| 9eb9c9327563014ad6a807814e7975424642d5b9 |
|
19-Feb-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Get rid of security_context_t and fix const declarations.
In attempting to enable building various part of Android with -Wall -Werror,
we found that the const security_context_t declarations in libselinux
are incorrect; const char * was intended, but const security_context_t
translates to char * const and triggers warnings on passing
const char * from the caller. Easiest fix is to replace them all with
const char *. And while we are at it, just get rid of all usage of
security_context_t itself as it adds no value - there is no true
encapsulation of the security context strings and callers already
directly use string functions on them. typedef left to permit
building legacy users until such a time as all are updated.
This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7
from Android, augmented to deal with all of the other code in upstream
libselinux and updating the man pages too.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
/external/selinux/libselinux/src/get_context_list.c
|
| 403f2cfeb808d3b3420050434763d9a7689d8388 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Change get_context_list to return an error rather then guess at a match.
In the past pam_selinux would return a bogus login context if the login program
was running with the wrong context. If you ran sshd as unconfined_t
you might get the login user loggin in as pam_oddjob_mkhomedir_t or some other bogus
type. This change fixes the code to return an error if it can not return a good
match.
/external/selinux/libselinux/src/get_context_list.c
|
| aa62cd60f7192123b509c2518e7a2083e34a65a2 |
|
29-Nov-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: Fix errors found by coverity
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/get_context_list.c
|
| aed37210a31f3bbfe40926065c83b0b82b0ecafc |
|
27-Nov-2011 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: return EINVAL if invalid role selected
For get_default_context_with_role(3) and get_default_context_with_rolelevel(3),
return errno = EINVAL if invalid role.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/get_context_list.c
|
| 7bc4ffb5df96c2acaac80f3e7c7c8e27faccd627 |
|
14-Dec-2010 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: I think it is time to turn off default user handling in libselinux
Date: Mon, 13 Dec 2010 13:28:01 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch will turn this handling off. Meaning you will not end up
with some bizarro context and fail to login if the login program can not
figure how to log you in.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0GZbEACgkQrlYvE4MpobOF7QCgsD1XYuNC6B5MyIezCZvN9mYL
UX4AoOe9GsP3bhuvMBPea9LXeV/7tCPS
=B9Pk
-----END PGP SIGNATURE-----
Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libselinux/src/get_context_list.c
|
| 13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/libselinux/src/get_context_list.c
|