Revert "libsemanage: change module disabled from rename to symlink"

This reverts commit 60c780ffb6.
2011-09-27 12:19:04 -04:00 · 2011-09-27 12:19:04 -04:00 · 7475f81869
parent 07e1c247cf
commit 7475f81869
3 changed files with 54 additions and 72 deletions
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@ -353,11 +353,17 @@ static int parse_module_headers(semanage_handle_t * sh, char *module_data,
 	     semanage_path(SEMANAGE_TMP, SEMANAGE_MODULES)) == NULL) {
 		return -1;
 	}
-	if (asprintf(filename, "%s/%s.pp", module_path, *module_name) == -1) {
+	if (asprintf(filename, "%s/%s.pp%s", module_path, *module_name, DISABLESTR) == -1) {
 		ERR(sh, "Out of memory!");
 		return -1;
 	}

+	if (access(*filename, F_OK) == -1) {
+		char *ptr = *filename;
+		int len = strlen(ptr) - strlen(DISABLESTR);
+		if (len > 0) ptr[len]='\0';
+	}
+
 	return 0;
 }

@ -1332,12 +1338,29 @@ static int semanage_direct_enable(semanage_handle_t * sh, char *module_name)
 		base++;
 		if (memcmp(module_name, base, name_len) == 0) {

-			if (semanage_enable_module(module_filenames[i]) < 0) {
-				ERR(sh, "Could not enable module %s.", module_name);
+			if(strcmp(base + name_len + 3, DISABLESTR) != 0) {
+				ERR(sh, "Module %s is already enabled.", module_name);
 				retval = -2;
 				goto cleanup;
 			}
+
+			int len = strlen(module_filenames[i]) - strlen(DISABLESTR);
+			char *enabled_name = calloc(1, len+1);
+			if (!enabled_name) {
+				ERR(sh, "Could not allocate memory");
+				retval = -1;
+				goto cleanup;
+			}
+
+			strncpy(enabled_name, module_filenames[i],len);
+
+			if (rename(module_filenames[i], enabled_name) == -1) {
+				ERR(sh, "Could not enable module file %s.",
+				    enabled_name);
+				retval = -2;
+			}
 			retval = 0;
+			free(enabled_name);
 			goto cleanup;
 		}
 	}
@ -1371,14 +1394,28 @@ static int semanage_direct_disable(semanage_handle_t * sh, char *module_name)
 			goto cleanup;
 		}
 		base++;
-		if ((memcmp(module_name, base, name_len) == 0) &&
-		    (strcmp(base + name_len, ".pp") == 0)) {
-			if (semanage_disable_module(module_filenames[i]) < 0) {
+		if (memcmp(module_name, base, name_len) == 0) {
+			if (strcmp(base + name_len + 3, DISABLESTR) == 0) {
+				ERR(sh, "Module %s is already disabled.", module_name);
 				retval = -2;
 				goto cleanup;
+			} else if (strcmp(base + name_len, ".pp") == 0) {
+				char disabled_name[PATH_MAX];
+				if (snprintf(disabled_name, PATH_MAX, "%s%s", 
+							module_filenames[i], DISABLESTR) == PATH_MAX) {
+					ERR(sh, "Could not disable module file %s.",
+							module_filenames[i]);
+					retval = -2;
+					goto cleanup;
+				}
+				if (rename(module_filenames[i], disabled_name) == -1) {
+					ERR(sh, "Could not disable module file %s.",
+							module_filenames[i]);
+					retval = -2;
+				}
+				retval = 0;
+				goto cleanup;
 			}
-			retval=0;
-			goto cleanup;
 		}
 	}
 	ERR(sh, "Module %s was not found.", module_name);
@ -1412,7 +1449,6 @@ static int semanage_direct_remove(semanage_handle_t * sh, char *module_name)
 		}
 		base++;
 		if (memcmp(module_name, base, name_len) == 0) {
-			semanage_enable_module(module_filenames[i]);
 			if (unlink(module_filenames[i]) == -1) {
 				ERR(sh, "Could not remove module file %s.",
 				    module_filenames[i]);
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@ -57,7 +57,7 @@ typedef struct dbase_policydb dbase_t;

 #include "debug.h"

-static const char *DISABLESTR="disabled";
+const char *DISABLESTR=".disabled";

 #define SEMANAGE_CONF_FILE "semanage.conf"
 /* relative path names to enum semanage_paths to special files and
@ -427,13 +427,6 @@ int semanage_store_access_check(void)

 /********************* other I/O functions *********************/

-static int is_disabled_file(const char *file) {
-	char *ptr = strrchr(file, '.');
-	if (! ptr) return 0;
-	ptr++;
-	return (strcmp(ptr, DISABLESTR) == 0);
-}
-
 /* Callback used by scandir() to select files. */
 static int semanage_filename_select(const struct dirent *d)
 {
@ -444,41 +437,11 @@ static int semanage_filename_select(const struct dirent *d)
 	return 1;
 }

-int semanage_disable_module(const char *file) {
-	char path[PATH_MAX];
-	int in;
-	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);
-	if (n < 0 || n >= PATH_MAX)
-		return -1;
-	if ((in = open(path, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR)) == -1) {
-		return -1;
-	}
-	close(in);
-	return 0;
-}
-
-int semanage_enable_module(const char *file) {
-	char path[PATH_MAX];
-	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);
-	if (n < 0 || n >= PATH_MAX)
-		return 1;
-
-	if ((unlink(path) < 0) && (errno != ENOENT))
-		return -1;
-	return 0;
-}
-
 int semanage_module_enabled(const char *file) {
-	char path[PATH_MAX];
-	if (is_disabled_file(file)) return 0;
-	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);
-	if (n < 0 || n >= PATH_MAX)
-		return 1;
-
-	return (access(path, F_OK ) != 0);
+	int len = strlen(file) - strlen(DISABLESTR);
+	return (len < 0 || strcmp(&file[len], DISABLESTR) != 0);
 }

-/* Callback used by scandir() to select module files. */
 static int semanage_modulename_select(const struct dirent *d)
 {
 	if (d->d_name[0] == '.'
@ -486,7 +449,7 @@ static int semanage_modulename_select(const struct dirent *d)
 		|| (d->d_name[1] == '.' && d->d_name[2] == '\0')))
 		return 0;

-	return (! is_disabled_file(d->d_name));
+	return semanage_module_enabled(d->d_name);
 }

 /* Copies a file from src to dst.  If dst already exists then
@ -727,7 +690,7 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames,
 			       int *len)
 {
 	return semanage_get_modules_names_filter(sh, filenames,
-						 len, semanage_modulename_select);
+						 len, semanage_filename_select);
 }

 /* Scans the modules directory for the current semanage handler.  This
@ -740,25 +703,8 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames,
 int semanage_get_active_modules_names(semanage_handle_t * sh, char ***filenames,
 			       int *len)
 {
-
-	int rc = semanage_get_modules_names_filter(sh, filenames,
-						   len, semanage_modulename_select);
-	if ( rc != 0 ) return rc;
-
-	int i = 0, num_modules = *len;
-	char **names=*filenames;
-
-	while ( i < num_modules ) {
-		if (! semanage_module_enabled(names[i])) {
-			free(names[i]);
-			names[i]=names[num_modules-1];
-			names[num_modules-1] = NULL;
-			num_modules--;
-		}
-		i++;
-	}
-	*len = num_modules;
-	return 0;
+	return semanage_get_modules_names_filter(sh, filenames,
+						 len, semanage_modulename_select);
 }

 /******************* routines that run external programs *******************/
--- a/libsemanage/src/semanage_store.h
+++ b/libsemanage/src/semanage_store.h
@ -86,8 +86,6 @@ int semanage_get_modules_names(semanage_handle_t * sh,
 			       char ***filenames, int *len);

 int semanage_module_enabled(const char *file);
-int semanage_enable_module(const char *file);
-int semanage_disable_module(const char *file);
 /* lock file routines */
 int semanage_get_trans_lock(semanage_handle_t * sh);
 int semanage_get_active_lock(semanage_handle_t * sh);
@ -132,4 +130,6 @@ int semanage_nc_sort(semanage_handle_t * sh,
 		     size_t buf_len,
 		     char **sorted_buf, size_t * sorted_buf_len);

+extern const char *DISABLESTR;
+
 #endif