mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-03 15:55:46 +00:00
Code Issues Releases Wiki Activity

Library function to find the apparmorfs filesystem mount point

Browse Source 
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2011-08-09 06:48:17 -07:00
parent 8347fb69c2
commit aae597bfde
5 changed files with 54 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/libapparmor/doc/Makefile.am
View File

@@ -2,7 +2,7 @@
POD2MAN = pod2man POD2MAN = pod2man
man_MANS = aa_change_hat.2 aa_change_profile.2 aa_getcon.2 man_MANS = aa_change_hat.2 aa_change_profile.2 aa_getcon.2 aa_find_mountpoint.2
PODS = $(subst .2,.pod,$(man_MANS)) PODS = $(subst .2,.pod,$(man_MANS))

3
libraries/libapparmor/src/apparmor.h
View File

@@ -20,6 +20,9 @@
__BEGIN_DECLS __BEGIN_DECLS
/* Prototypes for apparmor state queries */
extern int aa_find_mountpoint(char **mnt);
/* Prototypes for self directed domain transitions /* Prototypes for self directed domain transitions
* see <http://apparmor.net> * see <http://apparmor.net>
* Please see the change_hat(2) manpage for information. * Please see the change_hat(2) manpage for information.

48
libraries/libapparmor/src/kernel_interface.c
View File

@@ -27,6 +27,7 @@
#include <errno.h> #include <errno.h>
#include <limits.h> #include <limits.h>
#include <stdarg.h> #include <stdarg.h>
#include <mntent.h>
/* some non-Linux systems do not define a static value */ /* some non-Linux systems do not define a static value */
#ifndef PATH_MAX #ifndef PATH_MAX
@@ -38,6 +39,53 @@
#define default_symbol_version(real, name, version) \ #define default_symbol_version(real, name, version) \
__asm__ (".symver " #real "," #name "@@" #version) __asm__ (".symver " #real "," #name "@@" #version)
/**
* aa_find_mountpoint - find where the apparmor interface filesystem is mounted
* @mnt: returns buffer with the mountpoint string
*
* Returns: 0 on success else -1 on error
*
* NOTE: this function only supports versions of apparmor using securityfs
*/
int aa_find_mountpoint(char **mnt)
{
struct stat statbuf;
struct mntent *mntpt;
FILE *mntfile;
int rc = -1;
if (!mnt) {
errno = EINVAL;
return -1;
}
mntfile = setmntent("/proc/mounts", "r");
if (!mntfile)
return -1;
while ((mntpt = getmntent(mntfile))) {
char *proposed = NULL;
if (strcmp(mntpt->mnt_type, "securityfs") != 0)
continue;
if (asprintf(&proposed, "%s/apparmor", mntpt->mnt_dir) < 0)
/* ENOMEM */
break;
if (stat(proposed, &statbuf) == 0) {
*mnt = proposed;
rc = 0;
break;
}
free(proposed);
}
endmntent(mntfile);
if (rc == -1)
errno = ENOENT;
return rc;
}
static inline pid_t aa_gettid(void) static inline pid_t aa_gettid(void)
{ {
#ifdef SYS_gettid #ifdef SYS_gettid

1
libraries/libapparmor/src/libapparmor.map
View File

@@ -16,6 +16,7 @@ APPARMOR_1.0 {
APPARMOR_1.1 { APPARMOR_1.1 {
global: global:
aa_find_mountpoint;
aa_change_hat; aa_change_hat;
aa_change_hatv; aa_change_hatv;
aa_change_hat_vargs; aa_change_hat_vargs;

1
libraries/libapparmor/swig/SWIG/libapparmor.i
View File

@@ -13,6 +13,7 @@
* are manually inserted here * are manually inserted here
*/ */
extern int aa_find_mountpoint(char **mnt);
extern int aa_change_hat(const char *subprofile, unsigned long magic_token); extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
extern int aa_change_profile(const char *profile); extern int aa_change_profile(const char *profile);
extern int aa_change_onexec(const char *profile); extern int aa_change_onexec(const char *profile);