From owner-p4-projects@FreeBSD.ORG Fri Apr 21 17:44:49 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 1120E16A404; Fri, 21 Apr 2006 17:44:49 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C321B16A403 for ; Fri, 21 Apr 2006 17:44:48 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id A28AB43D5C for ; Fri, 21 Apr 2006 17:44:47 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k3LHilNS067379 for ; Fri, 21 Apr 2006 17:44:47 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k3LHilrF067376 for perforce@freebsd.org; Fri, 21 Apr 2006 17:44:47 GMT (envelope-from millert@freebsd.org) Date: Fri, 21 Apr 2006 17:44:47 GMT Message-Id: <200604211744.k3LHilrF067376@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 95805 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Apr 2006 17:44:49 -0000 http://perforce.freebsd.org/chv.cgi?CH=95805 Change 95805 by millert@millert_g5tower on 2006/04/21 17:43:50 Adapt to selinux userland update Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/MAC.loginPlugin.xcode/project.pbxproj#3 (text+ko) ==== @@ -81,8 +81,8 @@ GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_PREFIX_HEADER = "$(SYSTEM_LIBRARY_DIR)/Frameworks/AppKit.framework/Headers/AppKit.h"; INFOPLIST_FILE = plugins/SEDarwin/Info.plist; - OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include -I../../../sedarwin"; - OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../libmac -lmac -L../../../sedarwin/libselinux/src -lselinux"; + OTHER_CFLAGS = "-I../../xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk -I../../../sedarwin/libselinux/include"; + OTHER_LDFLAGS = "-framework Foundation -framework AppKit -L../../../sedarwin/libselinux/src -lselinux -L../../../sedarwin/libsepol/src -lsepol -L../../../sedarwin/libsecompat -lsecompat -L../../libmac -lmac"; OTHER_REZFLAGS = ""; PRODUCT_NAME = SEDarwin; SECTORDER_FLAGS = ""; ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.h#3 (text+ko) ==== @@ -6,8 +6,8 @@ #include #include #include +#include #include -#include @interface SEDarwin : NSObject { ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/osx_cmds/MAC.loginPlugin/plugins/SEDarwin/SEDarwin.m#4 (text+ko) ==== @@ -41,7 +41,7 @@ return; } - if (!sebsd_enabled()) + if (!is_selinux_enabled()) return; /* @@ -88,7 +88,7 @@ } /* XXX - use SELINUX_DEFAULTUSER and fill in selector if not enabled? */ - if (!sebsd_enabled()) + if (!is_selinux_enabled()) return (MAC_LOGIN_OK); /* ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/GNUmakefile#3 (text+ko) ==== @@ -7,9 +7,11 @@ Extra_CC_Flags =-I../../pam/pam/libpam/include/pam/ \ -I../../xnu/BUILD/obj/EXPORT_HDRS/bsd/ \ -idirafter ../../xnu/BUILD/obj/EXPORT_HDRS/osfmk \ - -I../../../sedarwin -I../../../sedarwin/libselinux/include + -I../../../sedarwin/libselinux/include Extra_LD_Flags =-L../../../sedarwin/libselinux/src/ -lselinux \ + -L../../../sedarwin/libsepol/src/ -lsepol \ + -L../../../sedarwin/libsecompat/ -lsecompat \ -L../../libmac/ -lmac include ../PAMModule.defs ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_sedarwin/pam_sedarwin.c#3 (text+ko) ==== @@ -32,8 +32,8 @@ #define _BSD_SOURCE #include #include +#include #include -#include #include #include @@ -115,7 +115,7 @@ int ncontexts, retval, which; /* XXX - use SELINUX_DEFAULTUSER if not enabled? */ - if (!sebsd_enabled()) { + if (!is_selinux_enabled()) { syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__); return (PAM_SUCCESS); } @@ -171,7 +171,7 @@ mac_t label; int retval; - if (!sebsd_enabled()) { + if (!is_selinux_enabled()) { syslog(LOG_ERR, "%s(): SEDarwin not enabled", __func__); return (PAM_SUCCESS); } ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/LabelDialog.m#4 (text+ko) ==== @@ -2,7 +2,8 @@ #import "LabelDialog.h" #import #import -#import +//#import +#import const char *filename; char *initial; @@ -10,9 +11,6 @@ char **users, **roles, **types; size_t nusers, nroles, ntypes; -extern int security_get_file_contexts(const char *fromcontext, char ***retcontexts, size_t *ncontexts); -extern char *getseccontext(void); - static void addstring (char **ar, size_t *n, char *in) { int i; @@ -55,8 +53,16 @@ char **filelabels; size_t nfilelabels; - if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels)) + char *seccon; + + if (getcon(&seccon)) { + fprintf(stderr, "Failed to get the current security context\n"); + exit(1); + } + if (security_get_file_contexts (seccon, &filelabels, &nfilelabels)) +// if (security_get_file_contexts (getseccontext(), &filelabels, &nfilelabels)) exit (1); + free(seccon); users = (char **) malloc (sizeof (char *) * (1+nfilelabels)); roles = (char **) malloc (sizeof (char *) * (1+nfilelabels)); types = (char **) malloc (sizeof (char *) * (1+nfilelabels)); ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/relabel_gui/relabel_gui.pbproj/project.pbxproj#5 (text+ko) ==== @@ -173,7 +173,7 @@ HEADER_SEARCH_PATHS = ""; INSTALL_PATH = "/Applications"; LIBRARY_SEARCH_PATHS = ""; - OTHER_CFLAGS = "-I../.. -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk"; + OTHER_CFLAGS = "-I../../libselinux/include -I../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/bsd -idirafter ../../../darwin/xnu/BUILD/obj/EXPORT_HDRS/osfmk"; OTHER_LDFLAGS = "../../libselinux/src/libselinux.a ../../../darwin/libmac/libmac.a"; PRODUCT_NAME = relabel; SECTORDER_FLAGS = "";