The user loads two policies, the "original" and "modified" policies, and then calls poldiff_create() to obtain a poldiff object. Next call poldiff_run() to actually execute the differencing algorithm. Results are retrieved via poldiff_get_type_vector(), poldiff_get_avrule_vector(), and so forth.
Jason Tang jtang@tresys.com
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Definition in file poldiff.h.
#include <apol/policy.h>
#include <apol/policy-query.h>
#include <apol/vector.h>
#include <stdarg.h>
#include <stdint.h>
#include <poldiff/attrib_diff.h>
#include <poldiff/avrule_diff.h>
#include <poldiff/cat_diff.h>
#include <poldiff/bool_diff.h>
#include <poldiff/class_diff.h>
#include <poldiff/level_diff.h>
#include <poldiff/range_diff.h>
#include <poldiff/range_trans_diff.h>
#include <poldiff/rbac_diff.h>
#include <poldiff/role_diff.h>
#include <poldiff/terule_diff.h>
#include <poldiff/type_diff.h>
#include <poldiff/user_diff.h>
#include <poldiff/type_map.h>
#include <poldiff/util.h>
Go to the source code of this file.
Defines | |
| #define | POLDIFF_DIFF_CLASSES 0x00000001U |
| #define | POLDIFF_DIFF_COMMONS 0x00000002U |
| #define | POLDIFF_DIFF_TYPES 0x00000004U |
| #define | POLDIFF_DIFF_ATTRIBS 0x00000008U |
| #define | POLDIFF_DIFF_ROLES 0x00000010U |
| #define | POLDIFF_DIFF_USERS 0x00000020U |
| #define | POLDIFF_DIFF_BOOLS 0x00000040U |
| #define | POLDIFF_DIFF_LEVELS 0x00000080U |
| #define | POLDIFF_DIFF_CATS 0x00000100U |
| #define | POLDIFF_DIFF_ROLE_ALLOWS 0x00000800U |
| #define | POLDIFF_DIFF_ROLE_TRANS 0x00001000U |
| #define | POLDIFF_DIFF_RANGE_TRANS 0x00002000U |
| #define | POLDIFF_DIFF_AVALLOW 0x10000000U |
| #define | POLDIFF_DIFF_AVAUDITALLOW 0x20000000U |
| #define | POLDIFF_DIFF_AVDONTAUDIT 0x40000000U |
| #define | POLDIFF_DIFF_AVNEVERALLOW 0x80000000U |
| #define | POLDIFF_DIFF_TECHANGE 0x01000000U |
| #define | POLDIFF_DIFF_TEMEMBER 0x02000000U |
| #define | POLDIFF_DIFF_TETRANS 0x04000000U |
| #define | POLDIFF_DIFF_TERULES_COMPAT 0x00000400U |
| deprecated | |
| #define | POLDIFF_DIFF_AVRULES_COMPAT 0x00000200U |
| deprecated | |
| #define | POLDIFF_DIFF_AVRULES (POLDIFF_DIFF_AVALLOW | POLDIFF_DIFF_AVNEVERALLOW | POLDIFF_DIFF_AVAUDITALLOW | POLDIFF_DIFF_AVDONTAUDIT) |
| #define | POLDIFF_DIFF_TERULES (POLDIFF_DIFF_TEMEMBER | POLDIFF_DIFF_TECHANGE | POLDIFF_DIFF_TETRANS) |
| #define | POLDIFF_DIFF_SYMBOLS (POLDIFF_DIFF_CLASSES|POLDIFF_DIFF_COMMONS|POLDIFF_DIFF_TYPES|POLDIFF_DIFF_ATTRIBS|POLDIFF_DIFF_ROLES|POLDIFF_DIFF_USERS|POLDIFF_DIFF_BOOLS) |
| #define | POLDIFF_DIFF_RULES (POLDIFF_DIFF_AVRULES|POLDIFF_DIFF_TERULES|POLDIFF_DIFF_ROLE_ALLOWS|POLDIFF_DIFF_ROLE_TRANS) |
| #define | POLDIFF_DIFF_RBAC (POLDIFF_DIFF_ROLES|POLDIFF_DIFF_ROLE_ALLOWS|POLDIFF_DIFF_ROLE_TRANS) |
| #define | POLDIFF_DIFF_MLS (POLDIFF_DIFF_LEVELS|POLDIFF_DIFF_CATS|POLDIFF_DIFF_RANGE_TRANS) |
| #define | POLDIFF_DIFF_OCONS 0 |
| #define | POLDIFF_DIFF_REMAPPED (POLDIFF_DIFF_TYPES|POLDIFF_DIFF_ATTRIBS|POLDIFF_DIFF_AVRULES|POLDIFF_DIFF_TERULES|POLDIFF_DIFF_ROLES|POLDIFF_DIFF_ROLE_TRANS|POLDIFF_DIFF_RANGE_TRANS|POLDIFF_DIFF_OCONS) |
| #define | POLDIFF_DIFF_ALL (POLDIFF_DIFF_SYMBOLS|POLDIFF_DIFF_RULES|POLDIFF_DIFF_MLS|POLDIFF_DIFF_OCONS) |
Typedefs | |
| typedef poldiff | poldiff_t |
| typedef enum poldiff_form | poldiff_form_e |
| Form of a difference. | |
| typedef void(* | poldiff_handle_fn_t )(void *arg, const poldiff_t *diff, int level, const char *fmt, va_list va_args) |
Enumerations | |
| enum | poldiff_form { POLDIFF_FORM_NONE, POLDIFF_FORM_ADDED, POLDIFF_FORM_REMOVED, POLDIFF_FORM_MODIFIED, POLDIFF_FORM_ADD_TYPE, POLDIFF_FORM_REMOVE_TYPE } |
| Form of a difference. More... | |
Functions | |
| poldiff_t * | poldiff_create (apol_policy_t *orig_policy, apol_policy_t *mod_policy, poldiff_handle_fn_t fn, void *callback_arg) |
| Allocate and initialize a new policy difference structure. | |
| void | poldiff_destroy (poldiff_t **diff) |
| Free all memory used by a policy difference structure and set it to NULL. | |
| int | poldiff_run (poldiff_t *diff, uint32_t flags) |
| Run the difference algorithm for the selected policy components/rules. | |
| int | poldiff_is_run (const poldiff_t *diff, uint32_t flags) |
| Determine if a particular policy component/rule diff was actually run yet or not. | |
| int | poldiff_get_stats (const poldiff_t *diff, uint32_t flags, size_t stats[5]) |
| Get a total of the differences of each form for a given item (or set of items). | |
| int | poldiff_enable_line_numbers (poldiff_t *diff) |
| Enable line numbers for all rule differences. | |
|
|
Definition at line 92 of file poldiff.h. Referenced by main(), print_class_diffs(), and print_diff(). |
|
|
Definition at line 93 of file poldiff.h. Referenced by print_common_diffs(), and print_diff(). |
|
|
Definition at line 94 of file poldiff.h. Referenced by print_diff(), and print_type_diffs(). |
|
|
Definition at line 95 of file poldiff.h. Referenced by print_attrib_diffs(), and print_diff(). |
|
|
Definition at line 96 of file poldiff.h. Referenced by print_diff(), and print_role_diffs(). |
|
|
Definition at line 97 of file poldiff.h. Referenced by print_diff(), and print_user_diffs(). |
|
|
Definition at line 98 of file poldiff.h. Referenced by print_bool_diffs(), and print_diff(). |
|
|
Definition at line 99 of file poldiff.h. Referenced by print_diff(), and print_level_diffs(). |
|
|
Definition at line 100 of file poldiff.h. Referenced by print_cat_diffs(), and print_diff(). |
|
|
Definition at line 101 of file poldiff.h. Referenced by print_diff(), and print_role_allow_diffs(). |
|
|
Definition at line 102 of file poldiff.h. Referenced by print_diff(), and print_role_trans_diffs(). |
|
|
Definition at line 103 of file poldiff.h. Referenced by print_diff(), and print_range_trans_diffs(). |
|
|
Definition at line 104 of file poldiff.h. Referenced by print_avallow_diffs(), print_diff(), and result_item_create_avrules_allow(). |
|
|
Definition at line 105 of file poldiff.h. Referenced by print_avauditallow_diffs(), print_diff(), and result_item_create_avrules_auditallow(). |
|
|
Definition at line 106 of file poldiff.h. Referenced by print_avdontaudit_diffs(), print_diff(), and result_item_create_avrules_dontaudit(). |
|
|
Definition at line 107 of file poldiff.h. Referenced by print_avneverallow_diffs(), print_diff(), and result_item_create_avrules_neverallow(). |
|
|
Definition at line 108 of file poldiff.h. Referenced by print_diff(), and result_item_create_terules_change(). |
|
|
Definition at line 109 of file poldiff.h. Referenced by print_diff(), and result_item_create_terules_member(). |
|
|
Definition at line 110 of file poldiff.h. Referenced by print_diff(), and result_item_create_terules_trans(). |
|
|
deprecated
|
|
|
deprecated
|
|
|
Definition at line 115 of file poldiff.h. Referenced by poldiff_run(), result_item_inline_link_event(), and toplevel_run_diff_runner(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 127 of file poldiff.h. Referenced by main(). |
|
|
|
|
|
|
|
Form of a difference. This enumeration describes the kind of change in a policy component or rule from policy1 to policy2. Differences can be additions (item present only in policy2), removals (item present only in policy1) or a modification (item present in both policies with different semantic meaning). For rules there are two more options - added or removed due to a type being added or removed; these forms differentiate these cases from those of added/removed rules where the types exist in both policies.
Definition at line 57 of file poldiff.h. 00058 {
00059 /** only for error conditions */
00060 POLDIFF_FORM_NONE,
00061 /** item was added - only in policy 2 */
00062 POLDIFF_FORM_ADDED,
00063 /** item was removed - only in policy 1 */
00064 POLDIFF_FORM_REMOVED,
00065 /** item was modified - in both policies but with different meaning */
00066 POLDIFF_FORM_MODIFIED,
00067 /** item was added due to an added type - for rules only */
00068 POLDIFF_FORM_ADD_TYPE,
00069 /** item was removed due to a removed type - for rules only */
00070 POLDIFF_FORM_REMOVE_TYPE
00071 } poldiff_form_e;
|
|
||||||||||||||||||||
|
Allocate and initialize a new policy difference structure. This function takes ownership of the supplied policies and will handle their destruction upon poldiff_destroy(). The poldiff object will be responsible for rebuilding the policy (such as if neverallows are requested). It is still safe to access elements within the policies, but avoid making changes to the policy while the poldiff object still exists.
Definition at line 319 of file poldiff.c. References apol_policy_get_qpol(), apol_policy_t, poldiff::attrib_diffs, attrib_summary_create(), avrule_create(), poldiff::avrule_diffs, bool_create(), poldiff::bool_diffs, cat_create(), poldiff::cat_diffs, class_create(), poldiff::class_diffs, common_create(), poldiff::common_diffs, diff, ERR, poldiff::fn, poldiff::handle_arg, level_create(), poldiff::level_diffs, poldiff::mod_pol, poldiff::mod_qpol, poldiff::orig_pol, orig_policy, poldiff::orig_qpol, poldiff_destroy(), poldiff_t, poldiff::policy_opts, QPOL_POLICY_OPTION_NO_RULES, range_trans_create(), poldiff::range_trans_diffs, role_allow_create(), poldiff::role_allow_diffs, role_create(), poldiff::role_diffs, role_trans_create(), poldiff::role_trans_diffs, terule_create(), poldiff::terule_diffs, poldiff::type_diffs, poldiff::type_map, type_map_create(), type_map_infer(), type_summary_create(), user_create(), and poldiff::user_diffs. Referenced by init_poldiff(), main(), and sediffx_get_poldiff(). 00320 {
00321 poldiff_t *diff = NULL;
00322 int error;
00323
00324 if (!orig_policy || !mod_policy) {
00325 ERR(NULL, "%s", strerror(EINVAL));
00326 errno = EINVAL;
00327 return NULL;
00328 }
00329
00330 if (!(diff = calloc(1, sizeof(poldiff_t)))) {
00331 ERR(NULL, "%s", strerror(ENOMEM));
00332 errno = ENOMEM;
00333 return NULL;
00334 }
00335 diff->orig_pol = orig_policy;
00336 diff->mod_pol = mod_policy;
00337 diff->orig_qpol = apol_policy_get_qpol(diff->orig_pol);
00338 diff->mod_qpol = apol_policy_get_qpol(diff->mod_pol);
00339 diff->fn = fn;
00340 diff->handle_arg = callback_arg;
00341 if ((diff->type_map = type_map_create()) == NULL) {
00342 ERR(diff, "%s", strerror(ENOMEM));
00343 poldiff_destroy(&diff);
00344 errno = ENOMEM;
00345 return NULL;
00346 }
00347 if (type_map_infer(diff) < 0) {
00348 error = errno;
00349 poldiff_destroy(&diff);
00350 errno = error;
00351 return NULL;
00352 }
00353
00354 if ((diff->attrib_diffs = attrib_summary_create()) == NULL ||
00355 (diff->avrule_diffs[AVRULE_OFFSET_ALLOW] = avrule_create()) == NULL ||
00356 (diff->avrule_diffs[AVRULE_OFFSET_AUDITALLOW] = avrule_create()) == NULL ||
00357 (diff->avrule_diffs[AVRULE_OFFSET_DONTAUDIT] = avrule_create()) == NULL ||
00358 (diff->avrule_diffs[AVRULE_OFFSET_NEVERALLOW] = avrule_create()) == NULL ||
00359 (diff->bool_diffs = bool_create()) == NULL ||
00360 (diff->cat_diffs = cat_create()) == NULL ||
00361 (diff->class_diffs = class_create()) == NULL ||
00362 (diff->common_diffs = common_create()) == NULL ||
00363 (diff->level_diffs = level_create()) == NULL ||
00364 (diff->range_trans_diffs = range_trans_create()) == NULL ||
00365 (diff->role_diffs = role_create()) == NULL ||
00366 (diff->role_allow_diffs = role_allow_create()) == NULL ||
00367 (diff->role_trans_diffs = role_trans_create()) == NULL ||
00368 (diff->terule_diffs[TERULE_OFFSET_CHANGE] = terule_create()) == NULL ||
00369 (diff->terule_diffs[TERULE_OFFSET_MEMBER] = terule_create()) == NULL ||
00370 (diff->terule_diffs[TERULE_OFFSET_TRANS] = terule_create()) == NULL ||
00371 (diff->type_diffs = type_summary_create()) == NULL || (diff->user_diffs = user_create()) == NULL) {
00372 ERR(diff, "%s", strerror(ENOMEM));
00373 poldiff_destroy(&diff);
00374 errno = ENOMEM;
00375 return NULL;
00376 }
00377
00378 diff->policy_opts = QPOL_POLICY_OPTION_NO_RULES | QPOL_POLICY_OPTION_NO_NEVERALLOWS;
00379 return diff;
00380 }
|
|
|
Free all memory used by a policy difference structure and set it to NULL.
Definition at line 382 of file poldiff.c. References apol_bst_destroy(), apol_policy_destroy(), attrib_summary_destroy(), avrule_destroy(), AVRULE_OFFSET_ALLOW, AVRULE_OFFSET_AUDITALLOW, AVRULE_OFFSET_DONTAUDIT, AVRULE_OFFSET_NEVERALLOW, bool_destroy(), cat_destroy(), class_destroy(), common_destroy(), diff, level_destroy(), poldiff_t, range_trans_destroy(), role_allow_destroy(), role_destroy(), role_trans_destroy(), terule_destroy(), TERULE_OFFSET_CHANGE, TERULE_OFFSET_MEMBER, TERULE_OFFSET_TRANS, type_map_destroy(), type_summary_destroy(), and user_destroy(). Referenced by init_poldiff(), main(), poldiff_cleanup(), poldiff_create(), sediffx_destroy(), and sediffx_set_policy(). 00383 {
00384 if (!diff || !(*diff))
00385 return;
00386 apol_policy_destroy(&(*diff)->orig_pol);
00387 apol_policy_destroy(&(*diff)->mod_pol);
00388 apol_bst_destroy(&(*diff)->class_bst);
00389 apol_bst_destroy(&(*diff)->perm_bst);
00390 apol_bst_destroy(&(*diff)->bool_bst);
00391
00392 type_map_destroy(&(*diff)->type_map);
00393 attrib_summary_destroy(&(*diff)->attrib_diffs);
00394 avrule_destroy(&(*diff)->avrule_diffs[AVRULE_OFFSET_ALLOW]);
00395 avrule_destroy(&(*diff)->avrule_diffs[AVRULE_OFFSET_AUDITALLOW]);
00396 avrule_destroy(&(*diff)->avrule_diffs[AVRULE_OFFSET_DONTAUDIT]);
00397 avrule_destroy(&(*diff)->avrule_diffs[AVRULE_OFFSET_NEVERALLOW]);
00398 bool_destroy(&(*diff)->bool_diffs);
00399 cat_destroy(&(*diff)->cat_diffs);
00400 class_destroy(&(*diff)->class_diffs);
00401 common_destroy(&(*diff)->common_diffs);
00402 level_destroy(&(*diff)->level_diffs);
00403 range_trans_destroy(&(*diff)->range_trans_diffs);
00404 role_destroy(&(*diff)->role_diffs);
00405 role_allow_destroy(&(*diff)->role_allow_diffs);
00406 role_trans_destroy(&(*diff)->role_trans_diffs);
00407 user_destroy(&(*diff)->user_diffs);
00408 terule_destroy(&(*diff)->terule_diffs[TERULE_OFFSET_CHANGE]);
00409 terule_destroy(&(*diff)->terule_diffs[TERULE_OFFSET_MEMBER]);
00410 terule_destroy(&(*diff)->terule_diffs[TERULE_OFFSET_TRANS]);
00411 type_summary_destroy(&(*diff)->type_diffs);
00412 free(*diff);
00413 *diff = NULL;
00414 }
|
|
||||||||||||
|
Run the difference algorithm for the selected policy components/rules.
Definition at line 513 of file poldiff.c. References component_records, diff, poldiff::diff_status, ERR, poldiff_component_record::flag_bit, INFO, poldiff::line_numbers_enabled, poldiff::mod_qpol, poldiff::orig_qpol, poldiff_component_record_t, POLDIFF_DIFF_AVRULES, poldiff_do_item_diff(), poldiff_t, poldiff::policy_opts, qpol_policy_rebuild(), poldiff::remapped, poldiff_component_record::reset, and type_map_build(). Referenced by init_poldiff(), main(), and toplevel_run_diff_runner(). 00514 {
00515 size_t i, num_items;
00516
00517 if (!flags)
00518 return 0; /* nothing to do */
00519
00520 if (!diff) {
00521 ERR(diff, "%s", strerror(EINVAL));
00522 errno = EINVAL;
00523 return -1;
00524 }
00525
00526 int policy_opts = diff->policy_opts;
00527 if (flags & (POLDIFF_DIFF_AVRULES | POLDIFF_DIFF_TERULES)) {
00528 policy_opts &= ~(QPOL_POLICY_OPTION_NO_RULES);
00529 }
00530 if (flags & POLDIFF_DIFF_AVNEVERALLOW) {
00531 policy_opts &= ~(QPOL_POLICY_OPTION_NO_NEVERALLOWS);
00532 }
00533 if (policy_opts != diff->policy_opts) {
00534 INFO(diff, "%s", "Loading rules from original policy.");
00535 if (qpol_policy_rebuild(diff->orig_qpol, policy_opts)) {
00536 return -1;
00537 }
00538 INFO(diff, "%s", "Loading rules from modified policy.");
00539 if (qpol_policy_rebuild(diff->mod_qpol, policy_opts)) {
00540 return -1;
00541 }
00542 // force flushing of existing pointers into policies
00543 diff->remapped = 1;
00544 diff->policy_opts = policy_opts;
00545 }
00546
00547 num_items = sizeof(component_records) / sizeof(poldiff_component_record_t);
00548 if (diff->remapped) {
00549 for (i = 0; i < num_items; i++) {
00550 if (component_records[i].flag_bit & POLDIFF_DIFF_REMAPPED) {
00551 INFO(diff, "Resetting %s diff.", component_records[i].item_name);
00552 if (component_records[i].reset(diff))
00553 return -1;
00554 }
00555 }
00556 diff->diff_status &= ~(POLDIFF_DIFF_REMAPPED);
00557 diff->remapped = 0;
00558 }
00559
00560 INFO(diff, "%s", "Building type map.");
00561 if (type_map_build(diff)) {
00562 return -1;
00563 }
00564
00565 diff->line_numbers_enabled = 0;
00566 for (i = 0; i < num_items; i++) {
00567 /* item requested but not yet run */
00568 if ((flags & component_records[i].flag_bit) && !(component_records[i].flag_bit & diff->diff_status)) {
00569 INFO(diff, "Running %s diff.", component_records[i].item_name);
00570 if (poldiff_do_item_diff(diff, &(component_records[i]))) {
00571 return -1;
00572 }
00573 }
00574 }
00575
00576 return 0;
00577 }
|
|
||||||||||||
|
Determine if a particular policy component/rule diff was actually run yet or not.
Definition at line 579 of file poldiff.c. References diff, poldiff::diff_status, ERR, and poldiff_t. Referenced by result_item_role_trans_get_forms(), and result_item_single_get_forms(). 00580 {
00581 if (!flags)
00582 return 1; /* nothing to do */
00583
00584 if (!diff) {
00585 ERR(diff, "%s", strerror(EINVAL));
00586 errno = EINVAL;
00587 return -1;
00588 }
00589 if ((diff->diff_status & flags) == flags) {
00590 return 1;
00591 }
00592 return 0;
00593 }
|
|
||||||||||||||||
|
Get a total of the differences of each form for a given item (or set of items).
Definition at line 595 of file poldiff.c. References component_records, diff, ERR, poldiff_component_record::flag_bit, poldiff_component_record::get_stats, poldiff_component_record_t, and poldiff_t. Referenced by get_diff_total(), result_item_role_trans_get_forms(), and result_item_single_get_forms(). 00596 {
00597 size_t i, j, num_items, tmp_stats[5] = { 0, 0, 0, 0, 0 };
00598
00599 if (!diff || !flags) {
00600 ERR(diff, "%s", strerror(EINVAL));
00601 errno = EINVAL;
00602 return -1;
00603 }
00604
00605 stats[0] = stats[1] = stats[2] = stats[3] = stats[4] = 0;
00606
00607 num_items = sizeof(component_records) / sizeof(poldiff_component_record_t);
00608 for (i = 0; i < num_items; i++) {
00609 if (flags & component_records[i].flag_bit) {
00610 component_records[i].get_stats(diff, tmp_stats);
00611 for (j = 0; j < 5; j++)
00612 stats[j] += tmp_stats[j];
00613 }
00614 }
00615
00616 return 0;
00617 }
|
|
|
Enable line numbers for all rule differences. If not called, line numbers will not be available when displaying differences. This function is safe to call multiple times and will have no effect after the first time. It also has no effect if one policy (or both of them) does not support line numbers. Be aware that line numbers will need to be re-enabled each time poldiff_run() is called.
Definition at line 619 of file poldiff.c. References avrule_enable_line_numbers(), AVRULE_OFFSET_ALLOW, AVRULE_OFFSET_AUDITALLOW, AVRULE_OFFSET_DONTAUDIT, AVRULE_OFFSET_NEVERALLOW, diff, poldiff::line_numbers_enabled, poldiff::mod_qpol, poldiff::orig_qpol, poldiff_t, qpol_policy_build_syn_rule_table(), terule_enable_line_numbers(), TERULE_OFFSET_CHANGE, TERULE_OFFSET_MEMBER, and TERULE_OFFSET_TRANS. Referenced by toplevel_run_diff_runner(). 00620 {
00621 int retval;
00622 if (diff == NULL) {
00623 errno = EINVAL;
00624 return -1;
00625 }
00626 if (!diff->line_numbers_enabled) {
00627 if (qpol_policy_build_syn_rule_table(diff->orig_qpol))
00628 return -1;
00629 if (qpol_policy_build_syn_rule_table(diff->mod_qpol))
00630 return -1;
00631 if ((retval = avrule_enable_line_numbers(diff, AVRULE_OFFSET_ALLOW)) < 0) {
00632 return retval;
00633 }
00634 if ((retval = avrule_enable_line_numbers(diff, AVRULE_OFFSET_AUDITALLOW)) < 0) {
00635 return retval;
00636 }
00637 if ((retval = avrule_enable_line_numbers(diff, AVRULE_OFFSET_DONTAUDIT)) < 0) {
00638 return retval;
00639 }
00640 if ((retval = avrule_enable_line_numbers(diff, AVRULE_OFFSET_NEVERALLOW)) < 0) {
00641 return retval;
00642 }
00643 if ((retval = terule_enable_line_numbers(diff, TERULE_OFFSET_CHANGE)) < 0) {
00644 return retval;
00645 }
00646 if ((retval = terule_enable_line_numbers(diff, TERULE_OFFSET_MEMBER)) < 0) {
00647 return retval;
00648 }
00649 if ((retval = terule_enable_line_numbers(diff, TERULE_OFFSET_TRANS)) < 0) {
00650 return retval;
00651 }
00652 diff->line_numbers_enabled = 1;
00653 }
00654 return 0;
00655 }
|
