diff options
Diffstat (limited to 'extras')
-rw-r--r-- | extras/selinux/Makefile | 59 | ||||
-rw-r--r-- | extras/selinux/udev_selinux.c | 72 |
2 files changed, 131 insertions, 0 deletions
diff --git a/extras/selinux/Makefile b/extras/selinux/Makefile new file mode 100644 index 0000000000..813756700b --- /dev/null +++ b/extras/selinux/Makefile @@ -0,0 +1,59 @@ +# Makefile for udev_selinux +# +# Copyright (C) 2004 Greg Kroah-Hartman <greg@kroah.com> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# + +# Set the following to control the use of syslog +# Set it to `false' to remove all logging +USE_LOG = true + +# Set the following to `true' to log the debug +# and make a unstripped, unoptimized binary. +# Leave this set to `false' for production use. +DEBUG = false + +PROG = udev_selinux + +DESTDIR = + +# override this to make udev look in a different location for it's config files +prefix = +exec_prefix = ${prefix} +etcdir = ${prefix}/etc +sbindir = ${exec_prefix}/sbin +usrbindir = ${exec_prefix}/usr/bin +mandir = ${prefix}/usr/share/man +hotplugdir = ${etcdir}/hotplug.d/default +configdir = ${etcdir}/udev/ +initdir = ${etcdir}/init.d/ +srcdir = . + +INSTALL = /usr/bin/install -c +INSTALL_PROGRAM = ${INSTALL} +INSTALL_DATA = ${INSTALL} -m 644 +INSTALL_SCRIPT = ${INSTALL_PROGRAM} + +all: $(PROG) + +OBJS = udev_selinux.o + +override CFLAGS += -DUSE_SELINUX +override LIB_OBJS += -lselinux + +$(PROG): $(OBJS) + $(LD) $(LDFLAGS) -o $(PROG) $(CRT0) $(OBJS) ../../udev_lib.o $(LIB_OBJS) $(ARCH_LIB_OBJS) + +clean: + rm -f $(PROG) $(OBJS) + +spotless: clean + + +install: all + +uninstall: + diff --git a/extras/selinux/udev_selinux.c b/extras/selinux/udev_selinux.c new file mode 100644 index 0000000000..bbbdd6ba53 --- /dev/null +++ b/extras/selinux/udev_selinux.c @@ -0,0 +1,72 @@ +#include <stdlib.h> +#include <string.h> +#include <stdio.h> +#include <fcntl.h> +#include <unistd.h> +#include <errno.h> +#include <ctype.h> +#include <selinux/selinux.h> + +#include "../../udev_lib.h" +#include "../../logging.h" + +#ifdef LOG +unsigned char logname[LOGNAME_SIZE]; +void log_message(int level, const char *format, ...) +{ + va_list args; + + if (!udev_log) + return; + + va_start(args, format); + vsyslog(level, format, args); + va_end(args); +} +#endif + +void selinux_add_node(char *filename) +{ + int retval; + + if (is_selinux_enabled() > 0) { + security_context_t scontext; + retval = matchpathcon(filename, 0, &scontext); + if (retval < 0) { + dbg("matchpathcon(%s) failed\n", filename); + } else { + retval=setfilecon(filename,scontext); + if (retval < 0) + dbg("setfiles %s failed with error '%s'", + filename, strerror(errno)); + free(scontext); + } + } +} + +int main(int argc, char *argv[], char *envp[]) +{ + char *action; + char *devpath; + char *devnode; + int retval = 0; + + init_logging("udev_selinux"); + + action = get_action(); + if (!action) { + dbg("no action?"); + goto exit; + } + devnode = get_devnode(); + if (!devnode) { + dbg("no devnode?"); + goto exit; + } + + if (strcmp(action, "add") == 0) + selinux_add_node(devnode); + +exit: + return retval; +} |