Lines Matching full:sh

65 static void semanage_direct_destroy(semanage_handle_t * sh);
66 static int semanage_direct_disconnect(semanage_handle_t * sh);
67 static int semanage_direct_begintrans(semanage_handle_t * sh);
68 static int semanage_direct_commit(semanage_handle_t * sh);
69 static int semanage_direct_install(semanage_handle_t * sh, char *data,
71 static int semanage_direct_install_file(semanage_handle_t * sh, const char *module_name);
72 static int semanage_direct_extract(semanage_handle_t * sh,
78 static int semanage_direct_remove(semanage_handle_t * sh, char *module_name);
79 static int semanage_direct_list(semanage_handle_t * sh,
82 static int semanage_direct_get_enabled(semanage_handle_t *sh,
85 static int semanage_direct_set_enabled(semanage_handle_t *sh,
89 static int semanage_direct_get_module_info(semanage_handle_t *sh,
93 static int semanage_direct_list_all(semanage_handle_t *sh,
97 static int semanage_direct_install_info(semanage_handle_t *sh,
102 static int semanage_direct_remove_key(semanage_handle_t *sh,
124 int semanage_direct_is_managed(semanage_handle_t * sh) in semanage_direct_is_managed() argument
126 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_is_managed()
129 if (semanage_access_check(sh) < 0) in semanage_direct_is_managed()
135 ERR(sh, "could not check whether policy is managed"); in semanage_direct_is_managed()
141 int semanage_direct_connect(semanage_handle_t * sh) in semanage_direct_connect() argument
146 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_connect()
149 if (sh->create_store) in semanage_direct_connect()
150 if (semanage_create_store(sh, 1)) in semanage_direct_connect()
153 sh->u.direct.translock_file_fd = -1; in semanage_direct_connect()
154 sh->u.direct.activelock_file_fd = -1; in semanage_direct_connect()
157 sh->funcs = &direct_funcs; in semanage_direct_connect()
160 if (user_base_file_dbase_init(sh, in semanage_direct_connect()
165 semanage_user_base_dbase_local(sh)) < 0) in semanage_direct_connect()
168 if (user_extra_file_dbase_init(sh, in semanage_direct_connect()
173 semanage_user_extra_dbase_local(sh)) < 0) in semanage_direct_connect()
176 if (user_join_dbase_init(sh, in semanage_direct_connect()
177 semanage_user_base_dbase_local(sh), in semanage_direct_connect()
178 semanage_user_extra_dbase_local(sh), in semanage_direct_connect()
179 semanage_user_dbase_local(sh)) < 0) in semanage_direct_connect()
182 if (port_file_dbase_init(sh, in semanage_direct_connect()
187 semanage_port_dbase_local(sh)) < 0) in semanage_direct_connect()
190 if (iface_file_dbase_init(sh, in semanage_direct_connect()
195 semanage_iface_dbase_local(sh)) < 0) in semanage_direct_connect()
198 if (bool_file_dbase_init(sh, in semanage_direct_connect()
203 semanage_bool_dbase_local(sh)) < 0) in semanage_direct_connect()
206 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
209 semanage_fcontext_dbase_local(sh)) < 0) in semanage_direct_connect()
212 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
215 semanage_fcontext_dbase_homedirs(sh)) < 0) in semanage_direct_connect()
218 if (seuser_file_dbase_init(sh, in semanage_direct_connect()
223 semanage_seuser_dbase_local(sh)) < 0) in semanage_direct_connect()
226 if (node_file_dbase_init(sh, in semanage_direct_connect()
231 semanage_node_dbase_local(sh)) < 0) in semanage_direct_connect()
234 if (ibpkey_file_dbase_init(sh, in semanage_direct_connect()
239 semanage_ibpkey_dbase_local(sh)) < 0) in semanage_direct_connect()
242 if (ibendport_file_dbase_init(sh, in semanage_direct_connect()
247 semanage_ibendport_dbase_local(sh)) < 0) in semanage_direct_connect()
251 if (user_base_policydb_dbase_init(sh, in semanage_direct_connect()
252 semanage_user_base_dbase_policy(sh)) < in semanage_direct_connect()
256 if (user_extra_file_dbase_init(sh, in semanage_direct_connect()
261 semanage_user_extra_dbase_policy(sh)) < in semanage_direct_connect()
265 if (user_join_dbase_init(sh, in semanage_direct_connect()
266 semanage_user_base_dbase_policy(sh), in semanage_direct_connect()
267 semanage_user_extra_dbase_policy(sh), in semanage_direct_connect()
268 semanage_user_dbase_policy(sh)) < 0) in semanage_direct_connect()
271 if (port_policydb_dbase_init(sh, semanage_port_dbase_policy(sh)) < 0) in semanage_direct_connect()
274 if (ibpkey_policydb_dbase_init(sh, semanage_ibpkey_dbase_policy(sh)) < 0) in semanage_direct_connect()
277 if (ibendport_policydb_dbase_init(sh, semanage_ibendport_dbase_policy(sh)) < 0) in semanage_direct_connect()
280 if (iface_policydb_dbase_init(sh, semanage_iface_dbase_policy(sh)) < 0) in semanage_direct_connect()
283 if (bool_policydb_dbase_init(sh, semanage_bool_dbase_policy(sh)) < 0) in semanage_direct_connect()
286 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
289 semanage_fcontext_dbase_policy(sh)) < 0) in semanage_direct_connect()
292 if (seuser_file_dbase_init(sh, in semanage_direct_connect()
295 semanage_seuser_dbase_policy(sh)) < 0) in semanage_direct_connect()
298 if (node_policydb_dbase_init(sh, semanage_node_dbase_policy(sh)) < 0) in semanage_direct_connect()
302 if (bool_activedb_dbase_init(sh, semanage_bool_dbase_active(sh)) < 0) in semanage_direct_connect()
309 sepol_set_disable_dontaudit(sh->sepolh, 1); in semanage_direct_connect()
312 sepol_set_disable_dontaudit(sh->sepolh, 0); in semanage_direct_connect()
314 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_connect()
321 ERR(sh, "could not establish direct connection"); in semanage_direct_connect()
325 static void semanage_direct_destroy(semanage_handle_t * sh in semanage_direct_destroy() argument
331 static int semanage_remove_tmps(semanage_handle_t *sh) in semanage_remove_tmps() argument
333 if (sh->commit_err) in semanage_remove_tmps()
340 ERR(sh, "Could not cleanly remove sandbox %s.", in semanage_remove_tmps()
351 ERR(sh, "Could not cleanly remove tmp %s.", in semanage_remove_tmps()
361 static int semanage_direct_disconnect(semanage_handle_t *sh) in semanage_direct_disconnect() argument
366 if (sh->is_in_transaction) { in semanage_direct_disconnect()
367 retval = semanage_remove_tmps(sh); in semanage_direct_disconnect()
368 semanage_release_trans_lock(sh); in semanage_direct_disconnect()
372 user_base_file_dbase_release(semanage_user_base_dbase_local(sh)); in semanage_direct_disconnect()
373 user_extra_file_dbase_release(semanage_user_extra_dbase_local(sh)); in semanage_direct_disconnect()
374 user_join_dbase_release(semanage_user_dbase_local(sh)); in semanage_direct_disconnect()
375 port_file_dbase_release(semanage_port_dbase_local(sh)); in semanage_direct_disconnect()
376 ibpkey_file_dbase_release(semanage_ibpkey_dbase_local(sh)); in semanage_direct_disconnect()
377 ibendport_file_dbase_release(semanage_ibendport_dbase_local(sh)); in semanage_direct_disconnect()
378 iface_file_dbase_release(semanage_iface_dbase_local(sh)); in semanage_direct_disconnect()
379 bool_file_dbase_release(semanage_bool_dbase_local(sh)); in semanage_direct_disconnect()
380 fcontext_file_dbase_release(semanage_fcontext_dbase_local(sh)); in semanage_direct_disconnect()
381 fcontext_file_dbase_release(semanage_fcontext_dbase_homedirs(sh)); in semanage_direct_disconnect()
382 seuser_file_dbase_release(semanage_seuser_dbase_local(sh)); in semanage_direct_disconnect()
383 node_file_dbase_release(semanage_node_dbase_local(sh)); in semanage_direct_disconnect()
386 user_base_policydb_dbase_release(semanage_user_base_dbase_policy(sh)); in semanage_direct_disconnect()
387 user_extra_file_dbase_release(semanage_user_extra_dbase_policy(sh)); in semanage_direct_disconnect()
388 user_join_dbase_release(semanage_user_dbase_policy(sh)); in semanage_direct_disconnect()
389 port_policydb_dbase_release(semanage_port_dbase_policy(sh)); in semanage_direct_disconnect()
390 ibpkey_policydb_dbase_release(semanage_ibpkey_dbase_policy(sh)); in semanage_direct_disconnect()
391 ibendport_policydb_dbase_release(semanage_ibendport_dbase_policy(sh)); in semanage_direct_disconnect()
392 iface_policydb_dbase_release(semanage_iface_dbase_policy(sh)); in semanage_direct_disconnect()
393 bool_policydb_dbase_release(semanage_bool_dbase_policy(sh)); in semanage_direct_disconnect()
394 fcontext_file_dbase_release(semanage_fcontext_dbase_policy(sh)); in semanage_direct_disconnect()
395 seuser_file_dbase_release(semanage_seuser_dbase_policy(sh)); in semanage_direct_disconnect()
396 node_policydb_dbase_release(semanage_node_dbase_policy(sh)); in semanage_direct_disconnect()
399 bool_activedb_dbase_release(semanage_bool_dbase_active(sh)); in semanage_direct_disconnect()
404 static int semanage_direct_begintrans(semanage_handle_t * sh) in semanage_direct_begintrans() argument
406 if (semanage_get_trans_lock(sh) < 0) { in semanage_direct_begintrans()
409 if ((semanage_make_sandbox(sh)) < 0) { in semanage_direct_begintrans()
412 if ((semanage_make_final(sh)) < 0) { in semanage_direct_begintrans()
427 static int parse_module_headers(semanage_handle_t * sh, char *module_data, in parse_module_headers() argument
436 ERR(sh, "Out of memory!"); in parse_module_headers()
440 sepol_policy_file_set_handle(pf, sh->sepolh); in parse_module_headers()
456 static ssize_t bzip(semanage_handle_t *sh, const char *filename, char *data, in bzip() argument
470 if (!sh->conf->bzip_blocksize) { in bzip()
479 b = BZ2_bzWriteOpen( &bzerror, f, sh->conf->bzip_blocksize, 0, 0); in bzip()
512 ssize_t bunzip(semanage_handle_t *sh, FILE *f, char **data) in bunzip() argument
527 ERR(sh, "Failure allocating memory."); in bunzip()
538 b = BZ2_bzReadOpen ( &bzerror, f, 0, sh->conf->bzip_small, NULL, 0 ); in bunzip()
540 ERR(sh, "Failure opening bz2 archive."); in bunzip()
546 ERR(sh, "Failure allocating memory."); in bunzip()
557 ERR(sh, "Failure allocating memory."); in bunzip()
567 ERR(sh, "Failure reading bz2 archive."); in bunzip()
588 static ssize_t map_file(semanage_handle_t *sh, const char *path, char **data, in map_file() argument
598 ERR(sh, "Unable to open %s\n", path); in map_file()
604 ERR(sh, "Unable to open %s\n", path); in map_file()
609 if ((size = bunzip(sh, file, &uncompress)) > 0) { in map_file()
639 static int write_file(semanage_handle_t * sh, in write_file() argument
647 ERR(sh, "Could not open %s for writing.", filename); in write_file()
651 ERR(sh, "Error while writing to %s.", filename); in write_file()
659 static int semanage_direct_update_user_extra(semanage_handle_t * sh, cil_db_t *cildb) in semanage_direct_update_user_extra() argument
666 dbase_config_t *pusers_extra = semanage_user_extra_dbase_policy(sh); in semanage_direct_update_user_extra()
685 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_user_extra()
698 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_user_extra()
705 retval = pusers_extra->dtable->clear(sh, pusers_extra->dbase); in semanage_direct_update_user_extra()
714 static int semanage_direct_update_seuser(semanage_handle_t * sh, cil_db_t *cildb) in semanage_direct_update_seuser() argument
721 dbase_config_t *pseusers = semanage_seuser_dbase_policy(sh); in semanage_direct_update_seuser()
740 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_seuser()
753 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_seuser()
759 retval = pseusers->dtable->clear(sh, pseusers->dbase); in semanage_direct_update_seuser()
768 static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int fd, char **out_dat… in read_from_pipe_to_data() argument
780 ERR(sh, "Failed to malloc, out of memory.\n"); in read_from_pipe_to_data()
790 ERR(sh, "Failed to realloc, out of memory.\n"); in read_from_pipe_to_data()
802 static int semanage_pipe_data(semanage_handle_t *sh, char *path, char *in_data, size_t in_data_len,… in semanage_pipe_data() argument
830 ERR(sh, "Unable to create pipe for input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
835 ERR(sh, "Unable to create pipe for output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
840 ERR(sh, "Unable to create pipe for error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
846 ERR(sh, "Unable to fork from parent: %s.", strerror(errno)); in semanage_pipe_data()
852 ERR(sh, "Unable to dup2 input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
857 ERR(sh, "Unable to dup2 output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
862 ERR(sh, "Unable to dup2 error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
868 ERR(sh, "Unable to close input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
873 ERR(sh, "Unable to close output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
878 ERR(sh, "Unable to close error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
883 ERR(sh, "Unable to execute %s : %s\n", path, strerror(errno)); in semanage_pipe_data()
890 ERR(sh, "Unable to close read end of input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
897 ERR(sh, "Unable to close write end of output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
904 ERR(sh, "Unable to close write end of error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
910 ERR(sh, "Failed to write data to input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
916 ERR(sh, "Unable to close write end of input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
921 …retval = read_from_pipe_to_data(sh, initial_len, output_fd[PIPE_READ], &data_read, &data_read_len); in semanage_pipe_data()
928 ERR(sh, "Unable to close read end of output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
933 …retval = read_from_pipe_to_data(sh, initial_len, err_fd[PIPE_READ], &err_data_read, &err_data_read… in semanage_pipe_data()
940 ERR(sh, "Unable to close read end of error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
945 ERR(sh, "Child process %s did not exit cleanly.", path); in semanage_pipe_data()
950 ERR(sh, "Child process %s failed with code: %d.", path, WEXITSTATUS(status)); in semanage_pipe_data()
993 static int semanage_direct_write_langext(semanage_handle_t *sh, in semanage_direct_write_langext() argument
1001 ret = semanage_module_get_path(sh, in semanage_direct_write_langext()
1012 ERR(sh, "Unable to open %s module ext file.", modinfo->name); in semanage_direct_write_langext()
1018 ERR(sh, "Unable to write %s module ext file.", modinfo->name); in semanage_direct_write_langext()
1024 ERR(sh, "Unable to close %s module ext file.", modinfo->name); in semanage_direct_write_langext()
1039 static int semanage_compile_module(semanage_handle_t *sh, in semanage_compile_module() argument
1061 status = semanage_get_hll_compiler_path(sh, modinfo->lang_ext, &compiler_path); in semanage_compile_module()
1067 sh, in semanage_compile_module()
1077 sh, in semanage_compile_module()
1086 if ((hll_data_len = map_file(sh, hll_path, &hll_data, &compressed)) <= 0) { in semanage_compile_module()
1087 ERR(sh, "Unable to read file %s\n", hll_path); in semanage_compile_module()
1092 …status = semanage_pipe_data(sh, compiler_path, hll_data, (size_t)hll_data_len, &cil_data, &cil_dat… in semanage_compile_module()
1112 bzip_status = bzip(sh, cil_path, cil_data, cil_data_len); in semanage_compile_module()
1114 ERR(sh, "Failed to bzip %s\n", cil_path); in semanage_compile_module()
1119 if (sh->conf->remove_hll == 1) { in semanage_compile_module()
1122 ERR(sh, "Error while removing HLL file %s: %s", hll_path, strerror(errno)); in semanage_compile_module()
1126 status = semanage_direct_write_langext(sh, "cil", modinfo); in semanage_compile_module()
1143 static int semanage_compile_hll_modules(semanage_handle_t *sh, in semanage_compile_hll_modules() argument
1152 assert(sh); in semanage_compile_hll_modules()
1157 sh, in semanage_compile_hll_modules()
1166 if (semanage_get_ignore_module_cache(sh) == 0 && in semanage_compile_hll_modules()
1171 ERR(sh, "Unable to access %s: %s\n", cil_path, strerror(errno)); in semanage_compile_hll_modules()
1175 status = semanage_compile_module(sh, &modinfos[i]); in semanage_compile_hll_modules()
1200 static int semanage_direct_commit(semanage_handle_t * sh) in semanage_direct_commit() argument
1218 dbase_config_t *users = semanage_user_dbase_local(sh); in semanage_direct_commit()
1219 dbase_config_t *users_base = semanage_user_base_dbase_local(sh); in semanage_direct_commit()
1220 dbase_config_t *pusers_base = semanage_user_base_dbase_policy(sh); in semanage_direct_commit()
1221 dbase_config_t *pusers_extra = semanage_user_extra_dbase_policy(sh); in semanage_direct_commit()
1222 dbase_config_t *ports = semanage_port_dbase_local(sh); in semanage_direct_commit()
1223 dbase_config_t *pports = semanage_port_dbase_policy(sh); in semanage_direct_commit()
1224 dbase_config_t *ibpkeys = semanage_ibpkey_dbase_local(sh); in semanage_direct_commit()
1225 dbase_config_t *pibpkeys = semanage_ibpkey_dbase_policy(sh); in semanage_direct_commit()
1226 dbase_config_t *ibendports = semanage_ibendport_dbase_local(sh); in semanage_direct_commit()
1227 dbase_config_t *pibendports = semanage_ibendport_dbase_policy(sh); in semanage_direct_commit()
1228 dbase_config_t *bools = semanage_bool_dbase_local(sh); in semanage_direct_commit()
1229 dbase_config_t *pbools = semanage_bool_dbase_policy(sh); in semanage_direct_commit()
1230 dbase_config_t *ifaces = semanage_iface_dbase_local(sh); in semanage_direct_commit()
1231 dbase_config_t *pifaces = semanage_iface_dbase_policy(sh); in semanage_direct_commit()
1232 dbase_config_t *nodes = semanage_node_dbase_local(sh); in semanage_direct_commit()
1233 dbase_config_t *pnodes = semanage_node_dbase_policy(sh); in semanage_direct_commit()
1234 dbase_config_t *fcontexts = semanage_fcontext_dbase_local(sh); in semanage_direct_commit()
1235 dbase_config_t *pfcontexts = semanage_fcontext_dbase_policy(sh); in semanage_direct_commit()
1236 dbase_config_t *seusers = semanage_seuser_dbase_local(sh); in semanage_direct_commit()
1237 dbase_config_t *pseusers = semanage_seuser_dbase_policy(sh); in semanage_direct_commit()
1247 do_rebuild = sh->do_rebuild | sh->modules_modified; in semanage_direct_commit()
1252 do_rebuild |= !(sepol_get_disable_dontaudit(sh->sepolh) == 1); in semanage_direct_commit()
1255 do_rebuild |= (sepol_get_disable_dontaudit(sh->sepolh) == 1); in semanage_direct_commit()
1257 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1261 if (sepol_get_disable_dontaudit(sh->sepolh) == 1) { in semanage_direct_commit()
1266 ERR(sh, "Error attempting to create disable_dontaudit flag."); in semanage_direct_commit()
1270 ERR(sh, "Error attempting to create disable_dontaudit flag."); in semanage_direct_commit()
1275 ERR(sh, "Error removing the disable_dontaudit flag."); in semanage_direct_commit()
1283 do_rebuild |= !(sepol_get_preserve_tunables(sh->sepolh) == 1); in semanage_direct_commit()
1286 do_rebuild |= (sepol_get_preserve_tunables(sh->sepolh) == 1); in semanage_direct_commit()
1288 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1293 if (sepol_get_preserve_tunables(sh->sepolh) == 1) { in semanage_direct_commit()
1298 ERR(sh, "Error attempting to create preserve_tunable flag."); in semanage_direct_commit()
1302 ERR(sh, "Error attempting to create preserve_tunable flag."); in semanage_direct_commit()
1307 ERR(sh, "Error removing the preserve_tunables flag."); in semanage_direct_commit()
1315 retval = users->dtable->flush(sh, users->dbase); in semanage_direct_commit()
1340 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1377 retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); in semanage_direct_commit()
1386 retval = semanage_compile_hll_modules(sh, modinfos, num_modinfos); in semanage_direct_commit()
1388 ERR(sh, "Failed to compile hll files into cil files.\n"); in semanage_direct_commit()
1392 retval = semanage_get_cil_paths(sh, modinfos, num_modinfos, &mod_filenames); in semanage_direct_commit()
1396 retval = semanage_verify_modules(sh, mod_filenames, num_modinfos); in semanage_direct_commit()
1402 disable_dontaudit = sepol_get_disable_dontaudit(sh->sepolh); in semanage_direct_commit()
1403 preserve_tunables = sepol_get_preserve_tunables(sh->sepolh); in semanage_direct_commit()
1405 cil_set_disable_neverallow(cildb, !(sh->conf->expand_check)); in semanage_direct_commit()
1407 cil_set_target_platform(cildb, sh->conf->target_platform); in semanage_direct_commit()
1408 cil_set_policy_version(cildb, sh->conf->policyvers); in semanage_direct_commit()
1410 if (sh->conf->handle_unknown != -1) { in semanage_direct_commit()
1411 cil_set_handle_unknown(cildb, sh->conf->handle_unknown); in semanage_direct_commit()
1414 retval = semanage_load_files(sh, cildb, mod_filenames, num_modinfos); in semanage_direct_commit()
1438 retval = write_file(sh, ofilename, fc_buffer, fc_buffer_len); in semanage_direct_commit()
1443 retval = semanage_split_fc(sh); in semanage_direct_commit()
1453 retval = semanage_direct_update_seuser(sh, cildb); in semanage_direct_commit()
1458 retval = semanage_direct_update_user_extra(sh, cildb); in semanage_direct_commit()
1465 if (sh->conf->optimize_policy) { in semanage_direct_commit()
1472 retval = semanage_write_policydb(sh, out, in semanage_direct_commit()
1482 retval = semanage_read_policydb(sh, out, SEMANAGE_LINKED); in semanage_direct_commit()
1497 pseusers->dtable->clear(sh, pseusers->dbase); in semanage_direct_commit()
1499 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1515 pusers_extra->dtable->clear(sh, pusers_extra->dbase); in semanage_direct_commit()
1517 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1533 retval = semanage_base_merge_components(sh); in semanage_direct_commit()
1539 retval = semanage_write_policydb(sh, out, in semanage_direct_commit()
1545 retval = semanage_verify_kernel(sh); in semanage_direct_commit()
1557 retval = semanage_fcontext_validate_local(sh, out); in semanage_direct_commit()
1564 retval = semanage_seuser_validate_local(sh, out); in semanage_direct_commit()
1571 retval = semanage_port_validate_local(sh); in semanage_direct_commit()
1578 retval = semanage_ibpkey_validate_local(sh); in semanage_direct_commit()
1585 retval = semanage_ibendport_validate_local(sh); in semanage_direct_commit()
1592 retval = semanage_commit_components(sh); in semanage_direct_commit()
1598 sh->conf->file_mode); in semanage_direct_commit()
1605 sh->conf->file_mode); in semanage_direct_commit()
1612 sh->conf->file_mode); in semanage_direct_commit()
1619 sh->conf->file_mode); in semanage_direct_commit()
1626 if (!sh->conf->disable_genhomedircon) { in semanage_direct_commit()
1628 if ((retval = semanage_genhomedircon(sh, out, sh->conf->usepasswd, in semanage_direct_commit()
1629 sh->conf->ignoredirs)) != 0) { in semanage_direct_commit()
1630 ERR(sh, "semanage_genhomedircon returned error code %d.", retval); in semanage_direct_commit()
1637 sh->conf->file_mode); in semanage_direct_commit()
1643 WARN(sh, "WARNING: genhomedircon is disabled. \ in semanage_direct_commit()
1653 retval = semanage_install_sandbox(sh); in semanage_direct_commit()
1657 semanage_module_info_destroy(sh, &modinfos[i]); in semanage_direct_commit()
1684 sh->commit_err = retval; in semanage_direct_commit()
1686 if (semanage_remove_tmps(sh) != 0) in semanage_direct_commit()
1689 semanage_release_trans_lock(sh); in semanage_direct_commit()
1701 static int semanage_direct_install(semanage_handle_t * sh, in semanage_direct_install() argument
1709 ret = semanage_module_info_init(sh, &modinfo); in semanage_direct_install()
1715 ret = semanage_module_info_set_priority(sh, &modinfo, sh->priority); in semanage_direct_install()
1721 ret = semanage_module_info_set_name(sh, &modinfo, module_name); in semanage_direct_install()
1727 ret = semanage_module_info_set_lang_ext(sh, &modinfo, lang_ext); in semanage_direct_install()
1733 ret = semanage_module_info_set_enabled(sh, &modinfo, -1); in semanage_direct_install()
1739 status = semanage_direct_install_info(sh, &modinfo, data, data_len); in semanage_direct_install()
1743 semanage_module_info_destroy(sh, &modinfo); in semanage_direct_install()
1753 static int semanage_direct_install_file(semanage_handle_t * sh, in semanage_direct_install_file() argument
1768 if ((data_len = map_file(sh, install_filename, &data, &compressed)) <= 0) { in semanage_direct_install_file()
1769 ERR(sh, "Unable to read file %s\n", install_filename); in semanage_direct_install_file()
1776 ERR(sh, "No memory available for strdup.\n"); in semanage_direct_install_file()
1786 ERR(sh, "Compressed module does not have a valid extension."); in semanage_direct_install_file()
1797 ERR(sh, "Module does not have a valid extension."); in semanage_direct_install_file()
1807 retval = parse_module_headers(sh, data, data_len, &module_name, &version); in semanage_direct_install_file()
1816 ERR(sh, "No memory available for module_name.\n"); in semanage_direct_install_file()
1824 retval = semanage_direct_install(sh, data, data_len, module_name, lang_ext); in semanage_direct_install_file()
1834 static int semanage_direct_extract(semanage_handle_t * sh, in semanage_direct_extract() argument
1853 sh, in semanage_direct_extract()
1863 ERR(sh, "Unable to access %s: %s\n", module_path, strerror(errno)); in semanage_direct_extract()
1868 rc = semanage_module_get_module_info(sh, in semanage_direct_extract()
1883 sh, in semanage_direct_extract()
1894 ERR(sh, "Unable to access %s: %s\n", input_file, strerror(errno)); in semanage_direct_extract()
1899 rc = semanage_compile_module(sh, _modinfo); in semanage_direct_extract()
1905 _data_len = map_file(sh, input_file, &_data, &compressed); in semanage_direct_extract()
1907 ERR(sh, "Error mapping file: %s", input_file); in semanage_direct_extract()
1918 semanage_module_info_destroy(sh, _modinfo); in semanage_direct_extract()
1927 static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) in semanage_direct_remove() argument
1933 ret = semanage_module_key_init(sh, &modkey); in semanage_direct_remove()
1939 ret = semanage_module_key_set_priority(sh, &modkey, sh->priority); in semanage_direct_remove()
1945 ret = semanage_module_key_set_name(sh, &modkey, module_name); in semanage_direct_remove()
1951 status = semanage_direct_remove_key(sh, &modkey); in semanage_direct_remove()
1964 static int semanage_direct_list(semanage_handle_t * sh, in semanage_direct_list() argument
1974 if (!sh->is_in_transaction) in semanage_direct_list()
1975 if (semanage_get_active_lock(sh) < 0) in semanage_direct_list()
1978 if (semanage_get_active_modules(sh, modinfo, num_modules) == -1) { in semanage_direct_list()
1983 retval = semanage_direct_get_serial(sh); in semanage_direct_list()
1987 retval = semanage_direct_get_serial(sh); in semanage_direct_list()
1992 semanage_module_info_destroy(sh, &(*modinfo[i])); in semanage_direct_list()
1999 if (!sh->is_in_transaction) { in semanage_direct_list()
2000 semanage_release_active_lock(sh); in semanage_direct_list()
2005 static int semanage_direct_get_enabled(semanage_handle_t *sh, in semanage_direct_get_enabled() argument
2009 assert(sh); in semanage_direct_get_enabled()
2022 sh, in semanage_direct_get_enabled()
2032 sh, in semanage_direct_get_enabled()
2044 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_get_enabled()
2056 semanage_module_info_destroy(sh, modinfo); in semanage_direct_get_enabled()
2062 static int semanage_direct_set_enabled(semanage_handle_t *sh, in semanage_direct_set_enabled() argument
2066 assert(sh); in semanage_direct_set_enabled()
2079 if (!sh->is_in_transaction) { in semanage_direct_set_enabled()
2080 if (semanage_begin_transaction(sh) < 0) { in semanage_direct_set_enabled()
2090 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_set_enabled()
2099 ERR(sh, "Enabled status %d is invalid.", enabled); in semanage_direct_set_enabled()
2107 ret = semanage_mkdir(sh, path); in semanage_direct_set_enabled()
2115 sh, in semanage_direct_set_enabled()
2125 sh, in semanage_direct_set_enabled()
2142 ERR(sh, in semanage_direct_set_enabled()
2150 ERR(sh, in semanage_direct_set_enabled()
2163 ERR(sh, in semanage_direct_set_enabled()
2177 WARN(sh, in semanage_direct_set_enabled()
2184 semanage_module_info_destroy(sh, modinfo); in semanage_direct_set_enabled()
2191 int semanage_direct_access_check(semanage_handle_t * sh) in semanage_direct_access_check() argument
2193 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_access_check()
2199 int semanage_direct_mls_enabled(semanage_handle_t * sh) in semanage_direct_mls_enabled() argument
2208 retval = semanage_read_policydb(sh, p, SEMANAGE_STORE_KERNEL); in semanage_direct_mls_enabled()
2218 static int semanage_direct_get_module_info(semanage_handle_t *sh, in semanage_direct_get_module_info() argument
2222 assert(sh); in semanage_direct_get_module_info()
2245 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_get_module_info()
2252 ret = semanage_direct_list_all(sh, &modinfos, &modinfos_len); in semanage_direct_get_module_info()
2271 ret = semanage_module_info_create(sh, modinfo); in semanage_direct_get_module_info()
2277 ret = semanage_module_info_clone(sh, highest, *modinfo); in semanage_direct_get_module_info()
2290 ERR(sh, "Priority %d is invalid.", modkey->priority); in semanage_direct_get_module_info()
2296 ret = semanage_module_info_create(sh, modinfo); in semanage_direct_get_module_info()
2302 ret = semanage_module_info_set_priority(sh, *modinfo, modkey->priority); in semanage_direct_get_module_info()
2308 ret = semanage_module_info_set_name(sh, *modinfo, modkey->name); in semanage_direct_get_module_info()
2315 ret = semanage_module_get_path(sh, in semanage_direct_get_module_info()
2328 ERR(sh, in semanage_direct_get_module_info()
2337 ERR(sh, in semanage_direct_get_module_info()
2344 ret = semanage_module_info_set_lang_ext(sh, *modinfo, tmp); in semanage_direct_get_module_info()
2353 ERR(sh, in semanage_direct_get_module_info()
2363 ret = semanage_module_get_path(sh, in semanage_direct_get_module_info()
2376 ERR(sh, "Unable to access %s: %s\n", fn, strerror(errno)); in semanage_direct_get_module_info()
2381 ret = semanage_module_info_set_enabled(sh, *modinfo, 1); in semanage_direct_get_module_info()
2388 ret = semanage_module_info_set_enabled(sh, *modinfo, 0); in semanage_direct_get_module_info()
2400 semanage_module_info_destroy(sh, &modinfos[i]); in semanage_direct_get_module_info()
2409 static int semanage_direct_set_module_info(semanage_handle_t *sh, in semanage_direct_set_module_info() argument
2421 ret = semanage_module_key_init(sh, &modkey); in semanage_direct_set_module_info()
2428 if (!sh->is_in_transaction) { in semanage_direct_set_module_info()
2429 if (semanage_begin_transaction(sh) < 0) { in semanage_direct_set_module_info()
2442 sh->modules_modified = 1; in semanage_direct_set_module_info()
2447 ret = semanage_mkdir(sh, path); in semanage_direct_set_module_info()
2454 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2464 ret = semanage_mkdir(sh, fn); in semanage_direct_set_module_info()
2471 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2481 ret = semanage_mkdir(sh, fn); in semanage_direct_set_module_info()
2488 ret = semanage_direct_write_langext(sh, modinfo->lang_ext, modinfo); in semanage_direct_set_module_info()
2499 ret = semanage_mkdir(sh, path); in semanage_direct_set_module_info()
2505 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2515 ret = semanage_module_key_set_name(sh, &modkey, modinfo->name); in semanage_direct_set_module_info()
2526 ret = semanage_module_get_module_info(sh, in semanage_direct_set_module_info()
2538 ret = semanage_module_set_enabled(sh, &modkey, enabled); in semanage_direct_set_module_info()
2545 semanage_module_key_destroy(sh, &modkey); in semanage_direct_set_module_info()
2547 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_set_module_info()
2568 static int semanage_direct_list_all(semanage_handle_t *sh, in semanage_direct_list_all() argument
2572 assert(sh); in semanage_direct_list_all()
2600 ret = semanage_module_info_init(sh, &modinfo); in semanage_direct_list_all()
2606 if (sh->is_in_transaction) { in semanage_direct_list_all()
2618 ERR(sh, "Error while scanning directory %s.", toplevel); in semanage_direct_list_all()
2635 ret = semanage_module_info_set_priority(sh, in semanage_direct_list_all()
2644 ret = semanage_module_get_path(sh, in semanage_direct_list_all()
2671 ERR(sh, in semanage_direct_list_all()
2685 ERR(sh, "Error allocating memory for module array."); in semanage_direct_list_all()
2695 sh, in semanage_direct_list_all()
2705 sh, in semanage_direct_list_all()
2716 sh, in semanage_direct_list_all()
2724 sh, in semanage_direct_list_all()
2732 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_list_all()
2741 semanage_module_info_destroy(sh, &modinfo); in semanage_direct_list_all()
2757 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_list_all()
2765 sh, in semanage_direct_list_all()
2777 static int semanage_direct_install_info(semanage_handle_t *sh, in semanage_direct_install_info() argument
2782 assert(sh); in semanage_direct_install_info()
2796 ret = semanage_module_key_init(sh, &higher_key); in semanage_direct_install_info()
2805 ERR(sh, "%s failed module validation.\n", modinfo->name); in semanage_direct_install_info()
2813 ret = semanage_module_key_set_name(sh, &higher_key, modinfo->name); in semanage_direct_install_info()
2819 ret = semanage_direct_get_module_info(sh, &higher_key, &higher_info); in semanage_direct_install_info()
2823 WARN(sh, in semanage_direct_install_info()
2831 INFO(sh, in semanage_direct_install_info()
2840 WARN(sh, in semanage_direct_install_info()
2847 ret = semanage_direct_set_module_info(sh, modinfo); in semanage_direct_install_info()
2860 sh, in semanage_direct_install_info()
2870 ret = bzip(sh, path, data, data_len); in semanage_direct_install_info()
2872 ERR(sh, "Error while writing to %s.", path); in semanage_direct_install_info()
2880 sh, in semanage_direct_install_info()
2893 ERR(sh, "Error while removing cached CIL file %s: %s", path, strerror(errno)); in semanage_direct_install_info()
2901 semanage_module_key_destroy(sh, &higher_key); in semanage_direct_install_info()
2902 semanage_module_info_destroy(sh, higher_info); in semanage_direct_install_info()
2909 static int semanage_direct_remove_key(semanage_handle_t *sh, in semanage_direct_remove_key() argument
2912 assert(sh); in semanage_direct_remove_key()
2922 ret = semanage_module_key_init(sh, &modkey_tmp); in semanage_direct_remove_key()
2932 ERR(sh, "Priority %d is invalid.", modkey->priority); in semanage_direct_remove_key()
2940 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_remove_key()
2945 ret = semanage_module_key_set_name(sh, &modkey_tmp, modkey->name); in semanage_direct_remove_key()
2953 sh, in semanage_direct_remove_key()
2966 ERR(sh, "Unable to remove module %s at priority %d.", modkey->name, modkey->priority); in semanage_direct_remove_key()
2972 ret = semanage_module_get_module_info(sh, &modkey_tmp, &modinfo); in semanage_direct_remove_key()
2976 INFO(sh, in semanage_direct_remove_key()
2983 sh, in semanage_direct_remove_key()
3007 INFO(sh, in semanage_direct_remove_key()
3015 semanage_module_key_destroy(sh, &modkey_tmp); in semanage_direct_remove_key()
3017 semanage_module_info_destroy(sh, modinfo); in semanage_direct_remove_key()