RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-07 05:11:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,038 Commits 4 Branches 751 Tags 23 MiB
C 74.6%
Python 16.2%
Roff 5.2%
SWIG 1.2%
Makefile 1.1%
Other 1.7%
d4048fa522
Go to file
Caleb Case d4048fa522 libsemanage: get/set module info and enabled status 
This provides the functions for enabling/disabling modules via a
semanage_module_key_t and getting/setting module info.

Enabled/disabled status is indicated by the presence of an empty file in
the disabled directory:

/var/lib/selinux/<policy type>/disabled/<module name>

The presence of a file there indicates that the module is disabled at
all priorities. Enable/disabling of modules is done across all
priorities simultaneously to avoid confusion that would likely arise
from per priority settings.

semanage_module_get_module_info gathers up the on disk information about
a module indicated by the module key and puts the information into
module info. In order to facilitate an easy mechanism for getting the
highest priority module of a given name, the key's priority value may
be 0 and the highest priority module with the given name will be located.

semanage_direct_set_module_info is a helper function that writes module
info to disk. The unused attribute is used to suppress warnings for
compilation and is removed in the module install patch later in the
series.

semanage_module_list_all behaves similar to semanage_module_list except
it returns all modules at all priorities. semanage_module_list will only
include the highest priority, enabled, non-base modules (this is its
current behavior). See the module install patch later in the series for
the modified semanage_module_list.

Adds a helper function for creating a directory if it doesn't already
exist (used to automatically create the disabled, priority, and module
dirs).

Signed-off-by: Chad Sellers <csellers@tresys.com>
2014-08-26 08:02:16 -04:00
checkpolicy Bump version and update ChangeLog for release. 2014-05-06 13:30:27 -04:00
libselinux libselinux: Compiled file context files and the original should have the same permissions 2014-08-26 07:59:02 -04:00
libsemanage libsemanage: get/set module info and enabled status 2014-08-26 08:02:16 -04:00
libsepol Bump version and update ChangeLog for release. 2014-05-06 13:30:27 -04:00
policycoreutils semanage: move permissive module creation to /tmp 2014-08-26 08:02:16 -04:00
scripts Add make-update script and fix release script. 2013-10-31 14:34:02 -04:00
sepolgen sepolgen: remove unnecessary grammar in interface call param list 2014-08-26 07:59:08 -04:00
.gitignore global: gitignore: add a couple of more editor backup filetypes 2013-02-01 12:14:57 -05:00
Makefile libselinux: additional makefile support for rubywrap 2012-06-28 11:21:16 -04:00
README Adjust build instructions to clarify x86_64 vs x86. 2013-10-30 12:51:19 -04:00

README 

To build and install everything under a private directory, run:
make DESTDIR=~/obj install install-pywrap

To install as the default system libraries and binaries
(overwriting any previously installed ones - dangerous!),
on x86_64, run:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
or on x86 (32-bit), run:
make install install-pywrap relabel

This may render your system unusable if the upstream SELinux userspace
lacks library functions or other dependencies relied upon by your
distribution.  If it breaks, you get to keep both pieces.