1 /* Authors: Karl MacMillan <kmacmillan@tresys.com> 2 * Joshua Brindle <jbrindle@tresys.com> 3 * Jason Tang <jtang@tresys.com> 4 * Christopher Ashworth <cashworth@tresys.com> 5 * 6 * Copyright (C) 2004-2006 Tresys Technology, LLC 7 * Copyright (C) 2005 Red Hat, Inc. 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2.1 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, write to the Free Software 21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 22 */ 23 24 #ifndef SEMANAGE_MODULE_STORE_H 25 #define SEMANAGE_MODULE_STORE_H 26 27 #include <stdbool.h> 28 #include <sys/time.h> 29 #include <sepol/module.h> 30 #include <sepol/cil/cil.h> 31 #include "handle.h" 32 33 enum semanage_store_defs { 34 SEMANAGE_ACTIVE, 35 SEMANAGE_PREVIOUS, 36 SEMANAGE_TMP, 37 SEMANAGE_NUM_STORES 38 }; 39 40 /* sandbox filenames and paths */ 41 enum semanage_sandbox_defs { 42 SEMANAGE_TOPLEVEL, 43 SEMANAGE_MODULES, 44 SEMANAGE_LINKED, 45 SEMANAGE_HOMEDIR_TMPL, 46 SEMANAGE_FC_TMPL, 47 SEMANAGE_COMMIT_NUM_FILE, 48 SEMANAGE_IBPKEYS_LOCAL, 49 SEMANAGE_IBENDPORTS_LOCAL, 50 SEMANAGE_PORTS_LOCAL, 51 SEMANAGE_INTERFACES_LOCAL, 52 SEMANAGE_NODES_LOCAL, 53 SEMANAGE_BOOLEANS_LOCAL, 54 SEMANAGE_SEUSERS_LOCAL, 55 SEMANAGE_SEUSERS_LINKED, 56 SEMANAGE_USERS_BASE_LOCAL, 57 SEMANAGE_USERS_EXTRA_LOCAL, 58 SEMANAGE_USERS_EXTRA_LINKED, 59 SEMANAGE_USERS_EXTRA, 60 SEMANAGE_DISABLE_DONTAUDIT, 61 SEMANAGE_PRESERVE_TUNABLES, 62 SEMANAGE_MODULES_DISABLED, 63 SEMANAGE_MODULES_CHECKSUM, 64 SEMANAGE_STORE_KERNEL, 65 SEMANAGE_STORE_FC_LOCAL, 66 SEMANAGE_STORE_FC_HOMEDIRS, 67 SEMANAGE_STORE_FC, 68 SEMANAGE_STORE_SEUSERS, 69 SEMANAGE_STORE_NUM_PATHS 70 }; 71 72 enum semanage_final_defs { 73 SEMANAGE_FINAL_TMP, 74 SEMANAGE_FINAL_SELINUX, 75 SEMANAGE_FINAL_NUM 76 }; 77 78 enum semanage_final_path_defs { 79 SEMANAGE_FINAL_TOPLEVEL, 80 SEMANAGE_FC, 81 SEMANAGE_FC_BIN, 82 SEMANAGE_FC_HOMEDIRS, 83 SEMANAGE_FC_HOMEDIRS_BIN, 84 SEMANAGE_FC_LOCAL, 85 SEMANAGE_FC_LOCAL_BIN, 86 SEMANAGE_KERNEL, 87 SEMANAGE_NC, 88 SEMANAGE_SEUSERS, 89 SEMANAGE_FINAL_PATH_NUM 90 }; 91 92 /* FIXME: this needs to be made a module store specific init and the 93 * global configuration moved to another file. 94 */ 95 char *semanage_conf_path(void); 96 97 int semanage_check_init(semanage_handle_t *sh, const char *prefix); 98 99 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum); 100 101 extern const char *semanage_path(enum semanage_store_defs store, 102 enum semanage_sandbox_defs file); 103 104 extern const char *semanage_final_path(enum semanage_final_defs root, 105 enum semanage_final_path_defs suffix); 106 107 int semanage_create_store(semanage_handle_t * sh, int create); 108 109 int semanage_store_access_check(void); 110 111 int semanage_remove_directory(const char *path); 112 113 int semanage_mkdir(semanage_handle_t *sh, const char *path); 114 115 int semanage_mkpath(semanage_handle_t *sh, const char *path); 116 117 int semanage_make_sandbox(semanage_handle_t * sh); 118 119 int semanage_make_final(semanage_handle_t * sh); 120 121 int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modinfos, 122 int len, char ***filenames); 123 124 int semanage_get_active_modules(semanage_handle_t *sh, 125 semanage_module_info_t **modinfo, int *num_modules); 126 127 128 /* lock file routines */ 129 int semanage_get_trans_lock(semanage_handle_t * sh); 130 int semanage_get_active_lock(semanage_handle_t * sh); 131 void semanage_release_trans_lock(semanage_handle_t * sh); 132 void semanage_release_active_lock(semanage_handle_t * sh); 133 int semanage_direct_get_serial(semanage_handle_t * sh); 134 135 int semanage_load_files(semanage_handle_t * sh, 136 cil_db_t *cildb, char **filenames, int num_modules); 137 138 int semanage_read_policydb(semanage_handle_t * sh, 139 sepol_policydb_t * policydb, 140 enum semanage_sandbox_defs file); 141 142 int semanage_write_policydb(semanage_handle_t * sh, 143 sepol_policydb_t * policydb, 144 enum semanage_sandbox_defs file); 145 146 int semanage_install_sandbox(semanage_handle_t * sh); 147 148 int semanage_verify_modules(semanage_handle_t * sh, 149 char **module_filenames, int num_modules); 150 151 int semanage_verify_linked(semanage_handle_t * sh); 152 int semanage_verify_kernel(semanage_handle_t * sh); 153 int semanage_split_fc(semanage_handle_t * sh); 154 155 /* sort file context routines */ 156 int semanage_fc_sort(semanage_handle_t * sh, 157 const char *buf, 158 size_t buf_len, 159 char **sorted_buf, size_t * sorted_buf_len); 160 161 /* sort netfilter context routines */ 162 int semanage_nc_sort(semanage_handle_t * sh, 163 const char *buf, 164 size_t buf_len, 165 char **sorted_buf, size_t * sorted_buf_len); 166 167 int semanage_copy_file(const char *src, const char *dst, mode_t mode, 168 bool syncrequired); 169 170 #endif 171