-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5WsrEACgkQrlYvE4MpobPMdwCgvm/PPCPeuR2Ml8VGtLP/uiCU
O+QAoOgcUEFSmsbJFGDAwqisF/vYjThl
=oJs6
-----END PGP SIGNATURE-----
>From 9b6ef077c5f48768511027970bf305241c0a16b4 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Thu, 4 Aug 2011 09:53:34 -0400
Subject: [PATCH 43/77] policycoreutils: semodule_package: Add
semodule_unpackage executable
Much like semodule_package this utility will unpack!
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
policycoreutils/semodule_package/Makefile | 4 +-
.../semodule_package/semodule_package.8 | 2 +-
.../semodule_package/semodule_unpackage.8 | 24 +++++
.../semodule_package/semodule_unpackage.c | 103 ++++++++++++++++++++
4 files changed, 131 insertions(+), 2 deletions(-)
create mode 100644 policycoreutils/semodule_package/semodule_unpackage.8
create mode 100644 policycoreutils/semodule_package/semodule_unpackage.c
diff --git a/policycoreutils/semodule_package/Makefile b/policycoreutils/semodule_package/Makefile
index 0a4a3a6..f84cd7e 100644
--- a/policycoreutils/semodule_package/Makefile
+++ b/policycoreutils/semodule_package/Makefile
@@ -9,15 +9,17 @@ CFLAGS ?= -Werror -Wall -W
override CFLAGS += -I$(INCLUDEDIR)
LDLIBS = -lsepol -lselinux -L$(LIBDIR)
-all: semodule_package
+all: semodule_package semodule_unpackage
semodule_package: semodule_package.o
install: all
-mkdir -p $(BINDIR)
install -m 755 semodule_package $(BINDIR)
+ install -m 755 semodule_unpackage $(BINDIR)
test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
install -m 644 semodule_package.8 $(MANDIR)/man8/
+ install -m 644 semodule_unpackage.8 $(MANDIR)/man8/
relabel:
diff --git a/policycoreutils/semodule_package/semodule_package.8 b/policycoreutils/semodule_package/semodule_package.8
index 29c9eb2..ddad2d2 100644
--- a/policycoreutils/semodule_package/semodule_package.8
+++ b/policycoreutils/semodule_package/semodule_package.8
@@ -44,7 +44,7 @@ File contexts file for the module (optional).
netfilter context file to be included in the package.
.SH SEE ALSO
-.B checkmodule(8), semodule(8)
+.B checkmodule(8), semodule(8), semodule_unpackage(8)
.SH AUTHORS
.nf
This manual page was written by Dan Walsh <dwalsh@xxxxxxxxxx>.
diff --git a/policycoreutils/semodule_package/semodule_unpackage.8 b/policycoreutils/semodule_package/semodule_unpackage.8
new file mode 100644
index 0000000..62dd53e
--- /dev/null
+++ b/policycoreutils/semodule_package/semodule_unpackage.8
@@ -0,0 +1,24 @@
+.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux" NSA
+.SH NAME
+semodule_unpackage \- Extract polciy module and file context file from an SELinux policy module unpackage.
+
+.SH SYNOPSIS
+.B semodule_unpackage <module> [<file contexts>]
+.br
+.SH DESCRIPTION
+.PP
+semodule_unpackage is the tool used to extract the SELinux policy module
+ and file context file from an SELinux Policy Package.
+
+.SH EXAMPLE
+.nf
+# Extract the httpd module file from httpd policy package.
+$ semodule_unpackage httpd.pp httpd.mod httpd.fc
+.fi
+
+.SH SEE ALSO
+.B semodule_package(8)
+.SH AUTHORS
+.nf
+This manual page was written by Dan Walsh <dwalsh@xxxxxxxxxx>.
+The program was written by Stephen Smalley <sds@xxxxxxxxxxxxx>
diff --git a/policycoreutils/semodule_package/semodule_unpackage.c b/policycoreutils/semodule_package/semodule_unpackage.c
new file mode 100644
index 0000000..0120ee4
--- /dev/null
+++ b/policycoreutils/semodule_package/semodule_unpackage.c
@@ -0,0 +1,103 @@
+#include <sepol/module.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+char *progname = NULL;
+extern char *optarg;
+
+static void usage(char *progname)
+{
+ printf("usage: %s ppfile modfile [fcfile]\n", progname);
+ exit(1);
+}
+
+static int file_to_policy_file(char *filename, struct sepol_policy_file **pf, char *mode)
+{
+ FILE *f;
+
+ if (sepol_policy_file_create(pf)) {
+ fprintf(stderr, "%s: Out of memory\n", progname);
+ return -1;
+ }
+
+ f = fopen(filename, mode);
+ if (!f) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", progname, strerror(errno), filename);
+ return -1;
+ }
+ sepol_policy_file_set_fp(*pf, f);
+ return 0;
+}
+
+int main(int argc, char **argv)
+{
+ struct sepol_module_package *pkg;
+ struct sepol_policy_file *in, *out;
+ FILE *fp;
+ size_t len;
+ char *ppfile, *modfile, *fcfile = NULL, *fcdata;
+
+ progname = argv[0];
+
+ if (argc < 3) {
+ usage(progname);
+ exit(1);
+ }
+
+ ppfile = argv[1];
+ modfile = argv[2];
+ if (argc >= 3)
+ fcfile = argv[3];
+
+ if (file_to_policy_file(ppfile, &in, "r"))
+ exit(1);
+
+ if (sepol_module_package_create(&pkg)) {
+ fprintf(stderr, "%s: Out of memory\n", progname);
+ exit(1);
+ }
+
+ if (sepol_module_package_read(pkg, in, 0) == -1) {
+ fprintf(stderr, "%s: Error while reading policy module from %s\n",
+ progname, ppfile);
+ exit(1);
+ }
+
+ if (file_to_policy_file(modfile, &out, "w"))
+ exit(1);
+
+ if (sepol_policydb_write(sepol_module_package_get_policy(pkg), out)) {
+ fprintf(stderr, "%s: Error while writing module to %s\n", progname, modfile);
+ exit(1);
+ }
+
+ sepol_policy_file_free(in);
+ sepol_policy_file_free(out);
+
+ len = sepol_module_package_get_file_contexts_len(pkg);
+ if (fcfile && len) {
+ fp = fopen(fcfile, "w");
+ if (!fp) {
+ fprintf(stderr, "%s: Could not open file %s: %s\n", progname, strerror(errno), fcfile);
+ exit(1);
+ }
+ fcdata = sepol_module_package_get_file_contexts(pkg);
+ if (fwrite(fcdata, 1, len, fp) != len) {
+ fprintf(stderr, "%s: Could not write file %s: %s\n", progname, strerror(errno), fcfile);
+ exit(1);
+ }
+ fclose(fp);
+ }
+
+ sepol_module_package_free(pkg);
+ exit(0);
+}
--
1.7.6
