static int bool_parse(semanage_handle_t * handle, parse_info_t * info, semanage_bool_t * boolean) { int value = 0; char *str = NULL; if (parse_skip_space(handle, info) < 0) goto err; if (!info->ptr) goto last; /* Extract name */ if (parse_fetch_string(handle, info, &str, '=') < 0) goto err; if (semanage_bool_set_name(handle, boolean, str) < 0) goto err; free(str); str = NULL; /* Assert = */ if (parse_skip_space(handle, info) < 0) goto err; if (parse_assert_ch(handle, info, '=') < 0) goto err; /* Extract value */ if (parse_skip_space(handle, info) < 0) goto err; if (parse_optional_str(info, "true") != STATUS_NODATA) value = 1; else if (parse_optional_str(info, "TRUE") != STATUS_NODATA) value = 1; else if (parse_optional_str(info, "false") != STATUS_NODATA) value = 0; else if (parse_optional_str(info, "FALSE") != STATUS_NODATA) value = 0; else if (parse_fetch_int(handle, info, &value, ' ') < 0) goto err; if (value != 0 && value != 1) { ERR(handle, "invalid boolean value for \"%s\": %u " "(%s: %u)\n%s", semanage_bool_get_name(boolean), value, info->filename, info->lineno, info->orig_line); goto err; } semanage_bool_set_value(boolean, value); if (parse_assert_space(handle, info) < 0) goto err; return STATUS_SUCCESS; last: parse_dispose_line(info); return STATUS_NODATA; err: ERR(handle, "could not parse boolean record"); free(str); parse_dispose_line(info); return STATUS_ERR; }
/* Apply permanent boolean changes to policy via libsemanage */ static int semanage_set_boolean_list(size_t boolcnt, SELboolean * boollist) { size_t j; semanage_handle_t *handle = NULL; semanage_bool_t *boolean = NULL; semanage_bool_key_t *bool_key = NULL; int managed; handle = semanage_handle_create(); if (handle == NULL) { fprintf(stderr, "Could not create semanage library handle\n"); goto err; } managed = semanage_is_managed(handle); if (managed < 0) { fprintf(stderr, "Error when checking whether policy is managed\n"); goto err; } else if (managed == 0) { if (getuid() == 0) { fprintf(stderr, "Cannot set persistent booleans without managed policy.\n"); } else { fprintf(stderr, "Cannot set persistent booleans, please try as root.\n"); } goto err; } if (semanage_connect(handle) < 0) goto err; if (semanage_begin_transaction(handle) < 0) goto err; for (j = 0; j < boolcnt; j++) { if (semanage_bool_create(handle, &boolean) < 0) goto err; if (semanage_bool_set_name(handle, boolean, boollist[j].name) < 0) goto err; semanage_bool_set_value(boolean, boollist[j].value); if (semanage_bool_key_extract(handle, boolean, &bool_key) < 0) goto err; if (semanage_bool_modify_local(handle, bool_key, boolean) < 0) goto err; if (semanage_bool_set_active(handle, bool_key, boolean) < 0) { fprintf(stderr, "Could not change boolean %s\n", boollist[j].name); goto err; } semanage_bool_key_free(bool_key); semanage_bool_free(boolean); bool_key = NULL; boolean = NULL; } semanage_set_reload(handle, reload); if (semanage_commit(handle) < 0) goto err; semanage_disconnect(handle); semanage_handle_destroy(handle); return 0; err: semanage_bool_key_free(bool_key); semanage_bool_free(boolean); semanage_handle_destroy(handle); fprintf(stderr, "Could not change policy booleans\n"); return -1; }