Commit Graph

125 Commits

Author SHA1 Message Date
Richard Haines
34d9c258da libselinux: mapping fix for invalid class/perms after selinux_set_mapping call
Please find another libselinux patch. I've tested quite extensively with the compute_av and string functions with and without mapping and seems okay.

The patch covers:
When selinux_set_mapping(3) is used to set the class and permissions allowed by an object manager, then an invalid class and/or permissions are selected (e.g. using security_class_to_string), then mapping.c in libselinux forces an assert. This patch removes the asserts and allows the functions to return a class/perm of 0 (unknown) with errno set to EINVAL. A minor patch to set EINVAL in security_av_perm_to_string_compat is also included. All the functions to convert perms & classes to strings and back should now return the correct errno with or without mapping enabled.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:52 -04:00
Eric Paris
8faf23de0b libselinux: audit2why: work around python bug not defining SIZEOF_SOCKET_T
A at least one broken python headers didn't define SIZEOF_SOCKET_T.
Define it if we happen upon one of those.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:52 -04:00
Eric Paris
4ad1896954 libselinux: resolv symlinks and dot directories before matching paths
matchpathcon cannot handle ./ or ../ in pathnames and doesn't do well
with symlinks.  This patch uses the glibc function realpath() to try to
determine a real path with resolved symlinks and dot directories.  For
example before this pach we would see:

$ matchpathcon /tmp/../eric
/tmp/../eric	<<none>>
$ matchpathcon /eric
/eric	system_u:object_r:default_t:s0

Whereas after the path we get the same results.  The one quirk with the
patch is that we need special code to make sure that realpath() does not
follow a symlink if it is the final component.  aka if we have a symlink
from /eric to /tmp/eric we do not want to resolv to /tmp/eric.  We want
to just resolv to the actual symlink /eric.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:48 -04:00
Eric Paris
4749940426 update repo for 2011-08-03 with version and changelog updates 2011-08-03 18:09:02 -04:00
Eric Paris
802369fbe2 audit2allow: do not print statistics
I believe this is just to stop flooding the screen with libsepol
statistics every time you run audit2allow or any other libsepol command.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:02:32 -04:00
Eric Paris
c7ed95f449 libselinux: make python bindings for restorecon work on relative path
This patch just makes python bindings for restorecon work on relative
paths.

$ cd /etc
$ python
> import selinux
> selinux.restorecon("resolv.conf")

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:02:28 -04:00
Eric Paris
2ea80c28a5 libselinux: fix python audit2why binding error
There is a missing error check in audit2why.c.  Check for error and
return NULL if we can't initialize instead of just pretending it worked.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:02:19 -04:00
Eric Paris
63df0f7ef1 libselinux: support new python3 functions
python3 does not have PyString_FromString use PyBytes_FromString
instead. The same for PyString_Check->PyBytes_Check and for
PyString_AsString->PyBytes_AsString

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:02:14 -04:00
Eric Paris
4f621a1686 libselinux: do not check fcontext duplicates on use
Tools like restorecon or systemd, which load the fcontext database to
make labeling decisions do not need to check for duplicate rules.  Only
the first rule will be used.  Instead we should only check for
duplicates when new rules are added to the database.  And fail the
transaction if we find one.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:02:07 -04:00
Daniel J Walsh
874bac80bb Patch for python3 for libselinux
Allow the specification of python3 in the swig creation

This patch adds the new option PYPREFIX which causes the swig created
libraries to have a prefix.  This allows one to build both the python2
and python3 libraries in the same source tree.  The install will then
later strip this prefix back off when it drops the files into the python
approriate site package directory.

This patch also needs to update the PYINC definition as newer python
patckages on fedora exist in /usr/include/python3.2mu instead of
/usr/include/python3.2 as the other method of detemrining PYINC would
have found.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-03 18:01:58 -04:00
Eric Paris
78b4b56857 Made updates to checkpolicy libselinux and policycoreutils so update
version and changelogs

Signed-off-by: Eric Paris <eparis@redhat.com>
2011-08-02 14:10:39 -04:00
Eric Paris
84ea17b5f3 libselinux: move .gitignore into utils
There is a .gitignore at the head of the directory but only contains
entries for the utils directory.  Move to the utils directory.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-02 13:33:52 -04:00
Eric Paris
5ef65fd784 libselinux: new setexecon utility
This utility will tell what context a new task will have after exec
based on the pathname and the context of the launching task.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-02 13:33:35 -04:00
Richard Haines
441cf2ea92 libselinux: selabel_open fix processing of substitution files
libselinux selabel_open function always processed the substitution files (if
installed) from the active policy contexts/files/file_contexts.subs and
subs_dist irrespective of the backend type or SELABEL_OPT_PATH setting. This
patch now processes the correct subs files when selabel_open is called with
SELABEL_CTX_FILE. The other backends could also process their own substitution
files if needed in their own areas.

[move the init declaration to label_internal.h - eparis]
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-02 13:33:21 -04:00
Daniel J Walsh
e3cab998b4 libselinux mountpoint changing patch.
The Fedora Distribution is looking to standardize kernel subsystem file
systems to be mounted under /sys/fs. They would like us to move /selinux
to /sys/fs/selinux.  This patch changes libselinux in the following
ways:

1.  load_policy will first check if /sys/fs/selinux exists and mount the
selinuxfs at this location, if it does not exists it will fall back to
mounting the file system at /selinux (if it exists).

2.  The init functions of selinux will now check if /sys/fs/selinux is
mounted, if it is and has an SELinuxfs mounted on it, the code will then
check if the selinuxfs is mounted rw, if it is, libselinux will set the
mountpoint, if it is readonly, libselinux will return no mountpoint.  If
/sys/fs/selinux does not exists, the same check will be done for
/selinux and finally for an entry in /proc/mounts.

NOTE:  We added the check for RO, to allow tools like mock to be able to
tell a chroot that SELinux is disabled while enforcing it outside the
chroot.

$ getenforce
Enabled
$ mount --bind /selinux /var/chroot/selinux
$ mount -o remount,ro /var/chroot/selinux
$ chroot /var/chroot
$ getenforce
Disabled

3. In order to make this work, I needed to stop enabled from checking if
/proc/filesystem for entries if selinux_mnt did not exist.  Now enabeled
checks if selinux_mnt has been discovered otherwise it will report
selinux disabled.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-02 13:33:04 -04:00
root
e4f49b120a libselinux: simplify SRCS in Makefile
The makefile does:
  SRCS= $(filter-out $A, $(filter-out $B, *))
When it can just do:
  SRCS= $(filter-out $A $B, *)

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-02 13:32:13 -04:00
Eric Paris
510003b63f Minor version bump for updates as of 2011-08-01
checkpolicy
libselinux
libsemanage
libsepol
policycoreutils

Signed-off-by: Eric Paris <eparis@redhat.com>
2011-08-01 13:49:21 -04:00
Eric Paris
6fe09c7080 libselinux: do not store generated files in git
libselinux/src/selinux.py and libselinux/src/selinuxswig_wrap.c
are both generated rather than being real code.  Do not store them
in git.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-01 13:40:20 -04:00
Steve Lawrence
44121f6624 Minor version bump for release
Bump checkpolicy to 2.1.0
Bump libselinux to 2.1.0
Bump libsepol to 2.1.0
Bump libsemanage to 2.1.0
Bump policycoreutils to 2.1.0
Bump sepolgen to 1.1.0
2011-07-27 15:32:54 -04:00
Steve Lawrence
c7512cf11c Revision version bump
Bump checkpolicy to 2.0.24
Bump libselinux to 2.0.102
Bump libsepol to 2.0.43
Bump policycoreutils to 2.0.86

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-12 08:29:53 -04:00
Steve Lawrence
a0ea2d893d Fix plural secolor.conf in the man page and black/white mixup
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-11 15:49:17 -04:00
Richard Haines
c99414fc1f Add libselinux man pages for colour functions
Add man pages for selinux_raw_context_to_color(5), selinux_colors_path(3) and secolors.conf(5).

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-11 10:41:04 -04:00
Daniel J Walsh
20b43b3fd3 This patch adds a new subs_dist file.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The idea is to allow distributions to ship a subs file as well as let
the user modify subs.

In F16 we are looking at shipping a

file_contexts.subs_dist file like this

cat file_contexts.subs_dist
/run /var/run
/run/lock /var/lock
/var/run/lock /var/lock
/lib64 /lib
/usr/lib64 /usr/lib

The we will remove all (64)?  from policy.

This will allow us to make sure all /usr/lib/libBLAH is labeled the same
as /usr/lib64/libBLAH

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk2c1ksACgkQrlYvE4MpobNXcQCgqgAiQJxmwa1+NdIq8E3tQRp6
QT0An0ihA60di9CRsEqEdVbSaHOwtte5
=LXgd
-----END PGP SIGNATURE-----

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-08 10:28:02 -04:00
Daniel J Walsh
1629d2f89a This patch cleans up a couple of crashes caused by libselinux
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you fail to load_policy in the init or SELinux is disabled, you need
to free the selinux_mnt variable and clear the memory.

systemd was calling load_polcy on a DISABLED system then later on it
would call is_selinux_enabled() and get incorrect response, since
selinux_mnt still had valid data.

The second bug in libselinux, resolves around calling the
selinux_key_delete(destructor_key) if the selinux_key_create call had
never been called.  This was causing data to be freed in other
applications that loaded an unloaded the libselinux library but never
setup setrans or matchpathcon.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk2c0/UACgkQrlYvE4MpobMP1QCfXAFD3pfWFLd1lylU/vjsZmpM
mcUAnA2l3/GKGC3hT8XB9E+2pTfpy+uj
=jpyr
-----END PGP SIGNATURE-----

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-08 10:22:17 -04:00
Daniel J Walsh
5c6729b4d2 Resend: This patch causes the mount points created in load_policy to have a proper name
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/06/2011 05:10 PM, Daniel J Walsh wrote:
> "proc" and "selinuxfs"
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk2c14AACgkQrlYvE4MpobMC7gCglauBYIKMfBRUcQPaMGKTzYZV
udUAn3X/rgUgJ55401IVwyCHC051bGQA
=47TI
-----END PGP SIGNATURE-----

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-04-07 15:47:50 -04:00
Stephen Smalley
acd3b7f9f1 Bump libselinux to 2.0.101 2011-03-23 08:56:16 -04:00
KaiGai Kohei
c4737c2e32 add db_language support on label_db.c
The attached patch add support db_language object class
to the selabel_lookup(_raw) interfaces.
It is needed to inform object manager initial label of
procedural language object.

Thanks,
--
KaiGai Kohei <kaigai@ak.jp.nec.com>

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2011-03-23 08:53:13 -04:00
Eamon Walsh
44d8ff2b0f bump libselinux to 2.0.100
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2011-03-09 11:51:06 -05:00
Eamon Walsh
f0b3127ca3 Use library destructors to destroy per-thread keys.
This prevents the key destructors, intented to free per-thread
heap storage, from being called after libselinux has been unloaded.

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=680887

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2011-03-09 11:43:33 -05:00
Steve Lawrence
fdab2ec279 bump libselinux to 2.0.99
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-03-01 11:52:56 -05:00
Daniel J Walsh
6caa4cbe32 selinux man page fixes
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-03-01 11:50:42 -05:00
KaiGai Kohei
bc2a8f418e libselinux: add selinux_status_* interfaces for /selinux/status
The attached patch adds several interfaces to reference /selinux/status
according to sequential-lock logic.

selinux_status_open() open the kernel status page and mmap it with
read-only mode, or open netlink socket as a fallback in older kernels.

Then, we can obtain status information from the mmap'ed page using
selinux_status_updated(), selinux_status_getenfoce(),
selinux_status_policyload() or selinux_status_deny_unknown().

It enables to help to implement userspace avc with heavy access control
decision; that we cannot ignore the cost to communicate with kernel for
validation of userspace caches.

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2011-03-01 11:21:19 -05:00
Chad Sellers
d17ed0d90d bump checkpolicy to 2.0.23
bump libselinux to 2.0.98
bump libsepol to 2.0.42
bump libsemanage to 2.0.46

Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-12-16 14:11:57 -05:00
Daniel J Walsh
7bc4ffb5df Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: I think it is time to turn off default user handling in libselinux
Date: Mon, 13 Dec 2010 13:28:01 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This patch will turn this handling off.  Meaning you will not end up
with some bizarro context and fail to login if the login program can not
figure how to log you in.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0GZbEACgkQrlYvE4MpobOF7QCgsD1XYuNC6B5MyIezCZvN9mYL
UX4AoOe9GsP3bhuvMBPea9LXeV/7tCPS
=B9Pk
-----END PGP SIGNATURE-----

Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-12-14 15:45:10 -05:00
Eamon Walsh
705071c6b1 bump libselinux to 2.0.97
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2010-12-02 20:08:22 -05:00
Eamon Walsh
569ce54985 matchpathcon: Close selabel handle in thread destructor.
This is necessary because the handle is thread-local.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2010-12-02 19:30:06 -05:00
Eamon Walsh
a00fd94a46 selabel: Store substitution data in the handle instead of globally.
This is for thread safety.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2010-12-02 19:21:10 -05:00
Eamon Walsh
a29ff33baf Implement destructors for thread-local heap data.
Description of problem:
Use of __thread variables is great for creating a thread-safe variable, but
only insofar as the contents of that variable can safely be abandoned on
pthread_exit().  The moment you store malloc()d data into a __thread void*
variable, you have leaked memory when the thread exits, since there is no way
to associate a destructor with __thread variables.

The _only_ safe way to use thread-local caching of malloc()d data is to use
pthread_key_create, and associate a destructor that will call free() on the
resulting data when the thread exits.

libselinux is guilty of abusing __thread variables to store malloc()d data as a
form of a cache, to minimize computation by reusing earlier results from the
same thread.  As a result of this memory leak, repeated starting and stopping
of domains via libvirt can result in the OOM killer triggering, since libvirt
fires up a thread per domain, and each thread uses selinux calls such as
fgetfilecon.

Version-Release number of selected component (if applicable):
libselinux-2.0.94-2.el6.x86_64
libvirt-0.8.1-27.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
0. These steps are run as root, assuming hardware kvm support and existence of
a VM named fedora (adjust the steps below as appropriate); if desired, I can
reduce this to a simpler test case that does not rely on libvirt, by using a
single .c file that links against libselinux and repeatedly spawns threads.
1. service libvirtd stop
2. valgrind --quiet --leak-check=full /usr/sbin/libvirtd& pid=$!
3. virsh start fedora
4. kill $pid

Actual results:
The biggest leak reported is due to libselinux' abuse of __thread:

==26696== 829,730 (40 direct, 829,690 indirect) bytes in 1 blocks are
definitely lost in loss record 500 of 500
==26696==    at 0x4A0515D: malloc (vg_replace_malloc.c:195)
==26696==    by 0x3022E0D48C: selabel_open (label.c:165)
==26696==    by 0x3022E11646: matchpathcon_init_prefix (matchpathcon.c:296)
==26696==    by 0x3022E1190D: matchpathcon (matchpathcon.c:317)
==26696==    by 0x3033ED7FB5: SELinuxRestoreSecurityFileLabel (security_selinux.c:381)
==26696==    by 0x3033ED8539: SELinuxRestoreSecurityAllLabel (security_selinux.c:749)
==26696==    by 0x459153: qemuSecurityStackedRestoreSecurityAllLabel (qemu_security_stacked.c:257)
==26696==    by 0x43F0C5: qemudShutdownVMDaemon (qemu_driver.c:4311)
==26696==    by 0x4555C9: qemudStartVMDaemon (qemu_driver.c:4234)
==26696==    by 0x458416: qemudDomainObjStart (qemu_driver.c:7268)
==26696==    by 0x45896F: qemudDomainStart (qemu_driver.c:7308)
==26696==    by 0x3033E75412: virDomainCreate (libvirt.c:4881)
==26696==

Basically, libvirt created a thread that used matchpathcon during 'virsh start
fedora', and matchpathcon stuffed over 800k of malloc'd data into:

static __thread char **con_array;

which are then inaccessible when libvirt exits the thread as part of shutting
down on SIGTERM.

Expected results:
valgrind should not report any memory leaks related to libselinux.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Reported-by: Eric Blake <eblake@redhat.com>
Tested-by: Eric Blake <eblake@redhat.com>
2010-12-02 19:15:40 -05:00
Chad Sellers
fe19c7a6ac bump libselinux to 2.0.96 and checkpolicy to 2.0.22
Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-06-14 16:33:29 -04:00
KaiGai Kohei
6a17cfaafc Author: KaiGai Kohei
Email: kaigai@ak.jp.nec.com
Subject: libselinux APIs should take "const" qualifier?
Date: Tue, 23 Mar 2010 11:56:36 +0900

(2010/03/19 22:32), Stephen Smalley wrote:
> On Fri, 2010-03-19 at 16:52 +0900, KaiGai Kohei wrote:
>> Right now, security_context_t is an alias of char *, declared in selinux.h.
>>
>> Various kind of libselinux API takes security_context_t arguments,
>> however, it is inconvenience in several situations.
>>
>> For example, the following query is parsed, then delivered to access
>> control subsystem with the security context as "const char *" cstring.
>>
>>    ALTER TABLE my_tbl SECURITY LABEL TO 'system_u:object_r:sepgsql_table_t:SystemHigh';
>>                  const char *<----    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>> In this case, we want to call selinux_trans_to_raw_context() to translate
>> the given security context into raw format. But it takes security_context_t
>> argument for the source context, although this pointer is read-only.
>> In the result, compiler raises warnings because we gave "const char *" pointer
>> into functions which take security_context_t (= char *).
>>
>> Any comments?
>>
>> It seems to me the following functions' prototype should be qualified by
>> "const".
>
> That seems reasonable and should have no impact on library ABI.
> On the other hand, others have pointed out that security_context_t is
> not a properly encapsulated data type at all, and perhaps should be
> deprecated and replaced with direct use of char*/const char* throughout.
>
> There are other library API issues as well that have come up in the
> past, such as lack of adequate namespacing (with approaches put forth),
> but we don't ever seem to get a round tuit.

At first, I tried to add const qualifiers read-only security_context_t
pointers, but didn't replace them by char */const char * yet, right now.

BTW, I could find out the following code:

  int security_compute_create(security_context_t scon,
                              security_context_t tcon,
                              security_class_t tclass,
                              security_context_t * newcon)
  {
          int ret;
          security_context_t rscon = scon;
          security_context_t rtcon = tcon;
          security_context_t rnewcon;

          if (selinux_trans_to_raw_context(scon, &rscon))
                  return -1;
          if (selinux_trans_to_raw_context(tcon, &rtcon)) {
                  freecon(rscon);
                  return -1;
          }
      :

In this case, scon and tcon can be qualified by const, and the first
argument of selinux_trans_to_raw_context() can take const pointer.
But it tries to initialize rscon and tscon by const pointer, although
these are used to store raw security contexts.
The selinux_trans_to_raw_context() always set dynamically allocated
text string on the second argument, so we don't need to initialize it
anyway. I also removed these initializations in this patch.

Does the older mcstrans code could return without allocation of raw
format when the given scon is already raw format? I don't know why
these are initialized in this manner.

Thanks.
--
KaiGai Kohei <kaigai@ak.jp.nec.com>

Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-06-14 15:21:51 -04:00
Chad Sellers
0750eb5114 bump libselinux to 2.0.95 2010-06-10 16:57:28 -04:00
Steve Lawrence
537721089a Author: Steve Lawrence
Email: slawrence@tresys.com
Subject: Add chcon method to libselinux python bindings
Date: Mon, 7 Jun 2010 17:40:05 -0400

Adds a chcon method to the libselinux python bindings to change the
context of a file/directory tree.

Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-06-10 13:56:57 -04:00
Chad Sellers
8f007923dd [PATCH] Remove duplicate slashes in paths in selabel_lookup
This patch simply removes duplicate slashes (meaning "//") from
pathnames passed into selabel_lookup. It does not do a full
realpath() calculation (e.g. following symlinks, etc.), as the
client should really do that before calling into libselinux.

Signed-off-by: Chad Sellers <csellers@tresys.com>
2010-06-02 14:47:45 -04:00
Joshua Brindle
734f7621b8 bump libselinux to 2.0.94 2010-03-24 14:28:39 -04:00
Daniel J Walsh
7dcf27a791 Patch to context_new to set errno to EINVAL on bad values
Signed-off-by: Joshua Brindle <method@manicmethod.com>
2010-03-24 14:15:40 -04:00
Eamon Walsh
386ab8df8e Typo fix in ChangeLog.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2010-03-18 18:27:07 -04:00
Joshua Brindle
e53b2cebf2 Merge branch 'master' of oss.tresys.com:/home/git/selinux 2010-03-18 16:38:45 -04:00
Daniel J Walsh
5af0827097 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Small patch to fix is_selinux_enabled man page.
Date: Tue, 16 Mar 2010 12:35:22 -0400
Signed-off-by: Joshua Brindle <method@manicmethod.com>
2010-03-18 16:38:17 -04:00
Eamon Walsh
0b2e0bd5d0 Bump libselinux to 2.0.93 2010-03-15 19:01:31 -04:00
Eamon Walsh
dbbd0ab903 Show strerror for security_getenforce().
Patch by Colin Waters.

Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
2010-03-15 19:01:31 -04:00