static void set_base(struct da *da, int idx, int base) { printf( "set_base: idx:%d base: %d\n", idx, base ); ensure_array(da, idx + 1); da->arr[idx].base = base; }
void add_level(char *e) { if (in_level(e)) return; e = strdup(e); if (e == 0) { perror("level entry alloc"); exit(1); } ensure_array((void**)&level, &nlevel); level[nlevel++] = e; }
static int find_place(struct da *da, struct resolve_stat *rs) { int left, i; for (left = 2; ; left ++) { int conflict = 0; ensure_array(da, left + 256); for (i = 0; i < rs->nr; i++) { if (get_check(da, rs->elm[i].c + left) > 0) { conflict = 1; } } if (!conflict) { return left; } } return 0; }
static void collect_child(struct da *da, struct resolve_stat *rs, int parent, unsigned char c) { int i; int base = get_base(da, parent); rs->nr = 0; ensure_array(da, base + 256); for (i = 0; i < 256; i++) { int idx = parent + base + i; if (i == c) { push_child(rs, c, 1); } else if (get_check(da, idx) == parent) { /* escape */ /*printf("idx=%d,base=%d, parent=%d,i=%d\n", idx, base, parent, i);*/ push_child(rs, i, get_base(da, idx)); /* clear */ set_base(da, idx, 0); set_check(da, idx, 0); } } }
static void set_check(struct da *da, int idx, int check) { ensure_array(da, idx + 1); da->arr[idx].check = check; }
static int get_base(struct da *da, int idx) { ensure_array(da, idx + 1); return da->arr[idx].base; }
static int get_check(struct da *da, int idx) { ensure_array(da, idx + 1); return da->arr[idx].check; }
static void collect_permfiles() { int i; DIR* dir; ensure_array((void**)&permfiles, &npermfiles); // 1. central fixed permissions file permfiles[npermfiles++] = strdup("/etc/permissions"); // 2. central easy, secure paranoid as those are defined by SUSE for (i = 0; i < nlevel; ++i) { if (!strcmp(level[i], "easy") || !strcmp(level[i], "secure") || !strcmp(level[i], "paranoid")) { char fn[4096]; snprintf(fn, sizeof(fn), "/etc/permissions.%s", level[i]); if (access(fn, R_OK) == 0) { ensure_array((void**)&permfiles, &npermfiles); permfiles[npermfiles++] = strdup(fn); } } } // 3. package specific permissions dir = opendir("/etc/permissions.d"); if (dir) { char** files = NULL; int nfiles = 0; struct dirent* d; while ((d = readdir(dir))) { char* p; if (!strcmp("..", d->d_name) || !strcmp(".", d->d_name)) continue; /* filter out backup files */ if ((strlen(d->d_name)>2) && (d->d_name[strlen(d->d_name)-1] == '~')) continue; if (strstr(d->d_name,".rpmnew") || strstr(d->d_name,".rpmsave")) continue; ensure_array((void**)&files, &nfiles); if ((p = strchr(d->d_name, '.'))) { *p = '\0'; } files[nfiles++] = strdup(d->d_name); } closedir(dir); if (nfiles) { qsort(files, nfiles, sizeof(char*), compare); for (i = 0; i < nfiles; ++i) { char fn[4096]; int l; // skip duplicates if (i && !strcmp(files[i-1], files[i])) continue; snprintf(fn, sizeof(fn), "/etc/permissions.d/%s", files[i]); if (access(fn, R_OK) == 0) { ensure_array((void**)&permfiles, &npermfiles); permfiles[npermfiles++] = strdup(fn); } for (l = 0; l < nlevel; ++l) { snprintf(fn, sizeof(fn), "/etc/permissions.d/%s.%s", files[i], level[l]); if (access(fn, R_OK) == 0) { ensure_array((void**)&permfiles, &npermfiles); permfiles[npermfiles++] = strdup(fn); } } } } } // 4. central permissions files with user defined level incl 'local' for (i = 0; i < nlevel; ++i) { char fn[4096]; if (!strcmp(level[i], "easy") || !strcmp(level[i], "secure") || !strcmp(level[i], "paranoid")) continue; snprintf(fn, sizeof(fn), "/etc/permissions.%s", level[i]); if (access(fn, R_OK) == 0) { ensure_array((void**)&permfiles, &npermfiles); permfiles[npermfiles++] = strdup(fn); } } }