* avc_* functions not in libselinux-python
@ 2008-04-08 22:02 Xavier Toth
2008-04-09 17:30 ` Stephen Smalley
0 siblings, 1 reply; 6+ messages in thread
From: Xavier Toth @ 2008-04-08 22:02 UTC (permalink / raw)
To: SE Linux, Eamon Walsh, Daniel J Walsh
Can these functions get swig'd and their wrappers built into _selinux.so?
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: avc_* functions not in libselinux-python
2008-04-08 22:02 avc_* functions not in libselinux-python Xavier Toth
@ 2008-04-09 17:30 ` Stephen Smalley
2008-04-09 20:30 ` Xavier Toth
0 siblings, 1 reply; 6+ messages in thread
From: Stephen Smalley @ 2008-04-09 17:30 UTC (permalink / raw)
To: Xavier Toth; +Cc: SE Linux, Eamon Walsh, Daniel J Walsh
On Tue, 2008-04-08 at 17:02 -0500, Xavier Toth wrote:
> Can these functions get swig'd and their wrappers built into _selinux.so?
Patches accepted.
One possible issue here is function pointer callbacks, which is a more
general problem than just the avc interfaces in libselinux. But if you
are ok with the default callbacks, I suppose there is no problem there.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: avc_* functions not in libselinux-python
2008-04-09 17:30 ` Stephen Smalley
@ 2008-04-09 20:30 ` Xavier Toth
2008-06-10 13:49 ` Stephen Smalley
0 siblings, 1 reply; 6+ messages in thread
From: Xavier Toth @ 2008-04-09 20:30 UTC (permalink / raw)
To: Stephen Smalley; +Cc: SE Linux, Eamon Walsh, Daniel J Walsh
For now I don't think that's a problem as I was looking at using
avc_has_perm and the context to sid conversion function.
On Wed, Apr 9, 2008 at 12:30 PM, Stephen Smalley <sds@tycho.nsa.gov> wrote:
>
> On Tue, 2008-04-08 at 17:02 -0500, Xavier Toth wrote:
> > Can these functions get swig'd and their wrappers built into _selinux.so?
>
> Patches accepted.
>
> One possible issue here is function pointer callbacks, which is a more
> general problem than just the avc interfaces in libselinux. But if you
> are ok with the default callbacks, I suppose there is no problem there.
>
> --
> Stephen Smalley
> National Security Agency
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: avc_* functions not in libselinux-python
2008-04-09 20:30 ` Xavier Toth
@ 2008-06-10 13:49 ` Stephen Smalley
2008-06-10 14:18 ` Ted X Toth
0 siblings, 1 reply; 6+ messages in thread
From: Stephen Smalley @ 2008-06-10 13:49 UTC (permalink / raw)
To: Xavier Toth; +Cc: SE Linux, Eamon Walsh, Daniel J Walsh
On Wed, 2008-04-09 at 15:30 -0500, Xavier Toth wrote:
> For now I don't think that's a problem as I was looking at using
> avc_has_perm and the context to sid conversion function.
What's the status on this? I see patches in the Fedora libselinux
package to add the AVC interfaces to the swig bindings, but they aren't
upstream. Do they work as expected? Should they be upstreamed?
>
> On Wed, Apr 9, 2008 at 12:30 PM, Stephen Smalley <sds@tycho.nsa.gov> wrote:
> >
> > On Tue, 2008-04-08 at 17:02 -0500, Xavier Toth wrote:
> > > Can these functions get swig'd and their wrappers built into _selinux.so?
> >
> > Patches accepted.
> >
> > One possible issue here is function pointer callbacks, which is a more
> > general problem than just the avc interfaces in libselinux. But if you
> > are ok with the default callbacks, I suppose there is no problem there.
> >
> > --
> > Stephen Smalley
> > National Security Agency
> >
> >
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: avc_* functions not in libselinux-python
2008-06-10 13:49 ` Stephen Smalley
@ 2008-06-10 14:18 ` Ted X Toth
2008-06-10 14:28 ` Stephen Smalley
0 siblings, 1 reply; 6+ messages in thread
From: Ted X Toth @ 2008-06-10 14:18 UTC (permalink / raw)
To: Stephen Smalley; +Cc: SE Linux, Eamon Walsh, Daniel J Walsh
Stephen Smalley wrote:
> On Wed, 2008-04-09 at 15:30 -0500, Xavier Toth wrote:
>
>> For now I don't think that's a problem as I was looking at using
>> avc_has_perm and the context to sid conversion function.
>>
>
> What's the status on this? I see patches in the Fedora libselinux
> package to add the AVC interfaces to the swig bindings, but they aren't
> upstream. Do they work as expected?
The interfaces I'm using (avc_open, avc_reset, avc_context_to_sid,
avc_has_perm_noaudit) are working as expected.
> Should they be upstreamed?
>
>
I think so.
>> On Wed, Apr 9, 2008 at 12:30 PM, Stephen Smalley <sds@tycho.nsa.gov> wrote:
>>
>>> On Tue, 2008-04-08 at 17:02 -0500, Xavier Toth wrote:
>>> > Can these functions get swig'd and their wrappers built into _selinux.so?
>>>
>>> Patches accepted.
>>>
>>> One possible issue here is function pointer callbacks, which is a more
>>> general problem than just the avc interfaces in libselinux. But if you
>>> are ok with the default callbacks, I suppose there is no problem there.
>>>
>>> --
>>> Stephen Smalley
>>> National Security Agency
>>>
>>>
>>>
>> --
>> This message was distributed to subscribers of the selinux mailing list.
>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>> the words "unsubscribe selinux" without quotes as the message.
>>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: avc_* functions not in libselinux-python
2008-06-10 14:18 ` Ted X Toth
@ 2008-06-10 14:28 ` Stephen Smalley
0 siblings, 0 replies; 6+ messages in thread
From: Stephen Smalley @ 2008-06-10 14:28 UTC (permalink / raw)
To: Ted X Toth; +Cc: SE Linux, Eamon Walsh, Daniel J Walsh
On Tue, 2008-06-10 at 09:18 -0500, Ted X Toth wrote:
> Stephen Smalley wrote:
> > On Wed, 2008-04-09 at 15:30 -0500, Xavier Toth wrote:
> >
> >> For now I don't think that's a problem as I was looking at using
> >> avc_has_perm and the context to sid conversion function.
> >>
> >
> > What's the status on this? I see patches in the Fedora libselinux
> > package to add the AVC interfaces to the swig bindings, but they aren't
> > upstream. Do they work as expected?
> The interfaces I'm using (avc_open, avc_reset, avc_context_to_sid,
> avc_has_perm_noaudit) are working as expected.
>
> > Should they be upstreamed?
> >
> >
> I think so.
Ok, can you or Dan split that out and submit it please.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2008-06-10 14:28 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-04-08 22:02 avc_* functions not in libselinux-python Xavier Toth
2008-04-09 17:30 ` Stephen Smalley
2008-04-09 20:30 ` Xavier Toth
2008-06-10 13:49 ` Stephen Smalley
2008-06-10 14:18 ` Ted X Toth
2008-06-10 14:28 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.