Menu
▾
▴
selinux-commits
|
From: <mad...@us...> - 2007-01-08 20:32:34
|
Revision: 2155
http://svn.sourceforge.net/selinux/?rev=2155&view=rev
Author: madmethod
Date: 2007-01-08 12:32:26 -0800 (Mon, 08 Jan 2007)
Log Message:
-----------
This patch adds two options to the semanage config file to control whether the previous module directory and linked module are saved after a successful commit to the policy store. The default is to delete both.
On my system this reduces the size of the module directory from 78mb to 22mb.
Signed-off-by: Karl MacMillan <kma...@me...>
Acked-By: Joshua Brindle <jbr...@tr...>
Modified Paths:
--------------
trunk/libsemanage/src/conf-parse.y
trunk/libsemanage/src/conf-scan.l
trunk/libsemanage/src/direct_api.c
trunk/libsemanage/src/semanage_conf.h
trunk/libsemanage/src/semanage_store.c
Modified: trunk/libsemanage/src/conf-parse.y
===================================================================
--- trunk/libsemanage/src/conf-parse.y 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/conf-parse.y 2007-01-08 20:32:26 UTC (rev 2155)
@@ -56,7 +56,7 @@
char *s;
}
-%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
+%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED
%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
%token PROG_PATH PROG_ARGS
@@ -78,6 +78,8 @@
| version
| expand_check
| file_mode
+ | save_previous
+ | save_linked
;
module_store: MODULE_STORE '=' ARG {
@@ -112,6 +114,30 @@
}
;
+save_previous: SAVE_PREVIOUS '=' ARG {
+ if (strcasecmp($3, "true") == 0)
+ current_conf->save_previous = 1;
+ else if (strcasecmp($3, "false") == 0)
+ current_conf->save_previous = 0;
+ else {
+ yyerror("save-previous can only be 'true' or 'false'");
+ }
+ }
+ ;
+
+
+save_linked: SAVE_LINKED '=' ARG {
+ if (strcasecmp($3, "true") == 0)
+ current_conf->save_linked = 1;
+ else if (strcasecmp($3, "false") == 0)
+ current_conf->save_linked = 0;
+ else {
+ yyerror("save-linked can only be 'true' or 'false'");
+ }
+ }
+ ;
+
+
command_block:
command_start external_opts BLOCK_END {
if (new_external->path == NULL) {
@@ -187,6 +213,9 @@
conf->expand_check = 1;
conf->file_mode = 0644;
+ conf->save_previous = 0;
+ conf->save_linked = 0;
+
if ((conf->load_policy =
calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) {
return -1;
@@ -284,6 +313,7 @@
int semanage_error(char *msg)
{
+ fprintf(stderr, "error parsing semanage configuration file: %s\n", msg);
parse_errors++;
return 0;
}
Modified: trunk/libsemanage/src/conf-scan.l
===================================================================
--- trunk/libsemanage/src/conf-scan.l 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/conf-scan.l 2007-01-08 20:32:26 UTC (rev 2155)
@@ -42,6 +42,8 @@
policy-version return VERSION;
expand-check return EXPAND_CHECK;
file-mode return FILE_MODE;
+save-previous return SAVE_PREVIOUS;
+save-linked return SAVE_LINKED;
"[load_policy]" return LOAD_POLICY_START;
"[setfiles]" return SETFILES_START;
"[genhomedircon]" return GENHOMEDIRCON_START;
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/direct_api.c 2007-01-08 20:32:26 UTC (rev 2155)
@@ -509,18 +509,38 @@
if (retval < 0)
goto cleanup;
- /* write the linked base */
+ /* write the linked base if we want to save or we have a
+ * verification program that wants it. */
linked_filename = semanage_path(SEMANAGE_TMP, SEMANAGE_LINKED);
if (linked_filename == NULL) {
retval = -1;
goto cleanup;
}
- retval = semanage_write_module(sh, linked_filename, base);
- if (retval < 0)
- goto cleanup;
- retval = semanage_verify_linked(sh);
- if (retval < 0)
- goto cleanup;
+ if (sh->conf->save_linked || sh->conf->linked_prog) {
+ retval = semanage_write_module(sh, linked_filename, base);
+ if (retval < 0)
+ goto cleanup;
+ retval = semanage_verify_linked(sh);
+ if (retval < 0)
+ goto cleanup;
+ /* remove the linked policy if we only wrote it for the
+ * verification program. */
+ if (!sh->conf->save_linked) {
+ retval = unlink(linked_filename);
+ if (retval < 0) {
+ ERR(sh, "could not remove linked base %s",
+ linked_filename);
+ goto cleanup;
+ }
+ }
+ } else {
+ /* Try to delete the linked copy - this is needed if
+ * the save_link option has changed to prevent the
+ * old linked copy from being copied forever. No error
+ * checking is done because this is likely to fail because
+ * the file does not exist - which is not an error. */
+ unlink(linked_filename);
+ }
/* ==================== File-backed ================== */
Modified: trunk/libsemanage/src/semanage_conf.h
===================================================================
--- trunk/libsemanage/src/semanage_conf.h 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/semanage_conf.h 2007-01-08 20:32:26 UTC (rev 2155)
@@ -35,6 +35,8 @@
int server_port;
int policyvers; /* version for server generated policies */
int expand_check;
+ int save_previous;
+ int save_linked;
mode_t file_mode;
struct external_prog *load_policy;
struct external_prog *setfiles;
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-01-08 20:30:28 UTC (rev 2154)
+++ trunk/libsemanage/src/semanage_store.c 2007-01-08 20:32:26 UTC (rev 2155)
@@ -1224,6 +1224,14 @@
goto cleanup;
}
+ if (!sh->conf->save_previous) {
+ retval = semanage_remove_directory(backup);
+ if (retval < 0) {
+ ERR(sh, "Could not delete previous directory %s.", backup);
+ goto cleanup;
+ }
+ }
+
cleanup:
semanage_release_active_lock(sh);
return retval;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-02-20 13:36:25
|
Revision: 2236
http://svn.sourceforge.net/selinux/?rev=2236&view=rev
Author: ssmalley
Date: 2007-02-20 05:36:14 -0800 (Tue, 20 Feb 2007)
Log Message:
-----------
Author: Caleb Case
Email: cc...@tr...
Subject: libsemanage: function name consistency change for semanage_get_commit_number
Date: Tue, 6 Feb 2007 11:26:32 -0500
All functions used in the callback structs have the same ending as the functions they call. semanage_get_commit_number was the one exception and has been changed to semanage_direct_get_serial.
Modified Paths:
--------------
trunk/libsemanage/src/direct_api.c
trunk/libsemanage/src/semanage_store.c
trunk/libsemanage/src/semanage_store.h
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-02-20 13:34:09 UTC (rev 2235)
+++ trunk/libsemanage/src/direct_api.c 2007-02-20 13:36:14 UTC (rev 2236)
@@ -65,7 +65,7 @@
int *num_modules);
static struct semanage_policy_table direct_funcs = {
- .get_serial = semanage_get_commit_number,
+ .get_serial = semanage_direct_get_serial,
.destroy = semanage_direct_destroy,
.disconnect = semanage_direct_disconnect,
.begin_trans = semanage_direct_begintrans,
@@ -911,7 +911,7 @@
goto cleanup;
}
if (num_mod_files == 0) {
- retval = semanage_get_commit_number(sh);
+ retval = semanage_direct_get_serial(sh);
goto cleanup;
}
@@ -954,7 +954,7 @@
free(version);
}
}
- retval = semanage_get_commit_number(sh);
+ retval = semanage_direct_get_serial(sh);
cleanup:
sepol_policy_file_free(pf);
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-02-20 13:34:09 UTC (rev 2235)
+++ trunk/libsemanage/src/semanage_store.c 2007-02-20 13:36:14 UTC (rev 2236)
@@ -1151,7 +1151,7 @@
struct stat buf;
/* update the commit number */
- if ((commit_number = semanage_get_commit_number(sh)) < 0) {
+ if ((commit_number = semanage_direct_get_serial(sh)) < 0) {
return -1;
}
commit_number++;
@@ -1412,7 +1412,7 @@
/* Read the current commit number from the commit number file which
* the handle is pointing, resetting the file pointer afterwards.
* Return it (a non-negative number), or -1 on error. */
-int semanage_get_commit_number(semanage_handle_t * sh)
+int semanage_direct_get_serial(semanage_handle_t * sh)
{
char buf[32];
int fd, commit_number;
Modified: trunk/libsemanage/src/semanage_store.h
===================================================================
--- trunk/libsemanage/src/semanage_store.h 2007-02-20 13:34:09 UTC (rev 2235)
+++ trunk/libsemanage/src/semanage_store.h 2007-02-20 13:36:14 UTC (rev 2236)
@@ -89,7 +89,7 @@
int semanage_get_active_lock(semanage_handle_t * sh);
void semanage_release_trans_lock(semanage_handle_t * sh);
void semanage_release_active_lock(semanage_handle_t * sh);
-int semanage_get_commit_number(semanage_handle_t * sh);
+int semanage_direct_get_serial(semanage_handle_t * sh);
int semanage_link_sandbox(semanage_handle_t * sh,
sepol_module_package_t ** base);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-04-24 20:19:27
|
Revision: 2370
http://svn.sourceforge.net/selinux/?rev=2370&view=rev
Author: ssmalley
Date: 2007-04-24 13:19:26 -0700 (Tue, 24 Apr 2007)
Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: libsemanage: some optimizations
Date: Thu, 19 Apr 2007 14:27:28 -0400
>From the earlier discussion of why setsebool was doing so much work even when
only setting active booleans, I experimented with the two optimizations below.
I have since concluded that setsebool should not use semanage at all for non-persistent
boolean changes (see next patch), but I still think these may be helpful in reducing
extraneous work there.
Two optimizations for libsemanage:
- do not set all booleans upon commit, only those whose values have changed,
- only install the sandbox upon commit if something was rebuilt
Modified Paths:
--------------
trunk/libsemanage/src/booleans_activedb.c
trunk/libsemanage/src/direct_api.c
Modified: trunk/libsemanage/src/booleans_activedb.c
===================================================================
--- trunk/libsemanage/src/booleans_activedb.c 2007-04-24 20:16:42 UTC (rev 2369)
+++ trunk/libsemanage/src/booleans_activedb.c 2007-04-24 20:19:26 UTC (rev 2370)
@@ -92,8 +92,10 @@
{
SELboolean *blist = NULL;
+ const char *name;
unsigned int bcount = 0;
unsigned int i;
+ int curvalue, newvalue;
/* Allocate a sufficiently large array */
blist = malloc(sizeof(SELboolean) * count);
@@ -102,11 +104,18 @@
/* Populate array */
for (i = 0; i < count; i++) {
- blist[i].name = strdup(semanage_bool_get_name(booleans[i]));
+ name = semanage_bool_get_name(booleans[i]);
+ if (!name)
+ goto omem;
+ newvalue = semanage_bool_get_value(booleans[i]);
+ curvalue = security_get_boolean_active(name);
+ if (newvalue == curvalue)
+ continue;
+ blist[bcount].name = strdup(name);
+ if (blist[bcount].name == NULL)
+ goto omem;
+ blist[bcount].value = newvalue;
bcount++;
- if (blist[i].name == NULL)
- goto omem;
- blist[i].value = semanage_bool_get_value(booleans[i]);
}
/* Commit */
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-04-24 20:16:42 UTC (rev 2369)
+++ trunk/libsemanage/src/direct_api.c 2007-04-24 20:19:26 UTC (rev 2370)
@@ -699,7 +699,9 @@
if (retval < 0)
goto cleanup;
- retval = semanage_install_sandbox(sh);
+ if (sh->do_rebuild || modified) {
+ retval = semanage_install_sandbox(sh);
+ }
cleanup:
for (i = 0; mod_filenames != NULL && i < num_modfiles; i++) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-08-23 14:43:36
|
Revision: 2530
http://selinux.svn.sourceforge.net/selinux/?rev=2530&view=rev
Author: ssmalley
Date: 2007-08-23 07:43:35 -0700 (Thu, 23 Aug 2007)
Log Message:
-----------
Author: tm...@tr...
Email: tm...@tr...
Subject: libsemanage: genhomedircon enable/disable GHDC
Date: Tue, 21 Aug 2007 15:10:47 -0400
This patch allows the user to disable genhomedircon by adding
"disable-genhomedircon = true" to /etc/selinux/semanage.conf
It also eliminates the [genhomedircon] section from semanage.conf
Modified Paths:
--------------
trunk/libsemanage/src/conf-parse.y
trunk/libsemanage/src/conf-scan.l
trunk/libsemanage/src/semanage_conf.h
trunk/libsemanage/src/semanage_store.c
Modified: trunk/libsemanage/src/conf-parse.y
===================================================================
--- trunk/libsemanage/src/conf-parse.y 2007-08-23 14:43:09 UTC (rev 2529)
+++ trunk/libsemanage/src/conf-parse.y 2007-08-23 14:43:35 UTC (rev 2530)
@@ -57,7 +57,7 @@
}
%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED
-%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
+%token LOAD_POLICY_START SETFILES_START DISABLE_GENHOMEDIRCON
%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
%token PROG_PATH PROG_ARGS
%token <s> ARG
@@ -80,6 +80,7 @@
| file_mode
| save_previous
| save_linked
+ | disable_genhomedircon
;
module_store: MODULE_STORE '=' ARG {
@@ -137,6 +138,16 @@
}
;
+disable_genhomedircon: DISABLE_GENHOMEDIRCON '=' ARG {
+ if (strcasecmp($3, "false") == 0) {
+ current_conf->disable_genhomedircon = 0;
+ } else if (strcasecmp($3, "true") == 0) {
+ current_conf->disable_genhomedircon = 1;
+ } else {
+ yyerror("disable-genhomedircon can only be 'true' or 'false'");
+ }
+ free($3);
+ }
command_block:
command_start external_opts BLOCK_END {
@@ -164,14 +175,6 @@
YYABORT;
}
}
- | GENHOMEDIRCON_START {
- semanage_conf_external_prog_destroy(current_conf->genhomedircon);
- current_conf->genhomedircon = NULL;
- if (new_external_prog(¤t_conf->genhomedircon) == -1) {
- parse_errors++;
- YYABORT;
- }
- }
;
verify_block: verify_start external_opts BLOCK_END {
@@ -239,16 +242,6 @@
return -1;
}
- if ((conf->genhomedircon =
- calloc(1, sizeof(*(current_conf->genhomedircon)))) == NULL) {
- return -1;
- }
- if ((conf->genhomedircon->path =
- strdup("/usr/sbin/genhomedircon")) == NULL
- || (conf->genhomedircon->args = strdup("-t $@")) == NULL) {
- return -1;
- }
-
return 0;
}
@@ -303,7 +296,6 @@
free(conf->store_path);
semanage_conf_external_prog_destroy(conf->load_policy);
semanage_conf_external_prog_destroy(conf->setfiles);
- semanage_conf_external_prog_destroy(conf->genhomedircon);
semanage_conf_external_prog_destroy(conf->mod_prog);
semanage_conf_external_prog_destroy(conf->linked_prog);
semanage_conf_external_prog_destroy(conf->kernel_prog);
Modified: trunk/libsemanage/src/conf-scan.l
===================================================================
--- trunk/libsemanage/src/conf-scan.l 2007-08-23 14:43:09 UTC (rev 2529)
+++ trunk/libsemanage/src/conf-scan.l 2007-08-23 14:43:35 UTC (rev 2530)
@@ -44,9 +44,9 @@
file-mode return FILE_MODE;
save-previous return SAVE_PREVIOUS;
save-linked return SAVE_LINKED;
+disable-genhomedircon return DISABLE_GENHOMEDIRCON;
"[load_policy]" return LOAD_POLICY_START;
"[setfiles]" return SETFILES_START;
-"[genhomedircon]" return GENHOMEDIRCON_START;
"[verify module]" return VERIFY_MOD_START;
"[verify linked]" return VERIFY_LINKED_START;
"[verify kernel]" return VERIFY_KERNEL_START;
Modified: trunk/libsemanage/src/semanage_conf.h
===================================================================
--- trunk/libsemanage/src/semanage_conf.h 2007-08-23 14:43:09 UTC (rev 2529)
+++ trunk/libsemanage/src/semanage_conf.h 2007-08-23 14:43:35 UTC (rev 2530)
@@ -37,10 +37,10 @@
int expand_check;
int save_previous;
int save_linked;
+ int disable_genhomedircon;
mode_t file_mode;
struct external_prog *load_policy;
struct external_prog *setfiles;
- struct external_prog *genhomedircon;
struct external_prog *mod_prog, *linked_prog, *kernel_prog;
} semanage_conf_t;
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-08-23 14:43:09 UTC (rev 2529)
+++ trunk/libsemanage/src/semanage_store.c 2007-08-23 14:43:35 UTC (rev 2530)
@@ -1062,11 +1062,13 @@
goto cleanup;
}
- snprintf(store_fc_hd, PATH_MAX, "%s%s", storepath, running_fc_hd);
- if (semanage_copy_file(active_fc_hd, store_fc_hd, sh->conf->file_mode)
- == -1) {
- ERR(sh, "Could not copy %s to %s.", active_fc_hd, store_fc_hd);
- goto cleanup;
+ if (!sh->conf->disable_genhomedircon) {
+ snprintf(store_fc_hd, PATH_MAX, "%s%s", storepath, running_fc_hd);
+ if (semanage_copy_file(active_fc_hd, store_fc_hd, sh->conf->file_mode)
+ == -1) {
+ ERR(sh, "Could not copy %s to %s.", active_fc_hd, store_fc_hd);
+ goto cleanup;
+ }
}
snprintf(store_fc, PATH_MAX, "%s%s", storepath, running_fc);
@@ -1268,12 +1270,16 @@
ERR(sh, "No setfiles program specified in configuration file.");
goto cleanup;
}
-
- if ((retval =
- semanage_genhomedircon(sh, TRUE)) != 0) {
- ERR(sh, "semanage_genhomedircon returned error code %d.",
- retval);
- goto cleanup;
+ if (!sh->conf->disable_genhomedircon) {
+ if ((retval =
+ semanage_genhomedircon(sh, TRUE)) != 0) {
+ ERR(sh, "semanage_genhomedircon returned error code %d.",
+ retval);
+ goto cleanup;
+ }
+ } else {
+ WARN(sh, "WARNING: genhomedircon is disabled. \
+See /etc/selinux/semanage.conf if you need to enable it.");
}
if ((commit_num = semanage_commit_sandbox(sh)) < 0) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-19 21:14:03
|
Revision: 2573
http://selinux.svn.sourceforge.net/selinux/?rev=2573&view=rev
Author: ssmalley
Date: 2007-09-19 14:13:57 -0700 (Wed, 19 Sep 2007)
Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: libsemanage, semodule: Improve error reporting
Date: Wed, 19 Sep 2007 16:48:58 -0400
A follow-up patch based on some more testing of the first one, applies
on top.
Clear errno in several locations when we are ignoring a non-fatal
error in libsemanage, so that we do not end up reporting it upon
a later ERR() call for another reason.
Modified Paths:
--------------
trunk/libsemanage/src/direct_api.c
trunk/libsemanage/src/semanage_store.c
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-09-19 18:44:09 UTC (rev 2572)
+++ trunk/libsemanage/src/direct_api.c 2007-09-19 21:13:57 UTC (rev 2573)
@@ -32,6 +32,7 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <limits.h>
+#include <errno.h>
#include "user_internal.h"
#include "seuser_internal.h"
@@ -540,6 +541,7 @@
* checking is done because this is likely to fail because
* the file does not exist - which is not an error. */
unlink(linked_filename);
+ errno = 0;
}
/* ==================== File-backed ================== */
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-09-19 18:44:09 UTC (rev 2572)
+++ trunk/libsemanage/src/semanage_store.c 2007-09-19 21:13:57 UTC (rev 2573)
@@ -574,6 +574,7 @@
ERR(sh, "Error scanning directory %s.", sandbox);
return -1;
}
+ errno = 0;
} else {
/* remove the old sandbox */
if (semanage_remove_directory(sandbox) != 0) {
@@ -1096,6 +1097,7 @@
store_fc_loc);
goto cleanup;
}
+ errno = 0;
snprintf(store_seusers, PATH_MAX, "%s%s", storepath, running_seusers);
if (semanage_copy_file
@@ -1105,6 +1107,7 @@
store_seusers);
goto cleanup;
}
+ errno = 0;
snprintf(store_nc, PATH_MAX, "%s%s", storepath, running_nc);
if (semanage_copy_file(active_nc, store_nc, sh->conf->file_mode) == -1
@@ -1112,6 +1115,7 @@
ERR(sh, "Could not copy %s to %s.", active_nc, store_nc);
goto cleanup;
}
+ errno = 0;
if (!sh->do_reload)
goto skip_reload;
@@ -1133,8 +1137,10 @@
goto skip_reload;
}
} else if (errno == ENOENT &&
- strcmp(really_active_store, storepath) != 0)
+ strcmp(really_active_store, storepath) != 0) {
+ errno = 0;
goto skip_reload;
+ }
if (semanage_reload_policy(sh)) {
goto cleanup;
@@ -1470,6 +1476,7 @@
if (errno == ENOENT) {
/* the commit number file does not exist yet,
* so assume that the number is 0 */
+ errno = 0;
return 0;
} else {
ERR(sh, "Could not open commit number file %s.",
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-19 21:17:37
|
Revision: 2575
http://selinux.svn.sourceforge.net/selinux/?rev=2575&view=rev
Author: ssmalley
Date: 2007-09-19 14:17:29 -0700 (Wed, 19 Sep 2007)
Log Message:
-----------
Regenerate swig python bindings.
Modified Paths:
--------------
trunk/libsemanage/src/semanage.py
trunk/libsemanage/src/semanageswig_wrap.c
Modified: trunk/libsemanage/src/semanage.py
===================================================================
--- trunk/libsemanage/src/semanage.py 2007-09-19 21:14:39 UTC (rev 2574)
+++ trunk/libsemanage/src/semanage.py 2007-09-19 21:17:29 UTC (rev 2575)
@@ -1,10 +1,16 @@
-# This file was created automatically by SWIG 1.3.29.
+# This file was automatically generated by SWIG (http://www.swig.org).
+# Version 1.3.31
+#
# Don't modify this file, modify the SWIG interface instead.
# This file is compatible with both classic and new-style classes.
import _semanage
import new
new_instancemethod = new.instancemethod
+try:
+ _swig_property = property
+except NameError:
+ pass # Python < 2.2 doesn't have 'property'.
def _swig_setattr_nondynamic(self,class_type,name,value,static=1):
if (name == "thisown"): return self.this.own(value)
if (name == "this"):
@@ -60,6 +66,7 @@
semanage_set_reload = _semanage.semanage_set_reload
semanage_set_rebuild = _semanage.semanage_set_rebuild
semanage_set_create_store = _semanage.semanage_set_create_store
+semanage_set_disable_dontaudit = _semanage.semanage_set_disable_dontaudit
semanage_is_managed = _semanage.semanage_is_managed
semanage_connect = _semanage.semanage_connect
semanage_disconnect = _semanage.semanage_disconnect
Modified: trunk/libsemanage/src/semanageswig_wrap.c
===================================================================
--- trunk/libsemanage/src/semanageswig_wrap.c 2007-09-19 21:14:39 UTC (rev 2574)
+++ trunk/libsemanage/src/semanageswig_wrap.c 2007-09-19 21:17:29 UTC (rev 2575)
@@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
- * Version 1.3.29
+ * Version 1.3.31
*
* This file is not intended to be easily readable and contains a number of
* coding conventions designed to improve portability and efficiency. Do not make
@@ -103,7 +103,7 @@
#endif
/* Deal with Microsoft's attempt at deprecating C standard runtime functions */
-#if !defined(SWIG_NO_CRT_SECURE_NO_DEPRECATE) && defined(_MSC_VER)
+#if !defined(SWIG_NO_CRT_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
# define _CRT_SECURE_NO_DEPRECATE
#endif
@@ -120,7 +120,7 @@
/* This should only be incremented when either the layout of swig_type_info changes,
or for whatever reason, the runtime changes incompatibly */
-#define SWIG_RUNTIME_VERSION "2"
+#define SWIG_RUNTIME_VERSION "3"
/* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */
#ifdef SWIG_TYPE_TABLE
@@ -697,8 +697,6 @@
-/* Python.h has to appear first */
-#include <Python.h>
/* Add PyOS_snprintf for old Pythons */
#if PY_VERSION_HEX < 0x02020000
@@ -779,6 +777,14 @@
}
#endif
+/* Py_ssize_t for old Pythons */
+/* This code is as recommended by: */
+/* http://www.python.org/dev/peps/pep-0353/#conversion-guidelines */
+#if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN)
+typedef int Py_ssize_t;
+# define PY_SSIZE_T_MAX INT_MAX
+# define PY_SSIZE_T_MIN INT_MIN
+#endif
/* -----------------------------------------------------------------------------
* error manipulation
@@ -1172,7 +1178,7 @@
SWIGRUNTIMEINLINE PyObject *
_SWIG_Py_None(void)
{
- PyObject *none = Py_BuildValue("");
+ PyObject *none = Py_BuildValue((char*)"");
Py_DECREF(none);
return none;
}
@@ -2031,7 +2037,7 @@
void *vptr = 0;
/* here we get the method pointer for callbacks */
- char *doc = (((PyCFunctionObject *)obj) -> m_ml -> ml_doc);
+ const char *doc = (((PyCFunctionObject *)obj) -> m_ml -> ml_doc);
const char *desc = doc ? strstr(doc, "swig_ptr: ") : 0;
if (desc) {
desc = ty ? SWIG_UnpackVoidPtr(desc + 10, &vptr, ty->name) : 0;
@@ -2152,7 +2158,7 @@
return;
}
#endif
- dict = PyObject_GetAttrString(inst, "__dict__");
+ dict = PyObject_GetAttrString(inst, (char*)"__dict__");
PyDict_SetItem(dict, SWIG_This(), swig_this);
Py_DECREF(dict);
}
@@ -2293,7 +2299,7 @@
/* The python cached type query */
SWIGRUNTIME PyObject *
-SWIG_Python_TypeCache() {
+SWIG_Python_TypeCache(void) {
static PyObject *SWIG_STATIC_POINTER(cache) = PyDict_New();
return cache;
}
@@ -2505,7 +2511,7 @@
#if (PY_VERSION_HEX <= 0x02000000)
# if !defined(SWIG_PYTHON_CLASSIC)
-# error "This python version requires to use swig with the '-classic' option"
+# error "This python version requires swig to be run with the '-classic' option"
# endif
#endif
@@ -2516,7 +2522,8 @@
#define SWIG_name "_semanage"
-#define SWIGVERSION 0x010329
+#define SWIGVERSION 0x010331
+#define SWIG_VERSION SWIGVERSION
#define SWIG_as_voidptr(a) (void *)((const void *)(a))
@@ -2541,7 +2548,7 @@
SWIGINTERN swig_type_info*
-SWIG_pchar_descriptor()
+SWIG_pchar_descriptor(void)
{
static int init = 0;
static swig_type_info* info = 0;
@@ -2581,7 +2588,7 @@
SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
{
if (PyString_Check(obj)) {
- char *cstr; int len;
+ char *cstr; Py_ssize_t len;
PyString_AsStringAndSize(obj, &cstr, &len);
if (cptr) {
if (alloc) {
@@ -2950,7 +2957,7 @@
}
arg1 = (semanage_handle_t *)(argp1);
result = (char *)semanage_msg_get_channel(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -2972,7 +2979,7 @@
}
arg1 = (semanage_handle_t *)(argp1);
result = (char *)semanage_msg_get_fname(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3075,7 +3082,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_select_store" "', argument " "2"" of type '" "char *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
ecode3 = SWIG_AsVal_int(obj2, &val3);
if (!SWIG_IsOK(ecode3)) {
SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_select_store" "', argument " "3"" of type '" "enum semanage_connect_type""'");
@@ -3203,6 +3210,36 @@
}
+SWIGINTERN PyObject *_wrap_semanage_set_disable_dontaudit(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ semanage_handle_t *arg1 = (semanage_handle_t *) 0 ;
+ int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:semanage_set_disable_dontaudit",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_set_disable_dontaudit" "', argument " "1"" of type '" "semanage_handle_t *""'");
+ }
+ arg1 = (semanage_handle_t *)(argp1);
+ ecode2 = SWIG_AsVal_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_set_disable_dontaudit" "', argument " "2"" of type '" "int""'");
+ }
+ arg2 = (int)(val2);
+ semanage_set_disable_dontaudit(arg1,arg2);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_semanage_is_managed(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
semanage_handle_t *arg1 = (semanage_handle_t *) 0 ;
@@ -3384,7 +3421,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_install" "', argument " "2"" of type '" "char *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
ecode3 = SWIG_AsVal_size_t(obj2, &val3);
if (!SWIG_IsOK(ecode3)) {
SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_install" "', argument " "3"" of type '" "size_t""'");
@@ -3427,7 +3464,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_upgrade" "', argument " "2"" of type '" "char *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
ecode3 = SWIG_AsVal_size_t(obj2, &val3);
if (!SWIG_IsOK(ecode3)) {
SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_upgrade" "', argument " "3"" of type '" "size_t""'");
@@ -3470,7 +3507,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_install_base" "', argument " "2"" of type '" "char *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
ecode3 = SWIG_AsVal_size_t(obj2, &val3);
if (!SWIG_IsOK(ecode3)) {
SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_install_base" "', argument " "3"" of type '" "size_t""'");
@@ -3509,7 +3546,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_remove" "', argument " "2"" of type '" "char *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_module_remove(arg1,arg2);
resultobj = SWIG_From_int((int)(result));
if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
@@ -3627,7 +3664,7 @@
}
arg1 = (semanage_module_info_t *)(argp1);
result = (char *)semanage_module_get_name(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3649,7 +3686,7 @@
}
arg1 = (semanage_module_info_t *)(argp1);
result = (char *)semanage_module_get_version(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3671,7 +3708,7 @@
}
arg1 = (semanage_context_t *)(argp1);
result = (char *)semanage_context_get_user((struct semanage_context const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3710,7 +3747,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_user" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_context_set_user(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -3736,7 +3773,7 @@
}
arg1 = (semanage_context_t *)(argp1);
result = (char *)semanage_context_get_role((struct semanage_context const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3775,7 +3812,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_role" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_context_set_role(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -3801,7 +3838,7 @@
}
arg1 = (semanage_context_t *)(argp1);
result = (char *)semanage_context_get_type((struct semanage_context const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3840,7 +3877,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_type" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_context_set_type(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -3866,7 +3903,7 @@
}
arg1 = (semanage_context_t *)(argp1);
result = (char *)semanage_context_get_mls((struct semanage_context const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -3905,7 +3942,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_mls" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_context_set_mls(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -4034,7 +4071,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_from_string" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_context_from_string(arg1,(char const *)arg2,arg3);
resultobj = SWIG_From_int((int)(result));
{
@@ -4116,7 +4153,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_bool_key_create(arg1,(char const *)arg2,arg3);
resultobj = SWIG_From_int((int)(result));
{
@@ -4267,7 +4304,7 @@
}
arg1 = (semanage_bool_t *)(argp1);
result = (char *)semanage_bool_get_name((struct semanage_bool const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -4306,7 +4343,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_set_name" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_bool_set_name(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -5242,7 +5279,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_iface_key_create(arg1,(char const *)arg2,arg3);
resultobj = SWIG_From_int((int)(result));
{
@@ -5331,7 +5368,7 @@
}
arg1 = (semanage_iface_t *)(argp1);
result = (char *)semanage_iface_get_name((struct semanage_iface const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -5370,7 +5407,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_set_name" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_iface_set_name(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6082,7 +6119,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_user_key_create(arg1,(char const *)arg2,arg3);
resultobj = SWIG_From_int((int)(result));
{
@@ -6233,7 +6270,7 @@
}
arg1 = (semanage_user_t *)(argp1);
result = (char *)semanage_user_get_name((struct semanage_user const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -6272,7 +6309,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_name" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_user_set_name(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6298,7 +6335,7 @@
}
arg1 = (semanage_user_t *)(argp1);
result = (char *)semanage_user_get_prefix((struct semanage_user const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -6337,7 +6374,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_prefix" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_user_set_prefix(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6363,7 +6400,7 @@
}
arg1 = (semanage_user_t *)(argp1);
result = (char *)semanage_user_get_mlslevel((struct semanage_user const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -6402,7 +6439,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_mlslevel" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_user_set_mlslevel(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6428,7 +6465,7 @@
}
arg1 = (semanage_user_t *)(argp1);
result = (char *)semanage_user_get_mlsrange((struct semanage_user const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -6467,7 +6504,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_mlsrange" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_user_set_mlsrange(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6532,7 +6569,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_add_role" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_user_add_role(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -6565,7 +6602,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_del_role" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
semanage_user_del_role(arg1,(char const *)arg2);
resultobj = SWIG_Py_Void();
if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
@@ -6599,7 +6636,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_has_role" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_user_has_role((struct semanage_user const *)arg1,(char const *)arg2);
resultobj = SWIG_From_int((int)(result));
if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
@@ -7508,7 +7545,7 @@
}
arg1 = (int)(val1);
result = (char *)semanage_port_get_proto_str(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -8333,7 +8370,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
ecode3 = SWIG_AsVal_int(obj2, &val3);
if (!SWIG_IsOK(ecode3)) {
SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_fcontext_key_create" "', argument " "3"" of type '" "int""'");
@@ -8427,7 +8464,7 @@
}
arg1 = (semanage_fcontext_t *)(argp1);
result = (char *)semanage_fcontext_get_expr((struct semanage_fcontext const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -8466,7 +8503,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_set_expr" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_fcontext_set_expr(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -8514,7 +8551,7 @@
}
arg1 = (int)(val1);
result = (char *)semanage_fcontext_get_type_str(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -9190,7 +9227,7 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
result = (int)semanage_seuser_key_create(arg1,(char const *)arg2,arg3);
resultobj = SWIG_From_int((int)(result));
{
@@ -9341,7 +9378,7 @@
}
arg1 = (semanage_seuser_t *)(argp1);
result = (char *)semanage_seuser_get_name((struct semanage_seuser const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -9380,7 +9417,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_name" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_seuser_set_name(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -9406,7 +9443,7 @@
}
arg1 = (semanage_seuser_t *)(argp1);
result = (char *)semanage_seuser_get_sename((struct semanage_seuser const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -9445,7 +9482,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_sename" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_seuser_set_sename(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -9471,7 +9508,7 @@
}
arg1 = (semanage_seuser_t *)(argp1);
result = (char *)semanage_seuser_get_mlsrange((struct semanage_seuser const *)arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -9510,7 +9547,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_mlsrange" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
result = (int)semanage_seuser_set_mlsrange(arg1,arg2,(char const *)arg3);
resultobj = SWIG_From_int((int)(result));
if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
@@ -10169,12 +10206,12 @@
if (!SWIG_IsOK(res2)) {
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_key_create" "', argument " "2"" of type '" "char const *""'");
}
- arg2 = buf2;
+ arg2 = (char *)(buf2);
res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_key_create" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
ecode4 = SWIG_AsVal_int(obj3, &val4);
if (!SWIG_IsOK(ecode4)) {
SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_key_create" "', argument " "4"" of type '" "int""'");
@@ -10386,7 +10423,7 @@
if (!SWIG_IsOK(res4)) {
SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "semanage_node_set_addr" "', argument " "4"" of type '" "char const *""'");
}
- arg4 = buf4;
+ arg4 = (char *)(buf4);
result = (int)semanage_node_set_addr(arg1,arg2,arg3,(char const *)arg4);
resultobj = SWIG_From_int((int)(result));
if (alloc4 == SWIG_NEWOBJ) free((char*)buf4);
@@ -10433,7 +10470,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_set_addr_bytes" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
ecode4 = SWIG_AsVal_size_t(obj3, &val4);
if (!SWIG_IsOK(ecode4)) {
SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_set_addr_bytes" "', argument " "4"" of type '" "size_t""'");
@@ -10580,7 +10617,7 @@
if (!SWIG_IsOK(res4)) {
SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "semanage_node_set_mask" "', argument " "4"" of type '" "char const *""'");
}
- arg4 = buf4;
+ arg4 = (char *)(buf4);
result = (int)semanage_node_set_mask(arg1,arg2,arg3,(char const *)arg4);
resultobj = SWIG_From_int((int)(result));
if (alloc4 == SWIG_NEWOBJ) free((char*)buf4);
@@ -10627,7 +10664,7 @@
if (!SWIG_IsOK(res3)) {
SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_set_mask_bytes" "', argument " "3"" of type '" "char const *""'");
}
- arg3 = buf3;
+ arg3 = (char *)(buf3);
ecode4 = SWIG_AsVal_size_t(obj3, &val4);
if (!SWIG_IsOK(ecode4)) {
SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_set_mask_bytes" "', argument " "4"" of type '" "size_t""'");
@@ -10710,7 +10747,7 @@
}
arg1 = (int)(val1);
result = (char *)semanage_node_get_proto_str(arg1);
- resultobj = SWIG_FromCharPtr(result);
+ resultobj = SWIG_FromCharPtr((const char *)result);
return resultobj;
fail:
return NULL;
@@ -11340,6 +11377,7 @@
{ (char *)"semanage_set_reload", _wrap_semanage_set_reload, METH_VARARGS, NULL},
{ (char *)"semanage_set_rebuild", _wrap_semanage_set_rebuild, METH_VARARGS, NULL},
{ (char *)"semanage_set_create_store", _wrap_semanage_set_create_store, METH_VARARGS, NULL},
+ { (char *)"semanage_set_disable_dontaudit", _wrap_semanage_set_disable_dontaudit, METH_VARARGS, NULL},
{ (char *)"semanage_is_managed", _wrap_semanage_is_managed, METH_VARARGS, NULL},
{ (char *)"semanage_connect", _wrap_semanage_connect, METH_VARARGS, NULL},
{ (char *)"semanage_disconnect", _wrap_semanage_disconnect, METH_VARARGS, NULL},
@@ -11827,7 +11865,7 @@
* structures together.
*
* The generated swig_type_info structures are assigned staticly to an initial
- * array. We just loop though that array, and handle each type individually.
+ * array. We just loop through that array, and handle each type individually.
* First we lookup if this type has been already loaded, and if so, use the
* loaded structure instead of the generated one. Then we have to fill in the
* cast linked list. The cast data is initially stored in something like a
@@ -11865,30 +11903,47 @@
#define SWIGRUNTIME_DEBUG
#endif
+
SWIGRUNTIME void
SWIG_InitializeModule(void *clientdata) {
size_t i;
- swig_module_info *module_head;
- static int init_run = 0;
+ swig_module_info *module_head, *iter;
+ int found;
clientdata = clientdata;
- if (init_run) return;
- init_run = 1;
+ /* check to see if the circular list has been setup, if not, set it up */
+ if (swig_module.next==0) {
+ /* Initialize the swig_module */
+ swig_module.type_initial = swig_type_initial;
+ swig_module.cast_initial = swig_cast_initial;
+ swig_module.next = &swig_module;
+ }
- /* Initialize the swig_module */
- swig_module.type_initial = swig_type_initial;
- swig_module.cast_initial = swig_cast_initial;
-
/* Try and load any already created modules */
module_head = SWIG_GetModule(clientdata);
- if (module_head) {
+ if (!module_head) {
+ /* This is the first module loaded for this interpreter */
+ /* so set the swig module into the interpreter */
+ SWIG_SetModule(clientdata, &swig_module);
+ module_head = &swig_module;
+ } else {
+ /* the interpreter has loaded a SWIG module, but has it loaded this one? */
+ found=0;
+ iter=module_head;
+ do {
+ if (iter==&swig_module) {
+ found=1;
+ break;
+ }
+ iter=iter->next;
+ } while (iter!= module_head);
+
+ /* if the is found in the list, then all is done and we may leave */
+ if (found) return;
+ /* otherwise we must add out module into the list */
swig_module.next = module_head->next;
module_head->next = &swig_module;
- } else {
- /* This is the first module loaded */
- swig_module.next = &swig_module;
- SWIG_SetModule(clientdata, &swig_module);
}
/* Now work on filling in swig_module.types */
@@ -12201,7 +12256,7 @@
}
SWIGINTERN PyObject *
- SWIG_globals() {
+ SWIG_globals(void) {
static PyObject *_SWIG_globals = 0;
if (!_SWIG_globals) _SWIG_globals = SWIG_newvarlink();
return _SWIG_globals;
@@ -12246,11 +12301,11 @@
swig_type_info **types_initial) {
size_t i;
for (i = 0; methods[i].ml_name; ++i) {
- char *c = methods[i].ml_doc;
+ const char *c = methods[i].ml_doc;
if (c && (c = strstr(c, "swig_ptr: "))) {
int j;
swig_const_info *ci = 0;
- char *name = c + 10;
+ const char *name = c + 10;
for (j = 0; const_table[j].type; ++j) {
if (strncmp(const_table[j].name, name,
strlen(const_table[j].name)) == 0) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-28 13:39:52
|
Revision: 2622
http://selinux.svn.sourceforge.net/selinux/?rev=2622&view=rev
Author: ssmalley
Date: 2007-09-28 06:39:50 -0700 (Fri, 28 Sep 2007)
Log Message:
-----------
Author: "Todd C. Miller"
Email: tm...@tr...
Subject: libsemanage: validate homedir contexts
Date: Thu, 27 Sep 2007 16:07:13 -0400
Validate contexts against the new policy before writing them to
file_contexts.homedirs.
Author: "Todd C. Miller"
Email: tm...@tr...
Subject: libsemanage: update default user
Date: Thu, 27 Sep 2007 16:07:15 -0400
Patch from dwalsh to update the default user and prefix based on the
seusers file. Previously it just assumed user_u and user.
Modified Paths:
--------------
trunk/libsemanage/src/direct_api.c
trunk/libsemanage/src/genhomedircon.c
trunk/libsemanage/src/genhomedircon.h
trunk/libsemanage/src/semanage_store.c
trunk/libsemanage/src/semanage_store.h
Modified: trunk/libsemanage/src/direct_api.c
===================================================================
--- trunk/libsemanage/src/direct_api.c 2007-09-28 13:38:20 UTC (rev 2621)
+++ trunk/libsemanage/src/direct_api.c 2007-09-28 13:39:50 UTC (rev 2622)
@@ -702,7 +702,7 @@
goto cleanup;
if (sh->do_rebuild || modified) {
- retval = semanage_install_sandbox(sh);
+ retval = semanage_install_sandbox(sh, out);
}
cleanup:
Modified: trunk/libsemanage/src/genhomedircon.c
===================================================================
--- trunk/libsemanage/src/genhomedircon.c 2007-09-28 13:38:20 UTC (rev 2621)
+++ trunk/libsemanage/src/genhomedircon.c 2007-09-28 13:39:50 UTC (rev 2622)
@@ -1,5 +1,6 @@
-/* Author: Mark Goldman <mgo...@tr...>
- * Paul Rosenfeld <pro...@tr...>
+/* Author: Mark Goldman <mgo...@tr...>
+ * Paul Rosenfeld <pro...@tr...>
+ * Todd C. Miller <tm...@tr...>
*
* Copyright (C) 2007 Tresys Technology, LLC
*
@@ -23,6 +24,8 @@
#include <semanage/seusers_policy.h>
#include <semanage/users_policy.h>
#include <semanage/user_record.h>
+#include <sepol/context.h>
+#include <sepol/context_record.h>
#include "semanage_store.h"
#include "seuser_internal.h"
#include "debug.h"
@@ -79,7 +82,10 @@
const char *fcfilepath;
int usepasswd;
const char *homedir_template_path;
+ char *fallback_user;
+ char *fallback_user_prefix;
semanage_handle_t *h_semanage;
+ sepol_policydb_t *policydb;
} genhomedircon_settings_t;
typedef struct user_entry {
@@ -353,10 +359,50 @@
return retval;
}
-static int write_home_dir_context(FILE * out, semanage_list_t * tpl,
- const char *user, const char *seuser,
- const char *home, const char *role_prefix)
+static const char * extract_context(Ustr *line)
{
+ const char whitespace[] = " \t\n";
+ size_t off, len;
+
+ /* check for trailing whitespace */
+ off = ustr_spn_chrs_rev(line, 0, whitespace, strlen(whitespace));
+
+ /* find the length of the last field in line */
+ len = ustr_cspn_chrs_rev(line, off, whitespace, strlen(whitespace));
+
+ if (len == 0)
+ return NULL;
+ return ustr_cstr(line) + ustr_len(line) - (len + off);
+}
+
+static int check_line(genhomedircon_settings_t * s, Ustr *line)
+{
+ sepol_context_t *ctx_record = NULL;
+ const char *ctx_str;
+ int result;
+
+ ctx_str = extract_context(line);
+ if (!ctx_str)
+ return STATUS_ERR;
+
+ result = sepol_context_from_string(s->h_semanage->sepolh,
+ ctx_str, &ctx_record);
+ if (result == STATUS_SUCCESS && ctx_record != NULL) {
+ sepol_msg_set_callback(s->h_semanage->sepolh, NULL, NULL);
+ result = sepol_context_check(s->h_semanage->sepolh,
+ s->policydb, ctx_record);
+ sepol_msg_set_callback(s->h_semanage->sepolh,
+ semanage_msg_relay_handler, s->h_semanage);
+ sepol_context_free(ctx_record);
+ }
+ return result;
+}
+
+static int write_home_dir_context(genhomedircon_settings_t * s, FILE * out,
+ semanage_list_t * tpl, const char *user,
+ const char *seuser, const char *home,
+ const char *role_prefix)
+{
replacement_pair_t repl[] = {
{.search_for = TEMPLATE_SEUSER,.replace_with = seuser},
{.search_for = TEMPLATE_HOME_DIR,.replace_with = home},
@@ -370,8 +416,12 @@
for (; tpl; tpl = tpl->next) {
line = replace_all(tpl->data, repl);
- if (!line || !ustr_io_putfileline(&line, out))
+ if (!line)
goto fail;
+ if (check_line(s, line) == STATUS_SUCCESS) {
+ if (!ustr_io_putfileline(&line, out))
+ goto fail;
+ }
ustr_sc_free(&line);
}
return STATUS_SUCCESS;
@@ -381,8 +431,8 @@
return STATUS_ERR;
}
-static int write_home_root_context(FILE * out, semanage_list_t * tpl,
- char *homedir)
+static int write_home_root_context(genhomedircon_settings_t * s, FILE * out,
+ semanage_list_t * tpl, char *homedir)
{
replacement_pair_t repl[] = {
{.search_for = TEMPLATE_HOME_ROOT,.replace_with = homedir},
@@ -392,8 +442,12 @@
for (; tpl; tpl = tpl->next) {
line = replace_all(tpl->data, repl);
- if (!line || !ustr_io_putfileline(&line, out))
+ if (!line)
goto fail;
+ if (check_line(s, line) == STATUS_SUCCESS) {
+ if (!ustr_io_putfileline(&line, out))
+ goto fail;
+ }
ustr_sc_free(&line);
}
return STATUS_SUCCESS;
@@ -403,8 +457,9 @@
return STATUS_ERR;
}
-static int write_user_context(FILE * out, semanage_list_t * tpl, char *user,
- char *seuser, char *role_prefix)
+static int write_user_context(genhomedircon_settings_t * s, FILE * out,
+ semanage_list_t * tpl, const char *user,
+ const char *seuser, const char *role_prefix)
{
replacement_pair_t repl[] = {
{.search_for = TEMPLATE_USER,.replace_with = user},
@@ -416,8 +471,12 @@
for (; tpl; tpl = tpl->next) {
line = replace_all(tpl->data, repl);
- if (!line || !ustr_io_putfileline(&line, out))
+ if (!line)
goto fail;
+ if (check_line(s, line) == STATUS_SUCCESS) {
+ if (!ustr_io_putfileline(&line, out))
+ goto fail;
+ }
ustr_sc_free(&line);
}
return STATUS_SUCCESS;
@@ -497,6 +556,25 @@
free(temp);
}
+static int set_fallback_user(genhomedircon_settings_t *s,
+ const char *user, const char *prefix)
+{
+ char *fallback_user = strdup(user);
+ char *fallback_user_prefix = strdup(prefix);
+
+ if (fallback_user == NULL || fallback_user_prefix == NULL) {
+ free(fallback_user);
+ free(fallback_user_prefix);
+ return STATUS_ERR;
+ }
+
+ free(s->fallback_user);
+ free(s->fallback_user_prefix);
+ s->fallback_user = fallback_user;
+ s->fallback_user_prefix = fallback_user_prefix;
+ return STATUS_SUCCESS;
+}
+
static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
int *errors)
{
@@ -539,13 +617,40 @@
for (i = 0; i < nseusers; i++) {
name = semanage_seuser_get_name(seuser_list[i]);
+ if (strcmp(name, DEFAULT_LOGIN) == 0) {
+ seuname = semanage_seuser_get_sename(seuser_list[i]);
+
+ /* find the user structure given the name */
+ u = bsearch(seuname, user_list, nusers,
+ sizeof(semanage_user_t *),
+ (int (*)(const void *, const void *))
+ &name_user_cmp);
+ if (u) {
+ prefix = semanage_user_get_prefix(*u);
+ } else {
+ prefix = name;
+ }
+
+ if (set_fallback_user(s, seuname, prefix) != 0) {
+ *errors = STATUS_ERR;
+ goto cleanup;
+ }
+ break;
+ }
+ }
+
+ for (i = 0; i < nseusers; i++) {
seuname = semanage_seuser_get_sename(seuser_list[i]);
- if (strcmp(seuname, FALLBACK_USER) == 0)
+ if (strcmp(seuname, s->fallback_user) == 0)
continue;
- if (strcmp(seuname, DEFAULT_LOGIN) == 0)
+
+ name = semanage_seuser_get_name(seuser_list[i]);
+
+ if (strcmp(name, DEFAULT_LOGIN) == 0)
continue;
- if (strcmp(seuname, TEMPLATE_SEUSER) == 0)
+
+ if (strcmp(name, TEMPLATE_SEUSER) == 0)
continue;
/* find the user structure given the name */
@@ -604,7 +709,7 @@
return head;
}
-static int write_gen_home_dir_context(FILE * out, genhomedircon_settings_t * s,
+static int write_gen_home_dir_context(genhomedircon_settings_t * s, FILE * out,
semanage_list_t * user_context_tpl,
semanage_list_t * homedir_context_tpl)
{
@@ -617,13 +722,13 @@
}
for (; users; pop_user_entry(&users)) {
- if (write_home_dir_context(out, homedir_context_tpl,
+ if (write_home_dir_context(s, out, homedir_context_tpl,
users->name,
users->sename, users->home,
users->prefix)) {
return STATUS_ERR;
}
- if (write_user_context(out, user_context_tpl, users->name,
+ if (write_user_context(s, out, user_context_tpl, users->name,
users->sename, users->prefix)) {
return STATUS_ERR;
}
@@ -664,6 +769,12 @@
goto done;
}
+ if (write_gen_home_dir_context(s, out, user_context_tpl,
+ homedir_context_tpl) != STATUS_SUCCESS) {
+ retval = STATUS_ERR;
+ goto done;
+ }
+
for (h = homedirs; h; h = h->next) {
Ustr *temp = ustr_dup_cstr(h->data);
@@ -673,16 +784,17 @@
goto done;
}
- if (write_home_dir_context(out,
- homedir_context_tpl, FALLBACK_USER,
- FALLBACK_USER, ustr_cstr(temp),
- FALLBACK_USER_PREFIX) !=
+ if (write_home_dir_context(s, out,
+ homedir_context_tpl,
+ s->fallback_user, s->fallback_user,
+ ustr_cstr(temp),
+ s->fallback_user_prefix) !=
STATUS_SUCCESS) {
ustr_sc_free(&temp);
retval = STATUS_ERR;
goto done;
}
- if (write_home_root_context(out,
+ if (write_home_root_context(s, out,
homeroot_context_tpl,
h->data) != STATUS_SUCCESS) {
ustr_sc_free(&temp);
@@ -692,16 +804,12 @@
ustr_sc_free(&temp);
}
- if (write_user_context(out, user_context_tpl,
- ".*", FALLBACK_USER,
- FALLBACK_USER_PREFIX) != STATUS_SUCCESS) {
+ if (write_user_context(s, out, user_context_tpl,
+ ".*", s->fallback_user,
+ s->fallback_user_prefix) != STATUS_SUCCESS) {
retval = STATUS_ERR;
goto done;
}
- if (write_gen_home_dir_context(out, s, user_context_tpl,
- homedir_context_tpl) != STATUS_SUCCESS) {
- retval = STATUS_ERR;
- }
done:
/* Cleanup */
@@ -713,7 +821,9 @@
return retval;
}
-int semanage_genhomedircon(semanage_handle_t * sh, int usepasswd)
+int semanage_genhomedircon(semanage_handle_t * sh,
+ sepol_policydb_t * policydb,
+ int usepasswd)
{
genhomedircon_settings_t s;
FILE *out = NULL;
@@ -725,8 +835,14 @@
semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL);
s.fcfilepath = semanage_path(SEMANAGE_TMP, SEMANAGE_FC_HOMEDIRS);
+ s.fallback_user = strdup(FALLBACK_USER);
+ s.fallback_user_prefix = strdup(FALLBACK_USER_PREFIX);
+ if (s.fallback_user == NULL || s.fallback_user_prefix == NULL)
+ return STATUS_ERR;
+
s.usepasswd = usepasswd;
s.h_semanage = sh;
+ s.policydb = policydb;
if (!(out = fopen(s.fcfilepath, "w"))) {
/* couldn't open output file */
@@ -737,5 +853,9 @@
retval = write_context_file(&s, out);
fclose(out);
+
+ free(s.fallback_user);
+ free(s.fallback_user_prefix);
+
return retval;
}
Modified: trunk/libsemanage/src/genhomedircon.h
===================================================================
--- trunk/libsemanage/src/genhomedircon.h 2007-09-28 13:38:20 UTC (rev 2621)
+++ trunk/libsemanage/src/genhomedircon.h 2007-09-28 13:39:50 UTC (rev 2622)
@@ -22,6 +22,7 @@
#include "utilities.h"
-int semanage_genhomedircon(semanage_handle_t * sh, int usepasswd);
+int semanage_genhomedircon(semanage_handle_t * sh,
+ sepol_policydb_t * policydb, int usepasswd);
#endif
Modified: trunk/libsemanage/src/semanage_store.c
===================================================================
--- trunk/libsemanage/src/semanage_store.c 2007-09-28 13:38:20 UTC (rev 2621)
+++ trunk/libsemanage/src/semanage_store.c 2007-09-28 13:39:50 UTC (rev 2622)
@@ -1279,7 +1279,8 @@
* should be placed within a mutex lock to ensure that it runs
* atomically. Returns commit number on success, -1 on error.
*/
-int semanage_install_sandbox(semanage_handle_t * sh)
+int semanage_install_sandbox(semanage_handle_t * sh,
+ sepol_policydb_t * policydb)
{
int retval = -1, commit_num = -1;
@@ -1294,7 +1295,7 @@
}
if (!sh->conf->disable_genhomedircon) {
if ((retval =
- semanage_genhomedircon(sh, TRUE)) != 0) {
+ semanage_genhomedircon(sh, policydb, TRUE)) != 0) {
ERR(sh, "semanage_genhomedircon returned error code %d.",
retval);
goto cleanup;
Modified: trunk/libsemanage/src/semanage_store.h
===================================================================
--- trunk/libsemanage/src/semanage_store.h 2007-09-28 13:38:20 UTC (rev 2621)
+++ trunk/libsemanage/src/semanage_store.h 2007-09-28 13:39:50 UTC (rev 2622)
@@ -83,8 +83,6 @@
int semanage_get_modules_names(semanage_handle_t * sh,
char ***filenames, int *len);
-int semanage_install_sandbox(semanage_handle_t * sh);
-
/* lock file routines */
int semanage_get_trans_lock(semanage_handle_t * sh);
int semanage_get_active_lock(semanage_handle_t * sh);
@@ -102,7 +100,8 @@
int semanage_write_policydb(semanage_handle_t * sh,
sepol_policydb_t * policydb);
-int semanage_install_sandbox(semanage_handle_t * sh);
+int semanage_install_sandbox(semanage_handle_t * sh,
+ sepol_policydb_t * policydb);
int semanage_verify_modules(semanage_handle_t * sh,
char **module_filenames, int num_modules);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-10-05 13:40:23
|
Revision: 2629
http://selinux.svn.sourceforge.net/selinux/?rev=2629&view=rev
Author: ssmalley
Date: 2007-10-05 06:39:39 -0700 (Fri, 05 Oct 2007)
Log Message:
-----------
Author: James Antill
Email: ja...@re...
Subject: ustr cleanups (policyrep branch)
Date: Mon, 01 Oct 2007 02:46:36 -0400
Here are two cleanups for ustr usage within libsemanage on the
policyrep branch.
The first is a corner case where you have two or more replacements in
the "replace_all" function of genhomedircon, previously one of those
multiple replacements (in theory) could fail due to malloc() returning
NULL and that would be missed. The fix probably makes the free test more
readable too.
The second is that semanage_is_prefix() was previously defined by
calling ustr functions (inefficiently, even), and so had to allocate a
ustr to do it's work ... the fix just calls strncmp() directly.
--
James Antill <ja...@re...>
Modified Paths:
--------------
trunk/libsemanage/src/genhomedircon.c
trunk/libsemanage/src/utilities.c
Modified: trunk/libsemanage/src/genhomedircon.c
===================================================================
--- trunk/libsemanage/src/genhomedircon.c 2007-09-28 19:12:52 UTC (rev 2628)
+++ trunk/libsemanage/src/genhomedircon.c 2007-10-05 13:39:39 UTC (rev 2629)
@@ -341,7 +341,7 @@
static Ustr *replace_all(const char *str, const replacement_pair_t * repl)
{
Ustr *retval = USTR_NULL;
- int i, num_replaced = 0;
+ int i;
if (!str || !repl)
goto done;
@@ -349,10 +349,10 @@
goto done;
for (i = 0; repl[i].search_for; i++) {
- num_replaced += ustr_replace_cstr(&retval, repl[i].search_for,
- repl[i].replace_with, 0);
+ ustr_replace_cstr(&retval, repl[i].search_for,
+ repl[i].replace_with, 0);
}
- if (!num_replaced)
+ if (ustr_enomem(retval))
ustr_sc_free(&retval);
done:
Modified: trunk/libsemanage/src/utilities.c
===================================================================
--- trunk/libsemanage/src/utilities.c 2007-09-28 19:12:52 UTC (rev 2628)
+++ trunk/libsemanage/src/utilities.c 2007-10-05 13:39:39 UTC (rev 2629)
@@ -60,22 +60,14 @@
int semanage_is_prefix(const char *str, const char *prefix)
{
- int retval;
- Ustr *ustr = USTR_NULL;
-
if (!str) {
return FALSE;
}
if (!prefix) {
return TRUE;
}
- if (!(ustr = ustr_dup_cstr(str))) {
- return FALSE;
- }
- retval = (ustr_srch_cstr_fwd(ustr, 0, prefix) == 1);
- ustr_sc_free(&ustr);
- return retval;
+ return strncmp(str, prefix, strlen(prefix)) == 0;
}
char *semanage_split_on_space(const char *str)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-12-05 19:01:43
|
Revision: 2693
http://selinux.svn.sourceforge.net/selinux/?rev=2693&view=rev
Author: ssmalley
Date: 2007-12-05 09:39:30 -0800 (Wed, 05 Dec 2007)
Log Message:
-----------
Author: Daniel J Walsh
Email: dw...@re...
Subject: libsemanage patch
Date: Mon, 03 Dec 2007 15:49:44 -0500
genhomedircon includes the "\n" in /etc/shells so no shells in the
/etc/passwd match.
Rawhide Policy includes policy without a user_context_tpl
swig causes a doublefree if I don't allocate memory when specifying a
alternate store.
>> Isn't this going to cause problems if the last line in /etc/shells has
>> no newline?
>>
>> Instead of:
>> temp[strlen(temp)-1]=0;
>>
>> I would use:
>> temp[strcspn(temp, "\n")] = '\0';
>>
>> That will overwrite the first newline with a NUL or, if there is no
>> newline, the terminating NUL will be overwritten with another NUL, which
>> is harmless. It is a useful idiom...
>
> Given that getline() returns the length read (not to be confused with
> the buffer length), why not just:
> while ((len = getline(&temp, &buff_len, shells)) > 0) {
> if (temp[len-1] == '\n') temp[len-1] = 0;
>
Second try
Modified Paths:
--------------
trunk/libsemanage/src/genhomedircon.c
trunk/libsemanage/src/handle.c
Modified: trunk/libsemanage/src/genhomedircon.c
===================================================================
--- trunk/libsemanage/src/genhomedircon.c 2007-11-29 16:15:26 UTC (rev 2692)
+++ trunk/libsemanage/src/genhomedircon.c 2007-12-05 17:39:30 UTC (rev 2693)
@@ -130,11 +130,13 @@
char *temp = NULL;
semanage_list_t *list = NULL;
size_t buff_len = 0;
+ ssize_t len;
shells = fopen(PATH_SHELLS_FILE, "r");
if (!shells)
return default_shell_list();
- while (getline(&temp, &buff_len, shells) >= 0) {
+ while ((len = getline(&temp, &buff_len, shells)) > 0) {
+ if (temp[len-1] == '\n') temp[len-1] = 0;
if (strcmp(temp, PATH_NOLOGIN_SHELL)) {
if (semanage_list_push(&list, temp)) {
free(temp);
@@ -790,7 +792,7 @@
homedir_context_tpl = make_template(s, &HOME_DIR_PRED);
homeroot_context_tpl = make_template(s, &HOME_ROOT_PRED);
user_context_tpl = make_template(s, &USER_CONTEXT_PRED);
- if (!homedir_context_tpl || !homeroot_context_tpl || !user_context_tpl) {
+ if (!homedir_context_tpl || !homeroot_context_tpl) {
retval = STATUS_ERR;
goto done;
}
@@ -828,16 +830,18 @@
ustr_sc_free(&temp);
}
- if (write_user_context(s, out, user_context_tpl,
- ".*", s->fallback_user,
- s->fallback_user_prefix) != STATUS_SUCCESS) {
- retval = STATUS_ERR;
- goto done;
- }
+ if (user_context_tpl) {
+ if (write_user_context(s, out, user_context_tpl,
+ ".*", s->fallback_user,
+ s->fallback_user_prefix) != STATUS_SUCCESS) {
+ retval = STATUS_ERR;
+ goto done;
+ }
- if (write_gen_home_dir_context(s, out, user_context_tpl,
- homedir_context_tpl) != STATUS_SUCCESS) {
- retval = STATUS_ERR;
+ if (write_gen_home_dir_context(s, out, user_context_tpl,
+ homedir_context_tpl) != STATUS_SUCCESS) {
+ retval = STATUS_ERR;
+ }
}
done:
Modified: trunk/libsemanage/src/handle.c
===================================================================
--- trunk/libsemanage/src/handle.c 2007-11-29 16:15:26 UTC (rev 2692)
+++ trunk/libsemanage/src/handle.c 2007-12-05 17:39:30 UTC (rev 2693)
@@ -27,6 +27,7 @@
#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
+#include <string.h>
#include <sys/time.h>
#include "direct_api.h"
@@ -131,7 +132,8 @@
/* This just sets the storename to what the user requests, no
verification of existance will be done until connect */
- sh->conf->store_path = storename;
+ sh->conf->store_path = strdup(storename);
+ assert(sh->conf->store_path); /* no way to return failure */
sh->conf->store_type = storetype;
return;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X