checkpolicy: use #define for dismod selections
We just use random numbers to make menu selections. Use #defines and names that make some sense instead. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Steve Lawrence <slawrence@tresys.com>
This commit is contained in:
parent
16c6605da1
commit
4ce7d734e8
|
@ -45,6 +45,14 @@
|
|||
#define le32_to_cpu(x) bswap_32(x)
|
||||
#endif
|
||||
|
||||
#define DISPLAY_AVBLOCK_COND_AVTAB 0
|
||||
#define DISPLAY_AVBLOCK_UNCOND_AVTAB 1
|
||||
#define DISPLAY_AVBLOCK_ROLE_TYPE_NODE 2 /* unused? */
|
||||
#define DISPLAY_AVBLOCK_ROLE_TRANS 3
|
||||
#define DISPLAY_AVBLOCK_ROLE_ALLOW 4
|
||||
#define DISPLAY_AVBLOCK_REQUIRES 5
|
||||
#define DISPLAY_AVBLOCK_DECLARES 6
|
||||
|
||||
static policydb_t policydb;
|
||||
extern unsigned int ss_initialized;
|
||||
|
||||
|
@ -596,7 +604,7 @@ int display_avdecl(avrule_decl_t * decl, int field, uint32_t what,
|
|||
fprintf(out_fp, "decl %u:%s\n", decl->decl_id,
|
||||
(decl->enabled ? " [enabled]" : ""));
|
||||
switch (field) {
|
||||
case 0:{
|
||||
case DISPLAY_AVBLOCK_COND_AVTAB:{
|
||||
cond_list_t *cond = decl->cond_list;
|
||||
avrule_t *avrule;
|
||||
while (cond) {
|
||||
|
@ -624,7 +632,7 @@ int display_avdecl(avrule_decl_t * decl, int field, uint32_t what,
|
|||
}
|
||||
break;
|
||||
}
|
||||
case 1:{
|
||||
case DISPLAY_AVBLOCK_UNCOND_AVTAB:{
|
||||
avrule_t *avrule = decl->avrules;
|
||||
if (avrule == NULL) {
|
||||
fprintf(out_fp, " <empty>\n");
|
||||
|
@ -638,26 +646,26 @@ int display_avdecl(avrule_decl_t * decl, int field, uint32_t what,
|
|||
}
|
||||
break;
|
||||
}
|
||||
case 2:{ /* role_type_node */
|
||||
case DISPLAY_AVBLOCK_ROLE_TYPE_NODE:{ /* role_type_node */
|
||||
break;
|
||||
}
|
||||
case 3:{
|
||||
case DISPLAY_AVBLOCK_ROLE_TRANS:{
|
||||
display_role_trans(decl->role_tr_rules, policy, out_fp);
|
||||
break;
|
||||
}
|
||||
case 4:{
|
||||
case DISPLAY_AVBLOCK_ROLE_ALLOW:{
|
||||
display_role_allow(decl->role_allow_rules, policy,
|
||||
out_fp);
|
||||
break;
|
||||
}
|
||||
case 5:{
|
||||
case DISPLAY_AVBLOCK_REQUIRES:{
|
||||
if (display_scope_index
|
||||
(&decl->required, policy, out_fp)) {
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 6:{
|
||||
case DISPLAY_AVBLOCK_DECLARES:{
|
||||
if (display_scope_index
|
||||
(&decl->declared, policy, out_fp)) {
|
||||
return -1;
|
||||
|
@ -886,15 +894,16 @@ int main(int argc, char **argv)
|
|||
fgets(ans, sizeof(ans), stdin);
|
||||
switch (ans[0]) {
|
||||
|
||||
case '1':{
|
||||
fprintf(out_fp, "unconditional avtab:\n");
|
||||
display_avblock(1, RENDER_UNCONDITIONAL,
|
||||
&policydb, out_fp);
|
||||
break;
|
||||
}
|
||||
case '1':
|
||||
fprintf(out_fp, "unconditional avtab:\n");
|
||||
display_avblock(DISPLAY_AVBLOCK_UNCOND_AVTAB,
|
||||
RENDER_UNCONDITIONAL, &policydb,
|
||||
out_fp);
|
||||
break;
|
||||
case '2':
|
||||
fprintf(out_fp, "conditional avtab:\n");
|
||||
display_avblock(0, RENDER_UNCONDITIONAL, &policydb,
|
||||
display_avblock(DISPLAY_AVBLOCK_COND_AVTAB,
|
||||
RENDER_UNCONDITIONAL, &policydb,
|
||||
out_fp);
|
||||
break;
|
||||
case '3':
|
||||
|
@ -917,11 +926,13 @@ int main(int argc, char **argv)
|
|||
break;
|
||||
case '7':
|
||||
fprintf(out_fp, "role transitions:\n");
|
||||
display_avblock(3, 0, &policydb, out_fp);
|
||||
display_avblock(DISPLAY_AVBLOCK_ROLE_TRANS, 0,
|
||||
&policydb, out_fp);
|
||||
break;
|
||||
case '8':
|
||||
fprintf(out_fp, "role allows:\n");
|
||||
display_avblock(4, 0, &policydb, out_fp);
|
||||
display_avblock(DISPLAY_AVBLOCK_ROLE_ALLOW, 0,
|
||||
&policydb, out_fp);
|
||||
break;
|
||||
case '9':
|
||||
display_policycon(&policydb, out_fp);
|
||||
|
@ -931,11 +942,13 @@ int main(int argc, char **argv)
|
|||
break;
|
||||
case 'a':
|
||||
fprintf(out_fp, "avrule block requirements:\n");
|
||||
display_avblock(5, 0, &policydb, out_fp);
|
||||
display_avblock(DISPLAY_AVBLOCK_REQUIRES, 0,
|
||||
&policydb, out_fp);
|
||||
break;
|
||||
case 'b':
|
||||
fprintf(out_fp, "avrule block declarations:\n");
|
||||
display_avblock(6, 0, &policydb, out_fp);
|
||||
display_avblock(DISPLAY_AVBLOCK_DECLARES, 0,
|
||||
&policydb, out_fp);
|
||||
break;
|
||||
case 'c':
|
||||
display_policycaps(&policydb, out_fp);
|
||||
|
|
Loading…
Reference in New Issue