Displaying 3 results from an estimated 3 matches for "read_selinux_policy".
2014 May 26
2
[PATCH 2/2] Use setfiles from the appliance for the SELinux relabel (RHBZ#1089100).
...;/sys/fs/selinux", &sb) == 0 && sb.st_dev != root_dev) {
+ has_mp = 1;
+ return has_mp;
+ }
+
+ if (stat ("/selinux", &sb) == 0 && sb.st_dev != root_dev) {
+ has_mp = 1;
+ return has_mp;
+ }
+ }
+ return has_mp;
+}
+
+static int
+read_selinux_policy (const char *file, char **policy)
+{
+ FILE *f;
+ ssize_t r;
+ CLEANUP_FREE char *line = NULL;
+ size_t len;
+
+ f = fopen (file, "r");
+ if (f == NULL)
+ return -1;
+
+ while ((r = getline (&line, &len, f)) != -1) {
+ if ((size_t) r >= sizeof (SELINUXTYPE) + 1
+...
2014 May 24
9
SELinux relabel API
[
I realized that we were discussing adding this feature, in various
private email, IRC, and this long bugzilla thread:
https://bugzilla.redhat.com/show_bug.cgi?id=1060423
That's not how we should do things. Let's discuss it on the
mailing list.
]
One thing that virt-customize/virt-sysprep/virt-builder have to do is
relabel SELinux guests.
What we do at the moment
2014 May 27
3
Re: [PATCH 2/2] Use setfiles from the appliance for the SELinux relabel (RHBZ#1089100).
...selinux_config, "%s%.*s/etc/selinux/config",
> > + sysroot, len, root) == -1) {
> > + if (verbose)
> > + fprintf (stderr, "asprintf/selinux_config failed\n");
> > + goto do_autorelabel;
> > + }
> > +
> > + r = read_selinux_policy (selinux_config, &policy);
> > + if (r == -1) {
> > + if (verbose)
> > + fprintf (stderr, "cannot read policy from %s\n",
> > selinux_config); + goto do_autorelabel;
> > + }
> > + if (verbose)
> > + fprintf (stderr, "poli...