hal/hald/linux osspec.c,1.47,1.48
David Zeuthen
david at freedesktop.org
Thu Oct 14 11:37:30 PDT 2004
Update of /cvs/hal/hal/hald/linux
In directory gabe:/tmp/cvs-serv19112/hald/linux
Modified Files:
osspec.c
Log Message:
2004-10-14 David Zeuthen <davidz at redhat.com>
* configure.in: Add fstab-sync.8 to AC_OUTPUT
* doc/conf/storage-non-fixed.fdi: New file, example
* doc/conf/storage-skip-all.fdi: New file, example
* doc/conf/Makefile.am: Dist and install two new .fdi files
* fdi/90defaultpolicy/storage-policy.fdi: Fix a typo in a comment
* hald/device_info.c:
(my_alphasort): New function
(scan_fdi_files): Use my_alphasort to sort in the right order. Process
all .fdi files instead of bailing out on the first match.
* hald/linux/osspec.c:
(get_selinux_removable_context): New function, copied over from
tools/fstab-sync.c (not currently used)
(osspec_probe): Use get_selinux_removable_context (not currently used)
* libhal-storage/libhal-storage.c:
(hal_drive_policy_get_mount_options): Check if mount_option property
is actually FALSE.
(hal_volume_policy_get_mount_options): Same
* libhal/libhal.c:
(hal_free_property_set): Check if object to free is NULL and just
return. Allows hal_free_property_set (NULL).
* tools/Makefile.am: Add rules for building fstab-sync.8 man page
* tools/fstab-sync.8.in: New file
* tools/fstab-sync.c: Much rewritten to use libhal-storage and the new
policy properties. See diff for details.
Index: osspec.c
===================================================================
RCS file: /cvs/hal/hal/hald/linux/osspec.c,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -d -r1.47 -r1.48
--- osspec.c 12 Oct 2004 20:17:08 -0000 1.47
+++ osspec.c 14 Oct 2004 18:37:28 -0000 1.48
@@ -805,6 +805,44 @@
#ifdef HAVE_SELINUX
#include <selinux/selinux.h>
+
+#if 0
+static int get_selinux_removable_context(security_context_t *newcon)
+{
+ FILE *fp;
+ char buf[255], *ptr;
+ size_t plen;
+
+ HAL_INFO (("selinux_removable_context_path '%s'", selinux_removable_context_path()));
+ fp = fopen(selinux_removable_context_path(), "r");
+ if (!fp)
+ return -1;
+
+ ptr = fgets_unlocked(buf, sizeof buf, fp);
+ fclose(fp);
+
+ if (!ptr)
+ return -1;
+ plen = strlen(ptr);
+ if (buf[plen-1] == '\n')
+ buf[plen-1] = 0;
+
+ *newcon=strdup(buf);
+ /* If possible, check the context to catch
+ errors early rather than waiting until the
+ caller tries to use setexeccon on the context.
+ But this may not always be possible, e.g. if
+ selinuxfs isn't mounted. */
+ if (security_check_context(*newcon) && errno != ENOENT) {
+ free(*newcon);
+ *newcon = 0;
+ return -1;
+ }
+
+ HAL_INFO (("removable context is %s", *newcon));
+ return 0;
+}
+#endif
#endif /* HAVE_SELINUX */
/* This function is documented in ../osspec.h */
@@ -838,7 +876,23 @@
}
#ifdef HAVE_SELINUX
- hal_device_property_set_bool (root, "linux.is_selinux_enabled", is_selinux_enabled());
+ if (is_selinux_enabled()) {
+/*
+ char buf[256];
+ security_context_t scontext;
+*/
+ hal_device_property_set_bool (root, "linux.is_selinux_enabled", TRUE);
+
+/*
+ if (get_selinux_removable_context(&scontext)==0) {
+ snprintf (buf, sizeof (buf), "storage.policy.default.mount_option.fscontext=%s", scontext);
+ freecon(scontext);
+ hal_device_property_set_bool (root, buf, TRUE);
+ } else {
+ HAL_ERROR (("Could not get selinux removable fscontext"));
+ }
+*/
+ }
#endif /* HAVE_SELINUX */
hal_device_store_add (hald_get_tdl (), root);
More information about the hal-commit
mailing list