selinux/libsemanage/src/users_base_file.c

/* Copyright (C) 2005 Red Hat, Inc. */

struct semanage_user_base;
struct semanage_user_key;
typedef struct semanage_user_base record_t;
typedef struct semanage_user_key record_key_t;
#define DBASE_RECORD_DEFINED

struct dbase_file;
typedef struct dbase_file dbase_t;
#define DBASE_DEFINED

#include <stdlib.h>
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#include <semanage/handle.h>
#include "user_internal.h"
#include "database_file.h"
#include "parse_utils.h"
#include "debug.h"

static int user_base_print(semanage_handle_t * handle,
			   semanage_user_base_t * user, FILE * str)
{

	const char **roles = NULL;
	unsigned int i, nroles;

	const char *name = semanage_user_base_get_name(user);
	const char *mls_level = semanage_user_base_get_mlslevel(user);
	const char *mls_range = semanage_user_base_get_mlsrange(user);

	if (fprintf(str, "user %s roles { ", name) < 0)
		goto err;

	if (semanage_user_base_get_roles(handle, user, &roles, &nroles) < 0)
		goto err;

	for (i = 0; i < nroles; i++) {
		if (fprintf(str, "%s ", roles[i]) < 0)
			goto err;
	}

	if (fprintf(str, "} ") < 0)
		goto err;

	/* MLS */
	if (mls_level != NULL && mls_range != NULL)
		if (fprintf(str, "level %s range %s", mls_level, mls_range) < 0)
			goto err;

	if (fprintf(str, ";\n") < 0)
		goto err;

	free(roles);
	return STATUS_SUCCESS;

      err:
	free(roles);
	ERR(handle, "could not print user %s to stream", name);
	return STATUS_ERR;
}

static int user_base_parse(semanage_handle_t * handle,
			   parse_info_t * info, semanage_user_base_t * user)
{

	int islist = 0;
	char *str = NULL;
	char *start;
	char *name_str = NULL;

	if (parse_skip_space(handle, info) < 0)
		goto err;
	if (!info->ptr)
		goto last;

	/* Parse user header */
	if (parse_assert_str(handle, info, "user") < 0)
		goto err;
	if (parse_assert_space(handle, info) < 0)
		goto err;

	/* Parse user name */
	if (parse_fetch_string(handle, info, &name_str, ' ') < 0)
		goto err;

	if (semanage_user_base_set_name(handle, user, name_str) < 0) {
		free(name_str);
		goto err;
	}
	free(name_str);

	if (parse_assert_space(handle, info) < 0)
		goto err;
	if (parse_assert_str(handle, info, "roles") < 0)
		goto err;
	if (parse_assert_space(handle, info) < 0)
		goto err;

	islist = (parse_optional_ch(info, '{') != STATUS_NODATA);

	/* For each role, loop */
	do {
		char delim;

		if (parse_skip_space(handle, info) < 0)
			goto err;
		if (parse_assert_noeof(handle, info) < 0)
			goto err;

		start = info->ptr;
		while (*(info->ptr) &&
		       *(info->ptr) != ';' &&
		       *(info->ptr) != '}' && !isspace(*(info->ptr)))
			info->ptr++;

		delim = *(info->ptr);
		*(info->ptr)++ = '\0';

		if (semanage_user_base_add_role(handle, user, start) < 0)
			goto err;

		if (delim && !isspace(delim)) {
			if (islist && delim == '}')
				break;
			else if (!islist && delim == ';')
				goto skip_semicolon;
			else
				goto err;
		}

		if (parse_skip_space(handle, info) < 0)
			goto err;
		if (parse_optional_ch(info, ';') != STATUS_NODATA)
			goto skip_semicolon;
		if (parse_optional_ch(info, '}') != STATUS_NODATA)
			islist = 0;

	} while (islist);

	/* Handle mls */
	/* Parse level header */
	if (parse_skip_space(handle, info) < 0)
		goto err;
	if (parse_optional_str(info, "level") == STATUS_NODATA)
		goto semicolon;
	if (parse_assert_space(handle, info) < 0)
		goto err;

	/* NOTE: does not allow spaces/multiline */
	if (parse_fetch_string(handle, info, &str, ' ') < 0)
		goto err;
	if (semanage_user_base_set_mlslevel(handle, user, str) < 0)
		goto err;
	free(str);
	str = NULL;

	/* Parse range header */
	if (parse_assert_space(handle, info) < 0)
		goto err;
	if (parse_assert_str(handle, info, "range") < 0)
		goto err;
	if (parse_assert_space(handle, info) < 0)
		goto err;

	/* NOTE: does not allow spaces/multiline */
	if (parse_fetch_string(handle, info, &str, ';') < 0)
		goto err;
	if (semanage_user_base_set_mlsrange(handle, user, str) < 0)
		goto err;

	free(str);
	str = NULL;

	/* Check for semicolon */
      semicolon:
	if (parse_skip_space(handle, info) < 0)
		goto err;
	if (parse_assert_ch(handle, info, ';') < 0)
		goto err;

      skip_semicolon:
	return STATUS_SUCCESS;

      last:
	parse_dispose_line(info);
	return STATUS_NODATA;

      err:
	ERR(handle, "could not parse user record");
	free(str);
	parse_dispose_line(info);
	return STATUS_ERR;
}

/* USER BASE record: FILE extension: method table */
record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = {
	.parse = user_base_parse,
	.print = user_base_print,
};

int user_base_file_dbase_init(semanage_handle_t * handle,
			      const char *path_ro,
			      const char *path_rw,
			      dbase_config_t * dconfig)
{

	if (dbase_file_init(handle,
			    path_ro,
			    path_rw,
			    &SEMANAGE_USER_BASE_RTABLE,
			    &SEMANAGE_USER_BASE_FILE_RTABLE,
			    &dconfig->dbase) < 0)
		return STATUS_ERR;

	dconfig->dtable = &SEMANAGE_FILE_DTABLE;
	return STATUS_SUCCESS;
}

void user_base_file_dbase_release(dbase_config_t * dconfig)
{

	dbase_file_release(dconfig->dbase);
}