|
 |
61e13eb |
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.90/man/man8/selinuxconlist.8
|
|
|
792921f |
--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500
|
|
|
90bec1e |
+++ libselinux-2.0.90/man/man8/selinuxconlist.8 2010-01-18 16:52:28.000000000 -0500
|
|
|
792921f |
@@ -0,0 +1,18 @@
|
|
|
792921f |
+.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
|
792921f |
+.SH "NAME"
|
|
|
792921f |
+selinuxconlist \- list all SELinux context reachable for user
|
|
|
792921f |
+.SH "SYNOPSIS"
|
|
|
792921f |
+.B selinuxconlist [-l level] user [context]
|
|
|
792921f |
+
|
|
|
792921f |
+.SH "DESCRIPTION"
|
|
|
792921f |
+.B selinuxconlist
|
|
|
792921f |
+reports the list of context reachable for user from the current context or specified context
|
|
|
792921f |
+
|
|
|
792921f |
+.B \-l level
|
|
|
792921f |
+mcs/mls level
|
|
|
792921f |
+
|
|
|
792921f |
+.SH AUTHOR
|
|
|
792921f |
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
|
792921f |
+
|
|
|
792921f |
+.SH "SEE ALSO"
|
|
|
792921f |
+secon(8), selinuxdefcon(8)
|
|
|
61e13eb |
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.90/man/man8/selinuxdefcon.8
|
|
|
792921f |
--- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500
|
|
|
90bec1e |
+++ libselinux-2.0.90/man/man8/selinuxdefcon.8 2010-01-18 16:52:28.000000000 -0500
|
|
|
61e13eb |
@@ -0,0 +1,24 @@
|
|
|
792921f |
+.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
|
792921f |
+.SH "NAME"
|
|
|
61e13eb |
+selinuxdefcon \- report default SELinux context for user
|
|
|
792921f |
+
|
|
|
792921f |
+.SH "SYNOPSIS"
|
|
|
61e13eb |
+.B selinuxdefcon [-l level] user fromcon
|
|
|
792921f |
+
|
|
|
792921f |
+.SH "DESCRIPTION"
|
|
|
61e13eb |
+.B selinuxdefcon
|
|
|
61e13eb |
+reports the default context for the specified user from the specified context
|
|
|
792921f |
+
|
|
|
792921f |
+.B \-l level
|
|
|
792921f |
+mcs/mls level
|
|
|
792921f |
+
|
|
|
61e13eb |
+.SH EXAMPLE
|
|
|
61e13eb |
+# selinuxdefcon jsmith system_u:system_r:sshd_t:s0
|
|
|
61e13eb |
+.br
|
|
|
61e13eb |
+unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
|
|
|
61e13eb |
+
|
|
|
792921f |
+.SH AUTHOR
|
|
|
792921f |
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
|
792921f |
+
|
|
|
792921f |
+.SH "SEE ALSO"
|
|
|
792921f |
+secon(8), selinuxconlist(8)
|
|
|
61e13eb |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/callbacks.c libselinux-2.0.90/src/callbacks.c
|
|
|
fa62185 |
--- nsalibselinux/src/callbacks.c 2009-04-08 09:06:23.000000000 -0400
|
|
|
90bec1e |
+++ libselinux-2.0.90/src/callbacks.c 2010-01-18 16:52:28.000000000 -0500
|
|
|
d0a06b2 |
@@ -16,6 +16,7 @@
|
|
|
ee77868 |
{
|
|
|
d0a06b2 |
int rc;
|
|
|
d0a06b2 |
va_list ap;
|
|
|
d0a06b2 |
+ if (is_selinux_enabled() == 0) return 0;
|
|
|
d0a06b2 |
va_start(ap, fmt);
|
|
|
d0a06b2 |
rc = vfprintf(stderr, fmt, ap);
|
|
|
d0a06b2 |
va_end(ap);
|
|
|
61e13eb |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-2.0.90/src/init.c
|
|
|
61e13eb |
--- nsalibselinux/src/init.c 2009-07-14 11:16:03.000000000 -0400
|
|
|
0f05d31 |
+++ libselinux-2.0.90/src/init.c 2010-02-22 11:04:16.000000000 -0500
|
|
|
afc68d4 |
@@ -23,7 +23,7 @@
|
|
|
afc68d4 |
static void init_selinuxmnt(void)
|
|
|
afc68d4 |
{
|
|
|
afc68d4 |
char *buf=NULL, *p;
|
|
|
afc68d4 |
- FILE *fp;
|
|
|
afc68d4 |
+ FILE *fp=NULL;
|
|
|
afc68d4 |
struct statfs sfbuf;
|
|
|
afc68d4 |
int rc;
|
|
|
afc68d4 |
size_t len;
|
|
|
0f05d31 |
@@ -57,16 +57,17 @@
|
|
|
0f05d31 |
break;
|
|
|
0f05d31 |
}
|
|
|
61e13eb |
}
|
|
|
0f05d31 |
- fclose(fp);
|
|
|
61e13eb |
|
|
|
61e13eb |
- if (!exists)
|
|
|
afc68d4 |
- return;
|
|
|
afc68d4 |
+ if (!exists)
|
|
|
afc68d4 |
+ goto out;
|
|
|
0f05d31 |
+
|
|
|
0f05d31 |
+ fclose(fp);
|
|
|
61e13eb |
|
|
|
61e13eb |
/* At this point, the usual spot doesn't have an selinuxfs so
|
|
|
61e13eb |
* we look around for it */
|
|
|
afc68d4 |
fp = fopen("/proc/mounts", "r");
|
|
|
afc68d4 |
if (!fp)
|
|
|
afc68d4 |
- return;
|
|
|
afc68d4 |
+ goto out;
|
|
|
afc68d4 |
|
|
|
afc68d4 |
__fsetlocking(fp, FSETLOCKING_BYCALLER);
|
|
|
afc68d4 |
while ((num = getline(&buf, &len, fp)) != -1) {
|
|
|
0f05d31 |
@@ -90,7 +91,8 @@
|
|
|
afc68d4 |
|
|
|
afc68d4 |
out:
|
|
|
afc68d4 |
free(buf);
|
|
|
afc68d4 |
- fclose(fp);
|
|
|
afc68d4 |
+ if (fp)
|
|
|
afc68d4 |
+ fclose(fp);
|
|
|
afc68d4 |
return;
|
|
|
afc68d4 |
}
|
|
|
afc68d4 |
|
|
|
90bec1e |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/label_file.c libselinux-2.0.90/src/label_file.c
|
|
|
90bec1e |
--- nsalibselinux/src/label_file.c 2009-05-18 13:53:14.000000000 -0400
|
|
|
90bec1e |
+++ libselinux-2.0.90/src/label_file.c 2010-01-18 16:53:54.000000000 -0500
|
|
|
90bec1e |
@@ -20,6 +20,9 @@
|
|
|
90bec1e |
#include "callbacks.h"
|
|
|
90bec1e |
#include "label_internal.h"
|
|
|
90bec1e |
|
|
|
90bec1e |
+#include <sys/types.h>
|
|
|
90bec1e |
+#include <sys/stat.h>
|
|
|
90bec1e |
+
|
|
|
90bec1e |
/*
|
|
|
90bec1e |
* Internals, mostly moved over from matchpathcon.c
|
|
|
90bec1e |
*/
|
|
|
afc68d4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/libselinux.pc.in libselinux-2.0.90/src/libselinux.pc.in
|
|
|
afc68d4 |
--- nsalibselinux/src/libselinux.pc.in 2009-11-02 12:58:30.000000000 -0500
|
|
|
afc68d4 |
+++ libselinux-2.0.90/src/libselinux.pc.in 2010-02-18 10:02:46.000000000 -0500
|
|
|
afc68d4 |
@@ -1,6 +1,6 @@
|
|
|
afc68d4 |
prefix=@prefix@
|
|
|
afc68d4 |
exec_prefix=${prefix}
|
|
|
afc68d4 |
-libdir=${exec_prefix}/lib
|
|
|
afc68d4 |
+libdir=${exec_prefix}/@libdir@
|
|
|
afc68d4 |
includedir=@includedir@
|
|
|
afc68d4 |
|
|
|
afc68d4 |
Name: libselinux
|
|
|
afc68d4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.90/src/Makefile
|
|
|
afc68d4 |
--- nsalibselinux/src/Makefile 2009-12-01 15:46:50.000000000 -0500
|
|
|
0f05d31 |
+++ libselinux-2.0.90/src/Makefile 2010-02-18 10:20:27.000000000 -0500
|
|
|
afc68d4 |
@@ -11,6 +11,7 @@
|
|
|
afc68d4 |
RUBYPLATFORM ?= $(shell ruby -e 'print RUBY_PLATFORM')
|
|
|
afc68d4 |
RUBYINC ?= $(LIBDIR)/ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
|
|
|
afc68d4 |
RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
|
|
|
afc68d4 |
+LIBBASE=$(shell basename $(LIBDIR))
|
|
|
afc68d4 |
|
|
|
afc68d4 |
VERSION = $(shell cat ../VERSION)
|
|
|
afc68d4 |
LIBVERSION = 1
|
|
|
afc68d4 |
@@ -85,7 +86,7 @@
|
|
|
afc68d4 |
ln -sf $@ $(TARGET)
|
|
|
afc68d4 |
|
|
|
afc68d4 |
$(LIBPC): $(LIBPC).in
|
|
|
afc68d4 |
- sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
|
|
|
afc68d4 |
+ sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
|
|
|
afc68d4 |
|
|
|
afc68d4 |
selinuxswig_python_exception.i: ../include/selinux/selinux.h
|
|
|
afc68d4 |
bash exception.sh > $@
|
|
|
61e13eb |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.90/src/matchpathcon.c
|
|
|
fa62185 |
--- nsalibselinux/src/matchpathcon.c 2009-03-06 14:41:45.000000000 -0500
|
|
|
90bec1e |
+++ libselinux-2.0.90/src/matchpathcon.c 2010-01-18 16:52:28.000000000 -0500
|
|
|
974a6e4 |
@@ -2,6 +2,7 @@
|
|
|
974a6e4 |
#include <string.h>
|
|
|
974a6e4 |
#include <errno.h>
|
|
|
974a6e4 |
#include <stdio.h>
|
|
|
974a6e4 |
+#include <syslog.h>
|
|
|
974a6e4 |
#include "selinux_internal.h"
|
|
|
974a6e4 |
#include "label_internal.h"
|
|
|
974a6e4 |
#include "callbacks.h"
|
|
|
974a6e4 |
@@ -57,7 +58,7 @@
|
|
|
974a6e4 |
{
|
|
|
974a6e4 |
va_list ap;
|
|
|
974a6e4 |
va_start(ap, fmt);
|
|
|
974a6e4 |
- vfprintf(stderr, fmt, ap);
|
|
|
974a6e4 |
+ vsyslog(LOG_ERR, fmt, ap);
|
|
|
974a6e4 |
va_end(ap);
|
|
|
974a6e4 |
}
|
|
|
b5b41bc |
|