1 /* Authors: Karl MacMillan <kmacmillan (at) tresys.com> 2 * Joshua Brindle <jbrindle (at) tresys.com> 3 * Jason Tang <jtang (at) tresys.com> 4 * Christopher Ashworth <cashworth (at) tresys.com> 5 * 6 * Copyright (C) 2004-2006 Tresys Technology, LLC 7 * Copyright (C) 2005 Red Hat, Inc. 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2.1 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, write to the Free Software 21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 22 */ 23 24 #ifndef SEMANAGE_MODULE_STORE_H 25 #define SEMANAGE_MODULE_STORE_H 26 27 #include <sys/time.h> 28 #include <sepol/module.h> 29 #include <sepol/cil/cil.h> 30 #include "handle.h" 31 32 enum semanage_store_defs { 33 SEMANAGE_ACTIVE, 34 SEMANAGE_PREVIOUS, 35 SEMANAGE_TMP, 36 SEMANAGE_NUM_STORES 37 }; 38 39 /* sandbox filenames and paths */ 40 enum semanage_sandbox_defs { 41 SEMANAGE_TOPLEVEL, 42 SEMANAGE_MODULES, 43 SEMANAGE_LINKED, 44 SEMANAGE_HOMEDIR_TMPL, 45 SEMANAGE_FC_TMPL, 46 SEMANAGE_COMMIT_NUM_FILE, 47 SEMANAGE_IBPKEYS_LOCAL, 48 SEMANAGE_IBENDPORTS_LOCAL, 49 SEMANAGE_PORTS_LOCAL, 50 SEMANAGE_INTERFACES_LOCAL, 51 SEMANAGE_NODES_LOCAL, 52 SEMANAGE_BOOLEANS_LOCAL, 53 SEMANAGE_SEUSERS_LOCAL, 54 SEMANAGE_SEUSERS_LINKED, 55 SEMANAGE_USERS_BASE_LOCAL, 56 SEMANAGE_USERS_EXTRA_LOCAL, 57 SEMANAGE_USERS_EXTRA_LINKED, 58 SEMANAGE_USERS_EXTRA, 59 SEMANAGE_DISABLE_DONTAUDIT, 60 SEMANAGE_PRESERVE_TUNABLES, 61 SEMANAGE_MODULES_DISABLED, 62 SEMANAGE_STORE_KERNEL, 63 SEMANAGE_STORE_FC_LOCAL, 64 SEMANAGE_STORE_FC_HOMEDIRS, 65 SEMANAGE_STORE_FC, 66 SEMANAGE_STORE_SEUSERS, 67 SEMANAGE_STORE_NUM_PATHS 68 }; 69 70 enum semanage_final_defs { 71 SEMANAGE_FINAL_TMP, 72 SEMANAGE_FINAL_SELINUX, 73 SEMANAGE_FINAL_NUM 74 }; 75 76 enum semanage_final_path_defs { 77 SEMANAGE_FINAL_TOPLEVEL, 78 SEMANAGE_FC, 79 SEMANAGE_FC_BIN, 80 SEMANAGE_FC_HOMEDIRS, 81 SEMANAGE_FC_HOMEDIRS_BIN, 82 SEMANAGE_FC_LOCAL, 83 SEMANAGE_FC_LOCAL_BIN, 84 SEMANAGE_KERNEL, 85 SEMANAGE_NC, 86 SEMANAGE_SEUSERS, 87 SEMANAGE_FINAL_PATH_NUM 88 }; 89 90 /* FIXME: this needs to be made a module store specific init and the 91 * global configuration moved to another file. 92 */ 93 char *semanage_conf_path(void); 94 95 int semanage_check_init(semanage_handle_t *sh, const char *prefix); 96 97 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum); 98 99 extern const char *semanage_path(enum semanage_store_defs store, 100 enum semanage_sandbox_defs file); 101 102 extern const char *semanage_final_path(enum semanage_final_defs root, 103 enum semanage_final_path_defs suffix); 104 105 int semanage_create_store(semanage_handle_t * sh, int create); 106 107 int semanage_store_access_check(void); 108 109 int semanage_remove_directory(const char *path); 110 111 int semanage_mkdir(semanage_handle_t *sh, const char *path); 112 113 int semanage_mkpath(semanage_handle_t *sh, const char *path); 114 115 int semanage_make_sandbox(semanage_handle_t * sh); 116 117 int semanage_make_final(semanage_handle_t * sh); 118 119 int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modinfos, 120 int len, char ***filenames); 121 122 int semanage_get_active_modules(semanage_handle_t *sh, 123 semanage_module_info_t **modinfo, int *num_modules); 124 125 126 /* lock file routines */ 127 int semanage_get_trans_lock(semanage_handle_t * sh); 128 int semanage_get_active_lock(semanage_handle_t * sh); 129 void semanage_release_trans_lock(semanage_handle_t * sh); 130 void semanage_release_active_lock(semanage_handle_t * sh); 131 int semanage_direct_get_serial(semanage_handle_t * sh); 132 133 int semanage_load_files(semanage_handle_t * sh, 134 cil_db_t *cildb, char **filenames, int num_modules); 135 136 int semanage_read_policydb(semanage_handle_t * sh, 137 sepol_policydb_t * policydb, 138 enum semanage_sandbox_defs file); 139 140 int semanage_write_policydb(semanage_handle_t * sh, 141 sepol_policydb_t * policydb, 142 enum semanage_sandbox_defs file); 143 144 int semanage_install_sandbox(semanage_handle_t * sh); 145 146 int semanage_verify_modules(semanage_handle_t * sh, 147 char **module_filenames, int num_modules); 148 149 int semanage_verify_linked(semanage_handle_t * sh); 150 int semanage_verify_kernel(semanage_handle_t * sh); 151 int semanage_split_fc(semanage_handle_t * sh); 152 153 /* sort file context routines */ 154 int semanage_fc_sort(semanage_handle_t * sh, 155 const char *buf, 156 size_t buf_len, 157 char **sorted_buf, size_t * sorted_buf_len); 158 159 /* sort netfilter context routines */ 160 int semanage_nc_sort(semanage_handle_t * sh, 161 const char *buf, 162 size_t buf_len, 163 char **sorted_buf, size_t * sorted_buf_len); 164 165 int semanage_copy_file(const char *src, const char *dst, mode_t mode); 166 167 #endif 168
