diff options
author | Elena Reshetova <elena.reshetova@intel.com> | 2013-08-07 13:46:17 +0300 |
---|---|---|
committer | Elena Reshetova <elena.reshetova@intel.com> | 2013-08-07 13:46:17 +0300 |
commit | a08249263295ddd1f2cd07ed41abebc248f9f75c (patch) | |
tree | 42eb55b7ed91a2f6c11f20c97ba15d22cc2d2500 | |
parent | c4997a4f187e68b62bbecfba10a8a2cd22e21ab8 (diff) | |
download | librpm-tizen-a08249263295ddd1f2cd07ed41abebc248f9f75c.tar.gz librpm-tizen-a08249263295ddd1f2cd07ed41abebc248f9f75c.tar.bz2 librpm-tizen-a08249263295ddd1f2cd07ed41abebc248f9f75c.zip |
Security plugin: removing disable-dchecks option
-rw-r--r-- | configure.ac | 8 | ||||
-rw-r--r-- | plugins/msm-plugin.c | 6 | ||||
-rw-r--r-- | plugins/msmxattr.c | 18 |
3 files changed, 0 insertions, 32 deletions
diff --git a/configure.ac b/configure.ac index c64923906..c455e88a1 100644 --- a/configure.ac +++ b/configure.ac @@ -719,14 +719,6 @@ AC_SUBST(WITH_MSM_LIB) AC_SUBST(WITH_MSM_INCLUDE) AM_CONDITIONAL(MSM,[test "$with_msm" = yes]) -#domain checks enabling/disabling for security plugin -AC_ARG_ENABLE(dchecks, [AS_HELP_STRING([--disable-dchecks],[build without domain checks])],,[enable_dchecks=yes]) -AS_IF([test "$enable_dchecks" = yes],[ - AC_DEFINE(ENABLE_DCHECKS, 1, [Build with domain checks]) -]) -AM_CONDITIONAL(ENABLE_DCHECKS,[test "$enable_dchecks" = yes]) - - # libcap WITH_CAP_LIB= AC_ARG_WITH(cap, [AS_HELP_STRING([--with-cap],[build with capability support])], diff --git a/plugins/msm-plugin.c b/plugins/msm-plugin.c index 663e11937..b73993f20 100644 --- a/plugins/msm-plugin.c +++ b/plugins/msm-plugin.c @@ -124,12 +124,6 @@ rpmRC PLUGINHOOK_INIT_FUNC(rpmts _ts, const char *name, const char *opts) if (!ts) return RPMRC_FAIL; -#ifndef ENABLE_DCHECKS - rpmlog(RPMLOG_DEBUG, "ENABLE_DCHECKS is undefined!\n"); -#else - rpmlog(RPMLOG_DEBUG, "ENABLE_DCHECKS is defined!\n"); -#endif - fullPath = rpmGenPath(ts->rootDir, DEVICE_SECURITY_POLICY, NULL); rpmlog(RPMLOG_DEBUG, "fullPath %s\n", fullPath); if (!fullPath) { diff --git a/plugins/msmxattr.c b/plugins/msmxattr.c index 5af6ed046..a5c5c81a3 100644 --- a/plugins/msmxattr.c +++ b/plugins/msmxattr.c @@ -724,11 +724,7 @@ int msmSetupRequests(manifest_x *mfx) HASH_FIND(hh, all_ac_domains, mfx->request->ac_domain, strlen(mfx->request->ac_domain), defined_ac_domain); if (!defined_ac_domain){ // request for a undefined domain. rpmlog(RPMLOG_ERR, "Request for a domain name %s that hasn't been yet defined by any package\n", mfx->request->ac_domain); -#ifdef ENABLE_DCHECKS return -1; -#else - return 0; -#endif } //now check that the package can join the requested AC domain if (mfx->defines){ @@ -743,11 +739,7 @@ int msmSetupRequests(manifest_x *mfx) } //need to check if developer allowed other packages to join this domain if (msmCheckDomainJoinPossibility(mfx, defined_ac_domain) < 0) { -#ifdef ENABLE_DCHECKS return -1; -#else - return 0; -#endif } // now checking if security policy allows to join this domain if (msmIsRequestAllowed(mfx, defined_ac_domain)) { @@ -755,11 +747,7 @@ int msmSetupRequests(manifest_x *mfx) return 0; } else { rpmlog(RPMLOG_ERR, "Request for a domain name %s isn't allowed based on package sw source\n", mfx->request->ac_domain); -#ifdef ENABLE_DCHECKS return -1; -#else - return 0; -#endif } } @@ -911,9 +899,7 @@ int msmSetupDefines(struct smack_accesses *smack_accesses, manifest_x *mfx) for (d_request = define->d_requests; d_request; d_request = d_request->prev) { // first check if the current's package sw source can grant access to requested domain if (msmCheckDomainRequestOrPermit(mfx, d_request->label_name) < 0) { -#ifdef ENABLE_DCHECKS return -1; -#endif } if (smack_accesses_add(smack_accesses, define->name, d_request->label_name, d_request->ac_type) < 0) { rpmlog(RPMLOG_ERR, "Failed to set smack rules for domain requests\n"); @@ -926,17 +912,13 @@ int msmSetupDefines(struct smack_accesses *smack_accesses, manifest_x *mfx) for (d_permit = define->d_permits; d_permit; d_permit = d_permit->prev) { // first check if the current's package sw source can grant access to permited domain if (msmCheckDomainRequestOrPermit(mfx, d_permit->label_name) < 0) { -#ifdef ENABLE_DCHECKS return -1; -#endif } if (!d_permit->to_label_name) ret = smack_accesses_add(smack_accesses, d_permit->label_name, define->name, d_permit->ac_type); else { if (msmCheckLabelProvisioning(mfx, d_permit->to_label_name) < 0) { -#ifdef ENABLE_DCHECKS return -1; -#endif } ret = smack_accesses_add(smack_accesses, d_permit->label_name, d_permit->to_label_name, d_permit->ac_type); } |