From 74a30a5851087f40ff53f2716374c8870cd4a48a Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Fri, 17 Sep 2004 00:04:18 +0000 Subject: Update. 2004-09-16 Ulrich Drepper * configure.in: Add test for required SELinux features. * config.make.in: Add have-selinux entry. * config.h.in: Add HAVE_SELINUX entry. * nscd/Makefile (nscd-modules): Add selinux. (CFLAGS-selinux.c): Add -fpie. Define selinux-LIBS and use in link line. * nscd/connections.c (handle_request): Check access SELinux permissions before processing request. * nscd/nscd.c (main): Initialize selinux_enabled and stop avc thread. * nscd/nscd_stat.c: Transmit and print AVC statistics. * nscd/selinux.c: New file. * nscd/selinux.h: New file. 2004-09-16 Jakub Jelinek * nscd/nscd_helper.c (__nscd_unmap, get_mapping): Use __munmap instead of munmap. * nscd/Makefile (CFLAGS-aicache.c): Set to -fpie. 2004-09-16 Thorsten Kukuk * sysdeps/posix/getaddrinfo.c (gaih_inet): Check __nss_not_use_nscd_hosts variable if nscd should be used or not. 2004-09-16 Ulrich Drepper * nscd/nscd_proto.h: Define NSS_NSCD_RETRY. Add __nscd_getai prototype. * nss/getXXbyYY_r.c: Remode definition of NSS_NSCD_RETRY. * nscd/nscd-client.h: Remove __nscd_getai prototype. * nscd/nscd_getai.c: Include nscd_proto.h. * elf/ldd.bash.in: Add support for SELinux environments. Patch by Stephen Smalley . --- nscd/nscd_stat.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'nscd/nscd_stat.c') diff --git a/nscd/nscd_stat.c b/nscd/nscd_stat.c index ebdfeac..3e3be5b 100644 --- a/nscd/nscd_stat.c +++ b/nscd/nscd_stat.c @@ -29,6 +29,12 @@ #include "nscd.h" #include "dbg_log.h" +#include "selinux.h" +#ifdef HAVE_SELINUX +# include +# include +#endif /* HAVE_SELINUX */ + /* We use this to make sure the receiver is the same. */ static const char compilation[21] = __DATE__ " " __TIME__; @@ -71,6 +77,9 @@ struct statdata unsigned long int client_queued; int ndbs; struct dbstat dbs[lastdb]; +#ifdef HAVE_SELINUX + struct avc_cache_stats cstats; +#endif /* HAVE_SELINUX */ }; @@ -113,6 +122,9 @@ send_stats (int fd, struct database_dyn dbs[lastdb]) } } + if (selinux_enabled) + nscd_avc_cache_stats (&data.cstats); + if (TEMP_FAILURE_RETRY (write (fd, &data, sizeof (data))) != sizeof (data)) { char buf[256]; @@ -276,6 +288,9 @@ receive_print_stats (void) data.dbs[i].addfailed, check_file, dbnames[i]); } + if (selinux_enabled) + nscd_avc_print_stats (&data.cstats); + close (fd); exit (0); -- cgit v1.1