ callback-based error reporting system rather than error buffering.
+
+1.9.18 2005-10-14
+ * Merged conditional expression mapping fix in the module linking
+ code from Joshua Brindle.
+
+1.9.17 2005-10-13
+ * Hid sepol_module_package type definition, and added get interfaces.
+
+1.9.16 2005-10-13
+ * Merged new callback-based error reporting system from Ivan
+ Gyurdiev.
+
+1.9.15 2005-10-13
+ * Merged support for require blocks inside conditionals from
+ Joshua Brindle (Tresys).
+
+1.9.14 2005-10-07
+ * Fixed use of policydb_from_image/to_image to ensure proper
+ init of policydb.
+
+1.9.13 2005-10-07
+ * Isolated policydb internal headers under <sepol/policydb/*.h>.
+ These headers should only be used by users of the static libsepol.
+ Created new <sepol/policydb.h> with new public types and interfaces
+ for shared libsepol.
+ Created new <sepol/module.h> with public types and interfaces moved
+ or wrapped from old module.h, link.h, and expand.h, adjusted for
+ new public types for policydb and policy_file.
+ Added public interfaces to libsepol.map.
+ Some implementation changes visible to users of the static libsepol:
+ 1) policydb_read no longer calls policydb_init.
+ Caller must do so first.
+ 2) policydb_init no longer takes policy_type argument.
+ Caller must set policy_type separately.
+ 3) expand_module automatically enables the global branch.
+ Caller no longer needs to do so.
+ 4) policydb_write uses the policy_type and policyvers from the
+ policydb itself, and sepol_set_policyvers() has been removed.
+
+1.9.12 2005-10-06
+ * Merged function renaming and static cleanup from Ivan Gyurdiev.
+
+1.9.11 2005-10-05
+ * Merged bug fix for check_assertions handling of no assertions
+ from Joshua Brindle (Tresys).
+
+1.9.10 2005-10-04
+ * Merged iterate patch from Ivan Gyurdiev.
+
+1.9.9 2005-10-03
+ * Merged MLS in modules patch from Joshua Brindle (Tresys).
+
+1.9.8 2005-09-30
+ * Merged pointer typedef elimination patch from Ivan Gyurdiev.
+ * Merged user list function, new mls functions, and bugfix patch
+ from Ivan Gyurdiev.
+
+1.9.7 2005-09-28
+ * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
+
+1.9.6 2005-09-23
+ * Merged bug fix patches from Joshua Brindle (Tresys).
+
+1.9.5 2005-09-21
+ * Merged boolean record and memory leak fix patches from Ivan
+ Gyurdiev.
+
+1.9.4 2005-09-19
+ * Merged interface record patch from Ivan Gyurdiev.
+
+1.9.3 2005-09-14
+ * Merged fix for sepol_enable/disable_debug from Ivan
+ Gyurdiev.
+
+1.9.2 2005-09-14
+ * Merged stddef.h patch and debug conversion patch from
+ Ivan Gyurdiev.
+
+1.9.1 2005-09-09
+ * Fixed expand_avtab and expand_cond_av_list to keep separate
+ entries with identical keys but different enabled flags.
+
+1.8 2005-09-06
+ * Updated version for release.
+
+1.7.24 2005-08-31
+ * Fixed symtab_insert return value for duplicate declarations.
+
+1.7.23 2005-08-31
+ * Merged fix for memory error in policy_module_destroy from
+ Jason Tang (Tresys).
+
+1.7.22 2005-08-26
+ * Merged fix for memory leak in sepol_context_to_sid from
+ Jason Tang (Tresys).
+
+1.7.21 2005-08-25
+ * Merged fixes for resource leaks on error paths and
+ change to scope_destroy from Joshua Brindle (Tresys).
+
+1.7.20 2005-08-23
+ * Merged more fixes for resource leaks on error paths
+ from Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.7.19 2005-08-19
+ * Changed to treat all type conflicts as fatal errors.
+
+1.7.18 2005-08-18
+ * Merged several error handling fixes from
+ Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.7.17 2005-08-15
+ * Fixed further memory leaks found by valgrind.
+
+1.7.16 2005-08-15
+ * Fixed several memory leaks found by valgrind.
+
+1.7.15 2005-08-12
+ * Fixed empty list test in cond_write_av_list. Bug found by
+ Coverity, reported by Serge Hallyn (IBM).
+ * Merged patch to policydb_write to check errors
+ when writing the type->attribute reverse map from
+ Serge Hallyn (IBM). Bug found by Coverity.
+ * Fixed policydb_destroy to properly handle NULL type_attr_map
+ or attr_type_map.
+
+1.7.14 2005-08-12
+ * Fixed use of uninitialized data by expand_avtab_node by
+ clearing type_val_to_struct in policydb_index_others.
+
+1.7.13 2005-08-11
+ * Improved memory use by SELinux by both reducing the avtab
+ node size and reducing the number of avtab nodes (by not
+ expanding attributes in TE rules when possible). Added
+ expand_avtab and expand_cond_av_list functions for use by
+ assertion checker, hierarchy checker, compatibility code,
+ and dispol. Added new inline ebitmap operators and converted
+ existing users of ebitmaps to the new operators for greater
+ efficiency.
+ Note: The binary policy format version has been incremented to
+ version 20 as a result of these changes.
+
+1.7.12 2005-08-10
+ * Fixed bug in constraint_node_clone handling of name sets.
+
+1.7.11 2005-08-08
+ * Fix range_trans_clone to map the type values properly.
+
+1.7.10 2005-08-02
+ * Merged patch to move module read/write code from libsemanage
+ to libsepol from Jason Tang (Tresys).
+
+1.7.9 2005-08-02
+ * Enabled further compiler warning flags and fixed them.
+
+1.7.8 2005-08-02
+ * Merged user, context, port records patch from Ivan Gyurdiev.
+ * Merged key extract function patch from Ivan Gyurdiev.
+
+1.7.7 2005-07-27
+ * Merged mls_context_to_sid bugfix from Ivan Gyurdiev.
+
+1.7.6 2005-07-26
+ * Merged context reorganization, memory leak fixes,
+ port and interface loading, replacements for genusers and
+ genbools, debug traceback, and bugfix patches from Ivan Gyurdiev.
+ * Merged uninitialized variable bugfix from Dan Walsh.
+
+1.7.5 2005-07-18
+ * Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat).
+ * Removed genpolbools and genpolusers utilities.
+
+1.7.4 2005-07-18
+ * Merged hierarchy check fix from Joshua Brindle (Tresys).
+
+1.7.3 2005-07-13
+ * Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat).
+
+1.7.2 2005-07-11
+ * Merged genbools debugging message cleanup from Red Hat.
+
+1.7.1 2005-07-06
+ * Merged loadable module support from Tresys Technology.
+
+1.6 2005-06-20
+ * Updated version for release.
+
+1.5.10 2005-05-19
+ * License changed to LGPL v2.1, see COPYING.
+
+1.5.9 2005-05-16
+ * Added sepol_genbools_policydb and sepol_genusers_policydb for
+ audit2why.
+
+1.5.8 2005-05-13
+ * Added sepol_ prefix to Flask types to avoid
+ namespace collision with libselinux.
+
+1.5.7 2005-05-13
+ * Added sepol_compute_av_reason() for audit2why.
+
+1.5.6 2005-04-25
+ * Fixed bug in role hierarchy checker.
+
+1.5.5 2005-04-13
+ * Merged hierarchical type/role patch from Tresys Technology.
+ * Merged MLS fixes from Darrel Goeddel of TCS.
+
+1.5.4 2005-04-13
+ * Changed sepol_genusers to not delete users by default,
+ and added a sepol_set_delusers function to enable deletion.
+ Also, removed special case handling of system_u and user_u.
+
+1.5.3 2005-03-29
+ * Merged booleans.local patch from Dan Walsh.
+
+1.5.2 2005-03-16
+ * Added man page for sepol_check_context.
+
+1.5.1 2005-03-15
+ * Added man page for sepol_genusers function.
+ * Merged man pages for genpolusers and chkcon from Manoj Srivastava.
+
+1.4 2005-03-09
+ * Updated version for release.
+
+1.3.8 2005-03-08
+ * Cleaned up error handling in sepol_genusers and sepol_genbools.
+
+1.3.7 2005-02-28
+ * Merged sepol_debug and fclose patch from Dan Walsh.
+
+1.3.6 2005-02-22
+ * Changed sepol_genusers to also use getline and correctly handle
+ EOL.
+
+1.3.5 2005-02-17
+ * Merged range_transition support from Darrel Goeddel (TCS).
+
+1.3.4 2005-02-16
+ * Added sepol_genusers function.
+
+1.3.3 2005-02-14
+ * Merged endianness and compute_av patches from Darrel Goeddel (TCS).
+
+1.3.2 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.3.1 2005-01-26
+ * Merged enhanced MLS support from Darrel Goeddel (TCS).
+
+1.2.1 2005-01-19
+ * Merged build fix patch from Manoj Srivastava.
+
+1.2 2004-10-07
+ * MLS build fixes.
+ * Added sepol_set_policydb_from_file and sepol_check_context for setfiles.
+
+1.0 2004-08-19
+ * Initial public release.
+
+0.4 2004-08-13
+ * Merged patch from Dan Walsh to ignore case on booleans.
+ * Changed sepol_genbools* to preserve the original policy version.
+ * Replaced exported global variables with set functions.
+ * Moved genpolbools utility from checkpolicy to libsepol.
+ * Added man pages for sepol_genbools* and genpolbools.
+
+0.3 2004-08-10
+ * Added ChangeLog, COPYING, spec file.
+ * Added sepol_genbools_array() for load_policy.
+ * Created libsepol.map to limit exported symbols in shared library.
+
+0.2 2004-08-09
+ * Exported other functions for checkpolicy and friends.
+ * Renamed service and sidtab functions to avoid libselinux conflict.
+ * Removed original code from checkpolicy, which now uses libsepol.
+ * Code cleanup: kill legacy references to kernel types/functions.
+
+0.1 2004-08-06
+ * Moved checkpolicy core logic into a library.
+ * Exported sepol_genbools() for load_policy.
Deleted: tags/libsepol_1_12_27/libsepol/VERSION
===================================================================
--- trunk/libsepol/VERSION 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_27/libsepol/VERSION 2006-09-28 12:18:30 UTC (rev 2036)
@@ -1 +0,0 @@
-1.12.26
Copied: tags/libsepol_1_12_27/libsepol/VERSION (from rev 2034, trunk/libsepol/VERSION)
===================================================================
--- tags/libsepol_1_12_27/libsepol/VERSION (rev 0)
+++ tags/libsepol_1_12_27/libsepol/VERSION 2006-09-28 12:18:30 UTC (rev 2036)
@@ -0,0 +1 @@
+1.12.27
Deleted: tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h
===================================================================
--- trunk/libsepol/include/sepol/policydb/policydb.h 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h 2006-09-28 12:18:30 UTC (rev 2036)
@@ -1,608 +0,0 @@
-
-/* Author : Stephen Smalley, <sd...@ep...> */
-
-/*
- * Updated: Joshua Brindle <jbr...@tr...>
- * Karl MacMillan <kma...@tr...>
- * Jason Tang <jt...@tr...>
- *
- * Module support
- *
- * Updated: Trusted Computer Solutions, Inc. <dgo...@tr...>
- *
- * Support for enhanced MLS infrastructure.
- *
- * Updated: Frank Mayer <ma...@tr...> and Karl MacMillan <kma...@tr...>
- *
- * Added conditional policy language extensions
- *
- * Updated: Red Hat, Inc. James Morris <jm...@re...>
- *
- * Fine-grained netlink support
- * IPv6 support
- * Code cleanup
- *
- * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
- * Copyright (C) 2003 - 2004 Tresys Technology, LLC
- * Copyright (C) 2003 - 2004 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
-
-/* FLASK */
-
-/*
- * A policy database (policydb) specifies the
- * configuration data for the security policy.
- */
-
-#ifndef _SEPOL_POLICYDB_POLICYDB_H_
-#define _SEPOL_POLICYDB_POLICYDB_H_
-
-#include <stdio.h>
-#include <stddef.h>
-
-#include <sepol/policydb.h>
-
-#include <sepol/policydb/flask_types.h>
-#include <sepol/policydb/symtab.h>
-#include <sepol/policydb/avtab.h>
-#include <sepol/policydb/context.h>
-#include <sepol/policydb/constraint.h>
-#include <sepol/policydb/sidtab.h>
-
-#define ERRMSG_LEN 1024
-
-#define POLICYDB_SUCCESS 0
-#define POLICYDB_ERROR -1
-#define POLICYDB_UNSUPPORTED -2
-
-/*
- * A datum type is defined for each kind of symbol
- * in the configuration data: individual permissions,
- * common prefixes for access vectors, classes,
- * users, roles, types, sensitivities, categories, etc.
- */
-
-/* type set preserves data needed by modules such as *, ~ and attributes */
-typedef struct type_set {
- ebitmap_t types;
- ebitmap_t negset;
-#define TYPE_STAR 1
-#define TYPE_COMP 2
- uint32_t flags;
-} type_set_t;
-
-typedef struct role_set {
- ebitmap_t roles;
-#define ROLE_STAR 1
-#define ROLE_COMP 2
- uint32_t flags;
-} role_set_t;
-
-/* Permission attributes */
-typedef struct perm_datum {
- symtab_datum_t s;
-} perm_datum_t;
-
-/* Attributes of a common prefix for access vectors */
-typedef struct common_datum {
- symtab_datum_t s;
- symtab_t permissions; /* common permissions */
-} common_datum_t;
-
-/* Class attributes */
-typedef struct class_datum {
- symtab_datum_t s;
- char *comkey; /* common name */
- common_datum_t *comdatum; /* common datum */
- symtab_t permissions; /* class-specific permission symbol table */
- constraint_node_t *constraints; /* constraints on class permissions */
- constraint_node_t *validatetrans; /* special transition rules */
-} class_datum_t;
-
-/* Role attributes */
-typedef struct role_datum {
- symtab_datum_t s;
- ebitmap_t dominates; /* set of roles dominated by this role */
- type_set_t types; /* set of authorized types for role */
- ebitmap_t cache; /* This is an expanded set used for context validation during parsing */
-} role_datum_t;
-
-typedef struct role_trans {
- uint32_t role; /* current role */
- uint32_t type; /* program executable type */
- uint32_t new_role; /* new role */
- struct role_trans *next;
-} role_trans_t;
-
-typedef struct role_allow {
- uint32_t role; /* current role */
- uint32_t new_role; /* new role */
- struct role_allow *next;
-} role_allow_t;
-
-/* Type attributes */
-typedef struct type_datum {
- symtab_datum_t s;
- uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */
-#define TYPE_TYPE 0 /* regular type or alias in kernel policies */
-#define TYPE_ATTRIB 1 /* attribute */
-#define TYPE_ALIAS 2 /* alias in modular policy */
- uint32_t flavor;
- ebitmap_t types; /* types with this attribute */
-} type_datum_t;
-
-/* User attributes */
-typedef struct user_datum {
- symtab_datum_t s;
- role_set_t roles; /* set of authorized roles for user */
- mls_semantic_range_t range; /* MLS range (min. - max.) for user */
- mls_semantic_level_t dfltlevel; /* default login MLS level for user */
- ebitmap_t cache; /* This is an expanded set used for context validation during parsing */
- mls_range_t exp_range; /* expanded range used for validation */
- mls_level_t exp_dfltlevel; /* expanded range used for validation */
-} user_datum_t;
-
-/* Sensitivity attributes */
-typedef struct level_datum {
- mls_level_t *level; /* sensitivity and associated categories */
- unsigned char isalias; /* is this sensitivity an alias for another? */
- unsigned char defined;
-} level_datum_t;
-
-/* Category attributes */
-typedef struct cat_datum {
- symtab_datum_t s;
- unsigned char isalias; /* is this category an alias for another? */
-} cat_datum_t;
-
-typedef struct range_trans {
- uint32_t source_type;
- uint32_t target_type;
- uint32_t target_class;
- mls_range_t target_range;
- struct range_trans *next;
-} range_trans_t;
-
-/* Boolean data type */
-typedef struct cond_bool_datum {
- symtab_datum_t s;
- int state;
-} cond_bool_datum_t;
-
-struct cond_node;
-
-typedef struct cond_node cond_list_t;
-struct cond_av_list;
-
-typedef struct class_perm_node {
- uint32_t class;
- uint32_t data; /* permissions or new type */
- struct class_perm_node *next;
-} class_perm_node_t;
-
-typedef struct avrule {
-/* these typedefs are almost exactly the same as those in avtab.h - they are
- * here because of the need to include neverallow and dontaudit messages */
-#define AVRULE_ALLOWED 1
-#define AVRULE_AUDITALLOW 2
-#define AVRULE_AUDITDENY 4
-#define AVRULE_DONTAUDIT 8
-#define AVRULE_NEVERALLOW 128
-#define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW)
-#define AVRULE_TRANSITION 16
-#define AVRULE_MEMBER 32
-#define AVRULE_CHANGE 64
-#define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE)
- uint32_t specified;
-#define RULE_SELF 1
- uint32_t flags;
- type_set_t stypes;
- type_set_t ttypes;
- class_perm_node_t *perms;
- unsigned long line; /* line number from policy.conf where
- * this rule originated */
- struct avrule *next;
-} avrule_t;
-
-typedef struct role_trans_rule {
- role_set_t roles; /* current role */
- type_set_t types; /* program executable type */
- uint32_t new_role; /* new role */
- struct role_trans_rule *next;
-} role_trans_rule_t;
-
-typedef struct role_allow_rule {
- role_set_t roles; /* current role */
- role_set_t new_roles; /* new roles */
- struct role_allow_rule *next;
-} role_allow_rule_t;
-
-typedef struct range_trans_rule {
- type_set_t stypes;
- type_set_t ttypes;
- ebitmap_t tclasses;
- mls_semantic_range_t trange;
- struct range_trans_rule *next;
-} range_trans_rule_t;
-
-/*
- * The configuration data includes security contexts for
- * initial SIDs, unlabeled file systems, TCP and UDP port numbers,
- * network interfaces, and nodes. This structure stores the
- * relevant data for one such entry. Entries of the same kind
- * (e.g. all initial SIDs) are linked together into a list.
- */
-typedef struct ocontext {
- union {
- char *name; /* name of initial SID, fs, netif, fstype, path */
- struct {
- uint8_t protocol;
- uint16_t low_port;
- uint16_t high_port;
- } port; /* TCP or UDP port information */
- struct {
- uint32_t addr;
- uint32_t mask;
- } node; /* node information */
- struct {
- uint32_t addr[4];
- uint32_t mask[4];
- } node6; /* IPv6 node information */
- } u;
- union {
- uint32_t sclass; /* security class for genfs */
- uint32_t behavior; /* labeling behavior for fs_use */
- } v;
- context_struct_t context[2]; /* security context(s) */
- sepol_security_id_t sid[2]; /* SID(s) */
- struct ocontext *next;
-} ocontext_t;
-
-typedef struct genfs {
- char *fstype;
- struct ocontext *head;
- struct genfs *next;
-} genfs_t;
-
-/* symbol table array indices */
-#define SYM_COMMONS 0
-#define SYM_CLASSES 1
-#define SYM_ROLES 2
-#define SYM_TYPES 3
-#define SYM_USERS 4
-#define SYM_BOOLS 5
-#define SYM_LEVELS 6
-#define SYM_CATS 7
-#define SYM_NUM 8
-
-/* object context array indices */
-#define OCON_ISID 0 /* initial SIDs */
-#define OCON_FS 1 /* unlabeled file systems */
-#define OCON_PORT 2 /* TCP and UDP port numbers */
-#define OCON_NETIF 3 /* network interfaces */
-#define OCON_NODE 4 /* nodes */
-#define OCON_FSUSE 5 /* fs_use */
-#define OCON_NODE6 6 /* IPv6 nodes */
-#define OCON_NUM 7
-
-/* section: module information */
-
-/* scope_index_t holds all of the symbols that are in scope in a
- * particular situation. The bitmaps are indices (and thus must
- * subtract one) into the global policydb->scope array. */
-typedef struct scope_index {
- ebitmap_t scope[SYM_NUM];
-#define p_classes_scope scope[SYM_CLASSES]
-#define p_roles_scope scope[SYM_ROLES]
-#define p_types_scope scope[SYM_TYPES]
-#define p_users_scope scope[SYM_USERS]
-#define p_bools_scope scope[SYM_BOOLS]
-#define p_sens_scope scope[SYM_LEVELS]
-#define p_cat_scope scope[SYM_CATS]
-
- /* this array maps from class->value to the permissions within
- * scope. if bit (perm->value - 1) is set in map
- * class_perms_map[class->value - 1] then that permission is
- * enabled for this class within this decl. */
- ebitmap_t *class_perms_map;
- /* total number of classes in class_perms_map array */
- uint32_t class_perms_len;
-} scope_index_t;
-
-/* a list of declarations for a particular avrule_decl */
-
-/* These two structs declare a block of policy that has TE and RBAC
- * statements and declarations. The root block (the global policy)
- * can never have an ELSE branch. */
-typedef struct avrule_decl {
- uint32_t decl_id;
- uint32_t enabled; /* whether this block is enabled */
-
- cond_list_t *cond_list;
- avrule_t *avrules;
- role_trans_rule_t *role_tr_rules;
- role_allow_rule_t *role_allow_rules;
- range_trans_rule_t *range_tr_rules;
- scope_index_t required; /* symbols needed to activate this block */
- scope_index_t declared; /* symbols declared within this block */
-
- /* for additive statements (type attribute, roles, and users) */
- symtab_t symtab[SYM_NUM];
-
- /* In a linked module this will contain the name of the module
- * from which this avrule_decl originated. */
- char *module_name;
-
- struct avrule_decl *next;
-} avrule_decl_t;
-
-typedef struct avrule_block {
- avrule_decl_t *branch_list;
- avrule_decl_t *enabled; /* pointer to which branch is enabled. this is
- used in linking and never written to disk */
-#define AVRULE_OPTIONAL 1
- uint32_t flags; /* any flags for this block, currently just optional */
- struct avrule_block *next;
-} avrule_block_t;
-
-/* Every identifier has its own scope datum. The datum describes if
- * the item is to be included into the final policy during
- * expansion. */
-typedef struct scope_datum {
-/* Required for this decl */
-#define SCOPE_REQ 1
-/* Declared in this decl */
-#define SCOPE_DECL 2
- uint32_t scope;
- uint32_t *decl_ids;
- uint32_t decl_ids_len;
- /* decl_ids is a list of avrule_decl's that declare/require
- * this symbol. If scope==SCOPE_DECL then this is a list of
- * declarations. If the symbol may only be declared once
- * (types, bools) then decl_ids_len will be exactly 1. For
- * implicitly declared things (roles, users) then decl_ids_len
- * will be at least 1. */
-} scope_datum_t;
-
-/* The policy database */
-typedef struct policydb {
-#define POLICY_KERN SEPOL_POLICY_KERN
-#define POLICY_BASE SEPOL_POLICY_BASE
-#define POLICY_MOD SEPOL_POLICY_MOD
- uint32_t policy_type;
- char *name;
- char *version;
-
- /* Set when the policydb is modified such that writing is unsupported */
- int unsupported_format;
-
- /* Whether this policydb is mls, should always be set */
- int mls;
-
- /* symbol tables */
- symtab_t symtab[SYM_NUM];
-#define p_commons symtab[SYM_COMMONS]
-#define p_classes symtab[SYM_CLASSES]
-#define p_roles symtab[SYM_ROLES]
-#define p_types symtab[SYM_TYPES]
-#define p_users symtab[SYM_USERS]
-#define p_bools symtab[SYM_BOOLS]
-#define p_levels symtab[SYM_LEVELS]
-#define p_cats symtab[SYM_CATS]
-
- /* symbol names indexed by (value - 1) */
- char **sym_val_to_name[SYM_NUM];
-#define p_common_val_to_name sym_val_to_name[SYM_COMMONS]
-#define p_class_val_to_name sym_val_to_name[SYM_CLASSES]
-#define p_role_val_to_name sym_val_to_name[SYM_ROLES]
-#define p_type_val_to_name sym_val_to_name[SYM_TYPES]
-#define p_user_val_to_name sym_val_to_name[SYM_USERS]
-#define p_bool_val_to_name sym_val_to_name[SYM_BOOLS]
-#define p_sens_val_to_name sym_val_to_name[SYM_LEVELS]
-#define p_cat_val_to_name sym_val_to_name[SYM_CATS]
-
- /* class, role, and user attributes indexed by (value - 1) */
- class_datum_t **class_val_to_struct;
- role_datum_t **role_val_to_struct;
- user_datum_t **user_val_to_struct;
- type_datum_t **type_val_to_struct;
-
- /* module stuff section -- used in parsing and for modules */
-
- /* keep track of the scope for every identifier. these are
- * hash tables, where the key is the identifier name and value
- * a scope_datum_t. as a convenience, one may use the
- * p_*_macros (cf. struct scope_index_t declaration). */
- symtab_t scope[SYM_NUM];
-
- /* module rule storage */
- avrule_block_t *global;
- /* avrule_decl index used for link/expand */
- avrule_decl_t **decl_val_to_struct;
-
- /* compiled storage of rules - use for the kernel policy */
-
- /* type enforcement access vectors and transitions */
- avtab_t te_avtab;
-
- /* bools indexed by (value - 1) */
- cond_bool_datum_t **bool_val_to_struct;
- /* type enforcement conditional access vectors and transitions */
- avtab_t te_cond_avtab;
- /* linked list indexing te_cond_avtab by conditional */
- cond_list_t *cond_list;
-
- /* role transitions */
- role_trans_t *role_tr;
-
- /* role allows */
- role_allow_t *role_allow;
-
- /* security contexts of initial SIDs, unlabeled file systems,
- TCP or UDP port numbers, network interfaces and nodes */
- ocontext_t *ocontexts[OCON_NUM];
-
- /* security contexts for files in filesystems that cannot support
- a persistent label mapping or use another
- fixed labeling behavior. */
- genfs_t *genfs;
-
- /* range transitions */
- range_trans_t *range_tr;
-
- ebitmap_t *type_attr_map;
-
- ebitmap_t *attr_type_map; /* not saved in the binary policy */
-
- unsigned policyvers;
-} policydb_t;
-
-struct sepol_policydb {
- struct policydb p;
-};
-
-extern int policydb_init(policydb_t * p);
-
-extern int policydb_from_image(sepol_handle_t * handle,
- void *data, size_t len, policydb_t * policydb);
-
-extern int policydb_to_image(sepol_handle_t * handle,
- policydb_t * policydb, void **newdata,
- size_t * newlen);
-
-extern int policydb_index_classes(policydb_t * p);
-
-extern int policydb_index_bools(policydb_t * p);
-
-extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p,
- unsigned int verbose);
-
-extern int policydb_reindex_users(policydb_t * p);
-
-extern void policydb_destroy(policydb_t * p);
-
-extern int policydb_load_isids(policydb_t * p, sidtab_t * s);
-
-/* Deprecated */
-extern int policydb_context_isvalid(const policydb_t * p,
- const context_struct_t * c);
-
-extern void symtabs_destroy(symtab_t * symtab);
-extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p);
-typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d,
- void *args);
-extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num);
-
-extern void class_perm_node_init(class_perm_node_t * x);
-extern void type_set_init(type_set_t * x);
-extern void type_set_destroy(type_set_t * x);
-extern int type_set_cpy(type_set_t * dst, type_set_t * src);
-extern int type_set_or_eq(type_set_t * dst, type_set_t * other);
-extern void role_set_init(role_set_t * x);
-extern void role_set_destroy(role_set_t * x);
-extern void avrule_init(avrule_t * x);
-extern void avrule_destroy(avrule_t * x);
-extern void avrule_list_destroy(avrule_t * x);
-extern void role_trans_rule_init(role_trans_rule_t * x);
-extern void role_trans_rule_list_destroy(role_trans_rule_t * x);
-
-extern void role_datum_init(role_datum_t * x);
-extern void role_datum_destroy(role_datum_t * x);
-extern void role_allow_rule_init(role_allow_rule_t * x);
-extern void role_allow_rule_destroy(role_allow_rule_t * x);
-extern void role_allow_rule_list_destroy(role_allow_rule_t * x);
-extern void range_trans_rule_init(range_trans_rule_t *x);
-extern void range_trans_rule_destroy(range_trans_rule_t *x);
-extern void range_trans_rule_list_destroy(range_trans_rule_t *x);
-extern void type_datum_init(type_datum_t * x);
-extern void type_datum_destroy(type_datum_t * x);
-extern void user_datum_init(user_datum_t * x);
-extern void user_datum_destroy(user_datum_t * x);
-
-extern int check_assertions(sepol_handle_t * handle,
- policydb_t * p, avrule_t * avrules);
-
-extern int symtab_insert(policydb_t * x, uint32_t sym,
- hashtab_key_t key, hashtab_datum_t datum,
- uint32_t scope, uint32_t avrule_decl_id,
- uint32_t * value);
-
-/* A policy "file" may be a memory region referenced by a (data, len) pair
- or a file referenced by a FILE pointer. */
-typedef struct policy_file {
-#define PF_USE_MEMORY 0
-#define PF_USE_STDIO 1
-#define PF_LEN 2 /* total up length in len field */
- unsigned type;
- char *data;
- size_t len;
- size_t size;
- FILE *fp;
- struct sepol_handle *handle;
- unsigned char buffer[BUFSIZ];
-} policy_file_t;
-
-struct sepol_policy_file {
- struct policy_file pf;
-};
-
-extern int policydb_read(policydb_t * p, struct policy_file *fp,
- unsigned int verbose);
-extern int avrule_read_list(policydb_t * p, avrule_t ** avrules,
- struct policy_file *fp);
-
-extern int policydb_write(struct policydb *p, struct policy_file *pf);
-
-#define PERM_SYMTAB_SIZE 32
-
-/* Identify specific policy version changes */
-#define POLICYDB_VERSION_BASE 15
-#define POLICYDB_VERSION_BOOL 16
-#define POLICYDB_VERSION_IPV6 17
-#define POLICYDB_VERSION_NLCLASS 18
-#define POLICYDB_VERSION_VALIDATETRANS 19
-#define POLICYDB_VERSION_MLS 19
-#define POLICYDB_VERSION_AVTAB 20
-#define POLICYDB_VERSION_RANGETRANS 21
-
-/* Range of policy versions we understand*/
-#define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE
-#define POLICYDB_VERSION_MAX POLICYDB_VERSION_RANGETRANS
-
-/* Module versions and specific changes*/
-#define MOD_POLICYDB_VERSION_BASE 4
-#define MOD_POLICYDB_VERSION_VALIDATETRANS 5
-#define MOD_POLICYDB_VERSION_MLS 5
-#define MOD_POLICYDB_VERSION_RANGETRANS 6
-#define MOD_POLICYDB_VERSION_MLS_USERS 6
-
-#define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE
-#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_MLS_USERS
-
-#define POLICYDB_CONFIG_MLS 1
-
-#define OBJECT_R "object_r"
-#define OBJECT_R_VAL 1
-
-#define POLICYDB_MAGIC SELINUX_MAGIC
-#define POLICYDB_STRING "SE Linux"
-#define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
-#define POLICYDB_MOD_STRING "SE Linux Module"
-
-#endif /* _POLICYDB_H_ */
-
-/* FLASK */
Copied: tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h (from rev 2033, trunk/libsepol/include/sepol/policydb/policydb.h)
===================================================================
--- tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h (rev 0)
+++ tags/libsepol_1_12_27/libsepol/include/sepol/policydb/policydb.h 2006-09-28 12:18:30 UTC (rev 2036)
@@ -0,0 +1,612 @@
+
+/* Author : Stephen Smalley, <sd...@ep...> */
+
+/*
+ * Updated: Joshua Brindle <jbr...@tr...>
+ * Karl MacMillan <kma...@tr...>
+ * Jason Tang <jt...@tr...>
+ *
+ * Module support
+ *
+ * Updated: Trusted Computer Solutions, Inc. <dgo...@tr...>
+ *
+ * Support for enhanced MLS infrastructure.
+ *
+ * Updated: Frank Mayer <ma...@tr...> and Karl MacMillan <kma...@tr...>
+ *
+ * Added conditional policy language extensions
+ *
+ * Updated: Red Hat, Inc. James Morris <jm...@re...>
+ *
+ * Fine-grained netlink support
+ * IPv6 support
+ * Code cleanup
+ *
+ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
+ * Copyright (C) 2003 - 2004 Tresys Technology, LLC
+ * Copyright (C) 2003 - 2004 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+/* FLASK */
+
+/*
+ * A policy database (policydb) specifies the
+ * configuration data for the security policy.
+ */
+
+#ifndef _SEPOL_POLICYDB_POLICYDB_H_
+#define _SEPOL_POLICYDB_POLICYDB_H_
+
+#include <stdio.h>
+#include <stddef.h>
+
+#include <sepol/policydb.h>
+
+#include <sepol/policydb...
[truncated message content] |
|
From: <mad...@us...> - 2006-09-28 12:17:30
|
Revision: 2035
http://svn.sourceforge.net/selinux/?rev=2035&view=rev
Author: madmethod
Date: 2006-09-28 05:16:58 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
tag for checkpolicy 1.30.12
Added Paths:
-----------
tags/checkpolicy_1_30_12/
tags/checkpolicy_1_30_12/checkpolicy/
tags/checkpolicy_1_30_12/checkpolicy/ChangeLog
tags/checkpolicy_1_30_12/checkpolicy/VERSION
tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c
tags/checkpolicy_1_30_12/checkpolicy/module_compiler.h
tags/checkpolicy_1_30_12/checkpolicy/policy_parse.y
Removed Paths:
-------------
tags/checkpolicy_1_30_12/checkpolicy/ChangeLog
tags/checkpolicy_1_30_12/checkpolicy/VERSION
tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c
tags/checkpolicy_1_30_12/checkpolicy/module_compiler.h
tags/checkpolicy_1_30_12/checkpolicy/policy_parse.y
Copied: tags/checkpolicy_1_30_12/checkpolicy (from rev 2032, trunk/checkpolicy)
Deleted: tags/checkpolicy_1_30_12/checkpolicy/ChangeLog
===================================================================
--- trunk/checkpolicy/ChangeLog 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/checkpolicy_1_30_12/checkpolicy/ChangeLog 2006-09-28 12:16:58 UTC (rev 2035)
@@ -1,285 +0,0 @@
-1.30.11 2006-09-05
- * merged range_transition enhancements and user module format
- changes from Darrel Goeddel
-
-1.30.10 2006-08-03
- * Merged symtab datum patch from Karl MacMillan.
-
-1.30.9 2006-06-29
- * Lindent.
-
-1.30.8 2006-06-29
- * Merged patch to remove TE rule conflict checking from the parser
- from Joshua Brindle. This can only be done properly by the
- expander.
-
-1.30.7 2006-06-27
- * Merged patch to make checkpolicy/checkmodule handling of
- duplicate/conflicting TE rules the same as the expander
- from Joshua Brindle.
-
-1.30.6 2006-06-26
- * Merged optionals in base take 2 patch set from Joshua Brindle.
-
-1.30.5 2006-05-05
- * Merged compiler cleanup patch from Karl MacMillan.
- * Merged fix warnings patch from Karl MacMillan.
-
-1.30.4 2006-04-05
- * Changed require_class to reject permissions that have not been
- declared if building a base module.
-
-1.30.3 2006-03-28
- * Fixed checkmodule to call link_modules prior to expand_module
- to handle optionals.
-
-1.30.2 2006-03-28
- * Fixed require_class to avoid shadowing permissions already defined
- in an inherited common definition.
-
-1.30.1 2006-03-22
- * Moved processing of role and user require statements to 2nd pass.
-
-1.30 2006-03-14
- * Updated version for release.
-
-1.29.5 2006-03-09
- * Fixed bug in role dominance (define_role_dom).
-
-1.29.4 2006-02-14
- * Added a check for failure to declare each sensitivity in
- a level definition.
-
-1.29.3 2006-02-13
- * Changed to clone level data for aliased sensitivities to
- avoid double free upon sens_destroy. Bug reported by Kevin
- Carr of Tresys Technology.
-
-1.29.2 2006-02-13
- * Merged optionals in base patch from Joshua Brindle.
-
-1.29.1 2006-02-01
- * Merged sepol_av_to_string patch from Joshua Brindle.
-
-1.28 2005-12-07
- * Updated version for release.
-
-1.27.20 2005-12-02
- * Merged checkmodule man page from Dan Walsh, and edited it.
-
-1.27.19 2005-12-01
- * Added error checking of all ebitmap_set_bit calls for out of
- memory conditions.
-
-1.27.18 2005-12-01
- * Merged removal of compatibility handling of netlink classes
- (requirement that policies with newer versions include the
- netlink class definitions, remapping of fine-grained netlink
- classes in newer source policies to single netlink class when
- generating older policies) from George Coker.
-
-1.27.17 2005-10-25
- * Merged dismod fix from Joshua Brindle.
-
-1.27.16 2005-10-20
- * Removed obsolete cond_check_type_rules() function and call and
- cond_optimize_lists() call from checkpolicy.c; these are handled
- during parsing and expansion now.
-
-1.27.15 2005-10-19
- * Updated calls to expand_module for interface change.
-
-1.27.14 2005-10-19
- * Changed checkmodule to verify that expand_module succeeds
- when building base modules.
-
-1.27.13 2005-10-19
- * Merged module compiler fixes from Joshua Brindle.
-
-1.27.12 2005-10-19
- * Removed direct calls to hierarchy_check_constraints() and
- check_assertions() from checkpolicy since they are now called
- internally by expand_module().
-
-1.27.11 2005-10-18
- * Updated for changes to sepol policydb_index_others interface.
-
-1.27.10 2005-10-17
- * Updated for changes to sepol expand_module and link_modules interfaces.
-
-1.27.9 2005-10-13
- * Merged support for require blocks inside conditionals from
- Joshua Brindle (Tresys).
-
-1.27.8 2005-10-06
- * Updated for changes to libsepol.
-
-1.27.7 2005-10-05
- * Merged several bug fixes from Joshua Brindle (Tresys).
-
-1.27.6 2005-10-03
- * Merged MLS in modules patch from Joshua Brindle (Tresys).
-
-1.27.5 2005-09-28
- * Merged error handling improvement in checkmodule from Karl MacMillan (Tresys).
-
-1.27.4 2005-09-26
- * Merged bugfix for dup role transition error messages from
- Karl MacMillan (Tresys).
-
-1.27.3 2005-09-23
- * Merged policyver/modulever patches from Joshua Brindle (Tresys).
-
-1.27.2 2005-09-20
- * Fixed parse_categories handling of undefined category.
-
-1.27.1 2005-09-16
- * Merged bug fix for role dominance handling from Darrel Goeddel (TCS).
-
-1.26 2005-09-06
- * Updated version for release.
-
-1.25.12 2005-08-22
- * Fixed handling of validatetrans constraint expressions.
- Bug reported by Dan Walsh for checkpolicy -M.
-
-1.25.11 2005-08-18
- * Merged use-after-free fix from Serge Hallyn (IBM).
- Bug found by Coverity.
-
-1.25.10 2005-08-15
- * Fixed further memory leaks found by valgrind.
-
-1.25.9 2005-08-15
- * Changed checkpolicy to destroy the policydbs prior to exit
- to allow leak detection.
- * Fixed several memory leaks found by valgrind.
-
-1.25.8 2005-08-11
- * Updated checkpolicy and dispol for the new avtab format.
- Converted users of ebitmaps to new inline operators.
- Note: The binary policy format version has been incremented to
- version 20 as a result of these changes. To build a policy
- for a kernel that does not yet include these changes, use
- the -c 19 option to checkpolicy.
-
-1.25.7 2005-08-11
- * Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys).
-
-1.25.6 2005-08-10
- * Merged patch to fix dismod compilation from Joshua Brindle (Tresys).
-
-1.25.5 2005-08-09
- * Fixed call to hierarchy checking code to pass the right policydb.
-
-1.25.4 2005-08-02
- * Merged patch to update dismod for the relocation of the
- module read/write code from libsemanage to libsepol, and
- to enable build of test subdirectory from Jason Tang (Tresys).
-
-1.25.3 2005-07-18
- * Merged hierarchy check fix from Joshua Brindle (Tresys).
-
-1.25.2 2005-07-06
- * Merged loadable module support from Tresys Technology.
-
-1.25.1 2005-06-24
- * Merged patch to prohibit the use of * and ~ in type sets
- (other than in neverallow statements) and in role sets
- from Joshua Brindle (Tresys).
-
-1.24 2005-06-20
- * Updated version for release.
-
-1.23.4 2005-05-19
- * Merged cleanup patch from Dan Walsh.
-
-1.23.3 2005-05-13
- * Added sepol_ prefix to Flask types to avoid namespace
- collision with libselinux.
-
-1.23.2 2005-04-29
- * Merged identifier fix from Joshua Brindle (Tresys).
-
-1.23.1 2005-04-13
- * Merged hierarchical type/role patch from Tresys Technology.
- * Merged MLS fixes from Darrel Goeddel of TCS.
-
-1.22 2005-03-09
- * Updated version for release.
-
-1.21.4 2005-02-17
- * Moved genpolusers utility to libsepol.
- * Merged range_transition support from Darrel Goeddel (TCS).
-
-1.21.3 2005-02-16
- * Merged define_user() cleanup patch from Darrel Goeddel (TCS).
-
-1.21.2 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.21.1 2005-01-26
- * Merged enhanced MLS support from Darrel Goeddel (TCS).
-
-1.20 2005-01-04
- * Merged typeattribute statement patch from Darrel Goeddel of TCS.
- * Changed genpolusers to handle multiple user config files.
- * Merged nodecon ordering patch from Chad Hanson of TCS.
-
-1.18 2004-10-07
- * MLS build fix.
- * Fixed Makefile dependencies (Chris PeBenito).
- * Merged fix for role dominance ordering issue from Chad Hanson of TCS.
- * Preserve portcon ordering and apply more checking.
-
-1.16 2004-08-13
- * Allow empty conditional clauses.
- * Moved genpolbools utility to libsepol.
- * Updated for libsepol set functions.
- * Changed to link with libsepol.a.
- * Moved core functionality into libsepol.
- * Merged bug fix for conditional self handling from Karl MacMillan, Dave Caplan, and Joshua Brindle of Tresys.
- * Added genpolusers program.
- * Fixed bug in checkpolicy conditional code.
-
-1.14 2004-06-28
- * Merged fix for MLS logic from Daniel Thayer of TCS.
- * Require semicolon terminator for typealias statement.
-
-1.12 2004-06-16
- * Merged fine-grained netlink class support.
-
-1.10 2004-04-07
- * Merged ipv6 support from James Morris of RedHat.
- * Fixed compute_av bug discovered by Chad Hanson of TCS.
-
-1.8 2004-03-09
- * Merged policydb MLS patch from Chad Hanson of TCS.
- * Fixed mmap of policy file.
-
-1.6 2004-02-18
- * Merged conditional policy extensions from Tresys Technology.
- * Added typealias declaration support per Russell Coker's request.
- * Added support for excluding types from type sets based on
- a patch by David Caplan, but reimplemented as a change to the
- policy grammar.
- * Merged patch from Colin Walters to report source file name and line
- number for errors when available.
- * Un-deprecated role transitions.
-
-1.4 2003-12-01
- * Regenerated headers.
- * Merged patches from Bastian Blank and Joerg Hoh.
-
-1.2 2003-09-30
- * Merged MLS build patch from Karl MacMillan of Tresys.
- * Merged checkpolicy man page from Magosanyi Arpad.
-
-1.1 2003-08-13
- * Fixed endian bug in policydb_write for behavior value.
- * License -> GPL.
- * Merged coding style cleanups from James Morris.
-
-1.0 2003-07-11
- * Initial public release.
-
Copied: tags/checkpolicy_1_30_12/checkpolicy/ChangeLog (from rev 2034, trunk/checkpolicy/ChangeLog)
===================================================================
--- tags/checkpolicy_1_30_12/checkpolicy/ChangeLog (rev 0)
+++ tags/checkpolicy_1_30_12/checkpolicy/ChangeLog 2006-09-28 12:16:58 UTC (rev 2035)
@@ -0,0 +1,289 @@
+1.30.12 2006-09-28
+ * Merged user and range_transition support for modules from
+ Darrel Goeddel
+
+1.30.11 2006-09-05
+ * merged range_transition enhancements and user module format
+ changes from Darrel Goeddel
+
+1.30.10 2006-08-03
+ * Merged symtab datum patch from Karl MacMillan.
+
+1.30.9 2006-06-29
+ * Lindent.
+
+1.30.8 2006-06-29
+ * Merged patch to remove TE rule conflict checking from the parser
+ from Joshua Brindle. This can only be done properly by the
+ expander.
+
+1.30.7 2006-06-27
+ * Merged patch to make checkpolicy/checkmodule handling of
+ duplicate/conflicting TE rules the same as the expander
+ from Joshua Brindle.
+
+1.30.6 2006-06-26
+ * Merged optionals in base take 2 patch set from Joshua Brindle.
+
+1.30.5 2006-05-05
+ * Merged compiler cleanup patch from Karl MacMillan.
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.30.4 2006-04-05
+ * Changed require_class to reject permissions that have not been
+ declared if building a base module.
+
+1.30.3 2006-03-28
+ * Fixed checkmodule to call link_modules prior to expand_module
+ to handle optionals.
+
+1.30.2 2006-03-28
+ * Fixed require_class to avoid shadowing permissions already defined
+ in an inherited common definition.
+
+1.30.1 2006-03-22
+ * Moved processing of role and user require statements to 2nd pass.
+
+1.30 2006-03-14
+ * Updated version for release.
+
+1.29.5 2006-03-09
+ * Fixed bug in role dominance (define_role_dom).
+
+1.29.4 2006-02-14
+ * Added a check for failure to declare each sensitivity in
+ a level definition.
+
+1.29.3 2006-02-13
+ * Changed to clone level data for aliased sensitivities to
+ avoid double free upon sens_destroy. Bug reported by Kevin
+ Carr of Tresys Technology.
+
+1.29.2 2006-02-13
+ * Merged optionals in base patch from Joshua Brindle.
+
+1.29.1 2006-02-01
+ * Merged sepol_av_to_string patch from Joshua Brindle.
+
+1.28 2005-12-07
+ * Updated version for release.
+
+1.27.20 2005-12-02
+ * Merged checkmodule man page from Dan Walsh, and edited it.
+
+1.27.19 2005-12-01
+ * Added error checking of all ebitmap_set_bit calls for out of
+ memory conditions.
+
+1.27.18 2005-12-01
+ * Merged removal of compatibility handling of netlink classes
+ (requirement that policies with newer versions include the
+ netlink class definitions, remapping of fine-grained netlink
+ classes in newer source policies to single netlink class when
+ generating older policies) from George Coker.
+
+1.27.17 2005-10-25
+ * Merged dismod fix from Joshua Brindle.
+
+1.27.16 2005-10-20
+ * Removed obsolete cond_check_type_rules() function and call and
+ cond_optimize_lists() call from checkpolicy.c; these are handled
+ during parsing and expansion now.
+
+1.27.15 2005-10-19
+ * Updated calls to expand_module for interface change.
+
+1.27.14 2005-10-19
+ * Changed checkmodule to verify that expand_module succeeds
+ when building base modules.
+
+1.27.13 2005-10-19
+ * Merged module compiler fixes from Joshua Brindle.
+
+1.27.12 2005-10-19
+ * Removed direct calls to hierarchy_check_constraints() and
+ check_assertions() from checkpolicy since they are now called
+ internally by expand_module().
+
+1.27.11 2005-10-18
+ * Updated for changes to sepol policydb_index_others interface.
+
+1.27.10 2005-10-17
+ * Updated for changes to sepol expand_module and link_modules interfaces.
+
+1.27.9 2005-10-13
+ * Merged support for require blocks inside conditionals from
+ Joshua Brindle (Tresys).
+
+1.27.8 2005-10-06
+ * Updated for changes to libsepol.
+
+1.27.7 2005-10-05
+ * Merged several bug fixes from Joshua Brindle (Tresys).
+
+1.27.6 2005-10-03
+ * Merged MLS in modules patch from Joshua Brindle (Tresys).
+
+1.27.5 2005-09-28
+ * Merged error handling improvement in checkmodule from Karl MacMillan (Tresys).
+
+1.27.4 2005-09-26
+ * Merged bugfix for dup role transition error messages from
+ Karl MacMillan (Tresys).
+
+1.27.3 2005-09-23
+ * Merged policyver/modulever patches from Joshua Brindle (Tresys).
+
+1.27.2 2005-09-20
+ * Fixed parse_categories handling of undefined category.
+
+1.27.1 2005-09-16
+ * Merged bug fix for role dominance handling from Darrel Goeddel (TCS).
+
+1.26 2005-09-06
+ * Updated version for release.
+
+1.25.12 2005-08-22
+ * Fixed handling of validatetrans constraint expressions.
+ Bug reported by Dan Walsh for checkpolicy -M.
+
+1.25.11 2005-08-18
+ * Merged use-after-free fix from Serge Hallyn (IBM).
+ Bug found by Coverity.
+
+1.25.10 2005-08-15
+ * Fixed further memory leaks found by valgrind.
+
+1.25.9 2005-08-15
+ * Changed checkpolicy to destroy the policydbs prior to exit
+ to allow leak detection.
+ * Fixed several memory leaks found by valgrind.
+
+1.25.8 2005-08-11
+ * Updated checkpolicy and dispol for the new avtab format.
+ Converted users of ebitmaps to new inline operators.
+ Note: The binary policy format version has been incremented to
+ version 20 as a result of these changes. To build a policy
+ for a kernel that does not yet include these changes, use
+ the -c 19 option to checkpolicy.
+
+1.25.7 2005-08-11
+ * Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys).
+
+1.25.6 2005-08-10
+ * Merged patch to fix dismod compilation from Joshua Brindle (Tresys).
+
+1.25.5 2005-08-09
+ * Fixed call to hierarchy checking code to pass the right policydb.
+
+1.25.4 2005-08-02
+ * Merged patch to update dismod for the relocation of the
+ module read/write code from libsemanage to libsepol, and
+ to enable build of test subdirectory from Jason Tang (Tresys).
+
+1.25.3 2005-07-18
+ * Merged hierarchy check fix from Joshua Brindle (Tresys).
+
+1.25.2 2005-07-06
+ * Merged loadable module support from Tresys Technology.
+
+1.25.1 2005-06-24
+ * Merged patch to prohibit the use of * and ~ in type sets
+ (other than in neverallow statements) and in role sets
+ from Joshua Brindle (Tresys).
+
+1.24 2005-06-20
+ * Updated version for release.
+
+1.23.4 2005-05-19
+ * Merged cleanup patch from Dan Walsh.
+
+1.23.3 2005-05-13
+ * Added sepol_ prefix to Flask types to avoid namespace
+ collision with libselinux.
+
+1.23.2 2005-04-29
+ * Merged identifier fix from Joshua Brindle (Tresys).
+
+1.23.1 2005-04-13
+ * Merged hierarchical type/role patch from Tresys Technology.
+ * Merged MLS fixes from Darrel Goeddel of TCS.
+
+1.22 2005-03-09
+ * Updated version for release.
+
+1.21.4 2005-02-17
+ * Moved genpolusers utility to libsepol.
+ * Merged range_transition support from Darrel Goeddel (TCS).
+
+1.21.3 2005-02-16
+ * Merged define_user() cleanup patch from Darrel Goeddel (TCS).
+
+1.21.2 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.21.1 2005-01-26
+ * Merged enhanced MLS support from Darrel Goeddel (TCS).
+
+1.20 2005-01-04
+ * Merged typeattribute statement patch from Darrel Goeddel of TCS.
+ * Changed genpolusers to handle multiple user config files.
+ * Merged nodecon ordering patch from Chad Hanson of TCS.
+
+1.18 2004-10-07
+ * MLS build fix.
+ * Fixed Makefile dependencies (Chris PeBenito).
+ * Merged fix for role dominance ordering issue from Chad Hanson of TCS.
+ * Preserve portcon ordering and apply more checking.
+
+1.16 2004-08-13
+ * Allow empty conditional clauses.
+ * Moved genpolbools utility to libsepol.
+ * Updated for libsepol set functions.
+ * Changed to link with libsepol.a.
+ * Moved core functionality into libsepol.
+ * Merged bug fix for conditional self handling from Karl MacMillan, Dave Caplan, and Joshua Brindle of Tresys.
+ * Added genpolusers program.
+ * Fixed bug in checkpolicy conditional code.
+
+1.14 2004-06-28
+ * Merged fix for MLS logic from Daniel Thayer of TCS.
+ * Require semicolon terminator for typealias statement.
+
+1.12 2004-06-16
+ * Merged fine-grained netlink class support.
+
+1.10 2004-04-07
+ * Merged ipv6 support from James Morris of RedHat.
+ * Fixed compute_av bug discovered by Chad Hanson of TCS.
+
+1.8 2004-03-09
+ * Merged policydb MLS patch from Chad Hanson of TCS.
+ * Fixed mmap of policy file.
+
+1.6 2004-02-18
+ * Merged conditional policy extensions from Tresys Technology.
+ * Added typealias declaration support per Russell Coker's request.
+ * Added support for excluding types from type sets based on
+ a patch by David Caplan, but reimplemented as a change to the
+ policy grammar.
+ * Merged patch from Colin Walters to report source file name and line
+ number for errors when available.
+ * Un-deprecated role transitions.
+
+1.4 2003-12-01
+ * Regenerated headers.
+ * Merged patches from Bastian Blank and Joerg Hoh.
+
+1.2 2003-09-30
+ * Merged MLS build patch from Karl MacMillan of Tresys.
+ * Merged checkpolicy man page from Magosanyi Arpad.
+
+1.1 2003-08-13
+ * Fixed endian bug in policydb_write for behavior value.
+ * License -> GPL.
+ * Merged coding style cleanups from James Morris.
+
+1.0 2003-07-11
+ * Initial public release.
+
Deleted: tags/checkpolicy_1_30_12/checkpolicy/VERSION
===================================================================
--- trunk/checkpolicy/VERSION 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/checkpolicy_1_30_12/checkpolicy/VERSION 2006-09-28 12:16:58 UTC (rev 2035)
@@ -1 +0,0 @@
-1.30.11
Copied: tags/checkpolicy_1_30_12/checkpolicy/VERSION (from rev 2034, trunk/checkpolicy/VERSION)
===================================================================
--- tags/checkpolicy_1_30_12/checkpolicy/VERSION (rev 0)
+++ tags/checkpolicy_1_30_12/checkpolicy/VERSION 2006-09-28 12:16:58 UTC (rev 2035)
@@ -0,0 +1 @@
+1.30.12
Deleted: tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c
===================================================================
--- trunk/checkpolicy/module_compiler.c 2006-09-18 19:13:13 UTC (rev 2032)
+++ tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c 2006-09-28 12:16:58 UTC (rev 2035)
@@ -1,1304 +0,0 @@
-/* Author : Joshua Brindle <jbr...@tr...>
- * Karl MacMillan <kma...@tr...>
- * Jason Tang <jt...@tr...>
- * Added support for binary policy modules
- *
- * Copyright (C) 2004 - 2005 Tresys Technology, LLC
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, version 2.
- */
-
-#include <assert.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <sepol/policydb/policydb.h>
-#include <sepol/policydb/avrule_block.h>
-#include <sepol/policydb/conditional.h>
-
-#include "queue.h"
-#include "module_compiler.h"
-
-union stack_item_u {
- avrule_block_t *avrule;
- cond_list_t *cond_list;
-};
-
-typedef struct scope_stack {
- union stack_item_u u;
- int type; /* for above union: 1 = avrule block, 2 = conditional */
- avrule_decl_t *decl; /* if in an avrule block, which
- * declaration is current */
- avrule_t *last_avrule;
- int in_else; /* if in an avrule block, within ELSE branch */
- int require_given; /* 1 if this block had at least one require */
- struct scope_stack *parent, *child;
-} scope_stack_t;
-
-extern policydb_t *policydbp;
-extern queue_t id_queue;
-extern int yyerror(char *msg);
-extern void yyerror2(char *fmt, ...);
-
-static int push_stack(int stack_type, ...);
-static void pop_stack(void);
-
-/* keep track of the last item added to the stack */
-static scope_stack_t *stack_top = NULL;
-static avrule_block_t *last_block;
-static uint32_t next_decl_id = 1;
-
-int define_policy(int pass, int module_header_given)
-{
- char *id;
-
- if (module_header_given) {
- if (policydbp->policy_type != POLICY_MOD) {
- yyerror
- ("Module specification found while not building a policy module.\n");
- return -1;
- }
-
- if (pass == 2) {
- while ((id = queue_remove(id_queue)) != NULL)
- free(id);
- } else {
- id = (char *)queue_remove(id_queue);
- if (!id) {
- yyerror("no module name");
- return -1;
- }
- policydbp->name = id;
- if ((policydbp->version =
- queue_remove(id_queue)) == NULL) {
- yyerror
- ("Expected a module version but none was found.");
- return -1;
- }
- }
- } else {
- if (policydbp->policy_type == POLICY_MOD) {
- yyerror
- ("Building a policy module, but no module specification found.\n");
- return -1;
- }
- }
- /* the first declaration within the global avrule
- block will always have an id of 1 */
- next_decl_id = 2;
-
- /* reset the scoping stack */
- while (stack_top != NULL) {
- pop_stack();
- }
- if (push_stack(1, policydbp->global, policydbp->global->branch_list) ==
- -1) {
- return -1;
- }
- last_block = policydbp->global;
- return 0;
-}
-
-/* Given the current parse stack, returns 1 if a declaration would be
- * allowed here or 0 if not. For example, declarations are not
- * allowed in conditionals, so if there are any conditionals in the
- * current scope stack then this would return a 0.
- */
-static int is_declaration_allowed(void)
-{
- if (stack_top->type != 1 || stack_top->in_else) {
- return 0;
- }
- return 1;
-}
-
-/* Attempt to declare a symbol within the current declaration. If
- * currently within a non-conditional and in a non-else branch then
- * insert the symbol, return 0 on success if symbol was undeclared.
- * For roles and users, it is legal to have multiple declarations; as
- * such return 1 to indicate that caller must free() the datum because
- * it was not added. If symbols may not be declared here return -1.
- * For duplicate declarations return -2. For all else, including out
- * of memory, return -3. Note that dest_value and datum_value might
- * not be restricted pointers. */
-int declare_symbol(uint32_t symbol_type,
- hashtab_key_t key, hashtab_datum_t datum,
- uint32_t * dest_value, uint32_t * datum_value)
-{
- avrule_decl_t *decl = stack_top->decl;
- int retval;
-
- /* first check that symbols may be declared here */
- if (!is_declaration_allowed()) {
- return -1;
- }
- retval = symtab_insert(policydbp, symbol_type, key, datum,
- SCOPE_DECL, decl->decl_id, dest_value);
- if (retval == 1) {
- symtab_datum_t *s =
- (symtab_datum_t *) hashtab_search(policydbp->
- symtab[symbol_type].table,
- key);
- assert(s != NULL);
- *dest_value = s->value;
- } else if (retval == -2) {
- return -2;
- } else if (retval < 0) {
- return -3;
- } else { /* fall through possible if retval is 0 */
- }
- if (datum_value != NULL) {
- if (ebitmap_set_bit(decl->declared.scope + symbol_type,
- *datum_value - 1, 1)) {
- return -3;
- }
- }
- return retval;
-}
-
-role_datum_t *declare_role(void)
-{
- char *id = queue_remove(id_queue), *dest_id = NULL;
- role_datum_t *role = NULL, *dest_role = NULL;
- int retval;
- uint32_t value;
-
- if (id == NULL) {
- yyerror("no role name");
- return NULL;
- }
- if ((role = (role_datum_t *) malloc(sizeof(*role))) == NULL) {
- yyerror("Out of memory!");
- free(id);
- return NULL;
- }
- role_datum_init(role);
-
- retval =
- declare_symbol(SYM_ROLES, id, (hashtab_datum_t *) role, &value,
- &value);
- if (retval == 0) {
- role->s.value = value;
- if ((dest_id = strdup(id)) == NULL) {
- yyerror("Out of memory!");
- return NULL;
- }
- } else {
- /* this role was already declared in this module, or error */
- dest_id = id;
- role_datum_destroy(role);
- free(role);
- }
- if (retval == 0 || retval == 1) {
- /* create a new role_datum_t for this decl, if necessary */
- hashtab_t roles_tab;
- assert(stack_top->type == 1);
- if (stack_top->parent == NULL) {
- /* in parent, so use global symbol table */
- roles_tab = policydbp->p_roles.table;
- } else {
- roles_tab = stack_top->decl->p_roles.table;
- }
- dest_role = (role_datum_t *) hashtab_search(roles_tab, dest_id);
- if (dest_role == NULL) {
- if ((dest_role =
- (role_datum_t *) malloc(sizeof(*dest_role))) ==
- NULL) {
- yyerror("Out of memory!");
- free(dest_id);
- return NULL;
- }
- role_datum_init(dest_role);
- dest_role->s.value = value;
- if (hashtab_insert(roles_tab, dest_id, dest_role)) {
- yyerror("Out of memory!");
- free(dest_id);
- role_datum_destroy(dest_role);
- free(dest_role);
- return NULL;
- }
- } else {
- free(dest_id);
- }
- } else {
- free(dest_id);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return NULL;
- }
- case -2:{
- yyerror("duplicate declaration of role");
- return NULL;
- }
- case -1:{
- yyerror("could not declare role here");
- return NULL;
- }
- case 0:{
- if (ebitmap_set_bit
- (&dest_role->dominates, role->s.value - 1, 1)) {
- yyerror("out of memory");
- return NULL;
- }
- return dest_role;
- }
- case 1:{
- return dest_role; /* role already declared for this block */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-type_datum_t *declare_type(unsigned char primary, unsigned char isattr)
-{
- char *id;
- type_datum_t *typdatum;
- int retval;
- uint32_t value = 0;
-
- id = (char *)queue_remove(id_queue);
- if (!id) {
- yyerror("no type/attribute name?");
- return NULL;
- }
- if (strcmp(id, "self") == 0) {
- yyerror
- ("'self' is a reserved type name and may not be declared.");
- free(id);
- return NULL;
- }
-
- typdatum = (type_datum_t *) malloc(sizeof(type_datum_t));
- if (!typdatum) {
- yyerror("Out of memory!");
- free(id);
- return NULL;
- }
- type_datum_init(typdatum);
- typdatum->primary = primary;
- typdatum->flavor = isattr ? TYPE_ATTRIB : TYPE_TYPE;
-
- retval = declare_symbol(SYM_TYPES, id, typdatum, &value, &value);
- if (retval == 0 || retval == 1) {
- if (typdatum->primary) {
- typdatum->s.value = value;
- }
- } else {
- /* error occurred (can't have duplicate type declarations) */
- free(id);
- type_datum_destroy(typdatum);
- free(typdatum);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return NULL;
- }
- case -2:{
- yyerror2("duplicate declaration of type/attribute");
- return NULL;
- }
- case -1:{
- yyerror("could not declare type/attribute here");
- return NULL;
- }
- case 0:
- case 1:{
- return typdatum;
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-user_datum_t *declare_user(void)
-{
- char *id = queue_remove(id_queue), *dest_id = NULL;
- user_datum_t *user = NULL, *dest_user = NULL;
- int retval;
- uint32_t value = 0;
-
- if (id == NULL) {
- yyerror("no user name");
- return NULL;
- }
- if ((user = (user_datum_t *) malloc(sizeof(*user))) == NULL) {
- yyerror("Out of memory!");
- free(id);
- return NULL;
- }
- user_datum_init(user);
-
- retval =
- declare_symbol(SYM_USERS, id, (hashtab_datum_t *) user, &value,
- &value);
-
- if (retval == 0) {
- user->s.value = value;
- if ((dest_id = strdup(id)) == NULL) {
- yyerror("Out of memory!");
- return NULL;
- }
- } else {
- /* this user was already declared in this module, or error */
- dest_id = id;
- user_datum_destroy(user);
- free(user);
- }
- if (retval == 0 || retval == 1) {
- /* create a new user_datum_t for this decl, if necessary */
- hashtab_t users_tab;
- assert(stack_top->type == 1);
- if (stack_top->parent == NULL) {
- /* in parent, so use global symbol table */
- users_tab = policydbp->p_users.table;
- } else {
- users_tab = stack_top->decl->p_users.table;
- }
- dest_user = (user_datum_t *) hashtab_search(users_tab, dest_id);
- if (dest_user == NULL) {
- if ((dest_user =
- (user_datum_t *) malloc(sizeof(*dest_user))) ==
- NULL) {
- yyerror("Out of memory!");
- free(dest_id);
- return NULL;
- }
- user_datum_init(dest_user);
- dest_user->s.value = value;
- if (hashtab_insert(users_tab, dest_id, dest_user)) {
- yyerror("Out of memory!");
- free(dest_id);
- user_datum_destroy(dest_user);
- free(dest_user);
- return NULL;
- }
- } else {
- free(dest_id);
- }
- } else {
- free(dest_id);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return NULL;
- }
- case -2:{
- yyerror("duplicate declaration of user");
- return NULL;
- }
- case -1:{
- yyerror("could not declare user here");
- return NULL;
- }
- case 0:{
- return dest_user;
- }
- case 1:{
- return dest_user; /* user already declared for this block */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-/* Return a type_datum_t for the local avrule_decl with the given ID.
- * If it does not exist, create one with the same value as 'value'.
- * This function assumes that the ID is within scope. c.f.,
- * is_id_in_scope().
- *
- * NOTE: this function usurps ownership of id afterwards. The caller
- * shall not reference it nor free() it afterwards.
- */
-type_datum_t *get_local_type(char *id, uint32_t value, unsigned char isattr)
-{
- type_datum_t *dest_typdatum;
- hashtab_t types_tab;
- assert(stack_top->type == 1);
- if (stack_top->parent == NULL) {
- /* in global, so use global symbol table */
- types_tab = policydbp->p_types.table;
- } else {
- types_tab = stack_top->decl->p_types.table;
- }
- dest_typdatum = hashtab_search(types_tab, id);
- if (!dest_typdatum) {
- dest_typdatum = (type_datum_t *) malloc(sizeof(type_datum_t));
- if (dest_typdatum == NULL) {
- free(id);
- return NULL;
- }
- type_datum_init(dest_typdatum);
- dest_typdatum->s.value = value;
- dest_typdatum->flavor = isattr ? TYPE_ATTRIB : TYPE_TYPE;
- dest_typdatum->primary = 1;
- if (hashtab_insert(types_tab, id, dest_typdatum)) {
- free(id);
- type_datum_destroy(dest_typdatum);
- free(dest_typdatum);
- return NULL;
- }
-
- } else {
- free(id);
- if (dest_typdatum->flavor != isattr ? TYPE_ATTRIB : TYPE_TYPE) {
- return NULL;
- }
- }
- return dest_typdatum;
-}
-
-/* Given the current parse stack, returns 1 if a requirement would be
- * allowed here or 0 if not. For example, the ELSE branch may never
- * have its own requirements.
- */
-static int is_require_allowed(void)
-{
- if (stack_top->type == 1 && !stack_top->in_else) {
- return 1;
- }
- return 0;
-}
-
-/* Attempt to require a symbol within the current scope. If currently
- * within an optional (and not its else branch), add the symbol to the
- * required list. Return 0 on success, 1 if caller needs to free()
- * datum. If symbols may not be declared here return -1. For duplicate
- * declarations return -2. For all else, including out of memory,
- * return -3.. Note that dest_value and datum_value might not be
- * restricted pointers.
- */
-int require_symbol(uint32_t symbol_type,
- hashtab_key_t key, hashtab_datum_t datum,
- uint32_t * dest_value, uint32_t * datum_value)
-{
- avrule_decl_t *decl = stack_top->decl;
- int retval;
-
- /* first check that symbols may be required here */
- if (!is_require_allowed()) {
- return -1;
- }
- retval = symtab_insert(policydbp, symbol_type, key, datum,
- SCOPE_REQ, decl->decl_id, dest_value);
- if (retval == 1) {
- symtab_datum_t *s =
- (symtab_datum_t *) hashtab_search(policydbp->
- symtab[symbol_type].table,
- key);
- assert(s != NULL);
- *dest_value = s->value;
- } else if (retval == -2) {
- /* ignore require statements if that symbol was
- * previously declared and is in current scope */
- int prev_declaration_ok = 0;
- if (is_id_in_scope(symbol_type, key)) {
- if (symbol_type == SYM_TYPES) {
- /* check that previous symbol has same
- * type/attribute-ness */
- unsigned char new_isattr =
- ((type_datum_t *) datum)->flavor;
- type_datum_t *old_datum =
- (type_datum_t *) hashtab_search(policydbp->
- symtab
- [SYM_TYPES].
- table, key);
- assert(old_datum != NULL);
- unsigned char old_isattr = old_datum->flavor;
- prev_declaration_ok =
- (old_isattr == new_isattr ? 1 : 0);
- } else {
- prev_declaration_ok = 1;
- }
- }
- if (prev_declaration_ok) {
- /* ignore this require statement because it
- * was already declared within my scope */
- stack_top->require_given = 1;
- return 1;
- } else {
- /* previous declaration was not in scope or
- * had a mismatched type/attribute, so
- * generate an error */
- return -2;
- }
- } else if (retval < 0) {
- return -3;
- } else { /* fall through possible if retval is 0 or 1 */
- }
- if (datum_value != NULL) {
- if (ebitmap_set_bit(decl->required.scope + symbol_type,
- *datum_value - 1, 1)) {
- return -3;
- }
- }
- stack_top->require_given = 1;
- return retval;
-}
-
-int add_perm_to_class(uint32_t perm_value, uint32_t class_value)
-{
- avrule_decl_t *decl = stack_top->decl;
- scope_index_t *scope;
-
- assert(perm_value >= 1);
- assert(class_value >= 1);
- scope = &decl->required;
- if (class_value > scope->class_perms_len) {
- int i;
- ebitmap_t *new_map = realloc(scope->class_perms_map,
- class_value * sizeof(*new_map));
- if (new_map == NULL) {
- return -1;
- }
- scope->class_perms_map = new_map;
- for (i = scope->class_perms_len; i < class_value; i++) {
- ebitmap_init(scope->class_perms_map + i);
- }
- scope->class_perms_len = class_value;
- }
- if (ebitmap_set_bit(scope->class_perms_map + class_value - 1,
- perm_value - 1, 1)) {
- return -1;
- }
- return 0;
-}
-
-static int perm_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p
- __attribute__ ((unused)))
-{
- if (key)
- free(key);
- free(datum);
- return 0;
-}
-
-static void class_datum_destroy(class_datum_t * cladatum)
-{
- if (cladatum != NULL) {
- hashtab_map(cladatum->permissions.table, perm_destroy, NULL);
- hashtab_destroy(cladatum->permissions.table);
- free(cladatum);
- }
-}
-
-int require_class(int pass)
-{
- char *class_id = queue_remove(id_queue);
- char *perm_id = NULL;
- class_datum_t *datum = NULL;
- perm_datum_t *perm = NULL;
- int ret;
-
- if (pass == 2) {
- free(class_id);
- while ((perm_id = queue_remove(id_queue)) != NULL)
- free(perm_id);
- return 0;
- }
-
- /* first add the class if it is not already there */
- if (class_id == NULL) {
- yyerror("no class name for class definition?");
- return -1;
- }
-
- if ((datum = calloc(1, sizeof(*datum))) == NULL ||
- symtab_init(&datum->permissions, PERM_SYMTAB_SIZE)) {
- yyerror("Out of memory!");
- goto cleanup;
- }
- ret =
- require_symbol(SYM_CLASSES, class_id, datum, &datum->s.value,
- &datum->s.value);
- switch (ret) {
- case -3:{
- yyerror("Out of memory!");
- free(class_id);
- class_datum_destroy(datum);
- goto cleanup;
- }
- case -2:{
- yyerror("duplicate declaration of class");
- free(class_id);
- class_datum_destroy(datum);
- goto cleanup;
- }
- case -1:{
- yyerror("could not require class here");
- free(class_id);
- class_datum_destroy(datum);
- goto cleanup;
- }
- case 0:{
- /* a new class was added; reindex everything */
- if (policydb_index_classes(policydbp)) {
- yyerror("Out of memory!");
- goto cleanup;
- }
- break;
- }
- case 1:{
- class_datum_destroy(datum);
- datum =
- hashtab_search(policydbp->p_classes.table,
- class_id);
- assert(datum); /* the class datum should have existed */
- free(class_id);
- break;
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-
- /* now add each of the permissions to this class's requirements */
- while ((perm_id = queue_remove(id_queue)) != NULL) {
- int allocated = 0;
-
- /* Is the permission already in the table? */
- perm = hashtab_search(datum->permissions.table, perm_id);
- if (!perm && datum->comdatum)
- perm =
- hashtab_search(datum->comdatum->permissions.table,
- perm_id);
- if (perm) {
- /* Yes, drop the name. */
- free(perm_id);
- } else {
- /* No - allocate and insert an entry for it. */
- if (policydbp->policy_type == POLICY_BASE) {
- yyerror2
- ("Base policy - require of permission %s without prior declaration.",
- perm_id);
- free(perm_id);
- goto cleanup;
- }
- allocated = 1;
- if ((perm = malloc(sizeof(*perm))) == NULL) {
- yyerror("Out of memory!");
- free(perm_id);
- goto cleanup;
- }
- memset(perm, 0, sizeof(*perm));
- ret =
- hashtab_insert(datum->permissions.table, perm_id,
- perm);
- if (ret) {
- yyerror("Out of memory!");
- free(perm_id);
- free(perm);
- goto cleanup;
- }
- perm->s.value = datum->permissions.nprim + 1;
- }
-
- if (add_perm_to_class(perm->s.value, datum->s.value) == -1) {
- yyerror("Out of memory!");
- goto cleanup;
- }
-
- /* Update number of primitives if we allocated one. */
- if (allocated)
- datum->permissions.nprim++;
- }
- return 0;
- cleanup:
- return -1;
-}
-
-int require_role(int pass)
-{
- char *id = queue_remove(id_queue);
- role_datum_t *role = NULL;
- int retval;
- if (pass == 2) {
- free(id);
- return 0;
- }
- if (id == NULL) {
- yyerror("no role name");
- return -1;
- }
- if ((role = malloc(sizeof(*role))) == NULL) {
- free(id);
- yyerror("Out of memory!");
- return -1;
- }
- role_datum_init(role);
- retval =
- require_symbol(SYM_ROLES, id, (hashtab_datum_t *) role,
- &role->s.value, &role->s.value);
- if (retval != 0) {
- free(id);
- role_datum_destroy(role);
- free(role);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return -1;
- }
- case -2:{
- yyerror("duplicate declaration of role");
- return -1;
- }
- case -1:{
- yyerror("could not require role here");
- return -1;
- }
- case 0:{
- /* all roles dominate themselves */
- if (ebitmap_set_bit
- (&role->dominates, role->s.value - 1, 1)) {
- yyerror("Out of memory");
- return -1;
- }
- return 0;
- }
- case 1:{
- return 0; /* role already required */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-static int require_type_or_attribute(int pass, unsigned char isattr)
-{
- char *id = queue_remove(id_queue);
- type_datum_t *type = NULL;
- int retval;
- if (pass == 2) {
- free(id);
- return 0;
- }
- if (id == NULL) {
- yyerror("no type name");
- return -1;
- }
- if ((type = malloc(sizeof(*type))) == NULL) {
- free(id);
- yyerror("Out of memory!");
- return -1;
- }
- type_datum_init(type);
- type->primary = 1;
- type->flavor = isattr ? TYPE_ATTRIB : TYPE_TYPE;
- retval =
- require_symbol(SYM_TYPES, id, (hashtab_datum_t *) type,
- &type->s.value, &type->s.value);
- if (retval != 0) {
- free(id);
- free(type);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return -1;
- }
- case -2:{
- yyerror("duplicate declaration of type/attribute");
- return -1;
- }
- case -1:{
- yyerror("could not require type/attribute here");
- return -1;
- }
- case 0:{
- return 0;
- }
- case 1:{
- return 0; /* type already required */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-int require_type(int pass)
-{
- return require_type_or_attribute(pass, 0);
-}
-
-int require_attribute(int pass)
-{
- return require_type_or_attribute(pass, 1);
-}
-
-int require_user(int pass)
-{
- char *id = queue_remove(id_queue);
- user_datum_t *user = NULL;
- int retval;
- if (pass == 1) {
- free(id);
- return 0;
- }
- if (id == NULL) {
- yyerror("no user name");
- return -1;
- }
- if ((user = malloc(sizeof(*user))) == NULL) {
- free(id);
- yyerror("Out of memory!");
- return -1;
- }
- user_datum_init(user);
- retval =
- require_symbol(SYM_USERS, id, (hashtab_datum_t *) user,
- &user->s.value, &user->s.value);
- if (retval != 0) {
- free(id);
- user_datum_destroy(user);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return -1;
- }
- case -2:{
- yyerror("duplicate declaration of user");
- return -1;
- }
- case -1:{
- yyerror("could not require user here");
- return -1;
- }
- case 0:{
- return 0;
- }
- case 1:{
- return 0; /* user already required */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-int require_bool(int pass)
-{
- char *id = queue_remove(id_queue);
- cond_bool_datum_t *booldatum = NULL;
- int retval;
- if (pass == 2) {
- free(id);
- return 0;
- }
- if (id == NULL) {
- yyerror("no boolean name");
- return -1;
- }
- if ((booldatum = calloc(1, sizeof(*booldatum))) == NULL) {
- cond_destroy_bool(id, booldatum, NULL);
- yyerror("Out of memory!");
- return -1;
- }
- retval =
- require_symbol(SYM_BOOLS, id, (hashtab_datum_t *) booldatum,
- &booldatum->s.value, &booldatum->s.value);
- if (retval != 0) {
- cond_destroy_bool(id, booldatum, NULL);
- }
- switch (retval) {
- case -3:{
- yyerror("Out of memory!");
- return -1;
- }
- case -2:{
- yyerror("duplicate declaration of boolean");
- return -1;
- }
- case -1:{
- yyerror("could not require boolean here");
- return -1;
- }
- case 0:{
- return 0;
- }
- case 1:{
- return 0; /* boolean already required */
- }
- default:{
- assert(0); /* should never get here */
- }
- }
-}
-
-static int is_scope_in_stack(scope_datum_t * scope, scope_stack_t * stack)
-{
- int i;
- if (stack == NULL) {
- return 0; /* no matching scope found */
- }
- if (stack->type == 1) {
- avrule_decl_t *decl = stack->decl;
- for (i = 0; i < scope->decl_ids_len; i++) {
- if (scope->decl_ids[i] == decl->decl_id) {
- return 1;
- }
- }
- } else {
- /* note that conditionals can't declare or require
- * symbols, so skip this level */
- }
-
- /* not within scope of this stack, so try its parent */
- return is_scope_in_stack(scope, stack->parent);
-}
-
-int is_id_in_scope(uint32_t symbol_type, hashtab_key_t id)
-{
- scope_datum_t *scope =
- (scope_datum_t *) hashtab_search(policydbp->scope[symbol_type].
- table, id);
- if (scope == NULL) {
- return 1; /* id is not known, so return success */
- }
- return is_scope_in_stack(scope, stack_top);
-}
-
-static int is_perm_in_scope_index(uint32_t perm_value, uint32_t class_value,
- scope_index_t * scope)
-{
- if (class_value > scope->class_perms_len) {
- return 1;
- }
- if (ebitmap_get_bit(scope->class_perms_map + class_value - 1,
- perm_value - 1)) {
- return 1;
- }
- return 0;
-}
-
-static int is_perm_in_stack(uint32_t perm_value, uint32_t class_value,
- scope_stack_t * stack)
-{
- if (stack == NULL) {
- return 0; /* no matching scope found */
- }
- if (stack->type == 1) {
- avrule_decl_t *decl = stack->decl;
- if (is_perm_in_scope_index
- (perm_value, class_value, &decl->required)
- || is_perm_in_scope_index(perm_value, class_value,
- &decl->declared)) {
- return 1;
- }
- } else {
- /* note that conditionals can't declare or require
- * symbols, so skip this level */
- }
-
- /* not within scope of this stack, so try its parent */
- return is_perm_in_stack(perm_value, class_value, stack->parent);
-}
-
-int is_perm_in_scope(hashtab_key_t perm_id, hashtab_key_t class_id)
-{
- class_datum_t *cladatum =
- (class_datum_t *) hashtab_search(policydbp->p_classes.table,
- class_id);
- perm_datum_t *perdatum;
- if (cladatum == NULL) {
- return 1;
- }
- perdatum = (perm_datum_t *) hashtab_search(cladatum->permissions.table,
- perm_id);
- if (perdatum == NULL) {
- return 1;
- }
- return is_perm_in_stack(perdatum->s.value, cladatum->s.value,
- stack_top);
-}
-
-cond_list_t *get_current_cond_list(cond_list_t * cond)
-{
- /* FIX ME: do something different here if in a nested
- * conditional? */
- avrule_decl_t *decl = stack_top->decl;
- return get_decl_cond_list(policydbp, decl, cond);
-}
-
-/* Append the new conditional node to the existing ones. During
- * expansion the list will be reversed -- i.e., the last AV rule will
- * be the first one listed in the policy. This matches the behavior
- * of the upstream compiler. */
-void append_cond_list(cond_list_t * cond)
-{
- cond_list_t *old_cond = get_current_cond_list(cond);
- avrule_t *tmp;
- assert(old_cond != NULL); /* probably out of memory */
- if (old_cond->avtrue_list == NULL) {
- old_cond->avtrue_list = cond->avtrue_list;
- } else {
- for (tmp = old_cond->avtrue_list; tmp->next != NULL;
- tmp = tmp->next) ;
- tmp->next = cond->avtrue_list;
- }
- if (old_cond->avfalse_list == NULL) {
- old_cond->avfalse_list = cond->avfalse_list;
- } else {
- for (tmp = old_cond->avfalse_list; tmp->next != NULL;
- tmp = tmp->next) ;
- tmp->next = cond->avfalse_list;
- }
-}
-
-void append_avrule(avrule_t * avrule)
-{
- avrule_decl_t *decl = stack_top->decl;
-
- /* currently avrules follow a completely different code path
- * for handling avrules and compute types
- * (define_cond_avrule_te_avtab, define_cond_compute_type);
- * therefore there ought never be a conditional on top of the
- * scope stack */
- assert(stack_top->type == 1);
-
- if (stack_top->last_avrule == NULL) {
- decl->avrules = avrule;
- } else {
- stack_top->last_avrule->next = avrule;
- }
- stack_top->last_avrule = avrule;
-}
-
-/* this doesn't actually append, but really prepends it */
-void append_role_trans(role_trans_rule_t * role_tr_rules)
-{
- avrule_decl_t *decl = stack_top->decl;
-
- /* role transitions are not allowed within conditionals */
- assert(stack_top->type == 1);
-
- role_tr_rules->next = decl->role_tr_rules;
- decl->role_tr_rules = role_tr_rules;
-}
-
-/* this doesn't actually append, but really prepends it */
-void append_role_allow(role_allow_rule_t * role_allow_rules)
-{
- avrule_decl_t *decl = stack_top->decl;
-
- /* role allows are not allowed within conditionals */
- assert(stack_top->type == 1);
-
- role_allow_rules->next = decl->role_allow_rules;
- decl->role_allow_rules = role_allow_rules;
-}
-
-/* this doesn't actually append, but really prepends it */
-void append_range_trans(range_trans_rule_t * range_tr_rules)
-{
- avrule_decl_t *decl = stack_top->decl;
-
- /* range transitions are not allowed within conditionals */
- assert(stack_top->type == 1);
-
- range_tr_rules->next = decl->range_tr_rules;
- decl->range_tr_rules = range_tr_rules;
-}
-
-int begin_optional(int pass)
-{
- avrule_block_t *block = NULL;
- avrule_decl_t *decl;
- if (pass == 1) {
- /* allocate a new avrule block for this optional block */
- if ((block = avrule_block_create()) == NULL ||
- (decl = avrule_decl_create(next_decl_id)) == NULL) {
- goto cleanup;
- }
- block->flags |= AVRULE_OPTIONAL;
- block->branch_list = decl;
- last_block->next = block;
- } else {
- /* select the next block from the chain built during pass 1 */
- block = last_block->next;
- assert(block != NULL &&
- block->branch_list != NULL &&
- block->branch_list->decl_id == next_decl_id);
- decl = block->branch_list;
- }
- if (push_stack(1, block, decl) == -1) {
- goto cleanup;
- }
- stack_top->last_avrule = NULL;
- last_block = block;
- next_decl_id++;
- return 0;
- cleanup:
- yyerror("Out of memory!");
- avrule_block_destroy(block);
- return -1;
-}
-
-int end_optional(int pass)
-{
- /* once nested conditionals are allowed, do the stack unfolding here */
- pop_stack();
- return 0;
-}
-
-int begin_optional_else(int pass)
-{
- avrule_decl_t *decl;
- assert(stack_top->type == 1 && stack_top->in_else == 0);
- if (pass == 1) {
- /* allocate a new declaration and add it to the
- * current chain */
- if ((decl = avrule_decl_create(next_decl_id)) == NULL) {
- yyerror("Out of memory!");
- return -1;
- }
- stack_top->decl->next = decl;
- } else {
- /* pick the (hopefully last) declaration of this
- avrule block, built from pass 1 */
- decl = stack_top->decl->next;
- assert(decl != NULL &&
- decl->next == NULL && decl->decl_id == next_decl_id);
- }
- stack_top->in_else = 1;
- stack_top->decl = decl;
- stack_top->last_avrule = NULL;
- stack_top->require_given = 0;
- next_decl_id++;
- return 0;
-}
-
-static int copy_requirements(avrule_decl_t * dest, scope_stack_t * stack)
-{
- int i;
- if (stack == NULL) {
- return 0;
- }
- if (stack->type == 1) {
- scope_index_t *src_scope = &stack->decl->required;
- scope_index_t *dest_scope = &dest->required;
- for (i = 0; i < SYM_NUM; i++) {
- ebitmap_t *src_bitmap = &src_scope->scope[i];
- ebitmap_t *dest_bitmap = &dest_scope->scope[i];
- if (ebitmap_union(dest_bitmap, src_bitmap)) {
- yyerror("Out of memory!");
- return -1;
- }
- }
- /* now copy class permissions */
- if (src_scope->class_perms_len > dest_scope->class_perms_len) {
- ebitmap_t *new_map =
- realloc(dest_scope->class_perms_map,
- src_scope->class_perms_len *
- sizeof(*new_map));
- if (new_map == NULL) {
- yyerror("Out of memory!");
- return -1;
- }
- dest_scope->class_perms_map = new_map;
- for (i = dest_scope->class_perms_len;
- i < src_scope->class_perms_len; i++) {
- ebitmap_init(dest_scope->class_perms_map + i);
- }
- dest_scope->class_perms_len =
- src_scope->class_perms_len;
- }
- for (i = 0; i < src_scope->class_perms_len; i++) {
- ebitmap_t *src_bitmap = &src_scope->class_perms_map[i];
- ebitmap_t *dest_bitmap =
- &dest_scope->class_perms_map[i];
- if (ebitmap_union(dest_bitmap, src_bitmap)) {
- yyerror("Out of memory!");
- return -1;
- }
- }
- }
- return copy_requirements(dest, stack->parent);
-}
-
-/* During pass 1, check that at least one thing was required within
- * this block, for those places where a REQUIRED is necessary. During
- * pass 2, have this block inherit its parents' requirements. Return
- * 0 on success, -1 on failure. */
-int end_avrule_block(int pass)
-{
- avrule_decl_t *decl = stack_top->decl;
- assert(stack_top->type == 1);
- if (pass == 2) {
- /* this avrule_decl inherits all of its parents'
- * requirements */
- if (copy_requirements(decl, stack_top->parent) == -1) {
- return -1;
- }
- return 0;
- }
- if (!stack_top->in_else && !stack_top->require_given) {
- if (policydbp->policy_type == POLICY_BASE
- && stack_top->parent != NULL) {
- /* if this is base no require should be in the global block */
- return 0;
- } else {
- /* non-ELSE branches must have at least one thing required */
- yyerror("This block has no require section.");
- return -1;
- }
- }
- return 0;
-}
-
-/* Push a new scope on to the stack and update the 'last' pointer.
- * Return 0 on success, -1 if out * of memory. */
-static int push_stack(int stack_type, ...)
-{
- scope_stack_t *s = calloc(1, sizeof(*s));
- va_list ap;
- if (s == NULL) {
- return -1;
- }
- va_start(ap, stack_type);
- switch (s->type = stack_type) {
- case 1:{
- s->u.avrule = va_arg(ap, avrule_block_t *);
- s->decl = va_arg(ap, avrule_decl_t *);
- break;
- }
- case 2:{
- s->u.cond_list = va_arg(ap, cond_list_t *);
- break;
- }
- default:
- /* invalid stack type given */
- assert(0);
- }
- va_end(ap);
- s->parent = stack_top;
- s->child = NULL;
- stack_top = s;
- return 0;
-}
-
-/* Pop off the most recently added from the stack. Update the 'last'
- * pointer. */
-static void pop_stack(void)
-{
- scope_stack_t *parent;
- assert(stack_top != NULL);
- parent = stack_top->parent;
- if (parent != NULL) {
- parent->child = NULL;
- }
- free(stack_top);
- stack_top = parent;
-}
Copied: tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c (from rev 2033, trunk/checkpolicy/module_compiler.c)
===================================================================
--- tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c (rev 0)
+++ tags/checkpolicy_1_30_12/checkpolicy/module_compiler.c 2006-09-28 12:16:58 UTC (rev 2035)
@@ -0,0 +1,1420 @@
+/* Author : Joshua Brindle <jbr...@tr...>
+ * Karl MacMillan <kma...@tr...>
+ * Jason Tang <jt...@tr...>
+ * Added support for binary policy modules
+ *
+ * Copyright (C) 2004 - 2005 Tresys Technology, LLC
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2.
+ */
+
+#include <assert.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <sepol/policydb/policydb.h>
+#include <sepol/policydb/avrule_block.h>
+#include <sepol/policydb/conditional.h>
+
+#include "queue.h"
+#include "module_compiler.h"
+
+union stack_item_u {
+ avrule_block_t *avrule;
+ cond_list_t *cond_list;
+};
+
+typedef struct scope_stack {
+ union stack_item_u u;
+ int type; /* for above union: 1 = avrule block, 2 = conditional */
+ avrule_decl_t *decl; /* if in an avrule block, which
+ * declaration is current */
+ avrule_t *last_avrule;
+ int in_else; /* if in an avrule block, within ELSE branch */
+ int require_given; /* 1 if this block had at least one require */
+ struct scope_stack *parent, *child;
+} scope_stack_t;
+
+extern policydb_t *policydbp;
+extern queue_t id_queue;
+extern int yyerror(char *msg);
+extern void yyerror2(char *fmt, ...);
+
+static int push_stack(int stack_type, ...);
+static void pop_stack(void);
+
+/* keep track of the last item added to the stack */
+static scope_stack_t *stack_top = NULL;
+static avrule_block_t *last_block;
+static uint32_t next_decl_id = 1;
+
+int define_policy(int pass, int module_header_given)
+{
+ char *id;
+
+ if (module_header_given) {
+ if (policydbp->policy_type != POLICY_MOD) {
+ yyerror
+ ("Module specification found while not building a policy module.\n");
+ return -1;
+ }
+
+ if (pass == 2) {
+ while ((id = queue_remove(id_queue)) != NULL)
+ free(id);
+ } else {
+ id = (char *)queue_remove(id_queue);
+ if (!id) {
+ yyerror("no module name");
+ return -1;
+ }
+ policydbp->name = id;
+ if ((policydbp->version =
+ queue_remove(id_queue)) == NULL) {
+ yyerror
+ ("Expected a module version but none was found.");
+ return -1;
+ }
+ }
+ } else {
+ if (policydbp->policy_type == POLICY_MOD) {
+ yyerror
+ ("Building a policy module, but no module specification found.\n");
+ return -1;
+ }
+ }
+ /* the first declaration within the global avrule
+ block will always have an id of 1 */
+ next_decl_id = 2;
+
+ /* reset the scoping stack */
+ while (stack_top != NULL) {
+ pop_stack();
+ }
+ if (push_stack(1, policydbp->global, policydbp->global->branch_list) ==
+ -1) {
+ return -1;
+ }
+ last_block = policydbp->global;
+ return 0;
+}
+
+/* Given the current parse stack, returns 1 if a declaration would be
+ * allowed here or 0 if not. For example, declarations are not
+ * allowed in conditionals, so if there are any conditionals in the
+ * current scope stack then this would return a 0.
+ */
+static int is_declaration_allowed(void)
+{
+ if (stack_top->type != 1 || stack_top->in_else) {
+ return 0;
+ }
+ return 1;
+}
+
+/* Attempt to declare a symbol within the current declaration. If
+ * currently within a non-conditional and in a non-else branch then
+ * insert the symbol, return 0 on success if symbol was undeclared.
+ * For roles and users, it is legal to have multiple declarations; as
+ * such return 1 to indicate that caller must free() the datum because
+ * it was not added. If symbols may not be declared here return -1.
+ * For duplicate declarations return -2. For all else, including out
+ * of memory, return -3. Note that dest_value and datum_value might
+ * not be restricted pointers. */
+int declare_symbol(uint32_t symbol_type,
+ hashtab_key_t key, hashtab_datum_t datum,
+ uint32_t * dest_value, uint32_t * datum_value)
+{
+ avrule_decl_t *decl = stack_top->decl;
+ int retval;
+
+ /* first check that symbols may be declared here */
+ if (!is_declaration_allowed()) {
+ return -1;
+ }
+ retval = symtab_insert(policydbp, symbol_type, key, datum,
+ SCOPE_DECL, decl->decl_id, dest_value);
+ if (retval == 1) {
+ symtab_datum_t *s =
+ (symtab_datum_t *) hashtab_search(policydbp->
+ symtab[symbol_type].table,
+ key);
+ assert(s != NULL);
+ *dest_value = s->value;
+ } else if (retval == -2) {
+ return -2;
+ } else if (retval < 0) {
+ return -3;
+ } else { /* fall through possible if retval is 0 */
+ }
+ if (datum_value != NULL) {
+ if (ebitmap_set_bit(decl->declared.scope + symbol_type,
+ *datum_value - 1, 1)) {
+ return -3;
+ }
+ }
+ return retval;
+}
+
+role_datum_t *declare_role(void)
+{
+ char *id = queue_remove(id_queue), *dest_id = NULL;
+ role_datum_t *role = NULL, *dest_role = NULL;
+ int retval;
+ uint32_t value;
+
+ if (id == NULL) {
+ yyerror("no role name");
+ return NULL;
+ }
+ if ((role = (role_datum_t *) malloc(sizeof(*role))) == NULL) {
+ yyerror("Out of memory!");
+ free(id);
+ return NULL;
+ }
+ role_datum_init(role);
+
+ retval =
+ declare_symbol(SYM_ROLES, id, (hashtab_datum_t *) role, &value,
+ &value);
+ if (retval == 0) {
+ role->s.value = value;
+ if ((dest_id = strdup(id)) == NULL) {
+ yyerror("Out of memory!");
+ return NULL;
+ }
+ } else {
+ /* this role was already declared in this module, or error */
+ dest_id = id;
+ role_datum_destroy(role);
+ free(role);
+ }
+ if (retval == 0 || retval == 1) {
+ /* create a new role_datum_t for this decl, if necessary */
+ hashtab_t roles_tab;
+ assert(stack_top->type == 1);
+ if (stack_top->parent == NULL) {
+ /* in parent, so use global symbol table */
+ roles_tab = policydbp->p_roles.table;
+ } else {
+ roles_tab = stack_top->decl->p_roles.table;
+ }
+ dest_role = (role_datum_t *) hashtab_search(roles_tab, dest_id);
+ if (dest_role == NULL) {
+ if ((dest_role =
+ (role_datum_t *) malloc(sizeof(*dest_role))) ==
+ NULL) {
+ yyerror("Out of memory!");
+ free(dest_id);
+ return NULL;
+ }
+ role_datum_init(dest_role);
+ dest_role->s.value = value;
+ if (hashtab_insert(roles_tab, dest_id, dest_role)) {
+ yyerror("Out of memory!");
+ free(dest_id);
+ role_datum_destroy(dest_role);
+ free(dest_role);
+ return NULL;
+ }
+ } else {
+ free(dest_id);
+ }
+ } else {
+ free(dest_id);
+ }
+ switch (retval) {
+ case -3:{
+ yyerror("Out of memory!");
+ return NULL;
+ }
+ case -2:{
+ yyerror("duplicate declaration of role");
+ return NULL;
+ }
+ case -1:{
+ yyerror("could not declare role here");
+ return NULL;
+ }
+ case 0:{
+ if (ebitmap_set_bit
+ (&dest_role->dominates, role->s.value - 1, 1)) {
+ yyer...
[truncated message content] |
|
From: <mad...@us...> - 2006-09-28 12:14:42
|
Revision: 2034
http://svn.sourceforge.net/selinux/?rev=2034&view=rev
Author: madmethod
Date: 2006-09-28 05:14:22 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
version bumps and changelog additions
Modified Paths:
--------------
trunk/checkpolicy/ChangeLog
trunk/checkpolicy/VERSION
trunk/libsepol/ChangeLog
trunk/libsepol/VERSION
Modified: trunk/checkpolicy/ChangeLog
===================================================================
--- trunk/checkpolicy/ChangeLog 2006-09-28 12:11:42 UTC (rev 2033)
+++ trunk/checkpolicy/ChangeLog 2006-09-28 12:14:22 UTC (rev 2034)
@@ -1,3 +1,7 @@
+1.30.12 2006-09-28
+ * Merged user and range_transition support for modules from
+ Darrel Goeddel
+
1.30.11 2006-09-05
* merged range_transition enhancements and user module format
changes from Darrel Goeddel
Modified: trunk/checkpolicy/VERSION
===================================================================
--- trunk/checkpolicy/VERSION 2006-09-28 12:11:42 UTC (rev 2033)
+++ trunk/checkpolicy/VERSION 2006-09-28 12:14:22 UTC (rev 2034)
@@ -1 +1 @@
-1.30.11
+1.30.12
Modified: trunk/libsepol/ChangeLog
===================================================================
--- trunk/libsepol/ChangeLog 2006-09-28 12:11:42 UTC (rev 2033)
+++ trunk/libsepol/ChangeLog 2006-09-28 12:14:22 UTC (rev 2034)
@@ -1,3 +1,7 @@
+1.12.27 2006-09-28
+ * Merged mls user and range_transition support in modules
+ from Darrel Goeddel
+
1.12.26 2006-09-05
* Merged range transition enhancements and user format changes
Darrel Goeddel
Modified: trunk/libsepol/VERSION
===================================================================
--- trunk/libsepol/VERSION 2006-09-28 12:11:42 UTC (rev 2033)
+++ trunk/libsepol/VERSION 2006-09-28 12:14:22 UTC (rev 2034)
@@ -1 +1 @@
-1.12.26
+1.12.27
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-28 12:12:15
|
Revision: 2033
http://svn.sourceforge.net/selinux/?rev=2033&view=rev
Author: madmethod
Date: 2006-09-28 05:11:42 -0700 (Thu, 28 Sep 2006)
Log Message:
-----------
Author: Darrel Goeddel
Email: dgo...@Tr...
Subject: allow range_transitions and MLS users in modules
Date: Tue, 26 Sep 2006 12:49:15 -0500
- Add the ability to require MLS sensitivities and categories in policy
modules.
- Remove the restrictions on defining users in MLS-enabled modules.
- Handle range_trans_rules in modules.
- Cleanup some uses of calloc/memset
This all allows range_transition statements to be used in policy modules
and allows definition of users in MLS policy modules.
Signed-Off-By: Darrel Goeddel <dgo...@Tr...>
Acked-By: Joshua Brindle <jbr...@tr...>
Modified Paths:
--------------
trunk/checkpolicy/module_compiler.c
trunk/checkpolicy/module_compiler.h
trunk/checkpolicy/policy_parse.y
trunk/libsepol/include/sepol/policydb/policydb.h
trunk/libsepol/src/expand.c
trunk/libsepol/src/link.c
trunk/libsepol/src/policydb.c
Modified: trunk/checkpolicy/module_compiler.c
===================================================================
--- trunk/checkpolicy/module_compiler.c 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/checkpolicy/module_compiler.c 2006-09-28 12:11:42 UTC (rev 2033)
@@ -937,6 +937,122 @@
}
}
+int require_sens(int pass)
+{
+ char *id = queue_remove(id_queue);
+ level_datum_t *level = NULL;
+ int retval;
+ if (pass == 2) {
+ free(id);
+ return 0;
+ }
+ if (!id) {
+ yyerror("no sensitivity name");
+ return -1;
+ }
+ level = malloc(sizeof(level_datum_t));
+ if (!level) {
+ free(id);
+ yyerror("Out of memory!");
+ return -1;
+ }
+ level_datum_init(level);
+ level->level = malloc(sizeof(mls_level_t));
+ if (!level->level) {
+ free(id);
+ level_datum_destroy(level);
+ free(level);
+ yyerror("Out of memory!");
+ return -1;
+ }
+ mls_level_init(level->level);
+ retval = require_symbol(SYM_LEVELS, id, (hashtab_datum_t *) level,
+ &level->level->sens, &level->level->sens);
+ if (retval != 0) {
+ free(id);
+ mls_level_destroy(level->level);
+ free(level->level);
+ level_datum_destroy(level);
+ free(level);
+ }
+ switch (retval) {
+ case -3:{
+ yyerror("Out of memory!");
+ return -1;
+ }
+ case -2:{
+ yyerror("duplicate declaration of sensitivity");
+ return -1;
+ }
+ case -1:{
+ yyerror("could not require sensitivity here");
+ return -1;
+ }
+ case 0:{
+ return 0;
+ }
+ case 1:{
+ return 0; /* sensitivity already required */
+ }
+ default:{
+ assert(0); /* should never get here */
+ }
+ }
+}
+
+int require_cat(int pass)
+{
+ char *id = queue_remove(id_queue);
+ cat_datum_t *cat = NULL;
+ int retval;
+ if (pass == 2) {
+ free(id);
+ return 0;
+ }
+ if (!id) {
+ yyerror("no category name");
+ return -1;
+ }
+ cat = malloc(sizeof(cat_datum_t));
+ if (!cat) {
+ free(id);
+ yyerror("Out of memory!");
+ return -1;
+ }
+ cat_datum_init(cat);
+
+ retval = require_symbol(SYM_CATS, id, (hashtab_datum_t *) cat,
+ &cat->s.value, &cat->s.value);
+ if (retval != 0) {
+ free(id);
+ cat_datum_destroy(cat);
+ free(cat);
+ }
+ switch (retval) {
+ case -3:{
+ yyerror("Out of memory!");
+ return -1;
+ }
+ case -2:{
+ yyerror("duplicate declaration of category");
+ return -1;
+ }
+ case -1:{
+ yyerror("could not require category here");
+ return -1;
+ }
+ case 0:{
+ return 0;
+ }
+ case 1:{
+ return 0; /* category already required */
+ }
+ default:{
+ assert(0); /* should never get here */
+ }
+ }
+}
+
static int is_scope_in_stack(scope_datum_t * scope, scope_stack_t * stack)
{
int i;
Modified: trunk/checkpolicy/module_compiler.h
===================================================================
--- trunk/checkpolicy/module_compiler.h 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/checkpolicy/module_compiler.h 2006-09-28 12:11:42 UTC (rev 2033)
@@ -56,6 +56,8 @@
int require_attribute(int pass);
int require_user(int pass);
int require_bool(int pass);
+int require_sens(int pass);
+int require_cat(int pass);
/* Check if an identifier is within the scope of the current
* declaration or any of its parents. Return 1 if it is, 0 if not.
Modified: trunk/checkpolicy/policy_parse.y
===================================================================
--- trunk/checkpolicy/policy_parse.y 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/checkpolicy/policy_parse.y 2006-09-28 12:11:42 UTC (rev 2033)
@@ -834,10 +834,8 @@
| ATTRIBUTE { $$ = require_attribute; }
| USER { $$ = require_user; }
| BOOL { $$ = require_bool; }
-/* MLS-enabled modules are not implemented at this time.
| SENSITIVITY { $$ = require_sens; }
| CATEGORY { $$ = require_cat; }
-*/
;
require_id_list : identifier
{ if ($<require_func>0 (pass)) return -1; }
@@ -1301,7 +1299,7 @@
yyerror("out of memory");
goto bad;
}
- memset(level, 0, sizeof(mls_level_t));
+ mls_level_init(level);
level->sens = 0; /* actual value set in define_dominance */
ebitmap_init(&level->cat); /* actual value set in define_level */
@@ -1310,7 +1308,7 @@
yyerror("out of memory");
goto bad;
}
- memset(datum, 0, sizeof(level_datum_t));
+ level_datum_init(datum);
datum->isalias = FALSE;
datum->level = level;
@@ -1347,7 +1345,7 @@
yyerror("out of memory");
goto bad_alias;
}
- memset(aliasdatum, 0, sizeof(level_datum_t));
+ level_datum_init(aliasdatum);
aliasdatum->isalias = TRUE;
aliasdatum->level = level;
@@ -1384,15 +1382,19 @@
free(id);
if (level)
free(level);
- if (datum)
+ if (datum) {
+ level_datum_destroy(datum);
free(datum);
+ }
return -1;
bad_alias:
if (id)
free(id);
- if (aliasdatum)
+ if (aliasdatum) {
+ level_datum_destroy(aliasdatum);
free(aliasdatum);
+ }
return -1;
}
@@ -1480,7 +1482,7 @@
yyerror("out of memory");
goto bad;
}
- memset(datum, 0, sizeof(cat_datum_t));
+ cat_datum_init(datum);
datum->isalias = FALSE;
ret = declare_symbol(SYM_CATS, id, datum, &value, &value);
@@ -1517,7 +1519,7 @@
yyerror("out of memory");
goto bad_alias;
}
- memset(aliasdatum, 0, sizeof(cat_datum_t));
+ cat_datum_init(aliasdatum);
aliasdatum->isalias = TRUE;
aliasdatum->s.value = datum->s.value;
@@ -1554,15 +1556,19 @@
bad:
if (id)
free(id);
- if (datum)
+ if (datum) {
+ cat_datum_destroy(datum);
free(datum);
+ }
return -1;
bad_alias:
if (id)
free(id);
- if (aliasdatum)
+ if (aliasdatum) {
+ cat_datum_destroy(aliasdatum);
free(aliasdatum);
+ }
return -1;
}
@@ -3682,11 +3688,6 @@
level_datum_t *levdatum;
int l;
- if (policydbp->policy_type == POLICY_MOD && mlspol) {
- yyerror("Users cannot be declared in MLS modules");
- return -1;
- }
-
if (pass == 1) {
while ((id = queue_remove(id_queue)))
free(id);
Modified: trunk/libsepol/include/sepol/policydb/policydb.h
===================================================================
--- trunk/libsepol/include/sepol/policydb/policydb.h 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/libsepol/include/sepol/policydb/policydb.h 2006-09-28 12:11:42 UTC (rev 2033)
@@ -532,6 +532,10 @@
extern void type_datum_destroy(type_datum_t * x);
extern void user_datum_init(user_datum_t * x);
extern void user_datum_destroy(user_datum_t * x);
+extern void level_datum_init(level_datum_t * x);
+extern void level_datum_destroy(level_datum_t * x);
+extern void cat_datum_init(cat_datum_t * x);
+extern void cat_datum_destroy(cat_datum_t * x);
extern int check_assertions(sepol_handle_t * handle,
policydb_t * p, avrule_t * avrules);
Modified: trunk/libsepol/src/expand.c
===================================================================
--- trunk/libsepol/src/expand.c 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/libsepol/src/expand.c 2006-09-28 12:11:42 UTC (rev 2033)
@@ -823,13 +823,17 @@
if (state->verbose)
INFO(state->handle, "copying sensitivity level %s", id);
- if ((new_level =
- (level_datum_t *) calloc(1, sizeof(*new_level))) == NULL
- || (new_level->level =
- (mls_level_t *) calloc(1, sizeof(mls_level_t))) == NULL
- || (new_id = strdup(id)) == NULL) {
+ new_level = (level_datum_t *) malloc(sizeof(level_datum_t));
+ if (!new_level)
goto out_of_mem;
- }
+ level_datum_init(new_level);
+ new_level->level = (mls_level_t *) malloc(sizeof(mls_level_t));
+ if (!new_level->level)
+ goto out_of_mem;
+ mls_level_init(new_level->level);
+ new_id = strdup(id);
+ if (!new_id)
+ goto out_of_mem;
if (mls_level_cpy(new_level->level, level->level)) {
goto out_of_mem;
@@ -847,9 +851,10 @@
out_of_mem:
ERR(state->handle, "Out of memory!");
if (new_level != NULL && new_level->level != NULL) {
- ebitmap_destroy(&new_level->level->cat);
+ mls_level_destroy(new_level->level);
free(new_level->level);
}
+ level_datum_destroy(new_level);
free(new_level);
free(new_id);
return -1;
@@ -870,10 +875,13 @@
if (state->verbose)
INFO(state->handle, "copying category attribute %s", id);
- if ((new_cat = (cat_datum_t *) calloc(1, sizeof(*new_cat))) == NULL ||
- (new_id = strdup(id)) == NULL) {
+ new_cat = (cat_datum_t *) malloc(sizeof(cat_datum_t));
+ if (!new_cat)
goto out_of_mem;
- }
+ cat_datum_init(new_cat);
+ new_id = strdup(id);
+ if (!new_id)
+ goto out_of_mem;
new_cat->s.value = cat->s.value;
new_cat->isalias = cat->isalias;
@@ -887,6 +895,7 @@
out_of_mem:
ERR(state->handle, "Out of memory!");
+ cat_datum_destroy(new_cat);
free(new_cat);
free(new_id);
return -1;
Modified: trunk/libsepol/src/link.c
===================================================================
--- trunk/libsepol/src/link.c 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/libsepol/src/link.c 2006-09-28 12:11:42 UTC (rev 2033)
@@ -468,25 +468,8 @@
char *id = key, *new_id = NULL;
user_datum_t *user, *base_user, *new_user = NULL;
link_state_t *state = (link_state_t *) data;
- scope_datum_t *scope;
user = (user_datum_t *) datum;
- if (state->base->mls) {
- scope =
- hashtab_search(state->cur->policy->p_users_scope.table, id);
- if (!scope) {
- ERR(state->handle,
- "No scope information for user %s in module %s\n",
- id, state->cur_mod_name);
- return -1;
- }
- if (scope->scope == SCOPE_DECL) {
- ERR(state->handle,
- "Users cannot be declared in MLS modules");
- return -1;
- }
- /* required users fall through */
- }
base_user = hashtab_search(state->base->p_users.table, id);
if (base_user == NULL) {
@@ -502,9 +485,8 @@
goto cleanup;
}
user_datum_init(new_user);
- /* new_users's roles field will be copied during
- fix_user_callback(). the MLS fields are currently
- unimplemented */
+ /* new_users's roles and MLS fields will be copied during
+ user_fix_callback(). */
new_user->s.value = state->base->p_users.nprim + 1;
@@ -592,10 +574,72 @@
return -1;
}
+static int sens_copy_callback(hashtab_key_t key, hashtab_datum_t datum,
+ void *data)
+{
+ char *id = key;
+ level_datum_t *level, *base_level;
+ link_state_t *state = (link_state_t *) data;
+ scope_datum_t *scope;
+
+ level = (level_datum_t *) datum;
+
+ base_level = hashtab_search(state->base->p_levels.table, id);
+ if (!base_level) {
+ scope =
+ hashtab_search(state->cur->policy->p_sens_scope.table, id);
+ if (!scope)
+ return -SEPOL_LINK_ERROR;
+ if (scope->scope == SCOPE_DECL) {
+ /* disallow declarations in modules */
+ ERR(state->handle,
+ "%s: Modules may not declare new sensitivities.",
+ state->cur_mod_name);
+ return -SEPOL_LINK_NOTSUP;
+ }
+ }
+
+ state->cur->map[SYM_LEVELS][level->level->sens - 1] =
+ base_level->level->sens;
+
+ return 0;
+}
+
+static int cat_copy_callback(hashtab_key_t key, hashtab_datum_t datum,
+ void *data)
+{
+ char *id = key;
+ cat_datum_t *cat, *base_cat;
+ link_state_t *state = (link_state_t *) data;
+ scope_datum_t *scope;
+
+ cat = (cat_datum_t *) datum;
+
+ base_cat = hashtab_search(state->base->p_cats.table, id);
+ if (!base_cat) {
+ scope =
+ hashtab_search(state->cur->policy->p_cat_scope.table, id);
+ if (!scope)
+ return -SEPOL_LINK_ERROR;
+ if (scope->scope == SCOPE_DECL) {
+ /* disallow declarations in modules */
+ ERR(state->handle,
+ "%s: Modules may not declare new categories.",
+ state->cur_mod_name);
+ return -SEPOL_LINK_NOTSUP;
+ }
+ }
+
+ state->cur->map[SYM_CATS][cat->s.value - 1] = base_cat->s.value;
+
+ return 0;
+}
+
static int (*copy_callback_f[SYM_NUM]) (hashtab_key_t key,
hashtab_datum_t datum, void *datap) = {
NULL, class_copy_callback, role_copy_callback, type_copy_callback,
- user_copy_callback, bool_copy_callback, NULL, NULL};
+ user_copy_callback, bool_copy_callback, sens_copy_callback,
+ cat_copy_callback};
/* The aliases have to be copied after the types and attributes to be
* certain that the base symbol table will have the type that the
@@ -783,6 +827,43 @@
return -1;
}
+static int mls_level_convert(mls_semantic_level_t * src,
+ mls_semantic_level_t * dst, policy_module_t * mod)
+{
+ mls_semantic_cat_t *src_cat, *new_cat;
+
+ assert(mod->map[SYM_LEVELS][src->sens - 1]);
+ dst->sens = mod->map[SYM_LEVELS][src->sens - 1];
+
+ for (src_cat = src->cat; src_cat; src_cat = src_cat->next) {
+ new_cat =
+ (mls_semantic_cat_t *) malloc(sizeof(mls_semantic_cat_t));
+ if (!new_cat)
+ return -1;
+ mls_semantic_cat_init(new_cat);
+
+ new_cat->next = dst->cat;
+ dst->cat = new_cat;
+
+ assert(mod->map[SYM_CATS][src_cat->low - 1]);
+ dst->cat->low = mod->map[SYM_CATS][src_cat->low - 1];
+ assert(mod->map[SYM_CATS][src_cat->high - 1]);
+ dst->cat->high = mod->map[SYM_CATS][src_cat->high - 1];
+ }
+
+ return 0;
+}
+
+static int mls_range_convert(mls_semantic_range_t * src,
+ mls_semantic_range_t * dst, policy_module_t * mod)
+{
+ if (mls_level_convert(&src->level[0], &dst->level[0], mod))
+ return -1;
+ if (mls_level_convert(&src->level[1], &dst->level[1], mod))
+ return -1;
+ return 0;
+}
+
static int role_fix_callback(hashtab_key_t key, hashtab_datum_t datum,
void *data)
{
@@ -893,13 +974,16 @@
user_datum_t *user, *new_user = NULL;
link_state_t *state = (link_state_t *) data;
policy_module_t *mod = state->cur;
+ symtab_t *usertab;
user = (user_datum_t *) datum;
if (state->dest_decl == NULL)
- return 0;
+ usertab = &state->base->p_users;
+ else
+ usertab = &state->dest_decl->p_users;
- new_user = hashtab_search(state->dest_decl->p_users.table, id);
+ new_user = hashtab_search(usertab->table, id);
assert(new_user != NULL);
if (state->verbose) {
@@ -910,6 +994,12 @@
goto cleanup;
}
+ if (mls_range_convert(&user->range, &new_user->range, mod))
+ goto cleanup;
+
+ if (mls_level_convert(&user->dfltlevel, &new_user->dfltlevel, mod))
+ goto cleanup;
+
return 0;
cleanup:
@@ -1096,6 +1186,55 @@
return -1;
}
+static int copy_range_trans_list(range_trans_rule_t * rules,
+ range_trans_rule_t ** dst,
+ policy_module_t * mod, link_state_t * state)
+{
+ range_trans_rule_t *rule, *new_rule = NULL;
+ unsigned int i;
+ ebitmap_node_t *cnode;
+
+ for (rule = rules; rule; rule = rule->next) {
+ new_rule =
+ (range_trans_rule_t *) malloc(sizeof(range_trans_rule_t));
+ if (!new_rule)
+ goto cleanup;
+
+ range_trans_rule_init(new_rule);
+
+ new_rule->next = *dst;
+ *dst = new_rule;
+
+ if (type_set_convert(&rule->stypes, &new_rule->stypes,
+ mod, state))
+ goto cleanup;
+
+ if (type_set_convert(&rule->ttypes, &new_rule->ttypes,
+ mod, state))
+ goto cleanup;
+
+ ebitmap_for_each_bit(&rule->tclasses, cnode, i) {
+ if (ebitmap_node_get_bit(cnode, i)) {
+ assert(mod->map[SYM_CLASSES][i]);
+ if (ebitmap_set_bit
+ (&new_rule->tclasses,
+ mod->map[SYM_CLASSES][i] - 1, 1)) {
+ goto cleanup;
+ }
+ }
+ }
+
+ if (mls_range_convert(&rule->trange, &new_rule->trange, mod))
+ goto cleanup;
+ }
+ return 0;
+
+ cleanup:
+ ERR(state->handle, "Out of memory!");
+ range_trans_rule_list_destroy(new_rule);
+ return -1;
+}
+
static int copy_cond_list(cond_node_t * list, cond_node_t ** dst,
policy_module_t * module, link_state_t * state)
{
@@ -1278,6 +1417,10 @@
return -1;
}
+ if (copy_range_trans_list(src_decl->range_tr_rules,
+ &dest_decl->range_tr_rules, module, state))
+ return -1;
+
/* finally copy any identifiers local to this declaration */
ret = copy_identifiers(state, src_decl->symtab, dest_decl);
if (ret < 0) {
Modified: trunk/libsepol/src/policydb.c
===================================================================
--- trunk/libsepol/src/policydb.c 2006-09-18 19:13:13 UTC (rev 2032)
+++ trunk/libsepol/src/policydb.c 2006-09-28 12:11:42 UTC (rev 2033)
@@ -252,6 +252,29 @@
}
}
+void level_datum_init(level_datum_t * x)
+{
+ memset(x, 0, sizeof(level_datum_t));
+}
+
+void level_datum_destroy(level_datum_t * x __attribute__ ((unused)))
+{
+ /* the mls_level_t referenced by the level_datum is managed
+ * separately for now, so there is nothing to destroy */
+ return;
+}
+
+void cat_datum_init(cat_datum_t * x)
+{
+ memset(x, 0, sizeof(cat_datum_t));
+}
+
+void cat_datum_destroy(cat_datum_t * x __attribute__ ((unused)))
+{
+ /* it's currently a simple struct - really nothing to destroy */
+ return;
+}
+
void class_perm_node_init(class_perm_node_t * x)
{
memset(x, 0, sizeof(class_perm_node_t));
@@ -502,7 +525,11 @@
return -1;
}
- if (p->policy_type != POLICY_KERN) {
+ /* we do not expand user's MLS info in kernel policies because the
+ * semantic representation is not present and we do not expand user's
+ * MLS info in module policies because all of the necessary mls
+ * information is not present */
+ if (p->policy_type != POLICY_KERN && p->policy_type != POLICY_MOD) {
mls_range_destroy(&user->exp_range);
if (mls_semantic_range_expand(&user->range,
&user->exp_range, p, NULL)) {
@@ -907,9 +934,10 @@
if (key)
free(key);
levdatum = (level_datum_t *) datum;
- ebitmap_destroy(&levdatum->level->cat);
+ mls_level_destroy(levdatum->level);
free(levdatum->level);
- free(datum);
+ level_datum_destroy(levdatum);
+ free(levdatum);
return 0;
}
@@ -918,6 +946,7 @@
{
if (key)
free(key);
+ cat_datum_destroy((cat_datum_t *) datum);
free(datum);
return 0;
}
@@ -2199,7 +2228,7 @@
{
uint32_t *buf;
- memset(lp, 0, sizeof(mls_level_t));
+ mls_level_init(lp);
buf = next_entry(fp, sizeof(uint32_t));
if (!buf) {
@@ -2305,9 +2334,10 @@
level_datum_t *levdatum;
uint32_t *buf, len;
- levdatum = calloc(1, sizeof(level_datum_t));
+ levdatum = malloc(sizeof(level_datum_t));
if (!levdatum)
return -1;
+ level_datum_init(levdatum);
buf = next_entry(fp, (sizeof(uint32_t) * 2));
if (!buf)
@@ -2347,9 +2377,10 @@
cat_datum_t *catdatum;
uint32_t *buf, len;
- catdatum = calloc(1, sizeof(cat_datum_t));
+ catdatum = malloc(sizeof(cat_datum_t));
if (!catdatum)
return -1;
+ cat_datum_init(catdatum);
buf = next_entry(fp, (sizeof(uint32_t) * 3));
if (!buf)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-18 19:13:26
|
Revision: 2032
http://svn.sourceforge.net/selinux/?rev=2032&view=rev
Author: madmethod
Date: 2006-09-18 12:13:13 -0700 (Mon, 18 Sep 2006)
Log Message:
-----------
Author: Joe Nall
Email: jo...@na...
Subject: C++ reserved word 'class' used in selinux/avc.h with patch
Date: Fri, 15 Sep 2006 18:08:24 -0500
John Wiseman noticed that 'class', a reserved word in C++, is used
in /usr/include/selinux/avc.h.
Save the following code as test.cc and compile
#include <selinux/avc.h>
int
main (int, char **)
{
}
results are
cc test.cc
/usr/include/selinux/avc.h:123: error: expected identifier before token
/usr/include/selinux/avc.h:124: error: two or more data types in declaration of parameter
Acked-By: Joshua Brindle <jbr...@tr...>
Acked-By: Stephen Smalley <sd...@ty...>
Modified Paths:
--------------
tags/libselinux_1_30_28/libselinux/ChangeLog
tags/libselinux_1_30_28/libselinux/include/selinux/avc.h
trunk/libselinux/ChangeLog
trunk/libselinux/include/selinux/avc.h
Modified: tags/libselinux_1_30_28/libselinux/ChangeLog
===================================================================
--- tags/libselinux_1_30_28/libselinux/ChangeLog 2006-09-13 21:31:24 UTC (rev 2031)
+++ tags/libselinux_1_30_28/libselinux/ChangeLog 2006-09-18 19:13:13 UTC (rev 2032)
@@ -1,5 +1,6 @@
1.30.28 2006-09-13
* Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+ * Merged c++ class identifier fix from Joe Nall.
1.30.27 2006-08-24
* Merged patch to not log avc stats upon a reset from Steve Grubb.
Modified: tags/libselinux_1_30_28/libselinux/include/selinux/avc.h
===================================================================
--- tags/libselinux_1_30_28/libselinux/include/selinux/avc.h 2006-09-13 21:31:24 UTC (rev 2031)
+++ tags/libselinux_1_30_28/libselinux/include/selinux/avc.h 2006-09-18 19:13:13 UTC (rev 2032)
@@ -120,7 +120,7 @@
void (*func_log) (const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
- void (*func_audit) (void *auditdata, security_class_t class,
+ void (*func_audit) (void *auditdata, security_class_t cls,
char *msgbuf, size_t msgbufsize);
};
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-13 21:31:24 UTC (rev 2031)
+++ trunk/libselinux/ChangeLog 2006-09-18 19:13:13 UTC (rev 2032)
@@ -1,5 +1,6 @@
1.30.28 2006-09-13
* Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+ * Merged c++ class identifier fix from Joe Nall.
1.30.27 2006-08-24
* Merged patch to not log avc stats upon a reset from Steve Grubb.
Modified: trunk/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2006-09-13 21:31:24 UTC (rev 2031)
+++ trunk/libselinux/include/selinux/avc.h 2006-09-18 19:13:13 UTC (rev 2032)
@@ -120,7 +120,7 @@
void (*func_log) (const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
- void (*func_audit) (void *auditdata, security_class_t class,
+ void (*func_audit) (void *auditdata, security_class_t cls,
char *msgbuf, size_t msgbufsize);
};
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-13 21:31:40
|
Revision: 2031
http://svn.sourceforge.net/selinux/?rev=2031&view=rev
Author: madmethod
Date: 2006-09-13 14:31:24 -0700 (Wed, 13 Sep 2006)
Log Message:
-----------
tag for policycoreutils 1.30.29
Added Paths:
-----------
tags/policycoreutils_1_30_29/
tags/policycoreutils_1_30_29/policycoreutils/
tags/policycoreutils_1_30_29/policycoreutils/ChangeLog
tags/policycoreutils_1_30_29/policycoreutils/VERSION
tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow
tags/policycoreutils_1_30_29/policycoreutils/audit2allow/avc.py
tags/policycoreutils_1_30_29/policycoreutils/restorecond/restorecond.init
tags/policycoreutils_1_30_29/policycoreutils/scripts/chcat
tags/policycoreutils_1_30_29/policycoreutils/scripts/genhomedircon
tags/policycoreutils_1_30_29/policycoreutils/secon/Makefile
tags/policycoreutils_1_30_29/policycoreutils/semanage/semanage
tags/policycoreutils_1_30_29/policycoreutils/semanage/semanage.8
tags/policycoreutils_1_30_29/policycoreutils/semanage/seobject.py
tags/policycoreutils_1_30_29/policycoreutils/semodule_link/semodule_link.8
tags/policycoreutils_1_30_29/policycoreutils/semodule_package/semodule_package.8
Removed Paths:
-------------
tags/policycoreutils_1_30_29/policycoreutils/ChangeLog
tags/policycoreutils_1_30_29/policycoreutils/VERSION
tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow
tags/policycoreutils_1_30_29/policycoreutils/audit2allow/avc.py
tags/policycoreutils_1_30_29/policycoreutils/restorecond/restorecond.init
tags/policycoreutils_1_30_29/policycoreutils/scripts/chcat
tags/policycoreutils_1_30_29/policycoreutils/scripts/genhomedircon
tags/policycoreutils_1_30_29/policycoreutils/secon/Makefile
tags/policycoreutils_1_30_29/policycoreutils/semanage/semanage
tags/policycoreutils_1_30_29/policycoreutils/semanage/semanage.8
tags/policycoreutils_1_30_29/policycoreutils/semanage/seobject.py
tags/policycoreutils_1_30_29/policycoreutils/semodule_link/semodule_link.8
tags/policycoreutils_1_30_29/policycoreutils/semodule_package/semodule_package.8
Copied: tags/policycoreutils_1_30_29/policycoreutils (from rev 2026, trunk/policycoreutils)
Deleted: tags/policycoreutils_1_30_29/policycoreutils/ChangeLog
===================================================================
--- trunk/policycoreutils/ChangeLog 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/policycoreutils_1_30_29/policycoreutils/ChangeLog 2006-09-13 21:31:24 UTC (rev 2031)
@@ -1,643 +0,0 @@
-1.30.28 2006-09-01
- * Merged fix for restorecon // handling from Erich Schubert.
- * Merged translations update and fixfiles fix from Dan Walsh.
-
-1.30.27 2006-08-24
- * Merged fix for restorecon symlink handling from Erich Schubert.
-
-1.30.26 2006-08-11
- * Merged semanage local file contexts patch from Chris PeBenito.
-
-1.30.25 2006-08-03
- * Merged patch from Dan Walsh with:
- * audit2allow: process MAC_POLICY_LOAD events
- * newrole: run shell with - prefix to start a login shell
- * po: po file updates
- * restorecond: bail if SELinux not enabled
- * fixfiles: omit -q
- * genhomedircon: fix exit code if non-root
- * semodule_deps: install man page
-
-1.30.24 2006-08-03
- * Merged secon Makefile fix from Joshua Brindle.
-
-1.30.23 2006-08-03
- * Merged netfilter contexts support patch from Chris PeBenito.
-
-1.30.22 2006-07-28
- * Merged restorecond size_t fix from Joshua Brindle.
-
-1.30.21 2006-07-28
- * Merged secon keycreate patch from Michael LeMay.
-
-1.30.20 2006-07-26
- * Merged restorecond fixes from Dan Walsh.
- Merged updated po files from Dan Walsh.
-
-1.30.19 2006-07-26
- * Merged python gettext patch from Stephen Bennett.
-
-1.30.18 2006-07-25
- * Merged semodule_deps from Karl MacMillan.
-
-1.30.17 2006-06-29
- * Lindent.
-
-1.30.16 2006-06-26
- * Merged patch from Dan Walsh with:
- * -p option (progress) for setfiles and restorecon.
- * disable context translation for setfiles and restorecon.
- * on/off values for setsebool.
-
-1.30.15 2006-06-26
- * Merged setfiles and semodule_link fixes from Joshua Brindle.
-
-1.30.14 2006-06-16
- * Merged fix for setsebool error path from Serge Hallyn.
-
-1.30.13 2006-06-16
- * Merged patch from Dan Walsh with:
- * Updated po files.
- * Fixes for genhomedircon and seobject.
- * Audit message for mass relabel by setfiles.
-
-1.30.12 2006-06-02
- * Updated fixfiles script for new setfiles location in /sbin.
-
-1.30.11 2006-05-26
- * Merged more translations from Dan Walsh.
- * Merged patch to relocate setfiles to /sbin for early relabel
- when /usr might not be mounted from Dan Walsh.
- * Merged semanage/seobject patch to preserve fcontext ordering in list.
- * Merged secon patch from James Antill.
-
-1.30.10 2006-05-22
- * Merged patch with updates to audit2allow, secon, genhomedircon,
- and semanage from Dan Walsh.
-
-1.30.9 2006-05-08
- * Fixed audit2allow and po Makefiles for DESTDIR= builds.
- * Merged .po file patch from Dan Walsh.
- * Merged bug fix for genhomedircon.
-
-1.30.8 2006-05-08
- * Merged patch from Dan Walsh.
- This includes audit2allow changes for analysis plugins,
- internationalization support for several additional programs
- and added po files, some fixes for semanage, and several cleanups.
- It also adds a new secon utility.
-
-1.30.7 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.30.6 2006-04-14
- * Merged semanage prefix support from Russell Coker.
-
-1.30.5 2006-04-11
- * Added a test to setfiles to check that the spec file is
- a regular file.
-
-1.30.4 2006-03-29
- * Merged audit2allow fixes for refpolicy from Dan Walsh.
- * Merged fixfiles patch from Dan Walsh.
- * Merged restorecond daemon from Dan Walsh.
-
-1.30.3 2006-03-29
- * Merged semanage non-MLS fixes from Chris PeBenito.
-
-1.30.2 2006-03-29
- * Merged semanage and semodule man page examples from Thomas Bleher.
-
-1.30.1 2006-03-20
- * Merged semanage labeling prefix patch from Ivan Gyurdiev.
-
-1.30 2006-03-14
- * Updated version for release.
-
-1.29.28 2006-03-13
- * Merged German translations (de.po) by Debian translation team from Manoj Srivastava.
-
-1.29.27 2006-03-08
- * Merged audit2allow -R support, chcat fix, semanage MLS checks
- and semanage audit calls from Dan Walsh.
-
-1.29.26 2006-02-15
- * Merged semanage bug fix patch from Ivan Gyurdiev.
-
-1.29.25 2006-02-14
- * Merged improve bindings patch from Ivan Gyurdiev.
-
-1.29.24 2006-02-14
- * Merged semanage usage patch from Ivan Gyurdiev.
- * Merged use PyList patch from Ivan Gyurdiev.
-
-1.29.23 2006-02-13
- * Merged newrole -V/--version support from Glauber de Oliveira Costa.
-
-1.29.22 2006-02-13
- * Merged genhomedircon prefix patch from Dan Walsh.
-
-1.29.21 2006-02-13
- * Merged optionals in base patch from Joshua Brindle.
-
-1.29.20 2006-02-07
- * Merged seuser/user_extra support patch to semodule_package
- from Joshua Brindle.
-
-1.29.19 2006-02-06
- * Merged getopt type fix for semodule_link/expand and sestatus
- from Chris PeBenito.
-
-1.29.18 2006-02-02
- * Merged clone record on set_con patch from Ivan Gyurdiev.
-
-1.29.17 2006-01-30
- * Merged genhomedircon fix from Dan Walsh.
-
-1.29.16 2006-01-30
- * Merged seusers.system patch from Ivan Gyurdiev.
- * Merged improve port/fcontext API patch from Ivan Gyurdiev.
- * Merged genhomedircon patch from Dan Walsh.
-
-1.29.15 2006-01-27
- * Merged newrole audit patch from Steve Grubb.
-
-1.29.14 2006-01-27
- * Merged seuser -> seuser local rename patch from Ivan Gyurdiev.
-
-1.29.13 2006-01-27
- * Merged semanage and semodule access check patches from Joshua Brindle.
-
-1.29.12 2006-01-26
- * Merged restorecon, chcat, and semanage patches from Dan Walsh.
-
-1.29.11 2006-01-25
- * Modified newrole and run_init to use the loginuid when
- supported to obtain the Linux user identity to re-authenticate,
- and to fall back to real uid. Dropped the use of the SELinux
- user identity, as Linux users are now mapped to SELinux users
- via seusers and the SELinux user identity space is separate.
-
-1.29.10 2006-01-20
- * Merged semanage bug fixes from Ivan Gyurdiev.
- * Merged semanage fixes from Russell Coker.
- * Merged chcat.8 and genhomedircon patches from Dan Walsh.
-
-1.29.9 2006-01-19
- * Merged chcat, semanage, and setsebool patches from Dan Walsh.
-
-1.29.8 2006-01-18
- * Merged semanage fixes from Ivan Gyurdiev.
- * Merged semanage fixes from Russell Coker.
- * Merged chcat, genhomedircon, and semanage diffs from Dan Walsh.
-
-1.29.7 2006-01-13
- * Merged newrole cleanup patch from Steve Grubb.
- * Merged setfiles/restorecon performance patch from Russell Coker.
- * Merged genhomedircon and semanage patches from Dan Walsh.
-
-1.29.6 2006-01-12
- * Merged remove add_local/set_local patch from Ivan Gyurdiev.
-
-1.29.5 2006-01-05
- * Added filename to semodule error reporting.
-
-1.29.4 2006-01-05
- * Merged genhomedircon and semanage patch from Dan Walsh.
- * Changed semodule error reporting to include argv[0].
-
-1.29.3 2006-01-04
- * Merged semanage getpwnam bug fix from Serge Hallyn (IBM).
- * Merged patch series from Ivan Gyurdiev.
- This includes patches to:
- - cleanup setsebool
- - update setsebool to apply active booleans through libsemanage
- - update semodule to use the new semanage_set_rebuild() interface
- - fix various bugs in semanage
- * Merged patch from Dan Walsh (Red Hat).
- This includes fixes for restorecon, chcat, fixfiles, genhomedircon,
- and semanage.
-
-1.29.2 2005-12-14
- * Merged patch for chcat script from Dan Walsh.
-
-1.29.1 2005-12-08
- * Merged fix for audit2allow long option list from Dan Walsh.
- * Merged -r option for restorecon (alias for -R) from Dan Walsh.
- * Merged chcat script and man page from Dan Walsh.
-
-1.28 2005-12-07
- * Updated version for release.
-
-1.27.37 2005-12-07
- * Clarified the genhomedircon warning message.
-
-1.27.36 2005-12-05
- * Changed genhomedircon to warn on use of ROLE in homedir_template
- if using managed policy, as libsemanage does not yet support it.
-
-1.27.35 2005-12-02
- * Merged genhomedircon bug fix from Dan Walsh.
-
-1.27.34 2005-12-02
- * Revised semodule* man pages to refer to checkmodule and
- to include example sections.
-
-1.27.33 2005-12-01
- * Merged audit2allow --tefile and --fcfile support from Dan Walsh.
- * Merged genhomedircon fix from Dan Walsh.
- * Merged semodule* man pages from Dan Walsh, and edited them.
-
-1.27.32 2005-12-01
- * Changed setfiles to set the MATCHPATHCON_VALIDATE flag to
- retain validation/canonicalization of contexts during init.
-
-1.27.31 2005-11-29
- * Changed genhomedircon to always use user_r for the role in the
- managed case since user_get_defrole is broken.
-
-1.27.30 2005-11-29
- * Merged sestatus, audit2allow, and semanage patch from Dan Walsh.
- * Fixed semodule -v option.
-
-1.27.29 2005-11-28
- * Merged audit2allow python script from Dan Walsh.
- (old script moved to audit2allow.perl, will be removed later).
- * Merged genhomedircon fixes from Dan Walsh.
- * Merged semodule quieting patch from Dan Walsh
- (inverts default, use -v to restore original behavior).
-
-1.27.28 2005-11-15
- * Merged genhomedircon rewrite from Dan Walsh.
-
-1.27.27 2005-11-09
- * Merged setsebool cleanup patch from Ivan Gyurdiev.
-
-1.27.26 2005-11-09
- * Added -B (--build) option to semodule to force a rebuild.
-
-1.27.25 2005-11-08
- * Reverted setsebool patch to call semanage_set_reload_bools().
- * Changed setsebool to disable policy reload and to call
- security_set_boolean_list to update the runtime booleans.
-
-1.27.24 2005-11-08
- * Changed setfiles -c to use new flag to set_matchpathcon_flags()
- to disable context translation by matchpathcon_init().
-
-1.27.23 2005-11-07
- * Changed setfiles for the context canonicalization support.
-
-1.27.22 2005-11-07
- * Changed setsebool to call semanage_is_managed() interface
- and fall back to security_set_boolean_list() if policy is
- not managed.
-
-1.27.21 2005-11-07
- * Merged setsebool memory leak fix from Ivan Gyurdiev.
- * Merged setsebool patch to call semanage_set_reload_bools()
- interface from Ivan Gyurdiev.
-
-1.27.20 2005-11-04
- * Merged setsebool patch from Ivan Gyurdiev.
- This moves setsebool from libselinux/utils to policycoreutils,
- and rewrites it to use libsemanage for permanent boolean changes.
-
-1.27.19 2005-10-25
- * Merged semodule support for reload, noreload, and store options
- from Joshua Brindle.
- * Merged semodule_package rewrite from Joshua Brindle.
-
-1.27.18 2005-10-20
- * Cleaned up usage and error messages and releasing of memory by
- semodule_* utilities.
-
-1.27.17 2005-10-20
- * Corrected error reporting by semodule.
-
-1.27.16 2005-10-19
- * Updated semodule_expand for change to sepol interface.
-
-1.27.15 2005-10-19
- * Merged fixes for make DESTDIR= builds from Joshua Brindle.
-
-1.27.14 2005-10-18
- * Updated semodule_package for sepol interface changes.
-
-1.27.13 2005-10-17
- * Updated semodule_expand/link for sepol interface changes.
-
-1.27.12 2005-10-14
- * Merged non-PAM Makefile support for newrole and run_init from Timothy Wood.
-
-1.27.11 2005-10-13
- * Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
-
-1.27.10 2005-10-13
- * Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
-
-1.27.9 2005-10-13
- * Merged fixfiles patch from Dan Walsh (Red Hat).
-
-1.27.8 2005-10-13
- * Updated semodule for removal of semanage_strerror.
-
-1.27.7 2005-10-11
- * Updated semodule_link and semodule_expand to use shared libsepol.
- Fixed audit2why to call policydb_init prior to policydb_read (still
- uses the static libsepol).
-
-1.27.6 2005-10-07
- * Updated for changes to libsepol.
- Changed semodule and semodule_package to use the shared libsepol.
- Disabled build of semodule_link and semodule_expand for now.
- Updated audit2why for relocated policydb internal headers,
- still needs to be converted to a shared lib interface.
-
-1.27.5 2005-10-06
- * Fixed warnings in load_policy.
-
-1.27.4 2005-10-06
- * Rewrote load_policy to use the new selinux_mkload_policy()
- interface provided by libselinux.
-
-1.27.3 2005-09-28
- * Merged patch to update semodule to the new libsemanage API
- and improve the user interface from Karl MacMillan (Tresys).
- * Modified semodule for the create/connect API split.
-
-1.27.2 2005-09-20
- * Merged run_init open_init_pty bug fix from Manoj Srivastava
- (unblock SIGCHLD). Bug reported by Erich Schubert.
-
-1.27.1 2005-09-20
- * Merged error shadowing bug fix for restorecon from Dan Walsh.
- * Merged setfiles usage/man page update for -r option from Dan Walsh.
- * Merged fixfiles -C patch to ignore :s0 addition on update
- to a MCS/MLS policy from Dan Walsh.
-
-1.26 2005-09-06
- * Updated version for release.
-
-1.25.9 2005-08-31
- * Changed setfiles -c to translate the context to raw format
- prior to calling libsepol.
-
-1.25.8 2005-08-31
- * Changed semodule to report errors even without -v,
- to detect extraneous arguments, and corrected usage message.
-
-1.25.7 2005-08-25
- * Merged patch for fixfiles -C from Dan Walsh.
-
-1.25.6 2005-08-22
- * Merged fixes for semodule_link and sestatus from Serge Hallyn (IBM).
- Bugs found by Coverity.
-
-1.25.5 2005-08-02
- * Merged patch to move module read/write code from libsemanage
- to libsepol from Jason Tang (Tresys).
-
-1.25.4 2005-07-27
- * Changed semodule* to link with libsemanage.
-
-1.25.3 2005-07-26
- * Merged restorecon patch from Ivan Gyurdiev.
-
-1.25.2 2005-07-11
- * Merged load_policy, newrole, and genhomedircon patches from Red Hat.
-
-1.25.1 2005-07-06
- * Merged loadable module support from Tresys Technology.
-
-1.24 2005-06-20
- * Updated version for release.
-
-1.23.11 2005-05-19
- * Merged fixfiles and newrole patch from Dan Walsh.
- * Merged audit2why man page from Dan Walsh.
-
-1.23.10 2005-05-16
- * Extended audit2why to incorporate booleans and local user
- settings when analyzing audit messages.
-
-1.23.9 2005-05-13
- * Updated audit2why for sepol_ prefixes on Flask types to
- avoid namespace collision with libselinux, and to
- include <selinux/selinux.h> now.
-
-1.23.8 2005-05-13
- * Added audit2why utility.
-
-1.23.7 2005-04-29
- * Merged patch for fixfiles from Dan Walsh.
- Allow passing -F to force reset of customizable contexts.
-
-1.23.6 2005-04-13
- * Fixed signed/unsigned pointer bug in load_policy.
- * Reverted context validation patch for genhomedircon.
-
-1.23.5 2005-04-12
- * Reverted load_policy is_selinux_enabled patch from Dan Walsh.
- Otherwise, an initial policy load cannot be performed using
- load_policy, e.g. for anaconda.
-
-1.23.4 2005-04-08
- * Merged load_policy is_selinux_enabled patch from Dan Walsh.
- * Merged restorecon verbose output patch from Dan Walsh.
- * Merged setfiles altroot patch from Chris PeBenito.
-
-1.23.3 2005-03-17
- * Merged context validation patch for genhomedircon from Eric Paris.
-
-1.23.2 2005-03-16
- * Changed setfiles -c to call set_matchpathcon_flags(3) to
- turn off processing of .homedirs and .local.
-
-1.23.1 2005-03-14
- * Merged rewrite of genhomedircon by Eric Paris.
- * Changed fixfiles to relabel jfs since it now supports security xattrs
- (as of 2.6.11). Removed reiserfs until 2.6.12 is released with
- fixed support for reiserfs and selinux.
-
-1.22 2005-03-09
- * Updated version for release.
-
-1.21.22 2005-03-07
- * Merged restorecon and genhomedircon patch from Dan Walsh.
-
-1.21.21 2005-02-28
- * Merged load_policy and genhomedircon patch from Dan Walsh.
-
-1.21.20 2005-02-24
- * Merged fixfiles and genhomedircon patch from Dan Walsh.
-
-1.21.19 2005-02-22
- * Merged several fixes from Ulrich Drepper.
-
-1.21.18 2005-02-18
- * Changed load_policy to fall back to the original policy upon
- an error from sepol_genusers().
-
-1.21.17 2005-02-17
- * Merged new genhomedircon script from Dan Walsh.
-
-1.21.16 2005-02-17
- * Changed load_policy to call sepol_genusers().
-
-1.21.15 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.21.14 2005-02-08
- * Merged restorecon patch from Dan Walsh.
-
-1.21.13 2005-02-07
- * Merged sestatus patch from Dan Walsh.
- * Merged further change to fixfiles -C from Dan Walsh.
-
-1.21.12 2005-02-02
- * Merged further patches for restorecon/setfiles -e and fixfiles -C.
-
-1.21.11 2005-02-02
- * Merged patch for fixfiles -C option from Dan Walsh.
- * Merged patch -e support for restorecon from Dan Walsh.
- * Merged updated -e support for setfiles from Dan Walsh.
-
-1.21.10 2005-01-31
- * Merged patch for open_init_pty from Manoj Srivastava.
-
-1.21.9 2005-01-28
- * Merged updated fixfiles script from Dan Walsh.
- * Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
- * Reverted fixfiles patch for file_contexts.local;
- obsoleted by setfiles rewrite.
- * Merged error handling patch for restorecon from Dan Walsh.
- * Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
-
-1.21.8 2005-01-28
- * Rewrote setfiles to use matchpathcon and the new interfaces
- exported by libselinux (>= 1.21.5).
-
-1.21.7 2005-01-27
- * Prevent overflow of spec array in setfiles.
-
-1.21.6 2005-01-27
- * Merged genhomedircon STARTING_UID bug fix from Dan Walsh.
-
-1.21.5 2005-01-26
- * Merged newrole -l support from Darrel Goeddel (TCS).
-
-1.21.4 2005-01-25
- * Merged fixfiles patch for file_contexts.local from Dan Walsh.
-
-1.21.3 2005-01-21
- * Fixed restorecon to not treat errors from is_context_customizable()
- as a customizable context.
- * Merged setfiles/restorecon patch to not reset user field unless
- -F option is specified from Dan Walsh.
-
-1.21.2 2005-01-21
- * Merged open_init_pty helper for run_init from Manoj Srivastava.
- * Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
-
-1.21.1 2005-01-19
- * Merged customizable contexts patch for restorecon/setfiles from Dan Walsh.
-
-1.20 2005-01-06
- * Merged fixfiles rewrite from Dan Walsh.
- * Merged restorecon patch from Dan Walsh.
- * Merged fixfiles and restorecon patches from Dan Walsh.
- * Changed restorecon to ignore ENOENT errors from matchpathcon.
- * Merged nonls patch from Chris PeBenito.
- * Removed fixfiles.cron.
- * Merged run_init.8 patch from Dan Walsh.
-
-1.18 2004-11-01
- * Merged audit2allow patch from Thomas Bleher, with mods by Dan Walsh.
- * Merged sestatus patch from Steve Grubb.
- * Merged fixfiles patch from Dan Walsh.
- * Added -l option to setfiles to log changes via syslog.
- * Merged -e option to setfiles to exclude directories.
- * Merged -R option to restorecon for recursive descent.
- * Merged sestatus patch from Steve Grubb via Dan Walsh.
- * Merged load_policy and fixfiles.cron patches from Dan Walsh.
- * Merged fix for setfiles context validation patch from Colin Walters.
- * Merged setfiles context validation patch from Colin Walters.
- * Merged genhomedircon patch from Russell Coker.
- * Merged restorecon patch from Russell Coker.
-
-1.16 2004-08-13
- * Merged audit2allow fix from Tom London.
- * Merged load_policy man page from Dan Walsh.
- * Merged newrole bug fix from Chad Hanson.
- * Changed load_policy to preserve booleans by default.
- * Changed load_policy to invoke sepol_genbools() instead.
- * Changed load_policy to also invoke security_load_booleans().
- * Merged genhomedircon fixes from Dan Walsh.
- * Changed restorecon to use realpath.
- * Merged fixfiles patch from Dan Walsh.
- * Merged genhomedircon patch from Russell Coker and Dan Walsh.
- * Merged fixfiles patch and fixfiles.cron script from Dan Walsh.
- * Merged stat fix for setfiles -s from Russell Coker.
-
-1.14 2004-06-25
- * Merged fix for fixfiles.
- * Merged enhancements to setfiles, fixfiles and restorecon from Dan Walsh.
- * Merged updated genhomedircon script from Russell Coker.
- * Merged run_init patch to find initrc_context from Dan Walsh.
- * Merged fixfiles patch for /etc/selinux from Dan Walsh.
- * Merged restorecon patch from Dan Walsh.
- * Merged fixfiles patch from Dan Walsh.
-
-1.12 2004-05-10
- * Merged newrole patch from Colin Walters.
- * Merged fixfiles from Dan Walsh.
-
-1.10 2004-04-05
- * Changed setfiles to not abort upon lsetfilecon failures.
- * Merged sestatus from Chris PeBenito.
- * Merged fixes for restorecon.
- * Merged setfiles verbosity patch from Dan Walsh and Stephen Tweedie.
- * Merged restorecon patch from Dan Walsh.
- * Revert add_assoc change from setfiles.
- * Moved restorecon to /sbin.
- * Disable add_assoc in setfiles by default, use -a to enable.
- * Merged genhomedircon patch from Dan Walsh.
- * Merged restorecon patch from Dan Walsh.
- * Merged setfiles buffer size change from Dan Walsh.
- * Merged genhomedircon fix from Karl MacMillan of Tresys.
- This generates separate lines for each prefix.
-
-1.8 2004-03-09
- * Merged genhomedircon patch from Karl MacMillan of Tresys.
- * Removed checkcon script (obsoleted by restorecon -nv).
- * Replaced restorecon script with C program from Dan Walsh.
- Uses the new matchpathcon function from libselinux.
-
-1.6 2004-02-18
- * Fixed setfiles sorting problem reported by Colin Walters.
- * Merged setfiles patch from Robert Bihlmeyer, amended by Russell Coker.
- * Added scripts (checkcon, restorecon, genhomedircon) from Dan Walsh.
- * Quiet warning about duplicate same specifications if -q is used.
- * Fixed usage message of audit2allow.
-
-1.4 2003-12-01
- * Merged patch from Russell Coker.
- * Added audit2allow (formerly newrules.pl from policy).
- * Dropped -lattr from Makefiles.
- * Merged setfiles check type first patch by Russell Coker.
-
-1.2 2003-09-30
- * Merged run_init close file patch from Chris PeBenito.
- * Merged setfiles stem compression patch by Russell Coker.
- * Merged setfiles usage/getopt/err patch by Russell Coker.
- * Merged setfiles altroot patch by Hardened Gentoo team.
- * Merged i18n patch by Dan Walsh.
- * Changed Makefiles to allow non-root rpm builds.
-
-1.1 2003-08-13
- * Dropped obsolete psid code from setfiles.
-
-1.0 2003-07-11
- * Initial public release.
-
Copied: tags/policycoreutils_1_30_29/policycoreutils/ChangeLog (from rev 2030, trunk/policycoreutils/ChangeLog)
===================================================================
--- tags/policycoreutils_1_30_29/policycoreutils/ChangeLog (rev 0)
+++ tags/policycoreutils_1_30_29/policycoreutils/ChangeLog 2006-09-13 21:31:24 UTC (rev 2031)
@@ -0,0 +1,648 @@
+1.30.29 2006-09-13
+ * Man page corrections from Dan Walsh
+ * Change all python invocations to /usr/bin/python -E
+ * Add missing getopt flags to genhomedircon
+
+1.30.28 2006-09-01
+ * Merged fix for restorecon // handling from Erich Schubert.
+ * Merged translations update and fixfiles fix from Dan Walsh.
+
+1.30.27 2006-08-24
+ * Merged fix for restorecon symlink handling from Erich Schubert.
+
+1.30.26 2006-08-11
+ * Merged semanage local file contexts patch from Chris PeBenito.
+
+1.30.25 2006-08-03
+ * Merged patch from Dan Walsh with:
+ * audit2allow: process MAC_POLICY_LOAD events
+ * newrole: run shell with - prefix to start a login shell
+ * po: po file updates
+ * restorecond: bail if SELinux not enabled
+ * fixfiles: omit -q
+ * genhomedircon: fix exit code if non-root
+ * semodule_deps: install man page
+
+1.30.24 2006-08-03
+ * Merged secon Makefile fix from Joshua Brindle.
+
+1.30.23 2006-08-03
+ * Merged netfilter contexts support patch from Chris PeBenito.
+
+1.30.22 2006-07-28
+ * Merged restorecond size_t fix from Joshua Brindle.
+
+1.30.21 2006-07-28
+ * Merged secon keycreate patch from Michael LeMay.
+
+1.30.20 2006-07-26
+ * Merged restorecond fixes from Dan Walsh.
+ Merged updated po files from Dan Walsh.
+
+1.30.19 2006-07-26
+ * Merged python gettext patch from Stephen Bennett.
+
+1.30.18 2006-07-25
+ * Merged semodule_deps from Karl MacMillan.
+
+1.30.17 2006-06-29
+ * Lindent.
+
+1.30.16 2006-06-26
+ * Merged patch from Dan Walsh with:
+ * -p option (progress) for setfiles and restorecon.
+ * disable context translation for setfiles and restorecon.
+ * on/off values for setsebool.
+
+1.30.15 2006-06-26
+ * Merged setfiles and semodule_link fixes from Joshua Brindle.
+
+1.30.14 2006-06-16
+ * Merged fix for setsebool error path from Serge Hallyn.
+
+1.30.13 2006-06-16
+ * Merged patch from Dan Walsh with:
+ * Updated po files.
+ * Fixes for genhomedircon and seobject.
+ * Audit message for mass relabel by setfiles.
+
+1.30.12 2006-06-02
+ * Updated fixfiles script for new setfiles location in /sbin.
+
+1.30.11 2006-05-26
+ * Merged more translations from Dan Walsh.
+ * Merged patch to relocate setfiles to /sbin for early relabel
+ when /usr might not be mounted from Dan Walsh.
+ * Merged semanage/seobject patch to preserve fcontext ordering in list.
+ * Merged secon patch from James Antill.
+
+1.30.10 2006-05-22
+ * Merged patch with updates to audit2allow, secon, genhomedircon,
+ and semanage from Dan Walsh.
+
+1.30.9 2006-05-08
+ * Fixed audit2allow and po Makefiles for DESTDIR= builds.
+ * Merged .po file patch from Dan Walsh.
+ * Merged bug fix for genhomedircon.
+
+1.30.8 2006-05-08
+ * Merged patch from Dan Walsh.
+ This includes audit2allow changes for analysis plugins,
+ internationalization support for several additional programs
+ and added po files, some fixes for semanage, and several cleanups.
+ It also adds a new secon utility.
+
+1.30.7 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.30.6 2006-04-14
+ * Merged semanage prefix support from Russell Coker.
+
+1.30.5 2006-04-11
+ * Added a test to setfiles to check that the spec file is
+ a regular file.
+
+1.30.4 2006-03-29
+ * Merged audit2allow fixes for refpolicy from Dan Walsh.
+ * Merged fixfiles patch from Dan Walsh.
+ * Merged restorecond daemon from Dan Walsh.
+
+1.30.3 2006-03-29
+ * Merged semanage non-MLS fixes from Chris PeBenito.
+
+1.30.2 2006-03-29
+ * Merged semanage and semodule man page examples from Thomas Bleher.
+
+1.30.1 2006-03-20
+ * Merged semanage labeling prefix patch from Ivan Gyurdiev.
+
+1.30 2006-03-14
+ * Updated version for release.
+
+1.29.28 2006-03-13
+ * Merged German translations (de.po) by Debian translation team from Manoj Srivastava.
+
+1.29.27 2006-03-08
+ * Merged audit2allow -R support, chcat fix, semanage MLS checks
+ and semanage audit calls from Dan Walsh.
+
+1.29.26 2006-02-15
+ * Merged semanage bug fix patch from Ivan Gyurdiev.
+
+1.29.25 2006-02-14
+ * Merged improve bindings patch from Ivan Gyurdiev.
+
+1.29.24 2006-02-14
+ * Merged semanage usage patch from Ivan Gyurdiev.
+ * Merged use PyList patch from Ivan Gyurdiev.
+
+1.29.23 2006-02-13
+ * Merged newrole -V/--version support from Glauber de Oliveira Costa.
+
+1.29.22 2006-02-13
+ * Merged genhomedircon prefix patch from Dan Walsh.
+
+1.29.21 2006-02-13
+ * Merged optionals in base patch from Joshua Brindle.
+
+1.29.20 2006-02-07
+ * Merged seuser/user_extra support patch to semodule_package
+ from Joshua Brindle.
+
+1.29.19 2006-02-06
+ * Merged getopt type fix for semodule_link/expand and sestatus
+ from Chris PeBenito.
+
+1.29.18 2006-02-02
+ * Merged clone record on set_con patch from Ivan Gyurdiev.
+
+1.29.17 2006-01-30
+ * Merged genhomedircon fix from Dan Walsh.
+
+1.29.16 2006-01-30
+ * Merged seusers.system patch from Ivan Gyurdiev.
+ * Merged improve port/fcontext API patch from Ivan Gyurdiev.
+ * Merged genhomedircon patch from Dan Walsh.
+
+1.29.15 2006-01-27
+ * Merged newrole audit patch from Steve Grubb.
+
+1.29.14 2006-01-27
+ * Merged seuser -> seuser local rename patch from Ivan Gyurdiev.
+
+1.29.13 2006-01-27
+ * Merged semanage and semodule access check patches from Joshua Brindle.
+
+1.29.12 2006-01-26
+ * Merged restorecon, chcat, and semanage patches from Dan Walsh.
+
+1.29.11 2006-01-25
+ * Modified newrole and run_init to use the loginuid when
+ supported to obtain the Linux user identity to re-authenticate,
+ and to fall back to real uid. Dropped the use of the SELinux
+ user identity, as Linux users are now mapped to SELinux users
+ via seusers and the SELinux user identity space is separate.
+
+1.29.10 2006-01-20
+ * Merged semanage bug fixes from Ivan Gyurdiev.
+ * Merged semanage fixes from Russell Coker.
+ * Merged chcat.8 and genhomedircon patches from Dan Walsh.
+
+1.29.9 2006-01-19
+ * Merged chcat, semanage, and setsebool patches from Dan Walsh.
+
+1.29.8 2006-01-18
+ * Merged semanage fixes from Ivan Gyurdiev.
+ * Merged semanage fixes from Russell Coker.
+ * Merged chcat, genhomedircon, and semanage diffs from Dan Walsh.
+
+1.29.7 2006-01-13
+ * Merged newrole cleanup patch from Steve Grubb.
+ * Merged setfiles/restorecon performance patch from Russell Coker.
+ * Merged genhomedircon and semanage patches from Dan Walsh.
+
+1.29.6 2006-01-12
+ * Merged remove add_local/set_local patch from Ivan Gyurdiev.
+
+1.29.5 2006-01-05
+ * Added filename to semodule error reporting.
+
+1.29.4 2006-01-05
+ * Merged genhomedircon and semanage patch from Dan Walsh.
+ * Changed semodule error reporting to include argv[0].
+
+1.29.3 2006-01-04
+ * Merged semanage getpwnam bug fix from Serge Hallyn (IBM).
+ * Merged patch series from Ivan Gyurdiev.
+ This includes patches to:
+ - cleanup setsebool
+ - update setsebool to apply active booleans through libsemanage
+ - update semodule to use the new semanage_set_rebuild() interface
+ - fix various bugs in semanage
+ * Merged patch from Dan Walsh (Red Hat).
+ This includes fixes for restorecon, chcat, fixfiles, genhomedircon,
+ and semanage.
+
+1.29.2 2005-12-14
+ * Merged patch for chcat script from Dan Walsh.
+
+1.29.1 2005-12-08
+ * Merged fix for audit2allow long option list from Dan Walsh.
+ * Merged -r option for restorecon (alias for -R) from Dan Walsh.
+ * Merged chcat script and man page from Dan Walsh.
+
+1.28 2005-12-07
+ * Updated version for release.
+
+1.27.37 2005-12-07
+ * Clarified the genhomedircon warning message.
+
+1.27.36 2005-12-05
+ * Changed genhomedircon to warn on use of ROLE in homedir_template
+ if using managed policy, as libsemanage does not yet support it.
+
+1.27.35 2005-12-02
+ * Merged genhomedircon bug fix from Dan Walsh.
+
+1.27.34 2005-12-02
+ * Revised semodule* man pages to refer to checkmodule and
+ to include example sections.
+
+1.27.33 2005-12-01
+ * Merged audit2allow --tefile and --fcfile support from Dan Walsh.
+ * Merged genhomedircon fix from Dan Walsh.
+ * Merged semodule* man pages from Dan Walsh, and edited them.
+
+1.27.32 2005-12-01
+ * Changed setfiles to set the MATCHPATHCON_VALIDATE flag to
+ retain validation/canonicalization of contexts during init.
+
+1.27.31 2005-11-29
+ * Changed genhomedircon to always use user_r for the role in the
+ managed case since user_get_defrole is broken.
+
+1.27.30 2005-11-29
+ * Merged sestatus, audit2allow, and semanage patch from Dan Walsh.
+ * Fixed semodule -v option.
+
+1.27.29 2005-11-28
+ * Merged audit2allow python script from Dan Walsh.
+ (old script moved to audit2allow.perl, will be removed later).
+ * Merged genhomedircon fixes from Dan Walsh.
+ * Merged semodule quieting patch from Dan Walsh
+ (inverts default, use -v to restore original behavior).
+
+1.27.28 2005-11-15
+ * Merged genhomedircon rewrite from Dan Walsh.
+
+1.27.27 2005-11-09
+ * Merged setsebool cleanup patch from Ivan Gyurdiev.
+
+1.27.26 2005-11-09
+ * Added -B (--build) option to semodule to force a rebuild.
+
+1.27.25 2005-11-08
+ * Reverted setsebool patch to call semanage_set_reload_bools().
+ * Changed setsebool to disable policy reload and to call
+ security_set_boolean_list to update the runtime booleans.
+
+1.27.24 2005-11-08
+ * Changed setfiles -c to use new flag to set_matchpathcon_flags()
+ to disable context translation by matchpathcon_init().
+
+1.27.23 2005-11-07
+ * Changed setfiles for the context canonicalization support.
+
+1.27.22 2005-11-07
+ * Changed setsebool to call semanage_is_managed() interface
+ and fall back to security_set_boolean_list() if policy is
+ not managed.
+
+1.27.21 2005-11-07
+ * Merged setsebool memory leak fix from Ivan Gyurdiev.
+ * Merged setsebool patch to call semanage_set_reload_bools()
+ interface from Ivan Gyurdiev.
+
+1.27.20 2005-11-04
+ * Merged setsebool patch from Ivan Gyurdiev.
+ This moves setsebool from libselinux/utils to policycoreutils,
+ and rewrites it to use libsemanage for permanent boolean changes.
+
+1.27.19 2005-10-25
+ * Merged semodule support for reload, noreload, and store options
+ from Joshua Brindle.
+ * Merged semodule_package rewrite from Joshua Brindle.
+
+1.27.18 2005-10-20
+ * Cleaned up usage and error messages and releasing of memory by
+ semodule_* utilities.
+
+1.27.17 2005-10-20
+ * Corrected error reporting by semodule.
+
+1.27.16 2005-10-19
+ * Updated semodule_expand for change to sepol interface.
+
+1.27.15 2005-10-19
+ * Merged fixes for make DESTDIR= builds from Joshua Brindle.
+
+1.27.14 2005-10-18
+ * Updated semodule_package for sepol interface changes.
+
+1.27.13 2005-10-17
+ * Updated semodule_expand/link for sepol interface changes.
+
+1.27.12 2005-10-14
+ * Merged non-PAM Makefile support for newrole and run_init from Timothy Wood.
+
+1.27.11 2005-10-13
+ * Updated semodule_expand to use get interfaces for hidden sepol_module_package type.
+
+1.27.10 2005-10-13
+ * Merged newrole and run_init pam config patches from Dan Walsh (Red Hat).
+
+1.27.9 2005-10-13
+ * Merged fixfiles patch from Dan Walsh (Red Hat).
+
+1.27.8 2005-10-13
+ * Updated semodule for removal of semanage_strerror.
+
+1.27.7 2005-10-11
+ * Updated semodule_link and semodule_expand to use shared libsepol.
+ Fixed audit2why to call policydb_init prior to policydb_read (still
+ uses the static libsepol).
+
+1.27.6 2005-10-07
+ * Updated for changes to libsepol.
+ Changed semodule and semodule_package to use the shared libsepol.
+ Disabled build of semodule_link and semodule_expand for now.
+ Updated audit2why for relocated policydb internal headers,
+ still needs to be converted to a shared lib interface.
+
+1.27.5 2005-10-06
+ * Fixed warnings in load_policy.
+
+1.27.4 2005-10-06
+ * Rewrote load_policy to use the new selinux_mkload_policy()
+ interface provided by libselinux.
+
+1.27.3 2005-09-28
+ * Merged patch to update semodule to the new libsemanage API
+ and improve the user interface from Karl MacMillan (Tresys).
+ * Modified semodule for the create/connect API split.
+
+1.27.2 2005-09-20
+ * Merged run_init open_init_pty bug fix from Manoj Srivastava
+ (unblock SIGCHLD). Bug reported by Erich Schubert.
+
+1.27.1 2005-09-20
+ * Merged error shadowing bug fix for restorecon from Dan Walsh.
+ * Merged setfiles usage/man page update for -r option from Dan Walsh.
+ * Merged fixfiles -C patch to ignore :s0 addition on update
+ to a MCS/MLS policy from Dan Walsh.
+
+1.26 2005-09-06
+ * Updated version for release.
+
+1.25.9 2005-08-31
+ * Changed setfiles -c to translate the context to raw format
+ prior to calling libsepol.
+
+1.25.8 2005-08-31
+ * Changed semodule to report errors even without -v,
+ to detect extraneous arguments, and corrected usage message.
+
+1.25.7 2005-08-25
+ * Merged patch for fixfiles -C from Dan Walsh.
+
+1.25.6 2005-08-22
+ * Merged fixes for semodule_link and sestatus from Serge Hallyn (IBM).
+ Bugs found by Coverity.
+
+1.25.5 2005-08-02
+ * Merged patch to move module read/write code from libsemanage
+ to libsepol from Jason Tang (Tresys).
+
+1.25.4 2005-07-27
+ * Changed semodule* to link with libsemanage.
+
+1.25.3 2005-07-26
+ * Merged restorecon patch from Ivan Gyurdiev.
+
+1.25.2 2005-07-11
+ * Merged load_policy, newrole, and genhomedircon patches from Red Hat.
+
+1.25.1 2005-07-06
+ * Merged loadable module support from Tresys Technology.
+
+1.24 2005-06-20
+ * Updated version for release.
+
+1.23.11 2005-05-19
+ * Merged fixfiles and newrole patch from Dan Walsh.
+ * Merged audit2why man page from Dan Walsh.
+
+1.23.10 2005-05-16
+ * Extended audit2why to incorporate booleans and local user
+ settings when analyzing audit messages.
+
+1.23.9 2005-05-13
+ * Updated audit2why for sepol_ prefixes on Flask types to
+ avoid namespace collision with libselinux, and to
+ include <selinux/selinux.h> now.
+
+1.23.8 2005-05-13
+ * Added audit2why utility.
+
+1.23.7 2005-04-29
+ * Merged patch for fixfiles from Dan Walsh.
+ Allow passing -F to force reset of customizable contexts.
+
+1.23.6 2005-04-13
+ * Fixed signed/unsigned pointer bug in load_policy.
+ * Reverted context validation patch for genhomedircon.
+
+1.23.5 2005-04-12
+ * Reverted load_policy is_selinux_enabled patch from Dan Walsh.
+ Otherwise, an initial policy load cannot be performed using
+ load_policy, e.g. for anaconda.
+
+1.23.4 2005-04-08
+ * Merged load_policy is_selinux_enabled patch from Dan Walsh.
+ * Merged restorecon verbose output patch from Dan Walsh.
+ * Merged setfiles altroot patch from Chris PeBenito.
+
+1.23.3 2005-03-17
+ * Merged context validation patch for genhomedircon from Eric Paris.
+
+1.23.2 2005-03-16
+ * Changed setfiles -c to call set_matchpathcon_flags(3) to
+ turn off processing of .homedirs and .local.
+
+1.23.1 2005-03-14
+ * Merged rewrite of genhomedircon by Eric Paris.
+ * Changed fixfiles to relabel jfs since it now supports security xattrs
+ (as of 2.6.11). Removed reiserfs until 2.6.12 is released with
+ fixed support for reiserfs and selinux.
+
+1.22 2005-03-09
+ * Updated version for release.
+
+1.21.22 2005-03-07
+ * Merged restorecon and genhomedircon patch from Dan Walsh.
+
+1.21.21 2005-02-28
+ * Merged load_policy and genhomedircon patch from Dan Walsh.
+
+1.21.20 2005-02-24
+ * Merged fixfiles and genhomedircon patch from Dan Walsh.
+
+1.21.19 2005-02-22
+ * Merged several fixes from Ulrich Drepper.
+
+1.21.18 2005-02-18
+ * Changed load_policy to fall back to the original policy upon
+ an error from sepol_genusers().
+
+1.21.17 2005-02-17
+ * Merged new genhomedircon script from Dan Walsh.
+
+1.21.16 2005-02-17
+ * Changed load_policy to call sepol_genusers().
+
+1.21.15 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.21.14 2005-02-08
+ * Merged restorecon patch from Dan Walsh.
+
+1.21.13 2005-02-07
+ * Merged sestatus patch from Dan Walsh.
+ * Merged further change to fixfiles -C from Dan Walsh.
+
+1.21.12 2005-02-02
+ * Merged further patches for restorecon/setfiles -e and fixfiles -C.
+
+1.21.11 2005-02-02
+ * Merged patch for fixfiles -C option from Dan Walsh.
+ * Merged patch -e support for restorecon from Dan Walsh.
+ * Merged updated -e support for setfiles from Dan Walsh.
+
+1.21.10 2005-01-31
+ * Merged patch for open_init_pty from Manoj Srivastava.
+
+1.21.9 2005-01-28
+ * Merged updated fixfiles script from Dan Walsh.
+ * Merged updated man page for fixfiles from Dan Walsh and re-added unzipped.
+ * Reverted fixfiles patch for file_contexts.local;
+ obsoleted by setfiles rewrite.
+ * Merged error handling patch for restorecon from Dan Walsh.
+ * Merged semi raw mode for open_init_pty helper from Manoj Srivastava.
+
+1.21.8 2005-01-28
+ * Rewrote setfiles to use matchpathcon and the new interfaces
+ exported by libselinux (>= 1.21.5).
+
+1.21.7 2005-01-27
+ * Prevent overflow of spec array in setfiles.
+
+1.21.6 2005-01-27
+ * Merged genhomedircon STARTING_UID bug fix from Dan Walsh.
+
+1.21.5 2005-01-26
+ * Merged newrole -l support from Darrel Goeddel (TCS).
+
+1.21.4 2005-01-25
+ * Merged fixfiles patch for file_contexts.local from Dan Walsh.
+
+1.21.3 2005-01-21
+ * Fixed restorecon to not treat errors from is_context_customizable()
+ as a customizable context.
+ * Merged setfiles/restorecon patch to not reset user field unless
+ -F option is specified from Dan Walsh.
+
+1.21.2 2005-01-21
+ * Merged open_init_pty helper for run_init from Manoj Srivastava.
+ * Merged audit2allow and genhomedircon man pages from Manoj Srivastava.
+
+1.21.1 2005-01-19
+ * Merged customizable contexts patch for restorecon/setfiles from Dan Walsh.
+
+1.20 2005-01-06
+ * Merged fixfiles rewrite from Dan Walsh.
+ * Merged restorecon patch from Dan Walsh.
+ * Merged fixfiles and restorecon patches from Dan Walsh.
+ * Changed restorecon to ignore ENOENT errors from matchpathcon.
+ * Merged nonls patch from Chris PeBenito.
+ * Removed fixfiles.cron.
+ * Merged run_init.8 patch from Dan Walsh.
+
+1.18 2004-11-01
+ * Merged audit2allow patch from Thomas Bleher, with mods by Dan Walsh.
+ * Merged sestatus patch from Steve Grubb.
+ * Merged fixfiles patch from Dan Walsh.
+ * Added -l option to setfiles to log changes via syslog.
+ * Merged -e option to setfiles to exclude directories.
+ * Merged -R option to restorecon for recursive descent.
+ * Merged sestatus patch from Steve Grubb via Dan Walsh.
+ * Merged load_policy and fixfiles.cron patches from Dan Walsh.
+ * Merged fix for setfiles context validation patch from Colin Walters.
+ * Merged setfiles context validation patch from Colin Walters.
+ * Merged genhomedircon patch from Russell Coker.
+ * Merged restorecon patch from Russell Coker.
+
+1.16 2004-08-13
+ * Merged audit2allow fix from Tom London.
+ * Merged load_policy man page from Dan Walsh.
+ * Merged newrole bug fix from Chad Hanson.
+ * Changed load_policy to preserve booleans by default.
+ * Changed load_policy to invoke sepol_genbools() instead.
+ * Changed load_policy to also invoke security_load_booleans().
+ * Merged genhomedircon fixes from Dan Walsh.
+ * Changed restorecon to use realpath.
+ * Merged fixfiles patch from Dan Walsh.
+ * Merged genhomedircon patch from Russell Coker and Dan Walsh.
+ * Merged fixfiles patch and fixfiles.cron script from Dan Walsh.
+ * Merged stat fix for setfiles -s from Russell Coker.
+
+1.14 2004-06-25
+ * Merged fix for fixfiles.
+ * Merged enhancements to setfiles, fixfiles and restorecon from Dan Walsh.
+ * Merged updated genhomedircon script from Russell Coker.
+ * Merged run_init patch to find initrc_context from Dan Walsh.
+ * Merged fixfiles patch for /etc/selinux from Dan Walsh.
+ * Merged restorecon patch from Dan Walsh.
+ * Merged fixfiles patch from Dan Walsh.
+
+1.12 2004-05-10
+ * Merged newrole patch from Colin Walters.
+ * Merged fixfiles from Dan Walsh.
+
+1.10 2004-04-05
+ * Changed setfiles to not abort upon lsetfilecon failures.
+ * Merged sestatus from Chris PeBenito.
+ * Merged fixes for restorecon.
+ * Merged setfiles verbosity patch from Dan Walsh and Stephen Tweedie.
+ * Merged restorecon patch from Dan Walsh.
+ * Revert add_assoc change from setfiles.
+ * Moved restorecon to /sbin.
+ * Disable add_assoc in setfiles by default, use -a to enable.
+ * Merged genhomedircon patch from Dan Walsh.
+ * Merged restorecon patch from Dan Walsh.
+ * Merged setfiles buffer size change from Dan Walsh.
+ * Merged genhomedircon fix from Karl MacMillan of Tresys.
+ This generates separate lines for each prefix.
+
+1.8 2004-03-09
+ * Merged genhomedircon patch from Karl MacMillan of Tresys.
+ * Removed checkcon script (obsoleted by restorecon -nv).
+ * Replaced restorecon script with C program from Dan Walsh.
+ Uses the new matchpathcon function from libselinux.
+
+1.6 2004-02-18
+ * Fixed setfiles sorting problem reported by Colin Walters.
+ * Merged setfiles patch from Robert Bihlmeyer, amended by Russell Coker.
+ * Added scripts (checkcon, restorecon, genhomedircon) from Dan Walsh.
+ * Quiet warning about duplicate same specifications if -q is used.
+ * Fixed usage message of audit2allow.
+
+1.4 2003-12-01
+ * Merged patch from Russell Coker.
+ * Added audit2allow (formerly newrules.pl from policy).
+ * Dropped -lattr from Makefiles.
+ * Merged setfiles check type first patch by Russell Coker.
+
+1.2 2003-09-30
+ * Merged run_init close file patch from Chris PeBenito.
+ * Merged setfiles stem compression patch by Russell Coker.
+ * Merged setfiles usage/getopt/err patch by Russell Coker.
+ * Merged setfiles altroot patch by Hardened Gentoo team.
+ * Merged i18n patch by Dan Walsh.
+ * Changed Makefiles to allow non-root rpm builds.
+
+1.1 2003-08-13
+ * Dropped obsolete psid code from setfiles.
+
+1.0 2003-07-11
+ * Initial public release.
+
Deleted: tags/policycoreutils_1_30_29/policycoreutils/VERSION
===================================================================
--- trunk/policycoreutils/VERSION 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/policycoreutils_1_30_29/policycoreutils/VERSION 2006-09-13 21:31:24 UTC (rev 2031)
@@ -1 +0,0 @@
-1.30.28
Copied: tags/policycoreutils_1_30_29/policycoreutils/VERSION (from rev 2030, trunk/policycoreutils/VERSION)
===================================================================
--- tags/policycoreutils_1_30_29/policycoreutils/VERSION (rev 0)
+++ tags/policycoreutils_1_30_29/policycoreutils/VERSION 2006-09-13 21:31:24 UTC (rev 2031)
@@ -0,0 +1 @@
+1.30.29
Deleted: tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow
===================================================================
--- trunk/policycoreutils/audit2allow/audit2allow 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow 2006-09-13 21:31:24 UTC (rev 2031)
@@ -1,213 +0,0 @@
-#! /usr/bin/env python
-# Copyright (C) 2005 Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# Audit2allow is a rewrite of prior perl script.
-#
-# Based off original audit2allow perl script: which credits
-# newrules.pl, Copyright (C) 2001 Justin R. Smith (js...@mc...)
-# 2003 Oct 11: Add -l option by Yuichi Nakamura(yn...@us...)
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 2 of
-# the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-# 02111-1307 USA
-#
-#
-from avc import *
-
-if __name__ == '__main__':
- import commands, sys, os, getopt, selinux
- import gettext
- try:
- gettext.install('policycoreutils')
- except:
- pass
- def get_mls_flag():
- if selinux.is_selinux_mls_enabled():
- return "-M"
- else:
- return ""
-
- def usage(msg = ""):
- print _('audit2allow [-adhilrv] [-t file ] [ -f fcfile ] [-i <inputfile> ] [[-m|-M] <modulename> ] [-o <outputfile>]\n\
- -a, --all read input from audit and message log, conflicts with -i\n\
- -d, --dmesg read input from output of /bin/dmesg\n\
- -h, --help display this message\n\
- -i, --input read input from <inputfile> conflicts with -a\n\
- -l, --lastreload read input only after last \"load_policy\"\n\
- -m, --module generate module/require output <modulename> \n\
- -M generate loadable module package, conflicts with -o\n\
- -o, --output append output to <outputfile>, conflicts with -M\n\
- -r, --requires generate require output \n\
- -t, --tefile Add input from Existing Type Enforcement file\n\
- -f, --fcfile Existing Type Enforcement file, requires -M\n\
- -v, --verbose verbose output\n\
- -A, --analyze Analyze output\n\
- ')
- if msg != "":
- print msg
- sys.exit(1)
-
- def errorExit(error):
- sys.stderr.write("%s: " % sys.argv[0])
- sys.stderr.write("%s\n" % error)
- sys.stderr.flush()
- sys.exit(1)
-
- #
- #
- #
- try:
- last_reload = 0
- inputfd = sys.stdin
- output = sys.stdout
- module = ""
- requires = 0
- verbose = 0
- auditlogs = 0
- buildPP = 0
- input_ind = 0
- output_ind = 0
- ref_ind = False
- analyze = False
- te_inputs = []
-
- fc_file = ""
- gopts, cmds = getopt.getopt(sys.argv[1:],
- 'Aadf:hi:lm:M:o:rt:vR',
- ['all',
- 'analyze',
- 'dmesg',
- 'fcfile=',
- 'help',
- 'input=',
- 'lastreload',
- 'module=',
- 'output=',
- 'requires',
- 'reference',
- 'tefile=',
- 'verbose'
- ])
- for o,a in gopts:
- if o == "-a" or o == "--all":
- if input_ind:
- usage()
- inputfd = open("/var/log/messages", "r")
- auditlogs = 1
- if o == "-d" or o == "--dmesg":
- inputfd = os.popen("/bin/dmesg", "r")
- if o == "-f" or o == "--fcfile":
- if a[0] == "-":
- usage()
- fc_file = a
- if o == "-h" or o == "--help":
- usage()
- if o == "-i"or o == "--input":
- if auditlogs or a[0] == "-":
- usage()
- input_ind = 1
- inputfd = open(a, "r")
- if o == '--lastreload' or o == "-l":
- last_reload = 1
- if o == "-m" or o == "--module":
- if module != "" or a[0] == "-":
- usage()
- module = a
- if o == "-M":
- if module != "" or output_ind or a[0] == "-":
- usage()
- module = a
- outfile = a+".te"
- buildPP = 1
- if not os.path.exists("/usr/bin/checkmodule"):
- errorExit("-M Requires the checkmodule command, you need to install the checkpolicy rpm package")
- output = open(outfile, "w")
- if o == "-r" or o == "--requires":
- requires = 1
- if o == "-t" or o == "--tefile":
- te_inputs.append(open(a, "r"))
-
- if o == "-R" or o == "--reference":
- ref_ind = True
-
- if o == "-o" or o == "--output":
- if module != "" or a[0] == "-":
- usage()
- output = open(a, "a")
- output_ind = 1
- if o == "-v" or o == "--verbose":
- verbose = 1
-
- if o == "-A" or o == "--analyze":
- analyze = True
-
- if len(cmds) != 0:
- usage()
-
- if fc_file != "" and not buildPP:
- usage("Error %s: Option -fc requires -M" % sys.argv[0])
-
- serules = SERules(last_reload, verbose)
-
- for i in te_inputs:
- te = TERules(serules)
- te.load(i)
-
- serules.load(inputfd)
-
-
- if ref_ind:
- serules.gen_reference_policy()
-
- if analyze:
- serules.analyze()
- sys.exit(0)
-
- if auditlogs and os.path.exists("/var/log/audit/audit.log"):
- inputfd = os.popen("ausearch -m avc,MAC_POLICY_LOAD")
- serules.load(inputfd)
-
- if buildPP:
- print (_("Generating type enforcment file: %s.te") % module)
- output.write(serules.out(requires, module))
- output.flush()
- if buildPP:
- cmd = "checkmodule %s -m -o %s.mod %s.te" % (get_mls_flag(), module, module)
- print _("Compiling policy")
- print cmd
- rc = commands.getstatusoutput(cmd)
- if rc[0] == 0:
- cmd = "semodule_package -o %s.pp -m %s.mod" % (module, module)
- if fc_file != "":
- cmd = "%s -f %s" % (cmd, fc_file)
-
- print cmd
- rc = commands.getstatusoutput(cmd)
- if rc[0] == 0:
- print _("\n******************** IMPORTANT ***********************\n")
- print (_("In order to load this newly created policy package into the kernel,\nyou are required to execute \n\nsemodule -i %s.pp\n\n") % module)
- else:
- errorExit(rc[1])
- else:
- errorExit(rc[1])
-
- except getopt.error, error:
- errorExit(_("Options Error: %s ") % error.msg)
- except ValueError, error:
- errorExit(error.args[0])
- except IOError, error:
- errorExit(error)
- except KeyboardInterrupt, error:
- sys.exit(0)
Copied: tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow (from rev 2030, trunk/policycoreutils/audit2allow/audit2allow)
===================================================================
--- tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow (rev 0)
+++ tags/policycoreutils_1_30_29/policycoreutils/audit2allow/audit2allow 2006-09-13 21:31:24 UTC (rev 2031)
@@ -0,0 +1,213 @@
+#! /usr/bin/python -E
+# Copyright (C) 2005 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# Audit2allow is a rewrite of prior perl script.
+#
+# Based off original audit2allow perl script: which credits
+# newrules.pl, Copyright (C) 2001 Justin R. Smith (js...@mc...)
+# 2003 Oct 11: Add -l option by Yuichi Nakamura(yn...@us...)
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+from avc import *
+
+if __name__ == '__main__':
+ import commands, sys, os, getopt, selinux
+ import gettext
+ try:
+ gettext.install('policycoreutils')
+ except:
+ pass
+ def get_mls_flag():
+ if selinux.is_selinux_mls_enabled():
+ return "-M"
+ else:
+ return ""
+
+ def usage(msg = ""):
+ print _('audit2allow [-adhilrv] [-t file ] [ -f fcfile ] [-i <inputfile> ] [[-m|-M] <modulename> ] [-o <outputfile>]\n\
+ -a, --all read input from audit and message log, conflicts with -i\n\
+ -d, --dmesg read input from output of /bin/dmesg\n\
+ -h, --help display this message\n\
+ -i, --input read input from <inputfile> conflicts with -a\n\
+ -l, --lastreload read input only after last \"load_policy\"\n\
+ -m, --module generate module/require output <modulename> \n\
+ -M generate loadable module package, conflicts with -o\n\
+ -o, --output append output to <outputfile>, conflicts with -M\n\
+ -r, --requires generate require output \n\
+ -t, --tefile Add input from Existing Type Enforcement file\n\
+ -f, --fcfile Existing Type Enforcement file, requires -M\n\
+ -v, --verbose verbose output\n\
+ -A, --analyze Analyze output\n\
+ ')
+ if msg != "":
+ print msg
+ sys.exit(1)
+
+ def errorExit(error):
+ sys.stderr.write("%s: " % sys.argv[0])
+ sys.stderr.write("%s\n" % error)
+ sys.stderr.flush()
+ sys.exit(1)
+
+ #
+ #
+ #
+ try:
+ last_reload = 0
+ inputfd = sys.stdin
+ output = sys.stdout
+ module = ""
+ requires = 0
+ verbose = 0
+ auditlogs = 0
+ buildPP = 0
+ input_ind = 0
+ output_ind = 0
+ ref_ind = False
+ analyze = False
+ te_inputs = []
+
+ fc_file = ""
+ gopts, cmds = getopt.getopt(sys.argv[1:],
+ 'Aadf:hi:lm:M:o:rt:vR',
+ ['all',
+ 'analyze',
+ 'dmesg',
+ 'fcfile=',
+ 'help',
+ 'input=',
+ 'lastreload',
+ 'module=',
+ 'output=',
+ 'requires',
+ 'reference',
+ 'tefile=',
+ 'verbose'
+ ])
+ for o,a in gopts:
+ if o == "-a" or o == "--all":
+ if input_ind:
+ usage()
+ inputfd = open("/var/log/messages", "r")
+ auditlogs = 1
+ if o == "-d" or o == "--dmesg":
+ inputfd = os.popen("/bin/dmesg", "r")
+ if o == "-f" or o == "--fcfile":
+ if a[0] == "-":
+ usage()
+ fc_file = a
+ if o == "-h" or o == "--help":
+ usage()
+ if o == "-i"or o == "--input":
+ if auditlogs or a[0] == "-":
+ usage()
+ input_ind = 1
+ inputfd = open(a, "r")
+ if o == '--lastreload' or o == "-l":
+ last_reload = 1
+ if o == "-m" or o == "--module":
+ if module != "" or a[0] == "-":
+ usage()
+ module = a
+ if o == "-M":
+ if module != "" or output_ind or a[0] == "-":
+ usage()
+ module = a
+ outfile = a+".te"
+ buildPP = 1
+ if not os.path.exists("/usr/bin/checkmodule"):
+ errorExit("-M Requires the checkmodule command, you need to install the checkpolicy rpm package")
+ output = open(outfile, "w")
+ if o == "-r" or o == "--requires":
+ requires = 1
+ if o == "-t" or o == "--tefile":
+ te_inputs.append(open(a, "r"))
+
+ if o == "-R" or o == "--reference":
+ ref_ind = True
+
+ if o == "-o" or o == "--output":
+ if module != "" or a[0] == "-":
+ usage()
+ output = open(a, "a")
+ output_ind = 1
+ if o == "-v" or o == "--verbose":
+ verbose = 1
+
+ if o == "-A" or o == "--analyze":
+ analyze = True
+
+ if len(cmds) != 0:
+ usage()
+
+ if fc_file != "" and not buildPP:
+ usage("Error %s: Option -fc requires -M" % sys.argv[0])
+
+ serules = SERules(last_reload, verbose)
+
+ for i in te_inputs:
+ te = TERules(serules)
+ te.load(i)
+
+ serules.load(inputfd)
+
+
+ if ref_ind:
+ serules.gen_reference_policy()
+
+ if analyze:
+ serules.analyze()
+ sys.exit(0)
+
+ if auditlogs and os.path.exists("/var/log/audit/audit.log"):
+ inputfd = os.popen("ausearch -m avc,MAC_POLICY_LOAD")
+ serules.load(inputfd)
+
+ if buildPP:
+ print (_("Generating type enforcment file: %s.te") % module)
+ output.write(serules.out(requires, module))
+ output.flush()
+ if buildPP:
+ cmd = "checkmodule %s -m -o %s.mod %s.te" % (get_mls_flag(), module, module)
+ print _("Compiling policy")
+ print cmd
+ rc = commands.getstatusoutput(cmd)
+ if rc[0] == 0:
+ cmd = "semodule_package -o %s.pp -m %s.mod" % (module, module)
+ if fc_file != "":
+ cmd = "%s -f %s" % (cmd, fc_file)
+
+ print cmd
+ rc = commands.getstatusoutput(cmd)
+ if rc[0] == 0:
+ print _("\n******************** IMPORTANT ***********************\n")
+ print (_("In order to load this newly created policy package into the kernel,\nyou are required to execute \n\nsemodule -i %s.pp\n\n") % module)
+ else:
+ errorExit(rc[1])
+ ...
[truncated message content] |
|
From: <mad...@us...> - 2006-09-13 21:30:12
|
Revision: 2030
http://svn.sourceforge.net/selinux/?rev=2030&view=rev
Author: madmethod
Date: 2006-09-13 14:29:58 -0700 (Wed, 13 Sep 2006)
Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: Latest policycoreutils.patch
Date: Wed, 13 Sep 2006 13:54:48 -0400
This patch include simple man page fixes and changes the way python
scripts run to make the somewhat more secure.
Also fixes some missing getopt flags.
Acked-By: Joshua Brindle <jbr...@tr...>
Acked-by: Stephen Smalley <sd...@ty...>
Modified Paths:
--------------
trunk/policycoreutils/ChangeLog
trunk/policycoreutils/VERSION
trunk/policycoreutils/audit2allow/audit2allow
trunk/policycoreutils/audit2allow/avc.py
trunk/policycoreutils/restorecond/restorecond.init
trunk/policycoreutils/scripts/chcat
trunk/policycoreutils/scripts/genhomedircon
trunk/policycoreutils/secon/Makefile
trunk/policycoreutils/semanage/semanage
trunk/policycoreutils/semanage/semanage.8
trunk/policycoreutils/semanage/seobject.py
trunk/policycoreutils/semodule_link/semodule_link.8
trunk/policycoreutils/semodule_package/semodule_package.8
Modified: trunk/policycoreutils/ChangeLog
===================================================================
--- trunk/policycoreutils/ChangeLog 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/ChangeLog 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,3 +1,8 @@
+1.30.29 2006-09-13
+ * Man page corrections from Dan Walsh
+ * Change all python invocations to /usr/bin/python -E
+ * Add missing getopt flags to genhomedircon
+
1.30.28 2006-09-01
* Merged fix for restorecon // handling from Erich Schubert.
* Merged translations update and fixfiles fix from Dan Walsh.
Modified: trunk/policycoreutils/VERSION
===================================================================
--- trunk/policycoreutils/VERSION 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/VERSION 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1 +1 @@
-1.30.28
+1.30.29
Modified: trunk/policycoreutils/audit2allow/audit2allow
===================================================================
--- trunk/policycoreutils/audit2allow/audit2allow 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/audit2allow/audit2allow 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#! /usr/bin/python -E
# Copyright (C) 2005 Red Hat
# see file 'COPYING' for use and warranty information
#
Modified: trunk/policycoreutils/audit2allow/avc.py
===================================================================
--- trunk/policycoreutils/audit2allow/avc.py 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/audit2allow/avc.py 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#! /usr/bin/python -E
# Copyright (C) 2006 Red Hat
# see file 'COPYING' for use and warranty information
#
Modified: trunk/policycoreutils/restorecond/restorecond.init
===================================================================
--- trunk/policycoreutils/restorecond/restorecond.init 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/restorecond/restorecond.init 2006-09-13 21:29:58 UTC (rev 2030)
@@ -3,9 +3,9 @@
# restorecond: Daemo used to maintain path file context
#
# chkconfig: 2345 10 90
-# description: restorecond uses inotify to look for creation of new files listed in the
-# /etc/selinux/POLICYTYPE/restorefiles.conf file, and sets the correct security
-# context.
+# description: restorecond uses inotify to look for creation of new files \
+# listed in the /etc/selinux/restorecond.conf file, and restores the \
+# correct security context.
#
# Source function library.
Modified: trunk/policycoreutils/scripts/chcat
===================================================================
--- trunk/policycoreutils/scripts/chcat 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/scripts/chcat 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#! /usr/bin/python -E
# Copyright (C) 2005 Red Hat
# see file 'COPYING' for use and warranty information
#
Modified: trunk/policycoreutils/scripts/genhomedircon
===================================================================
--- trunk/policycoreutils/scripts/genhomedircon 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/scripts/genhomedircon 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/python
+#! /usr/bin/python -E
# Copyright (C) 2004 Tresys Technology, LLC
# see file 'COPYING' for use and warranty information
#
@@ -356,7 +356,7 @@
usepwd = 1
directory = "/etc/selinux"
type = None
- gopts, cmds = getopt.getopt(sys.argv[1:], 'nd:t:', ['help',
+ gopts, cmds = getopt.getopt(sys.argv[1:], 'hnd:t:', ['help',
'type=',
'nopasswd',
'dir='])
@@ -367,7 +367,7 @@
usepwd = 0
if o == '--dir' or o == "-d":
directory = a
- if o == '--help':
+ if o == '--help' or o == "-h":
usage()
Modified: trunk/policycoreutils/secon/Makefile
===================================================================
--- trunk/policycoreutils/secon/Makefile 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/secon/Makefile 2006-09-13 21:29:58 UTC (rev 2030)
@@ -20,8 +20,8 @@
install: all
install -m 755 secon $(BINDIR);
-# test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
-# install -m 644 ../man/secon.1 $(MANDIR)/man1
+ test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
+ install -m 644 secon.1 $(MANDIR)/man1
relabel:
/sbin/restorecon $(BINDIR)/secon
Modified: trunk/policycoreutils/semanage/semanage
===================================================================
--- trunk/policycoreutils/semanage/semanage 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/semanage/semanage 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#! /usr/bin/python -E
# Copyright (C) 2005 Red Hat
# see file 'COPYING' for use and warranty information
#
Modified: trunk/policycoreutils/semanage/semanage.8
===================================================================
--- trunk/policycoreutils/semanage/semanage.8 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/semanage/semanage.8 2006-09-13 21:29:58 UTC (rev 2030)
@@ -88,9 +88,9 @@
# View SELinux user mappings
$ semanage user -l
# Allow joe to login as staff_u
-$ semanage login -a -s staff_u
+$ semanage login -a -s staff_u joe
# Add file-context for everything under /web (used by restorecon)
-$ semanage fcontext -a -t httpd_sys_content_t '/web(/.*)?'
+$ semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
# Allow Apache to listen on port 81
$ semanage port -a -t http_port_t -p tcp 81
.fi
Modified: trunk/policycoreutils/semanage/seobject.py
===================================================================
--- trunk/policycoreutils/semanage/seobject.py 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/semanage/seobject.py 2006-09-13 21:29:58 UTC (rev 2030)
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#! /usr/bin/python -E
# Copyright (C) 2005 Red Hat
# see file 'COPYING' for use and warranty information
#
Modified: trunk/policycoreutils/semodule_link/semodule_link.8
===================================================================
--- trunk/policycoreutils/semodule_link/semodule_link.8 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/semodule_link/semodule_link.8 2006-09-13 21:29:58 UTC (rev 2030)
@@ -3,7 +3,7 @@
semodule_link \- Link SELinux policy module packages together
.SH SYNOPSIS
-.B semodule_link [-V] [-o outfile] basemodpkg modpkg1 [modpkg2]...
+.B semodule_link [-Vv] [-o outfile] basemodpkg modpkg1 [modpkg2]...
.br
.SH DESCRIPTION
.PP
@@ -17,9 +17,12 @@
.SH "OPTIONS"
.TP
.B \-V
+show version
+.TP
+.B \-v
verbose mode
.TP
-.B \-o \-\-outfile <output file>
+.B \-o <output file>
Linked policy module package generated by this tool.
Modified: trunk/policycoreutils/semodule_package/semodule_package.8
===================================================================
--- trunk/policycoreutils/semodule_package/semodule_package.8 2006-09-13 15:14:00 UTC (rev 2029)
+++ trunk/policycoreutils/semodule_package/semodule_package.8 2006-09-13 21:29:58 UTC (rev 2030)
@@ -28,11 +28,20 @@
.B \-o \-\-outfile <output file>
Policy module package file generated by this tool.
.TP
+.B \-s \-\-seuser <seuser file>
+seuser file to be included in the package.
+.TP
+.B \-u \-\-user_extra <user extra file>
+user_extra file to be included in the package.
+.TP
.B \-m \-\-module <Module file>
Policy module file to be included in the package.
.TP
.B \-f \-\-fc <File context file>
File contexts file for the module (optional).
+.TP
+.B \-n \-\-nc <netfilter context file>
+netfilter context file to be included in the package.
.SH SEE ALSO
.B checkmodule(8), semodule(8)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-13 15:14:09
|
Revision: 2029
http://svn.sourceforge.net/selinux/?rev=2029&view=rev
Author: madmethod
Date: 2006-09-13 08:14:00 -0700 (Wed, 13 Sep 2006)
Log Message:
-----------
tag for libselinux 1.30.28
Added Paths:
-----------
tags/libselinux_1_30_28/
tags/libselinux_1_30_28/libselinux/
tags/libselinux_1_30_28/libselinux/ChangeLog
tags/libselinux_1_30_28/libselinux/VERSION
tags/libselinux_1_30_28/libselinux/src/setrans_client.c
Removed Paths:
-------------
tags/libselinux_1_30_28/libselinux/ChangeLog
tags/libselinux_1_30_28/libselinux/VERSION
tags/libselinux_1_30_28/libselinux/src/setrans_client.c
Copied: tags/libselinux_1_30_28/libselinux (from rev 2026, trunk/libselinux)
Deleted: tags/libselinux_1_30_28/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/libselinux_1_30_28/libselinux/ChangeLog 2006-09-13 15:14:00 UTC (rev 2029)
@@ -1,550 +0,0 @@
-1.30.27 2006-08-24
- * Merged patch to not log avc stats upon a reset from Steve Grubb.
- * Applied patch to revert compat_net setting upon policy load.
-
-1.30.26 2006-08-11
- * Merged file context homedir and local path functions from
- Chris PeBenito.
-
-1.30.25 2006-08-11
- * Rework functions that access /proc/pid/attr to access the
- per-thread nodes, and unify the code to simplify maintenance.
-
-1.30.24 2006-08-10
- * Merged return value fix for *getfilecon() from Dan Walsh.
-
-1.30.23 2006-08-10
- * Merged sockcreate interfaces from Eric Paris.
-
-1.30.22 2006-08-03
- * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
-
-1.30.21 2006-08-03
- * Merged netfilter_contexts support patch from Chris PeBenito.
-
-1.30.20 2006-08-01
- * Merged context_*_set errno patch from Jim Meyering.
-
-1.30.19 2006-06-29
- * Lindent.
-
-1.30.18 2006-06-27
- * Merged {get,set}procattrcon patch set from Eric Paris.
- * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
-
-1.30.17 2006-06-27
- * Regenerated Flask headers from refpolicy.
-
-1.30.16 2006-06-26
- * Merged patch from Dan Walsh with:
- - Added selinux_file_context_{cmp,verify}.
- - Added selinux_lsetfilecon_default.
- - Delay translation of contexts in matchpathcon.
-
-1.30.15 2006-06-16
- * Merged patch from Dan Walsh with:
- * Added selinux_getpolicytype() function.
- * Modified setrans code to skip processing if !mls_enabled.
-
-1.30.14 2006-06-16
- * Set errno in the !selinux_mnt case.
-
-1.30.13 2006-06-02
- * Allocate large buffers from the heap, not on stack.
- Affects is_context_customizable, selinux_init_load_policy,
- and selinux_getenforcemode.
-
-1.30.12 2006-06-02
- * Merged !selinux_mnt checks from Ian Kent.
-
-1.30.11 2006-05-24
- * Merged matchmediacon and trans_to_raw_context fixes from
- Serge Hallyn.
-
-1.30.10 2006-05-22
- * Merged simple setrans client cache from Dan Walsh.
- Merged avcstat patch from Russell Coker.
-
-1.30.9 2006-05-22
- * Modified selinux_mkload_policy() to also set /selinux/compat_net
- appropriately for the loaded policy.
-
-1.30.8 2006-05-17
- * Added matchpathcon_fini() function to free memory allocated by
- matchpathcon_init().
-
-1.30.7 2006-05-16
- * Merged setrans client cleanup patch from Steve Grubb.
-
-1.30.6 2006-05-08
- * Merged getfscreatecon man page fix from Dan Walsh.
- * Updated booleans(8) man page to drop references to the old
- booleans file and to note that setsebool can be used to set
- the boot-time defaults via -P.
-
-1.30.5 2006-05-05
- * Merged fix warnings patch from Karl MacMillan.
-
-1.30.4 2006-05-05
- * Merged setrans client support from Dan Walsh.
- This removes use of libsetrans.
- * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
- * Merged swig typemap fixes from Glauber de Oliveira Costa.
-
-1.30.3 2006-04-12
- * Added distclean target to Makefile.
- * Regenerated swig files.
-
-1.30.2 2006-04-11
- * Changed matchpathcon_init to verify that the spec file is
- a regular file.
- * Merged python binding t_output_helper removal patch from Dan Walsh.
-
-1.30.1 2006-03-20
- * Merged Makefile PYLIBVER definition patch from Dan Walsh.
-
-1.30 2006-03-14
- * Updated version for release.
-
-1.29.8 2006-02-27
- * Altered rpm_execcon fallback logic for permissive mode to also
- handle case where /selinux/enforce is not available.
-
-1.29.7 2006-01-20
- * Merged install-pywrap Makefile patch from Joshua Brindle.
-
-1.29.6 2006-01-18
- * Merged pywrap Makefile patch from Dan Walsh.
-
-1.29.5 2006-01-11
- * Added getseuser test program.
-
-1.29.4 2006-01-06
- * Added format attribute to myprintf in matchpathcon.c and
- removed obsoleted rootlen variable in init_selinux_config().
-
-1.29.3 2006-01-04
- * Merged several fixes and improvements from Ulrich Drepper
- (Red Hat), including:
- - corrected use of getline
- - further calls to __fsetlocking for local files
- - use of strdupa and asprintf
- - proper handling of dirent in booleans code
- - use of -z relro
- - several other optimizations
- * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
-
-1.29.2 2005-12-14
- * Merged call to finish_context_translations from Dan Walsh.
- This eliminates a memory leak from failing to release memory
- allocated by libsetrans.
-
-1.29.1 2005-12-08
- * Merged patch for swig interfaces from Dan Walsh.
-
-1.28 2005-12-07
- * Updated version for release.
-
-1.27.28 2005-12-01
- * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
- modified matchpathcon implementation to make context validation/
- canonicalization optional at matchpathcon_init time, deferring it
- to a successful matchpathcon by default unless the new flag is set
- by the caller.
-
-1.27.27 2005-12-01
- * Added matchpathcon_init_prefix() interface, and
- reworked matchpathcon implementation to support selective
- loading of file contexts entries based on prefix matching
- between the pathname regex stems and the specified path
- prefix (stem must be a prefix of the specified path prefix).
-
-1.27.26 2005-11-29
- * Merged getsebool patch from Dan Walsh.
-
-1.27.25 2005-11-29
- * Added -f file_contexts option to matchpathcon util.
- Fixed warning message in matchpathcon_init().
-
-1.27.24 2005-11-29
- * Merged Makefile python definitions patch from Dan Walsh.
-
-1.27.23 2005-11-28
- * Merged swigify patch from Dan Walsh.
-
-1.27.22 2005-11-15
- * Merged make failure in rpm_execcon non-fatal in permissive mode
- patch from Ivan Gyurdiev.
-
-1.27.21 2005-11-08
- * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
- and modified matchpathcon_init() to skip context translation
- if it is set by the caller.
-
-1.27.20 2005-11-07
- * Added security_canonicalize_context() interface and
- set_matchpathcon_canoncon() interface for obtaining
- canonical contexts. Changed matchpathcon internals
- to obtain canonical contexts by default. Provided
- fallback for kernels that lack extended selinuxfs context
- interface.
-
-1.27.19 2005-11-04
- * Merged seusers parser changes from Ivan Gyurdiev.
- * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
- * Changed seusers parser to reject empty fields.
-
-1.27.18 2005-11-03
- * Merged seusers empty level handling patch from Jonathan Kim (TCS).
-
-1.27.17 2005-10-27
- * Changed default entry for seusers to use __default__ to avoid
- ambiguity with users named "default".
-
-1.27.16 2005-10-27
- * Fixed init_selinux_config() handling of missing /etc/selinux/config
- or missing SELINUXTYPE= definition.
- * Merged selinux_translations_path() patch from Dan Walsh.
-
-1.27.15 2005-10-25
- * Added hidden_proto/def for get_default_context_with_role.
-
-1.27.14 2005-10-25
- * Merged selinux_path() and selinux_homedir_context_path()
- functions from Joshua Brindle.
-
-1.27.13 2005-10-19
- * Merged fixes for make DESTDIR= builds from Joshua Brindle.
-
-1.27.12 2005-10-18
- * Merged get_default_context_with_rolelevel and man pages from
- Dan Walsh (Red Hat).
-
-1.27.11 2005-10-18
- * Updated call to sepol_policydb_to_image for sepol changes.
-
-1.27.10 2005-10-17
- * Changed getseuserbyname to ignore empty lines and to handle
- no matching entry in the same manner as no seusers file.
-
-1.27.9 2005-10-13
- * Changed selinux_mkload_policy to try downgrading the
- latest policy version available to the kernel-supported version.
-
-1.27.8 2005-10-11
- * Changed selinux_mkload_policy to fall back to the maximum
- policy version supported by libsepol if the kernel policy version
- falls outside of the supported range.
-
-1.27.7 2005-10-06
- * Changed getseuserbyname to fall back to the Linux username and
- NULL level if seusers config file doesn't exist unless
- REQUIRESEUSERS=1 is set in /etc/selinux/config.
- * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
-
-1.27.6 2005-10-06
- * Added selinux_init_load_policy() function as an even higher level
- interface for the initial policy load by /sbin/init. This obsoletes
- the load_policy() function in the sysvinit-selinux.patch.
-
-1.27.5 2005-10-06
- * Added selinux_mkload_policy() function as a higher level interface
- for loading policy than the security_load_policy() interface.
-
-1.27.4 2005-10-05
- * Merged fix for matchpathcon (regcomp error checking) from Johan
- Fischer. Also added use of regerror to obtain the error string
- for inclusion in the error message.
-
-1.27.3 2005-10-03
- * Changed getseuserbyname to not require (and ignore if present)
- the MLS level in seusers.conf if MLS is disabled, setting *level
- to NULL in this case.
-
-1.27.2 2005-09-30
- * Merged getseuserbyname patch from Dan Walsh.
-
-1.27.1 2005-09-19
- * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
- This allows file_contexts with MLS fields to be processed on
- non-MLS-enabled systems with policies that are otherwise
- identical (e.g. same type definitions).
- * Merged get_ordered_context_list_with_level() function from
- Dan Walsh, and added get_default_context_with_level().
- This allows MLS level selection for users other than the
- default level.
-
-1.26 2005-09-06
- * Updated version for release.
-
-1.25.7 2005-09-01
- * Merged modified form of patch to avoid dlopen/dlclose by
- the static libselinux from Dan Walsh. Users of the static libselinux
- will not have any context translation by default.
-
-1.25.6 2005-08-31
- * Added public functions to export context translation to
- users of libselinux (selinux_trans_to_raw_context,
- selinux_raw_to_trans_context).
-
-1.25.5 2005-08-26
- * Remove special definition for context_range_set; use
- common code.
-
-1.25.4 2005-08-25
- * Hid translation-related symbols entirely and ensured that
- raw functions have hidden definitions for internal use.
- * Allowed setting NULL via context_set* functions.
- * Allowed whitespace in MLS component of context.
- * Changed rpm_execcon to use translated functions to workaround
- lack of MLS level on upgraded systems.
-
-1.25.3 2005-08-23
- * Merged context translation patch, originally by TCS,
- with modifications by Dan Walsh (Red Hat).
-
-1.25.2 2005-08-11
- * Merged several fixes for error handling paths in the
- AVC sidtab, matchpathcon, booleans, context, and get_context_list
- code from Serge Hallyn (IBM). Bugs found by Coverity.
-
-1.25.1 2005-08-10
- * Removed setupns; migrated to pam.
- * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
- Original symbol is temporarily retained for compatibility until
- all callers are updated.
-
-1.24 2005-06-20
- * Updated version for release.
-
-1.23.12 2005-06-13
- * Merged security_setupns() from Chad Sellers.
-
-1.23.11 2005-05-19
- * Merged avcstat and selinux man page from Dan Walsh.
- * Changed security_load_booleans to process booleans.local
- even if booleans file doesn't exist.
-
-1.23.10 2005-04-29
- * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
-
-1.23.9 2005-04-26
- * Rewrote get_ordered_context_list and helpers, including
- changing logic to allow variable MLS fields.
-
-1.23.8 2005-04-25
- * Merged matchpathcon and man page patch from Dan Walsh.
-
-1.23.7 2005-04-12
- * Changed boolean functions to return -1 with errno ENOENT
- rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
- mounted).
-
-1.23.6 2005-04-08
- * Fixed bug in matchpathcon_filespec_destroy.
-
-1.23.5 2005-04-05
- * Fixed bug in rpm_execcon error handling path.
-
-1.23.4 2005-04-04
- * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
- * Merged fix for getconlist utility from Andreas Steinmetz.
-
-1.23.3 2005-03-29
- * Merged security_set_boolean_list patch from Dan Walsh.
- This introduces booleans.local support for setsebool.
-
-1.23.2 2005-03-17
- * Merged destructors patch from Tomas Mraz.
-
-1.23.1 2005-03-16
- * Added set_matchpathcon_flags() function for setting flags
- controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
- means only process the base file_contexts file, not
- file_contexts.homedirs or file_contexts.local, and is for use by
- setfiles -c.
- * Updated matchpathcon.3 man page.
-
-1.22 2005-03-09
- * Updated version for release.
-
-1.21.13 2005-03-08
- * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
-
-1.21.12 2005-03-01
- * Changed matchpathcon_common to ignore any non-format bits in the mode.
-
-1.21.11 2005-02-22
- * Merged several fixes from Ulrich Drepper.
-
-1.21.10 2005-02-17
- * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
- * Added selinux_users_path() for path to directory containing
- system.users and local.users.
-
-1.21.9 2005-02-09
- * Changed relabel Makefile target to use restorecon.
-
-1.21.8 2005-02-07
- * Regenerated av_permissions.h.
-
-1.21.7 2005-02-01
- * Modified avc_dump_av to explicitly check for any permissions that
- cannot be mapped to string names and display them as a hex value.
-
-1.21.6 2005-01-31
- * Regenerated av_permissions.h.
-
-1.21.5 2005-01-28
- * Generalized matchpathcon internals, exported more interfaces,
- and moved additional code from setfiles into libselinux so that
- setfiles can directly use matchpathcon.
-
-1.21.4 2005-01-27
- * Prevent overflow of spec array in matchpathcon.
-
-1.21.3 2005-01-26
- * Fixed several uses of internal functions to avoid relocations.
- * Changed rpm_execcon to check is_selinux_enabled() and fallback to
- a regular execve if not enabled (or unable to determine due to a lack
- of /proc, e.g. chroot'd environment).
-
-
-1.21.2 2005-01-24
- * Merged minor fix for avcstat from Dan Walsh.
-
-1.21.1 2005-01-19
- * Merged patch from Dan Walsh, including:
- - new is_context_customizable function
- - changed matchpathcon to also use file_contexts.local if present
- - man page cleanups
-
-1.20 2005-01-04
- * Changed matchpathcon to return -1 with errno ENOENT for
- <<none>> entries, and also for an empty file_contexts configuration.
- * Removed some trivial utils that were not useful or redundant.
- * Changed BINDIR default to /usr/sbin to match change in Fedora.
- * Added security_compute_member.
- * Added man page for setcon.
- * Merged more man pages from Dan Walsh.
- * Merged avcstat from James Morris.
- * Merged build fix for mips from Manoj Srivastava.
- * Merged C++ support from John Ramsdell of MITRE.
- * Merged setcon() function from Darrel Goeddel of TCS.
- * Merged setsebool/togglesebool enhancement from Steve Grubb.
- * Merged cleanup patches from Steve Grubb.
-
-1.18 2004-11-01
- * Merged cleanup patches from Steve Grubb.
- * Added rpm_execcon.
- * Merged setenforce and removable context patch from Dan Walsh.
- * Merged build fix for alpha from Ulrich Drepper.
- * Removed copyright/license from selinux_netlink.h - definitions only.
- * Merged matchmediacon from Dan Walsh.
- * Regenerated headers for new nscd permissions.
- * Added get_default_context_with_role.
- * Added set_matchpathcon_printf.
- * Reworked av_inherit.h to allow easier re-use by kernel.
- * Changed avc_has_perm_noaudit to not fail on netlink errors.
- * Changed avc netlink code to check pid based on patch by Steve Grubb.
- * Merged second optimization patch from Ulrich Drepper.
- * Changed matchpathcon to skip invalid file_contexts entries.
- * Made string tables private to libselinux.
- * Merged strcat->stpcpy patch from Ulrich Drepper.
- * Merged matchpathcon man page from Dan Walsh.
- * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
- * Autobind netlink socket.
- * Dropped compatibility code from security_compute_user.
- * Merged fix for context_range_set from Chad Hanson.
- * Merged allocation failure checking patch from Chad Hanson.
- * Merged avc netlink error message patch from Colin Walters.
-
-1.16 2004-08-19
- * Regenerated headers for nscd class.
- * Merged man pages from Dan Walsh.
- * Merged context_new bug fix for MLS ranges from Chad Hanson.
- * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
- * Renamed change_bool and show_bools to setsebool and getsebool.
- * Merged security_load_booleans() function from Dan Walsh.
- * Added selinux_booleans_path() function.
- * Changed avc_init function prototype to use const.
- * Regenerated headers for crontab permission.
- * Added checkAccess from Dan Walsh.
- * Merged getenforce patch from Dan Walsh.
- * Regenerated headers for dbus classes.
-
-1.14 2004-06-16
- * Regenerated headers for fine-grained netlink classes.
- * Merged selinux_config bug fix from Dan Walsh.
- * Added userspace AVC man pages.
- * Added man links for API calls to existing man pages documenting them.
- * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
- * Merged patch to determine config file paths at runtime to support
- reorganized layout.
- * Regenerated flask headers with stable ordering.
- * Merged patch for man pages from Russell Coker.
-
-1.12 2004-05-10
- * Updated flask files to include new SE-X security classes.
- * Added security_disable function for runtime disable of SELinux prior
- to initial policy load (for /sbin/init).
- * Changed get_ordered_context_list to omit any reachable contexts
- that are not explicitly listed in default_contexts, unless there
- are no matches.
- * Merged man pages from Russell Coker and Dan Walsh.
- * Merged memory leak fixes from Dan Walsh.
- * Merged policyvers errno patch from Chris PeBenito.
-
-1.10 2004-04-05
- * Merged getenforce patch from Dan Walsh.
- * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
- the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
- Based on a patch by Russell Coker.
- * Merged matchpathcon buffer size fix from Dan Walsh.
-
-1.8 2004-03-09
- * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
- * Added matchpathcon function.
- * Updated userspace AVC to handle netlink selinux notifications.
-
-1.6 2004-02-18
- * Merged conditional policy extensions from Tresys Technology.
- * Added userspace avc and SID table implementation.
- * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
- * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
- * Changed to use getpwnam_r rather than getpwnam internally to
- avoid clobbering any existing pwd struct obtained by the caller.
- * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
- and handle allocation ala getfilecon.
- * Changed is_selinux_enabled to return -1 on errors.
- * Changed to discover selinuxfs mount point via /proc/mounts
- so that the mount point can be changed without rebuilding.
-
-1.4 2003-12-01
- * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
- * Regenerate headers for new permissions.
- * Merged static lib build patch from Bastian Blank and Joerg Hoh.
- * Export SELINUXMNT definition, add SELINUXPOLICY definition.
- * Add functions to provide access to enforce and policyvers.
- * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
- * Fixed type for 'size' in *getfilecon.
- * Dropped -lattr and changed #include's to <sys/xattr.h>
- * Merged patch to move shared library to /lib from Dan Walsh.
- * Changed get_ordered_context_list to support a failsafe context.
- * Added selinuxenabled utility.
- * Merged const patch from Thorsten Kukuk.
-
-1.2 2003-09-30
- * Change is_selinux_enabled to fail if policy isn't loaded.
- * Changed Makefiles to allow non-root rpm builds.
- * Added -lattr for libselinux.so to ensure proper binding.
-
-1.1 2003-08-13
- * Ensure that context strings are padded with a null byte
- in case the kernel didn't include one.
- * Regenerate headers, update helpers.c for code cleanup.
- * Pass soname flag to linker (Colin Walters).
- * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
-
-1.0 2003-07-11
- * Initial public release.
Copied: tags/libselinux_1_30_28/libselinux/ChangeLog (from rev 2028, trunk/libselinux/ChangeLog)
===================================================================
--- tags/libselinux_1_30_28/libselinux/ChangeLog (rev 0)
+++ tags/libselinux_1_30_28/libselinux/ChangeLog 2006-09-13 15:14:00 UTC (rev 2029)
@@ -0,0 +1,553 @@
+1.30.28 2006-09-13
+ * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+
+1.30.27 2006-08-24
+ * Merged patch to not log avc stats upon a reset from Steve Grubb.
+ * Applied patch to revert compat_net setting upon policy load.
+
+1.30.26 2006-08-11
+ * Merged file context homedir and local path functions from
+ Chris PeBenito.
+
+1.30.25 2006-08-11
+ * Rework functions that access /proc/pid/attr to access the
+ per-thread nodes, and unify the code to simplify maintenance.
+
+1.30.24 2006-08-10
+ * Merged return value fix for *getfilecon() from Dan Walsh.
+
+1.30.23 2006-08-10
+ * Merged sockcreate interfaces from Eric Paris.
+
+1.30.22 2006-08-03
+ * Merged no-tls-direct-seg-refs patch from Jeremy Katz.
+
+1.30.21 2006-08-03
+ * Merged netfilter_contexts support patch from Chris PeBenito.
+
+1.30.20 2006-08-01
+ * Merged context_*_set errno patch from Jim Meyering.
+
+1.30.19 2006-06-29
+ * Lindent.
+
+1.30.18 2006-06-27
+ * Merged {get,set}procattrcon patch set from Eric Paris.
+ * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris.
+
+1.30.17 2006-06-27
+ * Regenerated Flask headers from refpolicy.
+
+1.30.16 2006-06-26
+ * Merged patch from Dan Walsh with:
+ - Added selinux_file_context_{cmp,verify}.
+ - Added selinux_lsetfilecon_default.
+ - Delay translation of contexts in matchpathcon.
+
+1.30.15 2006-06-16
+ * Merged patch from Dan Walsh with:
+ * Added selinux_getpolicytype() function.
+ * Modified setrans code to skip processing if !mls_enabled.
+
+1.30.14 2006-06-16
+ * Set errno in the !selinux_mnt case.
+
+1.30.13 2006-06-02
+ * Allocate large buffers from the heap, not on stack.
+ Affects is_context_customizable, selinux_init_load_policy,
+ and selinux_getenforcemode.
+
+1.30.12 2006-06-02
+ * Merged !selinux_mnt checks from Ian Kent.
+
+1.30.11 2006-05-24
+ * Merged matchmediacon and trans_to_raw_context fixes from
+ Serge Hallyn.
+
+1.30.10 2006-05-22
+ * Merged simple setrans client cache from Dan Walsh.
+ Merged avcstat patch from Russell Coker.
+
+1.30.9 2006-05-22
+ * Modified selinux_mkload_policy() to also set /selinux/compat_net
+ appropriately for the loaded policy.
+
+1.30.8 2006-05-17
+ * Added matchpathcon_fini() function to free memory allocated by
+ matchpathcon_init().
+
+1.30.7 2006-05-16
+ * Merged setrans client cleanup patch from Steve Grubb.
+
+1.30.6 2006-05-08
+ * Merged getfscreatecon man page fix from Dan Walsh.
+ * Updated booleans(8) man page to drop references to the old
+ booleans file and to note that setsebool can be used to set
+ the boot-time defaults via -P.
+
+1.30.5 2006-05-05
+ * Merged fix warnings patch from Karl MacMillan.
+
+1.30.4 2006-05-05
+ * Merged setrans client support from Dan Walsh.
+ This removes use of libsetrans.
+ * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh.
+ * Merged swig typemap fixes from Glauber de Oliveira Costa.
+
+1.30.3 2006-04-12
+ * Added distclean target to Makefile.
+ * Regenerated swig files.
+
+1.30.2 2006-04-11
+ * Changed matchpathcon_init to verify that the spec file is
+ a regular file.
+ * Merged python binding t_output_helper removal patch from Dan Walsh.
+
+1.30.1 2006-03-20
+ * Merged Makefile PYLIBVER definition patch from Dan Walsh.
+
+1.30 2006-03-14
+ * Updated version for release.
+
+1.29.8 2006-02-27
+ * Altered rpm_execcon fallback logic for permissive mode to also
+ handle case where /selinux/enforce is not available.
+
+1.29.7 2006-01-20
+ * Merged install-pywrap Makefile patch from Joshua Brindle.
+
+1.29.6 2006-01-18
+ * Merged pywrap Makefile patch from Dan Walsh.
+
+1.29.5 2006-01-11
+ * Added getseuser test program.
+
+1.29.4 2006-01-06
+ * Added format attribute to myprintf in matchpathcon.c and
+ removed obsoleted rootlen variable in init_selinux_config().
+
+1.29.3 2006-01-04
+ * Merged several fixes and improvements from Ulrich Drepper
+ (Red Hat), including:
+ - corrected use of getline
+ - further calls to __fsetlocking for local files
+ - use of strdupa and asprintf
+ - proper handling of dirent in booleans code
+ - use of -z relro
+ - several other optimizations
+ * Merged getpidcon python wrapper from Dan Walsh (Red Hat).
+
+1.29.2 2005-12-14
+ * Merged call to finish_context_translations from Dan Walsh.
+ This eliminates a memory leak from failing to release memory
+ allocated by libsetrans.
+
+1.29.1 2005-12-08
+ * Merged patch for swig interfaces from Dan Walsh.
+
+1.28 2005-12-07
+ * Updated version for release.
+
+1.27.28 2005-12-01
+ * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and
+ modified matchpathcon implementation to make context validation/
+ canonicalization optional at matchpathcon_init time, deferring it
+ to a successful matchpathcon by default unless the new flag is set
+ by the caller.
+
+1.27.27 2005-12-01
+ * Added matchpathcon_init_prefix() interface, and
+ reworked matchpathcon implementation to support selective
+ loading of file contexts entries based on prefix matching
+ between the pathname regex stems and the specified path
+ prefix (stem must be a prefix of the specified path prefix).
+
+1.27.26 2005-11-29
+ * Merged getsebool patch from Dan Walsh.
+
+1.27.25 2005-11-29
+ * Added -f file_contexts option to matchpathcon util.
+ Fixed warning message in matchpathcon_init().
+
+1.27.24 2005-11-29
+ * Merged Makefile python definitions patch from Dan Walsh.
+
+1.27.23 2005-11-28
+ * Merged swigify patch from Dan Walsh.
+
+1.27.22 2005-11-15
+ * Merged make failure in rpm_execcon non-fatal in permissive mode
+ patch from Ivan Gyurdiev.
+
+1.27.21 2005-11-08
+ * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags()
+ and modified matchpathcon_init() to skip context translation
+ if it is set by the caller.
+
+1.27.20 2005-11-07
+ * Added security_canonicalize_context() interface and
+ set_matchpathcon_canoncon() interface for obtaining
+ canonical contexts. Changed matchpathcon internals
+ to obtain canonical contexts by default. Provided
+ fallback for kernels that lack extended selinuxfs context
+ interface.
+
+1.27.19 2005-11-04
+ * Merged seusers parser changes from Ivan Gyurdiev.
+ * Merged setsebool to libsemanage patch from Ivan Gyurdiev.
+ * Changed seusers parser to reject empty fields.
+
+1.27.18 2005-11-03
+ * Merged seusers empty level handling patch from Jonathan Kim (TCS).
+
+1.27.17 2005-10-27
+ * Changed default entry for seusers to use __default__ to avoid
+ ambiguity with users named "default".
+
+1.27.16 2005-10-27
+ * Fixed init_selinux_config() handling of missing /etc/selinux/config
+ or missing SELINUXTYPE= definition.
+ * Merged selinux_translations_path() patch from Dan Walsh.
+
+1.27.15 2005-10-25
+ * Added hidden_proto/def for get_default_context_with_role.
+
+1.27.14 2005-10-25
+ * Merged selinux_path() and selinux_homedir_context_path()
+ functions from Joshua Brindle.
+
+1.27.13 2005-10-19
+ * Merged fixes for make DESTDIR= builds from Joshua Brindle.
+
+1.27.12 2005-10-18
+ * Merged get_default_context_with_rolelevel and man pages from
+ Dan Walsh (Red Hat).
+
+1.27.11 2005-10-18
+ * Updated call to sepol_policydb_to_image for sepol changes.
+
+1.27.10 2005-10-17
+ * Changed getseuserbyname to ignore empty lines and to handle
+ no matching entry in the same manner as no seusers file.
+
+1.27.9 2005-10-13
+ * Changed selinux_mkload_policy to try downgrading the
+ latest policy version available to the kernel-supported version.
+
+1.27.8 2005-10-11
+ * Changed selinux_mkload_policy to fall back to the maximum
+ policy version supported by libsepol if the kernel policy version
+ falls outside of the supported range.
+
+1.27.7 2005-10-06
+ * Changed getseuserbyname to fall back to the Linux username and
+ NULL level if seusers config file doesn't exist unless
+ REQUIRESEUSERS=1 is set in /etc/selinux/config.
+ * Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
+
+1.27.6 2005-10-06
+ * Added selinux_init_load_policy() function as an even higher level
+ interface for the initial policy load by /sbin/init. This obsoletes
+ the load_policy() function in the sysvinit-selinux.patch.
+
+1.27.5 2005-10-06
+ * Added selinux_mkload_policy() function as a higher level interface
+ for loading policy than the security_load_policy() interface.
+
+1.27.4 2005-10-05
+ * Merged fix for matchpathcon (regcomp error checking) from Johan
+ Fischer. Also added use of regerror to obtain the error string
+ for inclusion in the error message.
+
+1.27.3 2005-10-03
+ * Changed getseuserbyname to not require (and ignore if present)
+ the MLS level in seusers.conf if MLS is disabled, setting *level
+ to NULL in this case.
+
+1.27.2 2005-09-30
+ * Merged getseuserbyname patch from Dan Walsh.
+
+1.27.1 2005-09-19
+ * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
+ This allows file_contexts with MLS fields to be processed on
+ non-MLS-enabled systems with policies that are otherwise
+ identical (e.g. same type definitions).
+ * Merged get_ordered_context_list_with_level() function from
+ Dan Walsh, and added get_default_context_with_level().
+ This allows MLS level selection for users other than the
+ default level.
+
+1.26 2005-09-06
+ * Updated version for release.
+
+1.25.7 2005-09-01
+ * Merged modified form of patch to avoid dlopen/dlclose by
+ the static libselinux from Dan Walsh. Users of the static libselinux
+ will not have any context translation by default.
+
+1.25.6 2005-08-31
+ * Added public functions to export context translation to
+ users of libselinux (selinux_trans_to_raw_context,
+ selinux_raw_to_trans_context).
+
+1.25.5 2005-08-26
+ * Remove special definition for context_range_set; use
+ common code.
+
+1.25.4 2005-08-25
+ * Hid translation-related symbols entirely and ensured that
+ raw functions have hidden definitions for internal use.
+ * Allowed setting NULL via context_set* functions.
+ * Allowed whitespace in MLS component of context.
+ * Changed rpm_execcon to use translated functions to workaround
+ lack of MLS level on upgraded systems.
+
+1.25.3 2005-08-23
+ * Merged context translation patch, originally by TCS,
+ with modifications by Dan Walsh (Red Hat).
+
+1.25.2 2005-08-11
+ * Merged several fixes for error handling paths in the
+ AVC sidtab, matchpathcon, booleans, context, and get_context_list
+ code from Serge Hallyn (IBM). Bugs found by Coverity.
+
+1.25.1 2005-08-10
+ * Removed setupns; migrated to pam.
+ * Merged patches to rename checkPasswdAccess() from Joshua Brindle.
+ Original symbol is temporarily retained for compatibility until
+ all callers are updated.
+
+1.24 2005-06-20
+ * Updated version for release.
+
+1.23.12 2005-06-13
+ * Merged security_setupns() from Chad Sellers.
+
+1.23.11 2005-05-19
+ * Merged avcstat and selinux man page from Dan Walsh.
+ * Changed security_load_booleans to process booleans.local
+ even if booleans file doesn't exist.
+
+1.23.10 2005-04-29
+ * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
+
+1.23.9 2005-04-26
+ * Rewrote get_ordered_context_list and helpers, including
+ changing logic to allow variable MLS fields.
+
+1.23.8 2005-04-25
+ * Merged matchpathcon and man page patch from Dan Walsh.
+
+1.23.7 2005-04-12
+ * Changed boolean functions to return -1 with errno ENOENT
+ rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
+ mounted).
+
+1.23.6 2005-04-08
+ * Fixed bug in matchpathcon_filespec_destroy.
+
+1.23.5 2005-04-05
+ * Fixed bug in rpm_execcon error handling path.
+
+1.23.4 2005-04-04
+ * Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
+ * Merged fix for getconlist utility from Andreas Steinmetz.
+
+1.23.3 2005-03-29
+ * Merged security_set_boolean_list patch from Dan Walsh.
+ This introduces booleans.local support for setsebool.
+
+1.23.2 2005-03-17
+ * Merged destructors patch from Tomas Mraz.
+
+1.23.1 2005-03-16
+ * Added set_matchpathcon_flags() function for setting flags
+ controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
+ means only process the base file_contexts file, not
+ file_contexts.homedirs or file_contexts.local, and is for use by
+ setfiles -c.
+ * Updated matchpathcon.3 man page.
+
+1.22 2005-03-09
+ * Updated version for release.
+
+1.21.13 2005-03-08
+ * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
+
+1.21.12 2005-03-01
+ * Changed matchpathcon_common to ignore any non-format bits in the mode.
+
+1.21.11 2005-02-22
+ * Merged several fixes from Ulrich Drepper.
+
+1.21.10 2005-02-17
+ * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
+ * Added selinux_users_path() for path to directory containing
+ system.users and local.users.
+
+1.21.9 2005-02-09
+ * Changed relabel Makefile target to use restorecon.
+
+1.21.8 2005-02-07
+ * Regenerated av_permissions.h.
+
+1.21.7 2005-02-01
+ * Modified avc_dump_av to explicitly check for any permissions that
+ cannot be mapped to string names and display them as a hex value.
+
+1.21.6 2005-01-31
+ * Regenerated av_permissions.h.
+
+1.21.5 2005-01-28
+ * Generalized matchpathcon internals, exported more interfaces,
+ and moved additional code from setfiles into libselinux so that
+ setfiles can directly use matchpathcon.
+
+1.21.4 2005-01-27
+ * Prevent overflow of spec array in matchpathcon.
+
+1.21.3 2005-01-26
+ * Fixed several uses of internal functions to avoid relocations.
+ * Changed rpm_execcon to check is_selinux_enabled() and fallback to
+ a regular execve if not enabled (or unable to determine due to a lack
+ of /proc, e.g. chroot'd environment).
+
+
+1.21.2 2005-01-24
+ * Merged minor fix for avcstat from Dan Walsh.
+
+1.21.1 2005-01-19
+ * Merged patch from Dan Walsh, including:
+ - new is_context_customizable function
+ - changed matchpathcon to also use file_contexts.local if present
+ - man page cleanups
+
+1.20 2005-01-04
+ * Changed matchpathcon to return -1 with errno ENOENT for
+ <<none>> entries, and also for an empty file_contexts configuration.
+ * Removed some trivial utils that were not useful or redundant.
+ * Changed BINDIR default to /usr/sbin to match change in Fedora.
+ * Added security_compute_member.
+ * Added man page for setcon.
+ * Merged more man pages from Dan Walsh.
+ * Merged avcstat from James Morris.
+ * Merged build fix for mips from Manoj Srivastava.
+ * Merged C++ support from John Ramsdell of MITRE.
+ * Merged setcon() function from Darrel Goeddel of TCS.
+ * Merged setsebool/togglesebool enhancement from Steve Grubb.
+ * Merged cleanup patches from Steve Grubb.
+
+1.18 2004-11-01
+ * Merged cleanup patches from Steve Grubb.
+ * Added rpm_execcon.
+ * Merged setenforce and removable context patch from Dan Walsh.
+ * Merged build fix for alpha from Ulrich Drepper.
+ * Removed copyright/license from selinux_netlink.h - definitions only.
+ * Merged matchmediacon from Dan Walsh.
+ * Regenerated headers for new nscd permissions.
+ * Added get_default_context_with_role.
+ * Added set_matchpathcon_printf.
+ * Reworked av_inherit.h to allow easier re-use by kernel.
+ * Changed avc_has_perm_noaudit to not fail on netlink errors.
+ * Changed avc netlink code to check pid based on patch by Steve Grubb.
+ * Merged second optimization patch from Ulrich Drepper.
+ * Changed matchpathcon to skip invalid file_contexts entries.
+ * Made string tables private to libselinux.
+ * Merged strcat->stpcpy patch from Ulrich Drepper.
+ * Merged matchpathcon man page from Dan Walsh.
+ * Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
+ * Autobind netlink socket.
+ * Dropped compatibility code from security_compute_user.
+ * Merged fix for context_range_set from Chad Hanson.
+ * Merged allocation failure checking patch from Chad Hanson.
+ * Merged avc netlink error message patch from Colin Walters.
+
+1.16 2004-08-19
+ * Regenerated headers for nscd class.
+ * Merged man pages from Dan Walsh.
+ * Merged context_new bug fix for MLS ranges from Chad Hanson.
+ * Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
+ * Renamed change_bool and show_bools to setsebool and getsebool.
+ * Merged security_load_booleans() function from Dan Walsh.
+ * Added selinux_booleans_path() function.
+ * Changed avc_init function prototype to use const.
+ * Regenerated headers for crontab permission.
+ * Added checkAccess from Dan Walsh.
+ * Merged getenforce patch from Dan Walsh.
+ * Regenerated headers for dbus classes.
+
+1.14 2004-06-16
+ * Regenerated headers for fine-grained netlink classes.
+ * Merged selinux_config bug fix from Dan Walsh.
+ * Added userspace AVC man pages.
+ * Added man links for API calls to existing man pages documenting them.
+ * Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
+ * Merged patch to determine config file paths at runtime to support
+ reorganized layout.
+ * Regenerated flask headers with stable ordering.
+ * Merged patch for man pages from Russell Coker.
+
+1.12 2004-05-10
+ * Updated flask files to include new SE-X security classes.
+ * Added security_disable function for runtime disable of SELinux prior
+ to initial policy load (for /sbin/init).
+ * Changed get_ordered_context_list to omit any reachable contexts
+ that are not explicitly listed in default_contexts, unless there
+ are no matches.
+ * Merged man pages from Russell Coker and Dan Walsh.
+ * Merged memory leak fixes from Dan Walsh.
+ * Merged policyvers errno patch from Chris PeBenito.
+
+1.10 2004-04-05
+ * Merged getenforce patch from Dan Walsh.
+ * Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
+ the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
+ Based on a patch by Russell Coker.
+ * Merged matchpathcon buffer size fix from Dan Walsh.
+
+1.8 2004-03-09
+ * Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
+ * Added matchpathcon function.
+ * Updated userspace AVC to handle netlink selinux notifications.
+
+1.6 2004-02-18
+ * Merged conditional policy extensions from Tresys Technology.
+ * Added userspace avc and SID table implementation.
+ * Fixed type on size in getpeercon per Thorsten Kukuk's advice.
+ * Fixed use of getpwnam_r per Thorsten Kukuk's advice.
+ * Changed to use getpwnam_r rather than getpwnam internally to
+ avoid clobbering any existing pwd struct obtained by the caller.
+ * Added getpeercon function to encapsulate getsockopt SO_PEERSEC
+ and handle allocation ala getfilecon.
+ * Changed is_selinux_enabled to return -1 on errors.
+ * Changed to discover selinuxfs mount point via /proc/mounts
+ so that the mount point can be changed without rebuilding.
+
+1.4 2003-12-01
+ * Merged another cleanup patch from Bastian Blank and Joerg Hoh.
+ * Regenerate headers for new permissions.
+ * Merged static lib build patch from Bastian Blank and Joerg Hoh.
+ * Export SELINUXMNT definition, add SELINUXPOLICY definition.
+ * Add functions to provide access to enforce and policyvers.
+ * Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
+ * Fixed type for 'size' in *getfilecon.
+ * Dropped -lattr and changed #include's to <sys/xattr.h>
+ * Merged patch to move shared library to /lib from Dan Walsh.
+ * Changed get_ordered_context_list to support a failsafe context.
+ * Added selinuxenabled utility.
+ * Merged const patch from Thorsten Kukuk.
+
+1.2 2003-09-30
+ * Change is_selinux_enabled to fail if policy isn't loaded.
+ * Changed Makefiles to allow non-root rpm builds.
+ * Added -lattr for libselinux.so to ensure proper binding.
+
+1.1 2003-08-13
+ * Ensure that context strings are padded with a null byte
+ in case the kernel didn't include one.
+ * Regenerate headers, update helpers.c for code cleanup.
+ * Pass soname flag to linker (Colin Walters).
+ * Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
+
+1.0 2003-07-11
+ * Initial public release.
Deleted: tags/libselinux_1_30_28/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/libselinux_1_30_28/libselinux/VERSION 2006-09-13 15:14:00 UTC (rev 2029)
@@ -1 +0,0 @@
-1.30.27
Copied: tags/libselinux_1_30_28/libselinux/VERSION (from rev 2028, trunk/libselinux/VERSION)
===================================================================
--- tags/libselinux_1_30_28/libselinux/VERSION (rev 0)
+++ tags/libselinux_1_30_28/libselinux/VERSION 2006-09-13 15:14:00 UTC (rev 2029)
@@ -0,0 +1 @@
+1.30.28
Deleted: tags/libselinux_1_30_28/libselinux/src/setrans_client.c
===================================================================
--- trunk/libselinux/src/setrans_client.c 2006-09-05 14:57:13 UTC (rev 2026)
+++ tags/libselinux_1_30_28/libselinux/src/setrans_client.c 2006-09-13 15:14:00 UTC (rev 2029)
@@ -1,322 +0,0 @@
-/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-
-#include <errno.h>
-#include <stdlib.h>
-#include <netdb.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <unistd.h>
-#include "dso.h"
-#include "selinux_internal.h"
-#include "setrans_internal.h"
-
-static int mls_enabled = -1;
-
-// Simple cache
-static __thread security_context_t prev_t2r_trans = NULL;
-static __thread security_context_t prev_t2r_raw = NULL;
-static __thread security_context_t prev_r2t_trans = NULL;
-static __thread security_context_t prev_r2t_raw = NULL;
-
-int cache_trans hidden = 1;
-
-/*
- * setransd_open
- *
- * This function opens a socket to the setransd.
- * Returns: on success, a file descriptor ( >= 0 ) to the socket
- * on error, a negative value
- */
-static int setransd_open(void)
-{
- struct sockaddr_un addr;
- int fd;
-
- fd = socket(PF_UNIX, SOCK_STREAM, 0);
- if (fd < 0) {
- return -1;
- }
-
- memset(&addr, 0, sizeof(addr));
- addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, SETRANS_UNIX_SOCKET, sizeof(addr.sun_path));
- if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
- close(fd);
- return -1;
- }
-
- return fd;
-}
-
-/* Returns: 0 on success, <0 on failure */
-static int
-send_request(int fd, uint32_t function, const char *data1, const char *data2)
-{
- struct iovec req_hdr[3];
- uint32_t data1_size;
- uint32_t data2_size;
- struct iovec req_data[2];
- ssize_t count;
-
- if (fd < 0)
- return -1;
-
- if (!data1)
- data1 = "";
- if (!data2)
- data2 = "";
-
- data1_size = strlen(data1) + 1;
- data2_size = strlen(data2) + 1;
-
- req_hdr[0].iov_base = &function;
- req_hdr[0].iov_len = sizeof(function);
- req_hdr[1].iov_base = &data1_size;
- req_hdr[1].iov_len = sizeof(data1_size);
- req_hdr[2].iov_base = &data2_size;
- req_hdr[2].iov_len = sizeof(data2_size);
-
- while (((count = writev(fd, req_hdr, 3)) < 0) && (errno == EINTR)) ;
- if (count != (sizeof(function) + sizeof(data1_size) +
- sizeof(data2_size))) {
- return -1;
- }
-
- req_data[0].iov_base = (char *)data1;
- req_data[0].iov_len = data1_size;
- req_data[1].iov_base = (char *)data2;
- req_data[1].iov_len = data2_size;
-
- while (((count = writev(fd, req_data, 2)) < 0) && (errno == EINTR)) ;
- if (count < 0 || (uint32_t) count != (data1_size + data2_size)) {
- return -1;
- }
-
- return 0;
-}
-
-/* Returns: 0 on success, <0 on failure */
-static int
-receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
-{
- struct iovec resp_hdr[3];
- uint32_t func;
- uint32_t data_size;
- char *data;
- struct iovec resp_data;
- ssize_t count;
-
- if (fd < 0)
- return -1;
-
- resp_hdr[0].iov_base = &func;
- resp_hdr[0].iov_len = sizeof(func);
- resp_hdr[1].iov_base = &data_size;
- resp_hdr[1].iov_len = sizeof(data_size);
- resp_hdr[2].iov_base = ret_val;
- resp_hdr[2].iov_len = sizeof(*ret_val);
-
- while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR)) ;
- if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
- return -1;
- }
-
- if (func != function || !data_size || data_size > MAX_DATA_BUF) {
- return -1;
- }
-
- data = malloc(data_size);
- if (!data) {
- return -1;
- }
-
- resp_data.iov_base = data;
- resp_data.iov_len = data_size;
-
- while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR)) ;
- if (count < 0 || (uint32_t) count != data_size ||
- data[data_size - 1] != '\0') {
- free(data);
- return -1;
- }
- *outdata = data;
- return 0;
-}
-
-static int raw_to_trans_context(char *raw, char **transp)
-{
- int ret;
- int32_t ret_val;
- int fd;
-
- *transp = NULL;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
-
- ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
- if (ret)
- goto out;
-
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-static int trans_to_raw_context(char *trans, char **rawp)
-{
- int ret;
- int32_t ret_val;
- int fd;
-
- *rawp = NULL;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
- ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
- if (ret)
- goto out;
-
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-hidden void fini_context_translations(void)
-{
- if (cache_trans) {
- free(prev_r2t_trans);
- free(prev_r2t_raw);
- free(prev_t2r_trans);
- free(prev_t2r_raw);
- }
-}
-
-hidden int init_context_translations(void)
-{
- int ret, fd;
- int32_t ret_val;
- char *out = NULL;
-
- mls_enabled = is_selinux_mls_enabled();
- if (!mls_enabled)
- return 0;
-
- fd = setransd_open();
- if (fd < 0)
- return fd;
-
- ret = send_request(fd, SETRANS_INIT, NULL, NULL);
- if (ret)
- goto out;
-
- ret = receive_response(fd, SETRANS_INIT, &out, &ret_val);
- free(out);
- if (!ret)
- ret = ret_val;
- out:
- close(fd);
- return ret;
-}
-
-int selinux_trans_to_raw_context(security_context_t trans,
- security_context_t * rawp)
-{
- if (!trans) {
- *rawp = NULL;
- return 0;
- }
-
- if (!mls_enabled) {
- *rawp = strdup(trans);
- goto out;
- }
-
- if (cache_trans) {
- if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
- *rawp = strdup(prev_t2r_raw);
- } else {
- free(prev_t2r_trans);
- prev_t2r_trans = NULL;
- free(prev_t2r_raw);
- prev_t2r_raw = NULL;
- if (trans_to_raw_context(trans, rawp))
- *rawp = strdup(trans);
- if (*rawp) {
- prev_t2r_trans = strdup(trans);
- if (!prev_t2r_trans)
- goto out;
- prev_t2r_raw = strdup(*rawp);
- if (!prev_t2r_raw) {
- free(prev_t2r_trans);
- prev_t2r_trans = NULL;
- }
- }
- }
- } else if (trans_to_raw_context(trans, rawp))
- *rawp = strdup(trans);
- out:
- return *rawp ? 0 : -1;
-}
-
-hidden_def(selinux_trans_to_raw_context)
-
-int selinux_raw_to_trans_context(security_context_t raw,
- security_context_t * transp)
-{
- if (!raw) {
- *transp = NULL;
- return 0;
- }
-
- if (!mls_enabled) {
- *transp = strdup(raw);
- goto out;
- }
-
- if (cache_trans) {
- if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
- *transp = strdup(prev_r2t_trans);
- } else {
- free(prev_r2t_raw);
- prev_r2t_raw = NULL;
- free(prev_r2t_trans);
- prev_r2t_trans = NULL;
- if (raw_to_trans_context(raw, transp))
- *transp = strdup(raw);
- if (*transp) {
- prev_r2t_raw = strdup(raw);
- if (!prev_r2t_raw)
- goto out;
- prev_r2t_trans = strdup(*transp);
- if (!prev_r2t_trans) {
- free(prev_r2t_raw);
- prev_r2t_raw = NULL;
- }
- }
- }
- } else if (raw_to_trans_context(raw, transp))
- *transp = strdup(raw);
- out:
- return *transp ? 0 : -1;
-}
-
-hidden_def(selinux_raw_to_trans_context)
Copied: tags/libselinux_1_30_28/libselinux/src/setrans_client.c (from rev 2027, trunk/libselinux/src/setrans_client.c)
===================================================================
--- tags/libselinux_1_30_28/libselinux/src/setrans_client.c (rev 0)
+++ tags/libselinux_1_30_28/libselinux/src/setrans_client.c 2006-09-13 15:14:00 UTC (rev 2029)
@@ -0,0 +1,322 @@
+/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+#include <stdlib.h>
+#include <netdb.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "dso.h"
+#include "selinux_internal.h"
+#include "setrans_internal.h"
+
+static int mls_enabled = -1;
+
+// Simple cache
+static __thread security_context_t prev_t2r_trans = NULL;
+static __thread security_context_t prev_t2r_raw = NULL;
+static __thread security_context_t prev_r2t_trans = NULL;
+static __thread security_context_t prev_r2t_raw = NULL;
+
+int cache_trans hidden = 1;
+
+/*
+ * setransd_open
+ *
+ * This function opens a socket to the setransd.
+ * Returns: on success, a file descriptor ( >= 0 ) to the socket
+ * on error, a negative value
+ */
+static int setransd_open(void)
+{
+ struct sockaddr_un addr;
+ int fd;
+
+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ if (fd < 0) {
+ return -1;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, SETRANS_UNIX_SOCKET, sizeof(addr.sun_path));
+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
+ close(fd);
+ return -1;
+ }
+
+ return fd;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+send_request(int fd, uint32_t function, const char *data1, const char *data2)
+{
+ struct msghdr msgh;
+ struct iovec iov[5];
+ uint32_t data1_size;
+ uint32_t data2_size;
+ ssize_t count, expected;
+ unsigned int i;
+
+ if (fd < 0)
+ return -1;
+
+ if (!data1)
+ data1 = "";
+ if (!data2)
+ data2 = "";
+
+ data1_size = strlen(data1) + 1;
+ data2_size = strlen(data2) + 1;
+
+ iov[0].iov_base = &function;
+ iov[0].iov_len = sizeof(function);
+ iov[1].iov_base = &data1_size;
+ iov[1].iov_len = sizeof(data1_size);
+ iov[2].iov_base = &data2_size;
+ iov[2].iov_len = sizeof(data2_size);
+ iov[3].iov_base = (char *)data1;
+ iov[3].iov_len = data1_size;
+ iov[4].iov_base = (char *)data2;
+ iov[4].iov_len = data2_size;
+ memset(&msgh, 0, sizeof(msgh));
+ msgh.msg_iov = iov;
+ msgh.msg_iovlen = sizeof(iov)/sizeof(iov[0]);
+
+ expected = 0;
+ for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++)
+ expected += iov[i].iov_len;
+
+ while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0) && (errno == EINTR)) ;
+ if (count < 0 || count != expected)
+ return -1;
+
+ return 0;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
+{
+ struct iovec resp_hdr[3];
+ uint32_t func;
+ uint32_t data_size;
+ char *data;
+ struct iovec resp_data;
+ ssize_t count;
+
+ if (fd < 0)
+ return -1;
+
+ resp_hdr[0].iov_base = &func;
+ resp_hdr[0].iov_len = sizeof(func);
+ resp_hdr[1].iov_base = &data_size;
+ resp_hdr[1].iov_len = sizeof(data_size);
+ resp_hdr[2].iov_base = ret_val;
+ resp_hdr[2].iov_len = sizeof(*ret_val);
+
+ while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR)) ;
+ if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
+ return -1;
+ }
+
+ if (func != function || !data_size || data_size > MAX_DATA_BUF) {
+ return -1;
+ }
+
+ data = malloc(data_size);
+ if (!data) {
+ return -1;
+ }
+
+ resp_data.iov_base = data;
+ resp_data.iov_len = data_size;
+
+ while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR)) ;
+ if (count < 0 || (uint32_t) count != data_size ||
+ data[data_size - 1] != '\0') {
+ free(data);
+ return -1;
+ }
+ *outdata = data;
+ return 0;
+}
+
+static int raw_to_trans_context(char *raw, char **transp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *transp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+
+ ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+static int trans_to_raw_context(char *trans, char **rawp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *rawp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+ ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden void fini_context_translations(void)
+{
+ if (cache_trans) {
+ free(prev_r2t_trans);
+ free(prev_r2t_raw);
+ free(prev_t2r_trans);
+ free(prev_t2r_raw);
+ }
+}
+
+hidden int init_context_translations(void)
+{
+ int ret, fd;
+ int32_t ret_val;
+ char *out = NULL;
+
+ mls_enabled = is_selinux_mls_enabled();
+ if (!mls_enabled)
+ return 0;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+
+ ret = send_request(fd, SETRANS_INIT, NULL, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, SETRANS_INIT, &out, &ret_val);
+ free(out);
+ if (!ret)
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+int selinux_trans_to_raw_context(security_context_t trans,
+ security_context_t * rawp)
+{
+ if (!trans) {
+ *rawp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *rawp = strdup(trans);
+ goto out;
+ }
+
+ if (cache_trans) {
+ if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
+ *rawp = strdup(prev_t2r_raw);
+ } else {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ free(prev_t2r_raw);
+ prev_t2r_raw = NULL;
+ if (trans_to_raw_context(trans, rawp))
+ *rawp = strdup(trans);
+ if (*rawp) {
+ prev_t2r_trans = strdup(trans);
+ if (!prev_t2r_trans)
+ goto out;
+ prev_t2r_raw = strdup(*rawp);
+ if (!prev_t2r_raw) {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ }
+ }
+ }
+ } else if (trans_to_raw_context(trans, rawp))
+ *rawp = strdup(trans);
+ out:
+ return *rawp ? 0 : -1;
+}
+
+hidden_def(selinux_trans_to_raw_context)
+
+int selinux_raw_to_trans_context(security_context_t raw,
+ security_context_t * transp)
+{
+ if (!raw) {
+ *transp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *transp = strdup(raw);
+ goto out;
+ }
+
+ if (cache_trans) {
+ if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
+ *transp = strdup(prev_r2t_trans);
+ } else {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ free(prev_r2t_trans);
+ prev_r2t_trans = NULL;
+ if (raw_to_trans_context(raw, transp))
+ *transp = strdup(raw);
+ if (*transp) {
+ prev_r2t_raw = strdup(raw);
+ if (!prev_r2t_raw)
+ goto out;
+ prev_r2t_trans = strdup(*transp);
+ if (!prev_r2t_trans) {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ }
+ }
+ }
+ } else if (raw_to_trans_context(raw, transp))
+ *transp = strdup(raw);
+ out:
+ return *transp ? 0 : -1;
+}
+
+hidden_def(selinux_raw_to_trans_context)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-13 15:12:38
|
Revision: 2028
http://svn.sourceforge.net/selinux/?rev=2028&view=rev
Author: madmethod
Date: 2006-09-13 08:12:33 -0700 (Wed, 13 Sep 2006)
Log Message:
-----------
version bump from last commit
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2006-09-13 15:11:00 UTC (rev 2027)
+++ trunk/libselinux/ChangeLog 2006-09-13 15:12:33 UTC (rev 2028)
@@ -1,3 +1,6 @@
+1.30.28 2006-09-13
+ * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client
+
1.30.27 2006-08-24
* Merged patch to not log avc stats upon a reset from Steve Grubb.
* Applied patch to revert compat_net setting upon policy load.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2006-09-13 15:11:00 UTC (rev 2027)
+++ trunk/libselinux/VERSION 2006-09-13 15:12:33 UTC (rev 2028)
@@ -1 +1 @@
-1.30.27
+1.30.28
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <mad...@us...> - 2006-09-13 15:11:06
|
Revision: 2027
http://svn.sourceforge.net/selinux/?rev=2027&view=rev
Author: madmethod
Date: 2006-09-13 08:11:00 -0700 (Wed, 13 Sep 2006)
Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: Latest policycoreutils patch
Date: Fri, 08 Sep 2006 16:25:16 -0400
On Fri, 2006-09-08 at 12:37 -0400, Daniel J Walsh wrote:
> Stephen Smalley wrote:
> > On Thu, 2006-09-07 at 09:31 -0400, Daniel J Walsh wrote:
> >
> >> Have newrole ignore sigpipe so it gives correct error message when
> >> flooded with 4000 character security context.
> >>
> >
> > I'm a little unclear on this one, although I did find a bug report about
> > it (which would be helpful to identify in the patch posting in the
> > future when it applies for easy reference), at
> > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203801
> >
> > If I read that one correctly, the SIGPIPE is actually happening when
> > libselinux tries to write the context to the setrans socket, because the
> > daemon is dropping the connection immediately upon getting the header
> > with such a large length (more generally, any failure in the daemon
> > before reading the entire request could lead to this). So that could
> > affect any user of libselinux, not just newrole, right?
> >
> > Looking around a bit, I see that if we changed the use of writev() in
> > libselinux to instead use sendmsg() with an explicit MSG_NOSIGNAL flag,
> > we could avoid having such failures generate SIGPIPE altogether. Then
> > we would just get an error return and have the usual fallback handling.
> >
> That sounds like a better solution.
Possible patch below. Changes:
1) Collect up the entire request into a single msg and send it once.
2) Use sendmsg with MSG_NOSIGNAL rather than writev.
Acked-By: Joshua Brindle <jbr...@tr...>
Modified Paths:
--------------
trunk/libselinux/src/setrans_client.c
Modified: trunk/libselinux/src/setrans_client.c
===================================================================
--- trunk/libselinux/src/setrans_client.c 2006-09-05 14:57:13 UTC (rev 2026)
+++ trunk/libselinux/src/setrans_client.c 2006-09-13 15:11:00 UTC (rev 2027)
@@ -58,11 +58,12 @@
static int
send_request(int fd, uint32_t function, const char *data1, const char *data2)
{
- struct iovec req_hdr[3];
+ struct msghdr msgh;
+ struct iovec iov[5];
uint32_t data1_size;
uint32_t data2_size;
- struct iovec req_data[2];
- ssize_t count;
+ ssize_t count, expected;
+ unsigned int i;
if (fd < 0)
return -1;
@@ -75,28 +76,27 @@
data1_size = strlen(data1) + 1;
data2_size = strlen(data2) + 1;
- req_hdr[0].iov_base = &function;
- req_hdr[0].iov_len = sizeof(function);
- req_hdr[1].iov_base = &data1_size;
- req_hdr[1].iov_len = sizeof(data1_size);
- req_hdr[2].iov_base = &data2_size;
- req_hdr[2].iov_len = sizeof(data2_size);
+ iov[0].iov_base = &function;
+ iov[0].iov_len = sizeof(function);
+ iov[1].iov_base = &data1_size;
+ iov[1].iov_len = sizeof(data1_size);
+ iov[2].iov_base = &data2_size;
+ iov[2].iov_len = sizeof(data2_size);
+ iov[3].iov_base = (char *)data1;
+ iov[3].iov_len = data1_size;
+ iov[4].iov_base = (char *)data2;
+ iov[4].iov_len = data2_size;
+ memset(&msgh, 0, sizeof(msgh));
+ msgh.msg_iov = iov;
+ msgh.msg_iovlen = sizeof(iov)/sizeof(iov[0]);
- while (((count = writev(fd, req_hdr, 3)) < 0) && (errno == EINTR)) ;
- if (count != (sizeof(function) + sizeof(data1_size) +
- sizeof(data2_size))) {
- return -1;
- }
+ expected = 0;
+ for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++)
+ expected += iov[i].iov_len;
- req_data[0].iov_base = (char *)data1;
- req_data[0].iov_len = data1_size;
- req_data[1].iov_base = (char *)data2;
- req_data[1].iov_len = data2_size;
-
- while (((count = writev(fd, req_data, 2)) < 0) && (errno == EINTR)) ;
- if (count < 0 || (uint32_t) count != (data1_size + data2_size)) {
+ while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0) && (errno == EINTR)) ;
+ if (count < 0 || count != expected)
return -1;
- }
return 0;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
