int sss_get_seuser(const char *linuxuser, char **selinuxuser, char **level) { int ret; semanage_handle_t *handle; handle = semanage_handle_create(); if (handle == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create SELinux management handle\n"); return EIO; } semanage_msg_set_callback(handle, sss_semanage_error_callback, NULL); /* We only needed the handle for this call. Close the handle right * after it */ ret = sss_is_selinux_managed(handle); sss_semanage_close(handle); if (ret != EOK) { return ret; } return getseuserbyname(linuxuser, selinuxuser, level); }
static int sss_semanage_init(semanage_handle_t **_handle) { int ret; semanage_handle_t *handle = NULL; handle = semanage_handle_create(); if (!handle) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create SELinux management handle\n"); ret = EIO; goto done; } semanage_msg_set_callback(handle, sss_semanage_error_callback, NULL); ret = sss_is_selinux_managed(handle); if (ret != EOK) { goto done; } ret = semanage_access_check(handle); if (ret < SEMANAGE_CAN_READ) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot read SELinux policy store\n"); ret = EACCES; goto done; } ret = semanage_connect(handle); if (ret != 0) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot estabilish SELinux management connection\n"); ret = EIO; goto done; } ret = EOK; done: if (ret != EOK) { sss_semanage_close(handle); } else { *_handle = handle; } return ret; }
static semanage_handle_t *semanage_init (void) { int ret; semanage_handle_t *handle = NULL; handle = semanage_handle_create (); if (NULL == handle) { fprintf (stderr, _("Cannot create SELinux management handle\n")); return NULL; } semanage_msg_set_callback (handle, semanage_error_callback, NULL); ret = semanage_is_managed (handle); if (ret != 1) { fprintf (stderr, _("SELinux policy not managed\n")); goto fail; } ret = semanage_access_check (handle); if (ret < SEMANAGE_CAN_READ) { fprintf (stderr, _("Cannot read SELinux policy store\n")); goto fail; } ret = semanage_connect (handle); if (ret != 0) { fprintf (stderr, _("Cannot establish SELinux management connection\n")); goto fail; } ret = semanage_begin_transaction (handle); if (ret != 0) { fprintf (stderr, _("Cannot begin SELinux transaction\n")); goto fail; } return handle; fail: semanage_handle_destroy (handle); return NULL; }
static semanage_handle_t *sss_semanage_init(void) { int ret; semanage_handle_t *handle = NULL; handle = semanage_handle_create(); if (!handle) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create SELinux management handle\n"); return NULL; } semanage_msg_set_callback(handle, sss_semanage_error_callback, NULL); ret = semanage_is_managed(handle); if (ret != 1) { DEBUG(SSSDBG_CRIT_FAILURE, "SELinux policy not managed\n"); goto fail; } ret = semanage_access_check(handle); if (ret < SEMANAGE_CAN_READ) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot read SELinux policy store\n"); goto fail; } ret = semanage_connect(handle); if (ret != 0) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot estabilish SELinux management connection\n"); goto fail; } return handle; fail: sss_semanage_close(handle); return NULL; }