Hi, in https://github.com/TresysTechnology/refpolicy/pull/1 db_exception and db_datatype were added to reference policy. This small patch extends ability of label_db backend to work with these objects. Regards. --- libselinux/include/selinux/label.h | 2 ++ libselinux/man/man5/selabel_db.5 | 12 ++++++++++++ libselinux/src/label_db.c | 4 ++++ 3 files changed, 18 insertions(+) diff --git a/libselinux/include/selinux/label.h b/libselinux/include/selinux/label.h index c63ea7d..672a7c2 100644 --- a/libselinux/include/selinux/label.h +++ b/libselinux/include/selinux/label.h @@ -131,6 +131,8 @@ void selabel_stats(struct selabel_handle *handle); #define SELABEL_DB_BLOB 8 #define SELABEL_DB_TUPLE 9 #define SELABEL_DB_LANGUAGE 10 +#define SELABEL_DB_EXCEPTION 11 +#define SELABEL_DB_DATATYPE 12 #ifdef __cplusplus } diff --git a/libselinux/man/man5/selabel_db.5 b/libselinux/man/man5/selabel_db.5 index 51b5848..76eb9bc 100644 --- a/libselinux/man/man5/selabel_db.5 +++ b/libselinux/man/man5/selabel_db.5 @@ -86,6 +86,16 @@ argument specifies the name of a view object, such as "postgres.public.my_view". The .I object_name argument specifies the name of a language object, such as "postgres.public.tcl". +.TP +.B SELABEL_DB_EXCEPTION +The +.I object_name +argument specifies the name of a exception object. +.TP +.B SELABEL_DB_DATATYPE +The +.I object_name +argument specifies the name of a type or domain object, such as postgres.public.my_type. .RE .sp Any messages generated by \fBselabel_lookup\fR(3) are sent to \fIstderr\fR @@ -135,6 +145,8 @@ SELABEL_DB_TUPLE@db_tuple SELABEL_DB_PROCEDURE@db_procedure SELABEL_DB_SEQUENCE@db_sequence SELABEL_DB_BLOB@db_blob +SELABEL_DB_EXCEPTION@db_exception +SELABEL_DB_DATATYPE@db_datatype .TE . .SH "FILE FORMAT" diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c index ab0696a..999dd46 100644 --- a/libselinux/src/label_db.c +++ b/libselinux/src/label_db.c @@ -140,6 +140,10 @@ process_line(const char *path, char *line_buf, unsigned int line_num, spec->type = SELABEL_DB_TUPLE; else if (!strcmp(type, "db_language")) spec->type = SELABEL_DB_LANGUAGE; + else if (!strcmp(type, "db_exception")) + spec->type = SELABEL_DB_EXCEPTION; + else if (!strcmp(type, "db_datatype")) + spec->type = SELABEL_DB_DATATYPE; else { selinux_log(SELINUX_WARNING, "%s: line %d has invalid object type %s\n", -- 1.9.1 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
