--- libselinux-1.33.4/src/selinuxswig.i 2007-01-11 13:01:24.000000000 -0600 +++ libselinux-2.0.13.new/src/selinuxswig.i 2007-05-17 13:03:38.000000000 -0500 @@ -17,18 +17,25 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +%import cpointer.i + +%header %{ + #define STATUS_SUCCESS 0 + #define STATUS_ERR -1 +%} %module selinux %{ #include "selinux/selinux.h" + #include "selinux/get_context_list.h" %} %apply int *OUTPUT { int * }; %apply int *OUTPUT { size_t * }; -%typemap(in, numinputs=0) security_context_t *(security_context_t temp) { +%typemap(in, numinputs=0) security_context_t *(security_context_t temp=NULL) { $1 = &temp; } -%typemap(argout) security_context_t * (char *temp) { +%typemap(argout) security_context_t * (char *temp=NULL) { if (*$1) temp = *$1; else @@ -40,10 +47,74 @@ $1 = (security_context_t)PyString_AsString($input); } +%wrapper %{ + static PyObject* security_context_list2plist( + int count, + security_context_t *list) + { + int i; + PyObject *security_context_string, *security_context_list; + security_context_list = PyList_New(count); // Create the list. + if (security_context_list) { + for (i=0; i < count; i++) { + security_context_string = PyString_FromString(strdup((char *)list[i])); + if (PyList_SetItem(security_context_list, i, security_context_string) < 0) { + PyErr_SetString(PyExc_MemoryError,"typemap(argout) security_context_t **: Fail to insert item in list."); + Py_DECREF(security_context_list); + return NULL; + } + } + } + else { + PyErr_SetString(PyExc_MemoryError,"typemap(argout) security_context_t **: Fail to create list."); + return NULL; + } + return security_context_list; + } +%} + +%typemap(argout) (const char *user, security_context_t fromcon, security_context_t **list) { + int count; + + SWIG_AsVal_int($result, &count); + PyObject *security_context_list = NULL; + + if ((security_context_list = security_context_list2plist(count, *$3)) == NULL) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_From_int(STATUS_SUCCESS); + + freeconary(*$3); + %append_output(security_context_list); +} + +%typemap(argout) (const char *user, const char *level, security_context_t fromcon, security_context_t **list) { + int count; + + SWIG_AsVal_int($result, &count); + PyObject *security_context_list = NULL; + + if ((security_context_list = security_context_list2plist(count, *$4)) == NULL) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_From_int(STATUS_SUCCESS); + + freeconary(*$4); + %append_output(security_context_list); +} + +%typemap(in, numinputs=0) security_context_t **(security_context_t *temp=NULL) { + $1 = &temp; +} + %typedef unsigned mode_t; +%include "../include/selinux/get_context_list.h" + extern int is_selinux_enabled(void); extern int is_selinux_mls_enabled(void); +extern void freecon(security_context_t con); +extern void freeconary(security_context_t * con); extern int getcon(security_context_t *con); extern int setcon(security_context_t con); extern int getpidcon(int pid, security_context_t *con); @@ -90,6 +161,11 @@ mode_t mode, security_context_t *con); +extern int matchpathcon_init_prefix(const char *path, + const char *prefix); +extern void matchpathcon_fini(void); + + extern int matchmediacon(const char *media, security_context_t *con); @@ -106,6 +182,7 @@ extern const char *selinux_homedir_context_path(void); extern const char *selinux_media_context_path(void); extern const char *selinux_contexts_path(void); +extern const char *selinux_securetty_types_path(void); extern const char *selinux_booleans_path(void); extern const char *selinux_customizable_types_path(void); extern const char *selinux_users_path(void); @@ -113,11 +190,45 @@ extern const char *selinux_translations_path(void); extern const char *selinux_netfilter_context_path(void); extern const char *selinux_path(void); -extern int selinux_check_passwd_access(access_vector_t requested); -extern int checkPasswdAccess(access_vector_t requested); +#extern int selinux_check_passwd_access(access_vector_t requested); +#extern int checkPasswdAccess(access_vector_t requested); + +extern int selinux_check_securetty_context(security_context_t tty_context); +void set_selinuxmnt(char *mnt); + +#ifdef SWIGpython +// This tells SWIG to treat char ** as a special case +%typemap(in) char ** { + /* Check if is a list */ + if (PyList_Check($input)) { + int size = PyList_Size($input); + int i = 0; + $1 = (char **) malloc((size+1)*sizeof(char *)); + if ($1 == NULL) { + PyErr_SetString(PyExc_MemoryError,"Out of memory"); + return NULL; + } + for (i = 0; i < size; i++) { + PyObject *o = PyList_GetItem($input,i); + if (PyString_Check(o)) + $1[i] = PyString_AsString(PyList_GetItem($input,i)); + else { + PyErr_SetString(PyExc_TypeError,"list must contain strings"); + free($1); + return NULL; + } + } + $1[i] = 0; + } else { + PyErr_SetString(PyExc_TypeError,"not a list"); + return NULL; + } +} +#endif + extern int rpm_execcon(unsigned int verified, const char *filename, - char *const argv[], char *const envp[]); + char **, char **); extern int is_context_customizable (security_context_t scontext); @@ -126,7 +237,7 @@ extern int selinux_raw_to_trans_context(char *raw, security_context_t *transp); -%typemap(in, numinputs=0) char **(char *temp) { +%typemap(in, numinputs=0) char **(char *temp=NULL) { $1 = &temp; } @@ -135,3 +246,8 @@ } extern int selinux_getpolicytype(char **enforce); extern int getseuserbyname(const char *linuxuser, char **seuser, char **level); + +int selinux_file_context_cmp(const security_context_t a, const security_context_t b); +int selinux_file_context_verify(const char *path, mode_t mode); +int selinux_lsetfilecon_default(const char *path); +