* [PATCH] libsemanage: add genhomedircon path to semanage.conf parsing
@ 2006-09-28 21:31 James Athey
2006-09-29 15:00 ` Stephen Smalley
0 siblings, 1 reply; 3+ messages in thread
From: James Athey @ 2006-09-28 21:31 UTC (permalink / raw)
To: selinux
This patch adds the ability to specify a path to genhomedircon in semanage.conf, similar to specifying a path to setfiles or load_policy. For example:
[genhomedircon]
path = /usr/local/sbin/genhomedircon_modified
args = -t $@
[end]
Index: libsemanage/src/conf-parse.y
===================================================================
--- libsemanage/src/conf-parse.y (revision 2032)
+++ libsemanage/src/conf-parse.y (working copy)
@@ -1,6 +1,7 @@
-/* Author: Jason Tang <jtang@tresys.com>
+/* Authors: Jason Tang <jtang@tresys.com>
+ * James Athey <jathey@tresys.com>
*
- * Copyright (C) 2004-2005 Tresys Technology, LLC
+ * Copyright (C) 2004-2006 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -56,7 +57,7 @@
}
%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
-%token LOAD_POLICY_START SETFILES_START
+%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
%token PROG_PATH PROG_ARGS
%token <s> ARG
@@ -137,6 +138,14 @@
YYABORT;
}
}
+ | GENHOMEDIRCON_START {
+ semanage_conf_external_prog_destroy(current_conf->genhomedircon);
+ current_conf->genhomedircon = NULL;
+ if (new_external_prog(¤t_conf->genhomedircon) == -1) {
+ parse_errors++;
+ YYABORT;
+ }
+ }
;
verify_block: verify_start external_opts BLOCK_END {
Index: libsemanage/src/conf-scan.l
===================================================================
--- libsemanage/src/conf-scan.l (revision 2032)
+++ libsemanage/src/conf-scan.l (working copy)
@@ -1,6 +1,7 @@
-/* Author: Jason Tang <jtang@tresys.com>
+/* Authors: Jason Tang <jtang@tresys.com>
+ * James Athey <jathey@tresys.com>
*
- * Copyright (C) 2004-2005 Tresys Technology, LLC
+ * Copyright (C) 2004-2006 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -43,6 +44,7 @@
file-mode return FILE_MODE;
"[load_policy]" return LOAD_POLICY_START;
"[setfiles]" return SETFILES_START;
+"[genhomedircon]" return GENHOMEDIRCON_START;
"[verify module]" return VERIFY_MOD_START;
"[verify linked]" return VERIFY_LINKED_START;
"[verify kernel]" return VERIFY_KERNEL_START;
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] libsemanage: add genhomedircon path to semanage.conf parsing
2006-09-28 21:31 [PATCH] libsemanage: add genhomedircon path to semanage.conf parsing James Athey
@ 2006-09-29 15:00 ` Stephen Smalley
2006-10-02 15:22 ` Karl MacMillan
0 siblings, 1 reply; 3+ messages in thread
From: Stephen Smalley @ 2006-09-29 15:00 UTC (permalink / raw)
To: James Athey; +Cc: selinux
On Thu, 2006-09-28 at 17:31 -0400, James Athey wrote:
> This patch adds the ability to specify a path to genhomedircon in semanage.conf, similar to specifying a path to setfiles or load_policy. For example:
>
> [genhomedircon]
> path = /usr/local/sbin/genhomedircon_modified
> args = -t $@
> [end]
>
> Index: libsemanage/src/conf-parse.y
> ===================================================================
> --- libsemanage/src/conf-parse.y (revision 2032)
> +++ libsemanage/src/conf-parse.y (working copy)
> @@ -1,6 +1,7 @@
> -/* Author: Jason Tang <jtang@tresys.com>
> +/* Authors: Jason Tang <jtang@tresys.com>
> + * James Athey <jathey@tresys.com>
> *
> - * Copyright (C) 2004-2005 Tresys Technology, LLC
> + * Copyright (C) 2004-2006 Tresys Technology, LLC
> *
> * This library is free software; you can redistribute it and/or
> * modify it under the terms of the GNU Lesser General Public
> @@ -56,7 +57,7 @@
> }
>
> %token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
> -%token LOAD_POLICY_START SETFILES_START
> +%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
> %token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
> %token PROG_PATH PROG_ARGS
> %token <s> ARG
> @@ -137,6 +138,14 @@
> YYABORT;
> }
> }
> + | GENHOMEDIRCON_START {
> + semanage_conf_external_prog_destroy(current_conf->genhomedircon);
> + current_conf->genhomedircon = NULL;
> + if (new_external_prog(¤t_conf->genhomedircon) == -1) {
> + parse_errors++;
> + YYABORT;
> + }
> + }
> ;
>
> verify_block: verify_start external_opts BLOCK_END {
> Index: libsemanage/src/conf-scan.l
> ===================================================================
> --- libsemanage/src/conf-scan.l (revision 2032)
> +++ libsemanage/src/conf-scan.l (working copy)
> @@ -1,6 +1,7 @@
> -/* Author: Jason Tang <jtang@tresys.com>
> +/* Authors: Jason Tang <jtang@tresys.com>
> + * James Athey <jathey@tresys.com>
> *
> - * Copyright (C) 2004-2005 Tresys Technology, LLC
> + * Copyright (C) 2004-2006 Tresys Technology, LLC
> *
> * This library is free software; you can redistribute it and/or
> * modify it under the terms of the GNU Lesser General Public
> @@ -43,6 +44,7 @@
> file-mode return FILE_MODE;
> "[load_policy]" return LOAD_POLICY_START;
> "[setfiles]" return SETFILES_START;
> +"[genhomedircon]" return GENHOMEDIRCON_START;
> "[verify module]" return VERIFY_MOD_START;
> "[verify linked]" return VERIFY_LINKED_START;
> "[verify kernel]" return VERIFY_KERNEL_START;
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] libsemanage: add genhomedircon path to semanage.conf parsing
2006-09-29 15:00 ` Stephen Smalley
@ 2006-10-02 15:22 ` Karl MacMillan
0 siblings, 0 replies; 3+ messages in thread
From: Karl MacMillan @ 2006-10-02 15:22 UTC (permalink / raw)
To: Stephen Smalley; +Cc: James Athey, selinux
Stephen Smalley wrote:
> On Thu, 2006-09-28 at 17:31 -0400, James Athey wrote:
>
>> This patch adds the ability to specify a path to genhomedircon in semanage.conf, similar to specifying a path to setfiles or load_policy. For example:
>>
>> [genhomedircon]
>> path = /usr/local/sbin/genhomedircon_modified
>> args = -t $@
>> [end]
>>
>> Index: libsemanage/src/conf-parse.y
>> ===================================================================
>> --- libsemanage/src/conf-parse.y (revision 2032)
>> +++ libsemanage/src/conf-parse.y (working copy)
>> @@ -1,6 +1,7 @@
>> -/* Author: Jason Tang <jtang@tresys.com>
>> +/* Authors: Jason Tang <jtang@tresys.com>
>> + * James Athey <jathey@tresys.com>
>> *
>> - * Copyright (C) 2004-2005 Tresys Technology, LLC
>> + * Copyright (C) 2004-2006 Tresys Technology, LLC
>> *
>> * This library is free software; you can redistribute it and/or
>> * modify it under the terms of the GNU Lesser General Public
>> @@ -56,7 +57,7 @@
>> }
>>
>> %token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE
>> -%token LOAD_POLICY_START SETFILES_START
>> +%token LOAD_POLICY_START SETFILES_START GENHOMEDIRCON_START
>> %token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END
>> %token PROG_PATH PROG_ARGS
>> %token <s> ARG
>> @@ -137,6 +138,14 @@
>> YYABORT;
>> }
>> }
>> + | GENHOMEDIRCON_START {
>> + semanage_conf_external_prog_destroy(current_conf->genhomedircon);
>> + current_conf->genhomedircon = NULL;
>> + if (new_external_prog(¤t_conf->genhomedircon) == -1) {
>> + parse_errors++;
>> + YYABORT;
>> + }
>> + }
>> ;
>>
>> verify_block: verify_start external_opts BLOCK_END {
>> Index: libsemanage/src/conf-scan.l
>> ===================================================================
>> --- libsemanage/src/conf-scan.l (revision 2032)
>> +++ libsemanage/src/conf-scan.l (working copy)
>> @@ -1,6 +1,7 @@
>> -/* Author: Jason Tang <jtang@tresys.com>
>> +/* Authors: Jason Tang <jtang@tresys.com>
>> + * James Athey <jathey@tresys.com>
>> *
>> - * Copyright (C) 2004-2005 Tresys Technology, LLC
>> + * Copyright (C) 2004-2006 Tresys Technology, LLC
>> *
>> * This library is free software; you can redistribute it and/or
>> * modify it under the terms of the GNU Lesser General Public
>> @@ -43,6 +44,7 @@
>> file-mode return FILE_MODE;
>> "[load_policy]" return LOAD_POLICY_START;
>> "[setfiles]" return SETFILES_START;
>> +"[genhomedircon]" return GENHOMEDIRCON_START;
>> "[verify module]" return VERIFY_MOD_START;
>> "[verify linked]" return VERIFY_LINKED_START;
>> "[verify kernel]" return VERIFY_KERNEL_START;
>>
>
> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
>
>
Acked-by: Karl MacMillan <kmacmillan@mentalrootkit.com>
I will note, however, that we should eventually remove this parser to
remove the flex dependency in such a low-level library.
Karl
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-10-02 15:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-28 21:31 [PATCH] libsemanage: add genhomedircon path to semanage.conf parsing James Athey
2006-09-29 15:00 ` Stephen Smalley
2006-10-02 15:22 ` Karl MacMillan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.