[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: [PATCH] Add db_exception and db_datatype support to label_db backend
From:       Stephen Smalley <sds () tycho ! nsa ! gov>
Date:       2014-06-26 14:52:39
Message-ID: 53AC33B7.601 () tycho ! nsa ! gov
[Download RAW message or body]

On 06/25/2014 12:26 PM, Artyom Smirnov wrote:
> Hi,
> 
> in https://github.com/TresysTechnology/refpolicy/pull/1 db_exception
> and db_datatype were added to reference policy. This small patch
> extends ability of label_db backend to work with these objects.
> 
> Regards.
> ---
>  libselinux/include/selinux/label.h |  2 ++
>  libselinux/man/man5/selabel_db.5   | 12 ++++++++++++
>  libselinux/src/label_db.c          |  4 ++++
>  3 files changed, 18 insertions(+)

Thanks, applied on #next

> 
> diff --git a/libselinux/include/selinux/label.h b/libselinux/include/selinux/label.h
> index c63ea7d..672a7c2 100644
> --- a/libselinux/include/selinux/label.h
> +++ b/libselinux/include/selinux/label.h
> @@ -131,6 +131,8 @@ void selabel_stats(struct selabel_handle *handle);
>  #define SELABEL_DB_BLOB		8
>  #define SELABEL_DB_TUPLE	9
>  #define SELABEL_DB_LANGUAGE	10
> +#define SELABEL_DB_EXCEPTION 11
> +#define SELABEL_DB_DATATYPE 12
>  
>  #ifdef __cplusplus
>  }
> diff --git a/libselinux/man/man5/selabel_db.5 b/libselinux/man/man5/selabel_db.5
> index 51b5848..76eb9bc 100644
> --- a/libselinux/man/man5/selabel_db.5
> +++ b/libselinux/man/man5/selabel_db.5
> @@ -86,6 +86,16 @@ argument specifies the name of a view object, such as "postgres.public.my_view".
>  The
>  .I object_name
>  argument specifies the name of a language object, such as "postgres.public.tcl".
> +.TP
> +.B SELABEL_DB_EXCEPTION
> +The
> +.I object_name
> +argument specifies the name of a exception object.
> +.TP
> +.B SELABEL_DB_DATATYPE
> +The
> +.I object_name
> +argument specifies the name of a type or domain object, such as postgres.public.my_type.
>  .RE
>  .sp
>  Any messages generated by \fBselabel_lookup\fR(3) are sent to \fIstderr\fR
> @@ -135,6 +145,8 @@ SELABEL_DB_TUPLE@db_tuple
>  SELABEL_DB_PROCEDURE@db_procedure
>  SELABEL_DB_SEQUENCE@db_sequence
>  SELABEL_DB_BLOB@db_blob
> +SELABEL_DB_EXCEPTION@db_exception
> +SELABEL_DB_DATATYPE@db_datatype
>  .TE
>  .
>  .SH "FILE FORMAT"
> diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c
> index ab0696a..999dd46 100644
> --- a/libselinux/src/label_db.c
> +++ b/libselinux/src/label_db.c
> @@ -140,6 +140,10 @@ process_line(const char *path, char *line_buf, unsigned int line_num,
>  		spec->type = SELABEL_DB_TUPLE;
>  	else if (!strcmp(type, "db_language"))
>  		spec->type = SELABEL_DB_LANGUAGE;
> +	else if (!strcmp(type, "db_exception"))
> +		spec->type = SELABEL_DB_EXCEPTION;
> +	else if (!strcmp(type, "db_datatype"))
> +		spec->type = SELABEL_DB_DATATYPE;
>  	else {
>  		selinux_log(SELINUX_WARNING,
>  			    "%s:  line %d has invalid object type %s\n",
> 

_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
[prev in list] [next in list] [prev in thread] [next in thread]