This patch adds a new subs_dist file.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The idea is to allow distributions to ship a subs file as well as let the user modify subs. In F16 we are looking at shipping a file_contexts.subs_dist file like this cat file_contexts.subs_dist /run /var/run /run/lock /var/lock /var/run/lock /var/lock /lib64 /lib /usr/lib64 /usr/lib The we will remove all (64)? from policy. This will allow us to make sure all /usr/lib/libBLAH is labeled the same as /usr/lib64/libBLAH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2c1ksACgkQrlYvE4MpobNXcQCgqgAiQJxmwa1+NdIq8E3tQRp6 QT0An0ihA60di9CRsEqEdVbSaHOwtte5 =LXgd -----END PGP SIGNATURE----- Signed-off-by: Steve Lawrence <slawrence@tresys.com>
author: Daniel J Walsh <dwalsh@redhat.com> 2011-04-06 17:08:27 -0400
committer: Steve Lawrence <slawrence@tresys.com> 2011-04-08 10:28:02 -0400
commit: 20b43b3fd3d392c4f12a963a4e46c264e7ed5163 (patch)
tree: b2905c34e51dd1891e8ae9fc805fdb189fa34f46 /libselinux
parent: 1629d2f89a8c5f758413b87b94740aaaa5f21144 (diff)
download: android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.tar.gz
android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.tar.bz2
android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.zip
5 files changed, 17 insertions, 5 deletions
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
index b2a38fb1..f110dcf0 100644
--- a/libselinux/include/selinux/selinux.h
+++ b/libselinux/include/selinux/selinux.h
@@ -482,6 +482,7 @@ extern const char *selinux_file_context_path(void);
 extern const char *selinux_file_context_homedir_path(void);
 extern const char *selinux_file_context_local_path(void);
 extern const char *selinux_file_context_subs_path(void);
+extern const char *selinux_file_context_subs_dist_path(void);
 extern const char *selinux_homedir_context_path(void);
 extern const char *selinux_media_context_path(void);
 extern const char *selinux_virtual_domain_context_path(void);
diff --git a/libselinux/src/file_path_suffixes.h b/libselinux/src/file_path_suffixes.h
index ccf43e15..0b001566 100644
--- a/libselinux/src/file_path_suffixes.h
+++ b/libselinux/src/file_path_suffixes.h
@@ -23,4 +23,5 @@ S_(BINPOLICY, "/policy/policy")
     S_(VIRTUAL_DOMAIN, "/contexts/virtual_domain_context")
     S_(VIRTUAL_IMAGE, "/contexts/virtual_image_context")
     S_(FILE_CONTEXT_SUBS, "/contexts/files/file_contexts.subs")
+    S_(FILE_CONTEXT_SUBS_DIST, "/contexts/files/file_contexts.subs_dist")
     S_(SEPGSQL_CONTEXTS, "/contexts/sepgsql_contexts")
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
index 2fd19c51..ba316df5 100644
--- a/libselinux/src/label.c
+++ b/libselinux/src/label.c
@@ -56,12 +56,11 @@ static char *selabel_sub(struct selabel_sub *ptr, const char *src)
 	return NULL;
 }
 
-static struct selabel_sub *selabel_subs_init(void)
+static struct selabel_sub *selabel_subs_init(const char *path,struct selabel_sub *list)
 {
 	char buf[1024];
-	FILE *cfg = fopen(selinux_file_context_subs_path(), "r");
+	FILE *cfg = fopen(path, "r");
 	struct selabel_sub *sub;
-	struct selabel_sub *list = NULL;
 
 	if (cfg) {
 		while (fgets_unlocked(buf, sizeof(buf) - 1, cfg)) {
@@ -160,7 +159,10 @@ struct selabel_handle *selabel_open(unsigned int backend,
 	memset(rec, 0, sizeof(*rec));
 	rec->backend = backend;
 	rec->validating = selabel_is_validate_set(opts, nopts);
-	rec->subs = selabel_subs_init();
+
+	rec->subs = NULL;
+	rec->subs = selabel_subs_init(selinux_file_context_subs_dist_path(), rec->subs);
+	rec->subs = selabel_subs_init(selinux_file_context_subs_path(), rec->subs);
 
 	if ((*initfuncs[backend])(rec, opts, nopts)) {
 		free(rec);
diff --git a/libselinux/src/selinux_config.c b/libselinux/src/selinux_config.c
index e0409597..f4c33df1 100644
--- a/libselinux/src/selinux_config.c
+++ b/libselinux/src/selinux_config.c
@@ -45,7 +45,8 @@
 #define VIRTUAL_IMAGE     22
 #define FILE_CONTEXT_SUBS 23
 #define SEPGSQL_CONTEXTS  24
-#define NEL               25
+#define FILE_CONTEXT_SUBS_DIST 25
+#define NEL               26
 
 /* Part of one-time lazy init */
 static pthread_once_t once = PTHREAD_ONCE_INIT;
@@ -423,6 +424,12 @@ const char * selinux_file_context_subs_path(void) {
 
 hidden_def(selinux_file_context_subs_path)
 
+const char * selinux_file_context_subs_dist_path(void) {
+	return get_path(FILE_CONTEXT_SUBS_DIST);
+}
+
+hidden_def(selinux_file_context_subs_dist_path)
+
 const char *selinux_sepgsql_context_path()
 {
 	return get_path(SEPGSQL_CONTEXTS);
diff --git a/libselinux/src/selinux_internal.h b/libselinux/src/selinux_internal.h
index 95b40e5e..806e87c6 100644
--- a/libselinux/src/selinux_internal.h
+++ b/libselinux/src/selinux_internal.h
@@ -66,6 +66,7 @@ hidden_proto(selinux_mkload_policy)
     hidden_proto(selinux_file_context_path)
     hidden_proto(selinux_file_context_homedir_path)
     hidden_proto(selinux_file_context_local_path)
+    hidden_proto(selinux_file_context_subs_dist_path)
     hidden_proto(selinux_file_context_subs_path)
     hidden_proto(selinux_netfilter_context_path)
     hidden_proto(selinux_homedir_context_path)
author	Daniel J Walsh <dwalsh@redhat.com>	2011-04-06 17:08:27 -0400
committer	Steve Lawrence <slawrence@tresys.com>	2011-04-08 10:28:02 -0400
commit	20b43b3fd3d392c4f12a963a4e46c264e7ed5163 (patch)
tree	b2905c34e51dd1891e8ae9fc805fdb189fa34f46 /libselinux
parent	1629d2f89a8c5f758413b87b94740aaaa5f21144 (diff)
download	android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.tar.gz android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.tar.bz2 android_external_selinux-20b43b3fd3d392c4f12a963a4e46c264e7ed5163.zip