Home | History | Annotate | Download | only in src
      1 /* Authors: Karl MacMillan <kmacmillan (at) tresys.com>
      2  *	    Joshua Brindle <jbrindle (at) tresys.com>
      3  *	    Jason Tang <jtang (at) tresys.com>
      4  *	    Christopher Ashworth <cashworth (at) tresys.com>
      5  *
      6  * Copyright (C) 2004-2006 Tresys Technology, LLC
      7  * Copyright (C) 2005 Red Hat, Inc.
      8  *
      9  *  This library is free software; you can redistribute it and/or
     10  *  modify it under the terms of the GNU Lesser General Public
     11  *  License as published by the Free Software Foundation; either
     12  *  version 2.1 of the License, or (at your option) any later version.
     13  *
     14  *  This library is distributed in the hope that it will be useful,
     15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
     16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     17  *  Lesser General Public License for more details.
     18  *
     19  *  You should have received a copy of the GNU Lesser General Public
     20  *  License along with this library; if not, write to the Free Software
     21  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
     22  */
     23 
     24 #ifndef SEMANAGE_MODULE_STORE_H
     25 #define SEMANAGE_MODULE_STORE_H
     26 
     27 #include <sys/time.h>
     28 #include <sepol/module.h>
     29 #include <sepol/cil/cil.h>
     30 #include "handle.h"
     31 
     32 enum semanage_store_defs {
     33 	SEMANAGE_ACTIVE,
     34 	SEMANAGE_PREVIOUS,
     35 	SEMANAGE_TMP,
     36 	SEMANAGE_NUM_STORES
     37 };
     38 
     39 /* sandbox filenames and paths */
     40 enum semanage_sandbox_defs {
     41 	SEMANAGE_TOPLEVEL,
     42 	SEMANAGE_MODULES,
     43 	SEMANAGE_LINKED,
     44 	SEMANAGE_HOMEDIR_TMPL,
     45 	SEMANAGE_FC_TMPL,
     46 	SEMANAGE_COMMIT_NUM_FILE,
     47 	SEMANAGE_PORTS_LOCAL,
     48 	SEMANAGE_INTERFACES_LOCAL,
     49 	SEMANAGE_NODES_LOCAL,
     50 	SEMANAGE_BOOLEANS_LOCAL,
     51 	SEMANAGE_SEUSERS_LOCAL,
     52 	SEMANAGE_USERS_BASE_LOCAL,
     53 	SEMANAGE_USERS_EXTRA_LOCAL,
     54 	SEMANAGE_USERS_EXTRA,
     55 	SEMANAGE_DISABLE_DONTAUDIT,
     56 	SEMANAGE_PRESERVE_TUNABLES,
     57 	SEMANAGE_MODULES_DISABLED,
     58 	SEMANAGE_STORE_KERNEL,
     59 	SEMANAGE_STORE_FC_LOCAL,
     60 	SEMANAGE_STORE_FC,
     61 	SEMANAGE_STORE_SEUSERS,
     62 	SEMANAGE_STORE_NUM_PATHS
     63 };
     64 
     65 enum semanage_final_defs {
     66 	SEMANAGE_FINAL_TMP,
     67 	SEMANAGE_FINAL_SELINUX,
     68 	SEMANAGE_FINAL_NUM
     69 };
     70 
     71 enum semanage_final_path_defs {
     72 	SEMANAGE_FINAL_TOPLEVEL,
     73 	SEMANAGE_FC,
     74 	SEMANAGE_FC_HOMEDIRS,
     75 	SEMANAGE_FC_LOCAL,
     76 	SEMANAGE_KERNEL,
     77 	SEMANAGE_NC,
     78 	SEMANAGE_SEUSERS,
     79 	SEMANAGE_FINAL_PATH_NUM
     80 };
     81 
     82 /* FIXME: this needs to be made a module store specific init and the
     83  * global configuration moved to another file.
     84  */
     85 char *semanage_conf_path(void);
     86 
     87 int semanage_check_init(semanage_handle_t *sh, const char *prefix);
     88 
     89 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
     90 
     91 extern const char *semanage_path(enum semanage_store_defs store,
     92 				 enum semanage_sandbox_defs file);
     93 
     94 extern const char *semanage_final_path(enum semanage_final_defs root,
     95 				       enum semanage_final_path_defs suffix);
     96 
     97 int semanage_create_store(semanage_handle_t * sh, int create);
     98 
     99 int semanage_store_access_check(void);
    100 
    101 int semanage_remove_directory(const char *path);
    102 
    103 int semanage_mkdir(semanage_handle_t *sh, const char *path);
    104 
    105 int semanage_mkpath(semanage_handle_t *sh, const char *path);
    106 
    107 int semanage_make_sandbox(semanage_handle_t * sh);
    108 
    109 int semanage_make_final(semanage_handle_t * sh);
    110 
    111 int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modinfos,
    112 			       int len, char ***filenames);
    113 
    114 int semanage_get_active_modules(semanage_handle_t *sh,
    115 			       semanage_module_info_t **modinfo, int *num_modules);
    116 
    117 
    118 /* lock file routines */
    119 int semanage_get_trans_lock(semanage_handle_t * sh);
    120 int semanage_get_active_lock(semanage_handle_t * sh);
    121 void semanage_release_trans_lock(semanage_handle_t * sh);
    122 void semanage_release_active_lock(semanage_handle_t * sh);
    123 int semanage_direct_get_serial(semanage_handle_t * sh);
    124 
    125 int semanage_load_files(semanage_handle_t * sh,
    126 			    cil_db_t *cildb, char **filenames, int num_modules);
    127 
    128 int semanage_read_policydb(semanage_handle_t * sh,
    129 			    sepol_policydb_t * policydb);
    130 
    131 int semanage_write_policydb(semanage_handle_t * sh,
    132 			    sepol_policydb_t * policydb);
    133 
    134 int semanage_install_sandbox(semanage_handle_t * sh);
    135 
    136 int semanage_verify_modules(semanage_handle_t * sh,
    137 			    char **module_filenames, int num_modules);
    138 
    139 int semanage_verify_linked(semanage_handle_t * sh);
    140 int semanage_verify_kernel(semanage_handle_t * sh);
    141 int semanage_split_fc(semanage_handle_t * sh);
    142 
    143 /* sort file context routines */
    144 int semanage_fc_sort(semanage_handle_t * sh,
    145 		     const char *buf,
    146 		     size_t buf_len,
    147 		     char **sorted_buf, size_t * sorted_buf_len);
    148 
    149 /* sort netfilter context routines */
    150 int semanage_nc_sort(semanage_handle_t * sh,
    151 		     const char *buf,
    152 		     size_t buf_len,
    153 		     char **sorted_buf, size_t * sorted_buf_len);
    154 
    155 int semanage_copy_file(const char *src, const char *dst, mode_t mode);
    156 
    157 #endif
    158