OSDN > Finden Software > System > Operating System Kernels > Linux > TOMOYO > SCM > SVN > Commit

TOMOYO
Fork

R/O
SSH
HTTPS

tomoyo: Commit

Commit MetaInfo

Revision	6691 (tree)
Zeit	2019-02-05 19:00:17
Autor	kumaneko

Log Message

(empty log message)

Ändern Zusammenfassung

delete: trunk/2.6.x/tomoyo-lsm/patches
delete: trunk/2.6.x/tomoyo-lsm
modified: trunk/2.6.x/tomoyo-tools/usr_lib_tomoyo/init_policy.c (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_sbin/editpolicy_offline.c (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-auditd.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-checkpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-diffpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-domainmatch.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-editpolicy-agent.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-editpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-findtemp.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-init.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-loadpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-notifyd.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-patternize.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-pstree.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-queryd.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-savepolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-selectpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-setlevel.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-setprofile.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo-sortpolicy.8.gz (diff)
modified: trunk/2.6.x/tomoyo-tools/usr_share_man/man8/tomoyo_init_policy.8.gz (diff)

Diff

--- trunk/2.6.x/tomoyo-tools/usr_lib_tomoyo/init_policy.c (revision 6690)

+++ trunk/2.6.x/tomoyo-tools/usr_lib_tomoyo/init_policy.c (revision 6691)

		@@ -951,7 +951,7 @@
951	951	/* Which profile number does <kernel> domain use? */
952	952	static unsigned char default_profile = 0;
953	953	/* Which ACL group does <kernel> domain use? */
954		-static unsigned char default_group = 0;
	954	+static _Bool use_group[256] = { };
955	955
956	956	/**
957	957	* make_domain_policy - Make /etc/tomoyo/policy/current/domain_policy.conf .

		@@ -961,6 +961,7 @@
961	961	static void make_domain_policy(void)
962	962	{
963	963	FILE *fp;
	964	+ int i;
964	965	if (!chdir_policy())
965	966	return;
966	967	if (!access("domain_policy.conf", R_OK))

		@@ -971,8 +972,10 @@
971	972	return;
972	973	}
973	974	fprintf(stderr, "Creating domain policy... ");
974		- fprintf(fp, "<kernel>\nuse_profile %u\nuse_group %u\n",
975		- default_profile, default_group);
	975	+ fprintf(fp, "<kernel>\nuse_profile %u\n", default_profile);
	976	+ for (i = 0; i < 256; i++)
	977	+ if (use_group[i])
	978	+ fprintf(fp, "use_group %u\n", i);
976	979	close_file(fp, 1, "domain_policy.tmp", "domain_policy.conf");
977	980	}
978	981

		@@ -1644,7 +1647,7 @@
1644	1647	} else if (!strncmp(arg, "use_profile=", 12)) {
1645	1648	default_profile = atoi(arg + 12);
1646	1649	} else if (!strncmp(arg, "use_group=", 10)) {
1647		- default_group = atoi(arg + 10);
	1650	+ use_group[(unsigned char) atoi(arg + 10)] = 1;
1648	1651	} else if (!strncmp(arg, "grant_log=", 10)) {
1649	1652	grant_log = arg + 10;
1650	1653	} else if (!strncmp(arg, "reject_log=", 11)) {

		@@ -1658,6 +1661,11 @@
1658	1661	}
1659	1662	if (!dir)
1660	1663	dir = "/etc/tomoyo";
	1664	+ for (i = 0; i < 256; i++)
	1665	+ if (use_group[i])
	1666	+ break;
	1667	+ if (i == 256)
	1668	+ use_group[0] = 1;
1661	1669	policy_dir = strdup(dir);
1662	1670	memset(path, 0, sizeof(path));
1663	1671	make_policy_dir();

--- trunk/2.6.x/tomoyo-tools/usr_sbin/editpolicy_offline.c (revision 6690)

+++ trunk/2.6.x/tomoyo-tools/usr_sbin/editpolicy_offline.c (revision 6691)

		@@ -712,7 +712,8 @@
712	712	struct list_head acl_info_list;
713	713	/* Name of this domain. Never NULL. */
714	714	const struct ccs_path_info *domainname;
715		- u8 group; /* Group number to use. */
	715	+ /* Group numbers to use. */
	716	+ bool group[CCS_MAX_ACL_GROUPS];
716	717	u8 profile; /* Profile number to use. */
717	718	bool is_deleted; /* Delete flag. */
718	719	bool flags[CCS_MAX_DOMAIN_INFO_FLAGS];

		@@ -3637,8 +3638,7 @@
3637	3638	}
3638	3639	if (sscanf(data, "use_group %u\n", &idx) == 1 &&
3639	3640	idx < CCS_MAX_ACL_GROUPS) {
3640		- if (!is_delete)
3641		- domain->group = (u8) idx;
	3641	+ domain->group[idx] = !is_delete;
3642	3642	return 0;
3643	3643	}
3644	3644	for (idx = 0; idx < CCS_MAX_DOMAIN_INFO_FLAGS; idx++) {

		@@ -4024,7 +4024,7 @@
4024	4024	if (domain->flags[i])
4025	4025	cprintf("%s", ccs_dif[i]);
4026	4026	for (i = 0; i < CCS_MAX_ACL_GROUPS; i++)
4027		- if (domain->group == i)
	4027	+ if (domain->group[i])
4028	4028	cprintf("use_group %u\n", i);
4029	4029	cprintf("\n");
4030	4030	ccs_read_domain2(&domain->acl_info_list);

Show on old repository browser