C++ (Cpp) sepol_policydb_readの例

プログラミング言語: C++ (Cpp)

メソッド/関数: sepol_policydb_read

hotexamples.comのコード掲載数: 2

C++ (Cpp) sepol_policydb_read - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたC++ (Cpp)のsepol_policydb_readの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: semodule_package.c プロジェクト: OpenDarwin-CVS/SEDarwin

int main(int argc, char **argv)
{
	struct sepol_module_package *pkg;
	struct sepol_policy_file *mod, *out;
	char *module = NULL, *file_contexts = NULL, *seusers = NULL, *user_extra = NULL;
	char *fcdata = NULL, *outfile = NULL, *seusersdata = NULL, *user_extradata = NULL;
	size_t fclen = 0, seuserslen = 0, user_extralen = 0;
	int i;

        static struct option opts [] = {
                {"module", required_argument, NULL, 'm'},
                {"fc", required_argument, NULL, 'f'},
                {"seuser", required_argument, NULL, 's'},
                {"user_extra", required_argument, NULL, 'u'},
		{"outfile", required_argument, NULL, 'o'},
                {"help", 0, NULL, 'h'},
		{NULL, 0, NULL, 0}
	};

        while ((i = getopt_long(argc, argv, "m:f:s:u:o:h", opts, NULL)) != -1) {
                switch (i) {
		case 'h': usage(argv[0]); exit(0);
		case 'm':  
			if (module) {
				fprintf(stderr, "May not specify more than one module\n");
				exit(1);
			}
			module = strdup(optarg);
			if (!module)
				exit(1);
			break;
		case 'f':
			if (file_contexts) {
				fprintf(stderr, "May not specify more than one file context file\n");
				exit(1);
			}
			file_contexts = strdup(optarg);
			if (!file_contexts)
				exit(1);
			break;
		case 'o':
			if (outfile) {
				fprintf(stderr, "May not specify more than one output file\n");
				exit(1);
			}
			outfile = strdup(optarg);
			if (!outfile) 
				exit(1);
			break;
		case 's':
			if (seusers) {
				fprintf(stderr, "May not specify more than one seuser file\n");
				exit(1);
			}
			seusers = strdup(optarg);
			if (!seusers)
				exit(1);
			break;
		case 'u':
			if (user_extra) {
				fprintf(stderr, "May not specify more than one user_extra file\n");
				exit(1);
			}
			user_extra = strdup(optarg);
			if (!user_extra)
				exit(1);
		}
	}

	progname = argv[0];

	if (!module || !outfile) {
		usage(argv[0]);
		exit(0);
	}
	
        if (file_contexts) {
		if (file_to_data(file_contexts, &fcdata, &fclen))
			exit(1);
        }

        if (seusers) {
		if (file_to_data(seusers, &seusersdata, &seuserslen))
			exit(1);
        }

        if (user_extra) {
		if (file_to_data(user_extra, &user_extradata, &user_extralen))
			exit(1);
        }

	if (file_to_policy_file(module, &mod, "r"))
		exit(1);
	
	if (sepol_module_package_create(&pkg)) {
                fprintf(stderr, "%s:  Out of memory\n", argv[0]);
                exit(1);		
	}

	if (sepol_policydb_read(sepol_module_package_get_policy(pkg), mod)) {
                fprintf(stderr, "%s:  Error while reading policy module from %s\n",
			argv[0], module);
                exit(1);		
	}

	if (fclen)
		sepol_module_package_set_file_contexts(pkg, fcdata, fclen);

	if (seuserslen)
		sepol_module_package_set_seusers(pkg, seusersdata, seuserslen);

	if (user_extra)
		sepol_module_package_set_user_extra(pkg, user_extradata, user_extralen);
	
	if (file_to_policy_file(outfile, &out, "w"))
		exit(1);
		
        if (sepol_module_package_write(pkg, out)) {
                fprintf(stderr, "%s:  Error while writing module package to %s\n", argv[0], argv[1]);
                exit(1);
        }

	if (fclen)
		munmap(fcdata, fclen);
	sepol_policy_file_free(mod);
	sepol_policy_file_free(out);
	sepol_module_package_free(pkg);
	free(file_contexts);
	free(outfile);
	free(module);
	exit(0);
}

コード例 #2

ファイルを表示

ファイル: checkfc.c プロジェクト: Khaon/android_external_sepolicy

static void do_fc_check_and_die_on_error(struct selinux_opt opts[], unsigned int backend, filemode mode,
        const char *sepolicy_file, const char *context_file, bool allow_empty)
{
    struct stat sb;
    if (stat(context_file, &sb) < 0) {
        perror("Error: could not get stat on file contexts file");
        exit(1);
    }

    if (sb.st_size == 0) {
        /* Nothing to check on empty file_contexts file if allowed*/
        if (allow_empty) {
            return;
        }
        /* else: We could throw the error here, but libselinux backend will catch it */
    }

    global_state.sepolicy.file = fopen(sepolicy_file, "r");
    if (!global_state.sepolicy.file) {
      perror("Error: could not open policy file");
      exit(1);
    }

    global_state.sepolicy.handle = sepol_handle_create();
    if (!global_state.sepolicy.handle) {
        fprintf(stderr, "Error: could not create policy handle: %s\n", strerror(errno));
        exit(1);
    }

    if (sepol_policy_file_create(&global_state.sepolicy.pf) < 0) {
      perror("Error: could not create policy handle");
      exit(1);
    }

    sepol_policy_file_set_fp(global_state.sepolicy.pf, global_state.sepolicy.file);
    sepol_policy_file_set_handle(global_state.sepolicy.pf, global_state.sepolicy.handle);

    int rc = sepol_policydb_create(&global_state.sepolicy.sdb);
    if (rc < 0) {
      perror("Error: could not create policy db");
      exit(1);
    }

    rc = sepol_policydb_read(global_state.sepolicy.sdb, global_state.sepolicy.pf);
    if (rc < 0) {
      perror("Error: could not read file into policy db");
      exit(1);
    }

    global_state.assert.attrs = filemode_to_assert_attrs(mode);

    bool ret = ebitmap_attribute_assertion_init(&global_state.assert.set, global_state.assert.attrs);
    if (!ret) {
        /* error messages logged by ebitmap_attribute_assertion_init() */
        exit(1);
    }

    selinux_set_callback(SELINUX_CB_VALIDATE,
                         (union selinux_callback)&validate);

    opts[1].value = context_file;

    global_state.sepolicy.sehnd[0] = selabel_open(backend, opts, 2);
    if (!global_state.sepolicy.sehnd[0]) {
      fprintf(stderr, "Error: could not load context file from %s\n", context_file);
      exit(1);
    }
}