1. 23 Aug, 2004 1 commit
    • Colin Walters's avatar
      2004-08-23 Colin Walters <walters@redhat.com> · ee78f280
      Colin Walters authored
      	* bus/selinux.h: Prototype bus_selinux_get_policy_root.
      
      	* bus/selinux.c: Create a thread for policy reload notification.
      	(bus_selinux_get_policy_root): Implement.
      
      	Updated SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
      
      	* bus/config-parser.c (start_busconfig_child)
      	(bus_config_parser_content): Support SELinux-root relative
      	inclusion.
      
      	* configure.in <HAVE_SELINUX>: Add -lpthread.
      
      	* bus/test-main.c (test_pre_hook, test_post_hook): New.
      	(test_post_hook): Move memory checking into here.
      	(test_pre_hook, test_post_hook): Move SELinux checks in
      	here, but conditional on a DBUS_TEST_SELINUX environment
      	variable.  Unfortunately we can't run the SELinux checks
      	as a normal user, since they won't have any permissions
      	for /selinux.  So this will have to be tested manually
      	for now, until we have virtualization for most of
      	libselinux.
      ee78f280
  2. 20 Aug, 2004 1 commit
  3. 10 Aug, 2004 1 commit
  4. 31 Jul, 2004 1 commit
  5. 30 Jul, 2004 1 commit
    • Havoc Pennington's avatar
      2004-07-24 Havoc Pennington <hp@redhat.com> · 1e9b185b
      Havoc Pennington authored
      	SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
      
      	* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
      	functionality
      
      	* configure.in: add --enable-selinux
      
      	* bus/policy.c (bus_policy_merge): add FIXME to a comment
      
      	* bus/main.c (main): initialize and shut down selinux
      
      	* bus/connection.c: store SELinux ID on each connection, to avoid
      	repeated getting of the string context and converting it into
      	an ID
      
      	* bus/bus.c (bus_context_get_policy): new accessor, though it
      	isn't used
      	(bus_context_check_security_policy): check whether the security
      	context of sender connection can send to the security context of
      	recipient connection
      
      	* bus/config-parser.c: add parsing for <selinux> and <associate>
      
      	* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
      	implement dbus_connection_get_unix_fd()
      
      	* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
      	function, used by the selinux stuff
      1e9b185b