From 7475f818693f9153d6fb412cd0cd76804be592b7 Mon Sep 17 00:00:00 2001 From: Steve Lawrence Date: Tue, 27 Sep 2011 12:19:04 -0400 Subject: [PATCH] Revert "libsemanage: change module disabled from rename to symlink" This reverts commit 60c780ffb6e7a48a2121e871ad20471a8fe0337d. --- libsemanage/src/direct_api.c | 54 ++++++++++++++++++++----- libsemanage/src/semanage_store.c | 68 ++++---------------------------- libsemanage/src/semanage_store.h | 4 +- 3 files changed, 54 insertions(+), 72 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 43cddaa1..ed2d3e5d 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -353,11 +353,17 @@ static int parse_module_headers(semanage_handle_t * sh, char *module_data, semanage_path(SEMANAGE_TMP, SEMANAGE_MODULES)) == NULL) { return -1; } - if (asprintf(filename, "%s/%s.pp", module_path, *module_name) == -1) { + if (asprintf(filename, "%s/%s.pp%s", module_path, *module_name, DISABLESTR) == -1) { ERR(sh, "Out of memory!"); return -1; } + if (access(*filename, F_OK) == -1) { + char *ptr = *filename; + int len = strlen(ptr) - strlen(DISABLESTR); + if (len > 0) ptr[len]='\0'; + } + return 0; } @@ -1332,12 +1338,29 @@ static int semanage_direct_enable(semanage_handle_t * sh, char *module_name) base++; if (memcmp(module_name, base, name_len) == 0) { - if (semanage_enable_module(module_filenames[i]) < 0) { - ERR(sh, "Could not enable module %s.", module_name); + if(strcmp(base + name_len + 3, DISABLESTR) != 0) { + ERR(sh, "Module %s is already enabled.", module_name); retval = -2; goto cleanup; } + + int len = strlen(module_filenames[i]) - strlen(DISABLESTR); + char *enabled_name = calloc(1, len+1); + if (!enabled_name) { + ERR(sh, "Could not allocate memory"); + retval = -1; + goto cleanup; + } + + strncpy(enabled_name, module_filenames[i],len); + + if (rename(module_filenames[i], enabled_name) == -1) { + ERR(sh, "Could not enable module file %s.", + enabled_name); + retval = -2; + } retval = 0; + free(enabled_name); goto cleanup; } } @@ -1371,14 +1394,28 @@ static int semanage_direct_disable(semanage_handle_t * sh, char *module_name) goto cleanup; } base++; - if ((memcmp(module_name, base, name_len) == 0) && - (strcmp(base + name_len, ".pp") == 0)) { - if (semanage_disable_module(module_filenames[i]) < 0) { + if (memcmp(module_name, base, name_len) == 0) { + if (strcmp(base + name_len + 3, DISABLESTR) == 0) { + ERR(sh, "Module %s is already disabled.", module_name); retval = -2; goto cleanup; + } else if (strcmp(base + name_len, ".pp") == 0) { + char disabled_name[PATH_MAX]; + if (snprintf(disabled_name, PATH_MAX, "%s%s", + module_filenames[i], DISABLESTR) == PATH_MAX) { + ERR(sh, "Could not disable module file %s.", + module_filenames[i]); + retval = -2; + goto cleanup; + } + if (rename(module_filenames[i], disabled_name) == -1) { + ERR(sh, "Could not disable module file %s.", + module_filenames[i]); + retval = -2; + } + retval = 0; + goto cleanup; } - retval=0; - goto cleanup; } } ERR(sh, "Module %s was not found.", module_name); @@ -1412,7 +1449,6 @@ static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) } base++; if (memcmp(module_name, base, name_len) == 0) { - semanage_enable_module(module_filenames[i]); if (unlink(module_filenames[i]) == -1) { ERR(sh, "Could not remove module file %s.", module_filenames[i]); diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 2fa75a3b..154df3d9 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -57,7 +57,7 @@ typedef struct dbase_policydb dbase_t; #include "debug.h" -static const char *DISABLESTR="disabled"; +const char *DISABLESTR=".disabled"; #define SEMANAGE_CONF_FILE "semanage.conf" /* relative path names to enum semanage_paths to special files and @@ -427,13 +427,6 @@ int semanage_store_access_check(void) /********************* other I/O functions *********************/ -static int is_disabled_file(const char *file) { - char *ptr = strrchr(file, '.'); - if (! ptr) return 0; - ptr++; - return (strcmp(ptr, DISABLESTR) == 0); -} - /* Callback used by scandir() to select files. */ static int semanage_filename_select(const struct dirent *d) { @@ -444,41 +437,11 @@ static int semanage_filename_select(const struct dirent *d) return 1; } -int semanage_disable_module(const char *file) { - char path[PATH_MAX]; - int in; - int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR); - if (n < 0 || n >= PATH_MAX) - return -1; - if ((in = open(path, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR)) == -1) { - return -1; - } - close(in); - return 0; -} - -int semanage_enable_module(const char *file) { - char path[PATH_MAX]; - int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR); - if (n < 0 || n >= PATH_MAX) - return 1; - - if ((unlink(path) < 0) && (errno != ENOENT)) - return -1; - return 0; -} - int semanage_module_enabled(const char *file) { - char path[PATH_MAX]; - if (is_disabled_file(file)) return 0; - int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR); - if (n < 0 || n >= PATH_MAX) - return 1; - - return (access(path, F_OK ) != 0); + int len = strlen(file) - strlen(DISABLESTR); + return (len < 0 || strcmp(&file[len], DISABLESTR) != 0); } -/* Callback used by scandir() to select module files. */ static int semanage_modulename_select(const struct dirent *d) { if (d->d_name[0] == '.' @@ -486,7 +449,7 @@ static int semanage_modulename_select(const struct dirent *d) || (d->d_name[1] == '.' && d->d_name[2] == '\0'))) return 0; - return (! is_disabled_file(d->d_name)); + return semanage_module_enabled(d->d_name); } /* Copies a file from src to dst. If dst already exists then @@ -727,7 +690,7 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames, int *len) { return semanage_get_modules_names_filter(sh, filenames, - len, semanage_modulename_select); + len, semanage_filename_select); } /* Scans the modules directory for the current semanage handler. This @@ -740,25 +703,8 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames, int semanage_get_active_modules_names(semanage_handle_t * sh, char ***filenames, int *len) { - - int rc = semanage_get_modules_names_filter(sh, filenames, - len, semanage_modulename_select); - if ( rc != 0 ) return rc; - - int i = 0, num_modules = *len; - char **names=*filenames; - - while ( i < num_modules ) { - if (! semanage_module_enabled(names[i])) { - free(names[i]); - names[i]=names[num_modules-1]; - names[num_modules-1] = NULL; - num_modules--; - } - i++; - } - *len = num_modules; - return 0; + return semanage_get_modules_names_filter(sh, filenames, + len, semanage_modulename_select); } /******************* routines that run external programs *******************/ diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h index b451308d..eaae05e5 100644 --- a/libsemanage/src/semanage_store.h +++ b/libsemanage/src/semanage_store.h @@ -86,8 +86,6 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames, int *len); int semanage_module_enabled(const char *file); -int semanage_enable_module(const char *file); -int semanage_disable_module(const char *file); /* lock file routines */ int semanage_get_trans_lock(semanage_handle_t * sh); int semanage_get_active_lock(semanage_handle_t * sh); @@ -132,4 +130,6 @@ int semanage_nc_sort(semanage_handle_t * sh, size_t buf_len, char **sorted_buf, size_t * sorted_buf_len); +extern const char *DISABLESTR; + #endif