Date: Fri, 21 Apr 2006 17:44:47 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 95805 for review Message-ID: <200604211744.k3LHilrF067376@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=95805 Change 95805 by millert@millert_g5tower on 2006/04/21 17:43:50 Adapt to selinux userland update Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 (text+ko) ==== @@ -81,8 +81,8 @@ GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_PREFIX_HEADER = "$(SYSTEM_LIBRARY_DIR)/Frameworks/AppKit.framework/Headers/AppKit.h"; INFOPLIST_FILE = plugins/SEDarwin/Info.plist; - OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include -I../../../sedarwin"; - OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../libmac -lmac -L../../../sedarwin/libselinux/src -lselinux"; + OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include"; + OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../../sedarwin/libselinux/src -lselinux -L../../../sedarwin/libsepol/src -lsepol -L../../../sedarwin/libsecompat -lsecompat -L../../libmac -lmac"; OTHER_REZFLAGS = ""; PRODUCT_NAME = SEDarwin; SECTORDER_FLAGS = ""; ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 (text+ko) ==== @@ -6,8 +6,8 @@ #include <sys/types.h> #include <sys/mac.h> #include <pwd.h> +#include <selinux/selinux.h> #include <selinux/get_context_list.h> -#include <sedarwin/sebsd.h> @interface SEDarwin : NSObject <MACpolicyPlugin> { ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 (text+ko) ==== @@ -41,7 +41,7 @@ return; } - if (!sebsd_enabled()) + if (!is_selinux_enabled()) return; /* @@ -88,7 +88,7 @@ } /* XXX - use SELINUX_DEFAULTUSER and fill in selector if not enabled? */ - if (!sebsd_enabled()) + if (!is_selinux_enabled()) return (MAC_LOGIN_OK); /* ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 (text+ko) ==== @@ -7,9 +7,11 @@ Extra_CC_Flags =-I../../pam/pam/libpam/include/pam/ \ -I../../xnu/BUILD/obj/EXPORT_HDRS/bsd/ \ -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk \ - -I../../../sedarwin -I../../../sedarwin/libselinux/include + -I../../../sedarwin/libselinux/include Extra_LD_Flags =-L../../../sedarwin/libselinux/src/ -lselinux \ + -L../../../sedarwin/libsepol/src/ -lsepol \ + -L../../../sedarwin/libsecompat/ -lsecompat \ -L../../libmac/ -lmac include ../PAMModule.defs ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 (text+ko) ==== @@ -32,8 +32,8 @@ #define _BSD_SOURCE #include <sys/types.h> #include <sys/mac.h> +#include <selinux/selinux.h> #include <selinux/get_context_list.h> -#include <sedarwin/sebsd.h> #include <ctype.h> #include <stdio.h> @@ -115,7 +115,7 @@ int ncontexts, retval, which; /* XXX - use SELINUX_DEFAULTUSER if not enabled? */ - if (!sebsd_enabled()) { + if (!is_selinux_enabled()) { syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__); return (PAM_SUCCESS); } @@ -171,7 +171,7 @@ mac_t label; int retval; - if (!sebsd_enabled()) { + if (!is_selinux_enabled()) { syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__); return (PAM_SUCCESS); } ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 (text+ko) ==== @@ -2,7 +2,8 @@ #import "LabelDialog.h" #import <Cocoa/Cocoa.h> #import <sys/mac.h> -#import <sedarwin/sebsd.h> +//#import <selinux/sebsd.h> +#import <selinux/selinux.h> const char *filename; char *initial; @@ -10,9 +11,6 @@ char **users, **roles, **types; size_t nusers, nroles, ntypes; -extern int security_get_file_contexts(const char *fromcontext, char ***retcontexts, size_t *ncontexts); -extern char *getseccontext(void); - static void addstring (char **ar, size_t *n, char *in) { int i; @@ -55,8 +53,16 @@ char **filelabels; size_t nfilelabels; - if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels)) + char *seccon; + + if (getcon(&seccon)) { + fprintf(stderr, "Failed to get the current security context\n"); + exit(1); + } + if (security_get_file_contexts (seccon, &filelabels, &nfilelabels)) +// if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels)) exit (1); + free(seccon); users = (char **) malloc (sizeof (char *) * (1+nfilelabels)); roles = (char **) malloc (sizeof (char *) * (1+nfilelabels)); types = (char **) malloc (sizeof (char *) * (1+nfilelabels)); ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 (text+ko) ==== @@ -173,7 +173,7 @@ HEADER_SEARCH_PATHS = ""; INSTALL_PATH = "/Applications"; LIBRARY_SEARCH_PATHS = ""; - OTHER_CFLAGS = "-I../.. -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk"; + OTHER_CFLAGS = "-I../../libselinux/include -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk"; OTHER_LDFLAGS = "../../libselinux/src/libselinux.a ../../../darwin/libmac/libmac.a"; PRODUCT_NAME = relabel; SECTORDER_FLAGS = "";
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604211744.k3LHilrF067376>