subject:"\[PATCH 8\/9\] semanage\: Update semanage to allow runtime labeling of ibendports"

Re: [PATCH 8/9] semanage: Update semanage to allow runtime labeling of ibendports

2017-05-14 Thread Jason Zaman

On Tue, May 09, 2017 at 11:50:41PM +0300, Dan Jurgens wrote:
> From: Daniel Jurgens 
> 
> Update libsepol and libsemanage to work with ibendport records. Add local
> storage for new and modified ibendport records in ibendports.local.
> Update semanage to parse the ibendport command options to add, modify,
> and delete them.
> 
> Signed-off-by: Daniel Jurgens 
> ---
>  libsemanage/include/semanage/ibendport_record.h  |   62 +
>  libsemanage/include/semanage/ibendports_local.h  |   36 +++
>  libsemanage/include/semanage/ibendports_policy.h |   28 ++
>  libsemanage/include/semanage/semanage.h  |3 +
>  libsemanage/src/direct_api.c |   42 +++-
>  libsemanage/src/handle.h |   38 ++-
>  libsemanage/src/ibendport_internal.h |   48 
>  libsemanage/src/ibendport_record.c   |  154 +++
>  libsemanage/src/ibendports_file.c|  157 +++
>  libsemanage/src/ibendports_local.c   |  153 +++
>  libsemanage/src/ibendports_policy.c  |   55 
>  libsemanage/src/ibendports_policydb.c|   62 +
>  libsemanage/src/libsemanage.map  |1 +
>  libsemanage/src/policy_components.c  |4 +
>  libsemanage/src/semanage_store.c |1 +
>  libsemanage/src/semanage_store.h |1 +
>  libsemanage/src/semanageswig.i   |3 +
>  libsemanage/src/semanageswig_python.i|   43 +++
>  libsemanage/utils/semanage_migrate_store |3 +-
>  libsepol/include/sepol/ibendport_record.h|   68 +
>  libsepol/include/sepol/ibendports.h  |   45 
>  libsepol/include/sepol/sepol.h   |2 +
>  libsepol/src/ibendport_internal.h|   20 ++
>  libsepol/src/ibendport_record.c  |  299 
> ++
>  libsepol/src/ibendports.c|  255 ++
>  python/semanage/semanage |   58 -
>  python/semanage/seobject.py  |  238 +
>  27 files changed, 1857 insertions(+), 22 deletions(-)
>  create mode 100644 libsemanage/include/semanage/ibendport_record.h
>  create mode 100644 libsemanage/include/semanage/ibendports_local.h
>  create mode 100644 libsemanage/include/semanage/ibendports_policy.h
>  create mode 100644 libsemanage/src/ibendport_internal.h
>  create mode 100644 libsemanage/src/ibendport_record.c
>  create mode 100644 libsemanage/src/ibendports_file.c
>  create mode 100644 libsemanage/src/ibendports_local.c
>  create mode 100644 libsemanage/src/ibendports_policy.c
>  create mode 100644 libsemanage/src/ibendports_policydb.c
>  create mode 100644 libsepol/include/sepol/ibendport_record.h
>  create mode 100644 libsepol/include/sepol/ibendports.h
>  create mode 100644 libsepol/src/ibendport_internal.h
>  create mode 100644 libsepol/src/ibendport_record.c
>  create mode 100644 libsepol/src/ibendports.c

[ ... ]

> diff --git a/python/semanage/semanage b/python/semanage/semanage
> index 11b56e2..313537c 100644
> --- a/python/semanage/semanage
> +++ b/python/semanage/semanage
> @@ -61,6 +61,9 @@ usage_port_dict = {' --add': ('-t TYPE', '-p PROTOCOL', '-r 
> RANGE', '(', 'port_n
>  usage_ibpkey = "semanage ibpkey [-h] [-n] [-N] [-s STORE] ["
>  usage_ibpkey_dict = {' --add': ('-t TYPE', '-x SUBNET_PREFIX', '-r RANGE', 
> '(', 'ibpkey_name', '|', 'pkey_range', ')'), ' --modify': ('-t TYPE', '-x 
> SUBNET_PREFIX', '-r RANGE', '(', 'ibpkey_name', '|', 'pkey_range', ')'), ' 
> --delete': ('-x SUBNET_PREFIX', '(', 'ibpkey_name', '|', 'pkey_range', ')'), 
> ' --list': ('-C',), ' --extract': ('',), ' --deleteall': ('',)}
>  
> +usage_ibendport = "semanage ibendport [-h] [-n] [-N] [-s STORE] ["
> +usage_ibendport_dict = {' --add': ('-t TYPE', '-z IBDEV_NAME', '-r RANGE', 
> '(', 'port', ')'), ' --modify': ('-t TYPE', '-z IBDEV_NAME', '-r RANGE', '(', 
> 'port', ')'), ' --delete': ('-z IBDEV_NAME', '-r RANGE''(', 'port', ')'), ' 
> --list': ('-C',), ' --extract': ('',), ' --deleteall': ('',)}
> +
>  usage_node = "semanage node [-h] [-n] [-N] [-S STORE] ["
>  usage_node_dict = {' --add': ('-M NETMASK', '-p PROTOCOL', '-t TYPE', '-r 
> RANGE', 'node'), ' --modify': ('-M NETMASK', '-p PROTOCOL', '-t TYPE', '-r 
> RANGE', 'node'), ' --delete': ('-M NETMASK', '-p PROTOCOL', 'node'), ' 
> --list': ('-C',), ' --extract': ('',), ' --deleteall': ('',)}
>  
> @@ -152,6 +155,10 @@ def ibpkey_ini():
>  OBJECT = seobject.ibpkeyRecords(store)
>  return OBJECT
>  
> +def ibendport_ini():
> +OBJECT = seobject.ibendportRecords(store)
> +return OBJECT
> +
>  def module_ini():
>  OBJECT = seobject.moduleRecords(store)
>  return OBJECT
> @@ -187,8 +194,7 @@ def dontaudit_ini():
>  return OBJECT
>  
>  # define dictonary for seobject OBEJCTS
> -object_dict = {'login': login_ini, 'user':

[PATCH 8/9] semanage: Update semanage to allow runtime labeling of ibendports

2017-05-09 Thread Dan Jurgens

From: Daniel Jurgens 

Update libsepol and libsemanage to work with ibendport records. Add local
storage for new and modified ibendport records in ibendports.local.
Update semanage to parse the ibendport command options to add, modify,
and delete them.

Signed-off-by: Daniel Jurgens 
---
 libsemanage/include/semanage/ibendport_record.h  |   62 +
 libsemanage/include/semanage/ibendports_local.h  |   36 +++
 libsemanage/include/semanage/ibendports_policy.h |   28 ++
 libsemanage/include/semanage/semanage.h  |3 +
 libsemanage/src/direct_api.c |   42 +++-
 libsemanage/src/handle.h |   38 ++-
 libsemanage/src/ibendport_internal.h |   48 
 libsemanage/src/ibendport_record.c   |  154 +++
 libsemanage/src/ibendports_file.c|  157 +++
 libsemanage/src/ibendports_local.c   |  153 +++
 libsemanage/src/ibendports_policy.c  |   55 
 libsemanage/src/ibendports_policydb.c|   62 +
 libsemanage/src/libsemanage.map  |1 +
 libsemanage/src/policy_components.c  |4 +
 libsemanage/src/semanage_store.c |1 +
 libsemanage/src/semanage_store.h |1 +
 libsemanage/src/semanageswig.i   |3 +
 libsemanage/src/semanageswig_python.i|   43 +++
 libsemanage/utils/semanage_migrate_store |3 +-
 libsepol/include/sepol/ibendport_record.h|   68 +
 libsepol/include/sepol/ibendports.h  |   45 
 libsepol/include/sepol/sepol.h   |2 +
 libsepol/src/ibendport_internal.h|   20 ++
 libsepol/src/ibendport_record.c  |  299 ++
 libsepol/src/ibendports.c|  255 ++
 python/semanage/semanage |   58 -
 python/semanage/seobject.py  |  238 +
 27 files changed, 1857 insertions(+), 22 deletions(-)
 create mode 100644 libsemanage/include/semanage/ibendport_record.h
 create mode 100644 libsemanage/include/semanage/ibendports_local.h
 create mode 100644 libsemanage/include/semanage/ibendports_policy.h
 create mode 100644 libsemanage/src/ibendport_internal.h
 create mode 100644 libsemanage/src/ibendport_record.c
 create mode 100644 libsemanage/src/ibendports_file.c
 create mode 100644 libsemanage/src/ibendports_local.c
 create mode 100644 libsemanage/src/ibendports_policy.c
 create mode 100644 libsemanage/src/ibendports_policydb.c
 create mode 100644 libsepol/include/sepol/ibendport_record.h
 create mode 100644 libsepol/include/sepol/ibendports.h
 create mode 100644 libsepol/src/ibendport_internal.h
 create mode 100644 libsepol/src/ibendport_record.c
 create mode 100644 libsepol/src/ibendports.c

diff --git a/libsemanage/include/semanage/ibendport_record.h 
b/libsemanage/include/semanage/ibendport_record.h
new file mode 100644
index 000..153eea0
--- /dev/null
+++ b/libsemanage/include/semanage/ibendport_record.h
@@ -0,0 +1,62 @@
+/*Copyright (C) 2005 Red Hat, Inc. */
+
+#ifndef _SEMANAGE_IBENDPORT_RECORD_H_
+#define _SEMANAGE_IBENDPORT_RECORD_H_
+
+#include 
+#include 
+#include 
+
+#ifndef _SEMANAGE_IBENDPORT_DEFINED_
+struct semanage_ibendport;
+struct semanage_ibendport_key;
+typedef struct semanage_ibendport semanage_ibendport_t;
+typedef struct semanage_ibendport_key semanage_ibendport_key_t;
+#define _SEMANAGE_IBENDPORT_DEFINED_
+#endif
+
+extern int semanage_ibendport_compare(const semanage_ibendport_t *ibendport,
+ const semanage_ibendport_key_t *key);
+
+extern int semanage_ibendport_compare2(const semanage_ibendport_t *ibendport,
+  const semanage_ibendport_t *ibendport2);
+
+extern int semanage_ibendport_key_create(semanage_handle_t *handle,
+const char *ibdev_name,
+int port,
+semanage_ibendport_key_t **key_ptr);
+
+extern int semanage_ibendport_key_extract(semanage_handle_t *handle,
+ const semanage_ibendport_t *ibendport,
+ semanage_ibendport_key_t **key_ptr);
+
+extern void semanage_ibendport_key_free(semanage_ibendport_key_t *key);
+
+extern int semanage_ibendport_get_ibdev_name(semanage_handle_t *handle,
+const semanage_ibendport_t 
*ibendport,
+char **ibdev_name_ptr);
+
+extern int semanage_ibendport_set_ibdev_name(semanage_handle_t *handle,
+semanage_ibendport_t *ibendport,
+const char *ibdev_name);
+
+extern int semanage_ibendport_get_port(const semanage_ibendport_t *ibendport);

Re: [PATCH 8/9] semanage: Update semanage to allow runtime labeling of ibendports

[PATCH 8/9] semanage: Update semanage to allow runtime labeling of ibendports

2 matches

Site Navigation

Mail list logo

Footer information