On 9/30/09 2:16 PM, "Daniel J Walsh" <dwalsh@xxxxxxxxxx> wrote:
> On 09/30/2009 01:59 PM, Stephen Smalley wrote:
>> On Wed, 2009-09-30 at 13:56 -0400, Daniel J Walsh wrote:
>>> Ubunto and Fedora have moved to a model where the initrd executes
>>> load_policy -i.
>>>
>>> This means load_policy has to be in /sbin since /usr might not be mounted.
>>
>> We had a similar change happen for setfiles, and if you look a little
>> further down in semanage_conf_init(), you'll see that we call access()
>> to check whether setfiles lives in /sbin or /usr/sbin and then set it
>> accordingly. You'll want to do the same thing here to avoid breakage on
>> systems that still have it in the old location.
>>
> Fixed patch.
>
> diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
> index 23661bf..931448f 100644
> --- a/libsemanage/src/conf-parse.y
> +++ b/libsemanage/src/conf-parse.y
> @@ -263,7 +263,13 @@ static int semanage_conf_init(semanage_conf_t * conf)
> calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) {
> return -1;
> }
> - if ((conf->load_policy->path = strdup("/usr/sbin/load_policy")) == NULL)
> {
> +
> + if (access("/sbin/load_policy", X_OK) == 0) {
> + conf->load_policy->path = strdup("/sbin/load_policy");
> + } else {
> + conf->load_policy->path = strdup("/usr/sbin/load_policy");
> + }
> + if (conf->load_policy->path == NULL)
You're missing a { there (meaning this doesn't compile...).
> return -1;
> }
> conf->load_policy->args = NULL;
> diff --git a/libsemanage/src/semanage.py b/libsemanage/src/semanage.py
> index 7c05df9..29208dd 100644
> --- a/libsemanage/src/semanage.py
> +++ b/libsemanage/src/semanage.py
Did you mean to include all the python stuff here? I'm guessing that was
included by accident?
> @@ -1,5 +1,5 @@
> # This file was automatically generated by SWIG (http://www.swig.org).
> -# Version 1.3.39
> +# Version 1.3.40
> #
> # Do not make changes to this file unless you know what you are doing--modify
> # the SWIG interface file instead.
> @@ -21,7 +21,7 @@ if version_info >= (2,6,0):
> _mod = imp.load_module('_semanage', fp, pathname,
> description)
> finally:
> fp.close()
> - return _mod
> + return _mod
> _semanage = swig_import_helper()
> del swig_import_helper
> else:
> @@ -184,6 +184,14 @@ def semanage_module_install_base_file(*args):
> return _semanage.semanage_module_install_base_file(*args)
> semanage_module_install_base_file =
> _semanage.semanage_module_install_base_file
>
> +def semanage_module_enable(*args):
> + return _semanage.semanage_module_enable(*args)
> +semanage_module_enable = _semanage.semanage_module_enable
> +
> +def semanage_module_disable(*args):
> + return _semanage.semanage_module_disable(*args)
> +semanage_module_disable = _semanage.semanage_module_disable
> +
> def semanage_module_remove(*args):
> return _semanage.semanage_module_remove(*args)
> semanage_module_remove = _semanage.semanage_module_remove
> @@ -208,6 +216,10 @@ def semanage_module_get_version(*args):
> return _semanage.semanage_module_get_version(*args)
> semanage_module_get_version = _semanage.semanage_module_get_version
>
> +def semanage_module_get_enabled(*args):
> + return _semanage.semanage_module_get_enabled(*args)
> +semanage_module_get_enabled = _semanage.semanage_module_get_enabled
> +
> def semanage_context_get_user(*args):
> return _semanage.semanage_context_get_user(*args)
> semanage_context_get_user = _semanage.semanage_context_get_user
> diff --git a/libsemanage/src/semanageswig_wrap.c
> b/libsemanage/src/semanageswig_wrap.c
> index 09e12aa..2e8946c 100644
> --- a/libsemanage/src/semanageswig_wrap.c
> +++ b/libsemanage/src/semanageswig_wrap.c
> @@ -1,6 +1,6 @@
> /*
> ----------------------------------------------------------------------------
> * This file was automatically generated by SWIG (http://www.swig.org).
> - * Version 1.3.39
> + * Version 1.3.40
> *
> * This file is not intended to be easily readable and contains a number of
> * coding conventions designed to improve portability and efficiency. Do not
> make
> @@ -725,7 +725,7 @@ SWIG_UnpackDataName(const char *c, void *ptr, size_t sz,
> const char *name) {
>
>
>
> -/* Compatibility marcos for Python 3 */
> +/* Compatibility macros for Python 3 */
> #if PY_VERSION_HEX >= 0x03000000
>
> #define PyClass_Check(obj) PyObject_IsInstance(obj, (PyObject *)&PyType_Type)
> @@ -758,7 +758,7 @@ SWIG_Python_str_AsChar(PyObject *str)
> #if PY_VERSION_HEX >= 0x03000000
> char *cstr;
> char *newstr;
> - int len;
> + Py_ssize_t len;
> str = PyUnicode_AsUTF8String(str);
> PyBytes_AsStringAndSize(str, &cstr, &len);
> newstr = (char *) malloc(len+1);
> @@ -1448,9 +1448,7 @@ SwigPyObject_repr(SwigPyObject *v, PyObject *args)
> #endif
> {
> const char *name = SWIG_TypePrettyName(v->ty);
> - PyObject *hex = SwigPyObject_hex(v);
> - PyObject *repr = SWIG_Python_str_FromFormat("<Swig Object of type '%s' at
> %p>", name, hex);
> - Py_DECREF(hex);
> + PyObject *repr = SWIG_Python_str_FromFormat("<Swig Object of type '%s' at
> %p>", name, v);
> if (v->next) {
> #ifdef METH_NOARGS
> PyObject *nrep = SwigPyObject_repr((SwigPyObject *)v->next);
> @@ -1505,7 +1503,7 @@ SwigPyObject_compare(SwigPyObject *v, SwigPyObject *w)
> return (i < j) ? -1 : ((i > j) ? 1 : 0);
> }
>
> -/* Added for Python 3.x, whould it also useful for Python 2.x? */
> +/* Added for Python 3.x, would it also be useful for Python 2.x? */
> SWIGRUNTIME PyObject*
> SwigPyObject_richcompare(SwigPyObject *v, SwigPyObject *w, int op)
> {
> @@ -1553,7 +1551,7 @@ SwigPyObject_dealloc(PyObject *v)
> /* destroy is always a VARARGS method */
> PyObject *res;
> if (data->delargs) {
> - /* we need to create a temporal object to carry the destroy operation */
> + /* we need to create a temporary object to carry the destroy operation */
> PyObject *tmp = SwigPyObject_New(sobj->ptr, ty, 0);
> res = SWIG_Python_CallFunctor(destroy, tmp);
> Py_DECREF(tmp);
> @@ -1754,7 +1752,7 @@ _PySwigObject_type(void) {
> if (!type_init) {
> const PyTypeObject tmp
> = {
> - /* PyOjbect header changed in Python 3 */
> + /* PyObject header changed in Python 3 */
> #if PY_VERSION_HEX >= 0x03000000
> PyVarObject_HEAD_INIT(&PyType_Type, 0)
> #else
> @@ -1773,7 +1771,7 @@ _PySwigObject_type(void) {
> #endif
> (setattrfunc)0, /* tp_setattr */
> #if PY_VERSION_HEX >= 0x03000000
> - 0, /* tp_reserved in 3.0.1 */
> + 0, /* tp_reserved in 3.0.1, tp_compare in 3.0.0 but not used */
> #else
> (cmpfunc)SwigPyObject_compare, /* tp_compare */
> #endif
> @@ -1823,7 +1821,7 @@ _PySwigObject_type(void) {
> #endif
> };
> swigpyobject_type = tmp;
> - /* for Python 3 we already assigned the ob_type in
> PyVarObject_HEAD_INIT() */
> + /* for Python 3 we already assigned ob_type in PyVarObject_HEAD_INIT() */
> #if PY_VERSION_HEX < 0x03000000
> swigpyobject_type.ob_type = &PyType_Type;
> #endif
> @@ -2230,10 +2228,10 @@ SWIG_Python_ConvertFunctionPtr(PyObject *obj, void
> **ptr, swig_type_info *ty) {
> /* here we get the method pointer for callbacks */
> const char *doc = (((PyCFunctionObject *)obj) -> m_ml -> ml_doc);
> const char *desc = doc ? strstr(doc, "swig_ptr: ") : 0;
> - if (desc) {
> + if (desc)
> desc = ty ? SWIG_UnpackVoidPtr(desc + 10, &vptr, ty->name) : 0;
> - if (!desc) return SWIG_ERROR;
> - }
> + if (!desc)
> + return SWIG_ERROR;
> if (ty) {
> swig_cast_info *tc = SWIG_TypeCheck(desc,ty);
> if (tc) {
> @@ -2271,7 +2269,7 @@ SWIG_Python_ConvertPacked(PyObject *obj, void *ptr,
> size_t sz, swig_type_info *t
> *
> -----------------------------------------------------------------------------
> */
>
> /*
> - Create a new instance object, whitout calling __init__, and set the
> + Create a new instance object, without calling __init__, and set the
> 'this' attribute.
> */
>
> @@ -2739,7 +2737,7 @@ static swig_module_info swig_module = {swig_types, 54,
> 0, 0, 0, 0};
> #endif
> #define SWIG_name "_semanage"
>
> -#define SWIGVERSION 0x010339
> +#define SWIGVERSION 0x010340
> #define SWIG_VERSION SWIGVERSION
>
>
> @@ -3912,6 +3910,74 @@ fail:
> }
>
>
> +SWIGINTERN PyObject *_wrap_semanage_module_enable(PyObject
> *SWIGUNUSEDPARM(self), PyObject *args) {
> + PyObject *resultobj = 0;
> + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ;
> + char *arg2 = (char *) 0 ;
> + void *argp1 = 0 ;
> + int res1 = 0 ;
> + int res2 ;
> + char *buf2 = 0 ;
> + int alloc2 = 0 ;
> + PyObject * obj0 = 0 ;
> + PyObject * obj1 = 0 ;
> + int result;
> +
> + if (!PyArg_ParseTuple(args,(char
> *)"OO:semanage_module_enable",&obj0,&obj1)) SWIG_fail;
> + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 );
> + if (!SWIG_IsOK(res1)) {
> + SWIG_exception_fail(SWIG_ArgError(res1), "in method '"
> "semanage_module_enable" "', argument " "1"" of type '" "semanage_handle_t
> *""'");
> + }
> + arg1 = (semanage_handle_t *)(argp1);
> + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
> + if (!SWIG_IsOK(res2)) {
> + SWIG_exception_fail(SWIG_ArgError(res2), "in method '"
> "semanage_module_enable" "', argument " "2"" of type '" "char *""'");
> + }
> + arg2 = (char *)(buf2);
> + result = (int)semanage_module_enable(arg1,arg2);
> + resultobj = SWIG_From_int((int)(result));
> + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
> + return resultobj;
> +fail:
> + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
> + return NULL;
> +}
> +
> +
> +SWIGINTERN PyObject *_wrap_semanage_module_disable(PyObject
> *SWIGUNUSEDPARM(self), PyObject *args) {
> + PyObject *resultobj = 0;
> + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ;
> + char *arg2 = (char *) 0 ;
> + void *argp1 = 0 ;
> + int res1 = 0 ;
> + int res2 ;
> + char *buf2 = 0 ;
> + int alloc2 = 0 ;
> + PyObject * obj0 = 0 ;
> + PyObject * obj1 = 0 ;
> + int result;
> +
> + if (!PyArg_ParseTuple(args,(char
> *)"OO:semanage_module_disable",&obj0,&obj1)) SWIG_fail;
> + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 );
> + if (!SWIG_IsOK(res1)) {
> + SWIG_exception_fail(SWIG_ArgError(res1), "in method '"
> "semanage_module_disable" "', argument " "1"" of type '" "semanage_handle_t
> *""'");
> + }
> + arg1 = (semanage_handle_t *)(argp1);
> + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
> + if (!SWIG_IsOK(res2)) {
> + SWIG_exception_fail(SWIG_ArgError(res2), "in method '"
> "semanage_module_disable" "', argument " "2"" of type '" "char *""'");
> + }
> + arg2 = (char *)(buf2);
> + result = (int)semanage_module_disable(arg1,arg2);
> + resultobj = SWIG_From_int((int)(result));
> + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
> + return resultobj;
> +fail:
> + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
> + return NULL;
> +}
> +
> +
> SWIGINTERN PyObject *_wrap_semanage_module_remove(PyObject
> *SWIGUNUSEDPARM(self), PyObject *args) {
> PyObject *resultobj = 0;
> semanage_handle_t *arg1 = (semanage_handle_t *) 0 ;
> @@ -4082,6 +4148,28 @@ fail:
> }
>
>
> +SWIGINTERN PyObject *_wrap_semanage_module_get_enabled(PyObject
> *SWIGUNUSEDPARM(self), PyObject *args) {
> + PyObject *resultobj = 0;
> + semanage_module_info_t *arg1 = (semanage_module_info_t *) 0 ;
> + void *argp1 = 0 ;
> + int res1 = 0 ;
> + PyObject * obj0 = 0 ;
> + int result;
> +
> + if (!PyArg_ParseTuple(args,(char *)"O:semanage_module_get_enabled",&obj0))
> SWIG_fail;
> + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_module_info, 0 | 0
> );
> + if (!SWIG_IsOK(res1)) {
> + SWIG_exception_fail(SWIG_ArgError(res1), "in method '"
> "semanage_module_get_enabled" "', argument " "1"" of type '"
> "semanage_module_info_t *""'");
> + }
> + arg1 = (semanage_module_info_t *)(argp1);
> + result = (int)semanage_module_get_enabled(arg1);
> + resultobj = SWIG_From_int((int)(result));
> + return resultobj;
> +fail:
> + return NULL;
> +}
> +
> +
> SWIGINTERN PyObject *_wrap_semanage_context_get_user(PyObject
> *SWIGUNUSEDPARM(self), PyObject *args) {
> PyObject *resultobj = 0;
> semanage_context_t *arg1 = (semanage_context_t *) 0 ;
> @@ -11783,12 +11871,15 @@ static PyMethodDef SwigMethods[] = {
> { (char *)"semanage_module_upgrade_file",
> _wrap_semanage_module_upgrade_file, METH_VARARGS, NULL},
> { (char *)"semanage_module_install_base",
> _wrap_semanage_module_install_base, METH_VARARGS, NULL},
> { (char *)"semanage_module_install_base_file",
> _wrap_semanage_module_install_base_file, METH_VARARGS, NULL},
> + { (char *)"semanage_module_enable", _wrap_semanage_module_enable,
> METH_VARARGS, NULL},
> + { (char *)"semanage_module_disable", _wrap_semanage_module_disable,
> METH_VARARGS, NULL},
> { (char *)"semanage_module_remove", _wrap_semanage_module_remove,
> METH_VARARGS, NULL},
> { (char *)"semanage_module_list", _wrap_semanage_module_list,
> METH_VARARGS, NULL},
> { (char *)"semanage_module_info_datum_destroy",
> _wrap_semanage_module_info_datum_destroy, METH_VARARGS, NULL},
> { (char *)"semanage_module_list_nth", _wrap_semanage_module_list_nth,
> METH_VARARGS, NULL},
> { (char *)"semanage_module_get_name", _wrap_semanage_module_get_name,
> METH_VARARGS, NULL},
> { (char *)"semanage_module_get_version",
> _wrap_semanage_module_get_version, METH_VARARGS, NULL},
> + { (char *)"semanage_module_get_enabled",
> _wrap_semanage_module_get_enabled, METH_VARARGS, NULL},
> { (char *)"semanage_context_get_user", _wrap_semanage_context_get_user,
> METH_VARARGS, NULL},
> { (char *)"semanage_context_set_user", _wrap_semanage_context_set_user,
> METH_VARARGS, NULL},
> { (char *)"semanage_context_get_role", _wrap_semanage_context_get_role,
> METH_VARARGS, NULL},
> @@ -12631,7 +12722,7 @@ extern "C" {
> (char *)"swigvarlink", /* Type name (tp_name) */
> sizeof(swig_varlinkobject), /* Basic size (tp_basicsize) */
> 0, /* Itemsize (tp_itemsize) */
> - (destructor) swig_varlink_dealloc, /* Deallocator (tp_dealloc) */
> + (destructor) swig_varlink_dealloc, /* Deallocator (tp_dealloc) */
> (printfunc) swig_varlink_print, /* Print (tp_print) */
> (getattrfunc) swig_varlink_getattr, /* get attr (tp_getattr) */
> (setattrfunc) swig_varlink_setattr, /* Set attr (tp_setattr) */
> @@ -12642,7 +12733,7 @@ extern "C" {
> 0, /* tp_as_mapping */
> 0, /* tp_hash */
> 0, /* tp_call */
> - (reprfunc)swig_varlink_str, /* tp_str */
> + (reprfunc) swig_varlink_str, /* tp_str */
> 0, /* tp_getattro */
> 0, /* tp_setattro */
> 0, /* tp_as_buffer */
> @@ -12663,7 +12754,7 @@ extern "C" {
> #endif
> };
> varlink_type = tmp;
> - /* for Python 3 we already assigned the ob_type in
> PyVarObject_HEAD_INIT() */
> + /* for Python 3 we already assigned ob_type in PyVarObject_HEAD_INIT()
> */
> #if PY_VERSION_HEX < 0x03000000
> varlink_type.ob_type = &PyType_Type;
> #endif
> diff --git a/policycoreutils/load_policy/Makefile
> b/policycoreutils/load_policy/Makefile
> index 2dd2943..91dc6c8 100644
> --- a/policycoreutils/load_policy/Makefile
> +++ b/policycoreutils/load_policy/Makefile
> @@ -1,6 +1,7 @@
> # Installation directories.
> PREFIX ?= ${DESTDIR}/usr
> -SBINDIR ?= $(PREFIX)/sbin
> +SBINDIR ?= $(DESTDIR)/sbin
> +USRSBINDIR ?= $(PREFIX)/sbin
> MANDIR ?= $(PREFIX)/share/man
> LOCALEDIR ?= /usr/share/locale
>
> @@ -17,6 +18,8 @@ install: all
> install -m 755 $(TARGETS) $(SBINDIR)
> test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
> install -m 644 load_policy.8 $(MANDIR)/man8/
> + -mkdir -p $(USRSBINDIR)
> + ln -s /sbin/load_policy $(USRSBINDIR)/load_policy
>
Shouldn't that be ln -sf, to make sure we blow away any old version of load
policy that might exist in /usr/sbin?
> clean:
> -rm -f $(TARGETS) *.o
Assuming you don't want the python stuff, I can make the other two fixes and
merge.
Thanks,
Chad
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
