* [ LIBSEMANAGE ] Cleanup patch (resync-ed)
@ 2005-11-09 5:08 Ivan Gyurdiev
2005-11-09 5:09 ` Ivan Gyurdiev
2005-11-09 13:54 ` Stephen Smalley
0 siblings, 2 replies; 4+ messages in thread
From: Ivan Gyurdiev @ 2005-11-09 5:08 UTC (permalink / raw)
To: SELinux List; +Cc: Stephen Smalley
Same cleanup patch as before, resync-ed against latest changes.
Changes:
- fold semanage_module_conn into semanage_direct_handle
- move sepol handle initialization and destruction into
semanage_handle_create/destroy, to allow use of the handle when
disconnected, which is consistent with current record interfaces (they
do not require a connection).
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ LIBSEMANAGE ] Cleanup patch (resync-ed)
2005-11-09 5:08 [ LIBSEMANAGE ] Cleanup patch (resync-ed) Ivan Gyurdiev
@ 2005-11-09 5:09 ` Ivan Gyurdiev
2005-11-09 13:54 ` Stephen Smalley
1 sibling, 0 replies; 4+ messages in thread
From: Ivan Gyurdiev @ 2005-11-09 5:09 UTC (permalink / raw)
To: SELinux List; +Cc: Stephen Smalley
[-- Attachment #1: Type: text/plain, Size: 21 bytes --]
Forgot the patch...
[-- Attachment #2: libsemanage.cleanup.diff --]
[-- Type: text/x-patch, Size: 7768 bytes --]
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/direct_api.c new/libsemanage/src/direct_api.c
--- old/libsemanage/src/direct_api.c 2005-11-08 14:46:38.000000000 -0500
+++ new/libsemanage/src/direct_api.c 2005-11-09 00:00:07.000000000 -0500
@@ -97,11 +97,6 @@ int semanage_direct_is_managed(semanage_
int semanage_direct_connect(semanage_handle_t *sh) {
char polpath[PATH_MAX];
- sh->sepolh = sepol_handle_create();
- if (!sh->sepolh)
- goto err;
- sepol_msg_set_callback(sh->sepolh, semanage_msg_relay_handler, sh);
-
snprintf(polpath, PATH_MAX, "%s%s", selinux_path(), sh->conf->store_path);
if (semanage_check_init(polpath))
@@ -110,8 +105,8 @@ int semanage_direct_connect(semanage_han
if (semanage_create_store(sh, 1) < 0)
goto err;
- sh->conn.module.translock_file_fd = -1;
- sh->conn.module.activelock_file_fd = -1;
+ sh->u.direct.translock_file_fd = -1;
+ sh->u.direct.activelock_file_fd = -1;
/* set up function pointers */
sh->funcs = &direct_funcs;
@@ -167,8 +162,6 @@ static int semanage_direct_disconnect(se
}
semanage_release_trans_lock(sh);
}
- sepol_handle_destroy(sh->sepolh);
- sh->sepolh = NULL;
/* Remove object databases */
user_file_dbase_release(semanage_user_dbase_local(sh));
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/direct_api.h new/libsemanage/src/direct_api.h
--- old/libsemanage/src/direct_api.h 2005-11-08 14:47:04.000000000 -0500
+++ new/libsemanage/src/direct_api.h 2005-11-09 00:03:18.000000000 -0500
@@ -17,12 +17,24 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
-#ifndef SEMANAGE_DIRECT_API_H
-#define SEMANAGE_DIRECT_API_H
+#ifndef _SEMANAGE_DIRECT_API_H_
+#define _SEMANAGE_DIRECT_API_H_
-#include "handle.h"
+/* Circular dependency */
+struct semanage_handle;
-int semanage_direct_connect(semanage_handle_t *sh);
-int semanage_direct_is_managed(semanage_handle_t *sh);
+/* Direct component of handle */
+struct semanage_direct_handle {
+
+ /* Locking */
+ int activelock_file_fd;
+ int translock_file_fd;
+};
+
+int semanage_direct_connect(
+ struct semanage_handle *sh);
+
+int semanage_direct_is_managed(
+ struct semanage_handle *sh);
#endif
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/handle.c new/libsemanage/src/handle.c
--- old/libsemanage/src/handle.c 2005-11-08 23:15:31.000000000 -0500
+++ new/libsemanage/src/handle.c 2005-11-09 00:00:07.000000000 -0500
@@ -51,6 +51,12 @@ semanage_handle_t *semanage_handle_creat
if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)
goto err;
+ /* Link to sepol handle */
+ sh->sepolh = sepol_handle_create();
+ if (!sh->sepolh)
+ goto err;
+ sepol_msg_set_callback(sh->sepolh, semanage_msg_relay_handler, sh);
+
/* By default always reload policy after commit */
sh->do_reload = 1;
@@ -145,7 +151,7 @@ void semanage_handle_destroy(semanage_ha
if (sh->funcs != NULL && sh->funcs->destroy != NULL)
sh->funcs->destroy(sh);
semanage_conf_destroy(sh->conf);
-
+ sepol_handle_destroy(sh->sepolh);
free(sh);
}
hidden_def(semanage_handle_destroy)
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/handle.h new/libsemanage/src/handle.h
--- old/libsemanage/src/handle.h 2005-11-08 23:15:44.000000000 -0500
+++ new/libsemanage/src/handle.h 2005-11-09 00:00:07.000000000 -0500
@@ -28,15 +28,15 @@
#include <sepol/handle.h>
#include "modules.h"
#include "semanage_conf.h"
-#include "policy.h"
#include "database.h"
+#include "direct_api.h"
+#include "policy.h"
struct semanage_handle {
int con_id; /* Connection ID */
int policy_serial; /* Policy serial number at connect time */
/* Error handling */
- sepol_handle_t *sepolh;
int msg_level;
const char* msg_channel;
const char* msg_fname;
@@ -49,15 +49,16 @@ struct semanage_handle {
const char* fmt,
...);
void* msg_callback_arg;
- /* ================ */
- /* one of these connections will actually be used while
- * working with the module store -- the particular one if
- * given by conf->store_type */
- semanage_conf_t *conf;
+ /* Direct vs Server specific handle */
union {
- struct semanage_module_conn module;
- } conn;
+ struct semanage_direct_handle direct;
+ } u;
+
+ /* Libsepol handle */
+ sepol_handle_t* sepolh;
+
+ semanage_conf_t *conf;
int is_connected;
int is_in_transaction;
int do_reload; /* whether to reload policy after commit */
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/policy.h new/libsemanage/src/policy.h
--- old/libsemanage/src/policy.h 2005-11-08 14:49:07.000000000 -0500
+++ new/libsemanage/src/policy.h 2005-11-09 00:00:07.000000000 -0500
@@ -27,12 +27,6 @@
/* Circular dependency */
struct semanage_handle;
-/* Connection Locking */
-struct semanage_module_conn {
- int translock_file_fd;
- int activelock_file_fd;
-};
-
/* Backend dependent portion */
struct semanage_policy_table {
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION old/libsemanage/src/semanage_store.c new/libsemanage/src/semanage_store.c
--- old/libsemanage/src/semanage_store.c 2005-11-08 23:14:48.000000000 -0500
+++ new/libsemanage/src/semanage_store.c 2005-11-09 00:00:07.000000000 -0500
@@ -418,8 +418,7 @@ int semanage_remove_directory(const char
/********************* sandbox management routines *********************/
/* Creates a sandbox for a single client. Returns 0 if a
- * sandbox was created (and thus assigned to sh->conn.module.sandbox),
- * -1 on error.
+ * sandbox was created, -1 on error.
*/
int semanage_make_sandbox(semanage_handle_t *sh) {
const char *sandbox = semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL);
@@ -1140,9 +1139,9 @@ static int semanage_get_lock(semanage_ha
int semanage_get_trans_lock(semanage_handle_t *sh) {
const char *lock_file = semanage_files[SEMANAGE_TRANS_LOCK];
- sh->conn.module.translock_file_fd =
+ sh->u.direct.translock_file_fd =
semanage_get_lock(sh, "transaction lock", lock_file);
- if (sh->conn.module.translock_file_fd >= 0) {
+ if (sh->u.direct.translock_file_fd >= 0) {
return 0;
}
else {
@@ -1160,9 +1159,9 @@ int semanage_get_trans_lock(semanage_han
int semanage_get_active_lock(semanage_handle_t *sh) {
const char *lock_file = semanage_files[SEMANAGE_READ_LOCK];
- sh->conn.module.activelock_file_fd =
+ sh->u.direct.activelock_file_fd =
semanage_get_lock(sh, "read lock", lock_file);
- if (sh->conn.module.activelock_file_fd >= 0) {
+ if (sh->u.direct.activelock_file_fd >= 0) {
return 0;
}
else {
@@ -1173,20 +1172,20 @@ int semanage_get_active_lock(semanage_ha
/* Releases the transaction lock. Does nothing if there was not one already
* there. */
void semanage_release_trans_lock(semanage_handle_t *sh) {
- if (sh->conn.module.translock_file_fd >= 0) {
- lockf(sh->conn.module.translock_file_fd, F_ULOCK, 0);
- close(sh->conn.module.translock_file_fd);
- sh->conn.module.translock_file_fd = -1;
+ if (sh->u.direct.translock_file_fd >= 0) {
+ lockf(sh->u.direct.translock_file_fd, F_ULOCK, 0);
+ close(sh->u.direct.translock_file_fd);
+ sh->u.direct.translock_file_fd = -1;
}
}
/* Releases the read lock. Does nothing if there was not one already
* there. */
void semanage_release_active_lock(semanage_handle_t *sh) {
- if (sh->conn.module.activelock_file_fd >= 0) {
- lockf(sh->conn.module.activelock_file_fd, F_ULOCK, 0);
- close(sh->conn.module.activelock_file_fd);
- sh->conn.module.activelock_file_fd = -1;
+ if (sh->u.direct.activelock_file_fd >= 0) {
+ lockf(sh->u.direct.activelock_file_fd, F_ULOCK, 0);
+ close(sh->u.direct.activelock_file_fd);
+ sh->u.direct.activelock_file_fd = -1;
}
}
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ LIBSEMANAGE ] Cleanup patch (resync-ed)
2005-11-09 5:08 [ LIBSEMANAGE ] Cleanup patch (resync-ed) Ivan Gyurdiev
2005-11-09 5:09 ` Ivan Gyurdiev
@ 2005-11-09 13:54 ` Stephen Smalley
2005-11-09 14:51 ` Stephen Smalley
1 sibling, 1 reply; 4+ messages in thread
From: Stephen Smalley @ 2005-11-09 13:54 UTC (permalink / raw)
To: Ivan Gyurdiev; +Cc: SELinux-dev, SELinux List
On Wed, 2005-11-09 at 00:08 -0500, Ivan Gyurdiev wrote:
> Same cleanup patch as before, resync-ed against latest changes.
>
> Changes:
> - fold semanage_module_conn into semanage_direct_handle
> - move sepol handle initialization and destruction into
> semanage_handle_create/destroy, to allow use of the handle when
> disconnected, which is consistent with current record interfaces (they
> do not require a connection).
Seems sane, but I'd like an ack from Tresys.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ LIBSEMANAGE ] Cleanup patch (resync-ed)
2005-11-09 13:54 ` Stephen Smalley
@ 2005-11-09 14:51 ` Stephen Smalley
0 siblings, 0 replies; 4+ messages in thread
From: Stephen Smalley @ 2005-11-09 14:51 UTC (permalink / raw)
To: Ivan Gyurdiev; +Cc: SELinux-dev, SELinux List
On Wed, 2005-11-09 at 08:54 -0500, Stephen Smalley wrote:
> On Wed, 2005-11-09 at 00:08 -0500, Ivan Gyurdiev wrote:
> > Same cleanup patch as before, resync-ed against latest changes.
> >
> > Changes:
> > - fold semanage_module_conn into semanage_direct_handle
> > - move sepol handle initialization and destruction into
> > semanage_handle_create/destroy, to allow use of the handle when
> > disconnected, which is consistent with current record interfaces (they
> > do not require a connection).
>
> Seems sane, but I'd like an ack from Tresys.
Ok, ack received, and patch merged.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-11-09 14:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-09 5:08 [ LIBSEMANAGE ] Cleanup patch (resync-ed) Ivan Gyurdiev
2005-11-09 5:09 ` Ivan Gyurdiev
2005-11-09 13:54 ` Stephen Smalley
2005-11-09 14:51 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.