From ee6901618c9da360515474145504c7b58258441f Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Mon, 11 Jun 2012 13:25:29 -0400 Subject: [PATCH] libselinux: expose selinux_boolean_sub Make selinux_boolean_sub a public method so getsebool can use it, as well as potentially used within libsemanage. Signed-off-by: Eric Paris --- libselinux/include/selinux/selinux.h | 8 ++++++++ libselinux/src/booleans.c | 8 ++++---- libselinux/src/selinux_internal.h | 1 + 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h index 3487a1cd..6b9089d4 100644 --- a/libselinux/include/selinux/selinux.h +++ b/libselinux/include/selinux/selinux.h @@ -472,6 +472,14 @@ extern int matchmediacon(const char *media, security_context_t * con); */ extern int selinux_getenforcemode(int *enforce); +/* + selinux_boolean_sub reads the /etc/selinux/TYPE/booleans.subs_dist file + looking for a record with boolean_name. If a record exists selinux_boolean_sub + returns the translated name otherwise it returns the original name. + The returned value needs to be freed. On failure NULL will be returned. + */ +extern char *selinux_boolean_sub(const char *boolean_name); + /* selinux_getpolicytype reads the /etc/selinux/config file and determines what the default policy for the machine is. Calling application must diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c index 5998552e..6f970e30 100644 --- a/libselinux/src/booleans.c +++ b/libselinux/src/booleans.c @@ -88,7 +88,7 @@ int security_get_boolean_names(char ***names, int *len) hidden_def(security_get_boolean_names) -static char *bool_sub(const char *name) +char *selinux_boolean_sub(const char *name) { char *sub = NULL; char *line_buf = NULL; @@ -106,7 +106,6 @@ static char *bool_sub(const char *name) char *ptr; char *src = line_buf; char *dst; - while (*src && isspace(*src)) src++; if (!*src) @@ -135,7 +134,6 @@ static char *bool_sub(const char *name) break; } - free(line_buf); fclose(cfg); out: @@ -144,6 +142,8 @@ out: return sub; } +hidden_def(selinux_boolean_sub) + static int bool_open(const char *name, int flag) { char *fname = NULL; char *alt_name = NULL; @@ -172,7 +172,7 @@ static int bool_open(const char *name, int flag) { if (fd >= 0 || errno != ENOENT) goto out; - alt_name = bool_sub(name); + alt_name = selinux_boolean_sub(name); if (!alt_name) goto out; diff --git a/libselinux/src/selinux_internal.h b/libselinux/src/selinux_internal.h index c89a1303..2c7c85ce 100644 --- a/libselinux/src/selinux_internal.h +++ b/libselinux/src/selinux_internal.h @@ -59,6 +59,7 @@ hidden_proto(selinux_mkload_policy) hidden_proto(security_getenforce) hidden_proto(security_setenforce) hidden_proto(security_deny_unknown) + hidden_proto(selinux_boolean_sub) hidden_proto(selinux_binary_policy_path) hidden_proto(selinux_booleans_subs_path) hidden_proto(selinux_default_context_path)