You got me with the cannot link as shared object....I was looking at
the text section going why wont it link, and then I tried static and
it worked. I should have paid more attention to that detail in your
email. So for all those make sure you link sepol statically.
Otherwise, thanks again.
On Thu, Aug 23, 2012 at 7:41 PM, William Roberts
<bill.c.roberts@xxxxxxxxx> wrote:
> Thanks I will dig, try that!
>
> On Thu, Aug 23, 2012 at 7:34 PM, Joshua Brindle <method@xxxxxxxxxxxxxxx> wrote:
>> William Roberts wrote:
>>>
>>> I am working on a tool for parsing, and allowing overrides to occur in
>>> seapp_contexts. I also want it to check the output selectors against
>>> the compiled binary. After looking at sepol, it wasn't quite clear to
>>> me how to get going with it. Can anyone give me function calls to do
>>> something like this?
>>>
>>> 1. Load the compiled binary
>>
>>
>> look at checkpolicy/test/dispol.c for examples. requires you to be
>> statically linked against libsepol.
>>
>> fd = open(argv[1], O_RDONLY);
>> if (fd < 0) {
>> ... }
>> if (fstat(fd, &sb) < 0) {
>> ... }
>> map =
>> mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd,
>> 0);
>> if (map == MAP_FAILED) {
>> ... }
>> policy_file_init(&pf);
>> pf.type = PF_USE_MEMORY;
>> pf.data = map;
>> pf.len = sb.st_size;
>> if (policydb_init(&policydb)) {
>> ... }
>> ret = policydb_read(&policydb, &pf, 1);
>>
>>
>>
>>> 2. Check to see if a boolean exists
>>
>>
>> bool = hashtab_search(policydb->p_bools.table, "some_boolean");
>> if (bool == null) {
>> //no such boolean
>> }
>>
>
>
>
> --
> Respectfully,
>
> William C Roberts
--
Respectfully,
William C Roberts
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
