From: Stephen Smalley <sds@tycho.nsa.gov>
To: selinux@tycho.nsa.gov
Cc: alan.christopher.jenkins@gmail.com, Stephen Smalley <sds@tycho.nsa.gov>
Subject: [PATCH] policycoreutils/setfiles: set up a logging callback for libselinux
Date: Tue, 24 Jan 2017 14:39:41 -0500 [thread overview]
Message-ID: <1485286781-29708-1-git-send-email-sds@tycho.nsa.gov> (raw)
Define a logging callback for libselinux so that any informational
or error messages generated by libselinux functions are properly
prefixed with the program name and routed to the proper output stream.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
policycoreutils/setfiles/setfiles.c | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index 1a2d711..d767131 100644
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -138,6 +138,19 @@ static void maybe_audit_mass_relabel(int mass_relabel, int mass_relabel_errs)
#endif
}
+static int __attribute__ ((format(printf, 2, 3)))
+log_callback(int type, const char *fmt, ...)
+{
+ int rc;
+ FILE *out = (type == SELINUX_INFO) ? stdout : stderr;
+ va_list ap;
+ fprintf(out, "%s: ", r_opts.progname);
+ va_start(ap, fmt);
+ rc = vfprintf(out, fmt, ap);
+ va_end(ap);
+ return rc;
+}
+
int main(int argc, char **argv)
{
struct stat sb;
@@ -151,6 +164,7 @@ int main(int argc, char **argv)
const char *ropts = "e:f:hiIDlmno:pqrsvFRW0";
const char *sopts = "c:de:f:hiIDlmno:pqr:svFR:W0";
const char *opts;
+ union selinux_callback cb;
/* Initialize variables */
memset(&r_opts, 0, sizeof(r_opts));
@@ -383,6 +397,9 @@ int main(int argc, char **argv)
mass_relabel = 1;
}
+ cb.func_log = log_callback;
+ selinux_set_callback(SELINUX_CB_LOG, cb);
+
if (!iamrestorecon) {
if (policyfile) {
if (optind != (argc - 1))
@@ -401,8 +418,8 @@ int main(int argc, char **argv)
* we can support either checking against the active policy or
* checking against a binary policy file.
*/
- selinux_set_callback(SELINUX_CB_VALIDATE,
- (union selinux_callback)&canoncon);
+ cb.func_validate = canoncon;
+ selinux_set_callback(SELINUX_CB_VALIDATE, cb);
if (stat(argv[optind], &sb) < 0) {
perror(argv[optind]);
--
2.7.4
next reply other threads:[~2017-01-24 19:39 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-24 19:39 Stephen Smalley [this message]
2017-01-24 23:39 ` [PATCH] policycoreutils/setfiles: set up a logging callback for libselinux Alan Jenkins
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1485286781-29708-1-git-send-email-sds@tycho.nsa.gov \
--to=sds@tycho.nsa.gov \
--cc=alan.christopher.jenkins@gmail.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.