static int bool_parse(semanage_handle_t * handle,
parse_info_t * info, semanage_bool_t * boolean)
{
int value = 0;
char *str = NULL;
if (parse_skip_space(handle, info) < 0)
goto err;
if (!info->ptr)
goto last;
/* Extract name */
if (parse_fetch_string(handle, info, &str, '=') < 0)
goto err;
if (semanage_bool_set_name(handle, boolean, str) < 0)
goto err;
free(str);
str = NULL;
/* Assert = */
if (parse_skip_space(handle, info) < 0)
goto err;
if (parse_assert_ch(handle, info, '=') < 0)
goto err;
/* Extract value */
if (parse_skip_space(handle, info) < 0)
goto err;
if (parse_optional_str(info, "true") != STATUS_NODATA)
value = 1;
else if (parse_optional_str(info, "TRUE") != STATUS_NODATA)
value = 1;
else if (parse_optional_str(info, "false") != STATUS_NODATA)
value = 0;
else if (parse_optional_str(info, "FALSE") != STATUS_NODATA)
value = 0;
else if (parse_fetch_int(handle, info, &value, ' ') < 0)
goto err;
if (value != 0 && value != 1) {
ERR(handle, "invalid boolean value for \"%s\": %u "
"(%s: %u)\n%s", semanage_bool_get_name(boolean),
value, info->filename, info->lineno, info->orig_line);
goto err;
}
semanage_bool_set_value(boolean, value);
if (parse_assert_space(handle, info) < 0)
goto err;
return STATUS_SUCCESS;
last:
parse_dispose_line(info);
return STATUS_NODATA;
err:
ERR(handle, "could not parse boolean record");
free(str);
parse_dispose_line(info);
return STATUS_ERR;
}
/* Apply permanent boolean changes to policy via libsemanage */
static int semanage_set_boolean_list(size_t boolcnt,
SELboolean * boollist)
{
size_t j;
semanage_handle_t *handle = NULL;
semanage_bool_t *boolean = NULL;
semanage_bool_key_t *bool_key = NULL;
int managed;
handle = semanage_handle_create();
if (handle == NULL) {
fprintf(stderr, "Could not create semanage library handle\n");
goto err;
}
managed = semanage_is_managed(handle);
if (managed < 0) {
fprintf(stderr,
"Error when checking whether policy is managed\n");
goto err;
} else if (managed == 0) {
if (getuid() == 0) {
fprintf(stderr,
"Cannot set persistent booleans without managed policy.\n");
} else {
fprintf(stderr,
"Cannot set persistent booleans, please try as root.\n");
}
goto err;
}
if (semanage_connect(handle) < 0)
goto err;
if (semanage_begin_transaction(handle) < 0)
goto err;
for (j = 0; j < boolcnt; j++) {
if (semanage_bool_create(handle, &boolean) < 0)
goto err;
if (semanage_bool_set_name(handle, boolean, boollist[j].name) <
0)
goto err;
semanage_bool_set_value(boolean, boollist[j].value);
if (semanage_bool_key_extract(handle, boolean, &bool_key) < 0)
goto err;
if (semanage_bool_modify_local(handle, bool_key,
boolean) < 0)
goto err;
if (semanage_bool_set_active(handle, bool_key, boolean) < 0) {
fprintf(stderr, "Could not change boolean %s\n",
boollist[j].name);
goto err;
}
semanage_bool_key_free(bool_key);
semanage_bool_free(boolean);
bool_key = NULL;
boolean = NULL;
}
semanage_set_reload(handle, reload);
if (semanage_commit(handle) < 0)
goto err;
semanage_disconnect(handle);
semanage_handle_destroy(handle);
return 0;
err:
semanage_bool_key_free(bool_key);
semanage_bool_free(boolean);
semanage_handle_destroy(handle);
fprintf(stderr, "Could not change policy booleans\n");
return -1;
}
