Lines Matching refs:sh
213 static int semanage_init_final(semanage_handle_t *sh, const char *prefix) in semanage_init_final() argument
215 assert(sh); in semanage_init_final()
220 const char *store_path = sh->conf->store_path; in semanage_init_final()
273 static int semanage_init_final_suffix(semanage_handle_t *sh) in semanage_init_final_suffix() argument
282 ERR(sh, "Unable to allocate space for policy top level path."); in semanage_init_final_suffix()
290 ERR(sh, "Unable to allocate space for file context path."); in semanage_init_final_suffix()
298 ERR(sh, "Unable to allocate space for file context home directory path."); in semanage_init_final_suffix()
306 ERR(sh, "Unable to allocate space for local file context path."); in semanage_init_final_suffix()
314 ERR(sh, "Unable to allocate space for netfilter context path."); in semanage_init_final_suffix()
322 ERR(sh, "Unable to allocate space for userconf path."); in semanage_init_final_suffix()
331 sh->conf->policyvers); in semanage_init_final_suffix()
333 ERR(sh, "Unable to compose policy binary path."); in semanage_init_final_suffix()
340 ERR(sh, "Unable to allocate space for policy binary path."); in semanage_init_final_suffix()
358 static int semanage_init_final_paths(semanage_handle_t *sh) in semanage_init_final_paths() argument
371 ERR(sh, "Unable to allocate space for policy final path."); in semanage_init_final_paths()
404 int semanage_check_init(semanage_handle_t *sh, const char *prefix) in semanage_check_init() argument
415 sh->conf->store_path); in semanage_check_init()
427 rc = semanage_init_final(sh, prefix); in semanage_check_init()
431 rc = semanage_init_final_suffix(sh); in semanage_check_init()
435 rc = semanage_init_final_paths(sh); in semanage_check_init()
512 int semanage_create_store(semanage_handle_t * sh, int create) in semanage_create_store() argument
522 ERR(sh, "Could not create module store at %s.", in semanage_create_store()
528 ERR(sh, in semanage_create_store()
535 ERR(sh, in semanage_create_store()
545 ERR(sh, in semanage_create_store()
551 ERR(sh, in semanage_create_store()
558 ERR(sh, in semanage_create_store()
568 ERR(sh, in semanage_create_store()
574 ERR(sh, in semanage_create_store()
581 ERR(sh, in semanage_create_store()
591 ERR(sh, "Could not create lock file at %s.", in semanage_create_store()
597 ERR(sh, "Could not read lock file at %s.", path); in semanage_create_store()
602 ERR(sh, "Could not access lock file at %s.", path); in semanage_create_store()
817 int semanage_mkpath(semanage_handle_t *sh, const char *path) in semanage_mkpath() argument
833 rc = semanage_mkdir(sh, fn); in semanage_mkpath()
839 rc = semanage_mkdir(sh, fn); in semanage_mkpath()
845 int semanage_mkdir(semanage_handle_t *sh, const char *path) in semanage_mkdir() argument
854 ERR(sh, "Cannot make directory at %s", path); in semanage_mkdir()
863 ERR(sh, "Directory path taken by non-directory file at %s.", path); in semanage_mkdir()
878 int semanage_make_sandbox(semanage_handle_t * sh) in semanage_make_sandbox() argument
886 ERR(sh, "Error scanning directory %s.", sandbox); in semanage_make_sandbox()
893 ERR(sh, "Error removing old sandbox directory %s.", in semanage_make_sandbox()
902 ERR(sh, "Could not copy files to sandbox %s.", sandbox); in semanage_make_sandbox()
915 int semanage_make_final(semanage_handle_t *sh) in semanage_make_final() argument
926 sh->conf->store_root_path, in semanage_make_final()
929 ERR(sh, "Unable to compose the final tmp path."); in semanage_make_final()
934 ret = semanage_mkdir(sh, fn); in semanage_make_final()
936 ERR(sh, "Unable to create temporary directory for final files at %s", fn); in semanage_make_final()
954 ERR(sh, "Unable to compose the final paths."); in semanage_make_final()
959 ret = semanage_mkpath(sh, dirname(fn)); in semanage_make_final()
979 int semanage_get_cil_paths(semanage_handle_t * sh, in semanage_get_cil_paths() argument
993 ERR(sh, "Error allocating space for filenames."); in semanage_get_cil_paths()
1000 sh, in semanage_get_cil_paths()
1038 int semanage_get_active_modules(semanage_handle_t * sh, in semanage_get_active_modules() argument
1042 assert(sh); in semanage_get_active_modules()
1063 ret = semanage_module_list_all(sh, &all_modinfos, &all_modinfos_len); in semanage_get_active_modules()
1076 ERR(sh, "Error allocating space for module information."); in semanage_get_active_modules()
1093 ERR(sh, "Failed to add module name to list of known names."); in semanage_get_active_modules()
1100 if (semanage_module_info_clone(sh, &all_modinfos[i], &(*modinfo)[j]) != 0) { in semanage_get_active_modules()
1119 ERR(sh, "Error allocating space for filenames."); in semanage_get_active_modules()
1135 semanage_module_info_destroy(sh, &all_modinfos[i]); in semanage_get_active_modules()
1141 semanage_module_info_destroy(sh, &(*modinfo)[i]); in semanage_get_active_modules()
1358 static int semanage_exec_prog(semanage_handle_t * sh, in semanage_exec_prog() argument
1368 ERR(sh, "Out of memory!"); in semanage_exec_prog()
1385 ERR(sh, "Error while forking process."); in semanage_exec_prog()
1391 ERR(sh, "Child process %s did not exit cleanly.", in semanage_exec_prog()
1400 int semanage_reload_policy(semanage_handle_t * sh) in semanage_reload_policy() argument
1404 if (!sh) in semanage_reload_policy()
1407 if ((r = semanage_exec_prog(sh, sh->conf->load_policy, "", "")) != 0) { in semanage_reload_policy()
1408 ERR(sh, "load_policy returned error code %d.", r); in semanage_reload_policy()
1416 int semanage_split_fc(semanage_handle_t * sh) in hidden_def()
1425 ERR(sh, "Could not open %s for reading.", in hidden_def()
1433 ERR(sh, "Could not open %s for writing.", in hidden_def()
1440 ERR(sh, "Could not open %s for writing.", in hidden_def()
1451 ERR(sh, "Write to %s failed.", in hidden_def()
1458 ERR(sh, "Write to %s failed.", in hidden_def()
1478 static int sefcontext_compile(semanage_handle_t * sh, const char *path) { in sefcontext_compile() argument
1486 if ((r = semanage_exec_prog(sh, sh->conf->sefcontext_compile, path, "")) != 0) { in sefcontext_compile()
1487 ERR(sh, "sefcontext_compile returned error code %d. Compiling %s", r, path); in sefcontext_compile()
1497 static int semanage_install_final_tmp(semanage_handle_t * sh) in semanage_install_final_tmp() argument
1518 if (sh->conf->disable_genhomedircon && in semanage_install_final_tmp()
1522 ret = semanage_mkpath(sh, dirname(fn)); in semanage_install_final_tmp()
1527 ret = semanage_copy_file(src, dst, sh->conf->file_mode); in semanage_install_final_tmp()
1529 ERR(sh, "Could not copy %s to %s.", src, dst); in semanage_install_final_tmp()
1534 if (!sh->do_reload) in semanage_install_final_tmp()
1549 ERR(sh, "Could not stat store path %s.", storepath); in semanage_install_final_tmp()
1564 if (semanage_reload_policy(sh)) { in semanage_install_final_tmp()
1569 if (sh->do_check_contexts) { in semanage_install_final_tmp()
1571 sh, in semanage_install_final_tmp()
1572 sh->conf->setfiles, in semanage_install_final_tmp()
1578 ERR(sh, "setfiles returned error code %d.", ret); in semanage_install_final_tmp()
1583 if (sefcontext_compile(sh, in semanage_install_final_tmp()
1588 if (sefcontext_compile(sh, in semanage_install_final_tmp()
1593 if (sefcontext_compile(sh, in semanage_install_final_tmp()
1607 static int semanage_commit_sandbox(semanage_handle_t * sh) in semanage_commit_sandbox() argument
1621 if ((commit_number = semanage_direct_get_serial(sh)) < 0) { in semanage_commit_sandbox()
1630 ERR(sh, "Could not open commit number file %s for writing.", in semanage_commit_sandbox()
1636 ERR(sh, "Error while writing commit number to %s.", in semanage_commit_sandbox()
1645 if (semanage_get_active_lock(sh) < 0) { in semanage_commit_sandbox()
1652 ERR(sh, "Could not remove previous backup %s.", backup); in semanage_commit_sandbox()
1657 ERR(sh, "Could not stat directory %s.", backup); in semanage_commit_sandbox()
1663 ERR(sh, "Error while renaming %s to %s.", active, backup); in semanage_commit_sandbox()
1672 ERR(sh, "Error while renaming %s to %s.", sandbox, active); in semanage_commit_sandbox()
1677 ERR(sh, "Error while renaming %s back to %s.", backup, in semanage_commit_sandbox()
1682 if (semanage_install_final_tmp(sh) != 0) { in semanage_commit_sandbox()
1688 ERR(sh, "Error while renaming %s back to %s.", active, in semanage_commit_sandbox()
1691 ERR(sh, "Error while renaming %s back to %s.", backup, in semanage_commit_sandbox()
1694 semanage_install_final_tmp(sh); in semanage_commit_sandbox()
1700 if (!sh->conf->save_previous) { in semanage_commit_sandbox()
1704 ERR(sh, "Could not delete previous directory %s.", backup); in semanage_commit_sandbox()
1711 semanage_release_active_lock(sh); in semanage_commit_sandbox()
1721 int semanage_install_sandbox(semanage_handle_t * sh) in semanage_install_sandbox() argument
1725 if (sh->conf->load_policy == NULL) { in semanage_install_sandbox()
1726 ERR(sh, in semanage_install_sandbox()
1730 if (sh->conf->setfiles == NULL) { in semanage_install_sandbox()
1731 ERR(sh, "No setfiles program specified in configuration file."); in semanage_install_sandbox()
1735 if (sh->conf->sefcontext_compile == NULL) { in semanage_install_sandbox()
1736 ERR(sh, "No sefcontext_compile program specified in configuration file."); in semanage_install_sandbox()
1740 if ((commit_num = semanage_commit_sandbox(sh)) < 0) { in semanage_install_sandbox()
1754 static int semanage_get_lock(semanage_handle_t * sh, in semanage_get_lock() argument
1765 ERR(sh, "Could not open direct %s at %s.", lock_name, in semanage_get_lock()
1771 ERR(sh, "Could not set close-on-exec for %s at %s.", lock_name, in semanage_get_lock()
1777 if (sh->timeout == 0) { in semanage_get_lock()
1781 origtime.tv_sec = sh->timeout; in semanage_get_lock()
1791 ERR(sh, "Error obtaining direct %s at %s.", lock_name, in semanage_get_lock()
1796 if (origtime.tv_sec > 0 || sh->timeout == -1) { in semanage_get_lock()
1801 ERR(sh, in semanage_get_lock()
1809 } while (origtime.tv_sec > 0 || sh->timeout == -1); in semanage_get_lock()
1811 ERR(sh, "Could not get direct %s at %s.", lock_name, lock_file); in semanage_get_lock()
1824 int semanage_get_trans_lock(semanage_handle_t * sh) in semanage_get_trans_lock() argument
1828 if (sh->u.direct.translock_file_fd >= 0) in semanage_get_trans_lock()
1831 sh->u.direct.translock_file_fd = in semanage_get_trans_lock()
1832 semanage_get_lock(sh, "transaction lock", lock_file); in semanage_get_trans_lock()
1833 if (sh->u.direct.translock_file_fd >= 0) { in semanage_get_trans_lock()
1847 int semanage_get_active_lock(semanage_handle_t * sh) in semanage_get_active_lock() argument
1851 if (sh->u.direct.activelock_file_fd >= 0) in semanage_get_active_lock()
1854 sh->u.direct.activelock_file_fd = in semanage_get_active_lock()
1855 semanage_get_lock(sh, "read lock", lock_file); in semanage_get_active_lock()
1856 if (sh->u.direct.activelock_file_fd >= 0) { in semanage_get_active_lock()
1865 void semanage_release_trans_lock(semanage_handle_t * sh) in semanage_release_trans_lock() argument
1868 if (sh->u.direct.translock_file_fd >= 0) { in semanage_release_trans_lock()
1869 flock(sh->u.direct.translock_file_fd, LOCK_UN); in semanage_release_trans_lock()
1870 close(sh->u.direct.translock_file_fd); in semanage_release_trans_lock()
1871 sh->u.direct.translock_file_fd = -1; in semanage_release_trans_lock()
1878 void semanage_release_active_lock(semanage_handle_t * sh) in semanage_release_active_lock() argument
1881 if (sh->u.direct.activelock_file_fd >= 0) { in semanage_release_active_lock()
1882 flock(sh->u.direct.activelock_file_fd, LOCK_UN); in semanage_release_active_lock()
1883 close(sh->u.direct.activelock_file_fd); in semanage_release_active_lock()
1884 sh->u.direct.activelock_file_fd = -1; in semanage_release_active_lock()
1892 int semanage_direct_get_serial(semanage_handle_t * sh) in semanage_direct_get_serial() argument
1900 if (sh->is_in_transaction) { in semanage_direct_get_serial()
1915 ERR(sh, "Could not open commit number file %s.", in semanage_direct_get_serial()
1923 ERR(sh, "Error while reading commit number from %s.", in semanage_direct_get_serial()
1931 ERR(sh, in semanage_direct_get_serial()
1943 int semanage_load_files(semanage_handle_t * sh, cil_db_t *cildb, char **filenames, int numfiles) in semanage_load_files() argument
1956 ERR(sh, "Could not open module file %s for reading.", filename); in semanage_load_files()
1960 if ((size = bunzip(sh, fp, &data)) <= 0) { in semanage_load_files()
1965 ERR(sh, "Failed to determine size of file %s.", filename); in semanage_load_files()
1973 ERR(sh, "Failed to read file %s.", filename); in semanage_load_files()
1983 ERR(sh, "Error while reading from file %s.", filename); in semanage_load_files()
2008 int semanage_read_policydb(semanage_handle_t * sh, sepol_policydb_t * in) in semanage_read_policydb() argument
2021 ERR(sh, "Could not open kernel policy %s for reading.", in semanage_read_policydb()
2027 ERR(sh, "Out of memory!"); in semanage_read_policydb()
2031 sepol_policy_file_set_handle(pf, sh->sepolh); in semanage_read_policydb()
2033 ERR(sh, "Error while reading kernel policy from %s.", in semanage_read_policydb()
2049 int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out) in semanage_write_policydb() argument
2062 ERR(sh, "Could not open kernel policy %s for writing.", in semanage_write_policydb()
2068 ERR(sh, "Out of memory!"); in semanage_write_policydb()
2072 sepol_policy_file_set_handle(pf, sh->sepolh); in semanage_write_policydb()
2074 ERR(sh, "Error while writing kernel policy to %s.", in semanage_write_policydb()
2091 int semanage_verify_modules(semanage_handle_t * sh, in semanage_verify_modules() argument
2095 semanage_conf_t *conf = sh->conf; in semanage_verify_modules()
2104 semanage_exec_prog(sh, e, module, "$<")) != 0) { in semanage_verify_modules()
2116 int semanage_verify_linked(semanage_handle_t * sh) in semanage_verify_linked() argument
2119 semanage_conf_t *conf = sh->conf; in semanage_verify_linked()
2127 if (semanage_exec_prog(sh, e, linked_filename, "$<") != 0) { in semanage_verify_linked()
2139 int semanage_verify_kernel(semanage_handle_t * sh) in semanage_verify_kernel() argument
2144 semanage_conf_t *conf = sh->conf; in semanage_verify_kernel()
2150 if (semanage_exec_prog(sh, e, kernel_filename, "$<") != 0) { in semanage_verify_kernel()
2434 int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, in semanage_fc_sort() argument
2452 if (sh == NULL) { in semanage_fc_sort()
2456 ERR(sh, "Received NULL buffer."); in semanage_fc_sort()
2460 ERR(sh, "Received buffer of length 0."); in semanage_fc_sort()
2471 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2484 ERR(sh, "Failure parsing file context buffer."); in semanage_fc_sort()
2518 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2547 ERR(sh, in semanage_fc_sort()
2556 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2568 ERR(sh, in semanage_fc_sort()
2580 ERR(sh, in semanage_fc_sort()
2591 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2605 ERR(sh, in semanage_fc_sort()
2624 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2649 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2671 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2702 ERR(sh, "Failure allocating memory."); in semanage_fc_sort()
2739 ERR(sh, "Failure writing sorted buffer."); in semanage_fc_sort()
2774 int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, in semanage_nc_sort() argument
2842 ERR(sh, "Netfilter context line missing priority."); in semanage_nc_sort()
2855 ERR(sh, "Failure allocating memory."); in semanage_nc_sort()
2866 ERR(sh, "Failure allocating memory."); in semanage_nc_sort()
2897 ERR(sh, "Failure allocating memory."); in semanage_nc_sort()