SELinux Project contribution of mcstrans. mcstrans is a userland package specific to SELinux which allows system administrators to define sensitivity levels and categories and provides a daemon for their translation into human readable form. This version is a merge of Joe Nalls git tree (
http://github.com/joenall/mcstrans) and patches supplied by Dan Walsh and others at RedHat.
Utilities.
---
Makefile | 41 +++++++++++++++++++++++++++++++++++++++++
callgrind-mcstransd | 5 +++++
transcon.c | 30 ++++++++++++++++++++++++++++++
untranscon.c | 28 ++++++++++++++++++++++++++++
valgrind-mcstransd | 5 +++++
5 files changed, 109 insertions(+)
diff --git a/policycoreutils/mcstrans/utils/Makefile b/policycoreutils/mcstrans/utils/Makefile
new file mode 100644
index 0000000..1ffb027
--- /dev/null
+++ b/policycoreutils/mcstrans/utils/Makefile
@@ -0,0 +1,41 @@
+# Installation directories.
+PREFIX ?= $(DESTDIR)/usr
+BINDIR ?= $(PREFIX)/sbin
+
+ARCH = $(shell uname -i)
+ifeq "$(ARCH)" "x86_64"
+ # In case of 64 bit system, use these lines
+ LIBDIR=/usr/lib64
+else
+ifeq "$(ARCH)" "i686"
+ # In case of 32 bit system, use these lines
+ LIBDIR=/usr/lib
+else
+ifeq "$(ARCH)" "i386"
+ # In case of 32 bit system, use these lines
+ LIBDIR=/usr/lib
+endif
+endif
+endif
+
+
+CFLAGS ?= -Wall
+override CFLAGS += -I../src -D_GNU_SOURCE
+LDLIBS += -L../src ../src/mcstrans.o ../src/mls_level.o -lselinux -lpcre $(LIBDIR)/libsepol.a
+
+TARGETS=$(patsubst %.c,%,$(wildcard *.c))
+
+all: $(TARGETS)
+
+install: all
+ -mkdir -p $(BINDIR)
+ install -m 755 $(TARGETS) $(BINDIR)
+
+test:
+ ./mlstrans-test-runner.py ../test/*.test
+
+clean:
+ rm -f $(TARGETS) *.o *~ \#*
+
+relabel:
+
diff --git a/policycoreutils/mcstrans/utils/callgrind-mcstransd b/policycoreutils/mcstrans/utils/callgrind-mcstransd
new file mode 100644
index 0000000..f494b24
--- /dev/null
+++ b/policycoreutils/mcstrans/utils/callgrind-mcstransd
@@ -0,0 +1,5 @@
+#!/bin/bash
+service mcstrans stop
+cd ~root
+runcon -u system_u -r system_r -t setrans_t -l s15:c0.c1023 -- valgrind --tool=callgrind /usr/src/redhat/BUILD/*/src/mcstransd
+run_init /etc/init.d/mcstrans start
diff --git a/policycoreutils/mcstrans/utils/transcon.c b/policycoreutils/mcstrans/utils/transcon.c
new file mode 100644
index 0000000..5189f0f
--- /dev/null
+++ b/policycoreutils/mcstrans/utils/transcon.c
@@ -0,0 +1,30 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <getopt.h>
+#include <errno.h>
+#include <string.h>
+#include <selinux/selinux.h>
+#include "mcstrans.h"
+
+void usage(const char *progname)
+{
+ fprintf(stderr, "usage: %s context\n", progname);
+ exit(1);
+}
+
+int main(int argc, char **argv) {
+ security_context_t scon;
+ if ( argc != 2 ) usage(argv[0]);
+ if (init_translations()==0) {
+ if(trans_context(argv[1],&scon) == 0) {
+ printf("%s\n", scon);
+ freecon(scon);
+ return 0;
+ }
+ }
+ printf("Failed\n");
+ return -1;
+}
+
+
diff --git a/policycoreutils/mcstrans/utils/untranscon.c b/policycoreutils/mcstrans/utils/untranscon.c
new file mode 100644
index 0000000..f47b6ea
--- /dev/null
+++ b/policycoreutils/mcstrans/utils/untranscon.c
@@ -0,0 +1,28 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <getopt.h>
+#include <errno.h>
+#include <string.h>
+#include <selinux/selinux.h>
+#include "mcstrans.h"
+
+void usage(const char *progname)
+{
+ fprintf(stderr, "usage: %s context\n", progname);
+ exit(1);
+}
+int main(int argc, char **argv) {
+ security_context_t scon;
+ if ( argc != 2 ) usage(argv[0]);
+ if (init_translations()==0) {
+ if(untrans_context(argv[1],&scon) == 0) {
+ printf("%s\n", scon);
+ freecon(scon);
+ return 0;
+ }
+ }
+ return -1;
+}
+
+
diff --git a/policycoreutils/mcstrans/utils/valgrind-mcstransd b/policycoreutils/mcstrans/utils/valgrind-mcstransd
new file mode 100644
index 0000000..900c628
--- /dev/null
+++ b/policycoreutils/mcstrans/utils/valgrind-mcstransd
@@ -0,0 +1,5 @@
+#!/bin/bash
+service mcstrans stop
+#valgrind -v --leak-check=full --show-reachable=yes ../src/mcstransd
+runcon -u system_u -r system_r -t setrans_t -l s15:c0.c1023 -- valgrind -v --leak-check=full --show-reachable=yes ../src/mcstransd
+run_init /etc/init.d/mcstrans start
