Rename SELinux source files
The name rc-selinux-util.* is a bit long, so I renamed the source files
to rc-selinux.*
X-Gentoo-Bug: 516956
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=516956
William Hubbs
9 years ago
4 | 4 | runscript.c rc.c swclock.c |
5 | 5 | |
6 | 6 | ifeq (${MKSELINUX},yes) |
7 | SRCS+= rc-selinux-util.c | |
7 | SRCS+= rc-selinux.c | |
8 | 8 | endif |
9 | 9 | |
10 | CLEANFILES= version.h rc-selinux-util.o | |
10 | CLEANFILES= version.h rc-selinux.o | |
11 | 11 | |
12 | 12 | BINDIR= ${PREFIX}/bin |
13 | 13 | SBINDIR= ${PREFIX}/sbin |
46 | 46 | #include "rc-misc.h" |
47 | 47 | |
48 | 48 | #ifdef HAVE_SELINUX |
49 | #include "rc-selinux-util.h" | |
49 | #include "rc-selinux.h" | |
50 | 50 | #endif |
51 | 51 | |
52 | 52 | typedef enum { |
0 | /* | |
1 | rc-selinux.c | |
2 | SELinux helpers to get and set contexts. | |
3 | */ | |
4 | ||
5 | /* | |
6 | * Copyright (c) 2014 Jason Zaman <jason@perfinion.com> | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | |
15 | * documentation and/or other materials provided with the distribution. | |
16 | * | |
17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
18 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
20 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
23 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
24 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
25 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | * SUCH DAMAGE. | |
28 | */ | |
29 | ||
30 | #include <stddef.h> | |
31 | #include <errno.h> | |
32 | ||
33 | #include <sys/stat.h> | |
34 | ||
35 | #include <selinux/selinux.h> | |
36 | #include <selinux/label.h> | |
37 | ||
38 | #include "rc-selinux-util.h" | |
39 | ||
40 | static struct selabel_handle *hnd = NULL; | |
41 | ||
42 | int | |
43 | selinux_util_label(const char *path) | |
44 | { | |
45 | int retval = 0; | |
46 | int enforce; | |
47 | struct stat st; | |
48 | security_context_t con; | |
49 | ||
50 | enforce = security_getenforce(); | |
51 | if (retval < 0) | |
52 | return retval; | |
53 | ||
54 | if (NULL == hnd) | |
55 | return (enforce) ? -1 : 0; | |
56 | ||
57 | retval = lstat(path, &st); | |
58 | if (retval < 0) { | |
59 | if (ENOENT == errno) | |
60 | return 0; | |
61 | return (enforce) ? -1 : 0; | |
62 | } | |
63 | ||
64 | /* lookup the context */ | |
65 | retval = selabel_lookup_raw(hnd, &con, path, st.st_mode); | |
66 | if (retval < 0) { | |
67 | if (ENOENT == errno) | |
68 | return 0; | |
69 | return (enforce) ? -1 : 0; | |
70 | } | |
71 | ||
72 | /* apply the context */ | |
73 | retval = lsetfilecon(path, con); | |
74 | freecon(con); | |
75 | if (retval < 0) { | |
76 | if (ENOENT == errno) | |
77 | return 0; | |
78 | if (ENOTSUP == errno) | |
79 | return 0; | |
80 | return (enforce) ? -1 : 0; | |
81 | } | |
82 | ||
83 | return 0; | |
84 | } | |
85 | ||
86 | /* | |
87 | * Open the label handle | |
88 | * returns 1 on success, 0 if no selinux, negative on error | |
89 | */ | |
90 | int | |
91 | selinux_util_open(void) | |
92 | { | |
93 | int retval = 0; | |
94 | ||
95 | retval = is_selinux_enabled(); | |
96 | if (retval <= 0) | |
97 | return retval; | |
98 | ||
99 | hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); | |
100 | if (NULL == hnd) | |
101 | return -2; | |
102 | ||
103 | return 1; | |
104 | } | |
105 | ||
106 | /* | |
107 | * Close the label handle | |
108 | * returns 1 on success, 0 if no selinux, negative on error | |
109 | */ | |
110 | int | |
111 | selinux_util_close(void) | |
112 | { | |
113 | int retval = 0; | |
114 | ||
115 | retval = is_selinux_enabled(); | |
116 | if (retval <= 0) | |
117 | return retval; | |
118 | ||
119 | if (hnd) { | |
120 | selabel_close(hnd); | |
121 | hnd = NULL; | |
122 | } | |
123 | ||
124 | return 0; | |
125 | } |
0 | /* | |
1 | * Copyright (c) 2014 Jason Zaman <jason@perfinion.com> | |
2 | * | |
3 | * Redistribution and use in source and binary forms, with or without | |
4 | * modification, are permitted provided that the following conditions | |
5 | * are met: | |
6 | * 1. Redistributions of source code must retain the above copyright | |
7 | * notice, this list of conditions and the following disclaimer. | |
8 | * 2. Redistributions in binary form must reproduce the above copyright | |
9 | * notice, this list of conditions and the following disclaimer in the | |
10 | * documentation and/or other materials provided with the distribution. | |
11 | * | |
12 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
13 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
14 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
15 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
16 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
17 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
18 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
19 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
20 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
21 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
22 | * SUCH DAMAGE. | |
23 | */ | |
24 | ||
25 | #ifndef RC_SELINUX_UTIL_H | |
26 | #define RC_SELINUX_UTIL_H | |
27 | ||
28 | int selinux_util_open(void); | |
29 | int selinux_util_label(const char *path); | |
30 | int selinux_util_close(void); | |
31 | ||
32 | #endif |
0 | /* | |
1 | rc-selinux.c | |
2 | SELinux helpers to get and set contexts. | |
3 | */ | |
4 | ||
5 | /* | |
6 | * Copyright (c) 2014 Jason Zaman <jason@perfinion.com> | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | |
15 | * documentation and/or other materials provided with the distribution. | |
16 | * | |
17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
18 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
20 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
23 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
24 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
25 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | * SUCH DAMAGE. | |
28 | */ | |
29 | ||
30 | #include <stddef.h> | |
31 | #include <errno.h> | |
32 | ||
33 | #include <sys/stat.h> | |
34 | ||
35 | #include <selinux/selinux.h> | |
36 | #include <selinux/label.h> | |
37 | ||
38 | #include "rc-selinux.h" | |
39 | ||
40 | static struct selabel_handle *hnd = NULL; | |
41 | ||
42 | int | |
43 | selinux_util_label(const char *path) | |
44 | { | |
45 | int retval = 0; | |
46 | int enforce; | |
47 | struct stat st; | |
48 | security_context_t con; | |
49 | ||
50 | enforce = security_getenforce(); | |
51 | if (retval < 0) | |
52 | return retval; | |
53 | ||
54 | if (NULL == hnd) | |
55 | return (enforce) ? -1 : 0; | |
56 | ||
57 | retval = lstat(path, &st); | |
58 | if (retval < 0) { | |
59 | if (ENOENT == errno) | |
60 | return 0; | |
61 | return (enforce) ? -1 : 0; | |
62 | } | |
63 | ||
64 | /* lookup the context */ | |
65 | retval = selabel_lookup_raw(hnd, &con, path, st.st_mode); | |
66 | if (retval < 0) { | |
67 | if (ENOENT == errno) | |
68 | return 0; | |
69 | return (enforce) ? -1 : 0; | |
70 | } | |
71 | ||
72 | /* apply the context */ | |
73 | retval = lsetfilecon(path, con); | |
74 | freecon(con); | |
75 | if (retval < 0) { | |
76 | if (ENOENT == errno) | |
77 | return 0; | |
78 | if (ENOTSUP == errno) | |
79 | return 0; | |
80 | return (enforce) ? -1 : 0; | |
81 | } | |
82 | ||
83 | return 0; | |
84 | } | |
85 | ||
86 | /* | |
87 | * Open the label handle | |
88 | * returns 1 on success, 0 if no selinux, negative on error | |
89 | */ | |
90 | int | |
91 | selinux_util_open(void) | |
92 | { | |
93 | int retval = 0; | |
94 | ||
95 | retval = is_selinux_enabled(); | |
96 | if (retval <= 0) | |
97 | return retval; | |
98 | ||
99 | hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); | |
100 | if (NULL == hnd) | |
101 | return -2; | |
102 | ||
103 | return 1; | |
104 | } | |
105 | ||
106 | /* | |
107 | * Close the label handle | |
108 | * returns 1 on success, 0 if no selinux, negative on error | |
109 | */ | |
110 | int | |
111 | selinux_util_close(void) | |
112 | { | |
113 | int retval = 0; | |
114 | ||
115 | retval = is_selinux_enabled(); | |
116 | if (retval <= 0) | |
117 | return retval; | |
118 | ||
119 | if (hnd) { | |
120 | selabel_close(hnd); | |
121 | hnd = NULL; | |
122 | } | |
123 | ||
124 | return 0; | |
125 | } |
0 | /* | |
1 | * Copyright (c) 2014 Jason Zaman <jason@perfinion.com> | |
2 | * | |
3 | * Redistribution and use in source and binary forms, with or without | |
4 | * modification, are permitted provided that the following conditions | |
5 | * are met: | |
6 | * 1. Redistributions of source code must retain the above copyright | |
7 | * notice, this list of conditions and the following disclaimer. | |
8 | * 2. Redistributions in binary form must reproduce the above copyright | |
9 | * notice, this list of conditions and the following disclaimer in the | |
10 | * documentation and/or other materials provided with the distribution. | |
11 | * | |
12 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
13 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
14 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
15 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
16 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
17 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
18 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
19 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
20 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
21 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
22 | * SUCH DAMAGE. | |
23 | */ | |
24 | ||
25 | #ifndef RC_SELINUX_UTIL_H | |
26 | #define RC_SELINUX_UTIL_H | |
27 | ||
28 | int selinux_util_open(void); | |
29 | int selinux_util_label(const char *path); | |
30 | int selinux_util_close(void); | |
31 | ||
32 | #endif |