* Java bindings for SELinux libraries
@ 2007-03-29 21:20 Dave Quigley
2007-03-30 14:51 ` Karl MacMillan
0 siblings, 1 reply; 5+ messages in thread
From: Dave Quigley @ 2007-03-29 21:20 UTC (permalink / raw)
To: selinux
Hello,
I was wondering if anyone has written or has seen java bindings
for the selinux userspace libraries? A search through google doesn't
yield any good results.
Dave Quigley
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Java bindings for SELinux libraries
2007-03-29 21:20 Java bindings for SELinux libraries Dave Quigley
@ 2007-03-30 14:51 ` Karl MacMillan
2007-04-01 14:30 ` Antoine Martin
0 siblings, 1 reply; 5+ messages in thread
From: Karl MacMillan @ 2007-03-30 14:51 UTC (permalink / raw)
To: Dave Quigley; +Cc: selinux, slide
On Thu, 2007-03-29 at 17:20 -0400, Dave Quigley wrote:
> Hello,
> I was wondering if anyone has written or has seen java bindings
> for the selinux userspace libraries? A search through google doesn't
> yield any good results.
>
There are not generally available Java bindings of which I am aware.
However, the python bindings are done with Swig, which should make
producing Java bindings fairly straightforward. Also, the SLIDE
developers (http://oss.tresys.com/projects/slide) may have some bindings
(CC'd).
Karl
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Java bindings for SELinux libraries
2007-03-30 14:51 ` Karl MacMillan
@ 2007-04-01 14:30 ` Antoine Martin
2007-04-02 14:54 ` Brian M. Williams
2007-04-02 15:43 ` KaiGai Kohei
0 siblings, 2 replies; 5+ messages in thread
From: Antoine Martin @ 2007-04-01 14:30 UTC (permalink / raw)
To: Karl MacMillan; +Cc: Dave Quigley, selinux, slide
Karl MacMillan wrote:
> On Thu, 2007-03-29 at 17:20 -0400, Dave Quigley wrote:
>> Hello,
>> I was wondering if anyone has written or has seen java bindings
>> for the selinux userspace libraries? A search through google doesn't
>> yield any good results.
>>
>
> There are not generally available Java bindings of which I am aware.
> However, the python bindings are done with Swig, which should make
> producing Java bindings fairly straightforward.
I have written some JNI stubs for use in a CMS, but never took it beyond
the proof-of-concept stage (for lack of time). It is pretty easy to
generate the JNI stubs using the sun tools.
Here is an example for getfilecon:
This is generated by the Sun tools (just had to fill in the blanks):
#include <jni.h>
#include <sys/types.h>
#include <selinux/selinux.h>
JNIEXPORT jstring JNICALL Java_uk_org_devloop_GetFileCon_getfilecon
(JNIEnv * env, jobject jobj, jstring filename) {
jboolean iscopy;
const char *mfile = (*env)->GetStringUTFChars(
env, filename, &iscopy);
security_context_t sc = NULL;
int ret = getfilecon(mfile, &sc);
jstring str = (*env)->NewStringUTF (env,sc);
freecon(sc);
return (str);
}
Compile it:
gcc -o getfilecon.so -Wl,-soname,libgetfilecon.so
-I/opt/java/jdk1.6/include/ -I/opt/java/jdk1.6/include/linux
GetFileCon.c -shared -fPIC -lselinux
Then you can use it in Java:
public class GetFileCon {
//Native method declaration
native String getfilecon(String filename);
//Load the library
static {
System.loadLibrary("getfilecon");
}
public static void main(String args[]) {
GetFileCon gfc = new GetFileCon();
String file = ".";
String buf = gfc.getfilecon(file);
System.out.println("getfilecon("+file+")="+buf);
}
}
Obviously, you wouldn't write a .so for each method to call. this is
just a PoC.
Antoine
> Also, the SLIDE
> developers (http://oss.tresys.com/projects/slide) may have some bindings
> (CC'd).
>
> Karl
>
>
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: Java bindings for SELinux libraries
2007-04-01 14:30 ` Antoine Martin
@ 2007-04-02 14:54 ` Brian M. Williams
2007-04-02 15:43 ` KaiGai Kohei
1 sibling, 0 replies; 5+ messages in thread
From: Brian M. Williams @ 2007-04-02 14:54 UTC (permalink / raw)
To: Karl MacMillan, Dave Quigley; +Cc: selinux, slide, Antoine Martin
> -----Original Message-----
> From: Antoine Martin [mailto:antoine@nagafix.co.uk]
> Sent: Sunday, April 01, 2007 10:30 AM
> To: Karl MacMillan
> Cc: Dave Quigley; selinux@tycho.nsa.gov; slide
> Subject: Re: Java bindings for SELinux libraries
>
> Karl MacMillan wrote:
> > On Thu, 2007-03-29 at 17:20 -0400, Dave Quigley wrote:
> >> Hello,
> >> I was wondering if anyone has written or has seen java bindings
> >> for the selinux userspace libraries? A search through
> google doesn't
> >> yield any good results.
> >>
> >
> > There are not generally available Java bindings of which I am aware.
> > However, the python bindings are done with Swig, which should make
> > producing Java bindings fairly straightforward.
> I have written some JNI stubs for use in a CMS, but never
> took it beyond
> the proof-of-concept stage (for lack of time). It is pretty easy to
> generate the JNI stubs using the sun tools.
> Here is an example for getfilecon:
>
> This is generated by the Sun tools (just had to fill in the blanks):
> #include <jni.h>
> #include <sys/types.h>
> #include <selinux/selinux.h>
>
> JNIEXPORT jstring JNICALL Java_uk_org_devloop_GetFileCon_getfilecon
> (JNIEnv * env, jobject jobj, jstring filename) {
>
> jboolean iscopy;
> const char *mfile = (*env)->GetStringUTFChars(
> env, filename, &iscopy);
>
> security_context_t sc = NULL;
> int ret = getfilecon(mfile, &sc);
> jstring str = (*env)->NewStringUTF (env,sc);
> freecon(sc);
> return (str);
> }
>
> Compile it:
> gcc -o getfilecon.so -Wl,-soname,libgetfilecon.so
> -I/opt/java/jdk1.6/include/ -I/opt/java/jdk1.6/include/linux
> GetFileCon.c -shared -fPIC -lselinux
>
> Then you can use it in Java:
> public class GetFileCon {
> //Native method declaration
> native String getfilecon(String filename);
> //Load the library
> static {
> System.loadLibrary("getfilecon");
> }
>
> public static void main(String args[]) {
> GetFileCon gfc = new GetFileCon();
> String file = ".";
> String buf = gfc.getfilecon(file);
> System.out.println("getfilecon("+file+")="+buf);
> }
> }
>
> Obviously, you wouldn't write a .so for each method to call. this is
> just a PoC.
>
> Antoine
>
Dave,
CDS Framework does have Java bindings for three functions in libselinux
(matchpathcon and related functions). They are available at:
(http://oss.tresys.com/projects/cdsframework/browser/trunk/framework-plu
gin/libselinuxjava). If you checkout CDSFramework and run make or ant
in the libselinux directory it will create the swigified Java files.
Hopefully you can use this as a starting point to do what you need.
Brian
>
>
> > Also, the SLIDE
> > developers (http://oss.tresys.com/projects/slide) may have
> some bindings
> > (CC'd).
> >
> > Karl
> >
> >
> >
> >
> > --
> > This message was distributed to subscribers of the selinux
> mailing list.
> > If you no longer wish to subscribe, send mail to
> majordomo@tycho.nsa.gov with
> > the words "unsubscribe selinux" without quotes as the message.
> >
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Java bindings for SELinux libraries
2007-04-01 14:30 ` Antoine Martin
2007-04-02 14:54 ` Brian M. Williams
@ 2007-04-02 15:43 ` KaiGai Kohei
1 sibling, 0 replies; 5+ messages in thread
From: KaiGai Kohei @ 2007-04-02 15:43 UTC (permalink / raw)
To: Antoine Martin; +Cc: Karl MacMillan, Dave Quigley, selinux, slide
Antoine Martin wrote:
> Karl MacMillan wrote:
>> On Thu, 2007-03-29 at 17:20 -0400, Dave Quigley wrote:
>>> Hello,
>>> I was wondering if anyone has written or has seen java bindings
>>> for the selinux userspace libraries? A search through google doesn't
>>> yield any good results.
>>>
>>
>> There are not generally available Java bindings of which I am aware.
>> However, the python bindings are done with Swig, which should make
>> producing Java bindings fairly straightforward.
> I have written some JNI stubs for use in a CMS, but never took it beyond
> the proof-of-concept stage (for lack of time). It is pretty easy to
> generate the JNI stubs using the sun tools.
I tried to implement Java binding via JNI in the past, but I gave up.
The reason was that I didn't know the way to obtain a file descriptor
from Socket typed object in Java.
It's necessary to implement getpeercon() at least, and I wanted to use
this function from java application, so I lost my motivation.
Does anyone know the way to obtain it from Socket typed objects?
> Here is an example for getfilecon:
>
> This is generated by the Sun tools (just had to fill in the blanks):
> #include <jni.h>
> #include <sys/types.h>
> #include <selinux/selinux.h>
>
> JNIEXPORT jstring JNICALL Java_uk_org_devloop_GetFileCon_getfilecon
> (JNIEnv * env, jobject jobj, jstring filename) {
>
> jboolean iscopy;
> const char *mfile = (*env)->GetStringUTFChars(
> env, filename, &iscopy);
>
> security_context_t sc = NULL;
> int ret = getfilecon(mfile, &sc);
> jstring str = (*env)->NewStringUTF (env,sc);
> freecon(sc);
> return (str);
> }
>
> Compile it:
> gcc -o getfilecon.so -Wl,-soname,libgetfilecon.so
> -I/opt/java/jdk1.6/include/ -I/opt/java/jdk1.6/include/linux
> GetFileCon.c -shared -fPIC -lselinux
>
> Then you can use it in Java:
> public class GetFileCon {
> //Native method declaration
> native String getfilecon(String filename);
> //Load the library
> static {
> System.loadLibrary("getfilecon");
> }
>
> public static void main(String args[]) {
> GetFileCon gfc = new GetFileCon();
> String file = ".";
> String buf = gfc.getfilecon(file);
> System.out.println("getfilecon("+file+")="+buf);
> }
> }
>
> Obviously, you wouldn't write a .so for each method to call. this is
> just a PoC.
>
> Antoine
>
>
>
>> Also, the SLIDE
>> developers (http://oss.tresys.com/projects/slide) may have some bindings
>> (CC'd).
>>
>> Karl
>>
>>
>>
>>
>> --
>> This message was distributed to subscribers of the selinux mailing list.
>> If you no longer wish to subscribe, send mail to
>> majordomo@tycho.nsa.gov with
>> the words "unsubscribe selinux" without quotes as the message.
>>
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov
> with
> the words "unsubscribe selinux" without quotes as the message.
>
--
KaiGai Kohei <kaigai@kaigai.gr.jp>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-04-02 15:43 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-03-29 21:20 Java bindings for SELinux libraries Dave Quigley
2007-03-30 14:51 ` Karl MacMillan
2007-04-01 14:30 ` Antoine Martin
2007-04-02 14:54 ` Brian M. Williams
2007-04-02 15:43 ` KaiGai Kohei
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.