Thanks I will dig, try that!
On Thu, Aug 23, 2012 at 7:34 PM, Joshua Brindle <method@xxxxxxxxxxxxxxx> wrote:
> William Roberts wrote:
>>
>> I am working on a tool for parsing, and allowing overrides to occur in
>> seapp_contexts. I also want it to check the output selectors against
>> the compiled binary. After looking at sepol, it wasn't quite clear to
>> me how to get going with it. Can anyone give me function calls to do
>> something like this?
>>
>> 1. Load the compiled binary
>
>
> look at checkpolicy/test/dispol.c for examples. requires you to be
> statically linked against libsepol.
>
> fd = open(argv[1], O_RDONLY);
> if (fd < 0) {
> ... }
> if (fstat(fd, &sb) < 0) {
> ... }
> map =
> mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd,
> 0);
> if (map == MAP_FAILED) {
> ... }
> policy_file_init(&pf);
> pf.type = PF_USE_MEMORY;
> pf.data = map;
> pf.len = sb.st_size;
> if (policydb_init(&policydb)) {
> ... }
> ret = policydb_read(&policydb, &pf, 1);
>
>
>
>> 2. Check to see if a boolean exists
>
>
> bool = hashtab_search(policydb->p_bools.table, "some_boolean");
> if (bool == null) {
> //no such boolean
> }
>
--
Respectfully,
William C Roberts
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
