| ef1637b55c27d818b9d7c7b09221f5d20258248a |
23-Apr-2015 |
Steve Lawrence <slawrence@tresys.com> |
Update libsemanage ChangeLog
hangeLog
|
| f5c226810dded166fc996afa4bdaf03958e39e18 |
22-Apr-2015 |
Jason Zaman <jason@perfinion.com> |
libsemanage: do not copy contexts in semanage_migrate_store
The modules from the old store were previously copied to the new one
using setfscreatecon and shutil.copy2(). Now that refpolicy has rules
about the new policy location[1], copying the contexts is redundant.
More importantly, the setcreatefscon caused a constraint violation[2]
which made the migration fail. In python3, shutil.copy2() copies xattrs
as well which again causes problems. shutil.copy() is enough for our
needs here as it will copy the file and permissions in both py2 and 3.
We do not need the extra things that copy2() does (mtime, xattr, etc).
[1] http://oss.tresys.com/pipermail/refpolicy/2014-December/007511.html
[2]
type=AVC msg=audit(1429438272.872:1869): avc: denied { create } for pid=28739 comm="semanage_migrat" name="strict" scontext=staff_u:sysadm_r:semanage_t tcontext=system_u:object_r:semanage_store_t tclass=dir permissive=0
constrain dir { create relabelfrom relabelto } ((u1 == u2 -Fail-) or (t1 == can_change_object_identity -Fail-) ); Constraint DENIED
allow semanage_t semanage_store_t:dir create;
Signed-off-by: Jason Zaman <jason@perfinion.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
Changes from v1:
- Changed some methods to not take a src param anymore.
tils/semanage_migrate_store
|
| de4f82bb7ffb593b27952fcbed2a332d3bd5597b |
21-Apr-2015 |
Steve Lawrence <slawrence@tresys.com> |
Move ChangeLog entry to the correct project
hangeLog
|
| 6f79e5ed9e5904ec2540045a1ccfb290bc92ac91 |
21-Apr-2015 |
Steve Lawrence <slawrence@tresys.com> |
Update libselinux ChangeLog
hangeLog
|
| 072bb765a1cb6960d99bc06b01228a55f380d4fe |
19-Mar-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update libsemanage ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
|
| a4e290e425a6e528111df6281c8ddbbd83d70640 |
19-Mar-2015 |
Thomas Hurd <thurd@tresys.com> |
libsemanage: Fix logic in bunzip for uncompressed pp files
Unconditionally check the magic number before BZ2_bzReadOpen()
instead of only when bzip_blocksize=0, since it falls through.
That way if the file is not compressed it will return immediately
and map_file can mmap it. If the file is compressed then it will
go through the BZ2 functions and any errors will be reported correctly.
This fixes 0afd5de5c1edb4de2cc5e0e2e2e89551c90534fc so that a bz2 error
isn't reported when a uncompressed pp is installed successfully.
Signed-off-by: Thomas Hurd <thurd@tresys.com>
rc/direct_api.c
|
| 3057bcf6a012fff3ef86e05e6f5065138898d649 |
18-Mar-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
|
| b6d5805c7ad4bfa6d0544a21084e8ec1a47d7391 |
16-Mar-2015 |
Petr Lautrbach <plautrba@redhat.com> |
libsemanage: fix fname[] initialization in test_utilities.c
There's no guaranty that last item in "char fname[]" will be a null character.
Fixes segfault on some systems:
Test: semanage_nc_sort ...passedtest_semanage_findval: : Invalid argument
libsemanage-tests: TestRun.c:160: CU_assertImplementation: Assertion `((void *)0) != f_pCurTest' failed.
make[1]: *** [test] Aborted (core dumped)
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
ests/test_utilities.c
|
| 8a9978727d6561e57aca269d38aae26ad9485850 |
18-Feb-2015 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: use the new CIL API
- Do not pass in the policydb where not necessary
- Tell CIL what policy version and target platform to use when building
the policydb
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/direct_api.c
|
| 13d502d5f1f97a37bdebbda32fb98bfe4d8b1ae2 |
27-Feb-2015 |
Steve Lawrence <slawrence@tresys.com> |
Update libsemanage ChangeLog
hangeLog
|
| 432077b4dda7baa15b6daa1458759e674d398fa3 |
26-Feb-2015 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: Fix memory leaks when parsing semanage.conf
- Free args as they are parsed and strdup args when neccessary. Memory used for
lex initialization is now freed using yylex_destroy().
- Add noyywrap option to flex. This is the correct way to make the scanner
not call yywrap upon an end of file. Before, we were overriding the
function and returning 1.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/conf-parse.y
rc/conf-scan.l
|
| 057197c69aaa36cf28694517151479de8ebb3c4c |
26-Feb-2015 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: Add option to remove HLL files after compilation
This adds a 'remove-hll' option to semanage.conf. If set to 'true', all
HLL files will be removed from the SELinux store after successfully
buildling the SELinux modules. The default for this option is 'false'.
In order to delete already compiled HLL files, the modules need to be
recompiled with the ignore-module-cache option.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
an/man5/semanage.conf.5
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/semanage_conf.h
|
| 65ed2793227a98978aab4d90f44b4fbaa6d48ddf |
26-Feb-2015 |
Steve Lawrence <slawrence@tresys.com> |
Update libsemanage ChangeLog
hangeLog
|
| 0afd5de5c1edb4de2cc5e0e2e2e89551c90534fc |
26-Feb-2015 |
Thomas Hurd <thurd@tresys.com> |
libsemanage: Change bunzip to use heap instead of stack for buffer.
Fixes segfault on systems with less than 256K stack size.
After change, I was able to run semodule -l with a 32K stack size.
Additionally, fix potential memory leak on realloc failure.
Signed-off-by: Thomas Hurd <thurd@tresys.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/direct_api.c
|
| f0c9966f881211dcde89cfcad93f0360a71f959a |
02-Feb-2015 |
Steve Lawrence <slawrence@tresys.com> |
Bump to final release
hangeLog
ERSION
|
| 823ebc8c6b89cb6531fcd943ddb8059bd8743dd9 |
02-Dec-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump to release candidate 7
hangeLog
ERSION
|
| f21b2e138ca576de280716e9fed5ac75efd0acf4 |
02-Dec-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: ensure migrated files have the correct types
All files in /var/lib/selinux/ are now labeled the same as those in
/etc/selinux/<store>/modules/active, which in refpolicy is semanage_store_t.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Reviewed-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
tils/semanage_migrate_store
|
| b817a523c4ae852c911d3d8a18fafbaca44f1165 |
24-Nov-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: close hll file descriptors
Stops leaking of file descriptors to things like load_policy and
setfiles.
Reported-by: Sven Vermeulen <sven.vermeulen@siphos.be>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Reviewed-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
rc/direct_api.c
|
| 877acdb31ff4261f0fcd03a8fb9ada76703802f3 |
19-Nov-2014 |
Jason Zaman <jason@perfinion.com> |
semanage_migrate_store: Python3 support
Mainly used the 2to3 conversion tool. Also added in a __future__
import so that the script continues to work on Python 2.
Tested on 2.7, 3.3, 3.4. Should work on 2.6 too but untested.
Signed-off-by: Jason Zaman <jason@perfinion.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
tils/semanage_migrate_store
|
| 07e75a9cc711b46e4c691defbb570624d2c5b2d7 |
12-Nov-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump to release candidate 6
hangeLog
ERSION
|
| d1db56c52bf35039f37e809ae74052c484158874 |
29-Oct-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump to release candidate 5
hangeLog
ERSION
|
| dee40ec1f878b770eb346c7c4f494ea47577a3ac |
20-Oct-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: install to LIBDIR instead of SHLIBDIR
The libsemanage Makefile currently installs libsemanage.so.1 into
SHLIBDIR, but links libsemanage.so to libsemanage.so.1 in LIBDIR. This
means things will only work if SHLIBDIR and LIBDIR are the same.
Fortunately, by default, they are the same because the default of
SHLIBDIR is set to PREFIX/lib (same as LIBDIR default) instead of the
standard DESTDIR/lib. Unfortunately, if a user overrides SHLIBDIR, by
doing something like the following:
make DESTDIR=~/tmp/ LIBDIR=~/tmp/usr/lib SHLIBDIR=~/tmp/lib install
then a broken symlink is created. Note that in some cases this may still
work even when SHLIBDIR and LIBDIR are not the same, e.g.:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install
But this only works because, in systems like Fedora, /lib is a symlink
to /usr/lib, so SHLIBDIR and LIBDIR are the same even though it doesn't
immediately look like it.
This patch changes the libsemanage Makefile to set the default value of
SHLIBDIR to the standard DESTDIR/lib to prevent confusion, and installs
libsemanage to LIBDIR and completely ignores SHLIBDIR.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/Makefile
|
| 6280387034812da544cd8b13dbdc91078af7d731 |
06-Oct-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump to release candidate 4
hangeLog
ERSION
|
| ff5bbe6dcf79fc074b1379bed5cc5fdb32ede8aa |
01-Oct-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump VERSION/ChangeLog for release candidate 3
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
hangeLog
ERSION
|
| c4a4a1a7ed42c167a7d4bae06a1fffa8c6c9cb8d |
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
Fix gcc -Wstrict-prototypes warnings
In C, defining a function with () means "any number of parameters", not
"no parameter". Use (void) instead where applicable and add unused
parameters when needed.
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/conf-parse.y
|
| b8b0d7fa8ad38104ec017fd2b4d41bc5e4845f3c |
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: fix gcc -Wwrite-strings warnings
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/conf-parse.y
rc/utilities.c
rc/utilities.h
|
| 81f17737e76aad8eada653b23f00e2f288fa679c |
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: constify name and ext_lang parameters of semanage_module_install_hll
This fixes a warning from "gcc -Wwrite-strings", when
semanage_module_install_hll is called with "pp" as last parameter.
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/direct_api.c
rc/modules.c
rc/modules.h
rc/policy.h
|
| 9a6091479d04c4b8ee45c36c527abbd0310a88f9 |
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: Fix use of unitialized variable
"gcc -O2 -Wall -Werror" fails to compile seusers_local.c:
seusers_local.c: In function 'semanage_seuser_modify_local':
seusers_local.c:122:6: error: 'rc' may be used uninitialized in this
function [-Werror=maybe-uninitialized]
It seems rc is not initialized when the call to semanage_seuser_clone
fails in semanage_seuser_modify_local.
Acked-by: Steve Lawrence <slawrence@tresys.com>
rc/seusers_local.c
|
| 213c3189d058ca512ff92552414f6ece1c5362e2 |
27-Aug-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump versions for r2
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
hangeLog
ERSION
|
| 8f9d3a7c95249116473b8d9d56f0a040e231a83c |
26-Aug-2014 |
Steve Lawrence <slawrence@tresys.com> |
Fix typos in ChangeLog and Versions
hangeLog
|
| 79fd2d06abf2e6e4e566e5fc57ae7a44e0b5dc7e |
26-Aug-2014 |
Steve Lawrence <slawrence@tresys.com> |
Bump versions and update ChangeLog
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
hangeLog
ERSION
|
| 5e75b96e91534ae37405e1e417f4627f1e47d5c2 |
03-Apr-2014 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: add the ability to set an alternative root path for store
Allow an alternative selinux store root path to be used. The option
can be set in semanage.conf as store_root. If no option is provided, the
default path for the store_root is "/var/lib/selinux".
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
nclude/semanage/handle.h
an/man5/semanage.conf.5
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/handle.c
rc/libsemanage.map
rc/semanage_conf.h
rc/semanage_store.c
rc/semanage_store.h
|
| cae4a4c951aa19b2717254d76deeb986af466238 |
07-Feb-2014 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: add support for HLL to CIL compilers
An HLL to CIL compiler must exist in the compiler_directory path which
is configubrable in semanage.conf. By default, this path is
/usr/libexec/selinux/hll/. The compiler name needs to match the HLL
language extension. For example, for pp files,
/usr/libexec/selinux/hll/pp must exist.
The HLL infrastructure uncompresses the HLL module and pipes the data to
the appropriate CIL compiler. The output CIL from the compiler is read
from another pipe, compressed, and saved to the module store as a cached
CIL file. This file will be used on all subsequent policy builds, unless
a new module is installed with the same name at the same priority, at
which point the cache is deleted and is subsequently rebuilt and cached.
A new option is added to semanage.conf, ignore_cache, which if set to
true will cause the cached CIL files to be ignored and all HLL files to
be recompiled and the resulting CIL to be recached.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
nclude/semanage/handle.h
an/man5/semanage.conf.5
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/handle.c
rc/libsemanage.map
rc/modules.c
rc/semanage_conf.h
rc/semanage_store.c
rc/semanage_store.h
|
| 6d4e8591a336bb63ac406c7570d056fc92a5b826 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: semanage store migration script
We created a migration script to ease the burden of transition from the
old libsemanage store layout to the new. The script will detect all the
stores in /etc/selinux using the old layout and convert them to the new
layout in /var/lib/selinux. It also allows you to specify the default
priority to use with -p and store to operate on with -s. After migration
the script by default will leave the old store unchanged, but can be
told to remove the old modules directory with -c. Reloading policy post
migration can be disabled with the -n option.
Examples:
semanage_migrate_store
Migrating from /etc/selinux/targeted/modules/active to /var/lib/selinux/targeted/active
Attempting to rebuild policy from /var/lib/selinux
semanage_migrate_store -s targeted
Migrating from /etc/selinux/targeted/modules/active to /var/lib/selinux/targeted/active
Attempting to rebuild policy from /var/lib/selinux
semanage_migrate_store -p 150
Migrating from /etc/selinux/targeted/modules/active to /var/lib/selinux/targeted/active
Attempting to rebuild policy from /var/lib/selinux
Signed-off-by: Chad Sellers <csellers@tresys.com>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
akefile
tils/Makefile
tils/semanage_migrate_store
|
| ddaa6e6ecac1f0e99905b143c1c25178fe344d7f |
17-Nov-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: use libcil for compiling modules
Also finally removes the concept of a "base" module and special "_base" handling.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/direct_api.c
rc/modules.c
rc/semanage_store.c
rc/semanage_store.h
|
| d5bcc2285f7a4a739f1b38eeb66d345c3427b1b3 |
14-Oct-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: update install functions to support CIL
With CIL, the filename and language extension are no longer stored in
the modules themselves like with pp files. So parse this information
from the filename when given a file to install, and require the
information be passed when just data. Symbolic versioning is used to
maintain ABI compatability with the old install functions. API
compatability is not maintained.
Also, remove version from the module info struct and the
semanage_module_info_{get,set}_version functions. These functions have
not been part of an official release, so removing them without providing
ABI/API compatability should not break anything.
Because versioning is removed, semanage_module_upgrade can no longer
perform the necessary checks to ensure an old module is not overriding
a newer module. So, this just remove the upgrade functions from the API.
Functions are added to maintain ABI compatability, which call the
install functions.
Also, CIL has no concept of a base module, so remove the notion of a
base module, including the API functions semanage_module_base_install
and related functions. To maintain ABI compatability, functions are
added which call the new install functions, thus treating base modules
as if they are normal modules.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
nclude/semanage/modules.h
rc/direct_api.c
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
rc/modules.h
rc/policy.h
rc/pywrap-test.py
rc/semanage_store.c
rc/semanageswig_python.i
|
| c654ca1cf4e872e5d84bcd3fe7168e7f5f5400df |
13-Oct-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: add target-platform option to semanage.conf
The target platform used to come from the base module. However, CIL has
no concept of a base module or a target platform. This adds an option to
semanage.conf (target-platform) to control how policies should be built.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
an/man5/semanage.conf.5
rc/conf-parse.y
rc/conf-scan.l
rc/semanage.conf
rc/semanage_conf.h
|
| 8da5b141e37fe2115d0a06c9a15965a0b8adf62a |
10-Nov-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: rewrite semanage_direct_list to not assume binary modular policies
Rather than getting the list of pp modules and parsing their headers to get
the name, use the new source policy functions to get the necessary
information from the module store.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/direct_api.c
rc/semanage_store.c
rc/semanage_store.h
|
| c35678eb6dd8ba0ad289617a359ab080a6dc03d8 |
22-Nov-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: add back support for semange_set_root using the new source policy infrastructure
Removed in commits:
- Revert "libsemanage: introduce semanage_set_root and friends"
- Revert "libsemanage: Alternate path for semanage.conf"
- Revert "libsemanage: Use default semanage.conf as a fallback"
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
nclude/semanage/handle.h
an/man3/semanage_set_root.3
an/man5/semanage.conf.5
rc/handle.c
rc/handle_internal.h
rc/libsemanage.map
rc/semanage_store.c
rc/semanage_store.h
|
| 9fbc6d14418f4d817cc6f3f4aa8c4288753f7d39 |
13-Jun-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: add back original module enable/disable functions for ABI compatability
This uses symbolic versioning to maintain ABI compatability with the old
versions of semanage_module_get_enabled. Also to maintain ABI, the functions
semanage_module_{enable,disable} are added back and modified to call the
new semanage_module_set_enabled function.
Removed in commits:
- Revert "Last attempt at upstreaming semodule_disable patch."
- Revert "fixes to commit 847d27b8385ce77ac71df8aa58a2d298b33d1ea4"
- Revert "libsemanage: change module disabled from rename to symlink"
- Revert "libsemanage: Cleanup/fix enable/disable/remove module."
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
|
| 1875c85d5bafc42bfa39d1d9fbe7be2fc0a4e133 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: add functions to public api
include/semanage/handle.h
* Exports the handle get/set default priority functions.
include/semanage/module.h
* Exports the module info management functions.
* Exports the get/set enabled status functions.
* Exports the module key management functions.
* Exports the module install, upgrade, remove info/key functions.
include/semanage/semanage.h
This patch includes the modifications to the map file for exporting the
necessary functions.
Examples:
/* changing the default priority for a distro install */
semanage_set_default_priority(sh, 100);
/* creating module meta data */
semanage_module_info_t *modinfo = NULL;
semanage_module_info_create(sh, &modinfo);
/* filling in that data */
semanage_module_info_set_priority(
sh,
modinfo,
semanage_get_default_priority(sh));
semanage_module_info_set_name(
sh,
modinfo,
"mymodule");
semanage_module_info_set_version(
sh,
modinfo,
"0.1.2");
semanage_module_info_set_lang_ext(
sh,
modinfo,
"pp");
semanage_module_info_set_enabled(
sh,
modinfo,
-1); /* Sets enabled to default:
* If the module was already enabled/disabled
* then it will remain so after install.
* If it wasn't, then it will be enabled.
*/
/* install the module */
semanage_module_install_info(sh, modinfo, data, data_len);
/* cleanup modinfo */
semanage_module_info_destroy(sh, modinfo);
/* create a key for retrieving a module's meta data */
semanage_module_key_t *modkey = NULL;
semanage_module_key_create(sh, &modkey);
/* Only set the module name, this will find the highest
* priority module of that name.
*/
semanage_module_key_set_name(sh, modkey, "mymodule");
/* get the newly installed module */
semanage_module_get_module_info(sh, modkey, &modinfo);
/* get the priority of the module found */
uint16_t priority = 0;
semanage_module_info_get_priority(sh, modinfo, &priority);
/* set the priority in the key to the one found */
semanage_module_key_set_priority(sh, modkey, priority);
/* remove the highest priority module with the name "mymodule" */
semanage_module_remove_key(sh, modkey);
/* print all the modules installed */
semanage_module_info_t *modinfos = NULL;
int modinfos_len = 0;
semanage_module_list_all(sh, &modinfos, &modinfos_len);
char *name = NULL;
int i = 0;
for (i = 0; i < modinfos_len; i++) {
semanage_module_info_get_priority(
sh,
semanage_module_list_nth(modinfos, i),
&priority);
semanage_module_info_get_name(
sh,
semanage_module_list_nth(modinfos, i),
&name);
printf("%d\t%s\n", priority, name);
}
Signed-off-by: Chad Sellers <csellers@tresys.com>
nclude/semanage/handle.h
nclude/semanage/modules.h
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
rc/modules.h
rc/semanageswig_python.i
|
| bb5121efbde783ed8216a17cfc0cb23b47e7874f |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: installing/removing modules via info and key
These functions install/remove modules based on the module
info/key. The motivation for these interfaces is to provide the
additional information about a module (version, language, and enabled
status) at install time and also to separate the meta-data in
preparation for supporting source policies.
This patch combines the implementations of all the
install/remove functions to use the
semanage_direct_install_info and semanage_direct_remove_key functions.
The motivation here is to reduce the amount of duplicate installation code
(for example, semanage_direct_install and semanage_direct_install_file have
separate but similar implementations).
With this patch the transition from the old store layout to the new one
is finished. This is accomplished mostly through the modification of
install functions and semanage_get_modules_names.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/direct_api.c
rc/modules.c
rc/modules.h
rc/policy.h
rc/semanage_store.c
rc/semanage_store.h
|
| f2c4e796af114de7c2776a7070b01687b416b7c7 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: provide function to get new base module path
The base module is being moved in with the other modules so that it can
benefit from the priority framework. This patch provides a utility
function for getting the highest priority base module path.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/semanage_store.c
rc/semanage_store.h
|
| d4048fa52268183cdd9a874e1178e17b25338765 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: get/set module info and enabled status
This provides the functions for enabling/disabling modules via a
semanage_module_key_t and getting/setting module info.
Enabled/disabled status is indicated by the presence of an empty file in
the disabled directory:
/var/lib/selinux/<policy type>/disabled/<module name>
The presence of a file there indicates that the module is disabled at
all priorities. Enable/disabling of modules is done across all
priorities simultaneously to avoid confusion that would likely arise
from per priority settings.
semanage_module_get_module_info gathers up the on disk information about
a module indicated by the module key and puts the information into
module info. In order to facilitate an easy mechanism for getting the
highest priority module of a given name, the key's priority value may
be 0 and the highest priority module with the given name will be located.
semanage_direct_set_module_info is a helper function that writes module
info to disk. The unused attribute is used to suppress warnings for
compilation and is removed in the module install patch later in the
series.
semanage_module_list_all behaves similar to semanage_module_list except
it returns all modules at all priorities. semanage_module_list will only
include the highest priority, enabled, non-base modules (this is its
current behavior). See the module install patch later in the series for
the modified semanage_module_list.
Adds a helper function for creating a directory if it doesn't already
exist (used to automatically create the disabled, priority, and module
dirs).
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/direct_api.c
rc/modules.c
rc/modules.h
rc/policy.h
|
| d220f4910f2a7a765f7b3057606ed17689849782 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: augment semanage_module_info_t and provide semanage_module_key_t
Adds priority, language ext, and enabled fields to
semanage_module_info_t.
Adds get/set functions for all semanage_module_info_t/key_t fields. This
is necessary so that semanage_module_info_t/key_t can be used in the
specifing meta data on source policies.
Adds create, destroy, and init functions for semanage_module_info_t and
semanage_module_key_t. Create initializes and allocates, destroy
deallocates fields (but not struct), and init initializes fields.
Provide several utility functions for converting a string priority to a
uint16_t and validating fields.
Adds semanage_module_get_path for getting module specific file paths.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/modules.c
rc/modules.h
|
| 73430e5542dc3f22eee54a41ad54318ad14d1cab |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: add default priority to semanage_handle_t
For backwards compatiblity purposes we need to provide a default
priority that the current set of module install/upgrade/remove functions
can use.
The default priority is 400.
Adds semanage_module_validate_priority so that it can be used to verify
the given priority. See next patch for other validation functions.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/handle.c
rc/handle.h
rc/modules.c
rc/modules.h
|
| e57389343a2da3fa06090fc29fd7c741d17cc964 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: update unit tests for move to /var/lib/selinux
This updates the unit tests to accommodate the change in layout (no top
level 'modules' directory).
Signed-off-by: Chad Sellers <csellers@tresys.com>
ests/test_semanage_store.c
|
| e37fa2f63be89afab9b5f5ddfedbd589d0676c4e |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: split final files into /var/lib/selinux/tmp
This patch moves the final files from inside
/var/lib/selinux/<store>/[active|previous|tmp] to
/var/lib/selinux/tmp/<store>. The move is done to facilitate using
source control management on the /var/lib/selinux/<store> directory. If
these files remain in /var/lib/selinux/<store> they will pose a size
problem if an SCM like git is used as we'd be storing lots of binary
diffs. We are suggesting making this change now, rather than later when
source policy, SCM, and CIL[1] support are available, to ease the
migration burden.
These are the files that have been moved:
/var/lib/selinux/<store>/active/... /var/lib/selinux/tmp/<store>/...
file_contexts contexts/files/file_contexts
file_contexts.homedirs contexts/files/file_contexts.homedirs
file_contexts.local contexts/files/file_contexts.local
netfilter_contexts contexts/netfilter_contexts
policy.kern policy/policy.<policyversion>
seusers.final seusers
The layout of these files in /var/lib/selinux/tmp/<store> is designed to
mirror their locations in /etc/selinux/<store>. This should help clarify
the relationship between these final files and the files installed in
etc.
One consequence of this move is that reverting to the previous policy
version requires a policy rebuild. Currently you can revert without
rebuilding.
[1] CIL RFC: http://marc.info/?l=selinux&m=124759244409438&w=2
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/boolean_internal.h
rc/booleans_file.c
rc/booleans_policydb.c
rc/database_file.c
rc/database_file.h
rc/database_policydb.c
rc/database_policydb.h
rc/direct_api.c
rc/fcontext_internal.h
rc/fcontexts_file.c
rc/genhomedircon.c
rc/iface_internal.h
rc/interfaces_file.c
rc/interfaces_policydb.c
rc/node_internal.h
rc/nodes_file.c
rc/nodes_policydb.c
rc/port_internal.h
rc/ports_file.c
rc/ports_policydb.c
rc/semanage_store.c
rc/semanage_store.h
rc/seuser_internal.h
rc/seusers_file.c
rc/user_internal.h
rc/users_base_file.c
rc/users_base_policydb.c
rc/users_extra_file.c
|
| aea047c76904a907c0acb15ab4a6399ffe32dd63 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: move the module store to /var/lib/selinux
This patch moves the module store from /etc/selinux/<store>/modules to
/var/lib/selinux/<store>.
This move will allow for the use of a read-only /etc/selinux. Currently
that is not possible with semanage because of the lock files.
A consequence of this move is that packagers of libsemanage should
create the /var/lib/selinux directory.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/direct_api.c
rc/semanage_store.c
rc/semanage_store.h
|
| 844810d9ace7a13257b7bf715d9d6acd7131e741 |
27-Sep-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: introduce semanage_set_root and friends"
This reverts commit 9cd587f5533456e7b26601e27e65744272e2e783.
Conflicts:
libsemanage/include/semanage/handle.h
nclude/semanage/handle.h
an/man3/semanage_set_root.3
rc/conf-parse.y
rc/direct_api.c
rc/handle.c
rc/handle_internal.h
rc/libsemanage.map
rc/semanage_store.c
|
| 30a2df81eb8a03f1414b30d7a9783d378d08c53d |
27-Sep-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "Last attempt at upstreaming semodule_disable patch."
This reverts commit 654dcb897e49908a958dae55cf29793412c4b390.
Conflicts:
policycoreutils/semodule/semodule.c
nclude/semanage/modules.h
rc/direct_api.c
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
rc/modules.h
rc/policy.h
rc/semanage_store.c
rc/semanage_store.h
|
| 147c0ec85821cd4be43afd07c57c9d53b52bbf5a |
27-Sep-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "fixes to commit 847d27b8385ce77ac71df8aa58a2d298b33d1ea4"
This reverts commit c1323f22c7ad93b975eb8b6a251b893bc88f240f.
rc/direct_api.c
rc/semanage_store.h
|
| 7475f818693f9153d6fb412cd0cd76804be592b7 |
27-Sep-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: change module disabled from rename to symlink"
This reverts commit 60c780ffb6e7a48a2121e871ad20471a8fe0337d.
rc/direct_api.c
rc/semanage_store.c
rc/semanage_store.h
|
| 07e1c247cff83a084e9e39ba33ee1571e2c37e92 |
01-Aug-2013 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: Alternate path for semanage.conf"
This reverts commit 66dd98b83a519840a26be7fa5644c982524f3bf7.
rc/handle.c
rc/handle.h
rc/semanage_store.c
rc/semanage_store.h
|
| b5fe34deba6b97dd0692e941b4d69cd6ee04acd7 |
01-Aug-2013 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: Use default semanage.conf as a fallback"
This reverts commit 4120df1c6ea85aa56ed602e46a4030d9e4e45ee6.
rc/handle.c
|
| f43e4eba2477ce8fd066b2a808c8e2f8a79dc0af |
01-Aug-2013 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: Cleanup/fix enable/disable/remove module."
This reverts commit c9b09be4244f3c90cee19d9e3feca324f0e0e636.
rc/direct_api.c
rc/semanage_store.c
|
| 8b6d00ba72c0328f974396bb17e5659d98b93225 |
04-Apr-2014 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: fix memory leak when setting a custom store_path
A strdup was setting store_path without freeing the original
value in the semanage conf.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
rc/handle.c
|
| fa095ad7a1c412de36d6f18cf4143f88182918ba |
20-May-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: only try to compile file contexts if they exist
It is not a requirement that all file context files exists (e.g.
file_contexts.local is not mandatory). However, sefcontext_compile is
executed for all file contexts files regardless of existance, which
results in an error when they do not exist and causes policy load to
fail. This modifies libsemanage so that sefcontext_compile is only
executed on file contexts that do exist.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/semanage_store.c
|
| c74516b5a3e7f5340c947fd151edc51624d59bb2 |
24-Dec-2009 |
Caleb Case <ccase@tresys.com> |
libsemanage: fix typo in tests makefile -o -> -O
Fixed typo in the tests Makefile where '-o' should have been '-O'.
Signed-off-by: Chad Sellers <csellers@tresys.com>
ests/Makefile
|
| 52623801c4c614940b3005c30997d6ae78228beb |
25-Aug-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: fix deprecation warning for bison
The %name-prefix="foo" syntax was deprecated in bison 2.3b [1], which
was released in 2006. This patches fixes the syntax to use the newer
syntax. This breaks support for older versions of bison.
[1] http://lists.gnu.org/archive/html/help-bison/2009-10/msg00018.html
Reported-by: Ilya Frolov <ilya.a.frolov@gmail.com>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
rc/conf-parse.y
|
| e5aaa01f81afa278cce79bd59ebfdb80a32e4e5a |
25-Jul-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Skip policy module re-link when only setting booleans.
Since booleans are only set, not added/removed, we do not need to re-link
modules when setting them. We can instead just take the existing binary
policy and mutate it for the new values.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
rc/direct_api.c
|
| 2eba8aa1f57bda20cbfe435844b400d2deccba37 |
14-Jun-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: use semanage_bool_get_value to print a boolean
... and not semanage_bool_set_value.
This fixes "python2 pywrap-test.py -v -B -C"
rc/pywrap-test.py
|
| 49c738fc93ad917ed6e363f0c357074402ae1b60 |
14-Jun-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: fix src/pywrap-test.py -v -F
Running "libsemanage/src/pywrap-test.py -v -F" gives following error:
Traceback (most recent call last):
File "pywrap-test.py", line 1139, in <module>
sys.exit(main())
File "pywrap-test.py", line 1121, in main
tests.run(sh)
File "pywrap-test.py", line 107, in run
self.test_writefcontext(handle)
File "pywrap-test.py", line 622, in test_writefcontext
if self.verbose: print "SEFContext type set: ", semanage.semanage_fcontext_get_type_str(fcon)
TypeError: in method 'semanage_fcontext_get_type_str', argument 1 of type 'int'
The argument of semanage_fcontext_get_type_str is the type recorded in
fcon and not fcon itself. This type can be retrieved with
semanage_fcontext_get_type.
rc/pywrap-test.py
|
| 1e6482134b9dc2e4480a1cecaf1d366c9d42b0e7 |
06-May-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Bump version and update ChangeLog for release.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
ERSION
|
| fb5d2a5beab682bb83ad1cc9b5af708da8f0e613 |
31-Mar-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update ChangeLog and VERSION for rc1.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
ERSION
|
| 6263ad719c6c75a88dc6eee8e3973ba0ade36c98 |
28-Mar-2014 |
Thomas Hurd <thurd@tresys.com> |
libsemanage: fix memory leak in semanage_genhomedircon
rc/genhomedircon.c
|
| 7c4bb77999e6fab77547feb404a032ecc917e1b6 |
30-Oct-2013 |
Stephen Smalley <sds@tycho.nsa.gov> |
Version bump for release.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
ERSION
|
| 9792099fd7847266377df151e7738f9b38ffc18d |
20-May-2013 |
Laurent Bigonville <bigon@bigon.be> |
Properly build the swig exception file even if the headers are missing
During build if the headers are not installed in the system path, the
generated swig exception (.i) file might be empty.
rc/exception.sh
|
| a08010023b9fe66e8df5c187a53d93bfb0f2b939 |
25-Oct-2013 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update ChangeLogs and bump VERSIONs to an intermediate value.
2.1.99 is just a placeholder to distinguish it from the prior release.
2.2 will be the released version. Switching to 2-component versions.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
hangeLog
ERSION
|
| cfada081f412c1c81c1168118f80a9a515e43de4 |
24-Oct-2013 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage gained a dependency on libaudit.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
ests/Makefile
|
| 6f84cfd00ccd828cc87fae5ccbfd4cd5babad320 |
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
If you are pushing data onto the list that already exists, then return success.
Do not push the data in a second time.
rc/utilities.c
|
| 56d9d20a647a52146494f0aef4494cafe328dc5d |
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Pull auditing into libsemanage.
In the past we wrote audit into the semanage tool chain. But if a tool like useradd
called dirreclty into libsemanage we did not get auditing. Now useradd calls directly,
so we need this patch.
Another fix in this patch is to default the login mappings MLS to the selected SELinux User.
If a caller just specified the name staff_u, then the code will look up the range of staff_u
and apply it to the mapping.
rc/Makefile
rc/seusers_local.c
rc/users_local.c
|
| b14294c01f2848adcb3daaf6dfc74c671cb514e3 |
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Remove the policy.kern after policy is build and replace with symbolic link.
We want to shink the space required by selinux-policy for small cloud images.
This file has no purpose after policy is built.
rc/semanage_store.c
|
| 1fbb15eb11847f08188186784ab2bd444ab14707 |
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Add Laurent Bigonville fix to look at MAX_UID as well as MIN_UID in genhomedircon
rc/genhomedircon.c
|
| 2540b20096bed9a4f2581548ad37c3dae8654512 |
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Laurent Bigonville patch to fix various minor manpage issues and correct section numbering.
an/man3/semanage_bool_set_active.3
an/man3/semanage_count.3
an/man3/semanage_del.3
an/man3/semanage_exists.3
an/man3/semanage_iterate.3
an/man3/semanage_list.3
an/man3/semanage_modify.3
an/man3/semanage_query.3
an/man3/semanage_set_root.3
|
| 3f52a123af40bae33bde2a1f2ecfb2320b61f9ad |
06-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: fix segfault introduced to fix memory leak
In the patch to fix a minor memory leak, I introduced a garuanteed
segfault. The point to the stack variable will never be NULL, whereas
the value on the stack will be.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| e9410c9b0622c05761002994dfbd0746bbe6aaf7 |
01-Feb-2013 |
Eric Paris <eparis@redhat.com> |
VERSION BUMP FOR UPSTREAM PUSH
hangeLog
ERSION
|
| 295abb370b4a78d36d30a0e35655e2a85608ed3e |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: do not leak memory in semanage_exec_prog
If vork() failed we would leak the arguments created in split_args().
Reorder the function so it will hopefully be easy to read and will not
leak memory.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| d1c606ba46f661b950d6a6b2b29dfc07a536fb0a |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: genhomedircon: remove useless conditional in get_home_dirs
We have minuid_set = 0 at the top of the function and then do a test
like:
if (!minuid_set || something)
But since minuid_set is always 0, we always call this code. Get rid of
the pointless conditional.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/genhomedircon.c
|
| e1400f04044e8405419ee4534f8ff4f45c5d532a |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: genhomedircon: double free in get_home_dirs
Right before the call to semanage_list_sort() we do some cleanup.
Including endpwent(); free(rbuf); semanage_list_destroy(&shells); If
the call to the list sort fails we will go to fail: and will do those
cleanups a second time. Whoops. Do the list sort before the generic
cleanups so the failure code isn't run after the default cleanup.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/genhomedircon.c
|
| d0c7f6ea4f4c5bf9e1e21b67231e5b1a88020501 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: fcontext_record: do not leak on error in semanage_fcontext_key_create
If the strdup failed, we would return without freeing tmp_key. This is
obviously a memory leak. So free that if we are finished with it.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/fcontext_record.c
|
| 7d83d86ba10e2fc251a249df4745c6f339e9c523 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: genhomedircon: do not leak on failure in write_gen_home_dir_context
We generate a list of users, but we do not free that list on error.
Just keep popping and freeing them on error.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/genhomedircon.c
|
| 06f2a7c3a92f9f945504159d4657b318f7237db3 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: do not leak fd
We use creat to create the lock file needed later. But we never close
that fd, so it just sits around until the program exits. After we
create the file we don't need to hold onto the fd. close it.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| 5812ec2fbbb9e9244e31525737ea967c7a795252 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: genhomedircon: do not leak shells list
If get_home_dirs() was called without usepasswd we would generate the
entire shell list, but would never use that list. We would then not
free that list when we returned the homedir_list. Instead, do not
create the list of shells until after we know it will be used.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/genhomedircon.c
|
| 78d618422bbf8774edaeaa3df549c2d4d1b06dd1 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: do not leak on strdup failure
Inside split_args we do a = realloc(b) and strdup. If the realloc
succeeds and then the strdup fails, we return NULL to the caller. The
caller will then jump to an error code which will do a free(b). This is
fine if the realloc failed, but is a big problem if realloc worked. If
it worked b is now meaningless and a needs to be freed.
I change the function interface to return an error and to update "b"
from the caller.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| d16ebaace10b246f411d65caa83c7ebdafd0a300 |
05-Feb-2013 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: rewrite for readability
We did a bunch of:
if ((blah = function(a0, a1, a2)) == NULL) {
goto err;
} else {
something = blah;
}
Which takes 5 lines and is a pain to read. Instead:
blah = function(a0, a1, a2);
if (blah == NULL)
goto err;
something = blah;
Which takes 4 lines and is easier to read!
Winning!
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| 2276a2fa51517ead7f4cf028263dee4b5e2bb46a |
05-Dec-2012 |
Eric Paris <eparis@redhat.com> |
libsemanage: fixes from coverity
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/database_llist.c
rc/database_policydb.c
rc/debug.c
rc/semanage_store.c
|
| 6064f9672cbd805a9c51b60414f3711a499c45aa |
05-Dec-2012 |
Eric Paris <eparis@redhat.com> |
libsemange: redo genhomedircon minuid
Just a little less code. No real change.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/genhomedircon.c
|
| c9b09be4244f3c90cee19d9e3feca324f0e0e636 |
21-Nov-2012 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: Cleanup/fix enable/disable/remove module.
If you specified a portion of the module name the code would disable the module rather
then giving you an error. For example.
semodule -d http
Would disable the httpd module.
As a matter of fact
semodule -r h
Would disable the first module file name that began with h.
This patch gets the real file name out of the modules and compares it to the name specified.
It also consolodates a bunch of duplicated code, and fixes a return code bug.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/direct_api.c
rc/semanage_store.c
|
| 28baa721e0f544d0899b68eb5eee070ed2b4b02b |
14-Sep-2012 |
rhatdan <dwalsh@redhat.com> |
libsemanage: Add sefcontext_compile to compile regex everytime policy is rebuilt
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/conf-parse.y
rc/conf-scan.l
rc/semanage_conf.h
rc/semanage_store.c
|
| 8638197342f77d66b3e21ee93009060886020064 |
13-Sep-2012 |
Eric Paris <eparis@redhat.com> |
Version bumps for upstream push
hangeLog
ERSION
|
| 18649484eee7e4ca7b0be572365aca368a3471b5 |
12-Jan-2012 |
Xin Ouyang <xinpascal@gmail.com> |
libsemanage: Fix segfault for building standard policies.
If you are building "standard" policies(not MCS/MLS), libsemanage
will crash, which caused by strdup() to "level" NULL pointers.
For example, semodule -s refpolicy -b base.pp -i a.pp
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/genhomedircon.c
|
| b0b22829eb0aa992462b9efd7b32e2fdc8604faf |
12-Sep-2012 |
Eric Paris <eparis@redhat.com> |
libsemanage: do boolean name substitution
So people can use -P and it will work.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/boolean_record.c
|
| 1024ea34c6ff68625037fd8abbda5dc910ac31e5 |
01-Jun-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: libsemanage: remove PYTHONLIBDIR and ruby equivalent
We generate pkg-config --libs and use that to build the libselinux
python so file. We do not use it to build the libsemanage versions. We
also never use the ruby equivalent. So stop calling pkg-config
uselessly.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/Makefile
|
| b2523dc167b1b61ea3cc42a97c8da6ac60ad7550 |
01-Jun-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: libsemanage: do not set soname needlessly
We explicitly set the soname of the python and ruby files. We don't
need this. We are using the -o name as the soname, so just let the
toolchain do its thing. It just makes the Makefile nicer to read.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| f05a71b92d94771ed976a7c74e5fa378d02b590b |
28-Jun-2012 |
Eric Paris <eparis@redhat.com> |
Version bumps for upstream push
hangeLog
ERSION
|
| c4f415c2444874488e9a9ae2e02a7cbeea583ba2 |
29-May-2012 |
Sven Vermeulen <sven.vermeulen@siphos.be> |
libsemanage: use after free in python bindings
In python 3.2 we hit a problem where the fconext was garbage. We didn't
see this in python 2.7. The reason is because python3.2 would free and
reuse the memory and python 2.7 just happened to leave it alone.
Instead of using memory that python might use for something else, use
strdup() to get a local copy which we can free when we are finished with
it.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/fcontext_record.c
|
| 4120df1c6ea85aa56ed602e46a4030d9e4e45ee6 |
05-Jan-2012 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: Use default semanage.conf as a fallback
If the private semanage.conf file is unreadable for some reason (usually
ENOENT) fallback to the default file.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/handle.c
|
| fade75f1e2f2bda739214e079e27a50dadd61e64 |
07-Jun-2012 |
Eric Paris <eparis@redhat.com> |
libsemanage: semanage_store: fix snprintf length argument by using asprintf
We calculated a length, allocated a space for the string, then used
snprintf to fill the array giving it a different length. Rather than
doing all that math ourselves, just use asprintf and let libraries get
it right.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| a6c9140cbbe02c3dfb32798f9e5ba333297ba64b |
07-Jun-2012 |
Eric Paris <eparis@redhat.com> |
libsemanage: ignore 80 column limit for readability
80 columns just suck. Ignore it when we are only a little bit over.
Signed-off-by: Eric Paris <eparis@redhat.com>
rc/semanage_store.c
|
| 824df4b60b8f3de26fb900ed5f74ca6379de6d99 |
01-Jun-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: additional makefile support for rubywrap
SELinux ruby bindings didn't build from the top level
the swig generated .c file wasn't gitignored
use pkg-config for ruby info like we do for python
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/.gitignore
rc/Makefile
|
| 5d19b707232718377e7378d43a677011e6f97a58 |
19-Apr-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: libsemanage: remove build warning when build swig c files
swig creates C files with warnings. Turn off the warnings so the build
is clean. We can't help the code it produces anyway...
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
akefile
rc/Makefile
|
| 7a86fe1a3decc4c05598eb3f9339175251cd5447 |
28-Mar-2012 |
Eric Paris <eparis@redhat.com> |
bump version and changelog for upstream push
hangeLog
ERSION
|
| 38e93bad1ffd99e698d24541793148e1da587389 |
26-Mar-2012 |
Russell Coker <russell@coker.com.au> |
libsemanage: fallback-user-level
Having magic numbers in the code is a bad idea, using a macro is better.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/genhomedircon.c
|
| e55a295b1d53fdf0d37ede591e8df36d7a08fe7a |
26-Mar-2012 |
Laurent Bigonville <bigon@debian.org> |
libsemanage: Allow to build for several ruby version
This allow to build the ruby module for both ruby 1.8 and 1.9.1 (the
way it's done for the python module)
Signed-off-by: Laurent Bigonville <bigon@debian.org>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| a8a766ac9fe21fe27fbb601c46fddb7629331e40 |
26-Mar-2012 |
Laurent Bigonville <bigon@debian.org> |
libsemanage: do not link against libpython, this is considered bad in Debian
Do not link against libpython, the interpreter is already linked to it.
In Debian this is usually considered bad practice.
Signed-off-by: Author: Laurent Bigonville <bigon@debian.org>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| 66dd98b83a519840a26be7fa5644c982524f3bf7 |
04-Jan-2012 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: Alternate path for semanage.conf
Currently the semanage.conf file is hard coded to /etc/selinux/semanage.conf
even when an alternate root path is specified. Use the semanage.conf
found inside the altername root instead of the system global version.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/handle.c
rc/handle.h
rc/semanage_store.c
rc/semanage_store.h
|
| 339f8079d7b9dd1e0b0138e2d096dc7c60b2092e |
21-Dec-2011 |
Eric Paris <eparis@redhat.com> |
update VERSION and Changelog for public push
hangeLog
ERSION
|
| 5e46bb8647877acf8c7ff8253921c90ee50f3cdc |
12-Dec-2011 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: Fallback_user_level can be NULL if you are not using MLS
If you build a distribution without MLS turned on, libsemanage will
crash if given a user without a level. This patch allows users
without levels to be passed in.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/genhomedircon.c
|
| 915b5f885f030aa24a2ca648a184fa02cb5bbdcd |
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: add ignoredirs config for genhomedircon
For a long time /root has been treated differently in Red Hat
Distributions then upstream policy.
We do not want to label /root the same as a users homedir. Because of
this we have carried a patch in libsemanage/genhomedircon.c to ignore
/root.
This patch adds a flag to semanage.conf, ignoredirs. That will allow
distributions or users to specify directories that genhomedircon
should ignore when setting up users homedir labeling.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
an/man5/semanage.conf.5
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/genhomedircon.c
rc/genhomedircon.h
rc/semanage_conf.h
|
| 14e4b70b933a330fc1e63bf0ac5ebab4f9664062 |
03-Nov-2011 |
Eric Paris <eparis@redhat.com> |
Bump Version and Changelog for commit
hangeLog
ERSION
|
| 2c4eca16dd4aaf2f7830012908aef66109106d82 |
19-Sep-2011 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: create man5dir if not exist
Make new man page directory if it doesn't exist.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
an/Makefile
|
| 06f53004d93ddb6bd4e2b2f4d697c8cedf382e47 |
19-Sep-2011 |
Guido Trentalancia <guido@trentalancia.com> |
libsemanage: semanage.conf man page
Add a new semanage.conf man page.
Signed-off-by: Eric Paris <eparis@redhat.com>
an/Makefile
an/man5/semanage.conf.5
|
| 86e8daafc3755820272c0f36a3dd115f0b01c93d |
20-Oct-2011 |
Dan Walsh <dwalsh@redhat.com> |
libselinux: maintain mode even if umask is tighter
When certain programs were run which created new files they would get
default permissions based on the current users umask. However these
files should get the same permissions as those files which they
replaced. Do that.
Patch from: Stephen Smalley
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/semanage_store.c
|
| c81a43c753efbda6f2106dbf0a291005683474f8 |
28-Sep-2011 |
Eric Paris <eparis@redhat.com> |
libselinux: libsemanage: libsepol: regenerate .pc on VERSION change
The makefile which generated the package config files did not have the
VERSION file as a dependancy. Thus if you updated a tree you have
previously build the .pc file wouldn't be rebuilt and the old version
would be reinstalled.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| 418dbc70e8e7b6b313a0a23455d24256c6807a46 |
16-Sep-2011 |
Eric Paris <eparis@redhat.com> |
Bump version and changelog for all components.
hangeLog
ERSION
|
| 6a530237403066293813ad03d575df2487db28d0 |
14-Sep-2011 |
Guido Trentalancia <guido@trentalancia.com> |
libsemanage: fix semanage_store_access_check calling arguments
A few calls to semanage_store_access_check() in the libsemanage
tests passed an argument even though it is a void function.
Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
ests/test_semanage_store.c
|
| eb695e5a5618ede939af2f9c9daed7c53e14b50a |
14-Sep-2011 |
Guido Trentalancia <guido@trentalancia.com> |
whole tree: default make target to all not install
Change the default "make" target for the libraries from "install" to
"all" in the makefiles.
Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
nclude/Makefile
an/Makefile
|
| e4bc1b223debcc6747fef4d7a2a0a320c0208a88 |
01-Sep-2011 |
Harry Ciao <qingtao.cao@windriver.com> |
libsepol: libsemanage: policycoreutils: Create a new preserve_tunables flag in sepol_handle_t.
By default only the effective branch of a tunable conditional would be
expanded and written to raw policy, while all needless unused branches
would be discarded.
Add a new option '-P' or "--preserve_tunables" to the semodule program.
By default it is 0, if set to 1 then the above preserve_tunables flag
in the sepol_handle_t would be set to 1 accordingly.
Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
nclude/semanage/handle.h
rc/direct_api.c
rc/handle.c
rc/libsemanage.map
rc/semanage_store.c
rc/semanage_store.h
|
| 60c780ffb6e7a48a2121e871ad20471a8fe0337d |
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: change module disabled from rename to symlink
Change the way libsemanage handles disabled modules. In the current
method libsemanage renames the FOO.pp file to FOO.pp.disabled and then
the rebuild process ignores *.disabled modules.
Since we want to start shipping
/etc/selinux/targeted/modules/active/modules/*.pp within the payload of
the rpm. If we continued this method, a policy update would re-enable a
module.
The new mechanism will just create a symbolic link between FOO.pp and
FOO.pp.disabled. Then the library will check all modules, and if a
module has a link, it will not be compiled into the policy. This solves
the rpm update problem. and actually gives us an easier update
capability since if FOO.pp.disabled already exists using the old method,
it will continue to work with the new method.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/direct_api.c
rc/semanage_store.c
rc/semanage_store.h
|
| 1f8cf403be49dd8b918e2ff21969a6a47928d672 |
26-Aug-2011 |
Eric Paris <eparis@redhat.com> |
update changelog and versions for 2011-08-26
hangeLog
ERSION
|
| acb4ecaa0111a428b2c443e0db937caa09696923 |
22-Aug-2011 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: python wrapper makefile changes
Allow Change libsemanage Makefile to be able to build by default and to build
if you change the version of Python
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| 6b6b475dcfe77dbf3d37b4f6e4fee3539346f359 |
17-Aug-2011 |
Eric Paris <eparis@redhat.com> |
update changelog and VERSION for latest changes
hangeLog
ERSION
|
| 4b00b5c6a4876f3470b53252bad7a1e6f91899fc |
04-Aug-2011 |
Dan Walsh <dwalsh@redhat.com> |
libsemanage: print error debug info for buggy fc files
Currently if you have a bug in a fc file, the store only reports that you have
a problem but not the name of the module, or any hint of what is wrong. This
patch will print out as much as been collected in the file_spec at the time
of the error.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/semanage_store.c
|
| 9cd587f5533456e7b26601e27e65744272e2e783 |
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: introduce semanage_set_root and friends
Allow applications to specify an alternate root for selinux stores.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
nclude/semanage/handle.h
an/man3/semanage_set_root.3
rc/conf-parse.y
rc/direct_api.c
rc/handle.c
rc/handle_internal.h
rc/libsemanage.map
rc/semanage_store.c
|
| 9406ace82b12780da84b2553cb74f88101978ea2 |
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: throw exceptions in python rather than return NULL
Python doesn't really work on the basis of negative error code. It
throws exceptions. This patch automatically generates little stub
functions which will catch negative error codes and will throw
exceptions in their place.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/.gitignore
rc/Makefile
rc/exception.sh
rc/semanageswig_python.i
|
| 78d58d73b4098ec56b6545abd9f9719563d0d587 |
24-Jun-2011 |
Daniel J Walsh <dwalsh@redhat.com> |
libsemanage: python3 support.
Dave Malcolm has been working on adding python3 support to libsemanage
(and libselinux).
Change to Makefile to:
Support building the Python bindings multiple times, against various Python
runtimes (e.g. Python 2 vs Python 3) by optionally prefixing the build
targets with "PYPREFIX":
Should build python2 version by default, without the user doing any changes.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| d784fd71b56cb8f57d5b9fcd784094e004bf7c6a |
05-Jan-2011 |
Russell Coker <russell@coker.com.au> |
libsemanage: patch for MCS/MLS in user files
The attached patch makes the
/etc/selinux/default/contexts/files/file_contexts.homedirs generation process
include the MCS/MLS level.
This means that if you have a user with a MCS/MLS level that isn't SystemLow
then their home directory will be labeled such that they can have read/write
access to it by default.
Unless anyone has any better ideas for how to solve this problem I will upload
this to Debian shortly.
What do the MLS users do in this situation? Just relabel home directories
manually?
Finally it seems that when you run "semanage user -m" the
file_contexts.homedirs doesn't get updated, it's only when you run
"semanage login -m" that it takes affect.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Russell Coker <russell@coker.com.au>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/genhomedircon.c
|
| 510003b63f3abd3039b1d154cab24fc13be0c581 |
01-Aug-2011 |
Eric Paris <eparis@redhat.com> |
Minor version bump for updates as of 2011-08-01
checkpolicy
libselinux
libsemanage
libsepol
policycoreutils
Signed-off-by: Eric Paris <eparis@redhat.com>
hangeLog
ERSION
|
| d67b1ea1cbe30afb4894634f06ca25916b03cbd7 |
24-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: drop the -no-unused-parameter build flag
Annote the couple of places they are needed and drop the flag
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
rc/database.c
rc/direct_api.c
rc/genhomedircon.c
rc/semanage_store.c
rc/semanage_store.h
|
| dad5f79991eb04b5973c670c8566844a014a3a85 |
24-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: use -Werror
libsemanage should use -Werror just like libselinux
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/Makefile
|
| 109dc801ec27fc4f850f6927617acd6da5e6a544 |
24-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: do not store generated files in git
libsemanage/src/semanage.py and libselinux/src/semanageswig_wrap.c
are both generated rather than being real code. Do not store them
in git.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
rc/.gitignore
rc/semanage.py
rc/semanageswig_wrap.c
|
| 44121f662411dbc17bf2e196911c655ee6969d59 |
26-Jul-2011 |
Steve Lawrence <slawrence@tresys.com> |
Minor version bump for release
Bump checkpolicy to 2.1.0
Bump libselinux to 2.1.0
Bump libsepol to 2.1.0
Bump libsemanage to 2.1.0
Bump policycoreutils to 2.1.0
Bump sepolgen to 1.1.0
hangeLog
ERSION
|
| d17ed0d90d100acb4d270613d12988f909cc1c3f |
16-Dec-2010 |
Chad Sellers <csellers@tresys.com> |
bump checkpolicy to 2.0.23
bump libselinux to 2.0.98
bump libsepol to 2.0.42
bump libsemanage to 2.0.46
Signed-off-by: Chad Sellers <csellers@tresys.com>
hangeLog
ERSION
|
| f7dd4ca760de5f2dfa962749dddf8a99587f2257 |
09-Dec-2010 |
Justin P. Mattock <justinmattock@gmail.com> |
Author: "Justin P. Mattock"
Email: justinmattock@gmail.com
Subject: libsemanage Fix warning: parameter 'key' set but not used(and others)
Date: Tue, 6 Jul 2010 15:23:30 -0700
libsemanage produced no errors with the warnings, Im just noticing
big hunks of sections with warning messages:
database_llist.c: In function 'dbase_llist_add':
database_llist.c:150:28: warning: parameter 'key' set but not used
database_llist.c: In function 'dbase_llist_count':
database_llist.c:221:50: warning: parameter 'handle' set but not used
database_llist.c: In function 'dbase_llist_del':
database_llist.c:278:41: warning: parameter 'handle' set but not used
(and so on...)
so add the GCC attribute to quiet these warnings since most go to
NULL;
Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/database_llist.c
rc/database_policydb.c
rc/debug.c
rc/direct_api.c
|
| e6bfff4372a2bf5fe8dbd1de49ffb6cf366b39e0 |
07-Mar-2010 |
Joshua Brindle <method@manicmethod.com> |
bump libsemanage to 2.0.45 and libselinux to 2.0.92
hangeLog
ERSION
|
| 7420787817c4949276d7947202b49d78eba37c13 |
24-Feb-2010 |
Daniel J Walsh <dwalsh@redhat.com> |
updated libselinux pkgconfig does not work correctly on lib64 machines.
On 02/24/2010 02:24 PM, Daniel J Walsh wrote:
>
Ignore the first patch it was missing pc.in files.
Acked-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/Makefile
rc/libsemanage.pc.in
|
| d03b94113615c1751b8a074bbd4064d915c70ff9 |
06-Mar-2010 |
Joshua Brindle <method@manicmethod.com> |
regenerate swig wrappers
rc/semanage.py
rc/semanageswig_wrap.c
|
| c1323f22c7ad93b975eb8b6a251b893bc88f240f |
06-Mar-2010 |
Joshua Brindle <method@manicmethod.com> |
fixes to commit 847d27b8385ce77ac71df8aa58a2d298b33d1ea4
- implicit declaration of semanage_module_enabled()
- added nicer error messages when disabling or enabling modules already disabled or enabled
- fix comment
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/direct_api.c
rc/semanage_store.h
|
| 654dcb897e49908a958dae55cf29793412c4b390 |
24-Feb-2010 |
Daniel J Walsh <dwalsh@redhat.com> |
Last attempt at upstreaming semodule_disable patch.
This patch allows you to disable/Enable policy modules.
It never seems to get upstreamed. :^(
Signed-off-by: Joshua Brindle <method@manicmethod.com>
nclude/semanage/modules.h
rc/direct_api.c
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
rc/modules.h
rc/policy.h
rc/semanage_store.c
rc/semanage_store.h
|
| c8d100bb03e0fe0501037b914fe3638afd593ee4 |
25-Feb-2010 |
Daniel J Walsh <dwalsh@redhat.com> |
Patch to run genhomedircon without looking at /etc/passwd
I want to change the default of libsemanage to not look for home
directories in getpwent. This patch allows you to set the flag
usepasswd=false in the semanage.conf file. and genhomedircon will only
setup the labeling of /home, /export/home and any confined users homedirs.
If this patch is not acceptable because libsemanage is being rewritten,
I would like the functionality to be added to the new libsemanage.
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/semanage_conf.h
|
| 9a1814832b7e3b046d8edd5d7691a7a3aae427f6 |
02-Feb-2010 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage 2.0.44
hangeLog
ERSION
|
| 0b2f9ef8f3f91cd6e202dc8bdfe8e1156ae6c01a |
25-Jan-2010 |
Stephen Smalley <sds@tycho.nsa.gov> |
bzip support in libsemanage and out of memory (userspace ticket 7)
On Sun, 2010-01-24 at 21:29 +0100, Guido Trentalancia wrote:
> Hi !
>
> Has anybody had any time to look at this ticket:
> http://userspace.selinuxproject.org/trac/ticket/7 ?
>
> I have experienced the same issue and verified that the problem is actually triggered by the bzip support (as pointed out by Stephen Smalley back in August). In fact, if I use bzip-blocksize=0 in semanage.conf then the problem disappears...
>
> Otherwise with a default semanage.conf and bzip enabled, I get:
>
> libsepol.module_package_read_offsets: offset greater than file size (at 4, offset 200478 -> 8192 (No such file or directory).
> libsemanage.semanage_load_module: Error while reading from module file /etc/selinux/refpolicy/modules/tmp/base.pp. (No such file or directory).
> semodule: Failed!
>
> I am using libsepol-2.0.41 and libsemanage-2.0.42.
Looking into this more closely, I believe this is another manifestation
of:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543915#17
which was ultimately traced down to two issues:
1) A missing offset check in libsepol (fixed in libsepol 2.0.38), and
2) A bug / lack of binary mode support in the fmemopen implementation in
glibc that was later fixed, see:
http://sourceware.org/bugzilla/show_bug.cgi?id=6544
Maybe you have the older glibc still?
Looking at the libsemanage code though, I think we could in fact avoid
any dependency on fmemopen by using the native libsepol support for
operating on a memory region via sepol_policy_file_set_mem(), ala:
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
rc/direct_api.c
rc/semanage_store.c
|
| 7b9904bef33264b16dd25e4c5d5018c8656d65f4 |
27-Nov-2009 |
Joshua Brindle <method@manicmethod.com> |
bump libsemanage to 2.0.43 and policycoreutils to 2.0.78
hangeLog
ERSION
|
| a6700ba05f78b443ea2fca0971a5b555c1066470 |
17-Nov-2009 |
Manoj Srivastava <srivasta@debian.org> |
libsemanage: Fix the format of the NAME lines
Each manual page should start with a "NAME" section, which lists the
name and a brief description of the page separated by "\-". These
sections are parsed by "mandb" and stored in a database for the use of
"apropos" and "whatis", so they must be in a certain format. These
manual pages apparently use the wrong format and cannot be parsed by
"mandb". This commit fixes that.
Signed-off-by: Manoj Srivastava <srivasta@debian.org>
Signed-off-by: Joshua Brindle <method@manicmethod.com>
an/man3/semanage_bool.3
an/man3/semanage_bool_set_active.3
an/man3/semanage_count.3
an/man3/semanage_del.3
an/man3/semanage_exists.3
an/man3/semanage_fcontext.3
an/man3/semanage_iface.3
an/man3/semanage_iterate.3
an/man3/semanage_list.3
an/man3/semanage_modify.3
an/man3/semanage_node.3
an/man3/semanage_port.3
an/man3/semanage_query.3
an/man3/semanage_seuser.3
an/man3/semanage_user.3
|
| 55648ccca9bafbc243084b672f0ddf4fa294f993 |
13-Oct-2009 |
Joshua Brindle <method@manicmethod.com> |
/lib/libsemanage.so.1 links to /usr/lib/libustr-1.0.so.1
Manoj Srivastava wrote:
> Hi,
>
> As demonstrated by
>
> $ ldd /lib/libsemanage.so.1
> linux-gate.so.1 => (0xb8092000)
> libsepol.so.1 => /lib/libsepol.so.1 (0xb8015000)
> libselinux.so.1 => /lib/libselinux.so.1 (0xb7ffa000)
> libbz2.so.1.0 => /lib/libbz2.so.1.0 (0xb7fe9000)
> libustr-1.0.so.1 => /usr/lib/libustr-1.0.so.1 (0xb7fbf000)
> libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7e60000)
> libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7e5c000)
> /lib/ld-linux.so.2 (0xb8093000)
>
> libsemanage1 links to libustr which is located under the,
> possible separate or external, /usr partition, which would render
> libsemanage unusable in such setups. (This dependency has been around
> since 2.0.9).
>
> Should we move libsemanage1 to /usr/lib? The only reason for it
> to be in /lib would be for early boot, where /usr might not be
> available, but at this point, it is likely not usable without /usr
> anyway.
>
> manoj
Yes, I'm not sure why you'd need libsemanage during early boot, we
probably should apply this:
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/Makefile
|
| 88a57ca14b1fc645648e63e6117a125d3af5ea55 |
18-Nov-2009 |
Chad Sellers <csellers@tresys.com> |
Bump policycoreutils to 2.0.76
Bump libsepol to 2.0.41
Bump libsemanage to 2.0.42
hangeLog
ERSION
|
| eb014c79f11f01b25cbb44d81d5ed7fd9b90b836 |
18-Nov-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Add modules support to semanage
Date: Thu, 12 Nov 2009 11:23:15 -0500
On 11/11/2009 01:52 PM, Chad Sellers wrote:
> On 9/30/09 2:33 PM, "Daniel J Walsh" <dwalsh@redhat.com> wrote:
>
>> Includes enable and disable.
>>
> I presume I should hold off on this patch until you have a chance to
> resubmit the libsemanage support that it relies on. Let me know if that's
> not the case.
>
> Thanks,
> Chad
>
Lets do this patch.
Moves load_policy from /usr/sbin to /sbin
Removed cruft.
Signed-off-by: Chad Sellers <csellers@tresys.com>
rc/conf-parse.y
|
| 7cdfd6e659dde3c7988e78ab2322a35e67ca8726 |
29-Oct-2009 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
Bump libsepol to 2.0.40, libselinux to 2.0.89, libsemanage to 2.0.41.
hangeLog
ERSION
|
| 12777502c638698a9e1dd6748a2309cb87946a65 |
21-Oct-2009 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
Add pkgconfig files for libsepol, libselinux, and libsemanage.
Having a pkgconfig files allows the pkg-config tool to be used to
query the presence of the library (or a particular version of it),
and to obtain the C flags and linker arguments to build with it.
Based on Debian patches by Manoj Srivastava <srivasta@debian.org>.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
rc/Makefile
rc/libsemanage.pc.in
|
| 6f4660679f0051e3608c11050b7a52882e667b52 |
22-Oct-2009 |
Chad Sellers <csellers@tresys.com> |
Bump libselinux to 2.0.88 and libsemanage to 2.0.40
hangeLog
ERSION
|
| bd74c23c7beaf340d3e21f84a253e3c994fe3623 |
21-Oct-2009 |
Chad Sellers <csellers@tresys.com> |
libsemanage: Add function to turn off file contexts validation
This patch adds a function to turn off file contexts validation.
We need this for cross-installs in rpm, where we install policy
into a chroot that has binaries of a different architecture which
cannot be executed on the build system. So, we would like to use
this function to disable executing setfiles. This of course means
the file contexts could be invalid, but we're willing to take
that risk.
Signed-off-by: Chad Sellers <csellers@tresys.com>
nclude/semanage/handle.h
rc/handle.c
rc/handle.h
rc/libsemanage.map
rc/semanage_store.c
|
| 0857e3e4782789a326426e1284dce95ba6d6b851 |
21-Oct-2009 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
Add subdirectory .gitignore files.
These take care of executables and generated source files.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
gitignore
|
| 0e421afd55407cf5e6e3793558e4449aef6fcf52 |
24-Sep-2009 |
Joshua Brindle <method@manicmethod.com> |
bump libselinux to 2.0.87 and libsemanage to 2.0.39
hangeLog
ERSION
|
| 94c51ba3b12e476c0b7108c9d83b939ed56b8359 |
24-Sep-2009 |
Joshua Brindle <method@manicmethod.com> |
make swigify
rc/semanage.py
rc/semanageswig_wrap.c
|
| 6e7e247f6c58365103895ae398914f791a7a8156 |
16-Sep-2009 |
Joshua Brindle <method@manicmethod.com> |
bump libsemanage to 2.0.38 and policycoreutils to 2.0.74
hangeLog
ERSION
|
| faff0a77c679e8290bac6595c9764dc8929f32d6 |
16-Sep-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: libsemanage patch
Date: Wed, 16 Sep 2009 13:27:25 -0400
Updated patch. Need check in two places.
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/genhomedircon.c
|
| c282c4024de7321a2987e55c51f6b65c75344c83 |
11-Sep-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
I think I sent this patch before, it is the upgrade patch.
Basically it makes semodule -u file.pp, install file.pp if it does not exist. This matches the rpm syntax, and allows us too update/install many packages with a transaction without know whether the package is updated or installed.
Currently we can only do a -i which could hammer a newwer version.
commit 3a5ed0fdf42200d0efd6cb1064eab91d2eb5ca52
Author: Dan Walsh <dwalsh@redhat.com>
Date: Mon Aug 24 11:36:41 2009 -0400
i Upgrade patch
rc/direct_api.c
rc/modules.c
|
| eaaafe2151b8321b4c2316b3a1bdeda9db79db25 |
04-Sep-2009 |
Joshua Brindle <method@manicmethod.com> |
bump policycoreutils to 2.0.73 and libsemanage to 2.0.37
hangeLog
ERSION
|
| f3d9262568ce65b5cbc83a2c71c75c230a7aec0e |
20-Aug-2009 |
Chad Sellers <csellers@tresys.com> |
Fix semanage_direct_commit() to notice disable_dontaudit
Add code to semanage_direct_commit() to notice that the disable_dontaudit
flag has been changed and rebuild the policy if so.
Currently, libsemanage doesn't notice that the disable_dontaudit flag is
set so it does not rebuild the policy. semodule got around this by calling
semanage_set_rebuild() explicitly, but libsemanage should really notice
that this has changed and rebuild appropriately.
rc/direct_api.c
|
| e376f725fce1d42b748d60b7db9a77263d69c19c |
24-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage 2.0.36
hangeLog
ERSION
|
| c3c7ef9c65ae3d5b35b9e66caa92b152b550b4ff |
24-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage issue with bzip-blocksize=0 and compressed modules in store
On Mon, 2009-08-24 at 10:57 -0400, Chris PeBenito wrote:
> On Mon, 2009-08-24 at 10:04 -0400, Stephen Smalley wrote:
> > On Mon, 2009-08-24 at 09:54 -0400, Chris PeBenito wrote:
> > > I took the current release of libsemanage and added the patch to add a
> > > bzip blocksize option[1]. The modules in my store were already
> > > compressed with the stock release. I put bzip-blocksize=0 in my
> > > semanage.conf and I do semodule -B and get:
> > >
> > > libsepol.module_package_read_offsets: wrong magic number for module
> > > package: expected 0xf97cff8f, got 0x39685a42 (No such file or
> > > directory).
> > > libsemanage.semanage_load_module: Error while reading from module
> > > file /etc/selinux/strict/modules/tmp/modules/apm.pp. (No such file or
> > > directory).
> > > semodule: Failed!
> > >
> > > If I do semodule -l, it will also get the magic number error. If I
> > > remove the blocksize option, it works again. I was able to reinsert all
> > > of the modules to get it working again with the blocksize 0 option.
> > >
> > > [1] http://userspace.selinuxproject.org/trac/changeset/ee9827000137fed2d3300124115fc1572acafe2f
> >
> > Yes, that's what I would expect. The expectation is that either one
> > would set that option before installing the policy for the first time,
> > or that one completely re-installs the policy after setting that option.
>
> Can we have a little better handling of this case? I don't mind
> reinstalling the policy, but the error messages aren't helpful. In
> addition, with semodule -l being broken, I have to look into the module
> store to see what modules are installed or guess.
Seems like it is just as easy to just support pre-existing compressed
modules, see below.
Explicitly probe for the bzip2 magic string prefix and fall through to
BZ2_bzReadOpen() if the module is bzipped even if bzip-blocksize=0.
Thus bzip-blocksize=0 will prevent any further compression of
subsequently installed/updated modules, but will continue to function
with existing compressed modules.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
rc/direct_api.c
|
| 0fb9c99a4d005be1e50614ead5dd9e2df489a753 |
05-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage 2.0.35
hangeLog
ERSION
|
| 8edc3f9730aab6bd8f52dafb9686baddaac83954 |
05-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage: do not hard link files
Remove the support for hard linking files in semanage_copy_file, as it
is unsafe and can leave the active store corrupted if something goes
wrong during the transaction. It also can leave the installed policy
files with incorrect file modes or security contexts.
To do this safely, we would need to change all functions that write to
the sandbox files to first unlink the destination file. This was done
in the original patch for the write_file helper but not for other cases.
It would need to be done for all functions that open.*O_CREAT or
fopen.*w on a file in the sandbox.
We also don't want this applied to the installed policy files, as they
need to be created with appropriate file modes and security contexts
that may differ from the sandbox files. At present, the hard link
support will only affect the installed policy files when they are first
created; afterward the link() call will always fail with EEXIST since
they are not unlinked prior to installation (nor would that be safe as
it could leave the system without a policy - rename would make more
sense in that situation). If we were to re-introduce hard link support,
we ought to use different helpers or flags for installing the policy
files than for copying the active store to the temporary sandbox to
avoid affecting both.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
rc/direct_api.c
rc/semanage_store.c
|
| 76412ffad682f0280e7bf4447d319f2c42573415 |
05-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage 2.0.34
hangeLog
ERSION
|
| ee9827000137fed2d3300124115fc1572acafe2f |
04-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage: Enable configuration of bzip behavior
Allow the administrator to customize the bzip block size and "small"
flag via semanage.conf. After applying you can add entries like these
to your /etc/selinux/semanage.conf to trade off memory vs disk space
(block size) and to trade off memory vs runtime (small):
bzip-blocksize=4
bzip-small=true
You can also disable bzip compression altogether for your module store
via:
bzip-blocksize=0
The semanage.conf entries are now validated against legal value ranges
at handle creation time.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
rc/conf-parse.y
rc/conf-scan.l
rc/direct_api.c
rc/direct_api.h
rc/semanage_conf.h
rc/semanage_store.c
|
| 3ba84a9f7f68164539604a6e40ca45e33a69bb11 |
07-Jul-2009 |
Joshua Brindle <method@manicmethod.com> |
Merge branch 'master' of jbrindle@oss.tresys.com:/home/git/selinux
|
| 834253d13a00bfec2b2e54e62f635bd131478205 |
07-Jul-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: libsemanage direct_api can return errors < 0.
Date: Mon, 08 Jun 2009 15:07:59 -0400
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/direct_api.c
|
| 4d92b1f8d808947c63bb33487a5827e42ecf5190 |
07-Jul-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage 2.0.33
hangeLog
ERSION
|
| 200efad4cb63fb35eb8a063d4bb0b0a3672ff66c |
07-Jul-2009 |
Christopher Pardy <cpardy@redhat.com> |
libsemanage: maintain disable dontaudit state between handle commits
Currently any changes made to the policy which require committing a handle cause dontaudit rules to be re-enabled. This is confusing, and frustrating for users who want to edit policy with dontaudit rules turned off. This patch allows semanage to remember the last state of the dontaudit rules and apply them as default whenever a handle is connected. Additionally other functions may check for the file semanage creates to determine if dontaudit rules are turned on. This knowledge can be useful for tools like SETroubleshoot which may want to change their behavior depending on the state of the dontaudit rules. In the event that a the file cannot be created a call to commit will fail.
Signed-off-by: Christopher Pardy <cpardy@redhat.com>
[sds: Removed duplicate from other patch and cleaned up style.]
[sds: Changed uses of semanage_fname to semanage_path.]
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
nclude/semanage/handle.h
rc/direct_api.c
rc/handle.c
rc/libsemanage.map
rc/semanage_store.c
rc/semanage_store.h
|
| a401a8762294d90e17fcaf83f4447ac6f246ba70 |
30-Jun-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: libsemanage spelling mistake in error code.
Date: Mon, 08 Jun 2009 15:14:02 -0400
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/handle.c
|
| 0b659be9a500a68b133c2d33102b9f4fcd14f60f |
28-May-2009 |
Stephen Smalley <sds@moss-clownfish.epoch.ncsc.mil> |
bump libsemanage to 2.0.32
hangeLog
ERSION
|
| d7dfd88158ca20311bd5edec64daed94c53511bc |
07-May-2009 |
David P. Quigley <dpquigl@moss-guppy.epoch.ncsc.mil> |
libsemanage: Add Ruby Bindings
This patch adds a SWIG specification file for ruby bindings for libsemanage.
The spec file is almost identical to the python SWIG file with the exception
that all list generating typemaps have been removed and the python related
functions have been replaced with the corresponding ruby ones. Finally the
Makefile is modified to be able to build the new bindings. Something to note is
that on 64-bit systems ruby.h might be found somewhere under /usr/lib64 instead
of /usr/lib so LIBDIR=/usr/lib64 will be needed to build the ruby bindings from
source.
Below is an example using the ruby bindings and produces the similar output
to semodule -l
#!/usr/bin/ruby
require "semanage"
handle = Semanage.semanage_handle_create
Semanage.semanage_select_store(handle, "targeted", Semanage::SEMANAGE_CON_DIRECT)
Semanage.semanage_connect(handle)
module_info = Semanage.semanage_module_list(handle)
modules = Array.new()
module_info[2].times do |n|
temp_module = Semanage.semanage_module_list_nth(module_info[1], n)
mod_string = Semanage.semanage_module_get_name(temp_module).to_s + " " \
+ Semanage.semanage_module_get_version(temp_module).to_s
modules.push(mod_string)
end
puts "List of Installed Modules"
modules.each do |str|
puts str
end
Signed-off-by: David P. Quigley <dpquigl@tycho.nsa.gov>
rc/Makefile
rc/semanageswig_ruby.i
|
| 10760735e9aaef2c7e88076f5f25c64d79b45edf |
12-Jan-2009 |
Joshua Brindle <method@manicmethod.com> |
bump libsemanage to 2.0.31
hangeLog
ERSION
|
| 844e23c77bb5c26ea536a925c98eadf6a5f2e5c3 |
05-Jan-2009 |
Joshua Brindle <method@manicmethod.com> |
regenerate swig bindings for compression support from commit 142bafa24900b5d9480818c9e81670bbeba2b44d
rc/semanage.py
rc/semanageswig_wrap.c
ests/Makefile
|
| df77db47e5fffde8905dd7de006ab18ecd4b59f8 |
05-Jan-2009 |
Joshua Brindle <method@manicmethod.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Now that F11 has started, I am putting in the compression support.
Date: Mon, 12 Jan 2009 10:37:23 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joshua Brindle wrote:
> Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> libsemanage patch to add compression.
>>
>> Uses bzip compression, all pp files in active/previous stored in
>> compressed state. Added new interfaces to be user by policycoreutils to
>> specify file rather then memory map.
>>
>> Also uses link instead of copy whenever possible to save disk space.
>> Seeing about a 10 fold savings on policy footprint.
>
> resend
>
> Comments inline
>
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/include/semanage/modules.h
> libsemanage-2.0.28/include/semanage/modules.h
>> --- nsalibsemanage/include/semanage/modules.h 2008-08-28
> 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/include/semanage/modules.h 2008-10-13
> 12:35:22.000000000 -0400
>> @@ -30,10 +30,16 @@
>>
>> int semanage_module_install(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_install_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_upgrade(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_upgrade_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_install_base(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_install_base_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_remove(semanage_handle_t *, char *module_name);
>>
>> /* semanage_module_info is for getting information on installed
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/Makefile
> libsemanage-2.0.28/src/Makefile
>> --- nsalibsemanage/src/Makefile 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/Makefile 2008-10-13 12:35:22.000000000 -0400
>> @@ -54,7 +54,7 @@
>> ranlib $@
>>
>> $(LIBSO): $(LOBJS)
>> - $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr
> -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
>> + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lbz2
> -lustr -L$(LIBDIR)
> -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
>> ln -sf $@ $(TARGET)
>>
>> conf-scan.c: conf-scan.l conf-parse.h
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c
> libsemanage-2.0.28/src/direct_api.c
>> --- nsalibsemanage/src/direct_api.c 2008-09-15 12:20:44.000000000 -0400
>> +++ libsemanage-2.0.28/src/direct_api.c 2008-10-13 16:36:51.000000000
> -0400
>> @@ -50,6 +50,7 @@
>> #include "semanage_store.h"
>> #include "database_policydb.h"
>> #include "policy.h"
>> +#include <sys/mman.h>
>>
>> static void semanage_direct_destroy(semanage_handle_t * sh);
>> static int semanage_direct_disconnect(semanage_handle_t * sh);
>> @@ -57,10 +58,13 @@
>> static int semanage_direct_commit(semanage_handle_t * sh);
>> static int semanage_direct_install(semanage_handle_t * sh, char *data,
>> size_t data_len);
>> +static int semanage_direct_install_file(semanage_handle_t * sh, const
> char *module_name);
>> static int semanage_direct_upgrade(semanage_handle_t * sh, char *data,
>> size_t data_len);
>> +static int semanage_direct_upgrade_file(semanage_handle_t * sh, const
> char *module_name);
>> static int semanage_direct_install_base(semanage_handle_t * sh, char
> *base_data,
>> size_t data_len);
>> +static int semanage_direct_install_base_file(semanage_handle_t * sh,
> const char *module_name);
>> static int semanage_direct_remove(semanage_handle_t * sh, char
> *module_name);
>> static int semanage_direct_list(semanage_handle_t * sh,
>> semanage_module_info_t ** modinfo,
>> @@ -73,8 +77,11 @@
>> .begin_trans = semanage_direct_begintrans,
>> .commit = semanage_direct_commit,
>> .install = semanage_direct_install,
>> + .install_file = semanage_direct_install_file,
>> .upgrade = semanage_direct_upgrade,
>> + .upgrade_file = semanage_direct_upgrade_file,
>> .install_base = semanage_direct_install_base,
>> + .install_base_file = semanage_direct_install_base_file,
>> .remove = semanage_direct_remove,
>> .list = semanage_direct_list
>> };
>> @@ -378,12 +385,157 @@
>> return 0;
>> }
>>
>> +#include <stdlib.h>
>> +#include <bzlib.h>
>> +#include <string.h>
>> +#include <sys/sendfile.h>
>> +
>> +/* bzip() a file to '*data', returning the total number of
> uncompressed bytes
>> + * in the file. Returns 0 if file could not be decompressed. */
>
> Why 0? Can we make this -1?
>
Fixed
>> +static size_t bzip(const char *filename, char *data, size_t num_bytes) {
>> + BZFILE* b;
>> + size_t size = 1<<16;
>> + int bzerror;
>> + size_t total = 0;
>> + size_t len = 0;
>> + FILE *f;
>> +
>> + if ((f = fopen(filename, "wb")) == NULL) {
>> + return 0;
>> + }
>> +
>> + b = BZ2_bzWriteOpen( &bzerror, f, 9, 0, 0);
>> + if (bzerror != BZ_OK) {
>> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 );
>> + return 0;
>> + }
>> +
>> + while ( num_bytes > total ) {
>> + if (num_bytes - total > size) {
>> + len = size;
>> + } else {
>> + len = num_bytes - total;
>> + }
>> + BZ2_bzWrite ( &bzerror, b, &data[total], len );
>> + if (bzerror == BZ_IO_ERROR) {
>> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 );
>> + return 0;
>> + }
>> + total += len;
>> + }
>> +
>> + BZ2_bzWriteClose ( &bzerror, b, 0, 0, 0 );
>> + fclose(f);
>> + if (bzerror == BZ_IO_ERROR) {
>> + return 0;
>> + }
>> + return total;
>> +}
>> +
>> +/* bunzip() a file to '*data', returning the total number of
> uncompressed bytes
>> + * in the file. Returns 0 if file could not be decompressed. */
>
> Same as above.
>
Fixed
>> +size_t bunzip(FILE *f, char **data) {
>> + BZFILE* b;
>> + size_t nBuf;
>> + char buf[1<<18];
>> + size_t size = sizeof(buf);
>> + int bzerror;
>> + size_t total=0;
>> +
>> + b = BZ2_bzReadOpen ( &bzerror, f, 0, 0, NULL, 0 );
>> + if ( bzerror != BZ_OK ) {
>> + BZ2_bzReadClose ( &bzerror, b );
>> + return 0;
>> + }
>> +
>> + char *uncompress = realloc(NULL, size);
>> +
>> + while ( bzerror == BZ_OK) {
>> + nBuf = BZ2_bzRead ( &bzerror, b, buf, sizeof(buf));
>> + if (( bzerror == BZ_OK ) || ( bzerror == BZ_STREAM_END )) {
>> + if (total + nBuf > size) {
>> + size *= 2;
>> + uncompress = realloc(uncompress, size);
>> + }
>> + memcpy(&uncompress[total], buf, nBuf);
>> + total += nBuf;
>> + }
>> + }
>> + if ( bzerror != BZ_STREAM_END ) {
>> + BZ2_bzReadClose ( &bzerror, b );
>> + free(uncompress);
>> + return 0;
>> + }
>> + BZ2_bzReadClose ( &bzerror, b );
>> +
>> + *data = uncompress;
>> + return total;
>> +}
>> +
>> +/* mmap() a file to '*data',
>> + * If the file is bzip compressed map_file will uncompress
>> + * the file into '*data'.
>> + * Returns the total number of bytes in memory .
>> + * Returns 0 if file could not be opened or mapped. */
>
> Same as above
>
Fixed
>> +static size_t map_file(int fd, char **data, int *compressed)
>> +{
>> + int size;
>> + char *uncompress;
>> + if ((size = bunzip(fdopen(fd, "r"), &uncompress)) > 0) {
>> + *data = mmap(0, size, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, 0, 0);
>> + if (*data == MAP_FAILED) {
>> + free(uncompress);
>> + return 0;
>> + } else {
>> + memcpy(*data, uncompress, size);
>> + }
>> + free(uncompress);
>> + *compressed = 1;
>> + } else {
>> + struct stat sb;
>> + if (fstat(fd, &sb) == -1 ||
>> + (*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) ==
>> + MAP_FAILED) {
>> + size = 0;
>> + } else {
>> + size = sb.st_size;
>> + }
>> + *compressed = 0;
>> + }
>> +
>> + return size;
>> +}
>> +
>> +static int dupfile( const char *dest, int src_fd) {
>> + int dest_fd = -1;
>> + int retval = 0;
>> + int cnt;
>> + char buf[1<<18];
>> +
>> + if (lseek(src_fd, 0, SEEK_SET) == -1 ) return -1;
>> +
>> + if ((dest_fd = open(dest, O_WRONLY | O_CREAT | O_TRUNC,
>> + S_IRUSR | S_IWUSR)) == -1) {
>> + return -1;
>> + }
>> +
>> + while (( retval == 0 ) &&
>> + ( cnt = read(src_fd, buf, sizeof(buf)))> 0 ) {
>> + if (write(dest_fd, buf, cnt) < cnt) retval = -1;
>> + }
>> + close(dest_fd);
>> + return retval;
>> +}
>> +
>> /* Writes a block of data to a file. Returns 0 on success, -1 on
>> * error. */
>> static int write_file(semanage_handle_t * sh,
>> const char *filename, char *data, size_t num_bytes)
>> {
>> int out;
>> +
>> + /* Unlink no matter what, incase this file is a hard link, ignore
> error */
>> + unlink(filename);
>> if ((out =
>> open(filename, O_WRONLY | O_CREAT | O_TRUNC,
>> S_IRUSR | S_IWUSR)) == -1) {
>> @@ -499,7 +651,7 @@
>> sepol_policydb_t *out = NULL;
>>
>> /* Declare some variables */
>> - int modified, fcontexts_modified, ports_modified,
>> + int modified = 0, fcontexts_modified, ports_modified,
>> seusers_modified, users_extra_modified;
>> dbase_config_t *users = semanage_user_dbase_local(sh);
>> dbase_config_t *users_base = semanage_user_base_dbase_local(sh);
>> @@ -815,7 +967,9 @@
>> &filename)) != 0) {
>> goto cleanup;
>> }
>> - if (write_file(sh, filename, data, data_len) == -1) {
>> +
>> + if (bzip(filename, data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> retval = -3;
>> }
>> retval = 0;
> retval = -3 gets smashed immediately afterward
>
>> @@ -826,19 +980,60 @@
>> return retval;
>> }
>>
>> -/* Similar to semanage_direct_install(), except that it checks that
>> - * there already exists a module with the same name and that the
>> - * module is an older version then the one in 'data'. Returns 0 on
>> - * success, -1 if out of memory, -2 if the data does not represent a
>> - * valid module file, -3 if error while writing file or reading
>> - * modules directory, -4 if there does not exist an older module or if
>> - * the previous module is same or newer than 'data'.
>> - */
>> -static int semanage_direct_upgrade(semanage_handle_t * sh,
>> - char *data, size_t data_len)
>> +/* Attempts to link a module to the sandbox's module directory,
> unlinking any
>> + * previous module stored within. Returns 0 on success, -1 if out of
> memory, -2 if the
>> + * data does not represent a valid module file, -3 if error while
>> + * writing file. */
>> +
>> +static int semanage_direct_install_file(semanage_handle_t * sh,
>> + const char *install_filename)
>> {
>> +
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd = -1;
>> +
>> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure here
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + char *module_name = NULL, *version = NULL, *filename = NULL;
>> + if ((retval = parse_module_headers(sh, data, data_len,
>> + &module_name, &version,
>> + &filename)) != 0) {
>> + goto cleanup;
>
> Probably need to free module_name, version, filename here
>
Why these are cleaned up in cleanup and if it gets an error it should
not have allocated memory?
>> + }
>> +
>> + if (data_len > 0) munmap(data, data_len);
>> + data_len = 0;
>> + retval = dupfile(filename, in_fd);
>> + free(version);
>> + free(filename);
>> + free(module_name);
>> +
>> + } else {
>> + retval = semanage_direct_install(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> + return retval;
>> +}
>> +
>> +
>> +static int get_direct_upgrade_filename(semanage_handle_t * sh,
>> + char *data, size_t data_len, char **outfilename) {
>> int i, retval, num_modules = 0;
>> - char *module_name = NULL, *version = NULL, *filename = NULL;
>> + char *filename = NULL, *module_name = NULL, *version = NULL;
>
> ?
Removed
>
>> semanage_module_info_t *modinfo = NULL;
>> if ((retval = parse_module_headers(sh, data, data_len,
>> &module_name, &version,
>> @@ -868,14 +1063,10 @@
>> if (retval == -4) {
>> ERR(sh, "There does not already exist a module named %s.",
>> module_name);
>> - goto cleanup;
>> - }
>> - if (write_file(sh, filename, data, data_len) == -1) {
>> - retval = -3;
>> }
>> +
>> cleanup:
>> free(version);
>> - free(filename);
>> free(module_name);
>> for (i = 0; modinfo != NULL && i < num_modules; i++) {
>> semanage_module_info_t *m =
>> @@ -883,6 +1074,80 @@
>> semanage_module_info_datum_destroy(m);
>> }
>> free(modinfo);
>> + if (retval == 0) {
>> + *outfilename = filename;
>> + } else {
>> + free(filename);
>> + }
>> + return retval;
>> +}
>> +
>> +/* Similar to semanage_direct_install(), except that it checks that
>> + * there already exists a module with the same name and that the
>> + * module is an older version then the one in 'data'. Returns 0 on
>> + * success, -1 if out of memory, -2 if the data does not represent a
>> + * valid module file, -3 if error while writing file or reading
>> + * modules directory, -4 if there does not exist an older module or if
>> + * the previous module is same or newer than 'data'.
>> + */
>> +static int semanage_direct_upgrade(semanage_handle_t * sh,
>> + char *data, size_t data_len)
>> +{
>> + char *filename = NULL;
>> + int retval = get_direct_upgrade_filename(sh,
>> + data, data_len,
>> + &filename);
>> + if (retval == 0) {
>> + if (bzip(filename, data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> + retval = -3;
>> + }
>> + free(filename);
>> + }
>> + return retval;
>> +}
>> +
>> +/* Attempts to link a module to the sandbox's module directory,
> unlinking any
>> + * previous module stored within.
>> + * Returns 0 on success, -1 if out of memory, -2 if the
>> + * data does not represent a valid module file, -3 if error while
>> + * writing file. */
>> +
>> +static int semanage_direct_upgrade_file(semanage_handle_t * sh,
>> + const char *module_filename)
>> +{
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd = -1;
>> +
>> + if ((in_fd = open(module_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + char *filename = NULL;
>> + retval = get_direct_upgrade_filename(sh,
>> + data, data_len,
>> + &filename);
>> +
>> + if (retval != 0) goto cleanup;
>> +
>> + retval = dupfile(filename, in_fd);
>> + free(filename);
>> + } else {
>> + retval = semanage_direct_upgrade(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> return retval;
>> }
>>
>> @@ -903,7 +1168,8 @@
>> if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) {
>> goto cleanup;
>> }
>> - if (write_file(sh, filename, base_data, data_len) == -1) {
>> + if (bzip(filename, base_data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> retval = -3;
>> }
>> retval = 0;
>
> retval gets smashed
>
Fixed, this was an existing bug, BTW
>> @@ -911,6 +1177,49 @@
>> return retval;
>> }
>>
>> +/* Writes a base module into a sandbox, overwriting any previous base
>> + * module.
>> + * Returns 0 on success, -1 if out of memory, -2 if the data does not
> represent
>> + * a valid base module file, -3 if error while writing file.
>> + */
>> +static int semanage_direct_install_base_file(semanage_handle_t * sh,
>> + const char *install_filename)
>> +{
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd;
>> +
>> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + const char *filename = NULL;
>> + if ((retval = parse_base_headers(sh, data, data_len)) != 0) {
>> + goto cleanup;
>> + }
>> + if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) {
>> + goto cleanup;
>> + }
>> +
>> + retval = dupfile(filename, in_fd);
>> + } else {
>> + retval = semanage_direct_install_base(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> + return retval;
>> +}
>> +
>> /* Removes a module from the sandbox. Returns 0 on success, -1 if out
>> * of memory, -2 if module not found or could not be removed. */
>> static int semanage_direct_remove(semanage_handle_t * sh, char
> *module_name)
>> @@ -1005,15 +1314,26 @@
>> * report it */
>> continue;
>> }
>> + size_t size;
>> + char *data = NULL;
>> +
>> + if ((size = bunzip(fp, &data)) != 0) {
>> + fclose(fp);
>> + fp = fmemopen(data, size, "rb");
>
> unhandled error from fclose and fmemopen
>
Fixed fmemopen failure, we don't check fclose failure anywhere in the code.
>> + }
>> + rewind(fp);
>> +
>> __fsetlocking(fp, FSETLOCKING_BYCALLER);
>> sepol_policy_file_set_fp(pf, fp);
>> if (sepol_module_package_info(pf, &type, &name, &version)) {
>> fclose(fp);
>> + free(data);
>> free(name);
>> free(version);
>> continue;
>> }
>> fclose(fp);
>> + free(data);
>> if (type == SEPOL_POLICY_MOD) {
>> (*modinfo)[*num_modules].name = name;
>> (*modinfo)[*num_modules].version = version;
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.h
> libsemanage-2.0.28/src/direct_api.h
>> --- nsalibsemanage/src/direct_api.h 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/direct_api.h 2008-10-13 12:35:22.000000000
> -0400
>> @@ -37,4 +37,7 @@
>>
>> int semanage_direct_access_check(struct semanage_handle *sh);
>>
>> +#include <stdio.h>
>> +size_t bunzip(FILE *f, char **data);
>> +
>> #endif
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/src/libsemanage.map libsemanage-2.0.28/src/libsemanage.map
>> --- nsalibsemanage/src/libsemanage.map 2008-08-28 09:34:24.000000000
> -0400
>> +++ libsemanage-2.0.28/src/libsemanage.map 2008-10-13
> 12:35:22.000000000 -0400
>> @@ -3,8 +3,10 @@
>> semanage_is_managed; semanage_connect; semanage_disconnect;
>> semanage_msg_*;
>> semanage_begin_transaction; semanage_commit;
>> - semanage_module_install; semanage_module_upgrade;
>> - semanage_module_install_base; semanage_module_remove;
>> + semanage_module_install; semanage_module_install_file;
>> + semanage_module_upgrade; semanage_module_upgrade_file;
>> + semanage_module_install_base; semanage_module_install_base_file;
>> + semanage_module_remove;
>> semanage_module_list; semanage_module_info_datum_destroy;
>> semanage_module_list_nth; semanage_module_get_name;
>> semanage_module_get_version; semanage_select_store;
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c
> libsemanage-2.0.28/src/modules.c
>> --- nsalibsemanage/src/modules.c 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/modules.c 2008-10-13 12:35:22.000000000 -0400
>> @@ -52,6 +52,25 @@
>> return sh->funcs->install(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_install_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->install_file == NULL) {
>> + ERR(sh,
>> + "No install function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->install_file(sh, module_name);
>> +}
>> +
>> int semanage_module_upgrade(semanage_handle_t * sh,
>> char *module_data, size_t data_len)
>> {
>> @@ -71,6 +90,25 @@
>> return sh->funcs->upgrade(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_upgrade_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->upgrade_file == NULL) {
>> + ERR(sh,
>> + "No upgrade function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->upgrade_file(sh, module_name);
>> +}
>> +
>> int semanage_module_install_base(semanage_handle_t * sh,
>> char *module_data, size_t data_len)
>> {
>> @@ -90,6 +128,25 @@
>> return sh->funcs->install_base(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_install_base_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->install_base_file == NULL) {
>> + ERR(sh,
>> + "No install base function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->install_base_file(sh, module_name);
>> +}
>> +
>> int semanage_module_remove(semanage_handle_t * sh, char *module_name)
>> {
>> if (sh->funcs->remove == NULL) {
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h
> libsemanage-2.0.28/src/policy.h
>> --- nsalibsemanage/src/policy.h 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/policy.h 2008-10-13 12:35:22.000000000 -0400
>> @@ -49,8 +49,14 @@
>> /* Install a policy module */
>> int (*install) (struct semanage_handle *, char *, size_t);
>>
>> + /* Install a policy module */
>> + int (*install_file) (struct semanage_handle *, const char *);
>> +
>> /* Upgrade a policy module */
>> int (*upgrade) (struct semanage_handle *, char *, size_t);
>> +
>> + /* Upgrade a policy module */
>> + int (*upgrade_file) (struct semanage_handle *, const char *);
>>
>> /* Remove a policy module */
>> int (*remove) (struct semanage_handle *, char *);
>> @@ -61,6 +67,9 @@
>>
>> /* Install base policy */
>> int (*install_base) (struct semanage_handle *, char *, size_t);
>> +
>> + /* Install a base module */
>> + int (*install_base_file) (struct semanage_handle *, const char *);
>> };
>>
>> /* Should be backend independent */
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/src/semanage_store.c libsemanage-2.0.28/src/semanage_store.c
>> --- nsalibsemanage/src/semanage_store.c 2008-09-15 12:20:44.000000000
> -0400
>> +++ libsemanage-2.0.28/src/semanage_store.c 2008-10-13
> 12:57:29.000000000 -0400
>> @@ -440,6 +440,8 @@
>> char tmp[PATH_MAX];
>> char buf[4192];
>>
>> + if (link(src,dst) == 0) return 0;
>> +
>> n = snprintf(tmp, PATH_MAX, "%s.tmp", dst);
>> if (n < 0 || n >= PATH_MAX)
>> return -1;
>> @@ -1522,16 +1524,26 @@
>> ERR(sh, "Could not open module file %s for reading.", filename);
>> goto cleanup;
>> }
>> + size_t size;
>> + char *data = NULL;
>> +
>> + if ((size = bunzip(fp, &data)) != 0) {
>> + fclose(fp);
>> + fp = fmemopen(data, size, "rb");
>> + }
>
> unhandled error from fclose and fmemopen
>
Fixed as above
>
>> + rewind(fp);
>> __fsetlocking(fp, FSETLOCKING_BYCALLER);
>> sepol_policy_file_set_fp(pf, fp);
>> sepol_policy_file_set_handle(pf, sh->sepolh);
>> if (sepol_module_package_read(*package, pf, 0) == -1) {
>> ERR(sh, "Error while reading from module file %s.", filename);
>> fclose(fp);
>> + free(data);
>> goto cleanup;
>> }
>> sepol_policy_file_free(pf);
>> fclose(fp);
>> + free(data);
>> return retval;
>>
>> cleanup:
>
>
nclude/semanage/modules.h
rc/Makefile
rc/direct_api.c
rc/direct_api.h
rc/libsemanage.map
rc/modules.c
rc/policy.h
rc/semanage_store.c
|
| 46dc67016b13e43e0d3a0d53fbea85f9b8437ce6 |
12-Nov-2008 |
Stephen Smalley <sds@tycho.nsa.gov> |
Bump libsemanage to 2.0.30.
hangeLog
ERSION
|
| 0a515c461000f9b1f74b79714ccf0d1d4b775c8a |
10-Nov-2008 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage: Add semanage_mls_enabled interface
Add a semanage_mls_enabled() interface to libsemanage so that
semanage/seobject can be rewritten to use it to test whether MLS is
enabled for a given policy store rather than checking the runtime MLS
enabled status, which can be misleading when using semanage on a
SELinux-disabled host or when using semanage on a store other than the
active one. Sample usage:
from semanage import *
handle = semanage_handle_create()
rc = semanage_connect(handle)
rc = semanage_mls_enabled(handle)
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
nclude/semanage/handle.h
rc/direct_api.c
rc/direct_api.h
rc/handle.c
rc/libsemanage.map
rc/semanage.py
rc/semanageswig_wrap.c
|
| 223bb406d85e29482ed075c4b4d8b2dd6cc743f8 |
09-Nov-2008 |
Joshua Brindle <method@manicmethod.com> |
Bump libsemanage to 2.0.29 and policycoreutils to 2.0.59
hangeLog
ERSION
|
| 9e2c58f924c074c3f2b644e4a4ec197e1b629431 |
11-Nov-2008 |
Christopher J. PeBenito <cpebenito@tresys.com> |
homedir_template generation skips USER lines
The current libsemanage code does not correctly add lines which include
USER in them into the homedir_template, for example:
/tmp/gconfd-USER -d system_u:object_r:ROLE_tmp_t
This line was included in the past since it has ROLE. However, with the
switch to UBAC separations, the line has changed to:
/tmp/gconfd-USER -d system_u:object_r:user_tmp_t
and is no longer included. The follwing patch fixes.
Signed-off-by: Joshua Brindle <method@manicmethod.com>
rc/semanage_store.c
|
| f187d4a56e43fe54a2f8f203d118cbc35cd0c2eb |
15-Sep-2008 |
Joshua Brindle <method@manicmethod.com> |
bump to libsemanage 2.0.28
hangeLog
ERSION
|
| e319cd8538dca80c4a6f9ad2669b14e02f255853 |
15-Sep-2008 |
Joshua Brindle <method@manicmethod.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: libsemage patch to not compile modules for seusers and fcontext
Date: Wed, 10 Sep 2008 10:30:08 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ivan Gyurdiev wrote:
>
>>> I'm a little unclear on what this is doing - can you clarify?
>>>
>> This is clearing the existing seusers.final file, otherwise delete was
>> not working.
>>
> I think the previous code was doing more - it was merging the local file
> with the shipped base package file, like this:
>
> data = extract_file_from_policy_package( )
> write_file ( "seusers.final", data )
> if ( data != null ) {
> seusers.clear_cache() // thereby forcing reload from
> seusers.final when cache() is called again (in merge_components)
> } else {
> seusers.clear()
> }
>
> It's also doing this three times (once for fcontexts, once for seusers,
> once for seusers_extra).
> The problem is that you're skipping the link_sandbox call, which builds
> the base package, containing this information.
>
> Ivan
>
>
Ok I found some problems with the previous patch and did some code
reuse. I added a function that only read base.pp in order to handle the
base user_extra and seusers problem.
Signed-off-by: Joshua Brindle <method@manicmethod.com>
xample/test_fcontext.c
rc/direct_api.c
rc/semanage_store.c
rc/semanage_store.h
|
| 13cd4c8960688af11ad23b4c946149015c80d549 |
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
OPYING
hangeLog
akefile
ERSION
nclude/Makefile
nclude/semanage/boolean_record.h
nclude/semanage/booleans_active.h
nclude/semanage/booleans_local.h
nclude/semanage/booleans_policy.h
nclude/semanage/context_record.h
nclude/semanage/debug.h
nclude/semanage/fcontext_record.h
nclude/semanage/fcontexts_local.h
nclude/semanage/fcontexts_policy.h
nclude/semanage/handle.h
nclude/semanage/iface_record.h
nclude/semanage/interfaces_local.h
nclude/semanage/interfaces_policy.h
nclude/semanage/modules.h
nclude/semanage/node_record.h
nclude/semanage/nodes_local.h
nclude/semanage/nodes_policy.h
nclude/semanage/port_record.h
nclude/semanage/ports_local.h
nclude/semanage/ports_policy.h
nclude/semanage/semanage.h
nclude/semanage/seuser_record.h
nclude/semanage/seusers_local.h
nclude/semanage/seusers_policy.h
nclude/semanage/user_record.h
nclude/semanage/users_local.h
nclude/semanage/users_policy.h
an/Makefile
an/man3/semanage_bool.3
an/man3/semanage_bool_count.3
an/man3/semanage_bool_count_active.3
an/man3/semanage_bool_count_local.3
an/man3/semanage_bool_del_local.3
an/man3/semanage_bool_exists.3
an/man3/semanage_bool_exists_active.3
an/man3/semanage_bool_exists_local.3
an/man3/semanage_bool_iterate.3
an/man3/semanage_bool_iterate_active.3
an/man3/semanage_bool_iterate_local.3
an/man3/semanage_bool_list.3
an/man3/semanage_bool_list_active.3
an/man3/semanage_bool_list_local.3
an/man3/semanage_bool_modify_local.3
an/man3/semanage_bool_query.3
an/man3/semanage_bool_query_active.3
an/man3/semanage_bool_query_local.3
an/man3/semanage_bool_set_active.3
an/man3/semanage_count.3
an/man3/semanage_del.3
an/man3/semanage_exists.3
an/man3/semanage_fcontext.3
an/man3/semanage_fcontext_count.3
an/man3/semanage_fcontext_count_local.3
an/man3/semanage_fcontext_del_local.3
an/man3/semanage_fcontext_exists.3
an/man3/semanage_fcontext_exists_local.3
an/man3/semanage_fcontext_iterate.3
an/man3/semanage_fcontext_iterate_local.3
an/man3/semanage_fcontext_list.3
an/man3/semanage_fcontext_list_local.3
an/man3/semanage_fcontext_modify_local.3
an/man3/semanage_fcontext_query.3
an/man3/semanage_fcontext_query_local.3
an/man3/semanage_iface.3
an/man3/semanage_iface_count.3
an/man3/semanage_iface_count_local.3
an/man3/semanage_iface_del_local.3
an/man3/semanage_iface_exists.3
an/man3/semanage_iface_exists_local.3
an/man3/semanage_iface_iterate.3
an/man3/semanage_iface_iterate_local.3
an/man3/semanage_iface_list.3
an/man3/semanage_iface_list_local.3
an/man3/semanage_iface_modify_local.3
an/man3/semanage_iface_query.3
an/man3/semanage_iface_query_local.3
an/man3/semanage_iterate.3
an/man3/semanage_list.3
an/man3/semanage_modify.3
an/man3/semanage_node.3
an/man3/semanage_node_count.3
an/man3/semanage_node_count_local.3
an/man3/semanage_node_del_local.3
an/man3/semanage_node_exists.3
an/man3/semanage_node_exists_local.3
an/man3/semanage_node_iterate.3
an/man3/semanage_node_iterate_local.3
an/man3/semanage_node_list.3
an/man3/semanage_node_list_local.3
an/man3/semanage_node_modify_local.3
an/man3/semanage_node_query.3
an/man3/semanage_node_query_local.3
an/man3/semanage_port.3
an/man3/semanage_port_count.3
an/man3/semanage_port_count_local.3
an/man3/semanage_port_del_local.3
an/man3/semanage_port_exists.3
an/man3/semanage_port_exists_local.3
an/man3/semanage_port_iterate.3
an/man3/semanage_port_iterate_local.3
an/man3/semanage_port_list.3
an/man3/semanage_port_list_local.3
an/man3/semanage_port_modify_local.3
an/man3/semanage_port_query.3
an/man3/semanage_port_query_local.3
an/man3/semanage_query.3
an/man3/semanage_seuser.3
an/man3/semanage_seuser_count.3
an/man3/semanage_seuser_count_local.3
an/man3/semanage_seuser_del_local.3
an/man3/semanage_seuser_exists.3
an/man3/semanage_seuser_exists_local.3
an/man3/semanage_seuser_iterate.3
an/man3/semanage_seuser_iterate_local.3
an/man3/semanage_seuser_list.3
an/man3/semanage_seuser_list_local.3
an/man3/semanage_seuser_modify_local.3
an/man3/semanage_seuser_query.3
an/man3/semanage_seuser_query_local.3
an/man3/semanage_user.3
an/man3/semanage_user_count.3
an/man3/semanage_user_count_local.3
an/man3/semanage_user_del_local.3
an/man3/semanage_user_exists.3
an/man3/semanage_user_exists_local.3
an/man3/semanage_user_iterate.3
an/man3/semanage_user_iterate_local.3
an/man3/semanage_user_list.3
an/man3/semanage_user_list_local.3
an/man3/semanage_user_modify_local.3
an/man3/semanage_user_query.3
an/man3/semanage_user_query_local.3
rc/Makefile
rc/boolean_internal.h
rc/boolean_record.c
rc/booleans_active.c
rc/booleans_activedb.c
rc/booleans_file.c
rc/booleans_local.c
rc/booleans_policy.c
rc/booleans_policydb.c
rc/conf-parse.y
rc/conf-scan.l
rc/context_internal.h
rc/context_record.c
rc/database.c
rc/database.h
rc/database_activedb.c
rc/database_activedb.h
rc/database_file.c
rc/database_file.h
rc/database_join.c
rc/database_join.h
rc/database_llist.c
rc/database_llist.h
rc/database_policydb.c
rc/database_policydb.h
rc/debug.c
rc/debug.h
rc/direct_api.c
rc/direct_api.h
rc/dso.h
rc/fcontext_internal.h
rc/fcontext_record.c
rc/fcontexts_file.c
rc/fcontexts_local.c
rc/fcontexts_policy.c
rc/genhomedircon.c
rc/genhomedircon.h
rc/handle.c
rc/handle.h
rc/handle_internal.h
rc/iface_internal.h
rc/iface_record.c
rc/interfaces_file.c
rc/interfaces_local.c
rc/interfaces_policy.c
rc/interfaces_policydb.c
rc/libsemanage.map
rc/module_internal.h
rc/modules.c
rc/modules.h
rc/node_internal.h
rc/node_record.c
rc/nodes_file.c
rc/nodes_local.c
rc/nodes_policy.c
rc/nodes_policydb.c
rc/parse_utils.c
rc/parse_utils.h
rc/policy.h
rc/policy_components.c
rc/port_internal.h
rc/port_record.c
rc/ports_file.c
rc/ports_local.c
rc/ports_policy.c
rc/ports_policydb.c
rc/pywrap-test.py
rc/semanage.conf
rc/semanage.py
rc/semanage_conf.h
rc/semanage_store.c
rc/semanage_store.h
rc/semanageswig.i
rc/semanageswig_python.i
rc/semanageswig_wrap.c
rc/seuser_internal.h
rc/seuser_record.c
rc/seusers_file.c
rc/seusers_local.c
rc/seusers_policy.c
rc/user_base_record.c
rc/user_extra_record.c
rc/user_internal.h
rc/user_record.c
rc/users_base_file.c
rc/users_base_policydb.c
rc/users_extra_file.c
rc/users_join.c
rc/users_local.c
rc/users_policy.c
rc/utilities.c
rc/utilities.h
ests/Makefile
ests/README
ests/libsemanage-tests.c
ests/nc_sort_malformed
ests/nc_sort_sorted
ests/nc_sort_unsorted
ests/test_semanage_store.c
ests/test_semanage_store.h
ests/test_utilities.c
ests/test_utilities.h
ests/utilities.c
ests/utilities.h
|