rpms/authselect
6
0
Fork 0
Code Issues Pull Requests Releases Activity
d614caeca1
authselect/0002-lib-drop-strict-change-detection.patch
Pavel Březina d614caeca1 authselect-1.3.0-9: fix authselect on ostree 
Resolves: rhbz#2051545, rhbz#2034360
2022-02-07 14:42:35 +01:00

377 lines
17 KiB
Diff
Raw Blame History

From 4c4730ea760ddfed94de55769682356c7f95fd21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Mon, 31 Jan 2022 11:30:23 +0100
Subject: [PATCH 02/11] lib: drop strict change detection
One of the main authselect features is to refuse to overwrite user
changes to the configuration. To do so, it used to validate files and
directory structure and also files contents.
This however allowed to have a mixed configuration on the system, that
was created by authselect but then modified by user. This is no longer
possible and the behavior has changed in a way that any user changes
made to configuration created by authselect are overwritten without
requiring the *--force* parameter (files contents are no longer
validated).
This will make the configuration consistent - users either use
authselect or not, nothing in between. It also makes authselect work
on ostree server side, where it is not possible to write to /var.
---
Makefile.am | 2 --
rpm/authselect.spec.in | 8 -----
src/conf_macros.m4 | 4 ---
src/lib/Makefile.am | 2 --
src/lib/authselect.c | 27 ++++-----------
src/lib/files/config.c | 1 -
src/lib/files/system.c | 62 ++-------------------------------
src/lib/paths.h | 78 ++++++++++++++++++------------------------
8 files changed, 41 insertions(+), 143 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 0277c6ef6d43e60ea330c465535a88ae405c8630..1c9b88d47f809cb218d19887734769f12b944bb4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -35,7 +35,6 @@ authselect_custom_dir=@AUTHSELECT_CUSTOM_DIR@
authselect_dconf_dir=@AUTHSELECT_DCONF_DIR@
authselect_pam_dir=@AUTHSELECT_PAM_DIR@
authselect_backup_dir=@AUTHSELECT_BACKUP_DIR@
-authselect_state_dir=@AUTHSELECT_STATE_DIR@
install-exec-hook:
$(MKDIR_P) $(DESTDIR)$/$(authselect_config_dir)
@@ -45,7 +44,6 @@ install-exec-hook:
$(MKDIR_P) $(DESTDIR)$/$(authselect_dconf_dir)/locks
$(MKDIR_P) $(DESTDIR)$/$(authselect_pam_dir)
$(MKDIR_P) $(DESTDIR)$/$(authselect_backup_dir)
- $(MKDIR_P) $(DESTDIR)$/$(authselect_state_dir)
# Build RPMs
RPMBUILD ?= $(PWD)/rpmbuild
diff --git a/rpm/authselect.spec.in b/rpm/authselect.spec.in
index c05c010c916ac095ba021adf87dd6b985c9661a6..9f36d0dcf001f953b8384d54f60af25d71ef0321 100644
--- a/rpm/authselect.spec.in
+++ b/rpm/authselect.spec.in
@@ -184,14 +184,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
%endif
%dir %{_localstatedir}/lib/authselect
%ghost %attr(0755,root,root) %{_localstatedir}/lib/authselect/backups/
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/dconf-db
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/dconf-locks
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/fingerprint-auth
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/nsswitch.conf
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/password-auth
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/postlogin
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/smartcard-auth
-%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/system-auth
%ghost %attr(0644,root,root) %{_localstatedir}/lib/authselect/user-nsswitch-created
%dir %{_datadir}/authselect
%dir %{_datadir}/authselect/vendor
diff --git a/src/conf_macros.m4 b/src/conf_macros.m4
index 68d8885c0c2d637ae8aaa02e4bd15fab70af5841..17c1629723066b0c4e354051366ce209428af6c1 100644
--- a/src/conf_macros.m4
+++ b/src/conf_macros.m4
@@ -58,10 +58,6 @@ CONFIGURABLE_VALUE(backup-dir, backup_dir, AUTHSELECT_BACKUP_DIR, DIR,
[Directory where configuration backups should be stored],
$localstatedir/lib/authselect/backups)
-CONFIGURABLE_VALUE(state-dir, state_dir, AUTHSELECT_STATE_DIR, DIR,
- [Directory where authselect state should be stored],
- $localstatedir/lib/authselect)
-
CONFIGURABLE_VALUE(pythonbin, pythonbin, PYTHON_BIN, PATH,
[Path to the python interpreter],
$bindir/python3)
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index c0bc1cc1439c64c2e096e03020f4464496992878..88411ac51bd8d7c219c3097542e16fa99e0a38a2 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -43,7 +43,6 @@ authselect_dconf_dir=@AUTHSELECT_DCONF_DIR@
authselect_dconf_file=@AUTHSELECT_DCONF_FILE@
authselect_dconf_bin=@AUTHSELECT_DCONF_BIN@
authselect_backup_dir=@AUTHSELECT_BACKUP_DIR@
-authselect_state_dir=@AUTHSELECT_STATE_DIR@
libauthselect_la_SOURCES = \
authselect.c \
@@ -84,7 +83,6 @@ libauthselect_la_CFLAGS = \
-DAUTHSELECT_DCONF_FILE=\"$(authselect_dconf_file)\" \
-DAUTHSELECT_DCONF_BIN=\"$(authselect_dconf_bin)\" \
-DAUTHSELECT_BACKUP_DIR=\"$(authselect_backup_dir)\" \
- -DAUTHSELECT_STATE_DIR=\"$(authselect_state_dir)\" \
$(NULL)
libauthselect_la_LDFLAGS = \
-Wl,--version-script=$(srcdir)/authselect.exports \
diff --git a/src/lib/authselect.c b/src/lib/authselect.c
index a901e02719713bd13d5a4fab606ee713b3d6ddca..b84aa73351448dc5caf802ae7282ebd9aa1c27d7 100644
--- a/src/lib/authselect.c
+++ b/src/lib/authselect.c
@@ -103,32 +103,17 @@ authselect_activate(const char *profile_id,
goto done;
}
- /* First, check that current configuration is valid. */
+ /* Require force if authselect.conf is missing or invalid but otherwise
+ * ignore user changes. */
ret = authselect_validate_configuration(&is_valid);
- if (ret != EOK && ret != ENOENT) {
- ERROR("Unable to check configuration [%d]: %s", ret, strerror(ret));
- goto done;
- }
-
- if (!is_valid) {
- ERROR("Unexpected changes to the configuration were detected.");
- ERROR("Refusing to activate profile unless those changes are removed "
- "or overwrite is requested.");
+ if (ret != EOK) {
+ ERROR("%s is missing or unreadable, system was not properly configured "
+ "by authselect.", PATH_CONFIG_FILE);
+ ERROR("Refusing to activate profile unless overwrite is requested.");
ret = EEXIST;
goto done;
}
- /* If no configuration is present, check for existing files. */
- if (ret == ENOENT) {
- if (!authselect_symlinks_location_available()) {
- ERROR("File that needs to be overwritten was found");
- ERROR("Refusing to activate profile unless this file is removed "
- "or overwrite is requested.");
- ret = EEXIST;
- goto done;
- }
- }
-
ret = authselect_profile_activate(profile, features);
done:
diff --git a/src/lib/files/config.c b/src/lib/files/config.c
index 2d95a1223220888a71e103fa0face84fd1c89dbb..8a10ef8c4c4ccd1a047b39b3ff6399fe31d17c73 100644
--- a/src/lib/files/config.c
+++ b/src/lib/files/config.c
@@ -142,7 +142,6 @@ authselect_config_locations_writable()
{
struct authselect_symlink files[] = {
{PATH_CONFIG_FILE, NULL, false},
- {PATH_COPY_SYSTEM, NULL, false},
SYMLINK_FILES
};
bool result = true;
diff --git a/src/lib/files/system.c b/src/lib/files/system.c
index b121fc4aa5f0e1482bbbb46055274298c0d6447e..e830942c629f462b3b187a7591a1b9b2c248d9da 100644
--- a/src/lib/files/system.c
+++ b/src/lib/files/system.c
@@ -213,19 +213,11 @@ authselect_system_write(const char **features,
struct authselect_generated generated[] = GENERATED_FILES(files);
char *tmp_files[sizeof(generated)/sizeof(struct authselect_generated)] = {NULL};
- char *tmp_copies[sizeof(generated)/sizeof(struct authselect_generated)] = {NULL};
/* First, write content into temporary files, so we can safely fail
* on error. */
now = time(NULL);
for (i = 0; generated[i].path != NULL; i++) {
- ret = authselect_system_write_temp(generated[i].copy_path,
- generated[i].content,
- now, &tmp_copies[i]);
- if (ret != EOK) {
- goto done;
- }
-
ret = authselect_system_write_temp(generated[i].path,
generated[i].content,
now, &tmp_files[i]);
@@ -241,14 +233,6 @@ authselect_system_write(const char **features,
* can fail is EIO which we can not do anything about and we can not
* even recover from it.
*/
- for (i = 0; generated[i].copy_path != NULL; i++) {
- ret = authselect_system_rename_temp(&tmp_copies[i],
- generated[i].copy_path);
- if (ret != EOK) {
- goto done;
- }
- }
-
for (i = 0; generated[i].path != NULL; i++) {
ret = authselect_system_rename_temp(&tmp_files[i], generated[i].path);
if (ret != EOK) {
@@ -261,12 +245,6 @@ authselect_system_write(const char **features,
done:
if (ret != EOK) {
for (i = 0; generated[i].path != NULL; i++) {
- if (tmp_copies[i] != NULL) {
- unlink(tmp_copies[i]);
- free(tmp_copies[i]);
- tmp_copies[i] = NULL;
- }
-
if (tmp_files[i] != NULL) {
unlink(tmp_files[i]);
free(tmp_files[i]);
@@ -280,46 +258,12 @@ done:
}
static bool
-authselect_system_validate_file(const char *path,
- const char *copy_path,
- const char *expected)
+authselect_system_validate_file(const char *path)
{
- char *content;
- char *copy_content;
errno_t ret;
bool bret;
INFO("Validating file [%s]", path);
- expected = expected == NULL ? "" : expected;
-
- ret = textfile_read(path, AUTHSELECT_FILE_SIZE_LIMIT, &content);
- if (ret == ENOENT) {
- ERROR("[%s] does not exist!", path);
- return false;
- } else if (ret == EACCES) {
- ERROR("Unable to read [%s] [%d]: %s", path, ret, strerror(ret));
- return false;
- } else if (ret != EOK) {
- ERROR("Unable to validate file [%s] [%d]: %s", path, ret, strerror(ret));
- return false;
- }
-
- ret = textfile_read(copy_path, AUTHSELECT_FILE_SIZE_LIMIT, &copy_content);
- if (ret == EOK) {
- /* Compare against copy of the originally generated files. */
- INFO("Comparing content against [%s]", copy_path);
- bret = strcmp(content, copy_content) == 0;
- free(copy_content);
- } else {
- INFO("Comparing content against current profile");
- bret = template_validate_written_content(content, expected);
- }
-
- free(content);
- if (!bret) {
- ERROR("[%s] has unexpected content!", path);
- return false;
- }
ret = file_is_regular(path, AUTHSELECT_UID, AUTHSELECT_GID,
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH, &bret);
@@ -341,9 +285,7 @@ authselect_system_validate(struct authselect_files *files)
int i;
for (i = 0; generated[i].path != NULL; i++) {
- bret = authselect_system_validate_file(generated[i].path,
- generated[i].copy_path,
- generated[i].content);
+ bret = authselect_system_validate_file(generated[i].path);
result &= bret;
if (!bret) {
WARN("File [%s] was modified outside authselect!",
diff --git a/src/lib/paths.h b/src/lib/paths.h
index e6f7b32013a901d35d9d385a3a50dc4868b80d70..ca30b784f8bc63150f46ef08a26ec2bc5bcb3d67 100644
--- a/src/lib/paths.h
+++ b/src/lib/paths.h
@@ -56,17 +56,6 @@
/* Path to files that can be modified by user. */
#define PATH_USER_NSSWITCH AUTHSELECT_CONFIG_DIR "/user-nsswitch.conf"
-/* Paths to copy generated system files. Used to check changes
- * in configuration. */
-#define PATH_COPY_SYSTEM AUTHSELECT_STATE_DIR "/" FILE_SYSTEM
-#define PATH_COPY_PASSWORD AUTHSELECT_STATE_DIR "/" FILE_PASSWORD
-#define PATH_COPY_FINGERPRINT AUTHSELECT_STATE_DIR "/" FILE_FINGERPRINT
-#define PATH_COPY_SMARTCARD AUTHSELECT_STATE_DIR "/" FILE_SMARTCARD
-#define PATH_COPY_POSTLOGIN AUTHSELECT_STATE_DIR "/" FILE_POSTLOGIN
-#define PATH_COPY_NSSWITCH AUTHSELECT_STATE_DIR "/" FILE_NSSWITCH
-#define PATH_COPY_DCONF_DB AUTHSELECT_STATE_DIR "/" FILE_DCONF_DB
-#define PATH_COPY_DCONF_LOCK AUTHSELECT_STATE_DIR "/" FILE_DCONF_LOCK
-
/* Names of symbolic links that points to generated files. */
#define PATH_SYMLINK_SYSTEM AUTHSELECT_PAM_DIR "/" FILE_SYSTEM
#define PATH_SYMLINK_PASSWORD AUTHSELECT_PAM_DIR "/" FILE_PASSWORD
@@ -86,47 +75,46 @@
* @see GENERATED_FILES, GENERATED_FILES_PATHS */
struct authselect_generated {
const char *path;
- const char *copy_path;
const char *content;
};
-#define GENERATED_FILES(files) \
-{ \
- {PATH_SYSTEM, PATH_COPY_SYSTEM, (files)->systemauth}, \
- {PATH_PASSWORD, PATH_COPY_PASSWORD, (files)->passwordauth}, \
- {PATH_FINGERPRINT, PATH_COPY_FINGERPRINT, (files)->fingerprintauth}, \
- {PATH_SMARTCARD, PATH_COPY_SMARTCARD, (files)->smartcardauth}, \
- {PATH_POSTLOGIN, PATH_COPY_POSTLOGIN, (files)->postlogin}, \
- {PATH_NSSWITCH, PATH_COPY_NSSWITCH, (files)->nsswitch}, \
- {PATH_DCONF_DB, PATH_COPY_DCONF_DB, (files)->dconfdb}, \
- {PATH_DCONF_LOCK, PATH_COPY_DCONF_LOCK, (files)->dconflock}, \
- {NULL, NULL, NULL} \
+#define GENERATED_FILES(files) \
+{ \
+ {PATH_SYSTEM, (files)->systemauth}, \
+ {PATH_PASSWORD, (files)->passwordauth}, \
+ {PATH_FINGERPRINT, (files)->fingerprintauth}, \
+ {PATH_SMARTCARD, (files)->smartcardauth}, \
+ {PATH_POSTLOGIN, (files)->postlogin}, \
+ {PATH_NSSWITCH, (files)->nsswitch}, \
+ {PATH_DCONF_DB, (files)->dconfdb}, \
+ {PATH_DCONF_LOCK, (files)->dconflock}, \
+ {NULL, NULL} \
}
-#define GENERATED_FILES_PATHS \
-{ \
- {PATH_SYSTEM, NULL, NULL}, \
- {PATH_PASSWORD, NULL, NULL}, \
- {PATH_FINGERPRINT, NULL, NULL}, \
- {PATH_SMARTCARD, NULL, NULL}, \
- {PATH_POSTLOGIN, NULL, NULL}, \
- {PATH_NSSWITCH, NULL, NULL}, \
- {PATH_DCONF_DB, NULL, NULL}, \
- {PATH_DCONF_LOCK, NULL, NULL}, \
- {NULL, NULL, NULL} \
+#define GENERATED_FILES_PATHS \
+{ \
+ {PATH_SYSTEM, NULL}, \
+ {PATH_PASSWORD, NULL}, \
+ {PATH_FINGERPRINT, NULL}, \
+ {PATH_SMARTCARD, NULL}, \
+ {PATH_POSTLOGIN, NULL}, \
+ {PATH_NSSWITCH, NULL}, \
+ {PATH_DCONF_DB, NULL}, \
+ {PATH_DCONF_LOCK, NULL}, \
+ {NULL, NULL} \
}
-#define PROFILE_FILES(files) \
-{ \
- {FILE_SYSTEM, NULL, (files)->systemauth}, \
- {FILE_PASSWORD, NULL, (files)->passwordauth}, \
- {FILE_FINGERPRINT, NULL, (files)->fingerprintauth}, \
- {FILE_SMARTCARD, NULL, (files)->smartcardauth}, \
- {FILE_POSTLOGIN, NULL, (files)->postlogin}, \
- {FILE_NSSWITCH, NULL, (files)->nsswitch}, \
- {FILE_DCONF_DB, NULL, (files)->dconfdb}, \
- {FILE_DCONF_LOCK, NULL, (files)->dconflock}, \
- {NULL, NULL, NULL} \
+#define PROFILE_FILES(files) \
+{ \
+ {FILE_SYSTEM, (files)->systemauth}, \
+ {FILE_PASSWORD, (files)->passwordauth}, \
+ {FILE_FINGERPRINT, (files)->fingerprintauth}, \
+ {FILE_SMARTCARD, (files)->smartcardauth}, \
+ {FILE_POSTLOGIN, (files)->postlogin}, \
+ {FILE_NSSWITCH, (files)->nsswitch}, \
+ {FILE_DCONF_DB, (files)->dconfdb}, \
+ {FILE_DCONF_LOCK, (files)->dconflock}, \
+ {NULL, NULL} \
}
/* Structure to hold information about symbolic link names and destinations.
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink