selinux/libselinux/utils
Eric Paris 4ad1896954 libselinux: resolv symlinks and dot directories before matching paths
matchpathcon cannot handle ./ or ../ in pathnames and doesn't do well
with symlinks.  This patch uses the glibc function realpath() to try to
determine a real path with resolved symlinks and dot directories.  For
example before this pach we would see:

$ matchpathcon /tmp/../eric
/tmp/../eric	<<none>>
$ matchpathcon /eric
/eric	system_u:object_r:default_t:s0

Whereas after the path we get the same results.  The one quirk with the
patch is that we need special code to make sure that realpath() does not
follow a symlink if it is the final component.  aka if we have a symlink
from /eric to /tmp/eric we do not want to resolv to /tmp/eric.  We want
to just resolv to the actual symlink /eric.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:48 -04:00
..
.gitignore libselinux: move .gitignore into utils 2011-08-02 13:33:52 -04:00
avcstat.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
compute_av.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
compute_create.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
compute_member.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
compute_relabel.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
compute_user.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getconlist.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getdefaultcon.c Author: Daniel J Walsh 2009-05-14 15:43:18 -04:00
getenforce.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getfilecon.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getpidcon.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getsebool.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
getseuser.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile Author: Daniel J Walsh 2009-05-07 16:05:05 -04:00
matchpathcon.c libselinux: resolv symlinks and dot directories before matching paths 2011-08-11 23:35:48 -04:00
policyvers.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
selinux_check_securetty_context.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
selinuxenabled.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
selinuxexeccon.c libselinux: new setexecon utility 2011-08-02 13:33:35 -04:00
setenforce.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
setfilecon.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
togglesebool.c initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00