hal/hald/linux osspec.c,1.47,1.48

Thu Oct 14 11:37:30 PDT 2004

Update of /cvs/hal/hal/hald/linux
In directory gabe:/tmp/cvs-serv19112/hald/linux

Modified Files:
	osspec.c 
Log Message:
2004-10-14  David Zeuthen  <davidz at redhat.com>

	* configure.in: Add fstab-sync.8 to AC_OUTPUT
	
	* doc/conf/storage-non-fixed.fdi: New file, example

	* doc/conf/storage-skip-all.fdi: New file, example

	* doc/conf/Makefile.am: Dist and install two new .fdi files

	* fdi/90defaultpolicy/storage-policy.fdi: Fix a typo in a comment

	* hald/device_info.c:
	(my_alphasort): New function 
	(scan_fdi_files): Use my_alphasort to sort in the right order. Process
	all .fdi files instead of bailing out on the first match.

	* hald/linux/osspec.c:
	(get_selinux_removable_context): New function, copied over from 
	tools/fstab-sync.c (not currently used)
	(osspec_probe): Use get_selinux_removable_context (not currently used)

	* libhal-storage/libhal-storage.c:
	(hal_drive_policy_get_mount_options): Check if mount_option property
	is actually FALSE.
	(hal_volume_policy_get_mount_options): Same

	* libhal/libhal.c:
	(hal_free_property_set): Check if object to free is NULL and just
	return. Allows hal_free_property_set (NULL).

	* tools/Makefile.am: Add rules for building fstab-sync.8 man page

	* tools/fstab-sync.8.in: New file

	* tools/fstab-sync.c: Much rewritten to use libhal-storage and the new
	policy properties. See diff for details.



Index: osspec.c
===================================================================
RCS file: /cvs/hal/hal/hald/linux/osspec.c,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -d -r1.47 -r1.48

--- osspec.c	12 Oct 2004 20:17:08 -0000	1.47
+++ osspec.c	14 Oct 2004 18:37:28 -0000	1.48
@@ -805,6 +805,44 @@
 
 #ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
+
+#if 0
+static int get_selinux_removable_context(security_context_t *newcon)
+{
+	FILE *fp;
+	char buf[255], *ptr;
+	size_t plen;
+	
+	HAL_INFO (("selinux_removable_context_path '%s'", selinux_removable_context_path()));
+	fp = fopen(selinux_removable_context_path(), "r");
+	if (!fp)
+		return -1;
+	
+	ptr = fgets_unlocked(buf, sizeof buf, fp);
+	fclose(fp);
+	
+	if (!ptr)
+		return -1;
+	plen = strlen(ptr);
+	if (buf[plen-1] == '\n') 
+		buf[plen-1] = 0;
+	
+	*newcon=strdup(buf);
+	/* If possible, check the context to catch
+	   errors early rather than waiting until the
+	   caller tries to use setexeccon on the context.
+	   But this may not always be possible, e.g. if
+	   selinuxfs isn't mounted. */
+	if (security_check_context(*newcon) && errno != ENOENT) {
+		free(*newcon);
+		*newcon = 0;
+		return -1;
+	}
+	
+	HAL_INFO (("removable context is %s", *newcon));
+	return 0;
+}
+#endif
 #endif /* HAVE_SELINUX */
 
 /* This function is documented in ../osspec.h */
@@ -838,7 +876,23 @@
 	}
 
 #ifdef HAVE_SELINUX
-	hal_device_property_set_bool (root, "linux.is_selinux_enabled", is_selinux_enabled());
+	if (is_selinux_enabled()) {
+/*
+		char buf[256];
+		security_context_t scontext;
+*/
+		hal_device_property_set_bool (root, "linux.is_selinux_enabled", TRUE);
+
+/*
+		if (get_selinux_removable_context(&scontext)==0) {
+			snprintf (buf, sizeof (buf), "storage.policy.default.mount_option.fscontext=%s", scontext);
+			freecon(scontext);
+			hal_device_property_set_bool (root, buf, TRUE);
+		} else {
+			HAL_ERROR (("Could not get selinux removable fscontext"));
+		}
+*/
+	}
 #endif /* HAVE_SELINUX */
 
 	hal_device_store_add (hald_get_tdl (), root);


