5 |
* |
* |
6 |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
7 |
* |
* |
8 |
* Version: 1.6.5-pre 2008/09/09 |
* Version: 1.6.5-pre 2008/10/01 |
9 |
* |
* |
10 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
11 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
1001 |
* This function assumes that the size of buffer returned by |
* This function assumes that the size of buffer returned by |
1002 |
* ccs_realpath() = CCS_MAX_PATHNAME_LEN. |
* ccs_realpath() = CCS_MAX_PATHNAME_LEN. |
1003 |
*/ |
*/ |
1004 |
|
unsigned short int retries = 0; |
1005 |
struct domain_info *old_domain = current->domain_info; |
struct domain_info *old_domain = current->domain_info; |
1006 |
struct domain_info *domain = NULL; |
struct domain_info *domain = NULL; |
1007 |
const char *old_domain_name = old_domain->domainname->name; |
const char *old_domain_name = old_domain->domainname->name; |
1097 |
else |
else |
1098 |
base_filename++; |
base_filename++; |
1099 |
if (strcmp(base_argv0, base_filename)) { |
if (strcmp(base_argv0, base_filename)) { |
1100 |
retval = ccs_check_argv0_perm(&r, base_argv0); |
retval = ccs_check_argv0_perm(&r, base_argv0, retries); |
1101 |
if (retval == 1) |
if (retval == 1) { |
1102 |
|
retries++; |
1103 |
goto retry; |
goto retry; |
1104 |
|
} |
1105 |
|
retries = 0; |
1106 |
if (retval < 0) |
if (retval < 0) |
1107 |
goto out; |
goto out; |
1108 |
} |
} |
1125 |
} |
} |
1126 |
|
|
1127 |
/* Check execute permission. */ |
/* Check execute permission. */ |
1128 |
retval = ccs_check_exec_perm(&r, bprm, tmp); |
retval = ccs_check_exec_perm(&r, bprm, tmp, retries); |
1129 |
if (retval == 1) |
if (retval == 1) { |
1130 |
|
retries++; |
1131 |
goto retry; |
goto retry; |
1132 |
|
} |
1133 |
|
retries = 0; |
1134 |
if (retval < 0) |
if (retval < 0) |
1135 |
goto out; |
goto out; |
1136 |
|
|
1161 |
if (domain) |
if (domain) |
1162 |
goto done; |
goto done; |
1163 |
if (is_enforce) { |
if (is_enforce) { |
1164 |
int error = ccs_check_supervisor(NULL, |
int error = ccs_check_supervisor(retries, NULL, |
1165 |
"# wants to create domain\n" |
"# wants to create domain\n" |
1166 |
"%s\n", new_domain_name); |
"%s\n", new_domain_name); |
1167 |
if (error == 1) |
if (error == 1) { |
1168 |
|
retries++; |
1169 |
goto retry; |
goto retry; |
1170 |
|
} |
1171 |
|
retries = 0; |
1172 |
if (error < 0) |
if (error < 0) |
1173 |
goto done; |
goto done; |
1174 |
} |
} |