Add additional go bindings for get*con calls

- Add go bindings test command - Modify man pages of set*con calls to mention that they are thread specific
2014-02-14 09:21:36 -05:00 · 2014-02-14 09:21:36 -05:00 · 2492943f41
parent ee8c867b33
commit 2492943f41
2 changed files with 154 additions and 6 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -10,10 +10,10 @@ index fd4f0b1..51469bc 100644
 DISABLE_SETRANS ?= n
 diff --git a/libselinux/golang/Makefile b/libselinux/golang/Makefile
 new file mode 100644
-index 0000000..ad3e481
+index 0000000..b75677b
 --- /dev/null
 +++ b/libselinux/golang/Makefile
-@@ -0,0 +1,17 @@
+@@ -0,0 +1,22 @@
 +# Installation directories.
 +PREFIX ?= $(DESTDIR)/usr
 +LIBDIR ?= $(DESTDIR)/usr/lib
@ -25,18 +25,23 @@ index 0000000..ad3e481
 +	install -m 644 selinux.go $(GODIR)
 +
 +test:
+	@mkdir selinux
+	@cp selinux.go selinux
+	GOPATH=$(pwd) go run test.go 
+	@rm -rf selinux
 +
 +clean:
-+
+	@rm -f *~
+	@rm -rf selinux
 +indent:
 +
 +relabel:
 diff --git a/libselinux/golang/selinux.go b/libselinux/golang/selinux.go
 new file mode 100644
-index 0000000..9e7fdb3
+index 0000000..6cee26a
 --- /dev/null
 +++ b/libselinux/golang/selinux.go
-@@ -0,0 +1,302 @@
+@@ -0,0 +1,378 @@
 +package selinux
 +
 +/*
@ -86,6 +91,74 @@ index 0000000..9e7fdb3
 +	return int(rc), err
 +}
 +
+func Getfilecon(path string) (string, error) {
+	var scon C.security_context_t
+	var fcon string
+        rc, err := C.lgetfilecon(C.CString(path),&scon)
+	if (rc >= 0) {
+		fcon = C.GoString(scon)	
+		err = nil
+	}
+	return fcon, err
+}
+
+func Setfscreatecon(scon string) (int, error) {
+	var (
+		rc C.int
+		err error
+	)
+	if (scon != "") {
+		rc, err = C.setfscreatecon(C.CString(scon))
+	} else {
+		rc, err = C.setfscreatecon(nil)
+	}
+	return int(rc), err
+}
+
+func Getfscreatecon() (string, error) {
+	var scon C.security_context_t
+	var fcon string
+        rc, err := C.getfscreatecon(&scon)
+	if (rc >= 0) {
+		fcon = C.GoString(scon)	
+		err = nil
+		C.freecon(scon)
+	}
+	return fcon, err
+}
+
+func Getcon() (string) {
+	var pcon C.security_context_t
+	C.getcon(&pcon)
+	scon := C.GoString(pcon)
+	C.freecon(pcon)
+	return scon
+}
+
+func Getpidcon(pid int) (string, error) {
+	var pcon C.security_context_t
+	var scon string
+	rc, err := C.getpidcon(C.pid_t(pid), &pcon)
+	if (rc >= 0) {
+		scon = C.GoString(pcon)
+		C.freecon(pcon)
+		err = nil
+	}
+	return scon, err
+}
+
+func Getpeercon(socket int) (string, error) {
+	var pcon C.security_context_t
+	var scon string
+	rc, err := C.getpeercon(C.int(socket), &pcon)
+	if (rc >= 0) {
+		scon = C.GoString(pcon)
+		C.freecon(pcon)
+		err = nil
+	}
+	return scon, err
+}
+
 +func Setexeccon(scon string) (int, error) {
 +	var val *C.char
 +	if ! Selinux_enabled() {
@ -338,7 +411,77 @@ index 0000000..9e7fdb3
 +	fmt.Println(flabel)
 +	pid := os.Getpid()
 +	fmt.Printf("PID:%d MCS:%s\n", pid, Int_to_mcs(pid, 1023))
+	fmt.Println(Getcon())
+	fmt.Println(Getfilecon("/etc/passwd"))
+	fmt.Println(Getpidcon(1))
+	Setfscreatecon("unconfined_u:unconfined_r:unconfined_t:s0")
+	fmt.Println(Getfscreatecon())
+	Setfscreatecon("")
+	fmt.Println(Getfscreatecon())
+	fmt.Println(Getpidcon(1))
 +}
+diff --git a/libselinux/golang/test.go b/libselinux/golang/test.go
+new file mode 100644
+index 0000000..fed6de8
+--- /dev/null
+++ b/libselinux/golang/test.go
+@@ -0,0 +1,9 @@
+package main
+
+import (
+	"./selinux"
+)
+
+func main() {
+	selinux.Test()
+}
+diff --git a/libselinux/man/man3/getfscreatecon.3 b/libselinux/man/man3/getfscreatecon.3
+index c7675be..677ece4 100644
+--- a/libselinux/man/man3/getfscreatecon.3
+++ b/libselinux/man/man3/getfscreatecon.3
+@@ -49,6 +49,11 @@ Signal handlers that perform a
+ must take care to
+ save, reset, and restore the fscreate context to avoid unexpected behavior.
+ .
+
+.br
+.B Note:
+Contexts are thread specific.
+
+ .SH "RETURN VALUE"
+ On error \-1 is returned.
+ On success 0 is returned.
+diff --git a/libselinux/man/man3/getkeycreatecon.3 b/libselinux/man/man3/getkeycreatecon.3
+index d6a118c..b503535 100644
+--- a/libselinux/man/man3/getkeycreatecon.3
+++ b/libselinux/man/man3/getkeycreatecon.3
+@@ -48,6 +48,10 @@ Signal handlers that perform a
+ .BR setkeycreatecon ()
+ must take care to
+ save, reset, and restore the keycreate context to avoid unexpected behavior.
+
+.br
+.B Note:
+Contexts are thread specific.
+ .
+ .SH "RETURN VALUE"
+ On error \-1 is returned.
+diff --git a/libselinux/man/man3/getsockcreatecon.3 b/libselinux/man/man3/getsockcreatecon.3
+index 99e9436..673738c 100644
+--- a/libselinux/man/man3/getsockcreatecon.3
+++ b/libselinux/man/man3/getsockcreatecon.3
+@@ -49,6 +49,11 @@ Signal handlers that perform a
+ must take care to
+ save, reset, and restore the sockcreate context to avoid unexpected behavior.
+ .
+
+.br
+.B Note:
+Contexts are thread specific.
+
+ .SH "RETURN VALUE"
+ On error \-1 is returned.
+ On success 0 is returned.
 diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
 index 02dd829..6dfdb46 100644
 --- a/libselinux/src/Makefile
--- a/libselinux.spec
+++ b/libselinux.spec
@ -10,7 +10,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.2.2
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@ -243,6 +243,11 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so

 %changelog
+* Fri Feb 14 2014 Dan Walsh <dwalsh@redhat.com>  - 2.2.2-4
+- Add additional go bindings for get*con calls
+- Add go bindings test command
+- Modify man pages of set*con calls to mention that they are thread specific
+
 * Fri Jan 24 2014 Dan Walsh <dwalsh@redhat.com>  - 2.2.2-3
 - Move selinux.go to /usr/lib64/golang/src/pkg/github.com/selinux/selinux.go
 - Add Int_to_mcs function to generate MCS labels from integers.