extern int smack_rule_set_save_to_file(SmackRuleSet handle, const char *path);
/*!
- * Write rules to SmackFS rules file.
+ * Write rules to /smack/load.
+ *
+ * @param handle handle to a rule set
+ * @param path path to the SmackFS load file
+ * @return 0 on success
+ */
+extern int smack_rule_set_save_to_kernel(SmackRuleSet handle, const char *path);
+
+/*!
+ * Clear rules from kernel.
*
* @param handle handle to a rules
* @param path path to the rules file
* @return 0 on success
*/
-extern int smack_rule_set_save_to_kernel(SmackRuleSet handle, const char *path);
+extern int smack_rule_set_clear_from_kernel(SmackRuleSet handle, const char *path);
/*!
* Add new rule to a rule set. Updates existing rule if there is already rule
return 0;
}
+int smack_rule_set_clear_from_kernel(SmackRuleSet handle, const char *path)
+{
+ struct smack_subject *s, *stmp;
+ struct smack_object *o, *otmp;
+ FILE *file;
+ char str[6];
+ int err = 0;
+
+ file = fopen(path, "w+");
+ if (!file)
+ return -1;
+
+ HASH_ITER(hh, handle->subjects, s, stmp) {
+ HASH_ITER(hh, s->objects, o, otmp) {
+ ac_to_kernel_str(0, str);
+
+ err = fprintf(file, "%-23s %-23s %4s\n",
+ s->subject, o->object, str);
+
+ if (err < 0) {
+ fclose(file);
+ return errno;
+ }
+ }
+ }
+
+ fclose(file);
+ return 0;
+}
+
int smack_rule_set_add(SmackRuleSet handle, const char *subject,
const char *object, const char *access_str,
SmackLabelSet labels)
projects / framework / security / smack.git / commitdiff