diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.30.12/include/selinux/selinux.h --- nsalibselinux/include/selinux/selinux.h 2006-05-18 12:11:17.000000000 -0400 +++ libselinux-1.30.12/include/selinux/selinux.h 2006-06-09 15:29:18.000000000 -0400 @@ -361,6 +361,13 @@ extern int selinux_getenforcemode(int *enforce); /* + selinux_getpolicytype reads the /etc/selinux/config file and determines + what the default policy for the machine is. Calling application must + free policytype. + */ +extern int selinux_getpolicytype(char **policytype); + +/* selinux_policy_root reads the /etc/selinux/config file and returns the directory path under which the compiled policy file and context configuration files exist. diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.30.12/src/selinux_config.c --- nsalibselinux/src/selinux_config.c 2006-05-23 06:19:32.000000000 -0400 +++ libselinux-1.30.12/src/selinux_config.c 2006-06-09 15:42:35.000000000 -0400 @@ -124,6 +124,37 @@ } hidden_def(selinux_getenforcemode) +int selinux_getpolicytype(char **intype) { + int ret=-1; + char *type=NULL; + char *end=NULL; + FILE *cfg = fopen(SELINUXCONFIG,"r"); + char buf[4097]; + int len=sizeof(SELINUXTYPETAG)-1; + if (!cfg) { + cfg = fopen(SECURITYCONFIG,"r"); + } + if (cfg) { + while (fgets_unlocked(buf, 4096, cfg)) { + if (strncmp(buf,SELINUXTYPETAG,len)) + continue; + type = strdupa(buf+sizeof(SELINUXTYPETAG)-1); + end = type + strlen(type)-1; + while ((end > type) && + (isspace(*end) || iscntrl(*end))) { + *end = 0; + end--; + } + *intype=type; + ret=0; + break; + } + fclose(cfg); + } + return ret; +} +hidden_def(selinux_getpolicytype) + static char *selinux_policyroot = NULL; static char *selinux_rootpath = NULL; diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.12/src/selinux_internal.h --- nsalibselinux/src/selinux_internal.h 2006-05-23 06:19:32.000000000 -0400 +++ libselinux-1.30.12/src/selinux_internal.h 2006-06-09 15:29:18.000000000 -0400 @@ -64,6 +64,7 @@ hidden_proto(selinux_usersconf_path); hidden_proto(selinux_translations_path); hidden_proto(selinux_getenforcemode); +hidden_proto(selinux_getpolicytype); hidden_proto(selinux_raw_to_trans_context); hidden_proto(selinux_trans_to_raw_context); diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-1.30.12/src/selinux.py --- nsalibselinux/src/selinux.py 2006-05-15 09:43:24.000000000 -0400 +++ libselinux-1.30.12/src/selinux.py 2006-06-09 15:29:18.000000000 -0400 @@ -102,6 +102,7 @@ is_context_customizable = _selinux.is_context_customizable selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context +selinux_getpolicytype = _selinux.selinux_getpolicytype getseuserbyname = _selinux.getseuserbyname diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-1.30.12/src/selinuxswig.i --- nsalibselinux/src/selinuxswig.i 2006-05-15 09:43:24.000000000 -0400 +++ libselinux-1.30.12/src/selinuxswig.i 2006-06-09 15:29:18.000000000 -0400 @@ -126,4 +126,5 @@ %typemap(argout) char ** { $result = SWIG_Python_AppendOutput($result, PyString_FromString(*$1)); } +extern int selinux_getpolicytype(char **enforce); extern int getseuserbyname(const char *linuxuser, char **seuser, char **level); diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-1.30.12/src/selinuxswig_wrap.c --- nsalibselinux/src/selinuxswig_wrap.c 2006-05-15 09:43:24.000000000 -0400 +++ libselinux-1.30.12/src/selinuxswig_wrap.c 2006-06-09 15:29:18.000000000 -0400 @@ -4153,6 +4153,27 @@ } +SWIGINTERN PyObject *_wrap_selinux_getpolicytype(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + char **arg1 = (char **) 0 ; + int result; + char *temp1 ; + + { + arg1 = &temp1; + } + if (!PyArg_ParseTuple(args,(char *)":selinux_getpolicytype")) SWIG_fail; + result = (int)selinux_getpolicytype(arg1); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, PyString_FromString(*arg1)); + } + return resultobj; +fail: + return NULL; +} + + SWIGINTERN PyObject *_wrap_getseuserbyname(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { PyObject *resultobj = 0; char *arg1 = (char *) 0 ; @@ -4253,6 +4274,7 @@ { (char *)"is_context_customizable", _wrap_is_context_customizable, METH_VARARGS, NULL}, { (char *)"selinux_trans_to_raw_context", _wrap_selinux_trans_to_raw_context, METH_VARARGS, NULL}, { (char *)"selinux_raw_to_trans_context", _wrap_selinux_raw_to_trans_context, METH_VARARGS, NULL}, + { (char *)"selinux_getpolicytype", _wrap_selinux_getpolicytype, METH_VARARGS, NULL}, { (char *)"getseuserbyname", _wrap_getseuserbyname, METH_VARARGS, NULL}, { NULL, NULL, 0, NULL } }; --- libselinux-1.30.12/src/setrans_client.c~ 2006-06-05 13:20:37.000000000 -0400 +++ libselinux-1.30.12/src/setrans_client.c 2006-06-12 13:39:55.000000000 -0400 @@ -16,6 +16,9 @@ #include "selinux_internal.h" #include "setrans_internal.h" +static int mls_enabled=-1; +#define MLSENABLED ((mls_enabled==-1) ? (mls_enabled=is_selinux_mls_enabled()) : mls_enabled) + // Simple cache static __thread security_context_t prev_t2r_trans=NULL; static __thread security_context_t prev_t2r_raw=NULL; @@ -243,6 +246,12 @@ *rawp = NULL; return 0; } + + if (! MLSENABLED) { + *rawp = strdup(trans); + return 0; + } + if (cache_trans) { if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) { *rawp=strdup(prev_t2r_raw); @@ -279,6 +288,11 @@ return 0; } + if (! MLSENABLED) { + *transp = strdup(raw); + return 0; + } + if (cache_trans) { if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) { *transp=strdup(prev_r2t_trans);