[apparmor] [patch 1/3] libapparmor: move public headers to separate directory
Steve Beattie
steve at nxnw.org
Tue Dec 24 20:59:33 UTC 2013
This patch moves the apparmor.h and aalogparse.h headers
from the libapparmor/src/ directory to a new directory
libapparmor/include/. The apparmor.h header is stored in a sys/
directory within libapparmor/include/ to match its usual install
location in /usr/include/sys/, simplifying the #include statements of
source that wishes to include either the in-tree or system installed
version of the header (i.e. #include <sys/apparmor.h> can be used
everywhere).
The patch size is inflated by the movements of the header files, which
are unchanged except for their locations. Otherwise, the rest of the
changes are to modify the include search path or to stop looking in
$CWD for one of the headers.
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
libraries/libapparmor/Makefile.am | 2
libraries/libapparmor/configure.ac | 2
libraries/libapparmor/include/Makefile.am | 4
libraries/libapparmor/include/aalogparse.h | 175 +++++++++++++++++++++++++
libraries/libapparmor/include/sys/Makefile.am | 3
libraries/libapparmor/include/sys/apparmor.h | 107 +++++++++++++++
libraries/libapparmor/src/Makefile.am | 8 -
libraries/libapparmor/src/aalogparse.h | 175 -------------------------
libraries/libapparmor/src/apparmor.h | 107 ---------------
libraries/libapparmor/src/grammar.y | 2
libraries/libapparmor/src/kernel_interface.c | 2
libraries/libapparmor/src/libaalogparse.c | 2
libraries/libapparmor/src/scanner.l | 2
libraries/libapparmor/src/tst_aalogmisc.c | 2
libraries/libapparmor/swig/SWIG/libapparmor.i | 6
libraries/libapparmor/swig/perl/Makefile.PL.in | 2
libraries/libapparmor/swig/perl/Makefile.am | 2
libraries/libapparmor/swig/python/Makefile.am | 2
libraries/libapparmor/swig/python/setup.py.in | 2
libraries/libapparmor/swig/ruby/Makefile.am | 4
libraries/libapparmor/testsuite/Makefile.am | 2
libraries/libapparmor/testsuite/test_multi.c | 2
22 files changed, 309 insertions(+), 306 deletions(-)
Index: b/libraries/libapparmor/include/sys/Makefile.am
===================================================================
--- /dev/null
+++ b/libraries/libapparmor/include/sys/Makefile.am
@@ -0,0 +1,3 @@
+
+apparmor_hdrdir = $(includedir)/sys
+apparmor_hdr_HEADERS = apparmor.h
Index: b/libraries/libapparmor/include/sys/apparmor.h
===================================================================
--- /dev/null
+++ b/libraries/libapparmor/include/sys/apparmor.h
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
+ * Copyright 2009-2010 Canonical Ltd.
+ *
+ * The libapparmor library is licensed under the terms of the GNU
+ * Lesser General Public License, version 2.1. Please see the file
+ * COPYING.LGPL.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _SYS_APPARMOR_H
+#define _SYS_APPARMOR_H 1
+
+#include <stdint.h>
+#include <sys/types.h>
+
+__BEGIN_DECLS
+
+/*
+ * Class of public mediation types in the AppArmor policy db
+ */
+
+#define AA_CLASS_DBUS 32
+
+
+/* Permission flags for the AA_CLASS_DBUS mediation class */
+#define AA_DBUS_SEND (1 << 1)
+#define AA_DBUS_RECEIVE (1 << 2)
+#define AA_DBUS_EAVESDROP (1 << 5)
+#define AA_DBUS_BIND (1 << 6)
+#define AA_VALID_DBUS_PERMS (AA_DBUS_SEND | AA_DBUS_RECEIVE | \
+ AA_DBUS_BIND | AA_DBUS_EAVESDROP)
+
+
+/* Prototypes for apparmor state queries */
+extern int aa_is_enabled(void);
+extern int aa_find_mountpoint(char **mnt);
+
+/* Prototypes for self directed domain transitions
+ * see <http://apparmor.net>
+ * Please see the change_hat(2) manpage for information.
+ */
+
+#define change_hat(X, Y) aa_change_hat((X), (Y))
+extern int (change_hat)(const char *subprofile, unsigned int magic_token);
+extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
+extern int aa_change_profile(const char *profile);
+extern int aa_change_onexec(const char *profile);
+
+extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
+extern int (aa_change_hat_vargs)(unsigned long token, int count, ...);
+
+/* Protypes for introspecting task confinement
+ * Please see the aa_getcon(2) manpage for information
+ */
+extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len,
+ char **mode);
+extern int aa_getprocattr(pid_t tid, const char *attr, char **con, char **mode);
+extern int aa_gettaskcon(pid_t target, char **con, char **mode);
+extern int aa_getcon(char **con, char **mode);
+extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode);
+extern int aa_getpeercon(int fd, char **con, char **mode);
+
+/* A NUL character is used to separate the query command prefix string from the
+ * rest of the query string. The query command sizes intentionally include the
+ * NUL-terminator in their values.
+ */
+#define AA_QUERY_CMD_LABEL "label"
+#define AA_QUERY_CMD_LABEL_SIZE sizeof(AA_QUERY_CMD_LABEL)
+
+extern int aa_query_label(uint32_t mask, char *query, size_t size, int *allow,
+ int *audit);
+
+#define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y)
+#define __macroarg_count1(Y...) __macroarg_count2 (Y, 16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0)
+#define __macroarg_count2(_,x0,x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,x14,x15,n,Y...) n
+
+/**
+ * change_hat_vargs - a wrapper macro for change_hat_vargs
+ * @T: the magic token
+ * @X...: the parameter list of hats being passed
+ *
+ * The change_hat_vargs macro makes it so the caller doesn't have to
+ * specify the number of hats passed as parameters to the change_hat_vargs
+ * fn.
+ *
+ * eg.
+ * change_hat_vargs(10, hat1, hat2, hat3, hat4);
+ * expandes to
+ * (change_hat_vargs)(10, 4, hat1, hat2, hat3, hat4);
+ *
+ * to call change_hat_vargs direction do
+ * (change_hat_vargs)(token, nhats, hat1, hat2...)
+ */
+#define aa_change_hat_vargs(T, X...) \
+ (aa_change_hat_vargs)(T, __macroarg_counter(X), X)
+
+__END_DECLS
+
+#endif /* sys/apparmor.h */
Index: b/libraries/libapparmor/src/apparmor.h
===================================================================
--- a/libraries/libapparmor/src/apparmor.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
- * Copyright 2009-2010 Canonical Ltd.
- *
- * The libapparmor library is licensed under the terms of the GNU
- * Lesser General Public License, version 2.1. Please see the file
- * COPYING.LGPL.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef _SYS_APPARMOR_H
-#define _SYS_APPARMOR_H 1
-
-#include <stdint.h>
-#include <sys/types.h>
-
-__BEGIN_DECLS
-
-/*
- * Class of public mediation types in the AppArmor policy db
- */
-
-#define AA_CLASS_DBUS 32
-
-
-/* Permission flags for the AA_CLASS_DBUS mediation class */
-#define AA_DBUS_SEND (1 << 1)
-#define AA_DBUS_RECEIVE (1 << 2)
-#define AA_DBUS_EAVESDROP (1 << 5)
-#define AA_DBUS_BIND (1 << 6)
-#define AA_VALID_DBUS_PERMS (AA_DBUS_SEND | AA_DBUS_RECEIVE | \
- AA_DBUS_BIND | AA_DBUS_EAVESDROP)
-
-
-/* Prototypes for apparmor state queries */
-extern int aa_is_enabled(void);
-extern int aa_find_mountpoint(char **mnt);
-
-/* Prototypes for self directed domain transitions
- * see <http://apparmor.net>
- * Please see the change_hat(2) manpage for information.
- */
-
-#define change_hat(X, Y) aa_change_hat((X), (Y))
-extern int (change_hat)(const char *subprofile, unsigned int magic_token);
-extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
-extern int aa_change_profile(const char *profile);
-extern int aa_change_onexec(const char *profile);
-
-extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
-extern int (aa_change_hat_vargs)(unsigned long token, int count, ...);
-
-/* Protypes for introspecting task confinement
- * Please see the aa_getcon(2) manpage for information
- */
-extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len,
- char **mode);
-extern int aa_getprocattr(pid_t tid, const char *attr, char **con, char **mode);
-extern int aa_gettaskcon(pid_t target, char **con, char **mode);
-extern int aa_getcon(char **con, char **mode);
-extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode);
-extern int aa_getpeercon(int fd, char **con, char **mode);
-
-/* A NUL character is used to separate the query command prefix string from the
- * rest of the query string. The query command sizes intentionally include the
- * NUL-terminator in their values.
- */
-#define AA_QUERY_CMD_LABEL "label"
-#define AA_QUERY_CMD_LABEL_SIZE sizeof(AA_QUERY_CMD_LABEL)
-
-extern int aa_query_label(uint32_t mask, char *query, size_t size, int *allow,
- int *audit);
-
-#define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y)
-#define __macroarg_count1(Y...) __macroarg_count2 (Y, 16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0)
-#define __macroarg_count2(_,x0,x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,x14,x15,n,Y...) n
-
-/**
- * change_hat_vargs - a wrapper macro for change_hat_vargs
- * @T: the magic token
- * @X...: the parameter list of hats being passed
- *
- * The change_hat_vargs macro makes it so the caller doesn't have to
- * specify the number of hats passed as parameters to the change_hat_vargs
- * fn.
- *
- * eg.
- * change_hat_vargs(10, hat1, hat2, hat3, hat4);
- * expandes to
- * (change_hat_vargs)(10, 4, hat1, hat2, hat3, hat4);
- *
- * to call change_hat_vargs direction do
- * (change_hat_vargs)(token, nhats, hat1, hat2...)
- */
-#define aa_change_hat_vargs(T, X...) \
- (aa_change_hat_vargs)(T, __macroarg_counter(X), X)
-
-__END_DECLS
-
-#endif /* sys/apparmor.h */
Index: b/libraries/libapparmor/include/Makefile.am
===================================================================
--- /dev/null
+++ b/libraries/libapparmor/include/Makefile.am
@@ -0,0 +1,4 @@
+SUBDIRS = sys
+
+aalogparsedir = $(includedir)/aalogparse
+aalogparse_HEADERS = aalogparse.h
Index: b/libraries/libapparmor/include/aalogparse.h
===================================================================
--- /dev/null
+++ b/libraries/libapparmor/include/aalogparse.h
@@ -0,0 +1,175 @@
+/*
+ * Copyright (c) 1999-2008 NOVELL (All rights reserved)
+ * Copyright 2009-2010 Canonical Ltd.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of version 2.1 of the GNU Lesser General
+ * Public License published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef __LIBAALOGPARSE_H_
+#define __LIBAALOGPARSE_H_
+
+#define AA_RECORD_EXEC_MMAP 1
+#define AA_RECORD_READ 2
+#define AA_RECORD_WRITE 4
+#define AA_RECORD_EXEC 8
+#define AA_RECORD_LINK 16
+
+/**
+ * This is just for convenience now that we have two
+ * wildly different grammars.
+ */
+
+typedef enum
+{
+ AA_RECORD_SYNTAX_V1,
+ AA_RECORD_SYNTAX_V2,
+ AA_RECORD_SYNTAX_UNKNOWN
+} aa_record_syntax_version;
+
+typedef enum
+{
+ AA_RECORD_INVALID, /* Default event type */
+ AA_RECORD_ERROR, /* Internal AA error */
+ AA_RECORD_AUDIT, /* Audited event */
+ AA_RECORD_ALLOWED, /* Complain mode event */
+ AA_RECORD_DENIED, /* Denied access event */
+ AA_RECORD_HINT, /* Process tracking info */
+ AA_RECORD_STATUS /* Configuration change */
+} aa_record_event_type;
+
+/**
+ * With the sole exception of active_hat, this is a 1:1
+ * mapping from the keys that the new syntax uses.
+ *
+ * Some examples of the old syntax and how they're mapped with the aa_log_record struct:
+ *
+ * "PERMITTING r access to /path (program_name(12345) profile /profile active hat)"
+ * - operation: access
+ * - requested_mask: r
+ * - pid: 12345
+ * - profile: /profile
+ * - name: /path
+ * - info: program_name
+ * - active_hat: hat
+ *
+ * "REJECTING mkdir on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out"
+ * - operation: mkdir
+ * - name: /path/to/something
+ * - info: bash
+ * - pid: 23415
+ * - profile: /bin/freak-aa-out
+ * - active_hat: /bin/freak-aa-out
+ *
+ * "REJECTING xattr set on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
+ * - operation: xattr
+ * - attribute: set
+ * - name: /path/to/something
+ * - info: bash
+ * - pid: 23415
+ * - profile: /bin/freak-aa-out
+ * - active_hat: /bin/freak-aa-out
+ *
+ * "PERMITTING attribute (something) change to /else (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
+ * - operation: setattr
+ * - attribute: something
+ * - name: /else
+ * - info: bash
+ * - pid: 23415
+ * - profile: /bin/freak-aa-out
+ * - active_hat: /bin/freak-aa-out
+ *
+ * "PERMITTING access to capability 'cap' (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
+ * - operation: capability
+ * - name: cap
+ * - info: bash
+ * - pid: 23415
+ * - profile: /bin/freak-aa-out
+ * - active_hat: /bin/freak-aa-out
+ *
+ * "LOGPROF-HINT unknown_hat TESTHAT pid=27764 profile=/change_hat_test/test_hat active=/change_hat_test/test_hat"
+ * - operation: change_hat
+ * - name: TESTHAT
+ * - info: unknown_hat
+ * - pid: 27764
+ * - profile: /change_hat_test/test_hat
+ * - active_hat: /change_hat_test/test_hat
+ *
+ * "LOGPROF-HINT fork pid=27764 child=38229"
+ * - operation: clone
+ * - task: 38229
+ * - pid: 27764
+ **/
+
+typedef struct
+{
+ aa_record_syntax_version version;
+ aa_record_event_type event; /* Event type */
+ unsigned long pid; /* PID of the program logging the message */
+ unsigned long peer_pid;
+ unsigned long task;
+ unsigned long magic_token;
+ long epoch; /* example: 12345679 */
+ unsigned int audit_sub_id; /* example: 12 */
+
+ int bitmask; /* Bitmask containing "r" "w" "x" etc */
+ char *audit_id; /* example: 12345679.1234:12 */
+ char *operation; /* "Exec" "Ptrace", etc. */
+ char *denied_mask; /* "r", "w", etc. */
+ char *requested_mask;
+ unsigned long fsuid; /* fsuid of task - if logged */
+ unsigned long ouid; /* ouid of task - if logged */
+ char *profile; /* The name of the profile */
+ char *peer_profile;
+ char *comm; /* Command that triggered msg */
+ char *name;
+ char *name2;
+ char *namespace;
+ char *attribute;
+ unsigned long parent;
+ char *info;
+ char *peer_info;
+ int error_code; /* error_code returned if logged */
+ char *active_hat;
+ char *net_family;
+ char *net_protocol;
+ char *net_sock_type;
+ char *net_local_addr;
+ unsigned long net_local_port;
+ char *net_foreign_addr;
+ unsigned long net_foreign_port;
+ char *dbus_bus;
+ char *dbus_path;
+ char *dbus_interface;
+ char *dbus_member;
+} aa_log_record;
+
+/**
+ * Parses a single log record string and returns a pointer to the parsed
+ * data. It is the calling program's responsibility to free that struct
+ * with free_record();
+ * @param[in] Record to parse.
+ * @return Parsed data.
+ */
+aa_log_record *
+parse_record(char *str);
+
+/**
+ * Frees all struct data.
+ * @param[in] Data to free.
+ */
+void
+free_record(aa_log_record *record);
+
+#endif
+
Index: b/libraries/libapparmor/src/Makefile.am
===================================================================
--- a/libraries/libapparmor/src/Makefile.am
+++ b/libraries/libapparmor/src/Makefile.am
@@ -28,7 +28,7 @@ BUILT_SOURCES = grammar.h scanner.h af_p
AM_LFLAGS = -v
AM_YFLAGS = -d -p aalogparse_
AM_CFLAGS = -Wall
-AM_CPPFLAGS = -D_GNU_SOURCE
+AM_CPPFLAGS = -D_GNU_SOURCE -I$(top_srcdir)/include/
scanner.h: scanner.l
$(LEX) -v $<
@@ -37,12 +37,6 @@ scanner.c: scanner.l
af_protos.h: /usr/include/netinet/in.h
LC_ALL=C sed -n -e "/IPPROTO_MAX/d" -e "s/^\#define[ \\t]\\+IPPROTO_\\([A-Z0-9_]\\+\\)\\(.*\\)$$/AA_GEN_PROTO_ENT(\\UIPPROTO_\\1, \"\\L\\1\")/p" $< > $@
-changehatdir = $(includedir)/sys
-changehat_HEADERS = apparmor.h
-
-aalogparsedir = $(includedir)/aalogparse
-aalogparse_HEADERS = aalogparse.h
-
lib_LTLIBRARIES = libapparmor.la
noinst_HEADERS = grammar.h parser.h scanner.h af_protos.h
Index: b/libraries/libapparmor/src/aalogparse.h
===================================================================
--- a/libraries/libapparmor/src/aalogparse.h
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright (c) 1999-2008 NOVELL (All rights reserved)
- * Copyright 2009-2010 Canonical Ltd.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of version 2.1 of the GNU Lesser General
- * Public License published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-
-#ifndef __LIBAALOGPARSE_H_
-#define __LIBAALOGPARSE_H_
-
-#define AA_RECORD_EXEC_MMAP 1
-#define AA_RECORD_READ 2
-#define AA_RECORD_WRITE 4
-#define AA_RECORD_EXEC 8
-#define AA_RECORD_LINK 16
-
-/**
- * This is just for convenience now that we have two
- * wildly different grammars.
- */
-
-typedef enum
-{
- AA_RECORD_SYNTAX_V1,
- AA_RECORD_SYNTAX_V2,
- AA_RECORD_SYNTAX_UNKNOWN
-} aa_record_syntax_version;
-
-typedef enum
-{
- AA_RECORD_INVALID, /* Default event type */
- AA_RECORD_ERROR, /* Internal AA error */
- AA_RECORD_AUDIT, /* Audited event */
- AA_RECORD_ALLOWED, /* Complain mode event */
- AA_RECORD_DENIED, /* Denied access event */
- AA_RECORD_HINT, /* Process tracking info */
- AA_RECORD_STATUS /* Configuration change */
-} aa_record_event_type;
-
-/**
- * With the sole exception of active_hat, this is a 1:1
- * mapping from the keys that the new syntax uses.
- *
- * Some examples of the old syntax and how they're mapped with the aa_log_record struct:
- *
- * "PERMITTING r access to /path (program_name(12345) profile /profile active hat)"
- * - operation: access
- * - requested_mask: r
- * - pid: 12345
- * - profile: /profile
- * - name: /path
- * - info: program_name
- * - active_hat: hat
- *
- * "REJECTING mkdir on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out"
- * - operation: mkdir
- * - name: /path/to/something
- * - info: bash
- * - pid: 23415
- * - profile: /bin/freak-aa-out
- * - active_hat: /bin/freak-aa-out
- *
- * "REJECTING xattr set on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
- * - operation: xattr
- * - attribute: set
- * - name: /path/to/something
- * - info: bash
- * - pid: 23415
- * - profile: /bin/freak-aa-out
- * - active_hat: /bin/freak-aa-out
- *
- * "PERMITTING attribute (something) change to /else (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
- * - operation: setattr
- * - attribute: something
- * - name: /else
- * - info: bash
- * - pid: 23415
- * - profile: /bin/freak-aa-out
- * - active_hat: /bin/freak-aa-out
- *
- * "PERMITTING access to capability 'cap' (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)"
- * - operation: capability
- * - name: cap
- * - info: bash
- * - pid: 23415
- * - profile: /bin/freak-aa-out
- * - active_hat: /bin/freak-aa-out
- *
- * "LOGPROF-HINT unknown_hat TESTHAT pid=27764 profile=/change_hat_test/test_hat active=/change_hat_test/test_hat"
- * - operation: change_hat
- * - name: TESTHAT
- * - info: unknown_hat
- * - pid: 27764
- * - profile: /change_hat_test/test_hat
- * - active_hat: /change_hat_test/test_hat
- *
- * "LOGPROF-HINT fork pid=27764 child=38229"
- * - operation: clone
- * - task: 38229
- * - pid: 27764
- **/
-
-typedef struct
-{
- aa_record_syntax_version version;
- aa_record_event_type event; /* Event type */
- unsigned long pid; /* PID of the program logging the message */
- unsigned long peer_pid;
- unsigned long task;
- unsigned long magic_token;
- long epoch; /* example: 12345679 */
- unsigned int audit_sub_id; /* example: 12 */
-
- int bitmask; /* Bitmask containing "r" "w" "x" etc */
- char *audit_id; /* example: 12345679.1234:12 */
- char *operation; /* "Exec" "Ptrace", etc. */
- char *denied_mask; /* "r", "w", etc. */
- char *requested_mask;
- unsigned long fsuid; /* fsuid of task - if logged */
- unsigned long ouid; /* ouid of task - if logged */
- char *profile; /* The name of the profile */
- char *peer_profile;
- char *comm; /* Command that triggered msg */
- char *name;
- char *name2;
- char *namespace;
- char *attribute;
- unsigned long parent;
- char *info;
- char *peer_info;
- int error_code; /* error_code returned if logged */
- char *active_hat;
- char *net_family;
- char *net_protocol;
- char *net_sock_type;
- char *net_local_addr;
- unsigned long net_local_port;
- char *net_foreign_addr;
- unsigned long net_foreign_port;
- char *dbus_bus;
- char *dbus_path;
- char *dbus_interface;
- char *dbus_member;
-} aa_log_record;
-
-/**
- * Parses a single log record string and returns a pointer to the parsed
- * data. It is the calling program's responsibility to free that struct
- * with free_record();
- * @param[in] Record to parse.
- * @return Parsed data.
- */
-aa_log_record *
-parse_record(char *str);
-
-/**
- * Frees all struct data.
- * @param[in] Data to free.
- */
-void
-free_record(aa_log_record *record);
-
-#endif
-
Index: b/libraries/libapparmor/src/grammar.y
===================================================================
--- a/libraries/libapparmor/src/grammar.y
+++ b/libraries/libapparmor/src/grammar.y
@@ -22,7 +22,7 @@
* information about tokens given and rules matched. */
#define YYDEBUG 0
#include <string.h>
-#include "aalogparse.h"
+#include <aalogparse.h>
#include "parser.h"
#include "grammar.h"
#include "scanner.h"
Index: b/libraries/libapparmor/src/kernel_interface.c
===================================================================
--- a/libraries/libapparmor/src/kernel_interface.c
+++ b/libraries/libapparmor/src/kernel_interface.c
@@ -31,7 +31,7 @@
#include <inttypes.h>
#include <pthread.h>
-#include "apparmor.h"
+#include <sys/apparmor.h>
/* some non-Linux systems do not define a static value */
#ifndef PATH_MAX
Index: b/libraries/libapparmor/src/libaalogparse.c
===================================================================
--- a/libraries/libapparmor/src/libaalogparse.c
+++ b/libraries/libapparmor/src/libaalogparse.c
@@ -31,7 +31,7 @@
#include <string.h>
#include <stdio.h>
#include <netinet/in.h>
-#include "aalogparse.h"
+#include <aalogparse.h>
#include "parser.h"
/* This is mostly just a wrapper around the code in grammar.y */
Index: b/libraries/libapparmor/src/tst_aalogmisc.c
===================================================================
--- a/libraries/libapparmor/src/tst_aalogmisc.c
+++ b/libraries/libapparmor/src/tst_aalogmisc.c
@@ -18,7 +18,7 @@
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
-#include "aalogparse.h"
+#include <aalogparse.h>
#include "parser.h"
Index: b/libraries/libapparmor/swig/SWIG/libapparmor.i
===================================================================
--- a/libraries/libapparmor/swig/SWIG/libapparmor.i
+++ b/libraries/libapparmor/swig/SWIG/libapparmor.i
@@ -1,13 +1,13 @@
%module LibAppArmor
%{
-#include "aalogparse.h"
-#include "apparmor.h"
+#include <aalogparse.h>
+#include <sys/apparmor.h>
%}
%include "typemaps.i"
-%include "aalogparse.h"
+%include <aalogparse.h>
/* swig doesn't like the macro magic we do in apparmor.h so the fn prototypes
* are manually inserted here
Index: b/libraries/libapparmor/swig/perl/Makefile.PL.in
===================================================================
--- a/libraries/libapparmor/swig/perl/Makefile.PL.in
+++ b/libraries/libapparmor/swig/perl/Makefile.PL.in
@@ -10,7 +10,7 @@ WriteMakefile(
'FIRST_MAKEFILE' => 'Makefile.perl',
'ABSTRACT' => q[Perl interface to AppArmor] ,
'VERSION' => q[@VERSION@],
- 'INC' => q[@CPPFLAGS@ -I at top_srcdir@/src @CFLAGS@],
+ 'INC' => q[@CPPFLAGS@ -I at top_srcdir@/include @CFLAGS@],
'LIBS' => q[-L at top_builddir@/src/.libs/ -lapparmor @LIBS@],
'OBJECT' => 'libapparmor_wrap.o', # $(OBJ_EXT)
) ;
Index: b/libraries/libapparmor/swig/perl/Makefile.am
===================================================================
--- a/libraries/libapparmor/swig/perl/Makefile.am
+++ b/libraries/libapparmor/swig/perl/Makefile.am
@@ -4,7 +4,7 @@ if HAVE_PERL
noinst_DATA =LibAppArmor.so
libapparmor_wrap.c: $(srcdir)/../SWIG/libapparmor.i
- $(SWIG) -perl -I$(srcdir)/../../src -module LibAppArmor -o $@ $(srcdir)/../SWIG/libapparmor.i
+ $(SWIG) -perl -I$(srcdir)/../../include -module LibAppArmor -o $@ $(srcdir)/../SWIG/libapparmor.i
MOSTLYCLEANFILES=libapparmor_wrap.c LibAppArmor.pm
Index: b/libraries/libapparmor/swig/python/Makefile.am
===================================================================
--- a/libraries/libapparmor/swig/python/Makefile.am
+++ b/libraries/libapparmor/swig/python/Makefile.am
@@ -5,7 +5,7 @@ EXTRA_DIST = libapparmor_wrap.c
SUBDIRS = test
libapparmor_wrap.c: $(srcdir)/../SWIG/libapparmor.i
- $(SWIG) -python -I$(srcdir)/../../src -module LibAppArmor -o $@ $(srcdir)/../SWIG/libapparmor.i
+ $(SWIG) -python -I$(srcdir)/../../include -module LibAppArmor -o $@ $(srcdir)/../SWIG/libapparmor.i
mv LibAppArmor.py __init__.py
MOSTLYCLEANFILES=libapparmor_wrap.c __init__.py
Index: b/libraries/libapparmor/swig/python/setup.py.in
===================================================================
--- a/libraries/libapparmor/swig/python/setup.py.in
+++ b/libraries/libapparmor/swig/python/setup.py.in
@@ -12,7 +12,7 @@ setup(name = 'LibAppArmor',
packages = [ 'LibAppArmor' ],
ext_package = 'LibAppArmor',
ext_modules = [Extension('_LibAppArmor', ['libapparmor_wrap.c'],
- include_dirs=['@top_srcdir@/src'],
+ include_dirs=['@top_srcdir@/include'],
extra_link_args = '-L at top_builddir@/src/.libs -lapparmor'.split(),
)],
scripts = [],
Index: b/libraries/libapparmor/swig/ruby/Makefile.am
===================================================================
--- a/libraries/libapparmor/swig/ruby/Makefile.am
+++ b/libraries/libapparmor/swig/ruby/Makefile.am
@@ -4,12 +4,12 @@ EXTRA_DIST = extconf.rb LibAp
noinst_DATA = LibAppArmor.so
LibAppArmor_wrap.c : $(srcdir)/../SWIG/libapparmor.i
- $(SWIG) -ruby -module LibAppArmor -I$(top_srcdir)/src -o $@ $(srcdir)/../SWIG/libapparmor.i
+ $(SWIG) -ruby -module LibAppArmor -I$(top_srcdir)/include -o $@ $(srcdir)/../SWIG/libapparmor.i
MOSTLYCLEANFILES=LibAppArmor_wrap.c
Makefile.ruby: extconf.rb
- PREFIX=$(prefix) $(RUBY) $< --with-LibAppArmor-include=$(top_srcdir)/src
+ PREFIX=$(prefix) $(RUBY) $< --with-LibAppArmor-include=$(top_srcdir)/include
LibAppArmor.so: LibAppArmor_wrap.c Makefile.ruby
$(MAKE) -fMakefile.ruby
Index: b/libraries/libapparmor/testsuite/Makefile.am
===================================================================
--- a/libraries/libapparmor/testsuite/Makefile.am
+++ b/libraries/libapparmor/testsuite/Makefile.am
@@ -2,7 +2,7 @@ SUBDIRS = lib config libaalogparse.test
PACKAGE = libaalogparse
AUTOMAKE_OPTIONS = dejagnu
-INCLUDES = -I. -I$(top_srcdir)/src
+INCLUDES = -I. -I$(top_srcdir)/include
AM_CPPFLAGS = $(DEBUG_FLAGS) -DLOCALEDIR=\"${localedir}\"
AM_CFLAGS = -Wall
Index: b/libraries/libapparmor/src/scanner.l
===================================================================
--- a/libraries/libapparmor/src/scanner.l
+++ b/libraries/libapparmor/src/scanner.l
@@ -27,7 +27,7 @@
%{
#include "grammar.h"
-#include "aalogparse.h"
+#include <aalogparse.h>
#include "parser.h"
#include <assert.h>
Index: b/libraries/libapparmor/testsuite/test_multi.c
===================================================================
--- a/libraries/libapparmor/testsuite/test_multi.c
+++ b/libraries/libapparmor/testsuite/test_multi.c
@@ -5,7 +5,7 @@
#include <string.h>
#include <errno.h>
-#include "aalogparse.h"
+#include <aalogparse.h>
int print_results(aa_log_record *record);
Index: b/libraries/libapparmor/Makefile.am
===================================================================
--- a/libraries/libapparmor/Makefile.am
+++ b/libraries/libapparmor/Makefile.am
@@ -2,7 +2,7 @@ AUTOMAKE_OPTIONS = foreign 1.4
NAME = libapparmor
SRCDIR = src
-SUBDIRS = doc src swig testsuite
+SUBDIRS = doc src include swig testsuite
REPO_VERSION=$(shell if [ -x /usr/bin/svn ] ; then \
/usr/bin/svn info . 2> /dev/null | grep "^Last Changed Rev:" | sed "s/^Last Changed Rev: //" ; \
Index: b/libraries/libapparmor/configure.ac
===================================================================
--- a/libraries/libapparmor/configure.ac
+++ b/libraries/libapparmor/configure.ac
@@ -82,4 +82,6 @@ testsuite/Makefile
testsuite/config/Makefile
testsuite/libaalogparse.test/Makefile
testsuite/lib/Makefile
+include/Makefile
+include/sys/Makefile
)
More information about the AppArmor
mailing list