From 1e9b185b0c274ef0d684b1e43418388225321e72 Mon Sep 17 00:00:00 2001
From: Havoc Pennington <hp@redhat.com>
Date: Fri, 30 Jul 2004 05:59:34 +0000
Subject: 2004-07-24  Havoc Pennington  <hp@redhat.com>

	SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>

	* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
	functionality

	* configure.in: add --enable-selinux

	* bus/policy.c (bus_policy_merge): add FIXME to a comment

	* bus/main.c (main): initialize and shut down selinux

	* bus/connection.c: store SELinux ID on each connection, to avoid
	repeated getting of the string context and converting it into
	an ID

	* bus/bus.c (bus_context_get_policy): new accessor, though it
	isn't used
	(bus_context_check_security_policy): check whether the security
	context of sender connection can send to the security context of
	recipient connection

	* bus/config-parser.c: add parsing for <selinux> and <associate>

	* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
	implement dbus_connection_get_unix_fd()

	* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
	function, used by the selinux stuff
---
 bus/test-main.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'bus/test-main.c')

diff --git a/bus/test-main.c b/bus/test-main.c
index 1626f2d7..6d453b40 100644
--- a/bus/test-main.c
+++ b/bus/test-main.c
@@ -27,6 +27,7 @@
 #include <dbus/dbus-string.h>
 #include <dbus/dbus-sysdeps.h>
 #include <dbus/dbus-internals.h>
+#include "selinux.h"
 
 #ifdef DBUS_BUILD_TESTS
 static void
@@ -69,6 +70,9 @@ main (int argc, char **argv)
       return 1;
     }
 
+  if (!bus_selinux_init ())
+    die ("could not init selinux support");
+
   _dbus_string_init_const (&test_data_dir, dir);
 
 #if 0
@@ -119,6 +123,8 @@ main (int argc, char **argv)
   check_memleaks (argv[0]);
   
   printf ("%s: Success\n", argv[0]);
+
+  bus_selinux_shutdown ();
   
   return 0;
 #else /* DBUS_BUILD_TESTS */
-- 
cgit