/[vps]/baselayout-vserver/trunk/src/core/src/runscript.c
Gentoo

Diff of /baselayout-vserver/trunk/src/core/src/runscript.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 176 Revision 177
22 22
23static void (*selinux_run_init_old) (void); 23static void (*selinux_run_init_old) (void);
24static void (*selinux_run_init_new) (int argc, char **argv); 24static void (*selinux_run_init_new) (int argc, char **argv);
25 25
26void setup_selinux (int argc, char **argv); 26void setup_selinux (int argc, char **argv);
27char ** get_whitelist (char **whitelist, char *filename);
28char ** filter_environ (char *caller); 27char ** filter_environ (char *caller);
29 28
30extern char **environ; 29extern char **environ;
31 30
32void 31void
53 } 52 }
54 } 53 }
55} 54}
56 55
57char ** 56char **
58get_whitelist (char **whitelist, char *filename)
59{
60 char *buf = NULL;
61 char *tmp_buf = NULL;
62 char *tmp_p = NULL;
63 char *token = NULL;
64 size_t lenght = 0;
65 int count = 0;
66 int current = 0;
67
68 if (-1 == file_map (filename, &buf, &lenght))
69 return NULL;
70
71 while (current < lenght)
72 {
73 count = buf_get_line (buf, lenght, current);
74
75 tmp_buf = xstrndup (&buf[current], count);
76 if (NULL == tmp_buf)
77 goto error;
78
79 tmp_p = tmp_buf;
80
81 /* Strip leading spaces/tabs */
82 while ((tmp_p[0] == ' ') || (tmp_p[0] == '\t'))
83 tmp_p++;
84
85 /* Get entry - we do not want comments, and only the first word
86 * on a line is valid */
87 token = strsep (&tmp_p, "# \t");
88 if (check_str (token))
89 {
90 tmp_p = xstrndup (token, strlen (token));
91 if (NULL == tmp_p)
92 goto error;
93
94 str_list_add_item (whitelist, tmp_p, error);
95 }
96
97 current += count + 1;
98 free (tmp_buf);
99 /* Set to NULL in case we error out above and have
100 * to free below */
101 tmp_buf = NULL;
102 }
103
104
105 file_unmap (buf, lenght);
106
107 return whitelist;
108
109error:
110 if (NULL != tmp_buf)
111 free (tmp_buf);
112 file_unmap (buf, lenght);
113 str_list_free (whitelist);
114
115 return NULL;
116}
117
118char **
119filter_environ (char *caller) 57filter_environ (char *caller)
120{ 58{
121 char **myenv = NULL; 59 char **myenv = NULL;
122 char **whitelist = NULL; 60 char **whitelist = NULL;
123 char *env_name = NULL; 61 char *env_name = NULL;
128 /* Called from /sbin/rc, but not /sbin/rc itself, so current 66 /* Called from /sbin/rc, but not /sbin/rc itself, so current
129 * environment should be fine */ 67 * environment should be fine */
130 return environ; 68 return environ;
131 69
132 if (1 == is_file (SYS_WHITELIST, 1)) 70 if (1 == is_file (SYS_WHITELIST, 1))
133 whitelist = get_whitelist (whitelist, SYS_WHITELIST); 71 whitelist = get_list_file (whitelist, SYS_WHITELIST);
134 else 72 else
135 EWARN ("System environment whitelist missing!\n"); 73 EWARN ("System environment whitelist missing!\n");
136 74
137 if (1 == is_file (USR_WHITELIST, 1)) 75 if (1 == is_file (USR_WHITELIST, 1))
138 whitelist = get_whitelist (whitelist, USR_WHITELIST); 76 whitelist = get_list_file (whitelist, USR_WHITELIST);
139 77
140 if (NULL == whitelist) 78 if (NULL == whitelist)
141 /* If no whitelist is present, revert to old behaviour */ 79 /* If no whitelist is present, revert to old behaviour */
142 return environ; 80 return environ;
143 81

Legend:
Removed from v.176  
changed lines
  Added in v.177

  ViewVC Help
Powered by ViewVC 1.1.20