unsigned ac);
static void destroy_rules(struct smack_subject **subjects);
inline unsigned str_to_ac(const char *str);
-inline void ac_to_str(unsigned ac, char *str, int flags);
+inline void ac_to_config_str(unsigned ac, char *str);
+inline void ac_to_kernel_str(unsigned ac, char *str);
smack_rules_t smack_create_rules(void)
{
return ret;
}
-int smack_write_rules_to_file(smack_rules_t handle, const char *path,
- int flags)
+int smack_write_rules_to_file(smack_rules_t handle, const char *path)
+{
+ struct smack_subject *s, *stmp;
+ struct smack_object *o, *otmp;
+ FILE *file;
+ char str[SMACK_ACC_LEN + 1];
+ int err = 0;
+
+ file = fopen(path, "w+");
+ if (!file)
+ return -1;
+
+ HASH_ITER(hh, handle->subjects, s, stmp) {
+ HASH_ITER(hh, s->objects, o, otmp) {
+ ac_to_config_str(o->ac, str);
+
+ err = fprintf(file, "%s %s %s\n",
+ s->subject, o->object, str);
+
+ if (err < 0) {
+ fclose(file);
+ return errno;
+ }
+ }
+ }
+
+ fclose(file);
+ return 0;
+}
+
+int smack_write_rules_to_kernel(smack_rules_t handle, const char *path)
{
struct smack_subject *s, *stmp;
struct smack_object *o, *otmp;
HASH_ITER(hh, handle->subjects, s, stmp) {
HASH_ITER(hh, s->objects, o, otmp) {
- ac_to_str(o->ac, str, flags);
+ ac_to_kernel_str(o->ac, str);
- if ((flags & SMACK_RULES_KERNEL) != 0)
- err = fprintf(file, "%-23s %-23s %4s\n",
- s->subject, o->object, str);
- else
- err = fprintf(file, "%s %s %s\n",
- s->subject, o->object, str);
+ err = fprintf(file, "%-23s %-23s %4s\n",
+ s->subject, o->object, str);
if (err < 0) {
fclose(file);
fclose(file);
return 0;
+
}
int smack_add_rule(smack_rules_t handle, const char *subject,
return access;
}
-inline void ac_to_str(unsigned access, char *str, int flags)
+inline void ac_to_config_str(unsigned access, char *str)
{
int i;
- if ((flags & SMACK_RULES_KERNEL) != 0) {
- str[0] = ((access & SMACK_ACC_R) != 0) ? 'r' : '-';
- str[1] = ((access & SMACK_ACC_W) != 0) ? 'w' : '-';
- str[2] = ((access & SMACK_ACC_X) != 0) ? 'x' : '-';
- str[3] = ((access & SMACK_ACC_A) != 0) ? 'a' : '-';
- str[4] = '\0';
- } else {
- i = 0;
- if ((access & SMACK_ACC_R) != 0)
- str[i++] = 'r';
- if ((access & SMACK_ACC_W) != 0)
- str[i++] = 'w';
- if ((access & SMACK_ACC_X) != 0)
- str[i++] = 'x';
- if ((access & SMACK_ACC_A) != 0)
- str[i++] = 'a';
- str[i] = '\0';
- }
+ i = 0;
+ if ((access & SMACK_ACC_R) != 0)
+ str[i++] = 'r';
+ if ((access & SMACK_ACC_W) != 0)
+ str[i++] = 'w';
+ if ((access & SMACK_ACC_X) != 0)
+ str[i++] = 'x';
+ if ((access & SMACK_ACC_A) != 0)
+ str[i++] = 'a';
+ str[i] = '\0';
+}
+
+inline void ac_to_kernel_str(unsigned access, char *str)
+{
+ str[0] = ((access & SMACK_ACC_R) != 0) ? 'r' : '-';
+ str[1] = ((access & SMACK_ACC_W) != 0) ? 'w' : '-';
+ str[2] = ((access & SMACK_ACC_X) != 0) ? 'x' : '-';
+ str[3] = ((access & SMACK_ACC_A) != 0) ? 'a' : '-';
+ str[4] = '\0';
}
fail_unless(rc == 0, "Failed to read ruleset");
rc = smack_add_rule(rules, "Orange", "Apple", "ra");
fail_unless(rc == 0, "Failed to add rule");
- rc = smack_write_rules_to_file(rules, "add_new_rule-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "add_new_rule-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("add_new_rule-result.txt", "data/add_new_rule-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
fail_unless(rc == 0, "Failed to read ruleset");
rc = smack_add_rule(rules, "Foo", "Bar", "wx");
fail_unless(rc == 0, "Failed to add rule");
- rc = smack_write_rules_to_file(rules, "modify_existing_rule-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "modify_existing_rule-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("modify_existing_rule-result.txt", "data/modify_existing_rule-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
fail_unless(rules != NULL, "Ruleset creation failed");
rc = smack_read_rules_from_file(rules, "data/write_rules_config-excepted.txt", NULL);
fail_unless(rc == 0, "Failed to read ruleset");
- rc = smack_write_rules_to_file(rules, "write_rules_config-result.txt", 0);
+ rc = smack_write_rules_to_file(rules, "write_rules_config-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("write_rules_config-result.txt", "data/write_rules_config-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
fail_unless(rules != NULL, "Ruleset creation failed");
rc = smack_read_rules_from_file(rules, "data/write_rules_config-excepted.txt", NULL);
fail_unless(rc == 0, "Failed to read ruleset");
- rc = smack_write_rules_to_file(rules, "write_rules_kernel-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "write_rules_kernel-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("write_rules_kernel-result.txt", "data/write_rules_kernel-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
fail_unless(rc == 0, "Failed to read ruleset");
rc = smack_remove_rule(rules, "Orange", "Apple");
fail_unless(rc == 0, "Failed to remove rule");
- rc = smack_write_rules_to_file(rules, "remove_rule-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "remove_rule-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("remove_rule-result.txt", "data/remove_rule-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
rc = smack_read_rules_from_file(rules, "data/remove_rules_by_subject-in.txt", NULL);
fail_unless(rc == 0, "Failed to read ruleset");
smack_remove_rules_by_subject(rules, "Foo");
- rc = smack_write_rules_to_file(rules, "remove_rules_by_subject-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "remove_rules_by_subject-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("remove_rules_by_subject-result.txt", "data/remove_rules_by_subject-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");
rc = smack_read_rules_from_file(rules, "data/remove_rules_by_object-in.txt", NULL);
fail_unless(rc == 0, "Failed to read ruleset");
smack_remove_rules_by_object(rules, "Apple");
- rc = smack_write_rules_to_file(rules, "remove_rules_by_object-result.txt", SMACK_RULES_KERNEL);
+ rc = smack_write_rules_to_kernel(rules, "remove_rules_by_object-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("remove_rules_by_object-result.txt", "data/remove_rules_by_object-excepted.txt");
fail_unless(rc == 1, "Unexcepted result");