-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9x1pEACgkQrlYvE4MpobN7SQCfR+Qob/zmTixeEFDPXLmnPD41
u2oAnA2ECzA00xrlsRQZLFxYOPNWZQrs
=CIeB
-----END PGP SIGNATURE-----
>From 4aa07f7b1ea19a3964194317fff2b9634da6c43d Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 4 Jan 2012 10:43:46 -0500
Subject: [PATCH 14/73] libsemanage: Alternate path for semanage.conf
Currently the semanage.conf file is hard coded to /etc/selinux/semanage.conf
even when an alternate root path is specified. Use the semanage.conf
found inside the altername root instead of the system global version.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
libsemanage/src/handle.c | 21 +++++++++++++++++++++
libsemanage/src/handle.h | 2 ++
libsemanage/src/semanage_store.c | 12 ------------
libsemanage/src/semanage_store.h | 1 -
4 files changed, 23 insertions(+), 13 deletions(-)
diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 7adc1cc..4b43ba7 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -37,10 +37,12 @@
#include "semanage_store.h"
#define SEMANAGE_COMMIT_READ_WAIT 5
+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
#include <string.h>
#include <selinux/selinux.h>
static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
static char *private_file_context_path = NULL;
static char *private_file_context_local_path = NULL;
static char *private_file_context_homedir_path = NULL;
@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
void semanage_free_root() {
free(private_selinux_path); private_selinux_path = NULL;
+ free(private_semanage_conf_path); private_semanage_conf_path = NULL;
free(private_file_context_path); private_file_context_path = NULL;
free(private_file_context_local_path); private_file_context_local_path = NULL;
free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
goto error;
}
+ if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
+ goto error;
+ }
+
if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
goto error;
}
@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
return selinux_path();
}
+/* Return a fully-qualified path + filename to the semanage
+ * configuration file. The caller must not alter the string returned
+ * (and hence why this function return type is const).
+ *
+ */
+
+const char *semanage_conf_path(void)
+{
+ if (private_semanage_conf_path)
+ return private_semanage_conf_path;
+
+ return SEMANAGE_CONF_PATH;
+}
+
semanage_handle_t *semanage_handle_create(void)
{
semanage_handle_t *sh = NULL;
diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
index 723d811..bb12594 100644
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@@ -105,6 +105,8 @@ struct semanage_handle {
dbase_config_t dbase[DBASE_COUNT];
};
+const char *semanage_conf_path(void);
+
/* === Local modifications === */
static inline
dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index a223aa7..0e7b71a 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
return semanage_paths[store][path_name];
}
-/* Return a fully-qualified path + filename to the semanage
- * configuration file. The caller must not alter the string returned
- * (and hence why this function return type is const).
- *
- * This is going to be hard coded to /etc/selinux/semanage.conf for
- * the time being. FIXME
- */
-const char *semanage_conf_path(void)
-{
- return "/etc/selinux/semanage.conf";
-}
-
/**************** functions that create module store ***************/
/* Check that the semanage store exists. If 'create' is non-zero then
diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h
index b451308..98e011d 100644
--- a/libsemanage/src/semanage_store.h
+++ b/libsemanage/src/semanage_store.h
@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
/* FIXME: this needs to be made a module store specific init and the
* global configuration moved to another file.
*/
-const char *semanage_conf_path(void);
int semanage_check_init(const char *root);
extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
--
1.7.9.3
