src/ostree/ot-admin-builtin-diff.c \
src/ostree/ot-admin-builtin-deploy.c \
src/ostree/ot-admin-builtin-undeploy.c \
+ src/ostree/ot-admin-builtin-instutil.c \
src/ostree/ot-admin-builtin-cleanup.c \
src/ostree/ot-admin-builtin-os-init.c \
- src/ostree/ot-admin-builtin-selinux-ensure-labeled.c \
src/ostree/ot-admin-builtin-status.c \
src/ostree/ot-admin-builtin-switch.c \
src/ostree/ot-admin-builtin-upgrade.c \
src/ostree/ot-admin-builtins.h \
+ src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c \
+ src/ostree/ot-admin-instutil-builtins.h \
src/ostree/ot-admin-functions.h \
src/ostree/ot-admin-functions.c \
$(NULL)
--- /dev/null
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
+ *
+ * Copyright (C) 2011,2014 Colin Walters <walters@verbum.org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#include "config.h"
+
+#include "ot-builtins.h"
+#include "ot-admin-instutil-builtins.h"
+#include "ot-admin-builtins.h"
+#include "ot-admin-functions.h"
+#include "ot-main.h"
+#include "ostree.h"
+#include "libgsystem.h"
+
+#include <glib/gi18n.h>
+
+typedef struct {
+ const char *name;
+ gboolean (*fn) (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
+} OstreeAdminInstUtilCommand;
+
+static OstreeAdminInstUtilCommand admin_instutil_subcommands[] = {
+#ifdef HAVE_SELINUX
+ { "selinux-ensure-labeled", ot_admin_instutil_builtin_selinux_ensure_labeled },
+#endif
+ { NULL, NULL }
+};
+
+gboolean
+ot_admin_builtin_instutil (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error)
+{
+ gboolean ret = FALSE;
+ OstreeAdminInstUtilCommand *subcommand;
+ const char *subcommand_name = NULL;
+ gboolean want_help = FALSE;
+ int in, out, i;
+ gboolean skip;
+
+ for (in = 1, out = 1; in < argc; in++, out++)
+ {
+ /* The non-option is the command, take it out of the arguments */
+ if (argv[in][0] != '-')
+ {
+ skip = (subcommand_name == NULL);
+ if (subcommand_name == NULL)
+ subcommand_name = argv[in];
+ }
+
+ /* The global long options */
+ else if (argv[in][1] == '-')
+ {
+ skip = FALSE;
+
+ if (g_str_equal (argv[in], "--"))
+ {
+ break;
+ }
+ else if (g_str_equal (argv[in], "--help"))
+ {
+ want_help = TRUE;
+ }
+ else if (subcommand_name == NULL)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Unknown or invalid admin instutil option: %s", argv[in]);
+ goto out;
+ }
+ }
+
+ /* The global short options */
+ else
+ {
+ skip = FALSE;
+ for (i = 1; argv[in][i] != '\0'; i++)
+ {
+ switch (argv[in][i])
+ {
+ case 'h':
+ want_help = TRUE;
+ break;
+
+ default:
+ if (subcommand_name == NULL)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Unknown or invalid admin instutil option: %s", argv[in]);
+ goto out;
+ }
+ break;
+ }
+ }
+ }
+
+ /* Skipping this argument? */
+ if (skip)
+ out--;
+ else
+ argv[out] = argv[in];
+ }
+
+ argc = out;
+
+ if (subcommand_name == NULL || want_help)
+ {
+ subcommand = admin_instutil_subcommands;
+ g_print ("usage: ostree admin instutil COMMAND [options]\n");
+ g_print ("Builtin commands:\n");
+ while (subcommand->name)
+ {
+ g_print (" %s\n", subcommand->name);
+ subcommand++;
+ }
+ return subcommand_name == NULL ? 1 : 0;
+ }
+
+ subcommand = admin_instutil_subcommands;
+ while (subcommand->name)
+ {
+ if (g_strcmp0 (subcommand_name, subcommand->name) == 0)
+ break;
+ subcommand++;
+ }
+
+ if (!subcommand->name)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
+ "Unknown admin instutil command '%s'", subcommand_name);
+ goto out;
+ }
+
+ if (!subcommand->fn (argc, argv, sysroot, cancellable, error))
+ goto out;
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+++ /dev/null
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
- *
- * Copyright (C) 2014 Colin Walters <walters@verbum.org>
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published
- * by the Free Software Foundation; either version 2 of the licence or (at
- * your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- */
-
-#include "config.h"
-
-#include <string.h>
-#include <glib-unix.h>
-
-#include "ot-admin-builtins.h"
-#include "ot-admin-functions.h"
-
-#include "otutil.h"
-
-static char *
-ptrarray_path_join (GPtrArray *path)
-{
- GString *path_buf;
-
- path_buf = g_string_new ("");
-
- if (path->len == 0)
- g_string_append_c (path_buf, '/');
- else
- {
- guint i;
- for (i = 0; i < path->len; i++)
- {
- const char *elt = path->pdata[i];
-
- g_string_append_c (path_buf, '/');
- g_string_append (path_buf, elt);
- }
- }
-
- return g_string_free (path_buf, FALSE);
-}
-
-static gboolean
-relabel_one_path (OstreeSePolicy *sepolicy,
- GFile *path,
- GFileInfo *info,
- GPtrArray *path_parts,
- GCancellable *cancellable,
- GError **error)
-{
- gboolean ret = FALSE;
- gs_free char *relpath = NULL;
- gs_free char *new_label = NULL;
-
- relpath = ptrarray_path_join (path_parts);
- if (!ostree_sepolicy_restorecon (sepolicy, relpath,
- info, path,
- OSTREE_SEPOLICY_RESTORECON_FLAGS_ALLOW_NOLABEL |
- OSTREE_SEPOLICY_RESTORECON_FLAGS_KEEP_EXISTING,
- &new_label,
- cancellable, error))
- {
- g_prefix_error (error, "Setting context of %s: ", gs_file_get_path_cached (path));
- goto out;
- }
-
- if (new_label)
- g_print ("Set label of '%s' (as '%s') to '%s'\n",
- gs_file_get_path_cached (path),
- relpath,
- new_label);
-
- ret = TRUE;
- out:
- return ret;
-}
-
-static gboolean
-relabel_recursively (OstreeSePolicy *sepolicy,
- GFile *dir,
- GFileInfo *dir_info,
- GPtrArray *path_parts,
- GCancellable *cancellable,
- GError **error)
-{
- gboolean ret = FALSE;
- gs_unref_object GFileEnumerator *direnum = NULL;
-
- if (!relabel_one_path (sepolicy, dir, dir_info, path_parts,
- cancellable, error))
- goto out;
-
- direnum = g_file_enumerate_children (dir, OSTREE_GIO_FAST_QUERYINFO,
- G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS,
- cancellable, error);
- if (!direnum)
- goto out;
-
- while (TRUE)
- {
- GFileInfo *file_info;
- GFile *child;
- GFileType ftype;
-
- if (!gs_file_enumerator_iterate (direnum, &file_info, &child,
- cancellable, error))
- goto out;
- if (file_info == NULL)
- break;
-
- g_ptr_array_add (path_parts, (char*)gs_file_get_basename_cached (child));
-
- ftype = g_file_info_get_file_type (file_info);
- if (ftype == G_FILE_TYPE_DIRECTORY)
- {
- if (!relabel_recursively (sepolicy, child, file_info, path_parts,
- cancellable, error))
- goto out;
- }
- else
- {
- if (!relabel_one_path (sepolicy, child, file_info, path_parts,
- cancellable, error))
- goto out;
- }
-
- g_ptr_array_remove_index (path_parts, path_parts->len - 1);
- }
-
- ret = TRUE;
- out:
- return ret;
-}
-
-static gboolean
-selinux_relabel_dir (OstreeSePolicy *sepolicy,
- GFile *dir,
- const char *prefix,
- GCancellable *cancellable,
- GError **error)
-{
- gboolean ret = FALSE;
- gs_unref_ptrarray GPtrArray *path_parts = g_ptr_array_new ();
- gs_unref_object GFileInfo *root_info = NULL;
-
- root_info = g_file_query_info (dir, OSTREE_GIO_FAST_QUERYINFO,
- G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS,
- cancellable, error);
- if (!root_info)
- goto out;
-
- g_ptr_array_add (path_parts, (char*)prefix);
- if (!relabel_recursively (sepolicy, dir, root_info, path_parts,
- cancellable, error))
- {
- g_prefix_error (error, "Relabeling /%s: ", prefix);
- goto out;
- }
-
- ret = TRUE;
- out:
- return ret;
-}
-
-gboolean
-ot_admin_builtin_selinux_ensure_labeled (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error)
-{
- gboolean ret = FALSE;
- const char *policy_name;
- gs_unref_object GFile *subpath = NULL;
- const char *prefix;
- gs_unref_object OstreeSePolicy *sepolicy = NULL;
- gs_unref_ptrarray GPtrArray *deployments = NULL;
- OstreeDeployment *first_deployment;
- gs_unref_object GFile *deployment_path = NULL;
-
- if (argc < 3)
- {
- g_printerr ("usage: %s SUBPATH PREFIX\n", argv[0]);
- g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
- "Option processing failed");
- goto out;
- }
-
- subpath = g_file_new_for_path (argv[1]);
- prefix = argv[2];
-
- if (!ostree_sysroot_load (sysroot, cancellable, error))
- goto out;
-
- deployments = ostree_sysroot_get_deployments (sysroot);
- if (deployments->len == 0)
- {
- g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
- "Unable to find a deployment in sysroot");
- goto out;
- }
- first_deployment = deployments->pdata[0];
- deployment_path = ostree_sysroot_get_deployment_directory (sysroot, first_deployment);
-
- sepolicy = ostree_sepolicy_new (deployment_path, cancellable, error);
- if (!sepolicy)
- goto out;
-
- policy_name = ostree_sepolicy_get_name (sepolicy);
- if (policy_name)
- {
- g_print ("Relabeling using policy '%s'\n", policy_name);
- if (!selinux_relabel_dir (sepolicy, subpath, prefix,
- cancellable, error))
- goto out;
- }
- else
- g_print ("No SELinux policy found in deployment '%s'\n",
- gs_file_get_path_cached (deployment_path));
-
- ret = TRUE;
- out:
- return ret;
-}
gboolean ot_admin_builtin_selinux_ensure_labeled (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
gboolean ot_admin_builtin_os_init (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
gboolean ot_admin_builtin_install (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
+gboolean ot_admin_builtin_instutil (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
gboolean ot_admin_builtin_init_fs (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
gboolean ot_admin_builtin_undeploy (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
gboolean ot_admin_builtin_deploy (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
--- /dev/null
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
+ *
+ * Copyright (C) 2014 Colin Walters <walters@verbum.org>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2 of the licence or (at
+ * your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#include "config.h"
+
+#include <string.h>
+#include <glib-unix.h>
+
+#include "ot-admin-instutil-builtins.h"
+
+#include "otutil.h"
+
+static char *
+ptrarray_path_join (GPtrArray *path)
+{
+ GString *path_buf;
+
+ path_buf = g_string_new ("");
+
+ if (path->len == 0)
+ g_string_append_c (path_buf, '/');
+ else
+ {
+ guint i;
+ for (i = 0; i < path->len; i++)
+ {
+ const char *elt = path->pdata[i];
+
+ g_string_append_c (path_buf, '/');
+ g_string_append (path_buf, elt);
+ }
+ }
+
+ return g_string_free (path_buf, FALSE);
+}
+
+static gboolean
+relabel_one_path (OstreeSePolicy *sepolicy,
+ GFile *path,
+ GFileInfo *info,
+ GPtrArray *path_parts,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean ret = FALSE;
+ gs_free char *relpath = NULL;
+ gs_free char *new_label = NULL;
+
+ relpath = ptrarray_path_join (path_parts);
+ if (!ostree_sepolicy_restorecon (sepolicy, relpath,
+ info, path,
+ OSTREE_SEPOLICY_RESTORECON_FLAGS_ALLOW_NOLABEL |
+ OSTREE_SEPOLICY_RESTORECON_FLAGS_KEEP_EXISTING,
+ &new_label,
+ cancellable, error))
+ {
+ g_prefix_error (error, "Setting context of %s: ", gs_file_get_path_cached (path));
+ goto out;
+ }
+
+ if (new_label)
+ g_print ("Set label of '%s' (as '%s') to '%s'\n",
+ gs_file_get_path_cached (path),
+ relpath,
+ new_label);
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
+static gboolean
+relabel_recursively (OstreeSePolicy *sepolicy,
+ GFile *dir,
+ GFileInfo *dir_info,
+ GPtrArray *path_parts,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean ret = FALSE;
+ gs_unref_object GFileEnumerator *direnum = NULL;
+
+ if (!relabel_one_path (sepolicy, dir, dir_info, path_parts,
+ cancellable, error))
+ goto out;
+
+ direnum = g_file_enumerate_children (dir, OSTREE_GIO_FAST_QUERYINFO,
+ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS,
+ cancellable, error);
+ if (!direnum)
+ goto out;
+
+ while (TRUE)
+ {
+ GFileInfo *file_info;
+ GFile *child;
+ GFileType ftype;
+
+ if (!gs_file_enumerator_iterate (direnum, &file_info, &child,
+ cancellable, error))
+ goto out;
+ if (file_info == NULL)
+ break;
+
+ g_ptr_array_add (path_parts, (char*)gs_file_get_basename_cached (child));
+
+ ftype = g_file_info_get_file_type (file_info);
+ if (ftype == G_FILE_TYPE_DIRECTORY)
+ {
+ if (!relabel_recursively (sepolicy, child, file_info, path_parts,
+ cancellable, error))
+ goto out;
+ }
+ else
+ {
+ if (!relabel_one_path (sepolicy, child, file_info, path_parts,
+ cancellable, error))
+ goto out;
+ }
+
+ g_ptr_array_remove_index (path_parts, path_parts->len - 1);
+ }
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
+static gboolean
+selinux_relabel_dir (OstreeSePolicy *sepolicy,
+ GFile *dir,
+ const char *prefix,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean ret = FALSE;
+ gs_unref_ptrarray GPtrArray *path_parts = g_ptr_array_new ();
+ gs_unref_object GFileInfo *root_info = NULL;
+
+ root_info = g_file_query_info (dir, OSTREE_GIO_FAST_QUERYINFO,
+ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS,
+ cancellable, error);
+ if (!root_info)
+ goto out;
+
+ g_ptr_array_add (path_parts, (char*)prefix);
+ if (!relabel_recursively (sepolicy, dir, root_info, path_parts,
+ cancellable, error))
+ {
+ g_prefix_error (error, "Relabeling /%s: ", prefix);
+ goto out;
+ }
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
+gboolean
+ot_admin_instutil_builtin_selinux_ensure_labeled (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error)
+{
+ gboolean ret = FALSE;
+ const char *policy_name;
+ gs_unref_object GFile *subpath = NULL;
+ const char *prefix;
+ gs_unref_object OstreeSePolicy *sepolicy = NULL;
+ gs_unref_ptrarray GPtrArray *deployments = NULL;
+ OstreeDeployment *first_deployment;
+ gs_unref_object GFile *deployment_path = NULL;
+
+ if (argc < 3)
+ {
+ g_printerr ("usage: %s SUBPATH PREFIX\n", argv[0]);
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Option processing failed");
+ goto out;
+ }
+
+ subpath = g_file_new_for_path (argv[1]);
+ prefix = argv[2];
+
+ if (!ostree_sysroot_load (sysroot, cancellable, error))
+ goto out;
+
+ deployments = ostree_sysroot_get_deployments (sysroot);
+ if (deployments->len == 0)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Unable to find a deployment in sysroot");
+ goto out;
+ }
+ first_deployment = deployments->pdata[0];
+ deployment_path = ostree_sysroot_get_deployment_directory (sysroot, first_deployment);
+
+ sepolicy = ostree_sepolicy_new (deployment_path, cancellable, error);
+ if (!sepolicy)
+ goto out;
+
+ policy_name = ostree_sepolicy_get_name (sepolicy);
+ if (policy_name)
+ {
+ g_print ("Relabeling using policy '%s'\n", policy_name);
+ if (!selinux_relabel_dir (sepolicy, subpath, prefix,
+ cancellable, error))
+ goto out;
+ }
+ else
+ g_print ("No SELinux policy found in deployment '%s'\n",
+ gs_file_get_path_cached (deployment_path));
+
+ ret = TRUE;
+ out:
+ return ret;
+}
--- /dev/null
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
+ *
+ * Copyright (C) 2014 Colin Walters <walters@verbum.org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#pragma once
+
+#include <ostree.h>
+
+G_BEGIN_DECLS
+
+gboolean ot_admin_instutil_builtin_selinux_ensure_labeled (int argc, char **argv, OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
+
+G_END_DECLS
+
} OstreeAdminCommand;
static OstreeAdminCommand admin_subcommands[] = {
-#ifdef HAVE_SELINUX
- { "selinux-ensure-labeled", ot_admin_builtin_selinux_ensure_labeled },
-#endif
{ "os-init", ot_admin_builtin_os_init },
{ "init-fs", ot_admin_builtin_init_fs },
+ { "instutil", ot_admin_builtin_instutil },
{ "deploy", ot_admin_builtin_deploy },
{ "undeploy", ot_admin_builtin_undeploy },
{ "upgrade", ot_admin_builtin_upgrade },
projects / ostree.git / commitdiff