AM_CFLAGS =
-AM_LDFLAGS =
+AM_LDFLAGS = \
+ -Wl,--as-needed
+ convert usb_id to libudev's udev_device
+
o handle spaces in SYMLINK+=, do not create multiple links
o use libudev device in udev_rules.c
get rid of udevice, store rule matching state in rule iterator
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c
-if USE_SELINUX
-ata_id_LDADD = \
- $(SELINUX_LIBS)
-endif
-
dist_man_MANS = \
ata_id.8
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c
-if USE_SELINUX
-cdrom_id_LDADD = \
- $(SELINUX_LIBS)
-endif
-
dist_man_MANS = \
cdrom_id.8
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c
-if USE_SELINUX
-edd_id_LDADD = \
- $(SELINUX_LIBS)
-endif
-
dist_man_MANS = \
edd_id.8
../../udev/lib/libudev.h \
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c \
- ../../udev/udev_utils.c
+ ../../udev/udev_utils.c \
+ ../../udev/udev_selinux.c
if USE_SELINUX
create_floppy_devices_LDADD = \
logging_init("create_floppy_devices");
udev_set_log_fn(udev, log_fn);
+ selinux_init(udev);
while ((c = getopt(argc, argv, "cudm:U:G:M:t:")) != -1) {
switch (c) {
i++;
}
+ selinux_exit(udev);
udev_unref(udev);
exit:
return 0;
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c
-if USE_SELINUX
-fstab_import_LDADD = \
- $(SELINUX_LIBS)
-endif
-
distclean-local:
rm -f Makefile.in
../../udev/lib/libudev.c \
../../udev/lib/libudev-util.c
-if USE_SELINUX
-scsi_id_LDADD = \
- $(SELINUX_LIBS)
-endif
-
dist_sysconf_DATA = \
scsi_id.config
../../udev/udev_sysfs.c \
../../udev/udev_utils.c
-if USE_SELINUX
-usb_id_LDADD = \
- $(SELINUX_LIBS)
-endif
-
distclean-local:
rm -f Makefile.in
vol_id_LDADD = \
lib/libvolume_id.la
-if USE_SELINUX
-vol_id_LDADD += \
- $(SELINUX_LIBS)
-endif
-
dist_man_MANS = \
vol_id.8
udev_sysfs.c \
udev_utils.c \
udev_utils_file.c \
+ udev_selinux.c \
list.h \
lib/libudev.h \
lib/libudev-private.h \
#include <errno.h>
#include <string.h>
#include <ctype.h>
-#ifdef USE_SELINUX
-#include <selinux/selinux.h>
-#endif
#include "libudev.h"
#include "libudev-private.h"
char *dev_path;
char *rules_path;
int log_priority;
-#ifdef USE_SELINUX
- int selinux_initialized;
- int selinux_enabled;
- security_context_t selinux_prev_scontext;
-#endif
int run;
};
vfprintf(stderr, format, args);
}
-static void selinux_init(struct udev *udev)
-{
-#ifdef USE_SELINUX
- /*
- * record the present security context, for file-creation
- * restoration creation purposes.
- */
- udev->selinux_enabled = (is_selinux_enabled() > 0);
- info(udev, "selinux=%i\n", udev->selinux_enabled);
- if (udev->selinux_enabled) {
- matchpathcon_init_prefix(NULL, udev_get_dev_path(udev));
- if (getfscreatecon(&udev->selinux_prev_scontext) < 0) {
- err(udev, "getfscreatecon failed\n");
- udev->selinux_prev_scontext = NULL;
- }
- }
- udev->selinux_initialized = 1;
-#endif
-}
-
void *udev_get_userdata(struct udev *udev)
{
if (udev == NULL)
udev->userdata = userdata;
}
-static void selinux_exit(struct udev *udev)
-{
-#ifdef USE_SELINUX
- if (!udev->selinux_initialized)
- return;
- if (udev->selinux_enabled) {
- freecon(udev->selinux_prev_scontext);
- udev->selinux_prev_scontext = NULL;
- }
-#endif
-}
-
-void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode)
-{
-#ifdef USE_SELINUX
- if (!udev->selinux_initialized)
- selinux_init(udev);
- if (udev->selinux_enabled) {
- security_context_t scontext = NULL;
-
- if (matchpathcon(file, mode, &scontext) < 0) {
- err(udev, "matchpathcon(%s) failed\n", file);
- return;
- }
- if (lsetfilecon(file, scontext) < 0)
- err(udev, "setfilecon %s failed: %m\n", file);
- freecon(scontext);
- }
-#endif
-}
-
-void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode)
-{
-#ifdef USE_SELINUX
- if (!udev->selinux_initialized)
- selinux_init(udev);
- if (udev->selinux_enabled) {
- security_context_t scontext = NULL;
-
- if (matchpathcon(file, mode, &scontext) < 0) {
- err(udev, "matchpathcon(%s) failed\n", file);
- return;
- }
- if (setfscreatecon(scontext) < 0)
- err(udev, "setfscreatecon %s failed: %m\n", file);
- freecon(scontext);
- }
-#endif
-}
-
-void udev_selinux_resetfscreatecon(struct udev *udev)
-{
-#ifdef USE_SELINUX
- if (!udev->selinux_initialized)
- selinux_init(udev);
- if (udev->selinux_enabled) {
- if (setfscreatecon(udev->selinux_prev_scontext) < 0)
- err(udev, "setfscreatecon failed: %m\n");
- }
-#endif
-}
-
/**
* udev_new:
*
udev->refcount--;
if (udev->refcount > 0)
return;
- selinux_exit(udev);
free(udev->dev_path);
free(udev->sys_path);
free(udev->rules_path);
extern void *udev_get_userdata(struct udev *udev);
extern void udev_set_userdata(struct udev *udev, void *userdata);
-/* selinux glue */
-extern void udev_selinux_resetfscreatecon(struct udev *udev);
-extern void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode);
-extern void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode);
-
/* list iteration */
struct udev_list_entry;
extern struct udev_list_entry *udev_list_entry_get_next(struct udev_list_entry *list_entry);
if (udev == NULL)
exit(1);
dbg(udev, "version %s\n", VERSION);
+ selinux_init(udev);
/* set signal handlers */
memset(&act, 0x00, sizeof(act));
udev_rules_cleanup(&rules);
sysfs_cleanup();
exit:
+ selinux_exit(udev);
udev_unref(udev);
if (retval != 0)
return 1;
extern void file_unmap(void *buf, size_t bufsize);
extern size_t buf_get_line(const char *buf, size_t buflen, size_t cur);
+/* udev_selinux */
+extern void selinux_init(struct udev *udev);
+extern void selinux_exit(struct udev *udev);
+extern void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode);
+extern void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode);
+extern void udev_selinux_resetfscreatecon(struct udev *udev);
+
/* udevadm commands */
extern int udevadm_monitor(struct udev *udev, int argc, char *argv[]);
extern int udevadm_info(struct udev *udev, int argc, char *argv[]);
--- /dev/null
+/*
+ * libudev - interface to udev device information
+ *
+ * Copyright (C) 2008 Kay Sievers <kay.sievers@vrfy.org>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#include <stdarg.h>
+#include <unistd.h>
+
+#include "udev.h"
+
+#ifndef USE_SELINUX
+void selinux_init(struct udev *udev) {}
+void selinux_exit(struct udev *udev) {}
+void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode) {}
+void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode) {}
+void udev_selinux_resetfscreatecon(struct udev *udev) {}
+#else
+#include <selinux/selinux.h>
+
+static int selinux_enabled;
+security_context_t selinux_prev_scontext;
+
+void selinux_init(struct udev *udev)
+{
+ /* record the present security context */
+ selinux_enabled = (is_selinux_enabled() > 0);
+ info(udev, "selinux=%i\n", selinux_enabled);
+ if (!selinux_enabled)
+ return;
+ matchpathcon_init_prefix(NULL, udev_get_dev_path(udev));
+ if (getfscreatecon(&selinux_prev_scontext) < 0) {
+ err(udev, "getfscreatecon failed\n");
+ selinux_prev_scontext = NULL;
+ }
+}
+
+void selinux_exit(struct udev *udev)
+{
+ if (!selinux_enabled)
+ return;
+ freecon(selinux_prev_scontext);
+ selinux_prev_scontext = NULL;
+}
+
+void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode)
+{
+ security_context_t scontext = NULL;
+
+ if (!selinux_enabled)
+ return;
+ if (matchpathcon(file, mode, &scontext) < 0) {
+ err(udev, "matchpathcon(%s) failed\n", file);
+ return;
+ }
+ if (lsetfilecon(file, scontext) < 0)
+ err(udev, "setfilecon %s failed: %m\n", file);
+ freecon(scontext);
+}
+
+void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode)
+{
+ security_context_t scontext = NULL;
+
+ if (!selinux_enabled)
+ return;
+ if (matchpathcon(file, mode, &scontext) < 0) {
+ err(udev, "matchpathcon(%s) failed\n", file);
+ return;
+ }
+ if (setfscreatecon(scontext) < 0)
+ err(udev, "setfscreatecon %s failed: %m\n", file);
+ freecon(scontext);
+}
+
+void udev_selinux_resetfscreatecon(struct udev *udev)
+{
+ if (!selinux_enabled)
+ return;
+ if (setfscreatecon(selinux_prev_scontext) < 0)
+ err(udev, "setfscreatecon failed: %m\n");
+}
+#endif
logging_init("udevadm");
udev_set_log_fn(udev, log_fn);
+ selinux_init(udev);
sysfs_init();
/* see if we are a compat link, this will be removed in a future release */
rc = 2;
out:
sysfs_cleanup();
+ selinux_exit(udev);
udev_unref(udev);
logging_close();
return rc;
logging_init("udevd");
udev_set_log_fn(udev, log_fn);
dbg(udev, "version %s\n", VERSION);
+ selinux_init(udev);
while (1) {
int option;
if (uevent_netlink_sock >= 0)
close(uevent_netlink_sock);
+ selinux_exit(udev);
+ udev_unref(udev);
logging_close();
return rc;
}
~ianmdlvl / elogind.git / commitdiff