Home | History | Annotate | Download | only in src
      1 /* Authors: Karl MacMillan <kmacmillan (at) tresys.com>
      2  *	    Joshua Brindle <jbrindle (at) tresys.com>
      3  *	    Jason Tang <jtang (at) tresys.com>
      4  *	    Christopher Ashworth <cashworth (at) tresys.com>
      5  *
      6  * Copyright (C) 2004-2006 Tresys Technology, LLC
      7  * Copyright (C) 2005 Red Hat, Inc.
      8  *
      9  *  This library is free software; you can redistribute it and/or
     10  *  modify it under the terms of the GNU Lesser General Public
     11  *  License as published by the Free Software Foundation; either
     12  *  version 2.1 of the License, or (at your option) any later version.
     13  *
     14  *  This library is distributed in the hope that it will be useful,
     15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
     16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     17  *  Lesser General Public License for more details.
     18  *
     19  *  You should have received a copy of the GNU Lesser General Public
     20  *  License along with this library; if not, write to the Free Software
     21  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
     22  */
     23 
     24 #ifndef SEMANAGE_MODULE_STORE_H
     25 #define SEMANAGE_MODULE_STORE_H
     26 
     27 #include <sys/time.h>
     28 #include <sepol/module.h>
     29 #include <sepol/cil/cil.h>
     30 #include "handle.h"
     31 
     32 enum semanage_store_defs {
     33 	SEMANAGE_ACTIVE,
     34 	SEMANAGE_PREVIOUS,
     35 	SEMANAGE_TMP,
     36 	SEMANAGE_NUM_STORES
     37 };
     38 
     39 /* sandbox filenames and paths */
     40 enum semanage_sandbox_defs {
     41 	SEMANAGE_TOPLEVEL,
     42 	SEMANAGE_MODULES,
     43 	SEMANAGE_LINKED,
     44 	SEMANAGE_HOMEDIR_TMPL,
     45 	SEMANAGE_FC_TMPL,
     46 	SEMANAGE_COMMIT_NUM_FILE,
     47 	SEMANAGE_PORTS_LOCAL,
     48 	SEMANAGE_INTERFACES_LOCAL,
     49 	SEMANAGE_NODES_LOCAL,
     50 	SEMANAGE_BOOLEANS_LOCAL,
     51 	SEMANAGE_SEUSERS_LOCAL,
     52 	SEMANAGE_SEUSERS_LINKED,
     53 	SEMANAGE_USERS_BASE_LOCAL,
     54 	SEMANAGE_USERS_EXTRA_LOCAL,
     55 	SEMANAGE_USERS_EXTRA_LINKED,
     56 	SEMANAGE_USERS_EXTRA,
     57 	SEMANAGE_DISABLE_DONTAUDIT,
     58 	SEMANAGE_PRESERVE_TUNABLES,
     59 	SEMANAGE_MODULES_DISABLED,
     60 	SEMANAGE_STORE_KERNEL,
     61 	SEMANAGE_STORE_FC_LOCAL,
     62 	SEMANAGE_STORE_FC,
     63 	SEMANAGE_STORE_SEUSERS,
     64 	SEMANAGE_STORE_NUM_PATHS
     65 };
     66 
     67 enum semanage_final_defs {
     68 	SEMANAGE_FINAL_TMP,
     69 	SEMANAGE_FINAL_SELINUX,
     70 	SEMANAGE_FINAL_NUM
     71 };
     72 
     73 enum semanage_final_path_defs {
     74 	SEMANAGE_FINAL_TOPLEVEL,
     75 	SEMANAGE_FC,
     76 	SEMANAGE_FC_BIN,
     77 	SEMANAGE_FC_HOMEDIRS,
     78 	SEMANAGE_FC_HOMEDIRS_BIN,
     79 	SEMANAGE_FC_LOCAL,
     80 	SEMANAGE_FC_LOCAL_BIN,
     81 	SEMANAGE_KERNEL,
     82 	SEMANAGE_NC,
     83 	SEMANAGE_SEUSERS,
     84 	SEMANAGE_FINAL_PATH_NUM
     85 };
     86 
     87 /* FIXME: this needs to be made a module store specific init and the
     88  * global configuration moved to another file.
     89  */
     90 char *semanage_conf_path(void);
     91 
     92 int semanage_check_init(semanage_handle_t *sh, const char *prefix);
     93 
     94 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
     95 
     96 extern const char *semanage_path(enum semanage_store_defs store,
     97 				 enum semanage_sandbox_defs file);
     98 
     99 extern const char *semanage_final_path(enum semanage_final_defs root,
    100 				       enum semanage_final_path_defs suffix);
    101 
    102 int semanage_create_store(semanage_handle_t * sh, int create);
    103 
    104 int semanage_store_access_check(void);
    105 
    106 int semanage_remove_directory(const char *path);
    107 
    108 int semanage_mkdir(semanage_handle_t *sh, const char *path);
    109 
    110 int semanage_mkpath(semanage_handle_t *sh, const char *path);
    111 
    112 int semanage_make_sandbox(semanage_handle_t * sh);
    113 
    114 int semanage_make_final(semanage_handle_t * sh);
    115 
    116 int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modinfos,
    117 			       int len, char ***filenames);
    118 
    119 int semanage_get_active_modules(semanage_handle_t *sh,
    120 			       semanage_module_info_t **modinfo, int *num_modules);
    121 
    122 
    123 /* lock file routines */
    124 int semanage_get_trans_lock(semanage_handle_t * sh);
    125 int semanage_get_active_lock(semanage_handle_t * sh);
    126 void semanage_release_trans_lock(semanage_handle_t * sh);
    127 void semanage_release_active_lock(semanage_handle_t * sh);
    128 int semanage_direct_get_serial(semanage_handle_t * sh);
    129 
    130 int semanage_load_files(semanage_handle_t * sh,
    131 			    cil_db_t *cildb, char **filenames, int num_modules);
    132 
    133 int semanage_read_policydb(semanage_handle_t * sh,
    134 			   sepol_policydb_t * policydb,
    135 			   enum semanage_sandbox_defs file);
    136 
    137 int semanage_write_policydb(semanage_handle_t * sh,
    138 			    sepol_policydb_t * policydb,
    139 			    enum semanage_sandbox_defs file);
    140 
    141 int semanage_install_sandbox(semanage_handle_t * sh);
    142 
    143 int semanage_verify_modules(semanage_handle_t * sh,
    144 			    char **module_filenames, int num_modules);
    145 
    146 int semanage_verify_linked(semanage_handle_t * sh);
    147 int semanage_verify_kernel(semanage_handle_t * sh);
    148 int semanage_split_fc(semanage_handle_t * sh);
    149 
    150 /* sort file context routines */
    151 int semanage_fc_sort(semanage_handle_t * sh,
    152 		     const char *buf,
    153 		     size_t buf_len,
    154 		     char **sorted_buf, size_t * sorted_buf_len);
    155 
    156 /* sort netfilter context routines */
    157 int semanage_nc_sort(semanage_handle_t * sh,
    158 		     const char *buf,
    159 		     size_t buf_len,
    160 		     char **sorted_buf, size_t * sorted_buf_len);
    161 
    162 int semanage_copy_file(const char *src, const char *dst, mode_t mode);
    163 
    164 #endif
    165