* [PATCH] Add db_exception and db_datatype support to label_db backend
@ 2014-06-25 16:26 Artyom Smirnov
2014-06-26 14:52 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Artyom Smirnov @ 2014-06-25 16:26 UTC (permalink / raw)
To: selinux
Hi,
in https://github.com/TresysTechnology/refpolicy/pull/1 db_exception
and db_datatype were added to reference policy. This small patch
extends ability of label_db backend to work with these objects.
Regards.
---
libselinux/include/selinux/label.h | 2 ++
libselinux/man/man5/selabel_db.5 | 12 ++++++++++++
libselinux/src/label_db.c | 4 ++++
3 files changed, 18 insertions(+)
diff --git a/libselinux/include/selinux/label.h b/libselinux/include/selinux/label.h
index c63ea7d..672a7c2 100644
--- a/libselinux/include/selinux/label.h
+++ b/libselinux/include/selinux/label.h
@@ -131,6 +131,8 @@ void selabel_stats(struct selabel_handle *handle);
#define SELABEL_DB_BLOB 8
#define SELABEL_DB_TUPLE 9
#define SELABEL_DB_LANGUAGE 10
+#define SELABEL_DB_EXCEPTION 11
+#define SELABEL_DB_DATATYPE 12
#ifdef __cplusplus
}
diff --git a/libselinux/man/man5/selabel_db.5 b/libselinux/man/man5/selabel_db.5
index 51b5848..76eb9bc 100644
--- a/libselinux/man/man5/selabel_db.5
+++ b/libselinux/man/man5/selabel_db.5
@@ -86,6 +86,16 @@ argument specifies the name of a view object, such as "postgres.public.my_view".
The
.I object_name
argument specifies the name of a language object, such as "postgres.public.tcl".
+.TP
+.B SELABEL_DB_EXCEPTION
+The
+.I object_name
+argument specifies the name of a exception object.
+.TP
+.B SELABEL_DB_DATATYPE
+The
+.I object_name
+argument specifies the name of a type or domain object, such as postgres.public.my_type.
.RE
.sp
Any messages generated by \fBselabel_lookup\fR(3) are sent to \fIstderr\fR
@@ -135,6 +145,8 @@ SELABEL_DB_TUPLE@db_tuple
SELABEL_DB_PROCEDURE@db_procedure
SELABEL_DB_SEQUENCE@db_sequence
SELABEL_DB_BLOB@db_blob
+SELABEL_DB_EXCEPTION@db_exception
+SELABEL_DB_DATATYPE@db_datatype
.TE
.
.SH "FILE FORMAT"
diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c
index ab0696a..999dd46 100644
--- a/libselinux/src/label_db.c
+++ b/libselinux/src/label_db.c
@@ -140,6 +140,10 @@ process_line(const char *path, char *line_buf, unsigned int line_num,
spec->type = SELABEL_DB_TUPLE;
else if (!strcmp(type, "db_language"))
spec->type = SELABEL_DB_LANGUAGE;
+ else if (!strcmp(type, "db_exception"))
+ spec->type = SELABEL_DB_EXCEPTION;
+ else if (!strcmp(type, "db_datatype"))
+ spec->type = SELABEL_DB_DATATYPE;
else {
selinux_log(SELINUX_WARNING,
"%s: line %d has invalid object type %s\n",
--
1.9.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] Add db_exception and db_datatype support to label_db backend
2014-06-25 16:26 [PATCH] Add db_exception and db_datatype support to label_db backend Artyom Smirnov
@ 2014-06-26 14:52 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2014-06-26 14:52 UTC (permalink / raw)
To: Artyom Smirnov, selinux
On 06/25/2014 12:26 PM, Artyom Smirnov wrote:
> Hi,
>
> in https://github.com/TresysTechnology/refpolicy/pull/1 db_exception
> and db_datatype were added to reference policy. This small patch
> extends ability of label_db backend to work with these objects.
>
> Regards.
> ---
> libselinux/include/selinux/label.h | 2 ++
> libselinux/man/man5/selabel_db.5 | 12 ++++++++++++
> libselinux/src/label_db.c | 4 ++++
> 3 files changed, 18 insertions(+)
Thanks, applied on #next
>
> diff --git a/libselinux/include/selinux/label.h b/libselinux/include/selinux/label.h
> index c63ea7d..672a7c2 100644
> --- a/libselinux/include/selinux/label.h
> +++ b/libselinux/include/selinux/label.h
> @@ -131,6 +131,8 @@ void selabel_stats(struct selabel_handle *handle);
> #define SELABEL_DB_BLOB 8
> #define SELABEL_DB_TUPLE 9
> #define SELABEL_DB_LANGUAGE 10
> +#define SELABEL_DB_EXCEPTION 11
> +#define SELABEL_DB_DATATYPE 12
>
> #ifdef __cplusplus
> }
> diff --git a/libselinux/man/man5/selabel_db.5 b/libselinux/man/man5/selabel_db.5
> index 51b5848..76eb9bc 100644
> --- a/libselinux/man/man5/selabel_db.5
> +++ b/libselinux/man/man5/selabel_db.5
> @@ -86,6 +86,16 @@ argument specifies the name of a view object, such as "postgres.public.my_view".
> The
> .I object_name
> argument specifies the name of a language object, such as "postgres.public.tcl".
> +.TP
> +.B SELABEL_DB_EXCEPTION
> +The
> +.I object_name
> +argument specifies the name of a exception object.
> +.TP
> +.B SELABEL_DB_DATATYPE
> +The
> +.I object_name
> +argument specifies the name of a type or domain object, such as postgres.public.my_type.
> .RE
> .sp
> Any messages generated by \fBselabel_lookup\fR(3) are sent to \fIstderr\fR
> @@ -135,6 +145,8 @@ SELABEL_DB_TUPLE@db_tuple
> SELABEL_DB_PROCEDURE@db_procedure
> SELABEL_DB_SEQUENCE@db_sequence
> SELABEL_DB_BLOB@db_blob
> +SELABEL_DB_EXCEPTION@db_exception
> +SELABEL_DB_DATATYPE@db_datatype
> .TE
> .
> .SH "FILE FORMAT"
> diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c
> index ab0696a..999dd46 100644
> --- a/libselinux/src/label_db.c
> +++ b/libselinux/src/label_db.c
> @@ -140,6 +140,10 @@ process_line(const char *path, char *line_buf, unsigned int line_num,
> spec->type = SELABEL_DB_TUPLE;
> else if (!strcmp(type, "db_language"))
> spec->type = SELABEL_DB_LANGUAGE;
> + else if (!strcmp(type, "db_exception"))
> + spec->type = SELABEL_DB_EXCEPTION;
> + else if (!strcmp(type, "db_datatype"))
> + spec->type = SELABEL_DB_DATATYPE;
> else {
> selinux_log(SELINUX_WARNING,
> "%s: line %d has invalid object type %s\n",
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-06-26 14:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-06-25 16:26 [PATCH] Add db_exception and db_datatype support to label_db backend Artyom Smirnov
2014-06-26 14:52 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.