* [Fwd: Re: More swig changes for libselinux]
@ 2007-05-09 16:18 Ted X Toth
0 siblings, 0 replies; 2+ messages in thread
From: Ted X Toth @ 2007-05-09 16:18 UTC (permalink / raw)
To: selinux
[-- Attachment #1: Type: text/plain, Size: 1 bytes --]
[-- Attachment #2: Re: More swig changes for libselinux --]
[-- Type: message/rfc822, Size: 3854 bytes --]
From: Ted X Toth <txtoth@gmail.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: More swig changes for libselinux
Date: Wed, 09 May 2007 11:17:37 -0500
Message-ID: <4641F421.4040600@gmail.com>
Stephen Smalley wrote:
> On Fri, 2007-05-04 at 09:25 -0400, Daniel J Walsh wrote:
>
>> Added get_context_list.h
>> plain text document attachment (diff)
>> --- nsalibselinux/src/selinuxswig.i 2007-04-12 16:02:48.000000000 -0400
>> +++ libselinux-2.0.13/src/selinuxswig.i 2007-04-23 10:26:21.000000000 -0400
>> @@ -21,6 +21,7 @@
>> %module selinux
>> %{
>> #include "selinux/selinux.h"
>> + #include "selinux/get_context_list.h"
>> %}
>> %apply int *OUTPUT { int * };
>> %apply int *OUTPUT { size_t * };
>> @@ -42,8 +43,12 @@
>>
>> %typedef unsigned mode_t;
>>
>> +%include "../include/selinux/get_context_list.h"
>> +
>> extern int is_selinux_enabled(void);
>> extern int is_selinux_mls_enabled(void);
>> +extern void freecon(security_context_t con);
>> +extern void freeconary(security_context_t * con);
>> extern int getcon(security_context_t *con);
>> extern int setcon(security_context_t con);
>> extern int getpidcon(int pid, security_context_t *con);
>> @@ -90,6 +95,11 @@
>> mode_t mode,
>> security_context_t *con);
>>
>> +extern int matchpathcon_init_prefix(const char *path,
>> + const char *prefix);
>> +extern void matchpathcon_fini(void);
>> +
>> +
>> extern int matchmediacon(const char *media,
>> security_context_t *con);
>>
>> @@ -106,6 +116,7 @@
>> extern const char *selinux_homedir_context_path(void);
>> extern const char *selinux_media_context_path(void);
>> extern const char *selinux_contexts_path(void);
>> +extern const char *selinux_securetty_types_path(void);
>> extern const char *selinux_booleans_path(void);
>> extern const char *selinux_customizable_types_path(void);
>> extern const char *selinux_users_path(void);
>> @@ -113,11 +124,15 @@
>> extern const char *selinux_translations_path(void);
>> extern const char *selinux_netfilter_context_path(void);
>> extern const char *selinux_path(void);
>> -extern int selinux_check_passwd_access(access_vector_t requested);
>> -extern int checkPasswdAccess(access_vector_t requested);
>> +#extern int selinux_check_passwd_access(access_vector_t requested);
>> +#extern int checkPasswdAccess(access_vector_t requested);
>>
>> +extern int selinux_check_securetty_context(security_context_t tty_context);
>> +void set_selinuxmnt(char *mnt);
>> +
>> +#ifdef SWIGpython
>> // This tells SWIG to treat char ** as a special case
>> -%typemap(python,in) char ** {
>> +%typemap(in) char ** {
>> /* Check if is a list */
>> if (PyList_Check($input)) {
>> int size = PyList_Size($input);
>> @@ -143,6 +158,7 @@
>> return NULL;
>> }
>> }
>> +#endif
>>
>> extern int rpm_execcon(unsigned int verified,
>> const char *filename,
>> @@ -164,3 +180,7 @@
>> }
>> extern int selinux_getpolicytype(char **enforce);
>> extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
>> +
>> +int selinux_file_context_cmp(const security_context_t a, const security_context_t b);
>> +int selinux_file_context_verify(const char *path, mode_t mode);
>> +int selinux_lsetfilecon_default(const char *path);
>>
>
> Merged, although I'm still hoping James Athey will come through with
> cleaned up .i file for libselinux.
>
>
Me too in fact my plans to write a newrole gui are dependent on the
availability of get_ordered_context_list and other apis.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Fwd: Re: More swig changes for libselinux]
@ 2007-06-04 17:01 Ted X Toth
0 siblings, 0 replies; 2+ messages in thread
From: Ted X Toth @ 2007-06-04 17:01 UTC (permalink / raw)
To: SE Linux
[-- Attachment #1: Type: text/plain, Size: 639 bytes --]
I tried working this off line with Dan but we haven't made any headway
so I'm hoping someone in the group can help shed some light on this
problem. I'm trying to call selinux.get_ordered_context_list from python
but there current isn't a mapping for security_context_t ** so I wrote
one but it didn't work. Then I tried to simplify it the point where I
could make the call but wouldn't be able to process the results so I
could see if it was a problem with my mapping or something else. The
result is that even the simplest mapping is causing a problem hopefully
someone with more swig and python experience can help me out.
Ted
[-- Attachment #2: Re: More swig changes for libselinux --]
[-- Type: message/rfc822, Size: 25247 bytes --]
[-- Attachment #2.1.1: Type: text/plain, Size: 15089 bytes --]
I've done a little more work on the typemapping to accomodate where
the security_context_t ** appears in the parameter list. However I'm
still experiencing the :
Traceback (most recent call last):
File "./test.py", line 27, in ?
for security_context in security_context_list:
TypeError: expected string or Unicode object, NoneType found
error.
One of the experiments I tried involved using these mapping:
%typemap(in, numinputs=0) security_context_t **(security_context_t *temp=NULL) {
$1 = &temp;
}
%typemap(argout) (const char *user, security_context_t fromcon,
security_context_t **list) {
$result = SWIG_Python_AppendOutput($result, $3);
}
basically not processing the returned security_context_t** and the
test1.py script which doesn't try and process the security_context_t
** returned since it hasn't been converted into a list. What's
interesting is that any python list is messed up after the call to
get_ordered_context_list :(
Ted
On 5/15/07, Daniel J Walsh <dwalsh@redhat.com> wrote:
> Xavier Toth wrote:
> > [jcdxdev@comms newrolegui]$ ./test.py
> > list length 26
> > return code 26
> > user_u:user_r:user_xserver_t:UNCLASSIFIED
> > user_u:user_r:user_crontab_t:UNCLASSIFIED
> > user_u:user_r:user_iceauth_t:UNCLASSIFIED
> > user_u:user_r:loadkeys_t:UNCLASSIFIED
> > user_u:user_r:pam_t:UNCLASSIFIED
> > user_u:user_r:ping_t:UNCLASSIFIED
> > user_u:user_r:user_lpr_t:UNCLASSIFIED
> > user_u:user_r:user_ssh_t:UNCLASSIFIED
> > user_u:user_r:user_dbusd_t:UNCLASSIFIED
> > user_u:user_r:user_xauth_t:UNCLASSIFIED
> > user_u:user_r:utempter_t:UNCLASSIFIED
> > user_u:user_r:user_spamassassin_t:UNCLASSIFIED
> > user_u:user_r:user_sudo_t:UNCLASSIFIED
> > user_u:user_r:newrole_t:UNCLASSIFIED
> > user_u:user_r:traceroute_t:UNCLASSIFIED
> > user_u:user_r:user_su_t:UNCLASSIFIED
> > user_u:user_r:passwd_t:UNCLASSIFIED
> > user_u:user_r:chfn_t:UNCLASSIFIED
> > user_u:user_r:user_t:UNCLASSIFIED
> > user_u:user_r:user_gpg_t:UNCLASSIFIED
> > user_u:user_r:user_spamc_t:UNCLASSIFIED
> > user_u:user_r:user_mail_t:UNCLASSIFIED
> > user_u:user_r:user_ssh_agent_t:UNCLASSIFIED
> > user_u:user_r:user_gpg_agent_t:UNCLASSIFIED
> > user_u:user_r:user_javaplugin_t:UNCLASSIFIED
> > user_u:user_r:user_chkpwd_t:UNCLASSIFIED
> > Traceback (most recent call last):
> > File "./test.py", line 27, in ?
> > for security_context in security_context_list:
> > TypeError: expected string or Unicode object, NoneType found
> >
> >
> > On 5/15/07, Daniel J Walsh <dwalsh@redhat.com> wrote:
> >> Xavier Toth wrote:
> >> > As I said I'm getting a typeerror after calling
> >> > get_ordered_context_list which I don't understand. The call seems to
> >> > work fine and it appears that the list is constructed and populated
> >> > correctly but the for loop iterating over the list fails after the
> >> > last member is processed with something like 'expected string or
> >> > unicode got NoneType'. Any ideas?
> >> >
> >> > On 5/14/07, Daniel J Walsh <dwalsh@redhat.com> wrote:
> >> >> Xavier Toth wrote:
> >> >> > I cleaned the typemap up a bit but am still getting a typeerror.
> >> >> >
> >> >> > %typemap(argout) security_context_t ** {
> >> >> > PyObject *list_security_context = PyList_New(0); // Create the
> >> >> list.
> >> >> > if (list_security_context) {
> >> >> > security_context_t **p_p_security_context_t = arg3;
> >> >> > while (*p_p_security_context_t) { // Move each string
> >> into the
> >> >> > list.
> >> >> > security_context_t *p_security_context_t =
> >> >> > *p_p_security_context_t;
> >> >> > if (PyList_Append(list_security_context,
> >> >> > PyString_FromString((char
> >> >> > *)*p_security_context_t)) < 0) {
> >> >> > fprintf(stderr, "Fail to insert item in list.\n");
> >> >> > $result = -1;
> >> >> > break;
> >> >> > }
> >> >> > p_p_security_context_t++;
> >> >> > }
> >> >> > }
> >> >> > else {
> >> >> > fprintf(stderr, "Fail to create list.\n");
> >> >> > $result = -1;
> >> >> > }
> >> >> >
> >> >> > $result = SWIG_Python_AppendOutput($result,
> >> >> list_security_context);
> >> >> >
> >> >> > }
> >> >> >
> >> >> >
> >> >> > On 5/10/07, Xavier Toth <txtoth@gmail.com> wrote:
> >> >> >> I don't know if this is the right approach but here's what I tried
> >> >> >> adding to selinuxswig.i
> >> >> >>
> >> >> >> %typemap(argout) security_context_t ** {
> >> >> >> int len = 0, i = 0;
> >> >> >> PyObject * list_security_context = NULL;
> >> >> >> security_context_t **p_p_security_context_t = arg3;
> >> >> >> for (len = 0; *p_p_security_context_t != NULL;
> >> >> >> p_p_security_context_t++, len++) ;
> >> >> >> // Build a list of the returned strings.
> >> >> >> list_security_context = PyList_New(len); // Create the
> >> list
> >> >> >> of strings.
> >> >> >> if (list_security_context != NULL) {
> >> >> >> p_p_security_context_t = arg3;
> >> >> >> for (i = 0; i < len; i++,
> >> p_p_security_context_t++) {
> >> >> >> // Move each
> >> >> >> string into the list.
> >> >> >> security_context_t *p_security_context_t =
> >> >> >> *p_p_security_context_t;
> >> >> >> if
> >> >> >> (PyList_SetItem(list_security_context,i,PyString_FromString((char
> >> >> >> *)*p_security_context_t)) == -1) {
> >> >> >> fprintf(stderr, "Fail to insert
> >> item
> >> >> >> in list.\n");
> >> >> >> return NULL;
> >> >> >> }
> >> >> >> }
> >> >> >> }
> >> >> >> else {
> >> >> >> fprintf(stderr, "Fail to create list.\n");
> >> >> >> return NULL;
> >> >> >> }
> >> >> >>
> >> >> >> $result = SWIG_Python_AppendOutput($result,
> >> >> >> list_security_context);
> >> >> >> }
> >> >> >>
> >> >> >> test script
> >> >> >>
> >> >> >> #!/usr/bin/env python
> >> >> >>
> >> >> >> import getpass
> >> >> >> import seobject
> >> >> >> import selinux
> >> >> >>
> >> >> >> seluser_records = seobject.seluserRecords()
> >> >> >> seluser_dict = seluser_records.get_all()
> >> >> >> keys = seluser_dict.keys()
> >> >> >> keys.sort()
> >> >> >> for key in keys:
> >> >> >> print "%s %s" % (seluser_dict[key] [0], seluser_dict[key] [3])
> >> >> >>
> >> >> >> #seluser_records.list()
> >> >> >>
> >> >> >> user_name = getpass.getuser()
> >> >> >> print user_name
> >> >> >> id, seuser_name, level = selinux.getseuserbyname(user_name)
> >> >> >> print seuser_name
> >> >> >> (rc, security_context_list) =
> >> >> >> selinux.get_ordered_context_list(seuser_name, None)
> >> >> >> for security_context in security_context_list:
> >> >> >> print security_context
> >> >> >>
> >> >> >> output from test script
> >> >> >>
> >> >> >> sysadm sysadm_r staff_r secadm_r auditadm_r
> >> >> >> staff sysadm_r staff_r secadm_r auditadm_r
> >> >> >> sysadm sysadm_r
> >> >> >> user system_r
> >> >> >> user user_r
> >> >> >> root
> >> >> >> root
> >> >> >> root:staff_r:staff_xserver_t:SystemLow-SystemHigh
> >> >> >> Traceback (most recent call last):
> >> >> >> File "./test.py", line 21, in ?
> >> >> >> for security_context in security_context_list:
> >> >> >> TypeError: expected string or Unicode object, NoneType found
> >> >> >>
> >> >> >> Is there something I need to do to terminate the list? Also this
> >> >> >> should probably generate an exception for the error conditions.
> >> >> >>
> >> >> >> Ted
> >> >> >>
> >> >> >>
> >> >> >> On 5/10/07, Xavier Toth <txtoth@gmail.com> wrote:
> >> >> >> > I'm pretty new to swig and python but what about a typemap for
> >> >> >> > security_context_t **. Also in the swig docs I noticed :
> >> >> >> > // This cleans up the char ** array we malloc'd before the
> >> function
> >> >> >> call
> >> >> >> > %typemap(freearg) char ** {
> >> >> >> > free((char *) $1);
> >> >> >> > }
> >> >> >> > which seems to go along with %typemap(in) char ** would you not
> >> >> want
> >> >> >> > to add this to selinuxswig.i?
> >> >> >> >
> >> >> >> > On 5/4/07, Daniel J Walsh <dwalsh@redhat.com> wrote:
> >> >> >> > > Added get_context_list.h
> >> >> >> > >
> >> >> >> > > --- nsalibselinux/src/selinuxswig.i 2007-04-12
> >> >> >> 16:02:48.000000000 -0400
> >> >> >> > > +++ libselinux-2.0.13/src/selinuxswig.i 2007-04-23
> >> >> >> 10:26:21.000000000 -0400
> >> >> >> > > @@ -21,6 +21,7 @@
> >> >> >> > > %module selinux
> >> >> >> > > %{
> >> >> >> > > #include "selinux/selinux.h"
> >> >> >> > > + #include "selinux/get_context_list.h"
> >> >> >> > > %}
> >> >> >> > > %apply int *OUTPUT { int * };
> >> >> >> > > %apply int *OUTPUT { size_t * };
> >> >> >> > > @@ -42,8 +43,12 @@
> >> >> >> > >
> >> >> >> > > %typedef unsigned mode_t;
> >> >> >> > >
> >> >> >> > > +%include "../include/selinux/get_context_list.h"
> >> >> >> > > +
> >> >> >> > > extern int is_selinux_enabled(void);
> >> >> >> > > extern int is_selinux_mls_enabled(void);
> >> >> >> > > +extern void freecon(security_context_t con);
> >> >> >> > > +extern void freeconary(security_context_t * con);
> >> >> >> > > extern int getcon(security_context_t *con);
> >> >> >> > > extern int setcon(security_context_t con);
> >> >> >> > > extern int getpidcon(int pid, security_context_t *con);
> >> >> >> > > @@ -90,6 +95,11 @@
> >> >> >> > > mode_t mode,
> >> >> >> > > security_context_t *con);
> >> >> >> > >
> >> >> >> > > +extern int matchpathcon_init_prefix(const char *path,
> >> >> >> > > + const char *prefix);
> >> >> >> > > +extern void matchpathcon_fini(void);
> >> >> >> > > +
> >> >> >> > > +
> >> >> >> > > extern int matchmediacon(const char *media,
> >> >> >> > > security_context_t *con);
> >> >> >> > >
> >> >> >> > > @@ -106,6 +116,7 @@
> >> >> >> > > extern const char *selinux_homedir_context_path(void);
> >> >> >> > > extern const char *selinux_media_context_path(void);
> >> >> >> > > extern const char *selinux_contexts_path(void);
> >> >> >> > > +extern const char *selinux_securetty_types_path(void);
> >> >> >> > > extern const char *selinux_booleans_path(void);
> >> >> >> > > extern const char *selinux_customizable_types_path(void);
> >> >> >> > > extern const char *selinux_users_path(void);
> >> >> >> > > @@ -113,11 +124,15 @@
> >> >> >> > > extern const char *selinux_translations_path(void);
> >> >> >> > > extern const char *selinux_netfilter_context_path(void);
> >> >> >> > > extern const char *selinux_path(void);
> >> >> >> > > -extern int selinux_check_passwd_access(access_vector_t
> >> >> requested);
> >> >> >> > > -extern int checkPasswdAccess(access_vector_t requested);
> >> >> >> > > +#extern int selinux_check_passwd_access(access_vector_t
> >> >> requested);
> >> >> >> > > +#extern int checkPasswdAccess(access_vector_t requested);
> >> >> >> > >
> >> >> >> > > +extern int selinux_check_securetty_context(security_context_t
> >> >> >> tty_context);
> >> >> >> > > +void set_selinuxmnt(char *mnt);
> >> >> >> > > +
> >> >> >> > > +#ifdef SWIGpython
> >> >> >> > > // This tells SWIG to treat char ** as a special case
> >> >> >> > > -%typemap(python,in) char ** {
> >> >> >> > > +%typemap(in) char ** {
> >> >> >> > > /* Check if is a list */
> >> >> >> > > if (PyList_Check($input)) {
> >> >> >> > > int size = PyList_Size($input);
> >> >> >> > > @@ -143,6 +158,7 @@
> >> >> >> > > return NULL;
> >> >> >> > > }
> >> >> >> > > }
> >> >> >> > > +#endif
> >> >> >> > >
> >> >> >> > > extern int rpm_execcon(unsigned int verified,
> >> >> >> > > const char *filename,
> >> >> >> > > @@ -164,3 +180,7 @@
> >> >> >> > > }
> >> >> >> > > extern int selinux_getpolicytype(char **enforce);
> >> >> >> > > extern int getseuserbyname(const char *linuxuser, char
> >> **seuser,
> >> >> >> char **level);
> >> >> >> > > +
> >> >> >> > > +int selinux_file_context_cmp(const security_context_t a,
> >> const
> >> >> >> security_context_t b);
> >> >> >> > > +int selinux_file_context_verify(const char *path, mode_t
> >> mode);
> >> >> >> > > +int selinux_lsetfilecon_default(const char *path);
> >> >> >> > >
> >> >> >> > >
> >> >> >> >
> >> >> >>
> >> >> I am no expert on swig either. I usually muddle around until I
> >> get it
> >> >> to work.
> >> >>
> >> >> Does this patch work for you?
> >> >>
> >> >>
> >> >>
> >> >> --- selinuxswig.i~ 2007-05-04 09:25:35.000000000 -0400
> >> >> +++ selinuxswig.i 2007-05-14 11:11:47.000000000 -0400
> >> >> @@ -17,6 +17,11 @@
> >> >> * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
> >> >> 02110-1301 USA
> >> >> */
> >> >>
> >> >> +%header %{
> >> >> + #define STATUS_SUCCESS 0
> >> >> + #define STATUS_ERR -1
> >> >> +%}
> >> >> +
> >> >>
> >> >> %module selinux
> >> >> %{
> >> >> @@ -29,6 +34,7 @@
> >> >> %typemap(in, numinputs=0) security_context_t *(security_context_t
> >> >> temp=NULL) {
> >> >> $1 = &temp;
> >> >> }
> >> >> +
> >> >> %typemap(argout) security_context_t * (char *temp=NULL) {
> >> >> if (*$1)
> >> >> temp = *$1;
> >> >> @@ -43,6 +49,32 @@
> >> >>
> >> >> %typedef unsigned mode_t;
> >> >>
> >> >> +%typemap(in, numinputs=0) security_context_t ** (security_context_t
> >> >> *temp=NULL){
> >> >> + $1 = &temp;
> >> >> +}
> >> >> +
> >> >> +%typemap(argout) security_context_t ** {
> >> >> + PyObject *list_security_context = PyList_New(0); // Create the
> >> >> list.
> >> >> + if (list_security_context) {
> >> >> + security_context_t **p_p_security_context_t =
> >> >> (security_context_t **)(arg3);
> >> >> + while (*p_p_security_context_t) { // Move each string into
> >> >> the list.
> >> >> + security_context_t *p_security_context_t =
> >> >> *p_p_security_context_t;
> >> >> + if (PyList_Append(list_security_context,
> >> >> PyString_FromString((char
> >> >> +*)*p_security_context_t)) < 0) {
> >> >> + fprintf(stderr, "Fail to insert item in list.\n");
> >> >> + $result = SWIG_From_int(STATUS_ERR);
> >> >> + break;
> >> >> + }
> >> >> + p_p_security_context_t++;
> >> >> + }
> >> >> + $result = SWIG_Python_AppendOutput($result,
> >> >> list_security_context);
> >> >> + }
> >> >> + else {
> >> >> + fprintf(stderr, "Fail to create list.\n");
> >> >> + $result = SWIG_From_int(STATUS_ERR);
> >> >> + }
> >> >> +}
> >> >> +
> >> >> %include "../include/selinux/get_context_list.h"
> >> >>
> >> >> extern int is_selinux_enabled(void);
> >> >>
> >> >>
> >> I have not been able to get my version to bring back more then one item
> >> in the list.
> >>
> >> Could you print the list for me?
> >>
> Ok I have been able to duplicate your error on an MLS machine. I will
> look into it some more tomorrow. Must be something wrong with the binding.
>
[-- Attachment #2.1.2: libselinux-rhat.patch --]
[-- Type: text/x-patch, Size: 5938 bytes --]
--- libselinux-1.33.4/src/selinuxswig.i 2007-01-11 13:01:24.000000000 -0600
+++ libselinux-2.0.13.new/src/selinuxswig.i 2007-05-17 13:03:38.000000000 -0500
@@ -17,18 +17,25 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
+%import cpointer.i
+
+%header %{
+ #define STATUS_SUCCESS 0
+ #define STATUS_ERR -1
+%}
%module selinux
%{
#include "selinux/selinux.h"
+ #include "selinux/get_context_list.h"
%}
%apply int *OUTPUT { int * };
%apply int *OUTPUT { size_t * };
-%typemap(in, numinputs=0) security_context_t *(security_context_t temp) {
+%typemap(in, numinputs=0) security_context_t *(security_context_t temp=NULL) {
$1 = &temp;
}
-%typemap(argout) security_context_t * (char *temp) {
+%typemap(argout) security_context_t * (char *temp=NULL) {
if (*$1)
temp = *$1;
else
@@ -40,10 +47,74 @@
$1 = (security_context_t)PyString_AsString($input);
}
+%wrapper %{
+ static PyObject* security_context_list2plist(
+ int count,
+ security_context_t *list)
+ {
+ int i;
+ PyObject *security_context_string, *security_context_list;
+ security_context_list = PyList_New(count); // Create the list.
+ if (security_context_list) {
+ for (i=0; i < count; i++) {
+ security_context_string = PyString_FromString(strdup((char *)list[i]));
+ if (PyList_SetItem(security_context_list, i, security_context_string) < 0) {
+ PyErr_SetString(PyExc_MemoryError,"typemap(argout) security_context_t **: Fail to insert item in list.");
+ Py_DECREF(security_context_list);
+ return NULL;
+ }
+ }
+ }
+ else {
+ PyErr_SetString(PyExc_MemoryError,"typemap(argout) security_context_t **: Fail to create list.");
+ return NULL;
+ }
+ return security_context_list;
+ }
+%}
+
+%typemap(argout) (const char *user, security_context_t fromcon, security_context_t **list) {
+ int count;
+
+ SWIG_AsVal_int($result, &count);
+ PyObject *security_context_list = NULL;
+
+ if ((security_context_list = security_context_list2plist(count, *$3)) == NULL)
+ $result = SWIG_From_int(STATUS_ERR);
+ else
+ $result = SWIG_From_int(STATUS_SUCCESS);
+
+ freeconary(*$3);
+ %append_output(security_context_list);
+}
+
+%typemap(argout) (const char *user, const char *level, security_context_t fromcon, security_context_t **list) {
+ int count;
+
+ SWIG_AsVal_int($result, &count);
+ PyObject *security_context_list = NULL;
+
+ if ((security_context_list = security_context_list2plist(count, *$4)) == NULL)
+ $result = SWIG_From_int(STATUS_ERR);
+ else
+ $result = SWIG_From_int(STATUS_SUCCESS);
+
+ freeconary(*$4);
+ %append_output(security_context_list);
+}
+
+%typemap(in, numinputs=0) security_context_t **(security_context_t *temp=NULL) {
+ $1 = &temp;
+}
+
%typedef unsigned mode_t;
+%include "../include/selinux/get_context_list.h"
+
extern int is_selinux_enabled(void);
extern int is_selinux_mls_enabled(void);
+extern void freecon(security_context_t con);
+extern void freeconary(security_context_t * con);
extern int getcon(security_context_t *con);
extern int setcon(security_context_t con);
extern int getpidcon(int pid, security_context_t *con);
@@ -90,6 +161,11 @@
mode_t mode,
security_context_t *con);
+extern int matchpathcon_init_prefix(const char *path,
+ const char *prefix);
+extern void matchpathcon_fini(void);
+
+
extern int matchmediacon(const char *media,
security_context_t *con);
@@ -106,6 +182,7 @@
extern const char *selinux_homedir_context_path(void);
extern const char *selinux_media_context_path(void);
extern const char *selinux_contexts_path(void);
+extern const char *selinux_securetty_types_path(void);
extern const char *selinux_booleans_path(void);
extern const char *selinux_customizable_types_path(void);
extern const char *selinux_users_path(void);
@@ -113,11 +190,45 @@
extern const char *selinux_translations_path(void);
extern const char *selinux_netfilter_context_path(void);
extern const char *selinux_path(void);
-extern int selinux_check_passwd_access(access_vector_t requested);
-extern int checkPasswdAccess(access_vector_t requested);
+#extern int selinux_check_passwd_access(access_vector_t requested);
+#extern int checkPasswdAccess(access_vector_t requested);
+
+extern int selinux_check_securetty_context(security_context_t tty_context);
+void set_selinuxmnt(char *mnt);
+
+#ifdef SWIGpython
+// This tells SWIG to treat char ** as a special case
+%typemap(in) char ** {
+ /* Check if is a list */
+ if (PyList_Check($input)) {
+ int size = PyList_Size($input);
+ int i = 0;
+ $1 = (char **) malloc((size+1)*sizeof(char *));
+ if ($1 == NULL) {
+ PyErr_SetString(PyExc_MemoryError,"Out of memory");
+ return NULL;
+ }
+ for (i = 0; i < size; i++) {
+ PyObject *o = PyList_GetItem($input,i);
+ if (PyString_Check(o))
+ $1[i] = PyString_AsString(PyList_GetItem($input,i));
+ else {
+ PyErr_SetString(PyExc_TypeError,"list must contain strings");
+ free($1);
+ return NULL;
+ }
+ }
+ $1[i] = 0;
+ } else {
+ PyErr_SetString(PyExc_TypeError,"not a list");
+ return NULL;
+ }
+}
+#endif
+
extern int rpm_execcon(unsigned int verified,
const char *filename,
- char *const argv[], char *const envp[]);
+ char **, char **);
extern int is_context_customizable (security_context_t scontext);
@@ -126,7 +237,7 @@
extern int selinux_raw_to_trans_context(char *raw,
security_context_t *transp);
-%typemap(in, numinputs=0) char **(char *temp) {
+%typemap(in, numinputs=0) char **(char *temp=NULL) {
$1 = &temp;
}
@@ -135,3 +246,8 @@
}
extern int selinux_getpolicytype(char **enforce);
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
+
+int selinux_file_context_cmp(const security_context_t a, const security_context_t b);
+int selinux_file_context_verify(const char *path, mode_t mode);
+int selinux_lsetfilecon_default(const char *path);
+
[-- Attachment #2.1.3: test1.py --]
[-- Type: text/x-python, Size: 353 bytes --]
#!/usr/bin/env python
import getpass
import seobject
import selinux
user_name = getpass.getuser()
foo = ["1", "2", "3"]
for f in foo:
print f
(id, seuser_name, level) = selinux.getseuserbyname(user_name)
rc, security_context_list = selinux.get_ordered_context_list(seuser_name, None)
print "return code %d" % (rc)
for f in foo:
print f
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-04 17:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-04 17:01 [Fwd: Re: More swig changes for libselinux] Ted X Toth
-- strict thread matches above, loose matches on Subject: below --
2007-05-09 16:18 Ted X Toth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.