Joshua Brindle wrote:
Class and perms should come from the policy being used for analysis,
not the system policy so use sepol_ interfaces
Hrm, this solved my original problem which was that I was getting the
wrong answer back from audit2why (classes in my policy that weren't in
the system policy can back with BADTCLASS instead of a more appropriate
answer) but now I have a segfault so I'll try to track that down.
Change-Id: Ia0590ed2514249fd98810a8d4fe87f8bf5280561
---
libselinux/src/audit2why.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index 12745b3..abe1701 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -343,8 +343,8 @@ static PyObject *analyze(PyObject *self
__attribute__((unused)) , PyObject *args
if (rc< 0)
RETURN(BADTCON)
- tclass = string_to_security_class(tclassstr);
- if (!tclass)
+ rc = sepol_string_to_security_class(tclassstr,&tclass);
+ if (rc< 0)
RETURN(BADTCLASS)
/* Convert the permission list to an AV. */
@@ -365,8 +365,8 @@ static PyObject *analyze(PyObject *self
__attribute__((unused)) , PyObject *args
permstr = PyString_AsString( strObj );
#endif
- perm = string_to_av_perm(tclass, permstr);
- if (!perm)
+ rc = sepol_string_to_av_perm(tclass, permstr,&perm);
+ if (rc< 0)
RETURN(BADPERM)
av |= perm;
_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
