From ae6f77c9ad4306cc3ca746097e623d546e085e86 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jan 12 2005 14:37:21 +0000
Subject: - Add is_customizable_types function call


---

diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 506d03a..a9b83f7 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,10 +1,152 @@
---- libselinux-1.19.3/utils/avcstat.c.rhat	2004-12-03 14:40:34.000000000 -0500
-+++ libselinux-1.19.3/utils/avcstat.c	2004-12-27 06:48:49.000000000 -0500
-@@ -166,6 +166,7 @@
- 			       "hits", "misses", "allocs", "reclaims", "frees");
- 
- 		memset(&tot, 0, sizeof(tot));
-+		memset(&last, 0, sizeof(last));
- 		
- 		while ((line = strtok(NULL, "\n"))) {
- 			struct avc_cache_stats tmp;
+diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.20.1/include/selinux/selinux.h
+--- nsalibselinux/include/selinux/selinux.h	2004-12-03 14:40:05.000000000 -0500
++++ libselinux-1.20.1/include/selinux/selinux.h	2005-01-10 17:30:01.615342019 -0500
+@@ -226,6 +226,7 @@
+ extern const char *selinux_media_context_path(void);
+ extern const char *selinux_contexts_path(void);
+ extern const char *selinux_booleans_path(void);
++extern const char *selinux_customizable_types_path(void);
+ 
+ /* Check a permission in the passwd class.
+    Return 0 if granted or -1 otherwise. */
+@@ -242,6 +243,10 @@
+ 		       const char *filename, 
+ 		       char *const argv[], char *const envp[]);
+ 
++/* Returns whether a file context is customizable, and should not 
++   be relabeled . */
++extern int is_context_customizable (security_context_t scontext);
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-1.20.1/man/man3/is_context_customizable.3
+--- nsalibselinux/man/man3/is_context_customizable.3	1969-12-31 19:00:00.000000000 -0500
++++ libselinux-1.20.1/man/man3/is_context_customizable.3	2005-01-10 17:30:01.617341793 -0500
+@@ -0,0 +1,22 @@
++.TH "is_context_customizable" "3" "10 January 2005" "dwalsh@redhat.com" "SELinux API documentation"
++.SH "NAME"
++is_context_customizable \- check whether context type is customizable by the administrator.
++.SH "SYNOPSIS"
++.B #include <selinux/selinux.h>
++.sp
++.B int is_context_customizable(security_context_t scon);
++
++.SH "DESCRIPTION"
++.B is_context_customizable
++.br
++This function checks whether the type of scon is in the /etc/selinux/SELINUXTYPE/context/customizable_types file.  A customizable type is a file context type that
++administrators set on files, usually to allow certain domains to share the file content. restorecon and setfiles, by default, leave these context in place.
++
++ 
++.SH "RETURN VALUE"
++returns 1 if security context is customizable or 0 if it is not. 
++returns -1 on error
++
++.SH "FILE"
++/etc/selinux/SELINUXTYPE/context/customizable_types
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/file_path_suffixes.h libselinux-1.20.1/src/file_path_suffixes.h
+--- nsalibselinux/src/file_path_suffixes.h	2004-10-20 16:31:36.000000000 -0400
++++ libselinux-1.20.1/src/file_path_suffixes.h	2005-01-10 17:30:01.618341680 -0500
+@@ -9,3 +9,4 @@
+ S_(BOOLEANS, "/booleans")
+ S_(MEDIA_CONTEXTS, "/contexts/files/media")
+ S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
++S_(CUSTOMIZABLE_TYPES, "/contexts/customizable_types")
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/is_customizable_type.c libselinux-1.20.1/src/is_customizable_type.c
+--- nsalibselinux/src/is_customizable_type.c	1969-12-31 19:00:00.000000000 -0500
++++ libselinux-1.20.1/src/is_customizable_type.c	2005-01-10 17:47:59.567648626 -0500
+@@ -0,0 +1,68 @@
++#include <unistd.h>
++#include <errno.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <ctype.h>
++#include <pwd.h>
++#include <selinux/selinux.h>
++
++static int get_customizable_type_list (security_context_t **retlist)
++{
++	FILE *fp;
++	char buf[4097];
++	int ctr=0, i;
++	security_context_t *list=NULL;
++
++	fp = fopen(selinux_customizable_types_path(), "r");
++	if (!fp)
++		return -1;
++
++	while (fgets_unlocked(buf, 4096, fp)) {
++		ctr++;
++	}
++	rewind(fp);
++	if (ctr) {
++		list=(security_context_t *) calloc(sizeof(security_context_t *), ctr+1);
++		if (list) {
++		  i=0;
++		  while (fgets_unlocked(buf, 4096, fp)) {
++		    buf[strlen(buf)-1]=0;
++		    list[i++]=(security_context_t) strdup(buf);
++		    if (i>ctr) { 
++		      /* Should never happen */
++		      free(list);
++		      list=NULL;
++		      break;
++		    }
++		  }
++		}
++	}
++	fclose(fp);
++	if (!list)
++		return -1;
++	*retlist=list;
++	return 0;
++}
++
++static security_context_t *customizable_list=NULL;
++
++int is_context_customizable (security_context_t scontext) {
++  int i;
++  char *ptr;
++  if (! customizable_list) {
++    if (get_customizable_type_list(&customizable_list)!=0) 
++      return -1;
++  }
++  
++  ptr=strrchr(scontext, ':');
++  if (ptr) {
++	  ptr++;
++  } else {
++	  ptr=scontext;
++  }
++  for (i = 0; customizable_list[i]; i++) {
++    if (strcmp(customizable_list[i],ptr) == 0) return 1;
++  }
++  return 0;
++}
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.20.1/src/selinux_config.c
+--- nsalibselinux/src/selinux_config.c	2004-10-20 16:31:36.000000000 -0400
++++ libselinux-1.20.1/src/selinux_config.c	2005-01-10 17:30:01.838316846 -0500
+@@ -26,7 +26,8 @@
+ #define BOOLEANS          7
+ #define MEDIA_CONTEXTS    8
+ #define REMOVABLE_CONTEXT 9
+-#define NEL               10
++#define CUSTOMIZABLE_TYPES    10
++#define NEL               11
+ 
+ /* New layout is relative to SELINUXDIR/policytype. */
+ static char *file_paths[NEL];
+@@ -211,6 +212,10 @@
+   return get_path(MEDIA_CONTEXTS);
+ }
+ 
++const char *selinux_customizable_types_path() {
++  return get_path(CUSTOMIZABLE_TYPES);
++}
++
+ const char *selinux_contexts_path() {
+   return get_path(CONTEXTS_DIR);
+ }
diff --git a/libselinux.spec b/libselinux.spec
index 8765807..2d69cd9 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -1,10 +1,12 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.20.1
-Release: 1
+Release: 2
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: libselinux-rhat.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
 
 %description
@@ -33,6 +35,7 @@ needed for developing SELinux applications.
 
 %prep
 %setup -q
+%patch -p1 -b .rhat
 
 %build
 make CFLAGS="-g %{optflags}"
@@ -83,6 +86,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*
 
 %changelog
+* Wed Jan 12 2005 Dan Walsh <dwalsh@redhat.com> 1.20.1-2
+- Add is_customizable_types function call
+
 * Fri Jan 7 2005 Dan Walsh <dwalsh@redhat.com> 1.20.1-1
 - Update to latest from upstream
 	* Just changing version number to match upstream