libselinux: use logging wrapper in getseuser(3) and get_default_context(3) family

Instead of writing error messages directly to stderr use the wrapper selinux_log(), which by default writes to stderr. This allows applications to redirect or silence messages via selinux_set_callback(3). Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: James Carter <jwcart2@gmail.com>
2025-02-18 02:26:59 +00:00 · 2023-12-19 17:09:29 +01:00 · 2023-12-19 17:09:29 +01:00 · 846550d78d
commit 846550d78d
parent 65c8fd457b
2 changed files with 10 additions and 6 deletions
--- a/libselinux/src/get_context_list.c
+++ b/libselinux/src/get_context_list.c
@ -7,7 +7,9 @@
 #include <string.h>
 #include <ctype.h>
 #include <pwd.h>
+
 #include "selinux_internal.h"
+#include "callbacks.h"
 #include "context_internal.h"
 #include "get_context_list_internal.h"

@ -224,7 +226,7 @@ static int get_context_user(FILE * fp,

 		/* Check whether a new context is valid */
 		if (SIZE_MAX - user_len < strlen(start) + 2) {
-			fprintf(stderr, "%s: one of partial contexts is too big\n", __FUNCTION__);
+			selinux_log(SELINUX_ERROR, "%s: one of partial contexts is too big\n", __FUNCTION__);
 			errno = EINVAL;
 			rc = -1;
 			goto out;
@ -245,7 +247,7 @@ static int get_context_user(FILE * fp,
 				rc = -1;
 				goto out;
 			}
-			fprintf(stderr,
+			selinux_log(SELINUX_ERROR,
 				"%s: can't create a context from %s, skipping\n",
 				__FUNCTION__, usercon_str);
 			free(usercon_str);
@ -439,7 +441,7 @@ int get_ordered_context_list(const char *user,

 		fclose(fp);
 		if (rc < 0 && errno != ENOENT) {
-			fprintf(stderr,
+			selinux_log(SELINUX_ERROR,
 				"%s:  error in processing configuration file %s\n",
 				__FUNCTION__, fname);
 			/* Fall through, try global config */
@ -452,7 +454,7 @@ int get_ordered_context_list(const char *user,
 		rc = get_context_user(fp, fromcon, user, &reachable, &nreachable);
 		fclose(fp);
 		if (rc < 0 && errno != ENOENT) {
-			fprintf(stderr,
+			selinux_log(SELINUX_ERROR,
 				"%s:  error in processing configuration file %s\n",
 				__FUNCTION__, selinux_default_context_path());
 			/* Fall through */
--- a/libselinux/src/seusers.c
+++ b/libselinux/src/seusers.c
@ -8,7 +8,9 @@
 #include <errno.h>
 #include <selinux/selinux.h>
 #include <selinux/context.h>
+
 #include "selinux_internal.h"
+#include "callbacks.h"

 /* Process line from seusers.conf and split into its fields.
   Returns 0 on success, -1 on comments, and -2 on error. */
@ -197,8 +199,8 @@ int getseuserbyname(const char *name, char **r_seuser, char **r_level)
 		if (rc == -1)
 			continue;	/* comment, skip */
 		if (rc == -2) {
-			fprintf(stderr, "%s:  error on line %lu, skipping...\n",
-				selinux_usersconf_path(), lineno);
+			selinux_log(SELINUX_ERROR, "%s:  error on line %lu, skipping...\n",
+						   selinux_usersconf_path(), lineno);
 			continue;
 		}