dbus/bus system.conf.in, 1.13, 1.14 session.conf.in, 1.6, 1.7 selinux.h, 1.3, 1.4 selinux.c, 1.5, 1.6 config-parser.c, 1.37, 1.38

Colin Walters walters at freedesktop.org
Sun Oct 17 21:04:14 PDT 2004


Update of /cvs/dbus/dbus/bus
In directory gabe:/tmp/cvs-serv11428/bus

Modified Files:
	system.conf.in session.conf.in selinux.h selinux.c 
	config-parser.c 
Log Message:
2004-10-18  Colin Walters  <walters at verbum.org>

	* bus/selinux.h: Add bus_selinux_enabled.
	
	* bus/selinux.c (bus_selinux_enabled): Implement it.
	
	* bus/config-parser.c (struct include): Add
	if_selinux_enabled member.
	(start_busconfig_child): Parse if_selinux_enabled
	attribute for include.
	(bus_config_parser_content): Handle it.

	* bus/session.conf.in, bus/system.conf.in: Add
	inclusion of context mapping to default config files;
	conditional on SELinux being enabled.
	
	* doc/busconfig.dtd: Add to if_selinux_enabled to default DTD.
	
	* test/data/invalid-config-files/badselinux-1.conf, 
	test/data/invalid-config-files/badselinux-2.conf:
	Test files for bad syntax.


Index: system.conf.in
===================================================================
RCS file: /cvs/dbus/dbus/bus/system.conf.in,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- system.conf.in	29 May 2004 04:17:17 -0000	1.13
+++ system.conf.in	18 Oct 2004 04:04:12 -0000	1.14
@@ -57,4 +57,6 @@
        in this standard file -->
   <include ignore_missing="yes">system-local.conf</include>
 
+  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
 </busconfig>

Index: session.conf.in
===================================================================
RCS file: /cvs/dbus/dbus/bus/session.conf.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- session.conf.in	30 Sep 2003 02:32:50 -0000	1.6
+++ session.conf.in	18 Oct 2004 04:04:12 -0000	1.7
@@ -26,4 +26,7 @@
   <!-- This is included last so local configuration can override what's 
        in this standard file -->
   <include ignore_missing="yes">session-local.conf</include>
+
+  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
 </busconfig>

Index: selinux.h
===================================================================
RCS file: /cvs/dbus/dbus/bus/selinux.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- selinux.h	23 Aug 2004 16:09:53 -0000	1.3
+++ selinux.h	18 Oct 2004 04:04:12 -0000	1.4
@@ -30,6 +30,8 @@
 dbus_bool_t bus_selinux_init     (void);
 void        bus_selinux_shutdown (void);
 
+dbus_bool_t bus_selinux_enabled  (void);
+
 void bus_selinux_id_ref    (BusSELinuxID *sid);
 void bus_selinux_id_unref  (BusSELinuxID *sid);
 

Index: selinux.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/selinux.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- selinux.c	23 Aug 2004 16:09:53 -0000	1.5
+++ selinux.c	18 Oct 2004 04:04:12 -0000	1.6
@@ -191,6 +191,16 @@
 #endif /* HAVE_SELINUX */
 
 /**
+ * Return whether or not SELinux is enabled; must be
+ * called after bus_selinux_init.
+ */
+dbus_bool_t
+bus_selinux_enabled (void)
+{
+  return selinux_enabled;
+}
+
+/**
  * Initialize the user space access vector cache (AVC) for D-BUS and set up
  * logging callbacks.
  */

Index: config-parser.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/config-parser.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- config-parser.c	25 Aug 2004 22:11:49 -0000	1.37
+++ config-parser.c	18 Oct 2004 04:04:12 -0000	1.38
@@ -74,6 +74,7 @@
     struct
     {
       unsigned int ignore_missing : 1;
+      unsigned int if_selinux_enabled : 1;
       unsigned int selinux_root_relative : 1;
     } include;
 
@@ -718,6 +719,7 @@
   else if (strcmp (element_name, "include") == 0)
     {
       Element *e;
+      const char *if_selinux_enabled;
       const char *ignore_missing;
       const char *selinux_root_relative;
 
@@ -728,6 +730,7 @@
         }
 
       e->d.include.ignore_missing = FALSE;
+      e->d.include.if_selinux_enabled = FALSE;
       e->d.include.selinux_root_relative = FALSE;
 
       if (!locate_attributes (parser, "include",
@@ -735,6 +738,7 @@
                               attribute_values,
                               error,
                               "ignore_missing", &ignore_missing,
+                              "if_selinux_enabled", &if_selinux_enabled,
                               "selinux_root_relative", &selinux_root_relative,
                               NULL))
         return FALSE;
@@ -752,6 +756,21 @@
               return FALSE;
             }
         }
+
+      if (if_selinux_enabled != NULL)
+        {
+          if (strcmp (if_selinux_enabled, "yes") == 0)
+            e->d.include.if_selinux_enabled = TRUE;
+          else if (strcmp (if_selinux_enabled, "no") == 0)
+            e->d.include.if_selinux_enabled = FALSE;
+          else
+            {
+              dbus_set_error (error, DBUS_ERROR_FAILED,
+                              "if_selinux_enabled attribute must have value"
+                              " \"yes\" or \"no\"");
+              return FALSE;
+	    }
+        }
       
       if (selinux_root_relative != NULL)
         {
@@ -2055,6 +2074,10 @@
 
         e->had_content = TRUE;
 
+	if (e->d.include.if_selinux_enabled
+	    && !bus_selinux_enabled ())
+	  break;
+
         if (!_dbus_string_init (&full_path))
           goto nomem;
 



More information about the dbus-commit mailing list