Basically we need to search for all interfaces that return an int and
set those up as python exception handlers.
--- nsalibselinux/src/selinuxswig.i 2009-03-12 08:48:48.000000000 -0400
+++ libselinux-2.0.81/src/selinuxswig.i 2009-05-18 14:04:07.000000000 -0400
@@ -4,11 +4,14 @@
%module selinux
%{
- #include "selinux/selinux.h"
#include "../include/selinux/avc.h"
- #include "../include/selinux/selinux.h"
- #include "../include/selinux/get_default_type.h"
+ #include "../include/selinux/av_permissions.h"
+ #include "../include/selinux/context.h"
+ #include "../include/selinux/flask.h"
#include "../include/selinux/get_context_list.h"
+ #include "../include/selinux/get_default_type.h"
+ #include "../include/selinux/label.h"
+ #include "../include/selinux/selinux.h"
%}
%apply int *OUTPUT { int *enforce };
%apply int *OUTPUT { size_t * };
@@ -55,8 +58,11 @@
%ignore avc_netlink_release_fd;
%ignore avc_netlink_check_nb;
-%include "../include/selinux/selinux.h"
%include "../include/selinux/avc.h"
-%include "../include/selinux/get_default_type.h"
+%include "../include/selinux/av_permissions.h"
+%include "../include/selinux/context.h"
+%include "../include/selinux/flask.h"
%include "../include/selinux/get_context_list.h"
-
+%include "../include/selinux/get_default_type.h"
+%include "../include/selinux/label.h"
+%include "../include/selinux/selinux.h"
--- nsalibselinux/src/Makefile 2009-03-06 14:41:45.000000000 -0500
+++ libselinux-2.0.81/src/Makefile 2009-05-18 14:04:07.000000000 -0400
@@ -82,6 +82,9 @@
$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
ln -sf $@ $(TARGET)
+selinuxswig_exception.i: ../include/selinux/selinux.h
+ sh exception.sh > $@
+
audit2why.lo: audit2why.c
$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
@@ -100,8 +103,8 @@
$(SWIGRUBYCOUT): $(SWIGRUBYIF)
$(SWIGRUBY) $^
-swigify: $(SWIGIF)
- $(SWIG) $^
+swigify: $(SWIGIF) selinuxswig_exception.i
+ $(SWIG) $<
install: all
test -d $(LIBDIR) || install -m 755 -d $(LIBDIR)
@@ -124,7 +127,7 @@
/sbin/restorecon $(SHLIBDIR)/$(LIBSO)
clean:
- -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~
+ -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~ selinuxswig_exception.i
distclean: clean
rm -f $(GENERATED) $(SWIGFILES)
--- nsalibselinux/src/exception.sh 1969-12-31 19:00:00.000000000 -0500
+++ libselinux-2.0.81/src/exception.sh 2009-05-18 14:04:07.000000000 -0400
@@ -0,0 +1,12 @@
+function except() {
+echo "
+%exception $1 {
+ \$action
+ if (result < 0) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ return NULL;
+ }
+}
+"
+}
+for i in `grep "extern *int" ../include/selinux/selinux.h | awk '{ print $3 }' | cut -d '(' -f 1`; do except $i ; done
--- nsalibselinux/src/selinuxswig_python.i 2009-03-06 14:41:45.000000000 -0500
+++ libselinux-2.0.81/src/selinuxswig_python.i 2009-05-18 14:04:07.000000000 -0400
@@ -21,6 +21,15 @@
map(restorecon, [os.path.join(dirname, fname)
for fname in fnames]), None)
+def copytree(src, dest):
+ """ An SELinux-friendly shutil.copytree method """
+ shutil.copytree(src, dest)
+ restorecon(dest, recursive=True)
+
+def install(src, dest):
+ """ An SELinux-friendly shutil.move method """
+ shutil.move(src, dest)
+ restorecon(dest, recursive=True)
%}
/* security_get_boolean_names() typemap */
@@ -150,4 +159,5 @@
free($1);
}
+%include "selinuxswig_exception.i"
%include "selinuxswig.i"
