Changeset c1323f22c7ad93b975eb8b6a251b893bc88f240f
- Timestamp:
- 03/06/10 16:56:25
(5 months ago)
- Author:
- Joshua Brindle <method@manicmethod.com>
- Committer:
- Joshua Brindle <method@manicmethod.com> 1267916185 -0500
- Parent:
[654dcb897e49908a958dae55cf29793412c4b390]
- Message:
fixes to commit 847d27b8385ce77ac71df8aa58a2d298b33d1ea4
- implicit declaration of semanage_module_enabled()
- added nicer error messages when disabling or enabling modules already disabled or enabled
- fix comment
Signed-off-by: Joshua Brindle <method@manicmethod.com>
-
Files:
-
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
| r654dcb8 |
rc1323f2 |
|
| 1305 | 1305 | } |
|---|
| 1306 | 1306 | base++; |
|---|
| 1307 | | if (memcmp(module_name, base, name_len) == 0 && |
|---|
| 1308 | | strcmp(base + name_len + 3, DISABLESTR) == 0) { |
|---|
| | 1307 | if (memcmp(module_name, base, name_len) == 0) { |
|---|
| | 1308 | |
|---|
| | 1309 | if(strcmp(base + name_len + 3, DISABLESTR) != 0) { |
|---|
| | 1310 | ERR(sh, "Module %s is already enabled.", module_name); |
|---|
| | 1311 | retval = -2; |
|---|
| | 1312 | goto cleanup; |
|---|
| | 1313 | } |
|---|
| | 1314 | |
|---|
| 1309 | 1315 | int len = strlen(module_filenames[i]) - strlen(DISABLESTR); |
|---|
| 1310 | 1316 | char *enabled_name = calloc(1, len+1); |
|---|
| … | … | |
| 1337 | 1343 | } |
|---|
| 1338 | 1344 | |
|---|
| 1339 | | /* Enables a module from the sandbox. Returns 0 on success, -1 if out |
|---|
| | 1345 | /* Disables a module from the sandbox. Returns 0 on success, -1 if out |
|---|
| 1340 | 1346 | * of memory, -2 if module not found or could not be enabled. */ |
|---|
| 1341 | 1347 | static int semanage_direct_disable(semanage_handle_t * sh, char *module_name) |
|---|
| … | … | |
| 1357 | 1363 | } |
|---|
| 1358 | 1364 | base++; |
|---|
| 1359 | | if (memcmp(module_name, base, name_len) == 0 && |
|---|
| 1360 | | strcmp(base + name_len, ".pp") == 0) { |
|---|
| 1361 | | char disabled_name[PATH_MAX]; |
|---|
| 1362 | | if (snprintf(disabled_name, PATH_MAX, "%s%s", |
|---|
| 1363 | | module_filenames[i], DISABLESTR) == PATH_MAX) { |
|---|
| 1364 | | ERR(sh, "Could not disable module file %s.", |
|---|
| 1365 | | module_filenames[i]); |
|---|
| | 1365 | if (memcmp(module_name, base, name_len) == 0) { |
|---|
| | 1366 | if (strcmp(base + name_len + 3, DISABLESTR) == 0) { |
|---|
| | 1367 | ERR(sh, "Module %s is already disabled.", module_name); |
|---|
| 1366 | 1368 | retval = -2; |
|---|
| 1367 | 1369 | goto cleanup; |
|---|
| | 1370 | } else if (strcmp(base + name_len, ".pp") == 0) { |
|---|
| | 1371 | char disabled_name[PATH_MAX]; |
|---|
| | 1372 | if (snprintf(disabled_name, PATH_MAX, "%s%s", |
|---|
| | 1373 | module_filenames[i], DISABLESTR) == PATH_MAX) { |
|---|
| | 1374 | ERR(sh, "Could not disable module file %s.", |
|---|
| | 1375 | module_filenames[i]); |
|---|
| | 1376 | retval = -2; |
|---|
| | 1377 | goto cleanup; |
|---|
| | 1378 | } |
|---|
| | 1379 | if (rename(module_filenames[i], disabled_name) == -1) { |
|---|
| | 1380 | ERR(sh, "Could not disable module file %s.", |
|---|
| | 1381 | module_filenames[i]); |
|---|
| | 1382 | retval = -2; |
|---|
| | 1383 | } |
|---|
| | 1384 | retval = 0; |
|---|
| | 1385 | goto cleanup; |
|---|
| 1368 | 1386 | } |
|---|
| 1369 | | if (rename(module_filenames[i], disabled_name) == -1) { |
|---|
| 1370 | | ERR(sh, "Could not disable module file %s.", |
|---|
| 1371 | | module_filenames[i]); |
|---|
| 1372 | | retval = -2; |
|---|
| 1373 | | } |
|---|
| 1374 | | retval = 0; |
|---|
| 1375 | | goto cleanup; |
|---|
| 1376 | 1387 | } |
|---|
| 1377 | 1388 | } |
|---|
| r654dcb8 |
rc1323f2 |
|
| 85 | 85 | char ***filenames, int *len); |
|---|
| 86 | 86 | |
|---|
| | 87 | int semanage_module_enabled(const char *file); |
|---|
| 87 | 88 | /* lock file routines */ |
|---|
| 88 | 89 | int semanage_get_trans_lock(semanage_handle_t * sh); |
|---|
