[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/libselinux/devel .cvsignore, 1.59, 1.60 libselinux-rhat.patch, 1.38, 1.39 libselinux.spec, 1.94, 1.95 sources, 1.59, 1.60



Update of /cvs/dist/rpms/libselinux/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv25114

Modified Files:
	.cvsignore libselinux-rhat.patch libselinux.spec sources 
Log Message:
* Wed Apr 13 2005 Dan Walsh <dwalsh redhat com> 1.23.7-1
- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;



Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/.cvsignore,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- .cvsignore	11 Apr 2005 20:11:29 -0000	1.59
+++ .cvsignore	13 Apr 2005 15:42:01 -0000	1.60
@@ -33,3 +33,4 @@
 libselinux-1.23.4.tgz
 libselinux-1.23.5.tgz
 libselinux-1.23.6.tgz
+libselinux-1.23.7.tgz

libselinux-rhat.patch:
 booleans.c |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

Index: libselinux-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux-rhat.patch,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- libselinux-rhat.patch	29 Mar 2005 15:33:55 -0000	1.38
+++ libselinux-rhat.patch	13 Apr 2005 15:42:01 -0000	1.39
@@ -1,474 +1,43 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.23.2/include/selinux/selinux.h
---- nsalibselinux/include/selinux/selinux.h	2005-03-17 10:34:51.000000000 -0500
-+++ libselinux-1.23.2/include/selinux/selinux.h	2005-03-28 15:02:16.000000000 -0500
-@@ -136,6 +136,16 @@
- /* Load a policy configuration. */
- extern int security_load_policy(void *data, size_t len);
- 
-+/* Translate boolean strict to name value pair. */
-+typedef struct {
-+	char *name;
-+	int value; 
-+} SELboolean;
-+	/* save a list of booleans in a single transaction.  */
-+extern int security_set_boolean_list(size_t boolcnt, 
-+				     SELboolean *boollist, 
-+				     int permanent);
-+
- /* Load policy boolean settings.
-    Path may be NULL, in which case the booleans are loaded from
-    the active policy boolean configuration file. */
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/booleans.c libselinux-1.23.2/src/booleans.c
---- nsalibselinux/src/booleans.c	2004-11-09 09:13:54.000000000 -0500
-+++ libselinux-1.23.2/src/booleans.c	2005-03-29 10:29:50.000000000 -0500
-@@ -238,51 +238,198 @@
- 	dest[i+1]='\0';
- 	return dest;
- }
-+static int process_boolean(char *buffer, char *name, int namesize, int *val) {
-+	char name1[BUFSIZ];
-+	char *ptr;
-+	char *tok=strtok_r(buffer,"=",&ptr);
-+	if (tok) {
-+		strncpy(name1,tok, BUFSIZ-1);
-+		strtrim(name,name1,namesize-1);
-+		if ( name[0]=='#' ) return 0;
-+		tok=strtok_r(NULL,"\0",&ptr);
-+		if (tok) {
-+			while (isspace(*tok)) tok++;
-+			*val = -1;
-+			if (isdigit(tok[0]))
-+				*val=atoi(tok);
-+			else if (!strncasecmp(tok, "true", sizeof("true")-1))
-+				*val = 1;
-+			else if (!strncasecmp(tok, "false", sizeof("false")-1))
-+				*val = 0;
-+			if (*val != 0 && *val != 1) {
-+				errno=EINVAL;
-+				return -1;
-+			}
-+			
-+		}
-+	}
-+	return 1;
-+}
-+static int save_booleans(size_t boolcnt, SELboolean *boollist) {
-+	ssize_t len;
-+	size_t i;
-+	char outbuf[BUFSIZ];
-+	char *inbuf=NULL;
-+	
-+	/* Open file */
-+	const char *bool_file = selinux_booleans_path();
-+	char local_bool_file[PATH_MAX];
-+	char tmp_bool_file[PATH_MAX]; 
-+	FILE *boolf;
-+	int fd;
-+	int *used= (int *) malloc (sizeof(int) * boolcnt);
-+	if (! used) {
-+		return -1;
-+	}
-+	/* zero out used field */
-+	for (i=0; i < boolcnt; i++)
-+		used[i]=0;
-+
-+
-+	snprintf(tmp_bool_file,sizeof(tmp_bool_file),"%s.XXXXXX", bool_file);
-+	fd = mkstemp(tmp_bool_file);
-+	if (fd < 0) { 
-+		free(used);
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/booleans.c libselinux-1.23.5/src/booleans.c
+--- nsalibselinux/src/booleans.c	2005-03-29 21:55:23.000000000 -0500
++++ libselinux-1.23.5/src/booleans.c	2005-04-12 08:48:47.000000000 -0400
+@@ -45,7 +45,8 @@
+ 	char **n;
+ 
+ 	assert(len);
+-	assert(selinux_mnt);
++	if (!selinux_mnt) 
 +		return -1;
-+	}
-+
-+	snprintf(local_bool_file,sizeof(local_bool_file),"%s.local", bool_file);	boolf = fopen(local_bool_file,"r");
-+	if (boolf != NULL) {
-+		ssize_t ret;
-+		size_t size=0;
-+		int val;
-+		char boolname[BUFSIZ];
-+		char *buffer;
-+		char *inbuf=NULL;
-+		while ((len=getline(&inbuf, &size, boolf)) > 0) {
-+			buffer=strdup(inbuf);
-+			if (!buffer) goto close_remove_fail;
-+			ret=process_boolean(inbuf, boolname, sizeof(boolname), &val);
-+			if (ret!=1) { 
-+				ret=write(fd, buffer, len);
-+				free(buffer);
-+				if (ret != len) 
-+					goto close_remove_fail;
-+			} else {
-+				free(buffer);
-+				for (i=0; i < boolcnt; i++) {
-+					if (strcmp(boollist[i].name, boolname)==0) {
-+						snprintf(outbuf,sizeof(outbuf), "%s=%d\n", boolname, boollist[i].value); 
-+						len=strlen(outbuf);
-+						used[i]=1;
-+						if (write(fd, outbuf, len) != len) 
-+							goto close_remove_fail;
-+						else 
-+							break;
-+					}
-+				}
-+				if ( i == boolcnt ) {
-+					snprintf(outbuf,sizeof(outbuf), "%s=%d\n", boolname, val); 
-+					len=strlen(outbuf);
-+					if (write(fd, outbuf, len) != len) 
-+						goto close_remove_fail;
-+				}
-+			}
-+			free(inbuf);
-+			inbuf=NULL;
-+		}
-+		fclose(boolf);
-+	}
-+	
-+	for (i=0; i < boolcnt; i++) {
-+		if (used[i]==0) {
-+			snprintf(outbuf,sizeof(outbuf), "%s=%d\n", boollist[i].name, boollist[i].value); 
-+			len=strlen(outbuf);
-+			if (write(fd, outbuf, len) != len) {
-+			close_remove_fail:
-+				free(inbuf);
-+				close(fd);
-+			remove_fail:
-+				unlink(tmp_bool_file);
-+				free(used);
-+				return -1;
-+			}
-+		}
-+		
-+	}
-+	if (fchmod(fd, S_IRUSR | S_IWUSR) != 0)
-+		goto close_remove_fail;
-+	close(fd);
-+	if (rename(tmp_bool_file, local_bool_file) != 0)
-+		goto remove_fail;
-+
-+	free(used);
-+	return 0;
-+}
-+static void rollback(SELboolean *boollist, int end)
-+{
-+	int i;
-+
-+        for(i=0; i<end; i++)
-+                security_set_boolean(boollist[i].name,
-+                        security_get_boolean_active(boollist[i].name));
-+}
-+
-+
-+int security_set_boolean_list(size_t boolcnt, SELboolean *boollist, int permanent) {
-+
-+	size_t i;
-+	for (i=0; i < boolcnt; i++) {
-+		if(security_set_boolean(boollist[i].name, boollist[i].value)) {
-+			rollback(boollist, i);
-+			return -1;
-+		}
-+	}
  
-+	/* OK, let's do the commit */
-+	if (security_commit_booleans()) {
-+		return -1;
-+	}
-+
-+	if (permanent) 
-+		return save_booleans(boolcnt, boollist);
-+
-+	return 0;
-+}
- int security_load_booleans(char *path) {
- 	FILE *boolf;
--	char buffer[BUFSIZ];
--	char name[BUFSIZ];
--	char name1[BUFSIZ];
-+	char *inbuf;
-+	char localbools[BUFSIZ];
-+	size_t len=0, errors=0;
- 	int val;
--	int errors=0;
-+	char name[BUFSIZ];
+ 	snprintf(path, sizeof path, "%s%s", selinux_mnt, SELINUX_BOOL_DIR);
+ 	*len = scandir(path, &namelist, &filename_select,
+@@ -94,7 +95,8 @@
+ 	int fd, len;
+ 	char *fname = NULL;
  
- 	boolf = fopen(path ? path : selinux_booleans_path(),"r");
- 	if (boolf == NULL) 
- 		return -1;
+-	assert(selinux_mnt);
++	if (!selinux_mnt) 
++		return -1;
  
--        while (fgets_unlocked(buffer, sizeof(buffer), boolf)) {
--		char *ptr;
--		char *tok=strtok_r(buffer,"=",&ptr);
--		if (tok) {
--			strncpy(name1,tok, BUFSIZ-1);
--			strtrim(name,name1,BUFSIZ-1);
--			if ( name[0]=='#' ) continue;
--			tok=strtok_r(NULL,"\0",&ptr);
--			if (tok) {
--				while (isspace(*tok)) tok++;
--				val = -1;
--				if (isdigit(tok[0]))
--					val=atoi(tok);
--				else if (!strncmp(tok, "true", sizeof("true")-1))
--					val = 1;
--				else if (!strncmp(tok, "false", sizeof("false")-1))
--					val = 0;
--				if (val != 0 && val != 1) {
--					fprintf(stderr,"illegal value for boolean %s=%s\n", name, tok);
--					errors++;
--					continue;
--				}
-+	while (getline(&inbuf, &len, boolf) > 0) {
-+		int ret=process_boolean(inbuf, name, sizeof(name), &val);
-+		if (ret==-1) 
-+			errors++;
-+		if (ret==1) 
-+			if (security_set_boolean(name, val) < 0) {
-+				errors++;
-+			}
-+	}
-+	fclose(boolf);
-+
-+	snprintf(localbools,sizeof(localbools), "%s.local", (path ? path : selinux_booleans_path()));
-+	boolf = fopen(localbools,"r");
+ 	*buf = (char*)malloc(sizeof(char) * (STRBUF_SIZE + 1));
+ 	if (!*buf)
+@@ -164,7 +166,8 @@
+ 	int fd, ret, len;
+ 	char buf[2], *fname;
  
-+	if (boolf != NULL) {
-+		int ret;
-+		while (getline(&inbuf, &len, boolf) > 0) {
-+			ret=process_boolean(inbuf, name, sizeof(name), &val);
-+			if (ret==-1) 
-+				errors++;
-+			if (ret==1) 
- 				if (security_set_boolean(name, val) < 0) {
--					fprintf(stderr,"error setting boolean %s to value %d \n", name, val);
- 					errors++;
- 				}
--			}
- 		}
-+		fclose(boolf);
- 	}
--	fclose(boolf);
--
- 	if (security_commit_booleans() < 0)
+-	assert(selinux_mnt);
++	if (!selinux_mnt) 
++		return -1;
+ 	if ( value < 0 || value > 1 )
  		return -1;
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchmediacon.c libselinux-1.23.2/src/matchmediacon.c
---- nsalibselinux/src/matchmediacon.c	2004-10-20 16:31:36.000000000 -0400
-+++ libselinux-1.23.2/src/matchmediacon.c	2005-03-28 16:44:29.000000000 -0500
-@@ -16,7 +16,7 @@
- {
- 	const char *path = selinux_media_context_path();
- 	FILE *infile;
--	char *ptr, *ptr2;
-+	char *ptr, *ptr2=NULL;
- 	int found=-1;
- 	char current_line[PATH_MAX];
- 	if ((infile = fopen(path, "r")) == NULL)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-1.23.2/src/matchpathcon.c
---- nsalibselinux/src/matchpathcon.c	2005-03-17 10:34:51.000000000 -0500
-+++ libselinux-1.23.2/src/matchpathcon.c	2005-03-28 16:45:06.000000000 -0500
-@@ -531,7 +531,7 @@
- 	char *line_buf = NULL;
- 	size_t line_len = 0;
- 	unsigned int lineno, pass, i, j, maxnspec;
--	spec_t *spec_copy;
-+	spec_t *spec_copy=NULL;
- 	int status=-1;
- 
- 	/* Open the specification file. */
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/setenforce.c libselinux-1.23.2/utils/setenforce.c
---- nsalibselinux/utils/setenforce.c	2005-01-20 16:05:25.000000000 -0500
-+++ libselinux-1.23.2/utils/setenforce.c	2005-03-28 14:47:58.000000000 -0500
-@@ -13,7 +13,7 @@
- 
- int main(int argc, char **argv) 
- {
--	int rc;
-+	int rc=0;
- 	if (argc != 2) {
- 		usage(argv[0]);
- 	}
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/setsebool.c libselinux-1.23.2/utils/setsebool.c
---- nsalibselinux/utils/setsebool.c	2005-02-22 16:34:17.000000000 -0500
-+++ libselinux-1.23.2/utils/setsebool.c	2005-03-28 16:45:42.000000000 -0500
-@@ -8,11 +8,11 @@
- #include <syslog.h>
- #include <pwd.h>
- #include <selinux/selinux.h>
-+#include <errno.h>
- 
- int permanent = 0;
- 
--int setbool(char **list, int start, int end);
--void rollback(char *list[], int start, int end);
-+int setbool(char **list, size_t start, size_t end);
- 
+@@ -203,7 +206,8 @@
+ 	char buf[2];
+ 	char path[PATH_MAX];
  
- void usage(void)
-@@ -23,7 +23,7 @@
- 
- int main(int argc, char **argv)
- {
--	int rc, start;
-+	size_t rc, start;
- 
- 	if (argc < 2) 
- 		usage();
-@@ -72,12 +72,20 @@
- 
- /* Given an array of strings in the form "boolname=value", a start index,
-    and a finish index...walk the list and set the bool. */
--int setbool(char **list, int start, int end)
-+int setbool(char **list, size_t start, size_t end)
- {
- 	char *name, *value_ptr;
- 	int i=start, value;
-+	int ret=0;
-+	int j=0;
-+	size_t boolcnt=end-start;
- 	struct passwd *pwd;
--
-+	SELboolean *vallist=calloc(boolcnt, sizeof(SELboolean));
-+	if (!vallist) {
-+		fprintf(stderr, 
-+			"Error setting booleans: %s\n", strerror(errno));
-+		return 1;
-+	}
- 	while (i < end) {
- 		name = list[i];
- 		value_ptr = strchr(list[i], '=');
-@@ -85,8 +93,8 @@
- 			fprintf(stderr, 
- 			"setsebool: '=' not found in boolean expression %s\n",
- 				list[i]);
--			rollback(list, start, i);
--			return 4;
-+			ret=4;
-+			goto error_label;
- 		}
- 		*value_ptr = 0;
- 		value_ptr++;
-@@ -99,92 +107,43 @@
- 		else {
- 			fprintf(stderr, "setsebool: illegal boolean value %s\n",
- 				value_ptr);
--			rollback(list, start, i);
--			return 1;
-+			ret=1;
-+			goto error_label;
- 		}
- 
--		if(security_set_boolean(name, value)) {
-+		vallist[j].value = value;
-+		vallist[j].name = strdup(name);
-+		if (!vallist[j].name) {
- 			fprintf(stderr, 
- 				"Error setting boolean %s to value %d (%s)\n", 
- 				name, value, strerror(errno));
--			rollback(list, start, i);
--			return 2;
-+			ret= 2;
-+			goto error_label;
- 		}
- 		i++;
-+		j++;
- 
- 		/* Now put it back */
- 		value_ptr--;
- 		*value_ptr = '=';
- 	}
- 
--	/* At this point we know that everything is good. Let's write
--	   the file if the -P option was given. */
--	if (permanent) {
--		char **names;
--		const char *bool_file;
--		char *tmp_bool_file;
--		int rc, len, fd, j;
--
--		rc = security_get_boolean_names(&names, &len);
--		if (rc) {
--			fprintf(stderr,
--				"Unable to get boolean names:  %s\n",
--				strerror(errno));
--			rollback(list, start, i);
--			return 5;
--		}
-+	ret=security_set_boolean_list(boolcnt, vallist, permanent);
- 
--		if (!len) {
--			fprintf(stderr, 
--			"Unable to get the boolean list from kernel - exiting\n"
--				);
--			rollback(list, start, i);
--			return 6;
--		}
-+ error_label:
-+	for (i=0; i < boolcnt; i++) 
-+		if (vallist[i].name) free(vallist[i].name);
-+	free(vallist);
- 
--		/* Open file */
--		bool_file = selinux_booleans_path();
--		tmp_bool_file = (char *) alloca (strlen(bool_file) + 8);
--		strcpy(stpcpy(tmp_bool_file, bool_file), ".XXXXXX");
--		fd = mkstemp(tmp_bool_file);
--		if (fd < 0) {
-+	if (ret) {
-+		if (errno==ENOENT) {
- 			fprintf(stderr, 
--				"Error creating boolean file %s\n", 
--				bool_file);
--			rollback(list, start, i);
--			return 7;
--			
-+				"Error setting boolean: Invalid boolean\n");
-+		} else {
-+			if (errno) 
-+				perror("Error setting booleans");
- 		}
--
--		/* Walk the list in pending memory, writing each to the file */
--		for (j=0; j<len; j++) {
--			char val_str[72];
--			int len;
--			int pending = security_get_boolean_pending(names[j]);
--			len = snprintf(val_str, sizeof(val_str), "%s=%d\n", 
--							names[j], pending);
--			if (write(fd, val_str, len) != len) {
--			close_remove_fail:
--				close(fd);
--			remove_fail:
--				unlink(tmp_bool_file);
--				rollback(list, start, i);
--				return 8;
--			}
--		}
--
--		if (fchmod(fd, S_IRUSR | S_IWUSR) != 0)
--			goto close_remove_fail;
--		close(fd);
--		if (rename(tmp_bool_file, bool_file) != 0)
--			goto remove_fail;
--		syslog(LOG_NOTICE, "%s has been updated.", bool_file);
--	}
--	
--	/* OK, let's do the commit */
--	if (security_commit_booleans()) {
--		fputs("Error committing booleans\n", stderr);
--		return 3;
-+		return ret;
- 	}
- 
- 	/* Now log what was done */
-@@ -211,12 +170,3 @@
- 	return 0;
- }
+-	assert(selinux_mnt);
++	if (!selinux_mnt) 
++		return -1;
  
--void rollback(char *list[], int start, int end)
--{
--	int i;
--
--        for(i=start; i<end; i++)
--                security_set_boolean(list[i],
--                        security_get_boolean_active(list[i]));
--}
--
+ 	snprintf(path, sizeof path, "%s/commit_pending_bools", selinux_mnt);
+ 	fd = open(path, O_WRONLY);


Index: libselinux.spec
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/libselinux.spec,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -r1.94 -r1.95
--- libselinux.spec	11 Apr 2005 20:11:29 -0000	1.94
+++ libselinux.spec	13 Apr 2005 15:42:01 -0000	1.95
@@ -1,6 +1,6 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 1.23.6
+Version: 1.23.7
 Release: 1
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
@@ -84,6 +84,9 @@
 %{_mandir}/man8/*
 
 %changelog
+* Wed Apr 13 2005 Dan Walsh <dwalsh redhat com> 1.23.7-1
+- Change assert(selinux_mnt) to if (!selinux_mnt) return -1;
+
 * Mon Apr 11 2005 Dan Walsh <dwalsh redhat com> 1.23.6-1
 - Update from NSA
 	* Fixed bug in matchpathcon_filespec_destroy.


Index: sources
===================================================================
RCS file: /cvs/dist/rpms/libselinux/devel/sources,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- sources	11 Apr 2005 20:11:29 -0000	1.59
+++ sources	13 Apr 2005 15:42:02 -0000	1.60
@@ -1 +1 @@
-57556d4c21c31076177abb14d9e02a2e  libselinux-1.23.6.tgz
+6f5a934e1388f2a66676587dbfa5e277  libselinux-1.23.7.tgz


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]