diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.13/src/selinux.py
--- nsalibselinux/src/selinux.py 2007-02-22 08:53:23.000000000 -0500
+++ libselinux-2.0.13/src/selinux.py 2007-04-23 10:26:41.000000000 -0400
@@ -48,8 +48,19 @@
del types
+SELINUX_DEFAULTUSER = _selinux.SELINUX_DEFAULTUSER
+get_ordered_context_list = _selinux.get_ordered_context_list
+get_ordered_context_list_with_level = _selinux.get_ordered_context_list_with_level
+get_default_context = _selinux.get_default_context
+get_default_context_with_level = _selinux.get_default_context_with_level
+get_default_context_with_role = _selinux.get_default_context_with_role
+get_default_context_with_rolelevel = _selinux.get_default_context_with_rolelevel
+query_user_context = _selinux.query_user_context
+manual_user_enter_context = _selinux.manual_user_enter_context
is_selinux_enabled = _selinux.is_selinux_enabled
is_selinux_mls_enabled = _selinux.is_selinux_mls_enabled
+freecon = _selinux.freecon
+freeconary = _selinux.freeconary
getcon = _selinux.getcon
setcon = _selinux.setcon
getpidcon = _selinux.getpidcon
@@ -88,6 +99,8 @@
set_matchpathcon_flags = _selinux.set_matchpathcon_flags
matchpathcon_init = _selinux.matchpathcon_init
matchpathcon = _selinux.matchpathcon
+matchpathcon_init_prefix = _selinux.matchpathcon_init_prefix
+matchpathcon_fini = _selinux.matchpathcon_fini
matchmediacon = _selinux.matchmediacon
selinux_getenforcemode = _selinux.selinux_getenforcemode
selinux_policy_root = _selinux.selinux_policy_root
@@ -102,6 +115,7 @@
selinux_homedir_context_path = _selinux.selinux_homedir_context_path
selinux_media_context_path = _selinux.selinux_media_context_path
selinux_contexts_path = _selinux.selinux_contexts_path
+selinux_securetty_types_path = _selinux.selinux_securetty_types_path
selinux_booleans_path = _selinux.selinux_booleans_path
selinux_customizable_types_path = _selinux.selinux_customizable_types_path
selinux_users_path = _selinux.selinux_users_path
@@ -109,13 +123,16 @@
selinux_translations_path = _selinux.selinux_translations_path
selinux_netfilter_context_path = _selinux.selinux_netfilter_context_path
selinux_path = _selinux.selinux_path
-selinux_check_passwd_access = _selinux.selinux_check_passwd_access
-checkPasswdAccess = _selinux.checkPasswdAccess
+selinux_check_securetty_context = _selinux.selinux_check_securetty_context
+set_selinuxmnt = _selinux.set_selinuxmnt
rpm_execcon = _selinux.rpm_execcon
is_context_customizable = _selinux.is_context_customizable
selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context
selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context
selinux_getpolicytype = _selinux.selinux_getpolicytype
getseuserbyname = _selinux.getseuserbyname
+selinux_file_context_cmp = _selinux.selinux_file_context_cmp
+selinux_file_context_verify = _selinux.selinux_file_context_verify
+selinux_lsetfilecon_default = _selinux.selinux_lsetfilecon_default
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.13/src/selinuxswig.i
--- nsalibselinux/src/selinuxswig.i 2007-04-12 16:02:48.000000000 -0400
+++ libselinux-2.0.13/src/selinuxswig.i 2007-04-23 10:26:21.000000000 -0400
@@ -21,6 +21,7 @@
%module selinux
%{
#include "selinux/selinux.h"
+ #include "selinux/get_context_list.h"
%}
%apply int *OUTPUT { int * };
%apply int *OUTPUT { size_t * };
@@ -42,8 +43,12 @@
%typedef unsigned mode_t;
+%include "../include/selinux/get_context_list.h"
+
extern int is_selinux_enabled(void);
extern int is_selinux_mls_enabled(void);
+extern void freecon(security_context_t con);
+extern void freeconary(security_context_t * con);
extern int getcon(security_context_t *con);
extern int setcon(security_context_t con);
extern int getpidcon(int pid, security_context_t *con);
@@ -90,6 +95,11 @@
mode_t mode,
security_context_t *con);
+extern int matchpathcon_init_prefix(const char *path,
+ const char *prefix);
+extern void matchpathcon_fini(void);
+
+
extern int matchmediacon(const char *media,
security_context_t *con);
@@ -106,6 +116,7 @@
extern const char *selinux_homedir_context_path(void);
extern const char *selinux_media_context_path(void);
extern const char *selinux_contexts_path(void);
+extern const char *selinux_securetty_types_path(void);
extern const char *selinux_booleans_path(void);
extern const char *selinux_customizable_types_path(void);
extern const char *selinux_users_path(void);
@@ -113,11 +124,15 @@
extern const char *selinux_translations_path(void);
extern const char *selinux_netfilter_context_path(void);
extern const char *selinux_path(void);
-extern int selinux_check_passwd_access(access_vector_t requested);
-extern int checkPasswdAccess(access_vector_t requested);
+#extern int selinux_check_passwd_access(access_vector_t requested);
+#extern int checkPasswdAccess(access_vector_t requested);
+extern int selinux_check_securetty_context(security_context_t tty_context);
+void set_selinuxmnt(char *mnt);
+
+#ifdef SWIGpython
// This tells SWIG to treat char ** as a special case
-%typemap(python,in) char ** {
+%typemap(in) char ** {
/* Check if is a list */
if (PyList_Check($input)) {
int size = PyList_Size($input);
@@ -143,6 +158,7 @@
return NULL;
}
}
+#endif
extern int rpm_execcon(unsigned int verified,
const char *filename,
@@ -164,3 +180,7 @@
}
extern int selinux_getpolicytype(char **enforce);
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
+
+int selinux_file_context_cmp(const security_context_t a, const security_context_t b);
+int selinux_file_context_verify(const char *path, mode_t mode);
+int selinux_lsetfilecon_default(const char *path);
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.13/src/selinuxswig_wrap.c
--- nsalibselinux/src/selinuxswig_wrap.c 2007-04-12 16:02:48.000000000 -0400
+++ libselinux-2.0.13/src/selinuxswig_wrap.c 2007-04-23 10:26:41.000000000 -0400
@@ -2449,11 +2449,11 @@
/* -------- TYPES TABLE (BEGIN) -------- */
#define SWIGTYPE_p_SELboolean swig_types[0]
-#define SWIGTYPE_p_access_vector_t swig_types[1]
-#define SWIGTYPE_p_char swig_types[2]
-#define SWIGTYPE_p_int swig_types[3]
-#define SWIGTYPE_p_p_char swig_types[4]
-#define SWIGTYPE_p_p_p_char swig_types[5]
+#define SWIGTYPE_p_char swig_types[1]
+#define SWIGTYPE_p_int swig_types[2]
+#define SWIGTYPE_p_p_char swig_types[3]
+#define SWIGTYPE_p_p_p_char swig_types[4]
+#define SWIGTYPE_p_p_security_context_t swig_types[5]
#define SWIGTYPE_p_security_context_t swig_types[6]
#define SWIGTYPE_p_unsigned_int swig_types[7]
static swig_type_info *swig_types[9];
@@ -2485,6 +2485,99 @@
#include "selinux/selinux.h"
+ #include "selinux/get_context_list.h"
+
+
+SWIGINTERN swig_type_info*
+SWIG_pchar_descriptor(void)
+{
+ static int init = 0;
+ static swig_type_info* info = 0;
+ if (!init) {
+ info = SWIG_TypeQuery("_p_char");
+ init = 1;
+ }
+ return info;
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_FromCharPtrAndSize(const char* carray, size_t size)
+{
+ if (carray) {
+ if (size > INT_MAX) {
+ swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
+ return pchar_descriptor ?
+ SWIG_NewPointerObj((char *)(carray), pchar_descriptor, 0) : SWIG_Py_Void();
+ } else {
+ return PyString_FromStringAndSize(carray, (int)(size));
+ }
+ } else {
+ return SWIG_Py_Void();
+ }
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_FromCharPtr(const char *cptr)
+{
+ return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0));
+}
+
+
+SWIGINTERN int
+SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
+{
+ if (PyString_Check(obj)) {
+ char *cstr; Py_ssize_t len;
+ PyString_AsStringAndSize(obj, &cstr, &len);
+ if (cptr) {
+ if (alloc) {
+ /*
+ In python the user should not be able to modify the inner
+ string representation. To warranty that, if you define
+ SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string
+ buffer is always returned.
+
+ The default behavior is just to return the pointer value,
+ so, be careful.
+ */
+#if defined(SWIG_PYTHON_SAFE_CSTRINGS)
+ if (*alloc != SWIG_OLDOBJ)
+#else
+ if (*alloc == SWIG_NEWOBJ)
+#endif
+ {
+ *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
+ *alloc = SWIG_NEWOBJ;
+ }
+ else {
+ *cptr = cstr;
+ *alloc = SWIG_OLDOBJ;
+ }
+ } else {
+ *cptr = PyString_AsString(obj);
+ }
+ }
+ if (psize) *psize = len + 1;
+ return SWIG_OK;
+ } else {
+ swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
+ if (pchar_descriptor) {
+ void* vptr = 0;
+ if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) {
+ if (cptr) *cptr = (char *) vptr;
+ if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
+ if (alloc) *alloc = SWIG_OLDOBJ;
+ return SWIG_OK;
+ }
+ }
+ }
+ return SWIG_TypeError;
+}
+
+
+
#define SWIG_From_long PyInt_FromLong
@@ -2644,74 +2737,6 @@
}
-SWIGINTERN swig_type_info*
-SWIG_pchar_descriptor(void)
-{
- static int init = 0;
- static swig_type_info* info = 0;
- if (!init) {
- info = SWIG_TypeQuery("_p_char");
- init = 1;
- }
- return info;
-}
-
-
-SWIGINTERN int
-SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
-{
- if (PyString_Check(obj)) {
- char *cstr; Py_ssize_t len;
- PyString_AsStringAndSize(obj, &cstr, &len);
- if (cptr) {
- if (alloc) {
- /*
- In python the user should not be able to modify the inner
- string representation. To warranty that, if you define
- SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string
- buffer is always returned.
-
- The default behavior is just to return the pointer value,
- so, be careful.
- */
-#if defined(SWIG_PYTHON_SAFE_CSTRINGS)
- if (*alloc != SWIG_OLDOBJ)
-#else
- if (*alloc == SWIG_NEWOBJ)
-#endif
- {
- *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
- *alloc = SWIG_NEWOBJ;
- }
- else {
- *cptr = cstr;
- *alloc = SWIG_OLDOBJ;
- }
- } else {
- *cptr = PyString_AsString(obj);
- }
- }
- if (psize) *psize = len + 1;
- return SWIG_OK;
- } else {
- swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
- if (pchar_descriptor) {
- void* vptr = 0;
- if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) {
- if (cptr) *cptr = (char *) vptr;
- if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
- if (alloc) *alloc = SWIG_OLDOBJ;
- return SWIG_OK;
- }
- }
- }
- return SWIG_TypeError;
-}
-
-
-
-
-
SWIGINTERN int
SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val)
{
@@ -2781,33 +2806,396 @@
return res;
}
+#ifdef __cplusplus
+extern "C" {
+#endif
+SWIGINTERN PyObject *_wrap_get_ordered_context_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 ;
+ security_context_t **arg3 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ void *argp3 = 0 ;
+ int res3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_ordered_context_list",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_ordered_context_list" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ {
+ arg2 = (security_context_t)PyString_AsString(obj1);
+ }
+ res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_p_security_context_t, 0 | 0 );
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_ordered_context_list" "', argument " "3"" of type '" "security_context_t **""'");
+ }
+ arg3 = (security_context_t **)(argp3);
+ result = (int)get_ordered_context_list((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_ordered_context_list_with_level(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 ;
+ security_context_t **arg4 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ void *argp4 = 0 ;
+ int res4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOO:get_ordered_context_list_with_level",&obj0,&obj1,&obj2,&obj3)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_ordered_context_list_with_level" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_ordered_context_list_with_level" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ {
+ arg3 = (security_context_t)PyString_AsString(obj2);
+ }
+ res4 = SWIG_ConvertPtr(obj3, &argp4,SWIGTYPE_p_p_security_context_t, 0 | 0 );
+ if (!SWIG_IsOK(res4)) {
+ SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "get_ordered_context_list_with_level" "', argument " "4"" of type '" "security_context_t **""'");
+ }
+ arg4 = (security_context_t **)(argp4);
+ result = (int)get_ordered_context_list_with_level((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 ;
+ security_context_t *arg3 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp3 = NULL ;
+ char *temp30 = NULL ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ {
+ arg3 = &temp3;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OO:get_default_context",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ {
+ arg2 = (security_context_t)PyString_AsString(obj1);
+ }
+ result = (int)get_default_context((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg3)
+ temp30 = *arg3;
+ else
+ temp30 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp30));
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_level(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t temp4 = NULL ;
+ char *temp40 = NULL ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ {
+ arg4 = &temp4;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_default_context_with_level",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_level" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_level" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ {
+ arg3 = (security_context_t)PyString_AsString(obj2);
+ }
+ result = (int)get_default_context_with_level((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg4)
+ temp40 = *arg4;
+ else
+ temp40 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp40));
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t temp4 = NULL ;
+ char *temp40 = NULL ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ {
+ arg4 = &temp4;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_default_context_with_role",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_role" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_role" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ {
+ arg3 = (security_context_t)PyString_AsString(obj2);
+ }
+ result = (int)get_default_context_with_role((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg4)
+ temp40 = *arg4;
+ else
+ temp40 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp40));
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_rolelevel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ char *arg3 = (char *) 0 ;
+ security_context_t arg4 ;
+ security_context_t *arg5 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ security_context_t temp5 = NULL ;
+ char *temp50 = NULL ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+
+ {
+ arg5 = &temp5;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOOO:get_default_context_with_rolelevel",&obj0,&obj1,&obj2,&obj3)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_rolelevel" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_rolelevel" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_default_context_with_rolelevel" "', argument " "3"" of type '" "char const *""'");
+ }
+ arg3 = (char *)(buf3);
+ {
+ arg4 = (security_context_t)PyString_AsString(obj3);
+ }
+ result = (int)get_default_context_with_rolelevel((char const *)arg1,(char const *)arg2,(char const *)arg3,arg4,arg5);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg5)
+ temp50 = *arg5;
+ else
+ temp50 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp50));
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_query_user_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = NULL ;
+ security_context_t temp2 = NULL ;
+ char *temp10 = NULL ;
+ char *temp20 = NULL ;
+
+ {
+ arg1 = &temp1;
+ }
+ {
+ arg2 = &temp2;
+ }
+ if (!PyArg_ParseTuple(args,(char *)":query_user_context")) SWIG_fail;
+ result = (int)query_user_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg1)
+ temp10 = *arg1;
+ else
+ temp10 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ }
+ {
+ if (*arg2)
+ temp20 = *arg2;
+ else
+ temp20 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
-SWIGINTERNINLINE PyObject *
-SWIG_FromCharPtrAndSize(const char* carray, size_t size)
-{
- if (carray) {
- if (size > INT_MAX) {
- swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
- return pchar_descriptor ?
- SWIG_NewPointerObj((char *)(carray), pchar_descriptor, 0) : SWIG_Py_Void();
- } else {
- return PyString_FromStringAndSize(carray, (int)(size));
- }
- } else {
- return SWIG_Py_Void();
+SWIGINTERN PyObject *_wrap_manual_user_enter_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = NULL ;
+ char *temp20 = NULL ;
+ PyObject * obj0 = 0 ;
+
+ {
+ arg2 = &temp2;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"O:manual_user_enter_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "manual_user_enter_context" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)manual_user_enter_context((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg2)
+ temp20 = *arg2;
+ else
+ temp20 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp20));
}
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
}
-SWIGINTERNINLINE PyObject *
-SWIG_FromCharPtr(const char *cptr)
-{
- return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0));
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
SWIGINTERN PyObject *_wrap_is_selinux_enabled(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
int result;
@@ -2834,6 +3222,48 @@
}
+SWIGINTERN PyObject *_wrap_freecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:freecon",&obj0)) SWIG_fail;
+ {
+ arg1 = (security_context_t)PyString_AsString(obj0);
+ }
+ freecon(arg1);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_freeconary(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ security_context_t temp1 = NULL ;
+ char *temp10 = NULL ;
+
+ {
+ arg1 = &temp1;
+ }
+ if (!PyArg_ParseTuple(args,(char *)":freeconary")) SWIG_fail;
+ freeconary(arg1);
+ resultobj = SWIG_Py_Void();
+ {
+ if (*arg1)
+ temp10 = *arg1;
+ else
+ temp10 = "";
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(temp10));
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
security_context_t *arg1 = (security_context_t *) 0 ;
@@ -3777,6 +4207,55 @@
}
+SWIGINTERN PyObject *_wrap_matchpathcon_init_prefix(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:matchpathcon_init_prefix",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_init_prefix" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "matchpathcon_init_prefix" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ result = (int)matchpathcon_init_prefix((char const *)arg1,(char const *)arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_fini(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":matchpathcon_fini")) SWIG_fail;
+ matchpathcon_fini();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_matchmediacon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *arg1 = (char *) 0 ;
@@ -3994,6 +4473,19 @@
}
+SWIGINTERN PyObject *_wrap_selinux_securetty_types_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_securetty_types_path")) SWIG_fail;
+ result = (char *)selinux_securetty_types_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_selinux_booleans_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *result = 0 ;
@@ -4085,27 +4577,17 @@
}
-SWIGINTERN PyObject *_wrap_selinux_check_passwd_access(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+SWIGINTERN PyObject *_wrap_selinux_check_securetty_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- access_vector_t arg1 ;
+ security_context_t arg1 ;
int result;
- void *argp1 ;
- int res1 = 0 ;
PyObject * obj0 = 0 ;
- if (!PyArg_ParseTuple(args,(char *)"O:selinux_check_passwd_access",&obj0)) SWIG_fail;
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_check_securetty_context",&obj0)) SWIG_fail;
{
- res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_access_vector_t, 0 );
- if (!SWIG_IsOK(res1)) {
- SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_check_passwd_access" "', argument " "1"" of type '" "access_vector_t""'");
- }
- if (!argp1) {
- SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "selinux_check_passwd_access" "', argument " "1"" of type '" "access_vector_t""'");
- } else {
- arg1 = *((access_vector_t *)(argp1));
- }
+ arg1 = (security_context_t)PyString_AsString(obj0);
}
- result = (int)selinux_check_passwd_access(arg1);
+ result = (int)selinux_check_securetty_context(arg1);
resultobj = SWIG_From_int((int)(result));
return resultobj;
fail:
@@ -4113,30 +4595,26 @@
}
-SWIGINTERN PyObject *_wrap_checkPasswdAccess(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+SWIGINTERN PyObject *_wrap_set_selinuxmnt(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
- access_vector_t arg1 ;
- int result;
- void *argp1 ;
- int res1 = 0 ;
+ char *arg1 = (char *) 0 ;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
PyObject * obj0 = 0 ;
- if (!PyArg_ParseTuple(args,(char *)"O:checkPasswdAccess",&obj0)) SWIG_fail;
- {
- res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_access_vector_t, 0 );
- if (!SWIG_IsOK(res1)) {
- SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "checkPasswdAccess" "', argument " "1"" of type '" "access_vector_t""'");
- }
- if (!argp1) {
- SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "checkPasswdAccess" "', argument " "1"" of type '" "access_vector_t""'");
- } else {
- arg1 = *((access_vector_t *)(argp1));
- }
+ if (!PyArg_ParseTuple(args,(char *)"O:set_selinuxmnt",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "set_selinuxmnt" "', argument " "1"" of type '" "char *""'");
}
- result = (int)checkPasswdAccess(arg1);
- resultobj = SWIG_From_int((int)(result));
+ arg1 = (char *)(buf1);
+ set_selinuxmnt(arg1);
+ resultobj = SWIG_Py_Void();
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return resultobj;
fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
return NULL;
}
@@ -4153,6 +4631,10 @@
int res2 ;
char *buf2 = 0 ;
int alloc2 = 0 ;
+ void *argp3 = 0 ;
+ int res3 = 0 ;
+ void *argp4 = 0 ;
+ int res4 = 0 ;
PyObject * obj0 = 0 ;
PyObject * obj1 = 0 ;
PyObject * obj2 = 0 ;
@@ -4169,58 +4651,16 @@
SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "rpm_execcon" "', argument " "2"" of type '" "char const *""'");
}
arg2 = (char *)(buf2);
- {
- /* Check if is a list */
- if (PyList_Check(obj2)) {
- int size = PyList_Size(obj2);
- int i = 0;
- arg3 = (char **) malloc((size+1)*sizeof(char *));
- if (arg3 == NULL) {
- PyErr_SetString(PyExc_MemoryError,"Out of memory");
- return NULL;
- }
- for (i = 0; i < size; i++) {
- PyObject *o = PyList_GetItem(obj2,i);
- if (PyString_Check(o))
- arg3[i] = PyString_AsString(PyList_GetItem(obj2,i));
- else {
- PyErr_SetString(PyExc_TypeError,"list must contain strings");
- free(arg3);
- return NULL;
- }
- }
- arg3[i] = 0;
- } else {
- PyErr_SetString(PyExc_TypeError,"not a list");
- return NULL;
- }
- }
- {
- /* Check if is a list */
- if (PyList_Check(obj3)) {
- int size = PyList_Size(obj3);
- int i = 0;
- arg4 = (char **) malloc((size+1)*sizeof(char *));
- if (arg4 == NULL) {
- PyErr_SetString(PyExc_MemoryError,"Out of memory");
- return NULL;
- }
- for (i = 0; i < size; i++) {
- PyObject *o = PyList_GetItem(obj3,i);
- if (PyString_Check(o))
- arg4[i] = PyString_AsString(PyList_GetItem(obj3,i));
- else {
- PyErr_SetString(PyExc_TypeError,"list must contain strings");
- free(arg4);
- return NULL;
- }
- }
- arg4[i] = 0;
- } else {
- PyErr_SetString(PyExc_TypeError,"not a list");
- return NULL;
- }
+ res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_p_char, 0 | 0 );
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "rpm_execcon" "', argument " "3"" of type '" "char **""'");
+ }
+ arg3 = (char **)(argp3);
+ res4 = SWIG_ConvertPtr(obj3, &argp4,SWIGTYPE_p_p_char, 0 | 0 );
+ if (!SWIG_IsOK(res4)) {
+ SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "rpm_execcon" "', argument " "4"" of type '" "char **""'");
}
+ arg4 = (char **)(argp4);
result = (int)rpm_execcon(arg1,(char const *)arg2,arg3,arg4);
resultobj = SWIG_From_int((int)(result));
if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
@@ -4387,9 +4827,101 @@
}
+SWIGINTERN PyObject *_wrap_selinux_file_context_cmp(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 ;
+ security_context_t arg2 ;
+ int result;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_file_context_cmp",&obj0,&obj1)) SWIG_fail;
+ {
+ arg1 = (security_context_t)PyString_AsString(obj0);
+ }
+ {
+ arg2 = (security_context_t)PyString_AsString(obj1);
+ }
+ result = (int)selinux_file_context_cmp(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_verify(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ mode_t arg2 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_file_context_verify",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_file_context_verify" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "selinux_file_context_verify" "', argument " "2"" of type '" "mode_t""'");
+ }
+ arg2 = (mode_t)(val2);
+ result = (int)selinux_file_context_verify((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_lsetfilecon_default(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_lsetfilecon_default",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_lsetfilecon_default" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)selinux_lsetfilecon_default((char const *)arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
static PyMethodDef SwigMethods[] = {
+ { (char *)"get_ordered_context_list", _wrap_get_ordered_context_list, METH_VARARGS, NULL},
+ { (char *)"get_ordered_context_list_with_level", _wrap_get_ordered_context_list_with_level, METH_VARARGS, NULL},
+ { (char *)"get_default_context", _wrap_get_default_context, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_level", _wrap_get_default_context_with_level, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_role", _wrap_get_default_context_with_role, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_rolelevel", _wrap_get_default_context_with_rolelevel, METH_VARARGS, NULL},
+ { (char *)"query_user_context", _wrap_query_user_context, METH_VARARGS, NULL},
+ { (char *)"manual_user_enter_context", _wrap_manual_user_enter_context, METH_VARARGS, NULL},
{ (char *)"is_selinux_enabled", _wrap_is_selinux_enabled, METH_VARARGS, NULL},
{ (char *)"is_selinux_mls_enabled", _wrap_is_selinux_mls_enabled, METH_VARARGS, NULL},
+ { (char *)"freecon", _wrap_freecon, METH_VARARGS, NULL},
+ { (char *)"freeconary", _wrap_freeconary, METH_VARARGS, NULL},
{ (char *)"getcon", _wrap_getcon, METH_VARARGS, NULL},
{ (char *)"setcon", _wrap_setcon, METH_VARARGS, NULL},
{ (char *)"getpidcon", _wrap_getpidcon, METH_VARARGS, NULL},
@@ -4426,6 +4958,8 @@
{ (char *)"set_matchpathcon_flags", _wrap_set_matchpathcon_flags, METH_VARARGS, NULL},
{ (char *)"matchpathcon_init", _wrap_matchpathcon_init, METH_VARARGS, NULL},
{ (char *)"matchpathcon", _wrap_matchpathcon, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_init_prefix", _wrap_matchpathcon_init_prefix, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_fini", _wrap_matchpathcon_fini, METH_VARARGS, NULL},
{ (char *)"matchmediacon", _wrap_matchmediacon, METH_VARARGS, NULL},
{ (char *)"selinux_getenforcemode", _wrap_selinux_getenforcemode, METH_VARARGS, NULL},
{ (char *)"selinux_policy_root", _wrap_selinux_policy_root, METH_VARARGS, NULL},
@@ -4440,6 +4974,7 @@
{ (char *)"selinux_homedir_context_path", _wrap_selinux_homedir_context_path, METH_VARARGS, NULL},
{ (char *)"selinux_media_context_path", _wrap_selinux_media_context_path, METH_VARARGS, NULL},
{ (char *)"selinux_contexts_path", _wrap_selinux_contexts_path, METH_VARARGS, NULL},
+ { (char *)"selinux_securetty_types_path", _wrap_selinux_securetty_types_path, METH_VARARGS, NULL},
{ (char *)"selinux_booleans_path", _wrap_selinux_booleans_path, METH_VARARGS, NULL},
{ (char *)"selinux_customizable_types_path", _wrap_selinux_customizable_types_path, METH_VARARGS, NULL},
{ (char *)"selinux_users_path", _wrap_selinux_users_path, METH_VARARGS, NULL},
@@ -4447,14 +4982,17 @@
{ (char *)"selinux_translations_path", _wrap_selinux_translations_path, METH_VARARGS, NULL},
{ (char *)"selinux_netfilter_context_path", _wrap_selinux_netfilter_context_path, METH_VARARGS, NULL},
{ (char *)"selinux_path", _wrap_selinux_path, METH_VARARGS, NULL},
- { (char *)"selinux_check_passwd_access", _wrap_selinux_check_passwd_access, METH_VARARGS, NULL},
- { (char *)"checkPasswdAccess", _wrap_checkPasswdAccess, METH_VARARGS, NULL},
+ { (char *)"selinux_check_securetty_context", _wrap_selinux_check_securetty_context, METH_VARARGS, NULL},
+ { (char *)"set_selinuxmnt", _wrap_set_selinuxmnt, METH_VARARGS, NULL},
{ (char *)"rpm_execcon", _wrap_rpm_execcon, METH_VARARGS, NULL},
{ (char *)"is_context_customizable", _wrap_is_context_customizable, METH_VARARGS, NULL},
{ (char *)"selinux_trans_to_raw_context", _wrap_selinux_trans_to_raw_context, METH_VARARGS, NULL},
{ (char *)"selinux_raw_to_trans_context", _wrap_selinux_raw_to_trans_context, METH_VARARGS, NULL},
{ (char *)"selinux_getpolicytype", _wrap_selinux_getpolicytype, METH_VARARGS, NULL},
{ (char *)"getseuserbyname", _wrap_getseuserbyname, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_cmp", _wrap_selinux_file_context_cmp, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_verify", _wrap_selinux_file_context_verify, METH_VARARGS, NULL},
+ { (char *)"selinux_lsetfilecon_default", _wrap_selinux_lsetfilecon_default, METH_VARARGS, NULL},
{ NULL, NULL, 0, NULL }
};
@@ -4462,41 +5000,41 @@
/* -------- TYPE CONVERSION AND EQUIVALENCE RULES (BEGIN) -------- */
static swig_type_info _swigt__p_SELboolean = {"_p_SELboolean", "SELboolean *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_access_vector_t = {"_p_access_vector_t", "access_vector_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_int = {"_p_int", "int *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_p_p_char = {"_p_p_p_char", "char ***", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_p_security_context_t = {"_p_p_security_context_t", "security_context_t **", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_security_context_t = {"_p_security_context_t", "security_context_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "unsigned int *|mode_t *", 0, 0, (void*)0, 0};
static swig_type_info *swig_type_initial[] = {
&_swigt__p_SELboolean,
- &_swigt__p_access_vector_t,
&_swigt__p_char,
&_swigt__p_int,
&_swigt__p_p_char,
&_swigt__p_p_p_char,
+ &_swigt__p_p_security_context_t,
&_swigt__p_security_context_t,
&_swigt__p_unsigned_int,
};
static swig_cast_info _swigc__p_SELboolean[] = { {&_swigt__p_SELboolean, 0, 0, 0},{0, 0, 0, 0}};
-static swig_cast_info _swigc__p_access_vector_t[] = { {&_swigt__p_access_vector_t, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_char[] = { {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_p_p_char[] = { {&_swigt__p_p_p_char, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_p_security_context_t[] = { {&_swigt__p_p_security_context_t, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_security_context_t[] = { {&_swigt__p_security_context_t, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info *swig_cast_initial[] = {
_swigc__p_SELboolean,
- _swigc__p_access_vector_t,
_swigc__p_char,
_swigc__p_int,
_swigc__p_p_char,
_swigc__p_p_p_char,
+ _swigc__p_p_security_context_t,
_swigc__p_security_context_t,
_swigc__p_unsigned_int,
};
@@ -5019,6 +5557,7 @@
SWIG_InstallConstants(d,swig_const_table);
+ SWIG_Python_SetConstant(d, "SELINUX_DEFAULTUSER",SWIG_FromCharPtr("user_u"));
SWIG_Python_SetConstant(d, "MATCHPATHCON_BASEONLY",SWIG_From_int((int)(1)));
SWIG_Python_SetConstant(d, "MATCHPATHCON_NOTRANS",SWIG_From_int((int)(2)));
}
diff --exclude-from=exclude -N -u -r nsalibselinux/Makefile libselinux-2.0.13/Makefile
--- nsalibselinux/Makefile 2007-06-01 10:44:08.000000000 -0400
+++ libselinux-2.0.13/Makefile 2007-06-26 05:11:37.000000000 -0400
@@ -20,6 +20,9 @@
$(MAKE) -C src
$(MAKE) -C utils
+swigify:
+ $(MAKE) -C src swigify
+
pywrap:
$(MAKE) -C src pywrap
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 libselinux-2.0.13/man/man3/avc_add_callback.3
--- nsalibselinux/man/man3/avc_add_callback.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_add_callback.3 2007-07-10 12:17:08.000000000 -0400
@@ -6,26 +6,26 @@
avc_add_callback \- additional event notification for SELinux userspace object managers.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "int avc_add_callback(int (*" callback ")(uint32_t " event ,
.in +\w'int avc_add_callback(int (*callback)('u
.BI "security_id_t " ssid ,
-.br
+
.BI "security_id_t " tsid ,
-.br
+
.BI "security_class_t " tclass ,
-.br
+
.BI "access_vector_t " perms ,
-.br
+
.BI "access_vector_t *" out_retained "),"
.in
.in +\w'int avc_add_callback('u
.BI "uint32_t " events ", security_id_t " ssid ,
-.br
+
.BI "security_id_t " tsid ", security_class_t " tclass ,
-.br
+
.BI "access_vector_t " perms ");"
.in
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 libselinux-2.0.13/man/man3/avc_cache_stats.3
--- nsalibselinux/man/man3/avc_cache_stats.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_cache_stats.3 2007-07-10 12:17:08.000000000 -0400
@@ -6,7 +6,7 @@
avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace SELinux AVC statistics.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "void avc_av_stats(void);"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_compute_create.3 libselinux-2.0.13/man/man3/avc_compute_create.3
--- nsalibselinux/man/man3/avc_compute_create.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_compute_create.3 2007-07-10 12:17:07.000000000 -0400
@@ -6,7 +6,7 @@
avc_compute_create \- obtain SELinux label for new object.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "int avc_compute_create(security_id_t " ssid ", security_id_t " tsid ,
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 libselinux-2.0.13/man/man3/avc_context_to_sid.3
--- nsalibselinux/man/man3/avc_context_to_sid.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_context_to_sid.3 2007-07-10 12:17:07.000000000 -0400
@@ -6,7 +6,7 @@
avc_context_to_sid, avc_sid_to_context, sidput, sidget, avc_get_initial_sid \- obtain and manipulate SELinux security ID's.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "int avc_context_to_sid(security_context_t " ctx ", security_id_t *" sid ");"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libselinux-2.0.13/man/man3/avc_has_perm.3
--- nsalibselinux/man/man3/avc_has_perm.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_has_perm.3 2007-07-10 12:13:47.000000000 -0400
@@ -6,7 +6,7 @@
avc_has_perm, avc_has_perm_noaudit, avc_audit, avc_entry_ref_init \- obtain and audit SELinux access decisions.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "void avc_entry_ref_init(struct avc_entry_ref *" aeref ");"
@@ -14,21 +14,21 @@
.BI "int avc_has_perm(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'int avc_has_perm('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
-.br
+
.BI "struct avc_entry_ref *" aeref ", void *" auditdata ");"
.in
.sp
.BI "int avc_has_perm_noaudit(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'int avc_has_perm('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
-.br
+
.BI "struct avc_entry_ref *" aeref ", struct av_decision *" avd ");"
.in
.sp
.BI "void avc_audit(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'void avc_audit('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
-.br
+
.BI "struct av_decision *" avd ", int " result ", void *" auditdata ");"
.in
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinux-2.0.13/man/man3/avc_init.3
--- nsalibselinux/man/man3/avc_init.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/avc_init.3 2007-07-10 12:13:43.000000000 -0400
@@ -6,17 +6,17 @@
avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and teardown.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/avc.h>
.sp
.BI "int avc_init(const char *" msgprefix ,
.in +\w'int avc_init('u
.BI "const struct avc_memory_callback *" mem_callbacks ,
-.br
+
.BI "const struct avc_log_callback *" log_callbacks ,
-.br
+
.BI "const struct avc_thread_callback *" thread_callbacks ,
-.br
+
.BI "const struct avc_lock_callback *" lock_callbacks ");"
.in
.sp
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libselinux-2.0.13/man/man3/context_new.3
--- nsalibselinux/man/man3/context_new.3 2007-01-17 11:11:35.000000000 -0500
+++ libselinux-2.0.13/man/man3/context_new.3 2007-07-10 12:13:40.000000000 -0400
@@ -4,27 +4,27 @@
.SH "SYNOPSIS"
.B #include <selinux/context.h>
-.br
+
.B "context_t context_new(const char *" context_str );
-.br
+
.B "const char * context_str(context_t " con );
-.br
+
.B "void context_free(context_t " con );
-.br
+
.B "const char * context_type_get(context_t " con );
-.br
+
.B "const char * context_range_get(context_t " con );
-.br
+
.B "const char * context_role_get(context_t " con );
-.br
+
.B "const char * context_user_get(context_t " con );
-.br
+
.B "const char * context_type_set(context_t " con ", const char* " type);
-.br
+
.B "const char * context_range_set(context_t " con ", const char* " range);
-.br
+
.B "const char * context_role_set(context_t " con ", const char* " role );
-.br
+
.B "const char * context_user_set(context_t " con ", const char* " user );
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-2.0.13/man/man3/freecon.3
--- nsalibselinux/man/man3/freecon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/freecon.3 2007-07-10 12:13:55.000000000 -0400
@@ -5,7 +5,7 @@
.B #include <selinux/selinux.h>
.sp
.BI "void freecon(security_context_t "con );
-.br
+
.BI "void freeconary(security_context_t *" con );
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux-2.0.13/man/man3/getcon.3
--- nsalibselinux/man/man3/getcon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/getcon.3 2007-07-10 12:14:08.000000000 -0400
@@ -1,21 +1,21 @@
.TH "getcon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation"
.SH "NAME"
getcon, getprevcon, getpidcon \- get SELinux security context of a process.
-.br
+
getpeercon - get security context of a peer socket.
-.br
+
setcon - set current security context of a process.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getcon(security_context_t *" context );
-.br
+
.BI "int getprevcon(security_context_t *" context );
-.br
+
.BI "int getpidcon(pid_t " pid ", security_context_t *" context );
-.br
+
.BI "int getpeercon(int " fd ", security_context_t *" context);
-.br
+
.BI "int setcon(security_context_t " context);
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libselinux-2.0.13/man/man3/getexeccon.3
--- nsalibselinux/man/man3/getexeccon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/getexeccon.3 2007-07-10 12:14:24.000000000 -0400
@@ -1,16 +1,16 @@
.TH "getexeccon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation"
.SH "NAME"
getexeccon, setexeccon \- get or set the SELinux security context used for executing a new process.
-.br
+
rpm_execcon \- run a helper for rpm in an appropriate security context
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getexeccon(security_context_t *" context );
-.br
+
.BI "int setexeccon(security_context_t "context );
-.br
+
.BI "int rpm_execcon(unsigned int " verified ", const char *" filename ", char *const " argv "[] , char *const " envp "[]);
.SH "DESCRIPTION"
@@ -26,16 +26,16 @@
setexeccon to reset to the default policy behavior.
The exec context is automatically reset after the next execve, so a
program doesn't need to explicitly sanitize it upon startup.
-.br
+
setexeccon can be applied prior to library
functions that internally perform an execve, e.g. execl*, execv*, popen,
in order to set an exec context for that operation.
-.br
+
Note: Signal handlers that perform an execve must take care to
save, reset, and restore the exec context to avoid unexpected behaviors.
-.br
+
.B rpm_execcon
runs a helper for rpm in an appropriate security context. The
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libselinux-2.0.13/man/man3/getfilecon.3
--- nsalibselinux/man/man3/getfilecon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/getfilecon.3 2007-07-10 12:17:06.000000000 -0400
@@ -5,9 +5,9 @@
.B #include <selinux/selinux.h>
.sp
.BI "int getfilecon(const char *" path ", security_context_t *" con );
-.br
+
.BI "int lgetfilecon(const char *" path ", security_context_t *" con );
-.br
+
.BI "int fgetfilecon(int "fd ", security_context_t *" con );
.SH "DESCRIPTION"
.B getfilecon
@@ -22,7 +22,6 @@
is identical to getfilecon, only the open file pointed to by filedes (as
returned by open(2)) is interrogated in place of path.
-.br
The returned context should be freed with freecon if non-NULL.
.SH "RETURN VALUE"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 libselinux-2.0.13/man/man3/getfscreatecon.3
--- nsalibselinux/man/man3/getfscreatecon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/getfscreatecon.3 2007-07-10 12:17:06.000000000 -0400
@@ -6,7 +6,7 @@
.B #include <selinux/selinux.h>
.sp
.BI "int getfscreatecon(security_context_t *" con );
-.br
+
.BI "int setfscreatecon(security_context_t "context );
.SH "DESCRIPTION"
@@ -22,11 +22,11 @@
setfscreatecon to reset to the default policy behavior.
The fscreate context is automatically reset after the next execve, so a
program doesn't need to explicitly sanitize it upon startup.
-.br
+
setfscreatecon can be applied prior to library
functions that internally perform an file creation,
in order to set an file context on the objects.
-.br
+
Note: Signal handlers that perform an setfscreate must take care to
save, reset, and restore the fscreate context to avoid unexpected behaviors.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-2.0.13/man/man3/get_ordered_context_list.3
--- nsalibselinux/man/man3/get_ordered_context_list.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/get_ordered_context_list.3 2007-07-10 12:17:05.000000000 -0400
@@ -4,7 +4,7 @@
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/get_context_list.h>
.sp
.BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-2.0.13/man/man3/getseuserbyname.3
--- nsalibselinux/man/man3/getseuserbyname.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/getseuserbyname.3 2007-07-10 12:17:04.000000000 -0400
@@ -12,7 +12,7 @@
then be passed to other libselinux functions such as
get_ordered_context_list_with_level and get_default_context_with_level.
-.br
+
The returned SELinux username and level should be freed by the caller
using free.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-2.0.13/man/man3/is_context_customizable.3
--- nsalibselinux/man/man3/is_context_customizable.3 2007-01-17 11:11:35.000000000 -0500
+++ libselinux-2.0.13/man/man3/is_context_customizable.3 2007-07-10 12:17:04.000000000 -0400
@@ -8,7 +8,7 @@
.SH "DESCRIPTION"
.B is_context_customizable
-.br
+
This function checks whether the type of scon is in the /etc/selinux/SELINUXTYPE/context/customizable_types file. A customizable type is a file context type that
administrators set on files, usually to allow certain domains to share the file content. restorecon and setfiles, by default, leave these context in place.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libselinux-2.0.13/man/man3/matchmediacon.3
--- nsalibselinux/man/man3/matchmediacon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/matchmediacon.3 2007-07-10 12:17:03.000000000 -0400
@@ -6,14 +6,14 @@
.B #include <selinux/selinux.h>
.sp
.BI "int matchmediacon(const char *" media ", security_context_t *" con);"
-.br
+
.SH "DESCRIPTION"
-.br
+
.B matchmediacon
matches the specified media type with the media contexts configuration and sets the security context "con" to refer to the resulting context.
.sp
-.br
+
.B Note:
Caller must free returned security context "con" using freecon.
.SH "RETURN VALUE"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libselinux-2.0.13/man/man3/matchpathcon.3
--- nsalibselinux/man/man3/matchpathcon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/matchpathcon.3 2007-07-10 12:15:33.000000000 -0400
@@ -6,18 +6,18 @@
.B #include <selinux/selinux.h>
.sp
.BI "int matchpathcon_init(const char *" path ");"
-.br
+
.BI "int matchpathcon_fini(void);"
-.br
+
.BI "int matchpathcon(const char *" path ", mode_t " mode ", security_context_t *" con);
.sp
-.br
+
.BI "void set_matchpathcon_printf(void (*" f ")(const char *" fmt ", ...));"
-.br
+
.BI "void set_matchpathcon_invalidcon(int (*" f ")(const char *"path ", unsigned " lineno ", char * " context "));"
-.br
+
.BI "void set_matchpathcon_flags(unsigned int " flags ");"
-.br
+
.SH "DESCRIPTION"
.B matchpathcon_init
loads the file contexts configuration specified by
@@ -40,7 +40,7 @@
suffix are also looked up and loaded if present. These files provide
dynamically generated entries for user home directories and for local
customizations.
-.br
+
.sp
.B matchpathcon_fini
frees the memory allocated by a prior call to
@@ -49,7 +49,7 @@
.B matchpathcon_init
calls, or to free memory when finished using
.B matchpathcon.
-.br
+
.sp
.B matchpathcon
matches the specified pathname and mode against the file contexts
@@ -72,14 +72,14 @@
.I path,
defaulting to the active file contexts configuration.
.sp
-.br
+
.B set_matchpathcon_printf
sets the function used by
.B matchpathcon_init
when displaying errors about the file contexts configuration. If not set,
then this defaults to fprintf(stderr, fmt, ...). This can be set to redirect
error reporting to a different destination.
-.br
+
.sp
.B set_matchpathcon_invalidcon
sets the function used by
@@ -100,7 +100,7 @@
and
.I lineno
in such error messages.
-.br
+
.sp
.B set_matchpathcon_flags
sets flags controlling the operation of
@@ -111,7 +111,7 @@
.B MATCHPATHCON_BASEONLY
flag is set, then only the base file contexts configuration file
will be processed, not any dynamically generated entries or local customizations.
-.br
+
.sp
.SH "RETURN VALUE"
Returns 0 on success or -1 otherwise.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_class_to_string.3 libselinux-2.0.13/man/man3/security_class_to_string.3
--- nsalibselinux/man/man3/security_class_to_string.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/security_class_to_string.3 2007-07-10 12:15:16.000000000 -0400
@@ -8,7 +8,7 @@
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/flask.h>
.sp
.BI "const char * security_class_to_string(security_class_t " tclass ");"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av.3 libselinux-2.0.13/man/man3/security_compute_av.3
--- nsalibselinux/man/man3/security_compute_av.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/security_compute_av.3 2007-07-10 12:15:12.000000000 -0400
@@ -6,7 +6,7 @@
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
-.br
+
.B #include <selinux/flask.h>
.sp
.BI "int security_compute_av(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", access_vector_t "requested ", struct av_decision *" avd );
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce.3 libselinux-2.0.13/man/man3/security_getenforce.3
--- nsalibselinux/man/man3/security_getenforce.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/security_getenforce.3 2007-07-10 12:15:08.000000000 -0400
@@ -5,7 +5,7 @@
.B #include <selinux/selinux.h>
.sp
.B int security_getenforce();
-.br
+
.BI "int security_setenforce(int "value );
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_booleans.3 libselinux-2.0.13/man/man3/security_load_booleans.3
--- nsalibselinux/man/man3/security_load_booleans.3 2007-01-17 11:11:35.000000000 -0500
+++ libselinux-2.0.13/man/man3/security_load_booleans.3 2007-07-10 12:17:02.000000000 -0400
@@ -7,15 +7,15 @@
.B #include <selinux/selinux.h>
.sp
extern int security_load_booleans(char *path);
-.br
+
extern int security_get_boolean_names(char ***names, int *len);
-.br
+
extern int security_get_boolean_pending(const char *name);
-.br
+
extern int security_get_boolean_active(const char *name);
-.br
+
extern int security_set_boolean(const char *name, int value);
-.br
+
extern int security_commit_booleans(void);
@@ -29,27 +29,27 @@
The SELinux API allows for a transaction based update. So you can set several boolean values and the commit them all at once.
security_load_booleans
-.br
+
Load policy boolean settings. Path may be NULL, in which case the booleans are loaded from the active policy boolean configuration file.
security_get_boolean_names
-.br
+
Returns a list of boolean names, currently supported by the loaded policy.
security_set_boolean
-.br
+
Sets the pending value for boolean
security_get_boolean_pending
-.br
+
Return pending value for boolean
security_get_boolean_active
-.br
+
Return active value for boolean
security_commit_booleans
-.br
+
Commit all pending values for the booleans.
.SH AUTHOR
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-2.0.13/man/man3/selinux_binary_policy_path.3
--- nsalibselinux/man/man3/selinux_binary_policy_path.3 2007-01-17 11:11:35.000000000 -0500
+++ libselinux-2.0.13/man/man3/selinux_binary_policy_path.3 2007-07-10 12:16:08.000000000 -0400
@@ -10,27 +10,27 @@
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
-.br
+
extern const char *selinux_policy_root(void);
-.br
+
extern const char *selinux_binary_policy_path(void);
-.br
+
extern const char *selinux_failsafe_context_path(void);
-.br
+
extern const char *selinux_removable_context_path(void);
-.br
+
extern const char *selinux_default_context_path(void);
-.br
+
extern const char *selinux_user_contexts_path(void);
-.br
+
extern const char *selinux_file_context_path(void);
-.br
+
extern const char *selinux_media_context_path(void);
-.br
+
extern const char *selinux_securetty_types_path(void);
-.br
+
extern const char *selinux_contexts_path(void);
-.br
+
extern const char *selinux_booleans_path(void);
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemode.3 libselinux-2.0.13/man/man3/selinux_getenforcemode.3
--- nsalibselinux/man/man3/selinux_getenforcemode.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/selinux_getenforcemode.3 2007-07-10 12:16:51.000000000 -0400
@@ -5,13 +5,13 @@
.B #include <selinux/selinux.h>
.sp
.B int selinux_getenforcemode(int *enforce);
-.br
+
.SH "DESCRIPTION"
.B selinux_getenforcemode
Reads the contents of the /etc/selinux/config file to determine how the
system was setup to run SELinux.
-.br
+
Sets the value of enforce to 1 if SELinux should be run in enforcing mode.
Sets the value of enforce to 0 if SELinux should be run in permissive mode.
Sets the value of enforce to -1 if SELinux should be disabled.
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root.3 libselinux-2.0.13/man/man3/selinux_policy_root.3
--- nsalibselinux/man/man3/selinux_policy_root.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/selinux_policy_root.3 2007-07-10 12:16:49.000000000 -0400
@@ -5,7 +5,7 @@
.B #include <selinux/selinux.h>
.sp
.B char *selinux_policy_root();
-.br
+
.SH "DESCRIPTION"
.B selinux_policy_root
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libselinux-2.0.13/man/man3/setfilecon.3
--- nsalibselinux/man/man3/setfilecon.3 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man3/setfilecon.3 2007-07-10 12:12:18.000000000 -0400
@@ -6,9 +6,9 @@
.B #include <selinux/selinux.h>
.sp
.BI "int setfilecon(const char *" path ", security_context_t "con );
-.br
+
.BI "int lsetfilecon(const char *" path ", security_context_t "con );
-.br
+
.BI "int fsetfilecon(int "fd ", security_context_t "con );
.SH "DESCRIPTION"
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-2.0.13/man/man8/matchpathcon.8
--- nsalibselinux/man/man8/matchpathcon.8 2007-06-21 05:16:39.000000000 -0400
+++ libselinux-2.0.13/man/man8/matchpathcon.8 2007-07-10 11:38:39.000000000 -0400
@@ -10,16 +10,16 @@
.SH OPTIONS
.B \-n
Do not display path.
-.br
+
.B \-N
Do not use translations.
-.br
+
.B \-f file_context_file
Use alternate file_context file
-.br
+
.B \-p prefix
Use prefix to speed translations
-.br
+
.B \-V
Verify file context on disk matches defaults
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinux.8 libselinux-2.0.13/man/man8/selinux.8
--- nsalibselinux/man/man8/selinux.8 2006-11-16 17:15:26.000000000 -0500
+++ libselinux-2.0.13/man/man8/selinux.8 2007-07-10 11:38:21.000000000 -0400
@@ -62,14 +62,13 @@
.B system-config-securitylevel
allows customization of these booleans and tunables.
-.br
Many domains that are protected by SELinux also include selinux man pages explainging how to customize their policy.
.SH FILE LABELING
All files, directories, devices ... have a security context/label associated with them. These context are stored in the extended attributes of the file system.
Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non selinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling.
-.br
+
The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files.
.SH AUTHOR