|
|
25bb7d |
diff -up setools-3.3.7/man/sesearch.1.cmdline setools-3.3.7/man/sesearch.1
|
|
|
25bb7d |
--- setools-3.3.7/man/sesearch.1.cmdline 2008-02-22 14:06:28.000000000 -0500
|
|
|
25bb7d |
+++ setools-3.3.7/man/sesearch.1 2013-07-19 06:46:21.314068667 -0400
|
|
|
25bb7d |
@@ -43,7 +43,7 @@ Search for allow rules.
|
|
|
25bb7d |
Search for neverallow rules.
|
|
|
25bb7d |
.IP "--auditallow"
|
|
|
25bb7d |
Search for auditallow rules.
|
|
|
25bb7d |
-.IP "--dontaudit"
|
|
|
25bb7d |
+.IP "-D, --dontaudit"
|
|
|
25bb7d |
Search for dontaudit rules.
|
|
|
25bb7d |
.IP "-T, --type"
|
|
|
25bb7d |
Search for type_transition, type_member, and type_change rules.
|
|
|
25bb7d |
diff -up setools-3.3.7/secmds/sesearch.c.cmdline setools-3.3.7/secmds/sesearch.c
|
|
|
25bb7d |
--- setools-3.3.7/secmds/sesearch.c.cmdline 2013-07-19 06:46:21.291068510 -0400
|
|
|
25bb7d |
+++ setools-3.3.7/secmds/sesearch.c 2013-07-19 06:48:12.962830868 -0400
|
|
|
25bb7d |
@@ -24,6 +24,7 @@
|
|
|
25bb7d |
*/
|
|
|
25bb7d |
|
|
|
25bb7d |
#include <config.h>
|
|
|
25bb7d |
+#include <selinux/selinux.h>
|
|
|
25bb7d |
|
|
|
25bb7d |
/* libapol */
|
|
|
25bb7d |
#include <apol/policy.h>
|
|
|
25bb7d |
@@ -61,9 +62,8 @@ enum opt_values
|
|
|
25bb7d |
static struct option const longopts[] = {
|
|
|
25bb7d |
{"allow", no_argument, NULL, 'A'},
|
|
|
25bb7d |
{"neverallow", no_argument, NULL, RULE_NEVERALLOW},
|
|
|
25bb7d |
- {"audit", no_argument, NULL, RULE_AUDIT},
|
|
|
25bb7d |
{"auditallow", no_argument, NULL, RULE_AUDITALLOW},
|
|
|
25bb7d |
- {"dontaudit", no_argument, NULL, RULE_DONTAUDIT},
|
|
|
25bb7d |
+ {"dontaudit", no_argument, NULL, 'D'},
|
|
|
25bb7d |
{"type", no_argument, NULL, 'T'},
|
|
|
25bb7d |
{"role_allow", no_argument, NULL, RULE_ROLE_ALLOW},
|
|
|
25bb7d |
{"role_trans", no_argument, NULL, RULE_ROLE_TRANS},
|
|
|
25bb7d |
@@ -72,7 +72,6 @@ static struct option const longopts[] =
|
|
|
25bb7d |
|
|
|
25bb7d |
{"source", required_argument, NULL, 's'},
|
|
|
25bb7d |
{"target", required_argument, NULL, 't'},
|
|
|
25bb7d |
- {"default", required_argument, NULL, 'D'},
|
|
|
25bb7d |
{"role_source", required_argument, NULL, EXPR_ROLE_SOURCE},
|
|
|
25bb7d |
{"role_target", required_argument, NULL, EXPR_ROLE_TARGET},
|
|
|
25bb7d |
{"class", required_argument, NULL, 'c'},
|
|
|
25bb7d |
@@ -129,7 +128,7 @@ void usage(const char *program_name, int
|
|
|
25bb7d |
printf(" -A, --allow allow rules\n");
|
|
|
25bb7d |
printf(" --neverallow neverallow rules\n");
|
|
|
25bb7d |
printf(" --auditallow auditallow rules\n");
|
|
|
25bb7d |
- printf(" --dontaudit dontaudit rules\n");
|
|
|
25bb7d |
+ printf(" -D, --dontaudit dontaudit rules\n");
|
|
|
25bb7d |
printf(" -T, --type type_trans, type_member, and type_change\n");
|
|
|
25bb7d |
printf(" --role_allow role allow rules\n");
|
|
|
25bb7d |
printf(" --role_trans role_transition rules\n");
|
|
|
25bb7d |
@@ -666,10 +665,6 @@ static void print_ft_results(const apol_
|
|
|
25bb7d |
size_t i, num_filename_trans = 0;
|
|
|
25bb7d |
const qpol_filename_trans_t *filename_trans = NULL;
|
|
|
25bb7d |
char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
|
|
|
25bb7d |
- char enable_char = ' ', branch_char = ' ';
|
|
|
25bb7d |
- qpol_iterator_t *iter = NULL;
|
|
|
25bb7d |
- const qpol_cond_t *cond = NULL;
|
|
|
25bb7d |
- uint32_t enabled = 0, list = 0;
|
|
|
25bb7d |
|
|
|
25bb7d |
if (!(num_filename_trans = apol_vector_get_size(v)))
|
|
|
25bb7d |
goto cleanup;
|
|
|
25bb7d |
@@ -677,7 +672,6 @@ static void print_ft_results(const apol_
|
|
|
25bb7d |
fprintf(stdout, "Found %zd named file transition filename_trans:\n", num_filename_trans);
|
|
|
25bb7d |
|
|
|
25bb7d |
for (i = 0; i < num_filename_trans; i++) {
|
|
|
25bb7d |
- enable_char = branch_char = ' ';
|
|
|
25bb7d |
if (!(filename_trans = apol_vector_get_element(v, i)))
|
|
|
25bb7d |
goto cleanup;
|
|
|
25bb7d |
|
|
|
25bb7d |
@@ -962,7 +956,7 @@ int main(int argc, char **argv)
|
|
|
25bb7d |
|
|
|
25bb7d |
memset(&cmd_opts, 0, sizeof(cmd_opts));
|
|
|
25bb7d |
cmd_opts.indirect = true;
|
|
|
25bb7d |
- while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dD:RnSChV", longopts, NULL)) != -1) {
|
|
|
25bb7d |
+ while ((optc = getopt_long(argc, argv, "ATs:t:c:p:b:dDRnSChV", longopts, NULL)) != -1) {
|
|
|
25bb7d |
switch (optc) {
|
|
|
25bb7d |
case 0:
|
|
|
25bb7d |
break;
|
|
|
25bb7d |
@@ -978,18 +972,6 @@ int main(int argc, char **argv)
|
|
|
25bb7d |
exit(1);
|
|
|
25bb7d |
}
|
|
|
25bb7d |
break;
|
|
|
25bb7d |
- case 'D': /* source */
|
|
|
25bb7d |
- if (optarg == 0) {
|
|
|
25bb7d |
- usage(argv[0], 1);
|
|
|
25bb7d |
- printf("Missing source default type for -D (--default)\n");
|
|
|
25bb7d |
- exit(1);
|
|
|
25bb7d |
- }
|
|
|
25bb7d |
- cmd_opts.default_name = strdup(optarg);
|
|
|
25bb7d |
- if (!cmd_opts.default_name) {
|
|
|
25bb7d |
-
|
|
|
25bb7d |
- exit(1);
|
|
|
25bb7d |
- }
|
|
|
25bb7d |
- break;
|
|
|
25bb7d |
case 't': /* target */
|
|
|
25bb7d |
if (optarg == 0) {
|
|
|
25bb7d |
usage(argv[0], 1);
|
|
|
25bb7d |
@@ -1082,7 +1064,7 @@ int main(int argc, char **argv)
|
|
|
25bb7d |
case RULE_AUDITALLOW:
|
|
|
25bb7d |
cmd_opts.auditallow = true;
|
|
|
25bb7d |
break;
|
|
|
25bb7d |
- case RULE_DONTAUDIT:
|
|
|
25bb7d |
+ case 'D':
|
|
|
25bb7d |
cmd_opts.dontaudit = true;
|
|
|
25bb7d |
break;
|
|
|
25bb7d |
case 'T': /* type */
|