rpms / libselinux

Clone
Source Code
GIT

Files

  1.   c2b28e3158d3ab86c94b99c264608e3f719747ae
  2.   libselinux-rhat.patch
Blob Blame History Raw 
diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.26/include/selinux/selinux.h
--- nsalibselinux/include/selinux/selinux.h	2005-09-01 11:17:40.000000000 -0400
+++ libselinux-1.26/include/selinux/selinux.h	2005-09-12 17:05:36.000000000 -0400
@@ -304,6 +304,12 @@
 extern int selinux_getenforcemode(int *enforce);
 
 /*
+  selinux_getpolicytype reads the /etc/selinux/config file and determines 
+  whether the policy tyep for this machine, type must be freed.
+ */
+extern void selinux_getpolicytype(char **type);
+
+/*
   selinux_policy_root reads the /etc/selinux/config file and returns 
   the directory path under which the compiled policy file and context 
   configuration files exist.
--- nsalibselinux/src/init.c	2005-09-01 13:21:11.000000000 -0400
+++ libselinux-1.26/src/init.c	2005-09-12 17:13:20.000000000 -0400
@@ -8,6 +8,7 @@
 #include <asm/page.h>
 #include <stdio.h>
 #include <dlfcn.h>
+#include <limits.h>
 
 #include "dso.h"
 #include "policy.h"
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-1.26/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c	2005-08-24 09:07:11.000000000 -0400
+++ libselinux-1.26/src/matchpathcon.c	2005-09-12 17:05:37.000000000 -0400
@@ -25,6 +25,20 @@
 	va_end(ap);
 }
 
+#define STRIP_LEVEL(CON) \
+		if (! mls_enabled) { \
+			int i=0; \
+			int ctr=0; \
+			while (CON[i]) { \
+				if (CON[i] == ':') ctr++; \
+				if (ctr==3) { \
+				  CON[i]=0; \
+				  break; \
+				} \
+				i++; \
+			} \
+		} 
+
 static void (*myprintf)(const char *fmt, ...) = &default_printf;
 
 void set_matchpathcon_printf(void (*f)(const char *fmt, ...))
@@ -415,7 +429,7 @@
 	}
 	return;
 }
-static int process_line( const char *path, char *line_buf, int pass, unsigned lineno) {
+static int process_line( const char *path, char *line_buf, int pass, unsigned lineno, int mls_enabled) {
 	int items, len, regerr;
 	char *buf_p;
 	char *regex, *type, *context;
@@ -438,6 +452,7 @@
 	} else if (items == 2) {
 		/* The type field is optional. */
 		free(context);
+		STRIP_LEVEL(type)
 		context = type;
 		type = 0;
 	}
@@ -510,7 +525,7 @@
 		}
 		
 	skip_type:
-		
+		STRIP_LEVEL(context)
 		spec_arr[nspec].context = context;
 		
 		if (strcmp(context, "<<none>>")) {
@@ -557,6 +572,7 @@
 	unsigned int lineno, pass, i, j, maxnspec;
 	spec_t *spec_copy=NULL;
 	int status=-1;
+	int mls_enabled=is_selinux_mls_enabled();
 
 	/* Open the specification file. */
 	if (!path)
@@ -590,20 +606,20 @@
 		lineno = 0;
 		nspec = 0;
 		while (getline(&line_buf, &line_len, fp) > 0 && nspec < maxnspec) {
-			if (process_line(path, line_buf, pass, ++lineno) != 0)
+			if (process_line(path, line_buf, pass, ++lineno, mls_enabled) != 0)
 				goto finish;
 		}
 		lineno = 0;
 		if (homedirfp) 
 			while (getline(&line_buf, &line_len, homedirfp) > 0 && nspec < maxnspec) {
-				if (process_line(homedir_path, line_buf, pass, ++lineno) != 0)
+				if (process_line(homedir_path, line_buf, pass, ++lineno, mls_enabled) != 0)
 					goto finish;
 			}
 
 		lineno = 0;
 		if (localfp) 
 			while (getline(&line_buf, &line_len, localfp) > 0 && nspec < maxnspec) {
-				if (process_line(local_path, line_buf, pass, ++lineno) != 0)
+				if (process_line(local_path, line_buf, pass, ++lineno, mls_enabled) != 0)
 					goto finish;
 			}
 
--- nsalibselinux/src/selinux_config.c	2005-03-17 14:56:21.000000000 -0500
+++ libselinux-1.26/src/selinux_config.c	2005-09-13 12:46:22.682193000 -0400
@@ -85,6 +85,29 @@
 
 static int use_compat_file_path;
 
+void selinux_getpolicytype(char **rtype) {
+	char *type=SELINUXDEFAULT;
+	char buf[4097];
+	int i=0;
+	int len=sizeof(SELINUXTYPETAG)-1;
+	FILE *cfg = fopen(SELINUXCONFIG,"r");
+	if (cfg) {
+		while (fgets_unlocked(buf, 4096, cfg)) {
+			if (strncmp(buf,SELINUXTYPETAG,len)==0) {
+				type=buf+len;
+				break;
+			}
+		}
+		fclose(cfg);
+	}
+	i=strlen(type)-1;
+	while ((i>=0) && 
+	       (isspace(type[i]) || iscntrl(type[i]))) {
+		type[i]=0;
+		i--;
+	}
+	*rtype=strdup(type);
+}
 int selinux_getenforcemode(int *enforce) {
   int ret=-1;
   FILE *cfg = fopen(SELINUXCONFIG,"r");
@@ -122,38 +145,24 @@
 
 static void init_selinux_policyroot(void)
 {
-  char *type=SELINUXDEFAULT;
-  int i=0, len=sizeof(SELINUXTYPETAG)-1, len2;
-  char buf[4097];
-  FILE *cfg;
+  char *type=NULL;
+  int i=0, len, len2;
   if (selinux_policyroot) return;
   if (access(SELINUXDIR, F_OK) != 0) {
 	  selinux_policyroot = SECURITYDIR;
 	  use_compat_file_path = 1;
 	  return;
   }
-  cfg = fopen(SELINUXCONFIG,"r");
-  if (cfg) {
-    while (fgets_unlocked(buf, 4096, cfg)) {
-      if (strncmp(buf,SELINUXTYPETAG,len)==0) {
-	type=buf+len;
-	break;
-      }
-    }
-    fclose(cfg);
-  }
-  i=strlen(type)-1;
-  while ((i>=0) && 
-	 (isspace(type[i]) || iscntrl(type[i]))) {
-    type[i]=0;
-    i--;
-  }
+  selinux_getpolicytype(&type);
+  if (!type) return;
   len=sizeof(SELINUXDIR) + strlen(type);
   selinux_policyroot=malloc(len);
-  if (!selinux_policyroot)
+  if (!selinux_policyroot) {
+	  free(type);
 	  return;
+  }
   snprintf(selinux_policyroot,len, "%s%s", SELINUXDIR, type);
-  
+  free(type);
   for (i = 0; i < NEL; i++) {
 	  len2 = len + strlen(file_path_suffixes_data.str
 			      + file_path_suffixes_idx[i])+1;
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.