From: Ivan Gyurdiev <ivg2@cornell.edu>
To: selinux@tycho.nsa.gov
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Subject: [ SEMANAGE ] Add a few direct dbases to handle
Date: Fri, 14 Oct 2005 14:16:50 -0400 [thread overview]
Message-ID: <434FF612.8010708@cornell.edu> (raw)
[-- Attachment #1: Type: text/plain, Size: 148 bytes --]
Adds a few direct databases to the handle.
There's still no dangerous code in the main commit path...
This is just the equivalent to file init.
[-- Attachment #2: libsemanage.direct_dbase.diff --]
[-- Type: text/x-patch, Size: 3626 bytes --]
diff -Naur libsemanage/src/direct_api.c libsemanage.new/src/direct_api.c
--- libsemanage/src/direct_api.c 2005-10-13 15:23:31.000000000 -0400
+++ libsemanage.new/src/direct_api.c 2005-10-14 14:08:44.000000000 -0400
@@ -272,7 +272,7 @@
#if 0
/* Link components into base policy */
- if (semanage_base_merge_components(sh, NULL /* FIXME */) < 0)
+ if (semanage_base_merge_components(sh) < 0)
goto cleanup;
/* Commit changes to components */
diff -Naur libsemanage/src/handle.c libsemanage.new/src/handle.c
--- libsemanage/src/handle.c 2005-10-14 14:10:54.000000000 -0400
+++ libsemanage.new/src/handle.c 2005-10-14 14:07:52.000000000 -0400
@@ -39,6 +39,8 @@
#include "interfaces_file.h"
#include "booleans_file.h"
#include "seusers_file.h"
+#include "users_direct.h"
+#include "ports_direct.h"
#include "database.h"
#define SEMANAGE_COMMIT_READ_WAIT 5
@@ -90,6 +92,12 @@
if (seuser_file_dbase_init(&sh->dbase[DBASE_SEUSERS]) < 0)
goto err;
+ if (user_direct_dbase_init("base.pp", &sh->dbase[DBASE_BASE_USERS]) < 0)
+ goto err;
+
+ if (port_direct_dbase_init("base.pp", &sh->dbase[DBASE_BASE_PORTS]) < 0)
+ goto err;
+
return sh;
omem:
diff -Naur libsemanage/src/handle.h libsemanage.new/src/handle.h
--- libsemanage/src/handle.h 2005-10-14 14:10:54.000000000 -0400
+++ libsemanage.new/src/handle.h 2005-10-14 14:07:46.000000000 -0400
@@ -71,12 +71,20 @@
struct semanage_policy_table* funcs;
/* Object databases */
-#define DBASE_COUNT 5
+#define DBASE_COUNT 7
+
#define DBASE_USERS 0
#define DBASE_PORTS 1
#define DBASE_INTERFACES 2
#define DBASE_BOOLEANS 3
#define DBASE_SEUSERS 4
+
+#define DBASE_BASE_USERS 5
+#define DBASE_BASE_PORTS 6
+#if 0
+#define DBASE_BASE_INTERFACES 7
+#define DBASE_BASE_BOOLEANS 8
+#endif
dbase_config_t dbase[DBASE_COUNT];
};
@@ -105,5 +113,27 @@
return &handle->dbase[DBASE_SEUSERS];
}
+static inline
+dbase_config_t* semanage_base_user_dbase(semanage_handle_t* handle) {
+ return &handle->dbase[DBASE_BASE_USERS];
+}
+
+static inline
+dbase_config_t* semanage_base_port_dbase(semanage_handle_t* handle) {
+ return &handle->dbase[DBASE_BASE_PORTS];
+}
+
+#if 0
+static inline
+dbase_config_t* semanage_base_iface_dbase(semanage_handle_t* handle) {
+ return &handle->dbase[DBASE_BASE_INTERFACES];
+}
+
+static inline
+dbase_config_t* semanage_base_bool_dbase(semanage_handle_t* handle) {
+ return &handle->dbase[DBASE_BASE_BOOLEANS];
+}
+#endif
+
#endif
diff -Naur libsemanage/src/policy_components.c libsemanage.new/src/policy_components.c
--- libsemanage/src/policy_components.c 2005-10-14 13:19:51.000000000 -0400
+++ libsemanage.new/src/policy_components.c 2005-10-14 14:09:35.000000000 -0400
@@ -5,8 +5,7 @@
#include "debug.h"
int semanage_base_merge_components(
- semanage_handle_t* handle,
- semanage_module_info_t* base) {
+ semanage_handle_t* handle) {
//dbase_config_t* modules = dbase_modules_dbase(handle);
dbase_config_t* interfaces = semanage_iface_dbase(handle);
@@ -36,7 +35,6 @@
ports->dbase, NULL, NULL /* FIXME */) < 0)
goto err;
- base = NULL;
return STATUS_SUCCESS;
err:
diff -Naur libsemanage/src/policy.h libsemanage.new/src/policy.h
--- libsemanage/src/policy.h 2005-10-13 13:08:35.000000000 -0400
+++ libsemanage.new/src/policy.h 2005-10-14 14:09:44.000000000 -0400
@@ -66,8 +66,7 @@
/* Should be backend independent */
extern int semanage_base_merge_components(
- struct semanage_handle* handle,
- semanage_module_info_t* base);
+ struct semanage_handle* handle);
extern int semanage_commit_components(
struct semanage_handle* handle);
next reply other threads:[~2005-10-14 18:16 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-14 18:16 Ivan Gyurdiev [this message]
2005-10-14 18:39 ` [ SEMANAGE ] Bugfix previous patches Ivan Gyurdiev
2005-10-14 20:08 ` Stephen Smalley
2005-10-14 20:20 ` [ SEMANAGE ] Add a few direct dbases to handle Joshua Brindle
2005-10-14 20:40 ` Ivan Gyurdiev
2005-10-14 20:45 ` Ivan Gyurdiev
2005-10-14 20:39 ` Joshua Brindle
2005-10-14 20:59 ` Ivan Gyurdiev
2005-10-14 21:06 ` Joshua Brindle
2005-10-14 21:40 ` Ivan Gyurdiev
2005-10-15 11:34 ` Ivan Gyurdiev
2005-10-15 11:38 ` Ivan Gyurdiev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=434FF612.8010708@cornell.edu \
--to=ivg2@cornell.edu \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.