Commit Graph

71 Commits

Author SHA1 Message Date
Daniel J Walsh
bed7f30855 - Update from NSA
Fixed policy file leaks in semanage_load_module and semanage_write_module.
Merged further database work from Ivan Gyurdiev.
Fixed bug in semanage_direct_disconnect.
2005-10-21 14:24:09 +00:00
Daniel J Walsh
e4a5671bb5 - Update from NSA
Merged interface renaming patch from Ivan Gyurdiev.
Merged policy component patch from Ivan Gyurdiev.
Renamed 'check=' configuration value to 'expand-check=' for clarity.
Changed semanage_commit_sandbox to check for and report errors on rename(2)
    calls performed during rollback.
Added optional check= configuration value to semanage.conf and updated call
    to sepol_expand_module to pass its value to control assertion and
    hierarchy checking on module expansion.
Merged fixes for make DESTDIR= builds from Joshua Brindle.
2005-10-20 20:34:00 +00:00
Daniel J Walsh
31d65000f6 - Update from NSA
Merged default database from Ivan Gyurdiev.
Merged removal of connect requirement in policydb backend from Ivan
    Gyurdiev.
Merged commit locking fix and lock rename from Joshua Brindle.
Merged transaction rollback in lock patch from Joshua Brindle.
Changed default args for load_policy to be null, as it no longer takes a
    pathname argument and we want to preserve booleans.
Merged move local dbase initialization patch from Ivan Gyurdiev.
Merged acquire/release read lock in databases patch from Ivan Gyurdiev.
Merged rename direct -> policydb as appropriate patch from Ivan Gyurdiev.
Added calls to sepol_policy_file_set_handle interface prior to invoking
    sepol operations on policy files.
Updated call to sepol_policydb_from_image to pass the handle.
2005-10-19 20:59:28 +00:00
Daniel J Walsh
aac0cfd92e - Update from NSA
Changed default args for load_policy to be null, as it no longer takes a
    pathname argument and we want to preserve booleans.
Merged move local dbase initialization patch from Ivan Gyurdiev.
Merged acquire/release read lock in databases patch from Ivan Gyurdiev.
Merged rename direct -> policydb as appropriate patch from Ivan Gyurdiev.
Added calls to sepol_policy_file_set_handle interface prior to invoking
    sepol operations on policy files.
Updated call to sepol_policydb_from_image to pass the handle.
2005-10-18 17:58:12 +00:00
Daniel J Walsh
b18ef05931 - Update from NSA
Merged user and port APIs - policy database patch from Ivan Gyurdiev.
Converted calls to sepol link_packages and expand_module interfaces from
    using buffers to using sepol handles for error reporting, and changed
    direct_connect/disconnect to create/destroy sepol handles.
2005-10-18 13:47:26 +00:00
Daniel J Walsh
830a30016b - Update from NSA
Merged bugfix patch from Ivan Gyurdiev.
Merged seuser database patch from Ivan Gyurdiev. Merged direct user/port
    databases to the handle from Ivan Gyurdiev.
Removed obsolete include/semanage/commit_api.h (leftover). Merged seuser
    record patch from Ivan Gyurdiev.
Merged boolean and interface databases from Ivan Gyurdiev.
2005-10-15 12:27:49 +00:00
Daniel J Walsh
43db24251e - Update from NSA
Updated to use get interfaces for hidden sepol_module_package type.
Changed semanage_expand_sandbox and semanage_install_active to
    generate/install the latest policy version supported by libsepol by
    default (unless overridden by semanage.conf), since libselinux will now
    downgrade automatically for load_policy.
Merged new callback-based error reporting system and ongoing database work
    from Ivan Gyurdiev.
2005-10-14 12:32:19 +00:00
Daniel J Walsh
e479f60948 - Update from NSA
Fixed semanage_install_active() to use the same logic for selecting a
    policy version as semanage_expand_sandbox(). Dropped dead code from
    semanage_install_sandbox().
2005-10-12 19:35:45 +00:00
Daniel J Walsh
3b901573e9 - Update from NSA
Updated for changes to libsepol, and to only use types and interfaces
    provided by the shared libsepol.
2005-10-10 13:04:43 +00:00
Daniel J Walsh
6366247bd9 - Update from NSA
Merged further database work from Ivan Gyurdiev.
2005-10-07 14:20:41 +00:00
Daniel J Walsh
8b0a28a044 - Update from NSA
Merged iterate, redistribute, and dbase split patches from Ivan Gyurdiev.
2005-10-04 18:04:52 +00:00
Daniel J Walsh
b2247ee18e - Update from NSA
Merged patch series from Ivan Gyurdiev. (pointer typedef elimination, file
    renames, dbase work, backend separation)
Split interfaces from semanage.[hc] into handle.[hc], modules.[hc].
Separated handle create from connect interface.
Added a constructor for initialization.
Moved up src/include/*.h to src.
Created a symbol map file; dropped dso.h and hidden markings.
2005-10-03 13:10:57 +00:00
Daniel J Walsh
5223b3065c - Update from NSA
Split interfaces from semanage.[hc] into handle.[hc], modules.[hc].
Separated handle create from connect interface.
Added a constructor for initialization.
Moved up src/include/*.h to src.
Created a symbol map file; dropped dso.h and hidden markings.
2005-09-29 01:27:17 +00:00
Daniel J Walsh
f23f477b44 - Update from NSA
Merged dbase redesign patch from Ivan Gyurdiev.
2005-09-23 20:06:10 +00:00
Daniel J Walsh
bc7b8ad0e5 - Update from NSA
Merged boolean record, stub record handler, and status codes patches from
    Ivan Gyurdiev.
2005-09-21 18:07:02 +00:00
Daniel J Walsh
df7239b251 - Update from NSA
Merged stub iterator functionality from Ivan Gyurdiev.
Merged interface record patch from Ivan Gyurdiev.
2005-09-20 12:58:08 +00:00
Daniel J Walsh
25d2554757 - Update from NSA
Merged stub functionality for managing user and port records, and record
    table code from Ivan Gyurdiev.
Updated version for release.
2005-09-14 19:35:39 +00:00
Daniel J Walsh
c05d7ada4a - Update from NSA
Merged semod.conf template patch from Dan Walsh (Red Hat), but restored
    location to /usr/share/semod/semod.conf.
Fixed several bugs found by valgrind.
Fixed bug in prior patch for the semod_build_module_list leak.
Merged errno fix from Joshua Brindle (Tresys).
Merged fix for semod_build_modules_list leak on error path from Serge
    Hallyn (IBM). Bug found by Coverity.
2005-09-01 16:26:33 +00:00
Daniel J Walsh
b609a6d466 - Update from NSA
Merged errno fix from Joshua Brindle (Tresys).
Merged fix for semod_build_modules_list leak on error path from Serge
    Hallyn (IBM). Bug found by Coverity.
Merged several fixes from Serge Hallyn (IBM). Bugs found by Coverity.
Fixed several other bugs and warnings.
Merged patch to move module read/write code from libsemanage to libsepol
    from Jason Tang (Tresys).
Merged relay records patch from Ivan Gyurdiev.
Merged key extract patch from Ivan Gyurdiev.
2005-08-30 14:22:49 +00:00
Daniel J Walsh
4800db7954 auto-import libsemanage-1.0-1 on branch devel from
libsemanage-1.0-1.src.rpm
2005-07-28 18:05:59 +00:00
Daniel J Walsh
d5b9e1a73e Setup of module libsemanage 2005-07-28 18:05:48 +00:00