diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.30.12/include/selinux/selinux.h
--- nsalibselinux/include/selinux/selinux.h 2006-05-18 12:11:17.000000000 -0400
+++ libselinux-1.30.12/include/selinux/selinux.h 2006-06-09 15:29:18.000000000 -0400
@@ -361,6 +361,13 @@
extern int selinux_getenforcemode(int *enforce);
/*
+ selinux_getpolicytype reads the /etc/selinux/config file and determines
+ what the default policy for the machine is. Calling application must
+ free policytype.
+ */
+extern int selinux_getpolicytype(char **policytype);
+
+/*
selinux_policy_root reads the /etc/selinux/config file and returns
the directory path under which the compiled policy file and context
configuration files exist.
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.30.12/src/selinux_config.c
--- nsalibselinux/src/selinux_config.c 2006-05-23 06:19:32.000000000 -0400
+++ libselinux-1.30.12/src/selinux_config.c 2006-06-09 15:42:35.000000000 -0400
@@ -124,6 +124,37 @@
}
hidden_def(selinux_getenforcemode)
+int selinux_getpolicytype(char **intype) {
+ int ret=-1;
+ char *type=NULL;
+ char *end=NULL;
+ FILE *cfg = fopen(SELINUXCONFIG,"r");
+ char buf[4097];
+ int len=sizeof(SELINUXTYPETAG)-1;
+ if (!cfg) {
+ cfg = fopen(SECURITYCONFIG,"r");
+ }
+ if (cfg) {
+ while (fgets_unlocked(buf, 4096, cfg)) {
+ if (strncmp(buf,SELINUXTYPETAG,len))
+ continue;
+ type = strdupa(buf+sizeof(SELINUXTYPETAG)-1);
+ end = type + strlen(type)-1;
+ while ((end > type) &&
+ (isspace(*end) || iscntrl(*end))) {
+ *end = 0;
+ end--;
+ }
+ *intype=type;
+ ret=0;
+ break;
+ }
+ fclose(cfg);
+ }
+ return ret;
+}
+hidden_def(selinux_getpolicytype)
+
static char *selinux_policyroot = NULL;
static char *selinux_rootpath = NULL;
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.12/src/selinux_internal.h
--- nsalibselinux/src/selinux_internal.h 2006-05-23 06:19:32.000000000 -0400
+++ libselinux-1.30.12/src/selinux_internal.h 2006-06-09 15:29:18.000000000 -0400
@@ -64,6 +64,7 @@
hidden_proto(selinux_usersconf_path);
hidden_proto(selinux_translations_path);
hidden_proto(selinux_getenforcemode);
+hidden_proto(selinux_getpolicytype);
hidden_proto(selinux_raw_to_trans_context);
hidden_proto(selinux_trans_to_raw_context);
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-1.30.12/src/selinux.py
--- nsalibselinux/src/selinux.py 2006-05-15 09:43:24.000000000 -0400
+++ libselinux-1.30.12/src/selinux.py 2006-06-09 15:29:18.000000000 -0400
@@ -102,6 +102,7 @@
is_context_customizable = _selinux.is_context_customizable
selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context
selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context
+selinux_getpolicytype = _selinux.selinux_getpolicytype
getseuserbyname = _selinux.getseuserbyname
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-1.30.12/src/selinuxswig.i
--- nsalibselinux/src/selinuxswig.i 2006-05-15 09:43:24.000000000 -0400
+++ libselinux-1.30.12/src/selinuxswig.i 2006-06-09 15:29:18.000000000 -0400
@@ -126,4 +126,5 @@
%typemap(argout) char ** {
$result = SWIG_Python_AppendOutput($result, PyString_FromString(*$1));
}
+extern int selinux_getpolicytype(char **enforce);
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-1.30.12/src/selinuxswig_wrap.c
--- nsalibselinux/src/selinuxswig_wrap.c 2006-05-15 09:43:24.000000000 -0400
+++ libselinux-1.30.12/src/selinuxswig_wrap.c 2006-06-09 15:29:18.000000000 -0400
@@ -4153,6 +4153,27 @@
}
+SWIGINTERN PyObject *_wrap_selinux_getpolicytype(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char **arg1 = (char **) 0 ;
+ int result;
+ char *temp1 ;
+
+ {
+ arg1 = &temp1;
+ }
+ if (!PyArg_ParseTuple(args,(char *)":selinux_getpolicytype")) SWIG_fail;
+ result = (int)selinux_getpolicytype(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(*arg1));
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_getseuserbyname(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
char *arg1 = (char *) 0 ;
@@ -4253,6 +4274,7 @@
{ (char *)"is_context_customizable", _wrap_is_context_customizable, METH_VARARGS, NULL},
{ (char *)"selinux_trans_to_raw_context", _wrap_selinux_trans_to_raw_context, METH_VARARGS, NULL},
{ (char *)"selinux_raw_to_trans_context", _wrap_selinux_raw_to_trans_context, METH_VARARGS, NULL},
+ { (char *)"selinux_getpolicytype", _wrap_selinux_getpolicytype, METH_VARARGS, NULL},
{ (char *)"getseuserbyname", _wrap_getseuserbyname, METH_VARARGS, NULL},
{ NULL, NULL, 0, NULL }
};
--- libselinux-1.30.12/src/setrans_client.c~ 2006-06-05 13:20:37.000000000 -0400
+++ libselinux-1.30.12/src/setrans_client.c 2006-06-12 13:39:55.000000000 -0400
@@ -16,6 +16,9 @@
#include "selinux_internal.h"
#include "setrans_internal.h"
+static int mls_enabled=-1;
+#define MLSENABLED ((mls_enabled==-1) ? (mls_enabled=is_selinux_mls_enabled()) : mls_enabled)
+
// Simple cache
static __thread security_context_t prev_t2r_trans=NULL;
static __thread security_context_t prev_t2r_raw=NULL;
@@ -243,6 +246,12 @@
*rawp = NULL;
return 0;
}
+
+ if (! MLSENABLED) {
+ *rawp = strdup(trans);
+ return 0;
+ }
+
if (cache_trans) {
if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
*rawp=strdup(prev_t2r_raw);
@@ -279,6 +288,11 @@
return 0;
}
+ if (! MLSENABLED) {
+ *transp = strdup(raw);
+ return 0;
+ }
+
if (cache_trans) {
if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
*transp=strdup(prev_r2t_trans);