Home | History | Annotate | Download | only in src
      1 /* Authors: Karl MacMillan <kmacmillan (at) tresys.com>
      2  *	    Joshua Brindle <jbrindle (at) tresys.com>
      3  *	    Jason Tang <jtang (at) tresys.com>
      4  *	    Christopher Ashworth <cashworth (at) tresys.com>
      5  *
      6  * Copyright (C) 2004-2006 Tresys Technology, LLC
      7  * Copyright (C) 2005 Red Hat, Inc.
      8  *
      9  *  This library is free software; you can redistribute it and/or
     10  *  modify it under the terms of the GNU Lesser General Public
     11  *  License as published by the Free Software Foundation; either
     12  *  version 2.1 of the License, or (at your option) any later version.
     13  *
     14  *  This library is distributed in the hope that it will be useful,
     15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
     16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     17  *  Lesser General Public License for more details.
     18  *
     19  *  You should have received a copy of the GNU Lesser General Public
     20  *  License along with this library; if not, write to the Free Software
     21  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
     22  */
     23 
     24 #ifndef SEMANAGE_MODULE_STORE_H
     25 #define SEMANAGE_MODULE_STORE_H
     26 
     27 #include <sys/time.h>
     28 #include <sepol/module.h>
     29 #include <sepol/cil/cil.h>
     30 #include "handle.h"
     31 
     32 enum semanage_store_defs {
     33 	SEMANAGE_ACTIVE,
     34 	SEMANAGE_PREVIOUS,
     35 	SEMANAGE_TMP,
     36 	SEMANAGE_NUM_STORES
     37 };
     38 
     39 /* sandbox filenames and paths */
     40 enum semanage_sandbox_defs {
     41 	SEMANAGE_TOPLEVEL,
     42 	SEMANAGE_MODULES,
     43 	SEMANAGE_LINKED,
     44 	SEMANAGE_HOMEDIR_TMPL,
     45 	SEMANAGE_FC_TMPL,
     46 	SEMANAGE_COMMIT_NUM_FILE,
     47 	SEMANAGE_PORTS_LOCAL,
     48 	SEMANAGE_INTERFACES_LOCAL,
     49 	SEMANAGE_NODES_LOCAL,
     50 	SEMANAGE_BOOLEANS_LOCAL,
     51 	SEMANAGE_SEUSERS_LOCAL,
     52 	SEMANAGE_USERS_BASE_LOCAL,
     53 	SEMANAGE_USERS_EXTRA_LOCAL,
     54 	SEMANAGE_USERS_EXTRA,
     55 	SEMANAGE_DISABLE_DONTAUDIT,
     56 	SEMANAGE_PRESERVE_TUNABLES,
     57 	SEMANAGE_MODULES_DISABLED,
     58 	SEMANAGE_STORE_KERNEL,
     59 	SEMANAGE_STORE_FC_LOCAL,
     60 	SEMANAGE_STORE_FC,
     61 	SEMANAGE_STORE_SEUSERS,
     62 	SEMANAGE_STORE_NUM_PATHS
     63 };
     64 
     65 enum semanage_final_defs {
     66 	SEMANAGE_FINAL_TMP,
     67 	SEMANAGE_FINAL_SELINUX,
     68 	SEMANAGE_FINAL_NUM
     69 };
     70 
     71 enum semanage_final_path_defs {
     72 	SEMANAGE_FINAL_TOPLEVEL,
     73 	SEMANAGE_FC,
     74 	SEMANAGE_FC_BIN,
     75 	SEMANAGE_FC_HOMEDIRS,
     76 	SEMANAGE_FC_HOMEDIRS_BIN,
     77 	SEMANAGE_FC_LOCAL,
     78 	SEMANAGE_FC_LOCAL_BIN,
     79 	SEMANAGE_KERNEL,
     80 	SEMANAGE_NC,
     81 	SEMANAGE_SEUSERS,
     82 	SEMANAGE_FINAL_PATH_NUM
     83 };
     84 
     85 /* FIXME: this needs to be made a module store specific init and the
     86  * global configuration moved to another file.
     87  */
     88 char *semanage_conf_path(void);
     89 
     90 int semanage_check_init(semanage_handle_t *sh, const char *prefix);
     91 
     92 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
     93 
     94 extern const char *semanage_path(enum semanage_store_defs store,
     95 				 enum semanage_sandbox_defs file);
     96 
     97 extern const char *semanage_final_path(enum semanage_final_defs root,
     98 				       enum semanage_final_path_defs suffix);
     99 
    100 int semanage_create_store(semanage_handle_t * sh, int create);
    101 
    102 int semanage_store_access_check(void);
    103 
    104 int semanage_remove_directory(const char *path);
    105 
    106 int semanage_mkdir(semanage_handle_t *sh, const char *path);
    107 
    108 int semanage_mkpath(semanage_handle_t *sh, const char *path);
    109 
    110 int semanage_make_sandbox(semanage_handle_t * sh);
    111 
    112 int semanage_make_final(semanage_handle_t * sh);
    113 
    114 int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modinfos,
    115 			       int len, char ***filenames);
    116 
    117 int semanage_get_active_modules(semanage_handle_t *sh,
    118 			       semanage_module_info_t **modinfo, int *num_modules);
    119 
    120 
    121 /* lock file routines */
    122 int semanage_get_trans_lock(semanage_handle_t * sh);
    123 int semanage_get_active_lock(semanage_handle_t * sh);
    124 void semanage_release_trans_lock(semanage_handle_t * sh);
    125 void semanage_release_active_lock(semanage_handle_t * sh);
    126 int semanage_direct_get_serial(semanage_handle_t * sh);
    127 
    128 int semanage_load_files(semanage_handle_t * sh,
    129 			    cil_db_t *cildb, char **filenames, int num_modules);
    130 
    131 int semanage_read_policydb(semanage_handle_t * sh,
    132 			    sepol_policydb_t * policydb);
    133 
    134 int semanage_write_policydb(semanage_handle_t * sh,
    135 			    sepol_policydb_t * policydb);
    136 
    137 int semanage_install_sandbox(semanage_handle_t * sh);
    138 
    139 int semanage_verify_modules(semanage_handle_t * sh,
    140 			    char **module_filenames, int num_modules);
    141 
    142 int semanage_verify_linked(semanage_handle_t * sh);
    143 int semanage_verify_kernel(semanage_handle_t * sh);
    144 int semanage_split_fc(semanage_handle_t * sh);
    145 
    146 /* sort file context routines */
    147 int semanage_fc_sort(semanage_handle_t * sh,
    148 		     const char *buf,
    149 		     size_t buf_len,
    150 		     char **sorted_buf, size_t * sorted_buf_len);
    151 
    152 /* sort netfilter context routines */
    153 int semanage_nc_sort(semanage_handle_t * sh,
    154 		     const char *buf,
    155 		     size_t buf_len,
    156 		     char **sorted_buf, size_t * sorted_buf_len);
    157 
    158 int semanage_copy_file(const char *src, const char *dst, mode_t mode);
    159 
    160 #endif
    161