PERFORCE change 91456 for review

Rob Deker deker at FreeBSD.org
Thu Feb 9 20:03:30 GMT 2006


http://perforce.freebsd.org/chv.cgi?CH=91456

Change 91456 by deker at deker_build1.columbia.sparta.com on 2006/02/09 20:02:57

	per millert:
	
	"Document the -m flag. Remove some lint."
	
	Submitted by: millert

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/Makefile#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/sebsd_loadpolicy.8#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/sebsd_loadpolicy.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/Makefile#4 (text+ko) ====

@@ -6,7 +6,7 @@
 OBJS= sebsd_loadpolicy.o
 
 
-CFLAGS+= -I$(SOURCE_ROOT)/sedarwin
+CFLAGS+= -Wall -I$(SOURCE_ROOT)/sedarwin
 LDADD+= -L$(SOURCE_ROOT)/sedarwin/libselinux/src
 LDADD+= -lselinux $(LIBMAC)
 

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/sebsd_loadpolicy.8#3 (text+ko) ====

@@ -1,3 +1,4 @@
+.\" Copyright (c) 2005 SPARTA, Inc.
 .\" Copyright (c) 2002 Networks Associates Technology, Inc.
 .\" All rights reserved.
 .\"
@@ -29,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\" $FreeBSD: $
-.Dd August 27, 2003
+.Dd December 28, 2005
 .Dt SEBSD_LOADPOLICY 8
 .Os
 .Sh NAME
@@ -37,10 +38,23 @@
 .Nd Re-load the sebsd policy
 .Sh SYNOPSIS
 .Nm sebsd_loadpolicy
-.Ar policyfile
+.Op Fl m Ar migscsfile
+.Ar policy_file
 .Sh DESCRIPTION
 The
 .Nm sebsd_loadpolicy
-utility loads a new security policy for the SEBSD module.  The new policy file is specified in 
-.Ar policyfile .
-
+utility loads a new security policy for the SEBSD module.
+The new policy file is specified in 
+.Ar policy_file .
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl m Ar migscsfile
+Load
+.Ar migscsfile ,
+a mapping of security classes to MiG subsystem IDs,
+in addition to
+.Ar policy_file .
+.Sh SEE ALSO
+.Xr mac 4 ,
+.Xr selinux 8

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/loadpolicy/sebsd_loadpolicy.c#3 (text+ko) ====

@@ -1,12 +1,7 @@
 /*-
- * Copyright (c) 2003 Networks Associates Technology, Inc.
+ * Copyright (c) 2005 SPARTA, Inc.
  * All rights reserved.
  *
- * This software was developed for the FreeBSD Project by and Network
- * Associates Laboratories, the Security Research Division of Network
- * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
- * as part of the DARPA CHATS research program.
- *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -27,31 +22,57 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
  */
 
-#include <sedarwin/sebsd.h>
+#include <err.h>
+#include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+
+#include <sedarwin/sebsd.h>	/* XXX - not used */
 
-int main(int argc, char **argv)
+void usage(void);
+
+int
+main(int argc, char **argv)
 {
-	int ret_val;
+	int ch, error;
+	char *migscs = NULL;
 
-	if (argc != 2) {
-		printf("usage:  %s path\n", argv[0]);
-		exit(1);
+	while ((ch = getopt(argc, argv, "m:")) != -1) {
+		switch (ch) {
+		case 'm':
+			migscs = optarg;
+			break;
+		default:
+			usage();
+			break;
+		}
 	}
+	argc -= optind;
+	argv += optind;
 
-	ret_val = sebsd_load_policy(argv[1]);
+	if (argc != 1)
+		usage();
 
-	if (ret_val) {
-		perror("security_load_policy");
-		exit(2);
+	if (migscs != NULL) {
+		error = sebsd_load_migscs(migscs);
+		if (error)
+			err(1, "%s", migscs);
 	}
+	error = sebsd_load_policy(argv[0]);
+	if (error)
+		err(1, "%s", argv[0]);
 
-	printf("\nSuccess\n");
+	exit(0);
+}
+
+void
+usage(void)
+{
+	extern char *__progname;
 
-	exit(0);
+	fprintf(stderr, "usage: %s [-m migscs_file] policy_file\n", __progname);
+	exit(1);
 }
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list