276 lines
8.7 KiB
Diff
276 lines
8.7 KiB
Diff
diff --exclude-from=exclude -N -u -r nsalibsepol/include/sepol/sepol.h libsepol-1.3.6/include/sepol/sepol.h
|
|
--- nsalibsepol/include/sepol/sepol.h 2005-02-17 17:55:48.000000000 -0500
|
|
+++ libsepol-1.3.6/include/sepol/sepol.h 2005-02-25 10:18:10.000000000 -0500
|
|
@@ -32,5 +32,6 @@
|
|
/* Check context validity against currently set binary policy. */
|
|
extern int sepol_check_context(char *context);
|
|
|
|
-
|
|
+/* Turn on or off sepol error messages. */
|
|
+extern void sepol_debug(int on);
|
|
#endif
|
|
diff --exclude-from=exclude -N -u -r nsalibsepol/src/genbools.c libsepol-1.3.6/src/genbools.c
|
|
--- nsalibsepol/src/genbools.c 2005-02-25 09:44:03.000000000 -0500
|
|
+++ libsepol-1.3.6/src/genbools.c 2005-02-25 09:50:17.000000000 -0500
|
|
@@ -87,7 +87,7 @@
|
|
pf.data = data;
|
|
pf.len = len;
|
|
if (policydb_read(&policydb,&pf, 0)) {
|
|
- fprintf(stderr, "Can't read binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't read binary policy: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -97,12 +97,12 @@
|
|
sepol_set_policyvers(policydb.policyvers);
|
|
|
|
if (load_booleans(&policydb, booleans) < 0) {
|
|
- fprintf(stderr, "Warning! Error while reading %s: %s\n",
|
|
+ __sepol_debug_printf("Warning! Error while reading %s: %s\n",
|
|
booleans, strerror(errno));
|
|
}
|
|
|
|
if (evaluate_conds(&policydb) < 0) {
|
|
- fprintf(stderr, "Error while re-evaluating conditionals: %s\n",
|
|
+ __sepol_debug_printf("Error while re-evaluating conditionals: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -111,7 +111,7 @@
|
|
pf.len = len;
|
|
rc = policydb_write(&policydb, &pf);
|
|
if (rc) {
|
|
- fprintf(stderr, "Can't write binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't write binary policy: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -129,7 +129,7 @@
|
|
pf.data = data;
|
|
pf.len = len;
|
|
if (policydb_read(&policydb,&pf, 0)) {
|
|
- fprintf(stderr, "Can't read binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't read binary policy: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -154,7 +154,7 @@
|
|
}
|
|
|
|
if (evaluate_conds(&policydb) < 0) {
|
|
- fprintf(stderr, "Error while re-evaluating conditionals: %s\n",
|
|
+ __sepol_debug_printf("Error while re-evaluating conditionals: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -163,7 +163,7 @@
|
|
pf.len = len;
|
|
rc = policydb_write(&policydb, &pf);
|
|
if (rc) {
|
|
- fprintf(stderr, "Can't write binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't write binary policy: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
diff --exclude-from=exclude -N -u -r nsalibsepol/src/genusers.c libsepol-1.3.6/src/genusers.c
|
|
--- nsalibsepol/src/genusers.c 2005-02-25 09:44:03.000000000 -0500
|
|
+++ libsepol-1.3.6/src/genusers.c 2005-02-25 14:44:19.680658712 -0500
|
|
@@ -7,12 +7,25 @@
|
|
|
|
#include <sepol/policydb.h>
|
|
#include <sepol/mls.h>
|
|
+#include <stdarg.h>
|
|
|
|
#include "private.h"
|
|
|
|
+static int gdebug=1;
|
|
+
|
|
+void sepol_debug(int on) { gdebug=on; };
|
|
+
|
|
+void __sepol_debug_printf(const char *fmt, ...) {
|
|
+ if (gdebug) {
|
|
+ va_list ap;
|
|
+ va_start(ap, fmt);
|
|
+ vfprintf (stderr, fmt, ap);
|
|
+ va_end(ap);
|
|
+ }
|
|
+}
|
|
#undef BADLINE
|
|
#define BADLINE() { \
|
|
- fprintf(stderr, "%s: invalid entry %s on line %u\n", \
|
|
+ __sepol_debug_printf("%s: invalid entry %s on line %u\n", \
|
|
path, buffer, lineno); \
|
|
continue; \
|
|
}
|
|
@@ -68,10 +81,11 @@
|
|
/* Adding a new user definition. */
|
|
usrdatum = (user_datum_t *) malloc(sizeof(user_datum_t));
|
|
if (!id || !usrdatum) {
|
|
- fprintf(stderr, "%s: out of memory for %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
|
|
path, buffer, lineno);
|
|
errno = ENOMEM;
|
|
free(buffer);
|
|
+ fclose(fp);
|
|
return -1;
|
|
}
|
|
memset(usrdatum, 0, sizeof(user_datum_t));
|
|
@@ -81,10 +95,11 @@
|
|
rc = hashtab_insert(policydb->p_users.table,
|
|
id, (hashtab_datum_t) usrdatum);
|
|
if (rc) {
|
|
- fprintf(stderr, "%s: out of memory for %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
|
|
path, buffer, lineno);
|
|
errno = ENOMEM;
|
|
free(buffer);
|
|
+ fclose(fp);
|
|
return -1;
|
|
}
|
|
}
|
|
@@ -128,7 +143,7 @@
|
|
|
|
roldatum = hashtab_search(policydb->p_roles.table, q);
|
|
if (!roldatum) {
|
|
- fprintf(stderr, "%s: undefined role %s in %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: undefined role %s in %s on line %u\n",
|
|
path, q, buffer, lineno);
|
|
continue;
|
|
}
|
|
@@ -136,7 +151,7 @@
|
|
for (bit = ebitmap_startbit(&roldatum->dominates); bit < ebitmap_length(&roldatum->dominates); bit++) {
|
|
if (ebitmap_get_bit(&roldatum->dominates, bit))
|
|
if (ebitmap_set_bit(&usrdatum->roles, bit, 1)) {
|
|
- fprintf(stderr, "%s: out of memory for %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
|
|
path, buffer, lineno);
|
|
errno = ENOMEM;
|
|
free(buffer);
|
|
@@ -172,10 +187,11 @@
|
|
|
|
scontext = malloc(p - q);
|
|
if (!scontext) {
|
|
- fprintf(stderr, "%s: out of memory for %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
|
|
path, buffer, lineno);
|
|
errno = ENOMEM;
|
|
free(buffer);
|
|
+ fclose(fp);
|
|
return -1;
|
|
}
|
|
r = scontext;
|
|
@@ -191,7 +207,7 @@
|
|
context_init(&context);
|
|
rc = mls_context_to_sid(policydb, oldc, &r, &context);
|
|
if (rc) {
|
|
- fprintf(stderr, "%s: invalid level %s in %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: invalid level %s in %s on line %u\n",
|
|
path, scontext, buffer, lineno);
|
|
free(scontext);
|
|
continue;
|
|
@@ -218,10 +234,11 @@
|
|
|
|
scontext = malloc(p - q);
|
|
if (!scontext) {
|
|
- fprintf(stderr, "%s: out of memory for %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: out of memory for %s on line %u\n",
|
|
path, buffer, lineno);
|
|
errno = ENOMEM;
|
|
free(buffer);
|
|
+ fclose(fp);
|
|
return -1;
|
|
}
|
|
r = scontext;
|
|
@@ -237,7 +254,7 @@
|
|
context_init(&context);
|
|
rc = mls_context_to_sid(policydb, oldc, &r, &context);
|
|
if (rc) {
|
|
- fprintf(stderr, "%s: invalid range %s in %s on line %u\n",
|
|
+ __sepol_debug_printf("%s: invalid range %s in %s on line %u\n",
|
|
path, scontext, buffer, lineno);
|
|
free(scontext);
|
|
continue;
|
|
@@ -248,7 +265,7 @@
|
|
}
|
|
|
|
free(buffer);
|
|
-
|
|
+ fclose(fp);
|
|
return 0;
|
|
}
|
|
|
|
@@ -334,7 +351,7 @@
|
|
pf.data = data;
|
|
pf.len = len;
|
|
if (policydb_read(&policydb,&pf, 0)) {
|
|
- fprintf(stderr, "%s: Can't read binary policy: %s\n",
|
|
+ __sepol_debug_printf("%s: Can't read binary policy: %s\n",
|
|
__FUNCTION__, strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -342,7 +359,7 @@
|
|
/* Load base set of system users from the policy package. */
|
|
snprintf(path, sizeof path, "%s/system.users", usersdir);
|
|
if (load_users(&policydb, path) < 0) {
|
|
- fprintf(stderr, "%s: Can't load system.users: %s\n",
|
|
+ __sepol_debug_printf("%s: Can't load system.users: %s\n",
|
|
__FUNCTION__, strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -350,7 +367,7 @@
|
|
/* Load locally defined users. */
|
|
snprintf(path, sizeof path, "%s/local.users", usersdir);
|
|
if (load_users(&policydb, path) < 0) {
|
|
- fprintf(stderr, "%s: Can't load local.users: %s\n",
|
|
+ __sepol_debug_printf("%s: Can't load local.users: %s\n",
|
|
__FUNCTION__, strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -374,7 +391,7 @@
|
|
pf.len = 0;
|
|
rc = policydb_write(&policydb, &pf);
|
|
if (rc) {
|
|
- fprintf(stderr, "Can't compute length of binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't compute length of binary policy: %s\n",
|
|
strerror(errno));
|
|
return -1;
|
|
}
|
|
@@ -383,7 +400,7 @@
|
|
pf.type = PF_USE_MEMORY;
|
|
pf.data = malloc(pf.len);
|
|
if (!pf.data) {
|
|
- fprintf(stderr, "%s: %s\n", __FUNCTION__, strerror(errno));
|
|
+ __sepol_debug_printf("%s: %s\n", __FUNCTION__, strerror(errno));
|
|
return -1;
|
|
}
|
|
|
|
@@ -394,7 +411,7 @@
|
|
/* Write out the new binary policy image. */
|
|
rc = policydb_write(&policydb, &pf);
|
|
if (rc) {
|
|
- fprintf(stderr, "Can't write binary policy: %s\n",
|
|
+ __sepol_debug_printf("Can't write binary policy: %s\n",
|
|
strerror(errno));
|
|
free(pf.data);
|
|
return -1;
|
|
diff --exclude-from=exclude -N -u -r nsalibsepol/src/libsepol.map libsepol-1.3.6/src/libsepol.map
|
|
--- nsalibsepol/src/libsepol.map 2005-02-17 17:55:49.000000000 -0500
|
|
+++ libsepol-1.3.6/src/libsepol.map 2005-02-25 10:19:28.000000000 -0500
|
|
@@ -1,4 +1,4 @@
|
|
{
|
|
- global: sepol_genbools*; sepol_set_policydb_from_file; sepol_check_context; sepol_genusers;
|
|
+ global: sepol_genbools*; sepol_set_policydb_from_file; sepol_check_context; sepol_genusers; sepol_debug;
|
|
local: *;
|
|
};
|
|
diff --exclude-from=exclude -N -u -r nsalibsepol/src/private.h libsepol-1.3.6/src/private.h
|
|
--- nsalibsepol/src/private.h 2005-02-07 10:23:04.000000000 -0500
|
|
+++ libsepol-1.3.6/src/private.h 2005-02-25 10:20:39.000000000 -0500
|
|
@@ -25,6 +25,7 @@
|
|
};
|
|
|
|
extern struct policydb_compat_info *policydb_lookup_compat(int version);
|
|
+extern void __sepol_debug_printf(const char *fmt, ...);
|
|
|
|
/* Reading from a policy "file". */
|
|
static inline void *next_entry(struct policy_file * fp, size_t bytes)
|