--- embedaddon/sudo/src/selinux.c 2013/10/14 07:56:35 1.1.1.4 +++ embedaddon/sudo/src/selinux.c 2014/06/15 16:12:55 1.1.1.5 @@ -74,7 +74,7 @@ audit_role_change(const security_context_t old_context /* Kernel may not have audit support. */ if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT ) - fatal(_("unable to open audit system")); + fatal(U_("unable to open audit system")); } else { /* audit role change using the same format as newrole(1) */ easprintf(&message, "newrole: old-context=%s new-context=%s", @@ -82,7 +82,7 @@ audit_role_change(const security_context_t old_context rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE, message, NULL, NULL, ttyn, 1); if (rc <= 0) - warning(_("unable to send audit message")); + warning(U_("unable to send audit message")); efree(message); close(au_fd); } @@ -110,17 +110,17 @@ selinux_restore_tty(void) /* Verify that the tty still has the context set by sudo. */ if ((retval = fgetfilecon(se_state.ttyfd, &chk_tty_context)) < 0) { - warning(_("unable to fgetfilecon %s"), se_state.ttyn); + warning(U_("unable to fgetfilecon %s"), se_state.ttyn); goto skip_relabel; } if ((retval = strcmp(chk_tty_context, se_state.new_tty_context))) { - warningx(_("%s changed labels"), se_state.ttyn); + warningx(U_("%s changed labels"), se_state.ttyn); goto skip_relabel; } if ((retval = fsetfilecon(se_state.ttyfd, se_state.tty_context)) < 0) - warning(_("unable to restore context for %s"), se_state.ttyn); + warning(U_("unable to restore context for %s"), se_state.ttyn); skip_relabel: if (se_state.ttyfd != -1) { @@ -160,7 +160,7 @@ relabel_tty(const char *ttyn, int ptyfd) if (ptyfd == -1) { se_state.ttyfd = open(ttyn, O_RDWR|O_NONBLOCK); if (se_state.ttyfd == -1) { - warning(_("unable to open %s, not relabeling tty"), ttyn); + warning(U_("unable to open %s, not relabeling tty"), ttyn); if (se_state.enforcing) goto bad; } @@ -169,21 +169,21 @@ relabel_tty(const char *ttyn, int ptyfd) } if (fgetfilecon(se_state.ttyfd, &tty_con) < 0) { - warning(_("unable to get current tty context, not relabeling tty")); + warning(U_("unable to get current tty context, not relabeling tty")); if (se_state.enforcing) goto bad; } if (tty_con && (security_compute_relabel(se_state.new_context, tty_con, SECCLASS_CHR_FILE, &new_tty_con) < 0)) { - warning(_("unable to get new tty context, not relabeling tty")); + warning(U_("unable to get new tty context, not relabeling tty")); if (se_state.enforcing) goto bad; } if (new_tty_con != NULL) { if (fsetfilecon(se_state.ttyfd, new_tty_con) < 0) { - warning(_("unable to set new tty context")); + warning(U_("unable to set new tty context")); if (se_state.enforcing) goto bad; } @@ -193,7 +193,7 @@ relabel_tty(const char *ttyn, int ptyfd) /* Reopen pty that was relabeled, std{in,out,err} are reset later. */ se_state.ttyfd = open(ttyn, O_RDWR|O_NOCTTY, 0); if (se_state.ttyfd == -1) { - warning(_("unable to open %s"), ttyn); + warning(U_("unable to open %s"), ttyn); if (se_state.enforcing) goto bad; } @@ -206,7 +206,7 @@ relabel_tty(const char *ttyn, int ptyfd) close(se_state.ttyfd); se_state.ttyfd = open(ttyn, O_RDWR|O_NONBLOCK); if (se_state.ttyfd == -1) { - warning(_("unable to open %s"), ttyn); + warning(U_("unable to open %s"), ttyn); goto bad; } (void)fcntl(se_state.ttyfd, F_SETFL, @@ -249,13 +249,13 @@ get_exec_context(security_context_t old_context, const /* We must have a role, the type is optional (we can use the default). */ if (!role) { - warningx(_("you must specify a role for type %s"), type); + warningx(U_("you must specify a role for type %s"), type); errno = EINVAL; goto bad; } if (!type) { if (get_default_type(role, &typebuf)) { - warningx(_("unable to get default type for role %s"), role); + warningx(U_("unable to get default type for role %s"), role); errno = EINVAL; goto bad; } @@ -273,11 +273,11 @@ get_exec_context(security_context_t old_context, const * type we will be running the command as. */ if (context_role_set(context, role)) { - warning(_("failed to set new role %s"), role); + warning(U_("failed to set new role %s"), role); goto bad; } if (context_type_set(context, type)) { - warning(_("failed to set new type %s"), type); + warning(U_("failed to set new type %s"), type); goto bad; } @@ -286,7 +286,7 @@ get_exec_context(security_context_t old_context, const */ new_context = estrdup(context_str(context)); if (security_check_context(new_context) < 0) { - warningx(_("%s is not a valid context"), new_context); + warningx(U_("%s is not a valid context"), new_context); errno = EINVAL; goto bad; } @@ -321,13 +321,13 @@ selinux_setup(const char *role, const char *type, cons /* Store the caller's SID in old_context. */ if (getprevcon(&se_state.old_context)) { - warning(_("failed to get old_context")); + warning(U_("failed to get old_context")); goto done; } se_state.enforcing = security_getenforce(); if (se_state.enforcing < 0) { - warning(_("unable to determine enforcing mode.")); + warning(U_("unable to determine enforcing mode.")); goto done; } @@ -339,7 +339,7 @@ selinux_setup(const char *role, const char *type, cons goto done; if (relabel_tty(ttyn, ptyfd) < 0) { - warning(_("unable to set tty context to %s"), se_state.new_context); + warning(U_("unable to set tty context to %s"), se_state.new_context); goto done; } @@ -378,14 +378,14 @@ selinux_execve(const char *path, char *const argv[], c } if (setexeccon(se_state.new_context)) { - warning(_("unable to set exec context to %s"), se_state.new_context); + warning(U_("unable to set exec context to %s"), se_state.new_context); if (se_state.enforcing) debug_return; } #ifdef HAVE_SETKEYCREATECON if (setkeycreatecon(se_state.new_context)) { - warning(_("unable to set key creation context to %s"), se_state.new_context); + warning(U_("unable to set key creation context to %s"), se_state.new_context); if (se_state.enforcing) debug_return; } @@ -407,7 +407,7 @@ selinux_execve(const char *path, char *const argv[], c memcpy(&nargv[2], &argv[1], argc * sizeof(char *)); /* copies NULL */ /* sesh will handle noexec for us. */ - sudo_execve(sesh, nargv, envp, 0); + sudo_execve(sesh, nargv, envp, false); serrno = errno; free(nargv); errno = serrno;