RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libselinux: selabel_open fix processing of substitution files 

libselinux selabel_open function always processed the substitution files (if
installed) from the active policy contexts/files/file_contexts.subs and
subs_dist irrespective of the backend type or SELABEL_OPT_PATH setting. This
patch now processes the correct subs files when selabel_open is called with
SELABEL_CTX_FILE. The other backends could also process their own substitution
files if needed in their own areas.

[move the init declaration to label_internal.h - eparis]
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This commit is contained in:
Richard Haines 2011-04-18 16:41:40 +01:00 committed by Eric Paris
parent e3cab998b4
commit 441cf2ea92
3 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libselinux/src/label.c
View File

@ -56,7 +56,7 @@ static char *selabel_sub(struct selabel_sub *ptr, const char *src)
return NULL;
}
static struct selabel_sub *selabel_subs_init(const char *path,struct selabel_sub *list)
struct selabel_sub *selabel_subs_init(const char *path,struct selabel_sub *list)
{
char buf[1024];
FILE *cfg = fopen(path, "r");
@ -161,8 +161,6 @@ struct selabel_handle *selabel_open(unsigned int backend,
rec->validating = selabel_is_validate_set(opts, nopts);
rec->subs = NULL;
rec->subs = selabel_subs_init(selinux_file_context_subs_dist_path(), rec->subs);
rec->subs = selabel_subs_init(selinux_file_context_subs_path(), rec->subs);
if ((*initfuncs[backend])(rec, opts, nopts)) {
free(rec);

12
libselinux/src/label_file.c
View File

@ -406,6 +406,7 @@ static int init(struct selabel_handle *rec, struct selinux_opt *opts,
FILE *homedirfp = NULL;
char local_path[PATH_MAX + 1];
char homedir_path[PATH_MAX + 1];
char subs_file[PATH_MAX + 1];
char *line_buf = NULL;
size_t line_len = 0;
unsigned int lineno, pass, i, j, maxnspec;
@ -427,6 +428,17 @@ static int init(struct selabel_handle *rec, struct selinux_opt *opts,
break;
}
/* Process local and distribution substitution files */
if (!path) {
rec->subs = selabel_subs_init(selinux_file_context_subs_dist_path(), rec->subs);
rec->subs = selabel_subs_init(selinux_file_context_subs_path(), rec->subs);
} else {
snprintf(subs_file, sizeof(subs_file), "%s.subs_dist", path);
rec->subs = selabel_subs_init(subs_file, rec->subs);
snprintf(subs_file, sizeof(subs_file), "%s.subs", path);
rec->subs = selabel_subs_init(subs_file, rec->subs);
}
/* Open the specification file. */
if (!path)
path = selinux_file_context_path();

3
libselinux/src/label_internal.h
View File

@ -36,6 +36,9 @@ struct selabel_sub {
struct selabel_sub *next;
};
extern struct selabel_sub *selabel_subs_init(const char *path,
struct selabel_sub *list);
struct selabel_lookup_rec {
security_context_t ctx_raw;
security_context_t ctx_trans;