query.hh File Reference

Detailed Description

Defines the public interface for file context queries.

Author:: Jeremy A. Mowery jmowery@tresys.com
Jason Tang jtang@tresys.com

This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

Definition in file query.hh.

#include <sys/types.h>
#include <regex.h>
#include <apol/context-query.h>
#include <apol/mls-query.h>
#include <apol/policy-query.h>
#include <apol/vector.h>
#include <stdexcept>

Go to the source code of this file.


Classes
class	sefs_query
	This class represents a query into a (subclass of) fclist. More...
Typedefs
typedef sefs_query	sefs_query_t
Functions
sefs_query_t *	sefs_query_create ()
	Allocate and return a new sefs query structure.
void	sefs_query_destroy (sefs_query_t **query)
	Deallocate all memory associated with the referenced sefs query, and then set it to NULL.
int	sefs_query_set_user (sefs_query_t query, const char name)
	Set a sefs query to match only entries with contexts with the user name.
int	sefs_query_set_role (sefs_query_t query, const char name)
	Set a sefs query to match only entries with contexts with the role name.
int	sefs_query_set_type (sefs_query_t query, const char name, bool indirect)
	Set a sefs query to match only entries with contexts with the type name.
int	sefs_query_set_range (sefs_query_t query, const char range, int match)
	Set a sefs query to match only entries with contexts with a range of range.
int	sefs_query_set_object_class (sefs_query_t *query, uint32_t objclass)
	Set a sefs query to match only entries with object class objclass.
int	sefs_query_set_object_class_str (sefs_query_t query, const char name)
	Set a sefs query to match only entries with object class name.
int	sefs_query_set_path (sefs_query_t query, const char path)
	Set a sefs query to match only entries with path path.
int	sefs_query_set_inode (sefs_query_t *query, ino64_t inode)
	Set a sefs query to match only entries with a given inode number.
int	sefs_query_set_dev (sefs_query_t query, const char dev)
	Set a sefs query to match only entries with a given device number.
int	sefs_query_set_regex (sefs_query_t *query, bool regex)
	Set a sefs query to use regular expression matching for string fields.

Typedef Documentation

typedef struct sefs_query sefs_query_t

Definition at line 233 of file query.hh.

Referenced by sechk_lib_load_fc(), sefs_fclist_run_query(), sefs_fclist_run_query_map(), sefs_query_create(), sefs_query_destroy(), sefs_query_set_dev(), sefs_query_set_inode(), sefs_query_set_object_class(), sefs_query_set_object_class_str(), sefs_query_set_path(), sefs_query_set_range(), sefs_query_set_regex(), sefs_query_set_role(), sefs_query_set_type(), and sefs_query_set_user().

Function Documentation

sefs_query_t* sefs_query_create

(

)

Allocate and return a new sefs query structure.

See also:: sefs_query::sefs_query()

Definition at line 274 of file query.cc.

References sefs_query_t.

Referenced by sechk_lib_load_fc().

00275 {
00276         return new sefs_query();
00277 }

void sefs_query_destroy

(

sefs_query_t **

query

)

Deallocate all memory associated with the referenced sefs query, and then set it to NULL.

This function does nothing if the query is already NULL.

Parameters:

query

Reference to a sefs query structure to destroy.

Definition at line 279 of file query.cc.

References sefs_query_t.

Referenced by sechk_lib_load_fc().

00280 {
00281         if (query != NULL && *query != NULL)
00282         {
00283                 delete(*query);
00284                 *query = NULL;
00285         }
00286 }

int sefs_query_set_user	(	sefs_query_t *	query,
		const char *	name
	)

Set a sefs query to match only entries with contexts with the user name.

See also:: sefs_query::user()

Definition at line 288 of file query.cc.

References sefs_query_t, and sefs_query::user().

00289 {
00290         if (query == NULL)
00291         {
00292                 errno = EINVAL;
00293                 return -1;
00294         }
00295         try
00296         {
00297                 query->user(name);
00298         }
00299         catch(...)
00300         {
00301                 return -1;
00302         }
00303         return 0;
00304 }

int sefs_query_set_role	(	sefs_query_t *	query,
		const char *	name
	)

Set a sefs query to match only entries with contexts with the role name.

See also:: sefs_query::role()

Definition at line 306 of file query.cc.

References sefs_query::role(), and sefs_query_t.

00307 {
00308         if (query == NULL)
00309         {
00310                 errno = EINVAL;
00311                 return -1;
00312         }
00313         try
00314         {
00315                 query->role(name);
00316         }
00317         catch(...)
00318         {
00319                 return -1;
00320         }
00321         return 0;
00322 }

int sefs_query_set_type	(	sefs_query_t *	query,
		const char *	name,
		bool	indirect
	)

Set a sefs query to match only entries with contexts with the type name.

See also:: sefs_query::type()
sefs_fclist_associate_policy() to associate a policy with a fclist.

Definition at line 324 of file query.cc.

References sefs_query_t, and sefs_query::type().

00325 {
00326         if (query == NULL)
00327         {
00328                 errno = EINVAL;
00329                 return -1;
00330         }
00331         try
00332         {
00333                 query->type(name, indirect);
00334         }
00335         catch(...)
00336         {
00337                 return -1;
00338         }
00339         return 0;
00340 }

int sefs_query_set_range	(	sefs_query_t *	query,
		const char *	range,
		int	match
	)

Set a sefs query to match only entries with contexts with a range of range.

See also:: sefs_query::range()
sefs_fclist_associate_policy() to associate a policy with a fclist.

Definition at line 342 of file query.cc.

References sefs_query::range(), and sefs_query_t.

00343 {
00344         if (query == NULL)
00345         {
00346                 errno = EINVAL;
00347                 return -1;
00348         }
00349         query->range(range, match);
00350         return 0;
00351 }

int sefs_query_set_object_class	(	sefs_query_t *	query,
		uint32_t	objclass
	)

Set a sefs query to match only entries with object class objclass.

Returns:: Always 0.

See also:: sefs_query::objectClass(uint32_t)

Definition at line 353 of file query.cc.

References sefs_query::objectClass(), and sefs_query_t.

00354 {
00355         if (query == NULL)
00356         {
00357                 errno = EINVAL;
00358                 return -1;
00359         }
00360         query->objectClass(objclass);
00361         return 0;
00362 }

int sefs_query_set_object_class_str	(	sefs_query_t *	query,
		const char *	name
	)

Set a sefs query to match only entries with object class name.

Returns:: Always 0.

See also:: sefs_query::objectClass(const char *)

Definition at line 364 of file query.cc.

References sefs_query::objectClass(), and sefs_query_t.

00365 {
00366         if (query == NULL)
00367         {
00368                 errno = EINVAL;
00369                 return -1;
00370         }
00371         query->objectClass(name);
00372         return 0;
00373 }

int sefs_query_set_path	(	sefs_query_t *	query,
		const char *	path
	)

Set a sefs query to match only entries with path path.

See also:: sefs_query::path()

Definition at line 375 of file query.cc.

References sefs_query::path(), and sefs_query_t.

00376 {
00377         if (query == NULL)
00378         {
00379                 errno = EINVAL;
00380                 return -1;
00381         }
00382         try
00383         {
00384                 query->path(path);
00385         }
00386         catch(...)
00387         {
00388                 return -1;
00389         }
00390         return 0;
00391 }

int sefs_query_set_inode	(	sefs_query_t *	query,
		ino64_t	inode
	)

Set a sefs query to match only entries with a given inode number.

Returns:: Always 0.

See also:: sefs_query::inode()

Definition at line 393 of file query.cc.

References sefs_query::inode(), and sefs_query_t.

00394 {
00395         if (query == NULL)
00396         {
00397                 errno = EINVAL;
00398                 return -1;
00399         }
00400         query->inode(inode);
00401         return 0;
00402 }

int sefs_query_set_dev	(	sefs_query_t *	query,
		const char *	dev
	)

Set a sefs query to match only entries with a given device number.

See also:: sefs_query::dev()

Definition at line 404 of file query.cc.

References sefs_query::dev(), and sefs_query_t.

00405 {
00406         if (query == NULL)
00407         {
00408                 errno = EINVAL;
00409                 return -1;
00410         }
00411         try
00412         {
00413                 query->dev(dev);
00414         }
00415         catch(...)
00416         {
00417                 return -1;
00418         }
00419         return 0;
00420 }

int sefs_query_set_regex	(	sefs_query_t *	query,
		bool	regex
	)

Set a sefs query to use regular expression matching for string fields.

Returns:: Always 0.

See also:: sefs_query::regex()

Definition at line 422 of file query.cc.

References sefs_query::regex(), and sefs_query_t.

00423 {
00424         if (query == NULL)
00425         {
00426                 errno = EINVAL;
00427                 return -1;
00428         }
00429         query->regex(regex);
00430         return 0;
00431 }

query.hh File Reference

Detailed Description

Classes

Typedefs

Functions

Typedef Documentation

Function Documentation