From fb31765cbe33890f325a87015507364156741321 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 19:59:44 +0200 Subject: Adding upstream version 42.0. Signed-off-by: Daniel Baumann --- src/selinux.cpp | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 src/selinux.cpp (limited to 'src/selinux.cpp') diff --git a/src/selinux.cpp b/src/selinux.cpp new file mode 100644 index 0000000..a9596d5 --- /dev/null +++ b/src/selinux.cpp @@ -0,0 +1,66 @@ +/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +#include + +#include + +#include "selinux.h" +#include "application.h" +#include "util.h" + + +static int (*getpidcon)(pid_t, char**); +static void (*freecon)(char*); +static int (*is_selinux_enabled)(void); + +static gboolean has_selinux; + +static gboolean load_selinux(void) +{ + return load_symbols("libselinux.so.1", + "getpidcon", &getpidcon, + "freecon", &freecon, + "is_selinux_enabled", &is_selinux_enabled, + NULL); +} + + + +void +get_process_selinux_context (ProcInfo *info) +{ + char *con; + + if (has_selinux && !getpidcon (info->pid, &con)) { + info->security_context = g_strdup (con); + freecon (con); + } +} + + + +gboolean +can_show_security_context_column (void) +{ + if (!(has_selinux = load_selinux())) + return FALSE; + + switch (is_selinux_enabled()) { + case 1: + /* We're running on an SELinux kernel */ + return TRUE; + + case -1: + /* Error; hide the security context column */ + + case 0: + /* We're not running on an SELinux kernel: + hide the security context column */ + + default: + procman_debug("SELinux was found but is not enabled.\n"); + return FALSE; + } +} + + + -- cgit v1.2.3