| 432077b4dda7baa15b6daa1458759e674d398fa3 |
|
26-Feb-2015 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: Fix memory leaks when parsing semanage.conf
- Free args as they are parsed and strdup args when neccessary. Memory used for
lex initialization is now freed using yylex_destroy().
- Add noyywrap option to flex. This is the correct way to make the scanner
not call yywrap upon an end of file. Before, we were overriding the
function and returning 1.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 057197c69aaa36cf28694517151479de8ebb3c4c |
|
26-Feb-2015 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: Add option to remove HLL files after compilation
This adds a 'remove-hll' option to semanage.conf. If set to 'true', all
HLL files will be removed from the SELinux store after successfully
buildling the SELinux modules. The default for this option is 'false'.
In order to delete already compiled HLL files, the modules need to be
recompiled with the ignore-module-cache option.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| c4a4a1a7ed42c167a7d4bae06a1fffa8c6c9cb8d |
|
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
Fix gcc -Wstrict-prototypes warnings
In C, defining a function with () means "any number of parameters", not
"no parameter". Use (void) instead where applicable and add unused
parameters when needed.
Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| b8b0d7fa8ad38104ec017fd2b4d41bc5e4845f3c |
|
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libsemanage: fix gcc -Wwrite-strings warnings
Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 5e75b96e91534ae37405e1e417f4627f1e47d5c2 |
|
03-Apr-2014 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: add the ability to set an alternative root path for store
Allow an alternative selinux store root path to be used. The option
can be set in semanage.conf as store_root. If no option is provided, the
default path for the store_root is "/var/lib/selinux".
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| cae4a4c951aa19b2717254d76deeb986af466238 |
|
07-Feb-2014 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsemanage: add support for HLL to CIL compilers
An HLL to CIL compiler must exist in the compiler_directory path which
is configubrable in semanage.conf. By default, this path is
/usr/libexec/selinux/hll/. The compiler name needs to match the HLL
language extension. For example, for pp files,
/usr/libexec/selinux/hll/pp must exist.
The HLL infrastructure uncompresses the HLL module and pipes the data to
the appropriate CIL compiler. The output CIL from the compiler is read
from another pipe, compressed, and saved to the module store as a cached
CIL file. This file will be used on all subsequent policy builds, unless
a new module is installed with the same name at the same priority, at
which point the cache is deleted and is subsequently rebuilt and cached.
A new option is added to semanage.conf, ignore_cache, which if set to
true will cause the cached CIL files to be ignored and all HLL files to
be recompiled and the resulting CIL to be recached.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| c654ca1cf4e872e5d84bcd3fe7168e7f5f5400df |
|
13-Oct-2011 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: add target-platform option to semanage.conf
The target platform used to come from the base module. However, CIL has
no concept of a base module or a target platform. This adds an option to
semanage.conf (target-platform) to control how policies should be built.
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 844810d9ace7a13257b7bf715d9d6acd7131e741 |
|
27-Sep-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "libsemanage: introduce semanage_set_root and friends"
This reverts commit 9cd587f5533456e7b26601e27e65744272e2e783.
Conflicts:
libsemanage/include/semanage/handle.h
/external/selinux/libsemanage/src/conf-parse.y
|
| 52623801c4c614940b3005c30997d6ae78228beb |
|
25-Aug-2014 |
Steve Lawrence <slawrence@tresys.com> |
libsemanage: fix deprecation warning for bison
The %name-prefix="foo" syntax was deprecated in bison 2.3b [1], which
was released in 2006. This patches fixes the syntax to use the newer
syntax. This breaks support for older versions of bison.
[1] http://lists.gnu.org/archive/html/help-bison/2009-10/msg00018.html
Reported-by: Ilya Frolov <ilya.a.frolov@gmail.com>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 28baa721e0f544d0899b68eb5eee070ed2b4b02b |
|
14-Sep-2012 |
rhatdan <dwalsh@redhat.com> |
libsemanage: Add sefcontext_compile to compile regex everytime policy is rebuilt
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 915b5f885f030aa24a2ca648a184fa02cb5bbdcd |
|
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: add ignoredirs config for genhomedircon
For a long time /root has been treated differently in Red Hat
Distributions then upstream policy.
We do not want to label /root the same as a users homedir. Because of
this we have carried a patch in libsemanage/genhomedircon.c to ignore
/root.
This patch adds a flag to semanage.conf, ignoredirs. That will allow
distributions or users to specify directories that genhomedircon
should ignore when setting up users homedir labeling.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| 9cd587f5533456e7b26601e27e65744272e2e783 |
|
29-Jun-2011 |
Eric Paris <eparis@redhat.com> |
libsemanage: introduce semanage_set_root and friends
Allow applications to specify an alternate root for selinux stores.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| c8d100bb03e0fe0501037b914fe3638afd593ee4 |
|
25-Feb-2010 |
Daniel J Walsh <dwalsh@redhat.com> |
Patch to run genhomedircon without looking at /etc/passwd
I want to change the default of libsemanage to not look for home
directories in getpwent. This patch allows you to set the flag
usepasswd=false in the semanage.conf file. and genhomedircon will only
setup the labeling of /home, /export/home and any confined users homedirs.
If this patch is not acceptable because libsemanage is being rewritten,
I would like the functionality to be added to the new libsemanage.
/external/selinux/libsemanage/src/conf-parse.y
|
| eb014c79f11f01b25cbb44d81d5ed7fd9b90b836 |
|
18-Nov-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Add modules support to semanage
Date: Thu, 12 Nov 2009 11:23:15 -0500
On 11/11/2009 01:52 PM, Chad Sellers wrote:
> On 9/30/09 2:33 PM, "Daniel J Walsh" <dwalsh@redhat.com> wrote:
>
>> Includes enable and disable.
>>
> I presume I should hold off on this patch until you have a chance to
> resubmit the libsemanage support that it relies on. Let me know if that's
> not the case.
>
> Thanks,
> Chad
>
Lets do this patch.
Moves load_policy from /usr/sbin to /sbin
Removed cruft.
Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libsemanage/src/conf-parse.y
|
| ee9827000137fed2d3300124115fc1572acafe2f |
|
04-Aug-2009 |
Stephen Smalley <sds@tycho.nsa.gov> |
libsemanage: Enable configuration of bzip behavior
Allow the administrator to customize the bzip block size and "small"
flag via semanage.conf. After applying you can add entries like these
to your /etc/selinux/semanage.conf to trade off memory vs disk space
(block size) and to trade off memory vs runtime (small):
bzip-blocksize=4
bzip-small=true
You can also disable bzip compression altogether for your module store
via:
bzip-blocksize=0
The semanage.conf entries are now validated against legal value ranges
at handle creation time.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/libsemanage/src/conf-parse.y
|
| 13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/libsemanage/src/conf-parse.y
|