PERFORCE change 95805 for review
Todd Miller
millert at FreeBSD.org
Fri Apr 21 17:45:10 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=95805
Change 95805 by millert at millert_g5tower on 2006/04/21 17:43:50
Adapt to selinux userland update
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 (text+ko) ====
@@ -81,8 +81,8 @@
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = "$(SYSTEM_LIBRARY_DIR)/Frameworks/AppKit.framework/Headers/AppKit.h";
INFOPLIST_FILE = plugins/SEDarwin/Info.plist;
- OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include -I../../../sedarwin";
- OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../libmac -lmac -L../../../sedarwin/libselinux/src -lselinux";
+ OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include";
+ OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../../sedarwin/libselinux/src -lselinux -L../../../sedarwin/libsepol/src -lsepol -L../../../sedarwin/libsecompat -lsecompat -L../../libmac -lmac";
OTHER_REZFLAGS = "";
PRODUCT_NAME = SEDarwin;
SECTORDER_FLAGS = "";
==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 (text+ko) ====
@@ -6,8 +6,8 @@
#include <sys/types.h>
#include <sys/mac.h>
#include <pwd.h>
+#include <selinux/selinux.h>
#include <selinux/get_context_list.h>
-#include <sedarwin/sebsd.h>
@interface SEDarwin : NSObject <MACpolicyPlugin>
{
==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 (text+ko) ====
@@ -41,7 +41,7 @@
return;
}
- if (!sebsd_enabled())
+ if (!is_selinux_enabled())
return;
/*
@@ -88,7 +88,7 @@
}
/* XXX - use SELINUX_DEFAULTUSER and fill in selector if not enabled? */
- if (!sebsd_enabled())
+ if (!is_selinux_enabled())
return (MAC_LOGIN_OK);
/*
==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 (text+ko) ====
@@ -7,9 +7,11 @@
Extra_CC_Flags =-I../../pam/pam/libpam/include/pam/ \
-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd/ \
-idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk \
- -I../../../sedarwin -I../../../sedarwin/libselinux/include
+ -I../../../sedarwin/libselinux/include
Extra_LD_Flags =-L../../../sedarwin/libselinux/src/ -lselinux \
+ -L../../../sedarwin/libsepol/src/ -lsepol \
+ -L../../../sedarwin/libsecompat/ -lsecompat \
-L../../libmac/ -lmac
include ../PAMModule.defs
==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 (text+ko) ====
@@ -32,8 +32,8 @@
#define _BSD_SOURCE
#include <sys/types.h>
#include <sys/mac.h>
+#include <selinux/selinux.h>
#include <selinux/get_context_list.h>
-#include <sedarwin/sebsd.h>
#include <ctype.h>
#include <stdio.h>
@@ -115,7 +115,7 @@
int ncontexts, retval, which;
/* XXX - use SELINUX_DEFAULTUSER if not enabled? */
- if (!sebsd_enabled()) {
+ if (!is_selinux_enabled()) {
syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__);
return (PAM_SUCCESS);
}
@@ -171,7 +171,7 @@
mac_t label;
int retval;
- if (!sebsd_enabled()) {
+ if (!is_selinux_enabled()) {
syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__);
return (PAM_SUCCESS);
}
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 (text+ko) ====
@@ -2,7 +2,8 @@
#import "LabelDialog.h"
#import <Cocoa/Cocoa.h>
#import <sys/mac.h>
-#import <sedarwin/sebsd.h>
+//#import <selinux/sebsd.h>
+#import <selinux/selinux.h>
const char *filename;
char *initial;
@@ -10,9 +11,6 @@
char **users, **roles, **types;
size_t nusers, nroles, ntypes;
-extern int security_get_file_contexts(const char *fromcontext, char ***retcontexts, size_t *ncontexts);
-extern char *getseccontext(void);
-
static void addstring (char **ar, size_t *n, char *in)
{
int i;
@@ -55,8 +53,16 @@
char **filelabels;
size_t nfilelabels;
- if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels))
+ char *seccon;
+
+ if (getcon(&seccon)) {
+ fprintf(stderr, "Failed to get the current security context\n");
+ exit(1);
+ }
+ if (security_get_file_contexts (seccon, &filelabels, &nfilelabels))
+// if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels))
exit (1);
+ free(seccon);
users = (char **) malloc (sizeof (char *) * (1+nfilelabels));
roles = (char **) malloc (sizeof (char *) * (1+nfilelabels));
types = (char **) malloc (sizeof (char *) * (1+nfilelabels));
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 (text+ko) ====
@@ -173,7 +173,7 @@
HEADER_SEARCH_PATHS = "";
INSTALL_PATH = "/Applications";
LIBRARY_SEARCH_PATHS = "";
- OTHER_CFLAGS = "-I../.. -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk";
+ OTHER_CFLAGS = "-I../../libselinux/include -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk";
OTHER_LDFLAGS = "../../libselinux/src/libselinux.a ../../../darwin/libmac/libmac.a";
PRODUCT_NAME = relabel;
SECTORDER_FLAGS = "";
More information about the trustedbsd-cvs
mailing list