RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: j...@rpm5.org
Module: rpm Date: 11-Jul-2009 19:14:04
Branch: HEAD Handle: 2009071117140300
Added files:
rpm/rpmio rpmsx.c rpmsx.h
Modified files:
rpm/rpmio Makefile.am librpmio.vers poptIO.c rpmio.c
Log:
- rpmsx: break ground for a SELinux coffin and shroud.
Summary:
Revision Changes Path
1.235 +3 -3 rpm/rpmio/Makefile.am
2.130 +4 -0 rpm/rpmio/librpmio.vers
1.55 +4 -0 rpm/rpmio/poptIO.c
1.202 +2 -0 rpm/rpmio/rpmio.c
2.1 +106 -0 rpm/rpmio/rpmsx.c
2.1 +108 -0 rpm/rpmio/rpmsx.h
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/rpmio/Makefile.am
============================================================================
$ cvs diff -u -r1.234 -r1.235 Makefile.am
--- rpm/rpmio/Makefile.am 3 Jul 2009 16:50:08 -0000 1.234
+++ rpm/rpmio/Makefile.am 11 Jul 2009 17:14:03 -0000 1.235
@@ -69,7 +69,7 @@
poptIO.h rpmaug.h rpmbc.h rpmbf.h rpmbz.h rpmdav.h rpmdir.h rpmficl.h
rpmgc.h \
rpmhash.h rpmhook.h rpmio_internal.h rpmjs.h rpmjsio.h rpmkeyring.h \
rpmku.h rpmlua.h rpmmg.h rpmnss.h rpmperl.h rpmpython.h \
- rpmruby.h rpmsq.h rpmsquirrel.h rpmssl.h rpmsyck.h rpmtcl.h \
+ rpmruby.h rpmsq.h rpmsquirrel.h rpmssl.h rpmsx.h rpmsyck.h rpmtcl.h \
rpmurl.h rpmuuid.h rpmxar.h rpmz.h rpmzq.h \
tar.h ugid.h rpmio-stub.h
@@ -86,8 +86,8 @@
rpmjs.c rpmjsio.c rpmkeyring.c \
rpmku.c rpmlog.c rpmlua.c rpmmalloc.c rpmmg.c rpmnss.c \
rpmperl.c rpmpgp.c rpmpython.c rpmrpc.c rpmruby.c rpmsq.c \
- rpmsquirrel.c rpmssl.c rpmsyck.c rpmsw.c rpmtcl.c rpmuuid.c rpmxar.c \
- rpmzlog.c rpmzq.c \
+ rpmsquirrel.c rpmssl.c rpmsyck.c rpmsw.c rpmsx.c rpmtcl.c \
+ rpmuuid.c rpmxar.c rpmzlog.c rpmzq.c \
strcasecmp.c strtolocale.c tar.c url.c ugid.c xzdio.c yarn.c
librpmio_la_LDFLAGS = -release $(LT_CURRENT).$(LT_REVISION)
if HAVE_LD_VERSION_SCRIPT
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/librpmio.vers
============================================================================
$ cvs diff -u -r2.129 -r2.130 librpmio.vers
--- rpm/rpmio/librpmio.vers 9 Jul 2009 01:26:09 -0000 2.129
+++ rpm/rpmio/librpmio.vers 11 Jul 2009 17:14:03 -0000 2.130
@@ -475,6 +475,10 @@
rpmswNow;
rpmswPrint;
rpmswSub;
+ _rpmsex_debug;
+ rpmsexExec;
+ rpmsexMatch;
+ rpmsexNew;
rpmSyckFree;
rpmSyckLoad;
_rpmtcl_debug;
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/poptIO.c
============================================================================
$ cvs diff -u -r1.54 -r1.55 poptIO.c
--- rpm/rpmio/poptIO.c 9 Jul 2009 17:33:10 -0000 1.54
+++ rpm/rpmio/poptIO.c 11 Jul 2009 17:14:03 -0000 1.55
@@ -36,6 +36,8 @@
#include <rpmsquirrel.h>
#include <rpmtcl.h>
+#include <rpmsx.h>
+
#include "debug.h"
const char *__progname;
@@ -451,6 +453,8 @@
N_("Debug rpmsq Signal Queue"), NULL},
{ "rpmsquirreldebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
&_rpmsquirrel_debug, -1,
N_("Debug embedded SQUIRREL interpreter"), NULL},
+ { "rpmsexdebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
&_rpmsex_debug, -1,
+ N_("Debug SELinux"), NULL},
{ "rpmtcldebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
&_rpmtcl_debug, -1,
N_("Debug embedded TCL interpreter"), NULL},
#ifdef WITH_BZIP2
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmio.c
============================================================================
$ cvs diff -u -r1.201 -r1.202 rpmio.c
--- rpm/rpmio/rpmio.c 9 Jul 2009 17:33:10 -0000 1.201
+++ rpm/rpmio/rpmio.c 11 Jul 2009 17:14:03 -0000 1.202
@@ -3138,6 +3138,7 @@
extern rpmioPool _htmlPool;
extern rpmioPool _htPool;
extern rpmioPool _ctxPool;
+ extern rpmioPool _rpmsexPool;
extern rpmioPool _rpmsyckPool;
/*...@=shadow@*/
extern rpmioPool _rpmaugPool;
@@ -3192,6 +3193,7 @@
_rpmbfPool = rpmioFreePool(_rpmbfPool);
_htPool = rpmioFreePool(_htPool);
_ctxPool = rpmioFreePool(_ctxPool);
+ _rpmsexPool = rpmioFreePool(_rpmsexPool);
_rpmsyckPool = rpmioFreePool(_rpmsyckPool);
_rpmiobPool = rpmioFreePool(_rpmiobPool);
_digPool = rpmioFreePool(_digPool);
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmsx.c
============================================================================
$ cvs diff -u -r0 -r2.1 rpmsx.c
--- /dev/null 2009-07-11 19:13:23 +0200
+++ rpmsx.c 2009-07-11 19:14:04 +0200
@@ -0,0 +1,106 @@
+/** \ingroup rpmio
+ * \file rpmio/rpmsex.c
+ */
+
+#include "system.h"
+
+#if defined(WITH_SELINUX)
+#include <selinux/selinux.h>
+#endif
+
+#include <rpmiotypes.h>
+#include <rpmio.h> /* for *Pool methods */
+#include <rpmmacro.h>
+#include <rpmlog.h>
+#define _RPMSEX_INTERNAL
+#include <rpmsx.h>
+
+#include "debug.h"
+
+/*...@unchecked@*/
+int _rpmsex_debug = 0;
+
+static void rpmsexFini(void * _sex)
+ /*...@globals fileSystem @*/
+ /*...@modifies *_sex, fileSystem @*/
+{
+ rpmsex sex = _sex;
+
+#if defined(WITH_SELINUX)
+ if (sex->fn)
+ (void) matchpathcon_fini();
+#endif
+ sex->flags = 0;
+ sex->fn = _free(sex->fn);
+}
+
+/*...@unchecked@*/ /*...@only@*/ /*...@null@*/
+rpmioPool _rpmsexPool = NULL;
+
+static rpmsex rpmsexGetPool(/*...@null@*/ rpmioPool pool)
+ /*...@globals _rpmsexPool, fileSystem @*/
+ /*...@modifies pool, _rpmsexPool, fileSystem @*/
+{
+ rpmsex sex;
+
+ if (_rpmsexPool == NULL) {
+ _rpmsexPool = rpmioNewPool("sex", sizeof(*sex), -1, _rpmsex_debug,
+ NULL, NULL, rpmsexFini);
+ pool = _rpmsexPool;
+ }
+ return (rpmsex) rpmioGetPool(pool, sizeof(*sex));
+}
+
+rpmsex rpmsexNew(const char * fn, int flags)
+{
+ rpmsex sex = rpmsexGetPool(_rpmsexPool);
+
+ if (fn)
+ sex->fn = rpmGetPath(fn, NULL);
+#if defined(WITH_SELINUX)
+ if (sex->fn && *sex->fn && *sex->fn != '%')
+ (void) matchpathcon_init(sex->fn);
+ else
+#endif
+ sex->fn = _free(sex->fn);
+ sex->flags = flags;
+ return rpmsexLink(sex);
+}
+
+const char * rpmsexMatch(rpmsex sex, const char *fn, mode_t mode)
+{
+ const char * scon = NULL;
+
+if (_rpmsex_debug)
+fprintf(stderr, "--> %s(%p,%s,0%o)\n", __FUNCTION__, sex, (fn ? fn :
"(nil)"), mode);
+
+#if defined(WITH_SELINUX)
+ if (sex->fn) {
+ static char nocon[] = "";
+/*...@-moduncon@*/
+ if (matchpathcon(fn, mode, (security_context_t *)&scon) || scon == NULL)
+ scon = xstrdup(nocon);
+/*...@=moduncon@*/
+ }
+#endif
+
+if (_rpmsex_debug)
+fprintf(stderr, "<-- %s(%p,%s,0%o) %s\n", __FUNCTION__, sex, (fn ? fn :
"(nil)"), mode, scon);
+ return scon;
+}
+
+int rpmsexExec(rpmsex sex, int verified, const char ** argv)
+{
+ int rc = -1;
+
+if (_rpmsex_debug)
+fprintf(stderr, "--> %s(%p,%d,%p)\n", __FUNCTION__, sex, verified, argv);
+
+#if defined(WITH_SELINUX)
+ rc = rpm_execcon(verified, argv[0], (char *const *)argv, environ);
+#endif
+
+if (_rpmsex_debug)
+fprintf(stderr, "<-- %s(%p,%d,%p) rc %d\n", __FUNCTION__, sex, verified,
argv, rc);
+ return rc;
+}
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmsx.h
============================================================================
$ cvs diff -u -r0 -r2.1 rpmsx.h
--- /dev/null 2009-07-11 19:13:23 +0200
+++ rpmsx.h 2009-07-11 19:14:04 +0200
@@ -0,0 +1,108 @@
+#ifndef H_RPMSEX
+#define H_RPMSEX
+
+/** \ingroup rpmio
+ * \file rpmio/rpmsex.h
+ */
+
+/** \ingroup rpmio
+ */
+/*...@unchecked@*/
+extern int _rpmsex_debug;
+
+/** \ingroup rpmio
+ */
+typedef /*...@refcounted@*/ struct rpmsex_s * rpmsex;
+
+#if defined(_RPMSEX_INTERNAL)
+/** \ingroup rpmio
+ */
+struct rpmsex_s {
+ struct rpmioItem_s _item; /*!< usage mutex and pool identifier. */
+ const char * fn;
+ int flags;
+#if defined(__LCLINT__)
+/*...@refs@*/
+ int nrefs; /*!< (unused) keep splint happy */
+#endif
+};
+#endif /* _RPMSEX_INTERNAL */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Unreference a SELinux wrapper instance.
+ * @param mg SELinux wrapper
+ * @return NULL on last dereference
+ */
+/*...@unused@*/ /*...@null@*/
+rpmsex rpmsexUnlink (/*...@killref@*/ /*...@only@*/ /*...@null@*/ rpmsex mg)
+ /*...@modifies mg @*/;
+#define rpmsexUnlink(_mg) \
+ ((rpmsex)rpmioUnlinkPoolItem((rpmioItem)(_mg), __FUNCTION__, __FILE__,
__LINE__))
+
+/**
+ * Reference a SELinux wrapper instance.
+ * @param mg SELinux wrapper
+ * @return new SELinux wrapper reference
+ */
+/*...@unused@*/ /*...@newref@*/ /*...@null@*/
+rpmsex rpmsexLink (/*...@null@*/ rpmsex mg)
+ /*...@modifies mg @*/;
+#define rpmsexLink(_mg) \
+ ((rpmsex)rpmioLinkPoolItem((rpmioItem)(_mg), __FUNCTION__, __FILE__,
__LINE__))
+
+/**
+ * Destroy a SELinux wrapper.
+ * @param mg SELinux wrapper
+ * @return NULL on last dereference
+ */
+/*...@null@*/
+rpmsex rpmsexFree(/*...@killref@*/ /*...@null@*/rpmsex mg)
+ /*...@globals fileSystem @*/
+ /*...@modifies mg, fileSystem @*/;
+#define rpmsexFree(_mg) \
+ ((rpmsex)rpmioFreePoolItem((rpmioItem)(_mg), __FUNCTION__, __FILE__,
__LINE__))
+
+/**
+ * Create and load a SELinux wrapper.
+ * @param fn SELinux file
+ * @param flags SELinux flags
+ * @return new SELinux wrapper
+ */
+/*...@newref@*/ /*...@null@*/
+rpmsex rpmsexNew(const char * fn, int flags)
+ /*...@globals fileSystem, internalState @*/
+ /*...@modifies fileSystem, internalState @*/;
+
+/**
+ * Return security context for a file.
+ * @param sex SELinux wrapper
+ * @param fn file path
+ * @param mode file mode
+ * @return file security context
+ */
+/*...@only@*/
+const char * rpmsexMatch(rpmsex sex, const char * fn, mode_t mode)
+ /*...@globals fileSystem, internalState @*/
+ /*...@modifies sex, fileSystem, internalState @*/;
+
+/**
+ * Execute a package scriptlet within SELinux context.
+ * @param sex SELinux wrapper
+ * @param verified Scriptlet came from signature verified header? (unused)
+ * @param argv scriptlet helper
+ * @return 0 on success
+ */
+/*...@only@*/
+int rpmsexExec(rpmsex sex, int verified, const char ** argv)
+ /*...@globals fileSystem, internalState @*/
+ /*...@modifies fileSystem, internalState @*/;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* H_RPMSEX */
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
