Lines Matching full:sh
67 static void semanage_direct_destroy(semanage_handle_t * sh);
68 static int semanage_direct_disconnect(semanage_handle_t * sh);
69 static int semanage_direct_begintrans(semanage_handle_t * sh);
70 static int semanage_direct_commit(semanage_handle_t * sh);
71 static int semanage_direct_install(semanage_handle_t * sh, char *data,
73 static int semanage_direct_install_file(semanage_handle_t * sh, const char *module_name);
74 static int semanage_direct_extract(semanage_handle_t * sh,
80 static int semanage_direct_remove(semanage_handle_t * sh, char *module_name);
81 static int semanage_direct_list(semanage_handle_t * sh,
84 static int semanage_direct_get_enabled(semanage_handle_t *sh,
87 static int semanage_direct_set_enabled(semanage_handle_t *sh,
91 static int semanage_direct_get_module_info(semanage_handle_t *sh,
95 static int semanage_direct_list_all(semanage_handle_t *sh,
99 static int semanage_direct_install_info(semanage_handle_t *sh,
104 static int semanage_direct_remove_key(semanage_handle_t *sh,
126 int semanage_direct_is_managed(semanage_handle_t * sh) in semanage_direct_is_managed() argument
128 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_is_managed()
131 if (semanage_access_check(sh) < 0) in semanage_direct_is_managed()
137 ERR(sh, "could not check whether policy is managed"); in semanage_direct_is_managed()
143 int semanage_direct_connect(semanage_handle_t * sh) in semanage_direct_connect() argument
148 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_connect()
151 if (sh->create_store) in semanage_direct_connect()
152 if (semanage_create_store(sh, 1)) in semanage_direct_connect()
155 sh->u.direct.translock_file_fd = -1; in semanage_direct_connect()
156 sh->u.direct.activelock_file_fd = -1; in semanage_direct_connect()
159 sh->funcs = &direct_funcs; in semanage_direct_connect()
162 if (user_base_file_dbase_init(sh, in semanage_direct_connect()
167 semanage_user_base_dbase_local(sh)) < 0) in semanage_direct_connect()
170 if (user_extra_file_dbase_init(sh, in semanage_direct_connect()
175 semanage_user_extra_dbase_local(sh)) < 0) in semanage_direct_connect()
178 if (user_join_dbase_init(sh, in semanage_direct_connect()
179 semanage_user_base_dbase_local(sh), in semanage_direct_connect()
180 semanage_user_extra_dbase_local(sh), in semanage_direct_connect()
181 semanage_user_dbase_local(sh)) < 0) in semanage_direct_connect()
184 if (port_file_dbase_init(sh, in semanage_direct_connect()
189 semanage_port_dbase_local(sh)) < 0) in semanage_direct_connect()
192 if (iface_file_dbase_init(sh, in semanage_direct_connect()
197 semanage_iface_dbase_local(sh)) < 0) in semanage_direct_connect()
200 if (bool_file_dbase_init(sh, in semanage_direct_connect()
205 semanage_bool_dbase_local(sh)) < 0) in semanage_direct_connect()
208 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
211 semanage_fcontext_dbase_local(sh)) < 0) in semanage_direct_connect()
214 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
217 semanage_fcontext_dbase_homedirs(sh)) < 0) in semanage_direct_connect()
220 if (seuser_file_dbase_init(sh, in semanage_direct_connect()
225 semanage_seuser_dbase_local(sh)) < 0) in semanage_direct_connect()
228 if (node_file_dbase_init(sh, in semanage_direct_connect()
233 semanage_node_dbase_local(sh)) < 0) in semanage_direct_connect()
236 if (ibpkey_file_dbase_init(sh, in semanage_direct_connect()
241 semanage_ibpkey_dbase_local(sh)) < 0) in semanage_direct_connect()
244 if (ibendport_file_dbase_init(sh, in semanage_direct_connect()
249 semanage_ibendport_dbase_local(sh)) < 0) in semanage_direct_connect()
253 if (user_base_policydb_dbase_init(sh, in semanage_direct_connect()
254 semanage_user_base_dbase_policy(sh)) < in semanage_direct_connect()
258 if (user_extra_file_dbase_init(sh, in semanage_direct_connect()
263 semanage_user_extra_dbase_policy(sh)) < in semanage_direct_connect()
267 if (user_join_dbase_init(sh, in semanage_direct_connect()
268 semanage_user_base_dbase_policy(sh), in semanage_direct_connect()
269 semanage_user_extra_dbase_policy(sh), in semanage_direct_connect()
270 semanage_user_dbase_policy(sh)) < 0) in semanage_direct_connect()
273 if (port_policydb_dbase_init(sh, semanage_port_dbase_policy(sh)) < 0) in semanage_direct_connect()
276 if (ibpkey_policydb_dbase_init(sh, semanage_ibpkey_dbase_policy(sh)) < 0) in semanage_direct_connect()
279 if (ibendport_policydb_dbase_init(sh, semanage_ibendport_dbase_policy(sh)) < 0) in semanage_direct_connect()
282 if (iface_policydb_dbase_init(sh, semanage_iface_dbase_policy(sh)) < 0) in semanage_direct_connect()
285 if (bool_policydb_dbase_init(sh, semanage_bool_dbase_policy(sh)) < 0) in semanage_direct_connect()
288 if (fcontext_file_dbase_init(sh, in semanage_direct_connect()
291 semanage_fcontext_dbase_policy(sh)) < 0) in semanage_direct_connect()
294 if (seuser_file_dbase_init(sh, in semanage_direct_connect()
297 semanage_seuser_dbase_policy(sh)) < 0) in semanage_direct_connect()
300 if (node_policydb_dbase_init(sh, semanage_node_dbase_policy(sh)) < 0) in semanage_direct_connect()
304 if (bool_activedb_dbase_init(sh, semanage_bool_dbase_active(sh)) < 0) in semanage_direct_connect()
311 sepol_set_disable_dontaudit(sh->sepolh, 1); in semanage_direct_connect()
314 sepol_set_disable_dontaudit(sh->sepolh, 0); in semanage_direct_connect()
316 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_connect()
323 ERR(sh, "could not establish direct connection"); in semanage_direct_connect()
327 static void semanage_direct_destroy(semanage_handle_t * sh in semanage_direct_destroy() argument
333 static int semanage_remove_tmps(semanage_handle_t *sh) in semanage_remove_tmps() argument
335 if (sh->commit_err) in semanage_remove_tmps()
342 ERR(sh, "Could not cleanly remove sandbox %s.", in semanage_remove_tmps()
353 ERR(sh, "Could not cleanly remove tmp %s.", in semanage_remove_tmps()
363 static int semanage_direct_disconnect(semanage_handle_t *sh) in semanage_direct_disconnect() argument
368 if (sh->is_in_transaction) { in semanage_direct_disconnect()
369 retval = semanage_remove_tmps(sh); in semanage_direct_disconnect()
370 semanage_release_trans_lock(sh); in semanage_direct_disconnect()
374 user_base_file_dbase_release(semanage_user_base_dbase_local(sh)); in semanage_direct_disconnect()
375 user_extra_file_dbase_release(semanage_user_extra_dbase_local(sh)); in semanage_direct_disconnect()
376 user_join_dbase_release(semanage_user_dbase_local(sh)); in semanage_direct_disconnect()
377 port_file_dbase_release(semanage_port_dbase_local(sh)); in semanage_direct_disconnect()
378 ibpkey_file_dbase_release(semanage_ibpkey_dbase_local(sh)); in semanage_direct_disconnect()
379 ibendport_file_dbase_release(semanage_ibendport_dbase_local(sh)); in semanage_direct_disconnect()
380 iface_file_dbase_release(semanage_iface_dbase_local(sh)); in semanage_direct_disconnect()
381 bool_file_dbase_release(semanage_bool_dbase_local(sh)); in semanage_direct_disconnect()
382 fcontext_file_dbase_release(semanage_fcontext_dbase_local(sh)); in semanage_direct_disconnect()
383 fcontext_file_dbase_release(semanage_fcontext_dbase_homedirs(sh)); in semanage_direct_disconnect()
384 seuser_file_dbase_release(semanage_seuser_dbase_local(sh)); in semanage_direct_disconnect()
385 node_file_dbase_release(semanage_node_dbase_local(sh)); in semanage_direct_disconnect()
388 user_base_policydb_dbase_release(semanage_user_base_dbase_policy(sh)); in semanage_direct_disconnect()
389 user_extra_file_dbase_release(semanage_user_extra_dbase_policy(sh)); in semanage_direct_disconnect()
390 user_join_dbase_release(semanage_user_dbase_policy(sh)); in semanage_direct_disconnect()
391 port_policydb_dbase_release(semanage_port_dbase_policy(sh)); in semanage_direct_disconnect()
392 ibpkey_policydb_dbase_release(semanage_ibpkey_dbase_policy(sh)); in semanage_direct_disconnect()
393 ibendport_policydb_dbase_release(semanage_ibendport_dbase_policy(sh)); in semanage_direct_disconnect()
394 iface_policydb_dbase_release(semanage_iface_dbase_policy(sh)); in semanage_direct_disconnect()
395 bool_policydb_dbase_release(semanage_bool_dbase_policy(sh)); in semanage_direct_disconnect()
396 fcontext_file_dbase_release(semanage_fcontext_dbase_policy(sh)); in semanage_direct_disconnect()
397 seuser_file_dbase_release(semanage_seuser_dbase_policy(sh)); in semanage_direct_disconnect()
398 node_policydb_dbase_release(semanage_node_dbase_policy(sh)); in semanage_direct_disconnect()
401 bool_activedb_dbase_release(semanage_bool_dbase_active(sh)); in semanage_direct_disconnect()
406 static int semanage_direct_begintrans(semanage_handle_t * sh) in semanage_direct_begintrans() argument
408 if (semanage_get_trans_lock(sh) < 0) { in semanage_direct_begintrans()
411 if ((semanage_make_sandbox(sh)) < 0) { in semanage_direct_begintrans()
414 if ((semanage_make_final(sh)) < 0) { in semanage_direct_begintrans()
429 static int parse_module_headers(semanage_handle_t * sh, char *module_data, in parse_module_headers() argument
438 ERR(sh, "Out of memory!"); in parse_module_headers()
442 sepol_policy_file_set_handle(pf, sh->sepolh); in parse_module_headers()
453 static int write_file(semanage_handle_t * sh, in write_file() argument
461 ERR(sh, "Could not open %s for writing.", filename); in write_file()
465 ERR(sh, "Error while writing to %s.", filename); in write_file()
473 static int semanage_direct_update_user_extra(semanage_handle_t * sh, cil_db_t *cildb) in semanage_direct_update_user_extra() argument
480 dbase_config_t *pusers_extra = semanage_user_extra_dbase_policy(sh); in semanage_direct_update_user_extra()
499 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_user_extra()
512 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_user_extra()
519 retval = pusers_extra->dtable->clear(sh, pusers_extra->dbase); in semanage_direct_update_user_extra()
528 static int semanage_direct_update_seuser(semanage_handle_t * sh, cil_db_t *cildb) in semanage_direct_update_seuser() argument
535 dbase_config_t *pseusers = semanage_seuser_dbase_policy(sh); in semanage_direct_update_seuser()
554 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_seuser()
567 retval = write_file(sh, ofilename, data, size); in semanage_direct_update_seuser()
573 retval = pseusers->dtable->clear(sh, pseusers->dbase); in semanage_direct_update_seuser()
582 static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int fd, char **out_dat… in read_from_pipe_to_data() argument
594 ERR(sh, "Failed to malloc, out of memory.\n"); in read_from_pipe_to_data()
604 ERR(sh, "Failed to realloc, out of memory.\n"); in read_from_pipe_to_data()
616 static int semanage_pipe_data(semanage_handle_t *sh, char *path, char *in_data, size_t in_data_len,… in semanage_pipe_data() argument
644 ERR(sh, "Unable to create pipe for input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
649 ERR(sh, "Unable to create pipe for output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
654 ERR(sh, "Unable to create pipe for error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
660 ERR(sh, "Unable to fork from parent: %s.", strerror(errno)); in semanage_pipe_data()
666 ERR(sh, "Unable to dup2 input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
671 ERR(sh, "Unable to dup2 output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
676 ERR(sh, "Unable to dup2 error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
682 ERR(sh, "Unable to close input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
687 ERR(sh, "Unable to close output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
692 ERR(sh, "Unable to close error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
697 ERR(sh, "Unable to execute %s : %s\n", path, strerror(errno)); in semanage_pipe_data()
704 ERR(sh, "Unable to close read end of input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
711 ERR(sh, "Unable to close write end of output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
718 ERR(sh, "Unable to close write end of error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
724 ERR(sh, "Failed to write data to input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
730 ERR(sh, "Unable to close write end of input pipe: %s\n", strerror(errno)); in semanage_pipe_data()
735 …retval = read_from_pipe_to_data(sh, initial_len, output_fd[PIPE_READ], &data_read, &data_read_len); in semanage_pipe_data()
742 ERR(sh, "Unable to close read end of output pipe: %s\n", strerror(errno)); in semanage_pipe_data()
747 …retval = read_from_pipe_to_data(sh, initial_len, err_fd[PIPE_READ], &err_data_read, &err_data_read… in semanage_pipe_data()
754 ERR(sh, "Unable to close read end of error pipe: %s\n", strerror(errno)); in semanage_pipe_data()
759 ERR(sh, "Child process %s did not exit cleanly.", path); in semanage_pipe_data()
764 ERR(sh, "Child process %s failed with code: %d.", path, WEXITSTATUS(status)); in semanage_pipe_data()
807 static int semanage_direct_write_langext(semanage_handle_t *sh, in semanage_direct_write_langext() argument
815 ret = semanage_module_get_path(sh, in semanage_direct_write_langext()
826 ERR(sh, "Unable to open %s module ext file.", modinfo->name); in semanage_direct_write_langext()
832 ERR(sh, "Unable to write %s module ext file.", modinfo->name); in semanage_direct_write_langext()
838 ERR(sh, "Unable to close %s module ext file.", modinfo->name); in semanage_direct_write_langext()
866 static int semanage_compile_module(semanage_handle_t *sh, in semanage_compile_module() argument
886 status = semanage_get_hll_compiler_path(sh, modinfo->lang_ext, &compiler_path); in semanage_compile_module()
892 sh, in semanage_compile_module()
902 sh, in semanage_compile_module()
911 status = map_compressed_file(sh, hll_path, &hll_contents); in semanage_compile_module()
913 ERR(sh, "Unable to read file %s\n", hll_path); in semanage_compile_module()
917 status = semanage_pipe_data(sh, compiler_path, hll_contents.data, in semanage_compile_module()
944 status = write_compressed_file(sh, cil_path, cil_data, cil_data_len); in semanage_compile_module()
946 ERR(sh, "Failed to write %s\n", cil_path); in semanage_compile_module()
950 if (sh->conf->remove_hll == 1) { in semanage_compile_module()
953 ERR(sh, "Error while removing HLL file %s: %s", hll_path, strerror(errno)); in semanage_compile_module()
957 status = semanage_direct_write_langext(sh, "cil", modinfo); in semanage_compile_module()
980 static int semanage_compile_hll_modules(semanage_handle_t *sh, in semanage_compile_hll_modules() argument
995 assert(sh); in semanage_compile_hll_modules()
1008 sh, in semanage_compile_hll_modules()
1016 if (!semanage_get_ignore_module_cache(sh)) { in semanage_compile_hll_modules()
1019 status = map_compressed_file(sh, cil_path, &contents); in semanage_compile_hll_modules()
1021 ERR(sh, "Error mapping file: %s", cil_path); in semanage_compile_hll_modules()
1032 ERR(sh, "Unable to access %s: %s\n", cil_path, in semanage_compile_hll_modules()
1038 status = semanage_compile_module(sh, &modinfos[i], &context); in semanage_compile_hll_modules()
1048 static int semanage_compare_checksum(semanage_handle_t *sh, const char *reference) in semanage_compare_checksum() argument
1058 ERR(sh, "Unable to open %s: %s\n", path, strerror(errno)); in semanage_compare_checksum()
1066 ERR(sh, "Unable to stat %s\n", path); in semanage_compare_checksum()
1073 WARN(sh, "Module checksum invalid - forcing a rebuild\n"); in semanage_compare_checksum()
1080 ERR(sh, "Unable to mmap %s\n", path); in semanage_compare_checksum()
1092 static int semanage_write_modules_checksum(semanage_handle_t *sh, in semanage_write_modules_checksum() argument
1097 return write_file(sh, path, checksum, CHECKSUM_CONTENT_SIZE); in semanage_write_modules_checksum()
1123 static int semanage_direct_commit(semanage_handle_t * sh) in semanage_direct_commit() argument
1142 dbase_config_t *users = semanage_user_dbase_local(sh); in semanage_direct_commit()
1143 dbase_config_t *users_base = semanage_user_base_dbase_local(sh); in semanage_direct_commit()
1144 dbase_config_t *pusers_base = semanage_user_base_dbase_policy(sh); in semanage_direct_commit()
1145 dbase_config_t *pusers_extra = semanage_user_extra_dbase_policy(sh); in semanage_direct_commit()
1146 dbase_config_t *ports = semanage_port_dbase_local(sh); in semanage_direct_commit()
1147 dbase_config_t *pports = semanage_port_dbase_policy(sh); in semanage_direct_commit()
1148 dbase_config_t *ibpkeys = semanage_ibpkey_dbase_local(sh); in semanage_direct_commit()
1149 dbase_config_t *pibpkeys = semanage_ibpkey_dbase_policy(sh); in semanage_direct_commit()
1150 dbase_config_t *ibendports = semanage_ibendport_dbase_local(sh); in semanage_direct_commit()
1151 dbase_config_t *pibendports = semanage_ibendport_dbase_policy(sh); in semanage_direct_commit()
1152 dbase_config_t *bools = semanage_bool_dbase_local(sh); in semanage_direct_commit()
1153 dbase_config_t *pbools = semanage_bool_dbase_policy(sh); in semanage_direct_commit()
1154 dbase_config_t *ifaces = semanage_iface_dbase_local(sh); in semanage_direct_commit()
1155 dbase_config_t *pifaces = semanage_iface_dbase_policy(sh); in semanage_direct_commit()
1156 dbase_config_t *nodes = semanage_node_dbase_local(sh); in semanage_direct_commit()
1157 dbase_config_t *pnodes = semanage_node_dbase_policy(sh); in semanage_direct_commit()
1158 dbase_config_t *fcontexts = semanage_fcontext_dbase_local(sh); in semanage_direct_commit()
1159 dbase_config_t *pfcontexts = semanage_fcontext_dbase_policy(sh); in semanage_direct_commit()
1160 dbase_config_t *seusers = semanage_seuser_dbase_local(sh); in semanage_direct_commit()
1161 dbase_config_t *pseusers = semanage_seuser_dbase_policy(sh); in semanage_direct_commit()
1173 retval = users->dtable->flush(sh, users->dbase); in semanage_direct_commit()
1179 do_rebuild = sh->do_rebuild | sh->modules_modified; in semanage_direct_commit()
1184 do_rebuild |= !(sepol_get_disable_dontaudit(sh->sepolh) == 1); in semanage_direct_commit()
1187 do_rebuild |= (sepol_get_disable_dontaudit(sh->sepolh) == 1); in semanage_direct_commit()
1189 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1193 if (sepol_get_disable_dontaudit(sh->sepolh) == 1) { in semanage_direct_commit()
1198 ERR(sh, "Error attempting to create disable_dontaudit flag."); in semanage_direct_commit()
1202 ERR(sh, "Error attempting to create disable_dontaudit flag."); in semanage_direct_commit()
1207 ERR(sh, "Error removing the disable_dontaudit flag."); in semanage_direct_commit()
1215 do_rebuild |= !(sepol_get_preserve_tunables(sh->sepolh) == 1); in semanage_direct_commit()
1218 do_rebuild |= (sepol_get_preserve_tunables(sh->sepolh) == 1); in semanage_direct_commit()
1220 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1225 if (sepol_get_preserve_tunables(sh->sepolh) == 1) { in semanage_direct_commit()
1230 ERR(sh, "Error attempting to create preserve_tunable flag."); in semanage_direct_commit()
1234 ERR(sh, "Error attempting to create preserve_tunable flag."); in semanage_direct_commit()
1239 ERR(sh, "Error removing the preserve_tunables flag."); in semanage_direct_commit()
1256 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1266 if (do_rebuild || sh->check_ext_changes) { in semanage_direct_commit()
1267 retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); in semanage_direct_commit()
1277 retval = semanage_compile_hll_modules(sh, modinfos, num_modinfos, in semanage_direct_commit()
1280 ERR(sh, "Failed to compile hll files into cil files.\n"); in semanage_direct_commit()
1284 if (!do_rebuild && sh->check_ext_changes) { in semanage_direct_commit()
1285 retval = semanage_compare_checksum(sh, modules_checksum); in semanage_direct_commit()
1291 retval = semanage_write_modules_checksum(sh, modules_checksum); in semanage_direct_commit()
1293 ERR(sh, "Failed to write module checksum file.\n"); in semanage_direct_commit()
1305 retval = semanage_get_cil_paths(sh, modinfos, num_modinfos, &mod_filenames); in semanage_direct_commit()
1309 retval = semanage_verify_modules(sh, mod_filenames, num_modinfos); in semanage_direct_commit()
1315 disable_dontaudit = sepol_get_disable_dontaudit(sh->sepolh); in semanage_direct_commit()
1316 preserve_tunables = sepol_get_preserve_tunables(sh->sepolh); in semanage_direct_commit()
1318 cil_set_disable_neverallow(cildb, !(sh->conf->expand_check)); in semanage_direct_commit()
1320 cil_set_target_platform(cildb, sh->conf->target_platform); in semanage_direct_commit()
1321 cil_set_policy_version(cildb, sh->conf->policyvers); in semanage_direct_commit()
1323 if (sh->conf->handle_unknown != -1) { in semanage_direct_commit()
1324 cil_set_handle_unknown(cildb, sh->conf->handle_unknown); in semanage_direct_commit()
1327 retval = semanage_load_files(sh, cildb, mod_filenames, num_modinfos); in semanage_direct_commit()
1351 retval = write_file(sh, ofilename, fc_buffer, fc_buffer_len); in semanage_direct_commit()
1356 retval = semanage_split_fc(sh); in semanage_direct_commit()
1366 retval = semanage_direct_update_seuser(sh, cildb); in semanage_direct_commit()
1371 retval = semanage_direct_update_user_extra(sh, cildb); in semanage_direct_commit()
1378 if (sh->conf->optimize_policy) { in semanage_direct_commit()
1385 retval = semanage_write_policydb(sh, out, in semanage_direct_commit()
1395 retval = semanage_read_policydb(sh, out, SEMANAGE_LINKED); in semanage_direct_commit()
1410 pseusers->dtable->clear(sh, pseusers->dbase); in semanage_direct_commit()
1412 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1428 pusers_extra->dtable->clear(sh, pusers_extra->dbase); in semanage_direct_commit()
1430 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_commit()
1447 do_write_kernel = do_rebuild | sh->check_ext_changes | in semanage_direct_commit()
1465 retval = semanage_base_merge_components(sh); in semanage_direct_commit()
1471 retval = semanage_write_policydb(sh, out, in semanage_direct_commit()
1477 retval = semanage_verify_kernel(sh); in semanage_direct_commit()
1489 retval = semanage_fcontext_validate_local(sh, out); in semanage_direct_commit()
1496 retval = semanage_seuser_validate_local(sh, out); in semanage_direct_commit()
1503 retval = semanage_port_validate_local(sh); in semanage_direct_commit()
1510 retval = semanage_ibpkey_validate_local(sh); in semanage_direct_commit()
1517 retval = semanage_ibendport_validate_local(sh); in semanage_direct_commit()
1524 retval = semanage_commit_components(sh); in semanage_direct_commit()
1530 sh->conf->file_mode, false); in semanage_direct_commit()
1537 sh->conf->file_mode); in semanage_direct_commit()
1544 sh->conf->file_mode); in semanage_direct_commit()
1551 sh->conf->file_mode); in semanage_direct_commit()
1558 if (!sh->conf->disable_genhomedircon) { in semanage_direct_commit()
1560 if ((retval = semanage_genhomedircon(sh, out, sh->conf->usepasswd, in semanage_direct_commit()
1561 sh->conf->ignoredirs)) != 0) { in semanage_direct_commit()
1562 ERR(sh, "semanage_genhomedircon returned error code %d.", retval); in semanage_direct_commit()
1569 sh->conf->file_mode, false); in semanage_direct_commit()
1575 WARN(sh, "WARNING: genhomedircon is disabled. \ in semanage_direct_commit()
1585 retval = semanage_install_sandbox(sh); in semanage_direct_commit()
1589 semanage_module_info_destroy(sh, &modinfos[i]); in semanage_direct_commit()
1616 sh->commit_err = retval; in semanage_direct_commit()
1618 if (semanage_remove_tmps(sh) != 0) in semanage_direct_commit()
1621 semanage_release_trans_lock(sh); in semanage_direct_commit()
1633 static int semanage_direct_install(semanage_handle_t * sh, in semanage_direct_install() argument
1641 ret = semanage_module_info_init(sh, &modinfo); in semanage_direct_install()
1647 ret = semanage_module_info_set_priority(sh, &modinfo, sh->priority); in semanage_direct_install()
1653 ret = semanage_module_info_set_name(sh, &modinfo, module_name); in semanage_direct_install()
1659 ret = semanage_module_info_set_lang_ext(sh, &modinfo, lang_ext); in semanage_direct_install()
1665 ret = semanage_module_info_set_enabled(sh, &modinfo, -1); in semanage_direct_install()
1671 status = semanage_direct_install_info(sh, &modinfo, data, data_len); in semanage_direct_install()
1675 semanage_module_info_destroy(sh, &modinfo); in semanage_direct_install()
1685 static int semanage_direct_install_file(semanage_handle_t * sh, in semanage_direct_install_file() argument
1698 retval = map_compressed_file(sh, install_filename, &contents); in semanage_direct_install_file()
1700 ERR(sh, "Unable to read file %s\n", install_filename); in semanage_direct_install_file()
1706 ERR(sh, "No memory available for strdup.\n"); in semanage_direct_install_file()
1716 ERR(sh, "Compressed module does not have a valid extension."); in semanage_direct_install_file()
1727 ERR(sh, "Module does not have a valid extension."); in semanage_direct_install_file()
1737 retval = parse_module_headers(sh, contents.data, contents.len, in semanage_direct_install_file()
1747 ERR(sh, "No memory available for module_name.\n"); in semanage_direct_install_file()
1755 retval = semanage_direct_install(sh, contents.data, contents.len, in semanage_direct_install_file()
1766 static int semanage_direct_extract(semanage_handle_t * sh, in semanage_direct_extract() argument
1783 sh, in semanage_direct_extract()
1793 ERR(sh, "Unable to access %s: %s\n", module_path, strerror(errno)); in semanage_direct_extract()
1798 rc = semanage_module_get_module_info(sh, in semanage_direct_extract()
1813 sh, in semanage_direct_extract()
1824 ERR(sh, "Unable to access %s: %s\n", input_file, strerror(errno)); in semanage_direct_extract()
1829 rc = semanage_compile_module(sh, _modinfo, NULL); in semanage_direct_extract()
1835 rc = map_compressed_file(sh, input_file, &contents); in semanage_direct_extract()
1837 ERR(sh, "Error mapping file: %s", input_file); in semanage_direct_extract()
1846 ERR(sh, "Unable to map memory"); in semanage_direct_extract()
1862 semanage_module_info_destroy(sh, _modinfo); in semanage_direct_extract()
1871 static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) in semanage_direct_remove() argument
1877 ret = semanage_module_key_init(sh, &modkey); in semanage_direct_remove()
1883 ret = semanage_module_key_set_priority(sh, &modkey, sh->priority); in semanage_direct_remove()
1889 ret = semanage_module_key_set_name(sh, &modkey, module_name); in semanage_direct_remove()
1895 status = semanage_direct_remove_key(sh, &modkey); in semanage_direct_remove()
1898 semanage_module_key_destroy(sh, &modkey); in semanage_direct_remove()
1909 static int semanage_direct_list(semanage_handle_t * sh, in semanage_direct_list() argument
1919 if (!sh->is_in_transaction) in semanage_direct_list()
1920 if (semanage_get_active_lock(sh) < 0) in semanage_direct_list()
1923 if (semanage_get_active_modules(sh, modinfo, num_modules) == -1) { in semanage_direct_list()
1928 retval = semanage_direct_get_serial(sh); in semanage_direct_list()
1932 retval = semanage_direct_get_serial(sh); in semanage_direct_list()
1937 semanage_module_info_destroy(sh, &(*modinfo[i])); in semanage_direct_list()
1944 if (!sh->is_in_transaction) { in semanage_direct_list()
1945 semanage_release_active_lock(sh); in semanage_direct_list()
1950 static int semanage_direct_get_enabled(semanage_handle_t *sh, in semanage_direct_get_enabled() argument
1954 assert(sh); in semanage_direct_get_enabled()
1967 sh, in semanage_direct_get_enabled()
1977 sh, in semanage_direct_get_enabled()
1989 ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); in semanage_direct_get_enabled()
2001 semanage_module_info_destroy(sh, modinfo); in semanage_direct_get_enabled()
2007 static int semanage_direct_set_enabled(semanage_handle_t *sh, in semanage_direct_set_enabled() argument
2011 assert(sh); in semanage_direct_set_enabled()
2024 if (!sh->is_in_transaction) { in semanage_direct_set_enabled()
2025 if (semanage_begin_transaction(sh) < 0) { in semanage_direct_set_enabled()
2035 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_set_enabled()
2044 ERR(sh, "Enabled status %d is invalid.", enabled); in semanage_direct_set_enabled()
2052 ret = semanage_mkdir(sh, path); in semanage_direct_set_enabled()
2060 sh, in semanage_direct_set_enabled()
2070 sh, in semanage_direct_set_enabled()
2087 ERR(sh, in semanage_direct_set_enabled()
2097 ERR(sh, in semanage_direct_set_enabled()
2108 ERR(sh, in semanage_direct_set_enabled()
2122 WARN(sh, in semanage_direct_set_enabled()
2129 semanage_module_info_destroy(sh, modinfo); in semanage_direct_set_enabled()
2136 int semanage_direct_access_check(semanage_handle_t * sh) in semanage_direct_access_check() argument
2138 if (semanage_check_init(sh, sh->conf->store_root_path)) in semanage_direct_access_check()
2144 int semanage_direct_mls_enabled(semanage_handle_t * sh) in semanage_direct_mls_enabled() argument
2153 retval = semanage_read_policydb(sh, p, SEMANAGE_STORE_KERNEL); in semanage_direct_mls_enabled()
2163 static int semanage_direct_get_module_info(semanage_handle_t *sh, in semanage_direct_get_module_info() argument
2167 assert(sh); in semanage_direct_get_module_info()
2190 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_get_module_info()
2197 ret = semanage_direct_list_all(sh, &modinfos, &modinfos_len); in semanage_direct_get_module_info()
2216 ret = semanage_module_info_create(sh, modinfo); in semanage_direct_get_module_info()
2222 ret = semanage_module_info_clone(sh, highest, *modinfo); in semanage_direct_get_module_info()
2235 ERR(sh, "Priority %d is invalid.", modkey->priority); in semanage_direct_get_module_info()
2241 ret = semanage_module_info_create(sh, modinfo); in semanage_direct_get_module_info()
2247 ret = semanage_module_info_set_priority(sh, *modinfo, modkey->priority); in semanage_direct_get_module_info()
2253 ret = semanage_module_info_set_name(sh, *modinfo, modkey->name); in semanage_direct_get_module_info()
2260 ret = semanage_module_get_path(sh, in semanage_direct_get_module_info()
2273 ERR(sh, in semanage_direct_get_module_info()
2282 ERR(sh, in semanage_direct_get_module_info()
2289 ret = semanage_module_info_set_lang_ext(sh, *modinfo, tmp); in semanage_direct_get_module_info()
2299 ERR(sh, in semanage_direct_get_module_info()
2309 ret = semanage_module_get_path(sh, in semanage_direct_get_module_info()
2322 ERR(sh, "Unable to access %s: %s\n", fn, strerror(errno)); in semanage_direct_get_module_info()
2327 ret = semanage_module_info_set_enabled(sh, *modinfo, 1); in semanage_direct_get_module_info()
2334 ret = semanage_module_info_set_enabled(sh, *modinfo, 0); in semanage_direct_get_module_info()
2346 semanage_module_info_destroy(sh, &modinfos[i]); in semanage_direct_get_module_info()
2355 static int semanage_direct_set_module_info(semanage_handle_t *sh, in semanage_direct_set_module_info() argument
2367 ret = semanage_module_key_init(sh, &modkey); in semanage_direct_set_module_info()
2374 if (!sh->is_in_transaction) { in semanage_direct_set_module_info()
2375 if (semanage_begin_transaction(sh) < 0) { in semanage_direct_set_module_info()
2388 sh->modules_modified = 1; in semanage_direct_set_module_info()
2393 ret = semanage_mkdir(sh, path); in semanage_direct_set_module_info()
2400 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2410 ret = semanage_mkdir(sh, fn); in semanage_direct_set_module_info()
2417 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2427 ret = semanage_mkdir(sh, fn); in semanage_direct_set_module_info()
2434 ret = semanage_direct_write_langext(sh, modinfo->lang_ext, modinfo); in semanage_direct_set_module_info()
2445 ret = semanage_mkdir(sh, path); in semanage_direct_set_module_info()
2451 ret = semanage_module_get_path(sh, in semanage_direct_set_module_info()
2461 ret = semanage_module_key_set_name(sh, &modkey, modinfo->name); in semanage_direct_set_module_info()
2472 ret = semanage_module_get_module_info(sh, in semanage_direct_set_module_info()
2484 ret = semanage_module_set_enabled(sh, &modkey, enabled); in semanage_direct_set_module_info()
2491 semanage_module_key_destroy(sh, &modkey); in semanage_direct_set_module_info()
2493 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_set_module_info()
2514 static int semanage_direct_list_all(semanage_handle_t *sh, in semanage_direct_list_all() argument
2518 assert(sh); in semanage_direct_list_all()
2546 ret = semanage_module_info_init(sh, &modinfo); in semanage_direct_list_all()
2552 if (sh->is_in_transaction) { in semanage_direct_list_all()
2564 ERR(sh, "Error while scanning directory %s.", toplevel); in semanage_direct_list_all()
2581 ret = semanage_module_info_set_priority(sh, in semanage_direct_list_all()
2590 ret = semanage_module_get_path(sh, in semanage_direct_list_all()
2617 ERR(sh, in semanage_direct_list_all()
2631 ERR(sh, "Error allocating memory for module array."); in semanage_direct_list_all()
2641 sh, in semanage_direct_list_all()
2651 sh, in semanage_direct_list_all()
2662 sh, in semanage_direct_list_all()
2670 sh, in semanage_direct_list_all()
2678 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_list_all()
2687 semanage_module_info_destroy(sh, &modinfo); in semanage_direct_list_all()
2703 semanage_module_info_destroy(sh, modinfo_tmp); in semanage_direct_list_all()
2711 sh, in semanage_direct_list_all()
2723 static int semanage_direct_install_info(semanage_handle_t *sh, in semanage_direct_install_info() argument
2728 assert(sh); in semanage_direct_install_info()
2742 ret = semanage_module_key_init(sh, &higher_key); in semanage_direct_install_info()
2751 ERR(sh, "%s failed module validation.\n", modinfo->name); in semanage_direct_install_info()
2759 ret = semanage_module_key_set_name(sh, &higher_key, modinfo->name); in semanage_direct_install_info()
2765 ret = semanage_direct_get_module_info(sh, &higher_key, &higher_info); in semanage_direct_install_info()
2769 WARN(sh, in semanage_direct_install_info()
2777 INFO(sh, in semanage_direct_install_info()
2786 WARN(sh, in semanage_direct_install_info()
2793 ret = semanage_direct_set_module_info(sh, modinfo); in semanage_direct_install_info()
2806 sh, in semanage_direct_install_info()
2816 ret = write_compressed_file(sh, path, data, data_len); in semanage_direct_install_info()
2818 ERR(sh, "Error while writing to %s.", path); in semanage_direct_install_info()
2826 sh, in semanage_direct_install_info()
2839 ERR(sh, "Error while removing cached CIL file %s: %s", path, strerror(errno)); in semanage_direct_install_info()
2847 semanage_module_key_destroy(sh, &higher_key); in semanage_direct_install_info()
2848 semanage_module_info_destroy(sh, higher_info); in semanage_direct_install_info()
2855 static int semanage_direct_remove_key(semanage_handle_t *sh, in semanage_direct_remove_key() argument
2858 assert(sh); in semanage_direct_remove_key()
2868 ret = semanage_module_key_init(sh, &modkey_tmp); in semanage_direct_remove_key()
2878 ERR(sh, "Priority %d is invalid.", modkey->priority); in semanage_direct_remove_key()
2886 ERR(sh, "Name %s is invalid.", modkey->name); in semanage_direct_remove_key()
2891 ret = semanage_module_key_set_name(sh, &modkey_tmp, modkey->name); in semanage_direct_remove_key()
2899 sh, in semanage_direct_remove_key()
2912 ERR(sh, "Unable to remove module %s at priority %d.", modkey->name, modkey->priority); in semanage_direct_remove_key()
2918 ret = semanage_module_get_module_info(sh, &modkey_tmp, &modinfo); in semanage_direct_remove_key()
2922 INFO(sh, in semanage_direct_remove_key()
2929 sh, in semanage_direct_remove_key()
2953 INFO(sh, in semanage_direct_remove_key()
2961 semanage_module_key_destroy(sh, &modkey_tmp); in semanage_direct_remove_key()
2963 semanage_module_info_destroy(sh, modinfo); in semanage_direct_remove_key()