Re: libsepol policycap names
On Wed, Mar 07, 2018 at 04:19:33PM +0800, Jason Zaman wrote: > On Mon, Mar 05, 2018 at 09:03:10AM -0500, Stephen Smalley wrote: > > On 03/02/2018 01:49 PM, Chris PeBenito wrote: > > > I've been able to make SETools dynamically link to libsepol. However, > > > one challenge is with policycap names. They're static libsepol, with > > > nothing that exports them. Can we either: > > > > > > * export the sepol_polcap_getname() function, or > > > * move the polcap_names[] in polcaps.c into ? > > > > > > Then I can avoid having to manually keep a polcap name list inside > > > SETools. > > > > Let's do the former (and also export sepol_polcap_getnum for > > consistency). Did you want to spin up a patch or were you asking us to > > do so? > > If we put polcap_names[] in the .h file, would it mean that setools and > any other programs need to be re-compiled to see any changes? if thats > the case then only sepol_polcap_getname() would be easier for > maintenance. Oops i read it wrong, you mean export both the functions not the array, in that case yes agreed completely. -- Jason
Re: libsepol policycap names
On Mon, Mar 05, 2018 at 09:03:10AM -0500, Stephen Smalley wrote: > On 03/02/2018 01:49 PM, Chris PeBenito wrote: > > I've been able to make SETools dynamically link to libsepol. However, > > one challenge is with policycap names. They're static libsepol, with > > nothing that exports them. Can we either: > > > > * export the sepol_polcap_getname() function, or > > * move the polcap_names[] in polcaps.c into ? > > > > Then I can avoid having to manually keep a polcap name list inside SETools. > > Let's do the former (and also export sepol_polcap_getnum for > consistency). Did you want to spin up a patch or were you asking us to > do so? If we put polcap_names[] in the .h file, would it mean that setools and any other programs need to be re-compiled to see any changes? if thats the case then only sepol_polcap_getname() would be easier for maintenance. -- Jason
Re: libsepol policycap names
On 03/02/2018 01:49 PM, Chris PeBenito wrote: > I've been able to make SETools dynamically link to libsepol. However, > one challenge is with policycap names. They're static libsepol, with > nothing that exports them. Can we either: > > * export the sepol_polcap_getname() function, or > * move the polcap_names[] in polcaps.c into ? > > Then I can avoid having to manually keep a polcap name list inside SETools. Let's do the former (and also export sepol_polcap_getnum for consistency). Did you want to spin up a patch or were you asking us to do so?
Re: libsepol policycap names
On Fri, Mar 2, 2018 at 10:49 AM, Chris PeBenito wrote: > I've been able to make SETools dynamically link to libsepol. However, one > challenge is with policycap names. They're static libsepol, with nothing > that exports them. Can we either: > > * export the sepol_polcap_getname() function, or > * move the polcap_names[] in polcaps.c into ? > > Then I can avoid having to manually keep a polcap name list inside SETools. I would rather export the sepol_polcap_getname() rather than the raw mapping array. > > -- > Chris PeBenito >
libsepol policycap names
I've been able to make SETools dynamically link to libsepol. However, one challenge is with policycap names. They're static libsepol, with nothing that exports them. Can we either: * export the sepol_polcap_getname() function, or * move the polcap_names[] in polcaps.c into ? Then I can avoid having to manually keep a polcap name list inside SETools. -- Chris PeBenito
