[Pkg-shadow-commits] r3651 - in upstream/trunk: . lib po
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Fri Dec 9 21:30:20 UTC 2011
Author: nekral-guest
Date: 2011-12-09 21:30:19 +0000 (Fri, 09 Dec 2011)
New Revision: 3651
Added:
upstream/trunk/lib/semanage.c
Removed:
upstream/trunk/lib/selinux.c
Modified:
upstream/trunk/ChangeLog
upstream/trunk/lib/Makefile.am
upstream/trunk/lib/prototypes.h
upstream/trunk/po/POTFILES.in
Log:
* lib/Makefile.am, lib/prototypes.h, lib/selinux.c,
lib/semanage.c, po/POTFILES.in: Move lib/selinux.c to
lib/semanage.c.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2011-11-21 22:02:15 UTC (rev 3650)
+++ upstream/trunk/ChangeLog 2011-12-09 21:30:19 UTC (rev 3651)
@@ -1,3 +1,9 @@
+2011-12-09 Nicolas François <nicolas.francois at centraliens.net>
+
+ * lib/Makefile.am, lib/prototypes.h, lib/selinux.c,
+ lib/semanage.c, po/POTFILES.in: Move lib/selinux.c to
+ lib/semanage.c.
+
2011-11-21 Nicolas François <nicolas.francois at centraliens.net>
* src/usermod.c, man/usermod.8.xml: usermod -Z "" removes the
Modified: upstream/trunk/lib/Makefile.am
===================================================================
--- upstream/trunk/lib/Makefile.am 2011-11-21 22:02:15 UTC (rev 3650)
+++ upstream/trunk/lib/Makefile.am 2011-12-09 21:30:19 UTC (rev 3651)
@@ -39,7 +39,7 @@
pwio.c \
pwio.h \
pwmem.c \
- selinux.c \
+ semanage.c \
sgetgrent.c \
sgetpwent.c \
sgetspent.c \
Modified: upstream/trunk/lib/prototypes.h
===================================================================
--- upstream/trunk/lib/prototypes.h 2011-11-21 22:02:15 UTC (rev 3650)
+++ upstream/trunk/lib/prototypes.h 2011-12-09 21:30:19 UTC (rev 3651)
@@ -297,9 +297,9 @@
/* salt.c */
extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg);
-/* selinux.c */
-int set_seuser(const char *login_name, const char *seuser_name);
-int del_seuser(const char *login_name);
+/* semanage.c */
+extern int set_seuser(const char *login_name, const char *seuser_name);
+extern int del_seuser(const char *login_name);
/* setugid.c */
extern int setup_groups (const struct passwd *info);
Deleted: upstream/trunk/lib/selinux.c
===================================================================
--- upstream/trunk/lib/selinux.c 2011-11-21 22:02:15 UTC (rev 3650)
+++ upstream/trunk/lib/selinux.c 2011-12-09 21:30:19 UTC (rev 3651)
@@ -1,375 +0,0 @@
-/*
- * Copyright (c) 2010 , Jakub Hrozek <jhrozek at redhat.com>
- * Copyright (c) 2011 , Peter Vrabec <pvrabec at redhat.com>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- * endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <config.h>
-
-#ifdef WITH_SELINUX
-
-#include "defines.h"
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdarg.h>
-#include <selinux/selinux.h>
-#include <semanage/semanage.h>
-
-
-#ifndef DEFAULT_SERANGE
-#define DEFAULT_SERANGE "s0"
-#endif
-
-
-static void semanage_error_callback (void *varg,
- semanage_handle_t *handle,
- const char *fmt, ...)
-{
- int ret;
- char * message = NULL;
- va_list ap;
-
-
- va_start (ap, fmt);
- ret = vasprintf (&message, fmt, ap);
- va_end (ap);
- if (ret < 0) {
- /* ENOMEM */
- return;
- }
-
- switch (semanage_msg_get_level (handle)) {
- case SEMANAGE_MSG_ERR:
- case SEMANAGE_MSG_WARN:
- fprintf (stderr, _("[libsemanage]: %s\n"), message);
- break;
- case SEMANAGE_MSG_INFO:
- /* nop */
- break;
- }
-
- free (message);
-}
-
-
-static semanage_handle_t *semanage_init (void)
-{
- int ret;
- semanage_handle_t *handle = NULL;
-
- handle = semanage_handle_create ();
- if (NULL == handle) {
- fprintf (stderr,
- _("Cannot create SELinux management handle\n"));
- return NULL;
- }
-
- semanage_msg_set_callback (handle, semanage_error_callback, NULL);
-
- ret = semanage_is_managed (handle);
- if (ret != 1) {
- fprintf (stderr, _("SELinux policy not managed\n"));
- goto fail;
- }
-
- ret = semanage_access_check (handle);
- if (ret < SEMANAGE_CAN_READ) {
- fprintf (stderr, _("Cannot read SELinux policy store\n"));
- goto fail;
- }
-
- ret = semanage_connect (handle);
- if (ret != 0) {
- fprintf (stderr,
- _("Cannot establish SELinux management connection\n"));
- goto fail;
- }
-
- ret = semanage_begin_transaction (handle);
- if (ret != 0) {
- fprintf (stderr, _("Cannot begin SELinux transaction\n"));
- goto fail;
- }
-
- return handle;
-
-fail:
- semanage_handle_destroy (handle);
- return NULL;
-}
-
-
-static int semanage_user_mod (semanage_handle_t *handle,
- semanage_seuser_key_t *key,
- const char *login_name,
- const char *seuser_name)
-{
- int ret;
- semanage_seuser_t *seuser = NULL;
-
- semanage_seuser_query (handle, key, &seuser);
- if (NULL == seuser) {
- fprintf (stderr,
- _("Could not query seuser for %s\n"), login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not set serange for %s\n"), login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not set sename for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_modify_local (handle, key, seuser);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not modify login mapping for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = 0;
-done:
- semanage_seuser_free (seuser);
- return ret;
-}
-
-
-static int semanage_user_add (semanage_handle_t *handle,
- semanage_seuser_key_t *key,
- const char *login_name,
- const char *seuser_name)
-{
- int ret;
- semanage_seuser_t *seuser = NULL;
-
- ret = semanage_seuser_create (handle, &seuser);
- if (ret != 0) {
- fprintf (stderr,
- _("Cannot create SELinux login mapping for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_set_name (handle, seuser, login_name);
- if (ret != 0) {
- fprintf (stderr, _("Could not set name for %s\n"), login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not set serange for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not set SELinux user for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_modify_local (handle, key, seuser);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not add login mapping for %s\n"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = 0;
-done:
- semanage_seuser_free (seuser);
- return ret;
-}
-
-
-int set_seuser (const char *login_name, const char *seuser_name)
-{
- semanage_handle_t *handle = NULL;
- semanage_seuser_key_t *key = NULL;
- int ret;
- int seuser_exists = 0;
-
- if (NULL == seuser_name) {
- /* don't care, just let system pick the defaults */
- return 0;
- }
-
- handle = semanage_init ();
- if (NULL == handle) {
- fprintf (stderr, _("Cannot init SELinux management\n"));
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_key_create (handle, login_name, &key);
- if (ret != 0) {
- fprintf (stderr, _("Cannot create SELinux user key\n"));
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_exists (handle, key, &seuser_exists);
- if (ret < 0) {
- fprintf (stderr, _("Cannot verify the SELinux user\n"));
- ret = 1;
- goto done;
- }
-
- if (0 != seuser_exists) {
- ret = semanage_user_mod (handle, key, login_name, seuser_name);
- if (ret != 0) {
- fprintf (stderr,
- _("Cannot modify SELinux user mapping\n"));
- ret = 1;
- goto done;
- }
- } else {
- ret = semanage_user_add (handle, key, login_name, seuser_name);
- if (ret != 0) {
- fprintf (stderr,
- _("Cannot add SELinux user mapping\n"));
- ret = 1;
- goto done;
- }
- }
-
- ret = semanage_commit (handle);
- if (ret < 0) {
- fprintf (stderr, _("Cannot commit SELinux transaction\n"));
- ret = 1;
- goto done;
- }
-
- ret = 0;
-
-done:
- semanage_seuser_key_free (key);
- semanage_handle_destroy (handle);
- return ret;
-}
-
-
-int del_seuser (const char *login_name)
-{
- semanage_handle_t *handle = NULL;
- semanage_seuser_key_t *key = NULL;
- int ret;
- int exists = 0;
-
- handle = semanage_init ();
- if (NULL == handle) {
- fprintf (stderr, _("Cannot init SELinux management\n"));
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_key_create (handle, login_name, &key);
- if (ret != 0) {
- fprintf (stderr, _("Cannot create SELinux user key\n"));
- ret = 1;
- goto done;
- }
-
- ret = semanage_seuser_exists (handle, key, &exists);
- if (ret < 0) {
- fprintf (stderr, _("Cannot verify the SELinux user\n"));
- ret = 1;
- goto done;
- }
-
- if (0 == exists) {
- fprintf (stderr,
- _("Login mapping for %s is not defined, OK if default mapping was used\n"),
- login_name);
- ret = 0; /* probably default mapping */
- goto done;
- }
-
- ret = semanage_seuser_exists_local (handle, key, &exists);
- if (ret < 0) {
- fprintf (stderr, _("Cannot verify the SELinux user\n"));
- ret = 1;
- goto done;
- }
-
- if (0 == exists) {
- fprintf (stderr,
- _("Login mapping for %s is defined in policy, cannot be deleted\n"),
- login_name);
- ret = 0; /* Login mapping defined in policy can't be deleted */
- goto done;
- }
-
- ret = semanage_seuser_del_local (handle, key);
- if (ret != 0) {
- fprintf (stderr,
- _("Could not delete login mapping for %s"),
- login_name);
- ret = 1;
- goto done;
- }
-
- ret = semanage_commit (handle);
- if (ret < 0) {
- fprintf (stderr, _("Cannot commit SELinux transaction\n"));
- ret = 1;
- goto done;
- }
-
- ret = 0;
-done:
- semanage_handle_destroy (handle);
- return ret;
-}
-#else /* !WITH_SELINUX */
-extern int errno; /* warning: ANSI C forbids an empty source file */
-#endif /* !WITH_SELINUX */
Copied: upstream/trunk/lib/semanage.c (from rev 3650, upstream/trunk/lib/selinux.c)
===================================================================
--- upstream/trunk/lib/semanage.c (rev 0)
+++ upstream/trunk/lib/semanage.c 2011-12-09 21:30:19 UTC (rev 3651)
@@ -0,0 +1,375 @@
+/*
+ * Copyright (c) 2010 , Jakub Hrozek <jhrozek at redhat.com>
+ * Copyright (c) 2011 , Peter Vrabec <pvrabec at redhat.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef WITH_SELINUX
+
+#include "defines.h"
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdarg.h>
+#include <selinux/selinux.h>
+#include <semanage/semanage.h>
+
+
+#ifndef DEFAULT_SERANGE
+#define DEFAULT_SERANGE "s0"
+#endif
+
+
+static void semanage_error_callback (void *varg,
+ semanage_handle_t *handle,
+ const char *fmt, ...)
+{
+ int ret;
+ char * message = NULL;
+ va_list ap;
+
+
+ va_start (ap, fmt);
+ ret = vasprintf (&message, fmt, ap);
+ va_end (ap);
+ if (ret < 0) {
+ /* ENOMEM */
+ return;
+ }
+
+ switch (semanage_msg_get_level (handle)) {
+ case SEMANAGE_MSG_ERR:
+ case SEMANAGE_MSG_WARN:
+ fprintf (stderr, _("[libsemanage]: %s\n"), message);
+ break;
+ case SEMANAGE_MSG_INFO:
+ /* nop */
+ break;
+ }
+
+ free (message);
+}
+
+
+static semanage_handle_t *semanage_init (void)
+{
+ int ret;
+ semanage_handle_t *handle = NULL;
+
+ handle = semanage_handle_create ();
+ if (NULL == handle) {
+ fprintf (stderr,
+ _("Cannot create SELinux management handle\n"));
+ return NULL;
+ }
+
+ semanage_msg_set_callback (handle, semanage_error_callback, NULL);
+
+ ret = semanage_is_managed (handle);
+ if (ret != 1) {
+ fprintf (stderr, _("SELinux policy not managed\n"));
+ goto fail;
+ }
+
+ ret = semanage_access_check (handle);
+ if (ret < SEMANAGE_CAN_READ) {
+ fprintf (stderr, _("Cannot read SELinux policy store\n"));
+ goto fail;
+ }
+
+ ret = semanage_connect (handle);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot establish SELinux management connection\n"));
+ goto fail;
+ }
+
+ ret = semanage_begin_transaction (handle);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot begin SELinux transaction\n"));
+ goto fail;
+ }
+
+ return handle;
+
+fail:
+ semanage_handle_destroy (handle);
+ return NULL;
+}
+
+
+static int semanage_user_mod (semanage_handle_t *handle,
+ semanage_seuser_key_t *key,
+ const char *login_name,
+ const char *seuser_name)
+{
+ int ret;
+ semanage_seuser_t *seuser = NULL;
+
+ semanage_seuser_query (handle, key, &seuser);
+ if (NULL == seuser) {
+ fprintf (stderr,
+ _("Could not query seuser for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set serange for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set sename for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_modify_local (handle, key, seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not modify login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_seuser_free (seuser);
+ return ret;
+}
+
+
+static int semanage_user_add (semanage_handle_t *handle,
+ semanage_seuser_key_t *key,
+ const char *login_name,
+ const char *seuser_name)
+{
+ int ret;
+ semanage_seuser_t *seuser = NULL;
+
+ ret = semanage_seuser_create (handle, &seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot create SELinux login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_name (handle, seuser, login_name);
+ if (ret != 0) {
+ fprintf (stderr, _("Could not set name for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set serange for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set SELinux user for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_modify_local (handle, key, seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not add login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_seuser_free (seuser);
+ return ret;
+}
+
+
+int set_seuser (const char *login_name, const char *seuser_name)
+{
+ semanage_handle_t *handle = NULL;
+ semanage_seuser_key_t *key = NULL;
+ int ret;
+ int seuser_exists = 0;
+
+ if (NULL == seuser_name) {
+ /* don't care, just let system pick the defaults */
+ return 0;
+ }
+
+ handle = semanage_init ();
+ if (NULL == handle) {
+ fprintf (stderr, _("Cannot init SELinux management\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_key_create (handle, login_name, &key);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot create SELinux user key\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_exists (handle, key, &seuser_exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 != seuser_exists) {
+ ret = semanage_user_mod (handle, key, login_name, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot modify SELinux user mapping\n"));
+ ret = 1;
+ goto done;
+ }
+ } else {
+ ret = semanage_user_add (handle, key, login_name, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot add SELinux user mapping\n"));
+ ret = 1;
+ goto done;
+ }
+ }
+
+ ret = semanage_commit (handle);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+
+done:
+ semanage_seuser_key_free (key);
+ semanage_handle_destroy (handle);
+ return ret;
+}
+
+
+int del_seuser (const char *login_name)
+{
+ semanage_handle_t *handle = NULL;
+ semanage_seuser_key_t *key = NULL;
+ int ret;
+ int exists = 0;
+
+ handle = semanage_init ();
+ if (NULL == handle) {
+ fprintf (stderr, _("Cannot init SELinux management\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_key_create (handle, login_name, &key);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot create SELinux user key\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_exists (handle, key, &exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 == exists) {
+ fprintf (stderr,
+ _("Login mapping for %s is not defined, OK if default mapping was used\n"),
+ login_name);
+ ret = 0; /* probably default mapping */
+ goto done;
+ }
+
+ ret = semanage_seuser_exists_local (handle, key, &exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 == exists) {
+ fprintf (stderr,
+ _("Login mapping for %s is defined in policy, cannot be deleted\n"),
+ login_name);
+ ret = 0; /* Login mapping defined in policy can't be deleted */
+ goto done;
+ }
+
+ ret = semanage_seuser_del_local (handle, key);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not delete login mapping for %s"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_commit (handle);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_handle_destroy (handle);
+ return ret;
+}
+#else /* !WITH_SELINUX */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !WITH_SELINUX */
Modified: upstream/trunk/po/POTFILES.in
===================================================================
--- upstream/trunk/po/POTFILES.in 2011-11-21 22:02:15 UTC (rev 3650)
+++ upstream/trunk/po/POTFILES.in 2011-12-09 21:30:19 UTC (rev 3651)
@@ -17,7 +17,7 @@
lib/pwauth.c
lib/pwio.c
lib/pwmem.c
-lib/selinux.c
+lib/semanage.c
lib/sgetgrent.c
lib/sgetpwent.c
lib/sgetspent.c
More information about the Pkg-shadow-commits
mailing list