Compare commits
No commits in common. "c8" and "imports/c8s/libselinux-2.9-3.el8" have entirely different histories.
c8
...
imports/c8
@ -1,354 +0,0 @@
|
|||||||
From bfee1a3131580a7b9d8a7366764b8e78d99a9f1b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Petr Lautrbach <plautrba@redhat.com>
|
|
||||||
Date: Mon, 17 Feb 2020 21:47:35 +0100
|
|
||||||
Subject: [PATCH] libselinux: Eliminate use of security_compute_user()
|
|
||||||
|
|
||||||
get_ordered_context_list() code used to ask the kernel to compute the complete
|
|
||||||
set of reachable contexts using /sys/fs/selinux/user aka
|
|
||||||
security_compute_user(). This set can be so huge so that it doesn't fit into a
|
|
||||||
kernel page and security_compute_user() fails. Even if it doesn't fail,
|
|
||||||
get_ordered_context_list() throws away the vast majority of the returned
|
|
||||||
contexts because they don't match anything in
|
|
||||||
/etc/selinux/targeted/contexts/default_contexts or
|
|
||||||
/etc/selinux/targeted/contexts/users/
|
|
||||||
|
|
||||||
get_ordered_context_list() is rewritten to compute set of contexts based on
|
|
||||||
/etc/selinux/targeted/contexts/users/ and
|
|
||||||
/etc/selinux/targeted/contexts/default_contexts files and to return only valid
|
|
||||||
contexts, using security_check_context(), from this set.
|
|
||||||
|
|
||||||
Fixes: https://github.com/SELinuxProject/selinux/issues/28
|
|
||||||
|
|
||||||
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
|
||||||
---
|
|
||||||
libselinux/src/get_context_list.c | 212 +++++++++++++-----------------
|
|
||||||
1 file changed, 93 insertions(+), 119 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
|
|
||||||
index 689e4658..26d7b3b9 100644
|
|
||||||
--- a/libselinux/src/get_context_list.c
|
|
||||||
+++ b/libselinux/src/get_context_list.c
|
|
||||||
@@ -2,6 +2,7 @@
|
|
||||||
#include <errno.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdio_ext.h>
|
|
||||||
+#include <stdint.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <string.h>
|
|
||||||
#include <ctype.h>
|
|
||||||
@@ -114,64 +115,41 @@ int get_default_context(const char *user,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int find_partialcon(char ** list,
|
|
||||||
- unsigned int nreach, char *part)
|
|
||||||
+static int is_in_reachable(char **reachable, const char *usercon_str)
|
|
||||||
{
|
|
||||||
- const char *conrole, *contype;
|
|
||||||
- char *partrole, *parttype, *ptr;
|
|
||||||
- context_t con;
|
|
||||||
- unsigned int i;
|
|
||||||
+ if (!reachable)
|
|
||||||
+ return 0;
|
|
||||||
|
|
||||||
- partrole = part;
|
|
||||||
- ptr = part;
|
|
||||||
- while (*ptr && !isspace(*ptr) && *ptr != ':')
|
|
||||||
- ptr++;
|
|
||||||
- if (*ptr != ':')
|
|
||||||
- return -1;
|
|
||||||
- *ptr++ = 0;
|
|
||||||
- parttype = ptr;
|
|
||||||
- while (*ptr && !isspace(*ptr) && *ptr != ':')
|
|
||||||
- ptr++;
|
|
||||||
- *ptr = 0;
|
|
||||||
-
|
|
||||||
- for (i = 0; i < nreach; i++) {
|
|
||||||
- con = context_new(list[i]);
|
|
||||||
- if (!con)
|
|
||||||
- return -1;
|
|
||||||
- conrole = context_role_get(con);
|
|
||||||
- contype = context_type_get(con);
|
|
||||||
- if (!conrole || !contype) {
|
|
||||||
- context_free(con);
|
|
||||||
- return -1;
|
|
||||||
- }
|
|
||||||
- if (!strcmp(conrole, partrole) && !strcmp(contype, parttype)) {
|
|
||||||
- context_free(con);
|
|
||||||
- return i;
|
|
||||||
+ for (; *reachable != NULL; reachable++) {
|
|
||||||
+ if (strcmp(*reachable, usercon_str) == 0) {
|
|
||||||
+ return 1;
|
|
||||||
}
|
|
||||||
- context_free(con);
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- return -1;
|
|
||||||
+ return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int get_context_order(FILE * fp,
|
|
||||||
+static int get_context_user(FILE * fp,
|
|
||||||
char * fromcon,
|
|
||||||
- char ** reachable,
|
|
||||||
- unsigned int nreach,
|
|
||||||
- unsigned int *ordering, unsigned int *nordered)
|
|
||||||
+ const char * user,
|
|
||||||
+ char ***reachable,
|
|
||||||
+ unsigned int *nreachable)
|
|
||||||
{
|
|
||||||
char *start, *end = NULL;
|
|
||||||
char *line = NULL;
|
|
||||||
- size_t line_len = 0;
|
|
||||||
+ size_t line_len = 0, usercon_len;
|
|
||||||
+ size_t user_len = strlen(user);
|
|
||||||
ssize_t len;
|
|
||||||
int found = 0;
|
|
||||||
- const char *fromrole, *fromtype;
|
|
||||||
+ const char *fromrole, *fromtype, *fromlevel;
|
|
||||||
char *linerole, *linetype;
|
|
||||||
- unsigned int i;
|
|
||||||
+ char **new_reachable = NULL;
|
|
||||||
+ char *usercon_str;
|
|
||||||
context_t con;
|
|
||||||
+ context_t usercon;
|
|
||||||
+
|
|
||||||
int rc;
|
|
||||||
|
|
||||||
- errno = -EINVAL;
|
|
||||||
+ errno = EINVAL;
|
|
||||||
|
|
||||||
/* Extract the role and type of the fromcon for matching.
|
|
||||||
User identity and MLS range can be variable. */
|
|
||||||
@@ -180,6 +158,7 @@ static int get_context_order(FILE * fp,
|
|
||||||
return -1;
|
|
||||||
fromrole = context_role_get(con);
|
|
||||||
fromtype = context_type_get(con);
|
|
||||||
+ fromlevel = context_range_get(con);
|
|
||||||
if (!fromrole || !fromtype) {
|
|
||||||
context_free(con);
|
|
||||||
return -1;
|
|
||||||
@@ -243,23 +222,75 @@ static int get_context_order(FILE * fp,
|
|
||||||
if (*end)
|
|
||||||
*end++ = 0;
|
|
||||||
|
|
||||||
- /* Check for a match in the reachable list. */
|
|
||||||
- rc = find_partialcon(reachable, nreach, start);
|
|
||||||
- if (rc < 0) {
|
|
||||||
- /* No match, skip it. */
|
|
||||||
+ /* Check whether a new context is valid */
|
|
||||||
+ if (SIZE_MAX - user_len < strlen(start) + 2) {
|
|
||||||
+ fprintf(stderr, "%s: one of partial contexts is too big\n", __FUNCTION__);
|
|
||||||
+ errno = EINVAL;
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+ usercon_len = user_len + strlen(start) + 2;
|
|
||||||
+ usercon_str = malloc(usercon_len);
|
|
||||||
+ if (!usercon_str) {
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* set range from fromcon in the new usercon */
|
|
||||||
+ snprintf(usercon_str, usercon_len, "%s:%s", user, start);
|
|
||||||
+ usercon = context_new(usercon_str);
|
|
||||||
+ if (!usercon) {
|
|
||||||
+ if (errno != EINVAL) {
|
|
||||||
+ free(usercon_str);
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+ fprintf(stderr,
|
|
||||||
+ "%s: can't create a context from %s, skipping\n",
|
|
||||||
+ __FUNCTION__, usercon_str);
|
|
||||||
+ free(usercon_str);
|
|
||||||
start = end;
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
+ free(usercon_str);
|
|
||||||
+ if (context_range_set(usercon, fromlevel) != 0) {
|
|
||||||
+ context_free(usercon);
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+ usercon_str = context_str(usercon);
|
|
||||||
+ if (!usercon_str) {
|
|
||||||
+ context_free(usercon);
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- /* If a match is found and the entry is not already ordered
|
|
||||||
- (e.g. due to prior match in prior config file), then set
|
|
||||||
- the ordering for it. */
|
|
||||||
- i = rc;
|
|
||||||
- if (ordering[i] == nreach)
|
|
||||||
- ordering[i] = (*nordered)++;
|
|
||||||
+ /* check whether usercon is already in reachable */
|
|
||||||
+ if (is_in_reachable(*reachable, usercon_str)) {
|
|
||||||
+ context_free(usercon);
|
|
||||||
+ start = end;
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
+ if (security_check_context(usercon_str) == 0) {
|
|
||||||
+ new_reachable = realloc(*reachable, (*nreachable + 2) * sizeof(char *));
|
|
||||||
+ if (!new_reachable) {
|
|
||||||
+ context_free(usercon);
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+ *reachable = new_reachable;
|
|
||||||
+ new_reachable[*nreachable] = strdup(usercon_str);
|
|
||||||
+ if (new_reachable[*nreachable] == NULL) {
|
|
||||||
+ context_free(usercon);
|
|
||||||
+ rc = -1;
|
|
||||||
+ goto out;
|
|
||||||
+ }
|
|
||||||
+ new_reachable[*nreachable + 1] = 0;
|
|
||||||
+ *nreachable += 1;
|
|
||||||
+ }
|
|
||||||
+ context_free(usercon);
|
|
||||||
start = end;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
rc = 0;
|
|
||||||
|
|
||||||
out:
|
|
||||||
@@ -313,21 +344,6 @@ static int get_failsafe_context(const char *user, char ** newcon)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-struct context_order {
|
|
||||||
- char * con;
|
|
||||||
- unsigned int order;
|
|
||||||
-};
|
|
||||||
-
|
|
||||||
-static int order_compare(const void *A, const void *B)
|
|
||||||
-{
|
|
||||||
- const struct context_order *c1 = A, *c2 = B;
|
|
||||||
- if (c1->order < c2->order)
|
|
||||||
- return -1;
|
|
||||||
- else if (c1->order > c2->order)
|
|
||||||
- return 1;
|
|
||||||
- return strcmp(c1->con, c2->con);
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
int get_ordered_context_list_with_level(const char *user,
|
|
||||||
const char *level,
|
|
||||||
char * fromcon,
|
|
||||||
@@ -395,11 +411,8 @@ int get_ordered_context_list(const char *user,
|
|
||||||
char *** list)
|
|
||||||
{
|
|
||||||
char **reachable = NULL;
|
|
||||||
- unsigned int *ordering = NULL;
|
|
||||||
- struct context_order *co = NULL;
|
|
||||||
- char **ptr;
|
|
||||||
int rc = 0;
|
|
||||||
- unsigned int nreach = 0, nordered = 0, freefrom = 0, i;
|
|
||||||
+ unsigned nreachable = 0, freefrom = 0;
|
|
||||||
FILE *fp;
|
|
||||||
char *fname = NULL;
|
|
||||||
size_t fname_len;
|
|
||||||
@@ -413,23 +426,6 @@ int get_ordered_context_list(const char *user,
|
|
||||||
freefrom = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* Determine the set of reachable contexts for the user. */
|
|
||||||
- rc = security_compute_user(fromcon, user, &reachable);
|
|
||||||
- if (rc < 0)
|
|
||||||
- goto failsafe;
|
|
||||||
- nreach = 0;
|
|
||||||
- for (ptr = reachable; *ptr; ptr++)
|
|
||||||
- nreach++;
|
|
||||||
- if (!nreach)
|
|
||||||
- goto failsafe;
|
|
||||||
-
|
|
||||||
- /* Initialize ordering array. */
|
|
||||||
- ordering = malloc(nreach * sizeof(unsigned int));
|
|
||||||
- if (!ordering)
|
|
||||||
- goto failsafe;
|
|
||||||
- for (i = 0; i < nreach; i++)
|
|
||||||
- ordering[i] = nreach;
|
|
||||||
-
|
|
||||||
/* Determine the ordering to apply from the optional per-user config
|
|
||||||
and from the global config. */
|
|
||||||
fname_len = strlen(user_contexts_path) + strlen(user) + 2;
|
|
||||||
@@ -440,8 +436,8 @@ int get_ordered_context_list(const char *user,
|
|
||||||
fp = fopen(fname, "re");
|
|
||||||
if (fp) {
|
|
||||||
__fsetlocking(fp, FSETLOCKING_BYCALLER);
|
|
||||||
- rc = get_context_order(fp, fromcon, reachable, nreach, ordering,
|
|
||||||
- &nordered);
|
|
||||||
+ rc = get_context_user(fp, fromcon, user, &reachable, &nreachable);
|
|
||||||
+
|
|
||||||
fclose(fp);
|
|
||||||
if (rc < 0 && errno != ENOENT) {
|
|
||||||
fprintf(stderr,
|
|
||||||
@@ -454,8 +450,7 @@ int get_ordered_context_list(const char *user,
|
|
||||||
fp = fopen(selinux_default_context_path(), "re");
|
|
||||||
if (fp) {
|
|
||||||
__fsetlocking(fp, FSETLOCKING_BYCALLER);
|
|
||||||
- rc = get_context_order(fp, fromcon, reachable, nreach, ordering,
|
|
||||||
- &nordered);
|
|
||||||
+ rc = get_context_user(fp, fromcon, user, &reachable, &nreachable);
|
|
||||||
fclose(fp);
|
|
||||||
if (rc < 0 && errno != ENOENT) {
|
|
||||||
fprintf(stderr,
|
|
||||||
@@ -463,40 +458,19 @@ int get_ordered_context_list(const char *user,
|
|
||||||
__FUNCTION__, selinux_default_context_path());
|
|
||||||
/* Fall through */
|
|
||||||
}
|
|
||||||
- rc = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!nordered)
|
|
||||||
+ if (!nreachable)
|
|
||||||
goto failsafe;
|
|
||||||
|
|
||||||
- /* Apply the ordering. */
|
|
||||||
- co = malloc(nreach * sizeof(struct context_order));
|
|
||||||
- if (!co)
|
|
||||||
- goto failsafe;
|
|
||||||
- for (i = 0; i < nreach; i++) {
|
|
||||||
- co[i].con = reachable[i];
|
|
||||||
- co[i].order = ordering[i];
|
|
||||||
- }
|
|
||||||
- qsort(co, nreach, sizeof(struct context_order), order_compare);
|
|
||||||
- for (i = 0; i < nreach; i++)
|
|
||||||
- reachable[i] = co[i].con;
|
|
||||||
- free(co);
|
|
||||||
-
|
|
||||||
- /* Only report the ordered entries to the caller. */
|
|
||||||
- if (nordered <= nreach) {
|
|
||||||
- for (i = nordered; i < nreach; i++)
|
|
||||||
- free(reachable[i]);
|
|
||||||
- reachable[nordered] = NULL;
|
|
||||||
- rc = nordered;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
out:
|
|
||||||
- if (rc > 0)
|
|
||||||
+ if (nreachable > 0) {
|
|
||||||
*list = reachable;
|
|
||||||
+ rc = nreachable;
|
|
||||||
+ }
|
|
||||||
else
|
|
||||||
freeconary(reachable);
|
|
||||||
|
|
||||||
- free(ordering);
|
|
||||||
if (freefrom)
|
|
||||||
freecon(fromcon);
|
|
||||||
|
|
||||||
@@ -519,7 +493,7 @@ int get_ordered_context_list(const char *user,
|
|
||||||
reachable = NULL;
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
- rc = 1; /* one context in the list */
|
|
||||||
+ nreachable = 1; /* one context in the list */
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.25.4
|
|
||||||
|
|
@ -1,168 +0,0 @@
|
|||||||
From d4c22fcd5943fe35db648dee971f631d40b3eb94 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stephen Smalley <sds@tycho.nsa.gov>
|
|
||||||
Date: Thu, 20 Feb 2020 10:40:19 -0500
|
|
||||||
Subject: [PATCH] libselinux: deprecate security_compute_user(), update man
|
|
||||||
pages
|
|
||||||
|
|
||||||
commit 1f89c4e7879fcf6da5d8d1b025dcc03371f30fc9 ("libselinux: Eliminate
|
|
||||||
use of security_compute_user()") eliminated the use of
|
|
||||||
security_compute_user() by get_ordered_context_list(). Deprecate
|
|
||||||
all use of security_compute_user() by updating the headers and man
|
|
||||||
pages and logging a warning message on any calls to it. Remove
|
|
||||||
the example utility that called the interface. While here, also
|
|
||||||
fix the documentation of correct usage of the user argument to these
|
|
||||||
interfaces.
|
|
||||||
|
|
||||||
Fixes: https://github.com/SELinuxProject/selinux/issues/70
|
|
||||||
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
||||||
Acked-by: Petr Lautrbach <plautrba@redhat.com>
|
|
||||||
---
|
|
||||||
libselinux/include/selinux/selinux.h | 8 +++-
|
|
||||||
.../man/man3/get_ordered_context_list.3 | 24 +++++++++---
|
|
||||||
libselinux/man/man3/security_compute_av.3 | 5 ++-
|
|
||||||
libselinux/src/compute_user.c | 3 ++
|
|
||||||
libselinux/utils/compute_user.c | 38 -------------------
|
|
||||||
5 files changed, 31 insertions(+), 47 deletions(-)
|
|
||||||
delete mode 100644 libselinux/utils/compute_user.c
|
|
||||||
|
|
||||||
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
|
|
||||||
index a34d54fc..a5ada324 100644
|
|
||||||
--- a/libselinux/include/selinux/selinux.h
|
|
||||||
+++ b/libselinux/include/selinux/selinux.h
|
|
||||||
@@ -246,8 +246,12 @@ extern int security_compute_member_raw(const char * scon,
|
|
||||||
security_class_t tclass,
|
|
||||||
char ** newcon);
|
|
||||||
|
|
||||||
-/* Compute the set of reachable user contexts and set *con to refer to
|
|
||||||
- the NULL-terminated array of contexts. Caller must free via freeconary. */
|
|
||||||
+/*
|
|
||||||
+ * Compute the set of reachable user contexts and set *con to refer to
|
|
||||||
+ * the NULL-terminated array of contexts. Caller must free via freeconary.
|
|
||||||
+ * These interfaces are deprecated. Use get_ordered_context_list() or
|
|
||||||
+ * one of its variant interfaces instead.
|
|
||||||
+ */
|
|
||||||
extern int security_compute_user(const char * scon,
|
|
||||||
const char *username,
|
|
||||||
char *** con);
|
|
||||||
diff --git a/libselinux/man/man3/get_ordered_context_list.3 b/libselinux/man/man3/get_ordered_context_list.3
|
|
||||||
index e084da40..3ed14a96 100644
|
|
||||||
--- a/libselinux/man/man3/get_ordered_context_list.3
|
|
||||||
+++ b/libselinux/man/man3/get_ordered_context_list.3
|
|
||||||
@@ -26,14 +26,28 @@ get_ordered_context_list, get_ordered_context_list_with_level, get_default_conte
|
|
||||||
.BI "int get_default_type(const char *" role ", char **" type );
|
|
||||||
.
|
|
||||||
.SH "DESCRIPTION"
|
|
||||||
+
|
|
||||||
+This family of functions can be used to obtain either a prioritized list of
|
|
||||||
+all reachable security contexts for a given SELinux user or a single default
|
|
||||||
+(highest priority) context for a given SELinux user for use by login-like
|
|
||||||
+programs. These functions takes a SELinux user identity that must
|
|
||||||
+be defined in the SELinux policy as their input, not a Linux username.
|
|
||||||
+Most callers should typically first call
|
|
||||||
+.BR getseuserbyname(3)
|
|
||||||
+to look up the SELinux user identity and level for a given
|
|
||||||
+Linux username and then invoke one of
|
|
||||||
+.BR get_ordered_context_list_with_level ()
|
|
||||||
+or
|
|
||||||
+.BR get_default_context_with_level ()
|
|
||||||
+with the returned SELinux user and level as inputs.
|
|
||||||
+
|
|
||||||
.BR get_ordered_context_list ()
|
|
||||||
-invokes the
|
|
||||||
-.BR security_compute_user (3)
|
|
||||||
-function to obtain the list of contexts for the specified
|
|
||||||
+obtains the list of contexts for the specified
|
|
||||||
+SELinux
|
|
||||||
.I user
|
|
||||||
-that are reachable from the specified
|
|
||||||
+identity that are reachable from the specified
|
|
||||||
.I fromcon
|
|
||||||
-context. The function then orders the resulting list based on the global
|
|
||||||
+context based on the global
|
|
||||||
.I \%/etc/selinux/{SELINUXTYPE}/contexts/default_contexts
|
|
||||||
file and the per-user
|
|
||||||
.I \%/etc/selinux/{SELINUXTYPE}/contexts/users/<username>
|
|
||||||
diff --git a/libselinux/man/man3/security_compute_av.3 b/libselinux/man/man3/security_compute_av.3
|
|
||||||
index 2aade5fe..8e1f746a 100644
|
|
||||||
--- a/libselinux/man/man3/security_compute_av.3
|
|
||||||
+++ b/libselinux/man/man3/security_compute_av.3
|
|
||||||
@@ -97,8 +97,9 @@ instance.
|
|
||||||
|
|
||||||
.BR security_compute_user ()
|
|
||||||
is used to determine the set of user contexts that can be reached from a
|
|
||||||
-source context. It is mainly used by
|
|
||||||
-.BR get_ordered_context_list ().
|
|
||||||
+source context. This function is deprecated; use
|
|
||||||
+.BR get_ordered_context_list (3)
|
|
||||||
+instead.
|
|
||||||
|
|
||||||
.BR security_get_initial_context ()
|
|
||||||
is used to get the context of a kernel initial security identifier specified by
|
|
||||||
diff --git a/libselinux/src/compute_user.c b/libselinux/src/compute_user.c
|
|
||||||
index 401fd107..0f55de84 100644
|
|
||||||
--- a/libselinux/src/compute_user.c
|
|
||||||
+++ b/libselinux/src/compute_user.c
|
|
||||||
@@ -8,6 +8,7 @@
|
|
||||||
#include "selinux_internal.h"
|
|
||||||
#include "policy.h"
|
|
||||||
#include <limits.h>
|
|
||||||
+#include "callbacks.h"
|
|
||||||
|
|
||||||
int security_compute_user_raw(const char * scon,
|
|
||||||
const char *user, char *** con)
|
|
||||||
@@ -24,6 +25,8 @@ int security_compute_user_raw(const char * scon,
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ selinux_log(SELINUX_WARNING, "Direct use of security_compute_user() is deprecated, switch to get_ordered_context_list()\n");
|
|
||||||
+
|
|
||||||
if (! scon) {
|
|
||||||
errno=EINVAL;
|
|
||||||
return -1;
|
|
||||||
diff --git a/libselinux/utils/compute_user.c b/libselinux/utils/compute_user.c
|
|
||||||
deleted file mode 100644
|
|
||||||
index cae62b26..00000000
|
|
||||||
--- a/libselinux/utils/compute_user.c
|
|
||||||
+++ /dev/null
|
|
||||||
@@ -1,38 +0,0 @@
|
|
||||||
-#include <unistd.h>
|
|
||||||
-#include <sys/types.h>
|
|
||||||
-#include <fcntl.h>
|
|
||||||
-#include <stdio.h>
|
|
||||||
-#include <stdlib.h>
|
|
||||||
-#include <errno.h>
|
|
||||||
-#include <string.h>
|
|
||||||
-#include <ctype.h>
|
|
||||||
-#include <selinux/selinux.h>
|
|
||||||
-
|
|
||||||
-int main(int argc, char **argv)
|
|
||||||
-{
|
|
||||||
- char **buf, **ptr;
|
|
||||||
- int ret;
|
|
||||||
-
|
|
||||||
- if (argc != 3) {
|
|
||||||
- fprintf(stderr, "usage: %s context user\n", argv[0]);
|
|
||||||
- exit(1);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- ret = security_compute_user(argv[1], argv[2], &buf);
|
|
||||||
- if (ret < 0) {
|
|
||||||
- fprintf(stderr, "%s: security_compute_user(%s,%s) failed\n",
|
|
||||||
- argv[0], argv[1], argv[2]);
|
|
||||||
- exit(2);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- if (!buf[0]) {
|
|
||||||
- printf("none\n");
|
|
||||||
- exit(0);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- for (ptr = buf; *ptr; ptr++) {
|
|
||||||
- printf("%s\n", *ptr);
|
|
||||||
- }
|
|
||||||
- freeconary(buf);
|
|
||||||
- exit(0);
|
|
||||||
-}
|
|
||||||
--
|
|
||||||
2.25.4
|
|
||||||
|
|
@ -1,39 +0,0 @@
|
|||||||
From c556c6ad0b94cf3ba4b441a1a0930f2468434227 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
Date: Wed, 10 Feb 2021 18:05:29 +0100
|
|
||||||
Subject: [PATCH] selinux(8,5): Describe fcontext regular expressions
|
|
||||||
|
|
||||||
Describe which type of regular expression is used in file context
|
|
||||||
definitions and which flags are in effect.
|
|
||||||
|
|
||||||
Explain how local file context modifications are processed.
|
|
||||||
|
|
||||||
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
Acked-by: Petr Lautrbach <plautrba@redhat.com>
|
|
||||||
---
|
|
||||||
libselinux/man/man5/selabel_file.5 | 9 ++++++++-
|
|
||||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/libselinux/man/man5/selabel_file.5 b/libselinux/man/man5/selabel_file.5
|
|
||||||
index e97bd826..baba7776 100644
|
|
||||||
--- a/libselinux/man/man5/selabel_file.5
|
|
||||||
+++ b/libselinux/man/man5/selabel_file.5
|
|
||||||
@@ -125,7 +125,14 @@ Where:
|
|
||||||
.RS
|
|
||||||
.I pathname
|
|
||||||
.RS
|
|
||||||
-An entry that defines the pathname that may be in the form of a regular expression.
|
|
||||||
+An entry that defines the path to be labeled.
|
|
||||||
+May contain either a fully qualified path,
|
|
||||||
+or a Perl compatible regular expression (PCRE),
|
|
||||||
+describing fully qualified path(s).
|
|
||||||
+The only PCRE flag in use is PCRE2_DOTALL,
|
|
||||||
+which causes a wildcard '.' to match anything, including a new line.
|
|
||||||
+Strings representing paths are processed as bytes (as opposed to Unicode),
|
|
||||||
+meaning that non-ASCII characters are not matched by a single wildcard.
|
|
||||||
.RE
|
|
||||||
.I file_type
|
|
||||||
.RS
|
|
||||||
--
|
|
||||||
2.35.3
|
|
||||||
|
|
@ -1,88 +0,0 @@
|
|||||||
From 9bf63bb85d4d2cab73181ee1d8d0b07961ce4a80 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
Date: Thu, 17 Feb 2022 14:14:15 +0100
|
|
||||||
Subject: [PATCH] libselinux: Strip spaces before values in config
|
|
||||||
|
|
||||||
Spaces before values in /etc/selinux/config should be ignored just as
|
|
||||||
spaces after them are.
|
|
||||||
|
|
||||||
E.g. "SELINUXTYPE= targeted" should be a valid value.
|
|
||||||
|
|
||||||
Fixes:
|
|
||||||
# sed -i 's/^SELINUXTYPE=/SELINUXTYPE= /g' /etc/selinux/config
|
|
||||||
# dnf install <any_package>
|
|
||||||
...
|
|
||||||
RPM: error: selabel_open: (/etc/selinux/ targeted/contexts/files/file_contexts) No such file or directory
|
|
||||||
RPM: error: Plugin selinux: hook tsm_pre failed
|
|
||||||
...
|
|
||||||
Error: Could not run transaction.
|
|
||||||
|
|
||||||
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
---
|
|
||||||
libselinux/src/selinux_config.c | 17 +++++++++++++----
|
|
||||||
1 file changed, 13 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libselinux/src/selinux_config.c b/libselinux/src/selinux_config.c
|
|
||||||
index b06cb63b..0892b87c 100644
|
|
||||||
--- a/libselinux/src/selinux_config.c
|
|
||||||
+++ b/libselinux/src/selinux_config.c
|
|
||||||
@@ -91,6 +91,7 @@ int selinux_getenforcemode(int *enforce)
|
|
||||||
FILE *cfg = fopen(SELINUXCONFIG, "re");
|
|
||||||
if (cfg) {
|
|
||||||
char *buf;
|
|
||||||
+ char *tag;
|
|
||||||
int len = sizeof(SELINUXTAG) - 1;
|
|
||||||
buf = malloc(selinux_page_size);
|
|
||||||
if (!buf) {
|
|
||||||
@@ -100,21 +101,24 @@ int selinux_getenforcemode(int *enforce)
|
|
||||||
while (fgets_unlocked(buf, selinux_page_size, cfg)) {
|
|
||||||
if (strncmp(buf, SELINUXTAG, len))
|
|
||||||
continue;
|
|
||||||
+ tag = buf+len;
|
|
||||||
+ while (isspace(*tag))
|
|
||||||
+ tag++;
|
|
||||||
if (!strncasecmp
|
|
||||||
- (buf + len, "enforcing", sizeof("enforcing") - 1)) {
|
|
||||||
+ (tag, "enforcing", sizeof("enforcing") - 1)) {
|
|
||||||
*enforce = 1;
|
|
||||||
ret = 0;
|
|
||||||
break;
|
|
||||||
} else
|
|
||||||
if (!strncasecmp
|
|
||||||
- (buf + len, "permissive",
|
|
||||||
+ (tag, "permissive",
|
|
||||||
sizeof("permissive") - 1)) {
|
|
||||||
*enforce = 0;
|
|
||||||
ret = 0;
|
|
||||||
break;
|
|
||||||
} else
|
|
||||||
if (!strncasecmp
|
|
||||||
- (buf + len, "disabled",
|
|
||||||
+ (tag, "disabled",
|
|
||||||
sizeof("disabled") - 1)) {
|
|
||||||
*enforce = -1;
|
|
||||||
ret = 0;
|
|
||||||
@@ -177,7 +181,10 @@ static void init_selinux_config(void)
|
|
||||||
|
|
||||||
if (!strncasecmp(buf_p, SELINUXTYPETAG,
|
|
||||||
sizeof(SELINUXTYPETAG) - 1)) {
|
|
||||||
- type = strdup(buf_p + sizeof(SELINUXTYPETAG) - 1);
|
|
||||||
+ buf_p += sizeof(SELINUXTYPETAG) - 1;
|
|
||||||
+ while (isspace(*buf_p))
|
|
||||||
+ buf_p++;
|
|
||||||
+ type = strdup(buf_p);
|
|
||||||
if (!type)
|
|
||||||
return;
|
|
||||||
end = type + strlen(type) - 1;
|
|
||||||
@@ -199,6 +206,8 @@ static void init_selinux_config(void)
|
|
||||||
} else if (!strncmp(buf_p, REQUIRESEUSERS,
|
|
||||||
sizeof(REQUIRESEUSERS) - 1)) {
|
|
||||||
value = buf_p + sizeof(REQUIRESEUSERS) - 1;
|
|
||||||
+ while (isspace(*value))
|
|
||||||
+ value++;
|
|
||||||
intptr = &require_seusers;
|
|
||||||
} else {
|
|
||||||
continue;
|
|
||||||
--
|
|
||||||
2.35.3
|
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From 9a04499cebedac3f585c0240e6cf68f786ae62b7 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
Date: Mon, 31 Oct 2022 17:00:43 +0100
|
|
||||||
Subject: [PATCH] libselinux: Ignore missing directories when -i is used
|
|
||||||
|
|
||||||
Currently "-i" only ignores a file whose parent directory exists. Start also
|
|
||||||
ignoring paths with missing components.
|
|
||||||
|
|
||||||
Fixes:
|
|
||||||
# restorecon -i -v -R /var/log/missingdir/missingfile; echo $?
|
|
||||||
255
|
|
||||||
restorecon: SELinux: Could not get canonical path for /var/log/missingdir/missingfile restorecon: No such file or directory.
|
|
||||||
|
|
||||||
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
---
|
|
||||||
libselinux/src/selinux_restorecon.c | 7 +++++++
|
|
||||||
1 file changed, 7 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
|
|
||||||
index 5f189235..2ff73db6 100644
|
|
||||||
--- a/libselinux/src/selinux_restorecon.c
|
|
||||||
+++ b/libselinux/src/selinux_restorecon.c
|
|
||||||
@@ -820,6 +820,10 @@ int selinux_restorecon(const char *pathname_orig,
|
|
||||||
pathname = realpath(pathname_orig, NULL);
|
|
||||||
if (!pathname) {
|
|
||||||
free(basename_cpy);
|
|
||||||
+ /* missing parent directory */
|
|
||||||
+ if (flags.ignore_noent && errno == ENOENT) {
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
goto realpatherr;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
@@ -833,6 +837,9 @@ int selinux_restorecon(const char *pathname_orig,
|
|
||||||
free(dirname_cpy);
|
|
||||||
if (!pathdnamer) {
|
|
||||||
free(basename_cpy);
|
|
||||||
+ if (flags.ignore_noent && errno == ENOENT) {
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
goto realpatherr;
|
|
||||||
}
|
|
||||||
if (!strcmp(pathdnamer, "/"))
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -1,42 +0,0 @@
|
|||||||
From 599f1ec818d50ffc9690fea8c03b5fe278f30ed4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vit Mojzis <vmojzis@redhat.com>
|
|
||||||
Date: Wed, 7 Dec 2022 09:19:29 +0100
|
|
||||||
Subject: [PATCH] libselinux/restorecon: Fix memory leak - xattr_value
|
|
||||||
|
|
||||||
Fix memory leak introduced by commit
|
|
||||||
9a04499cebedac3f585c0240e6cf68f786ae62b7
|
|
||||||
libselinux: Ignore missing directories when -i is used
|
|
||||||
|
|
||||||
Error: RESOURCE_LEAK:
|
|
||||||
selinux_restorecon.c:804: alloc_fn: Storage is returned from allocation function "malloc".
|
|
||||||
selinux_restorecon.c:804: var_assign: Assigning: "xattr_value" = storage returned from "malloc(fc_digest_len)".
|
|
||||||
selinux_restorecon.c:825: leaked_storage: Variable "xattr_value" going out of scope leaks the storage it points to.
|
|
||||||
|
|
||||||
Resolves: rhbz#2137965
|
|
||||||
---
|
|
||||||
libselinux/src/selinux_restorecon.c | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
|
|
||||||
index 2ff73db6..b3702764 100644
|
|
||||||
--- a/libselinux/src/selinux_restorecon.c
|
|
||||||
+++ b/libselinux/src/selinux_restorecon.c
|
|
||||||
@@ -822,6 +822,7 @@ int selinux_restorecon(const char *pathname_orig,
|
|
||||||
free(basename_cpy);
|
|
||||||
/* missing parent directory */
|
|
||||||
if (flags.ignore_noent && errno == ENOENT) {
|
|
||||||
+ free(xattr_value);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
goto realpatherr;
|
|
||||||
@@ -838,6 +839,7 @@ int selinux_restorecon(const char *pathname_orig,
|
|
||||||
if (!pathdnamer) {
|
|
||||||
free(basename_cpy);
|
|
||||||
if (flags.ignore_noent && errno == ENOENT) {
|
|
||||||
+ free(xattr_value);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
goto realpatherr;
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -6,7 +6,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%define libsepolver 2.9-1
|
%define libsepolver 2.9-1
|
||||||
%define libselinuxrelease 8
|
%define libselinuxrelease 3
|
||||||
|
|
||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
@ -27,12 +27,6 @@ Patch0005: 0005-libselinux-add-missing-av_permission-values.patch
|
|||||||
Patch0006: 0006-libselinux-Use-Python-distutils-to-install-SELinux-p.patch
|
Patch0006: 0006-libselinux-Use-Python-distutils-to-install-SELinux-p.patch
|
||||||
Patch0007: 0007-libselinux-Do-not-use-SWIG_CFLAGS-when-Python-bindin.patch
|
Patch0007: 0007-libselinux-Do-not-use-SWIG_CFLAGS-when-Python-bindin.patch
|
||||||
Patch0008: 0008-Fix-mcstrans-secolor-examples.patch
|
Patch0008: 0008-Fix-mcstrans-secolor-examples.patch
|
||||||
Patch0009: 0009-libselinux-Eliminate-use-of-security_compute_user.patch
|
|
||||||
Patch0010: 0010-libselinux-deprecate-security_compute_user-update-ma.patch
|
|
||||||
Patch0011: 0011-selinux-8-5-Describe-fcontext-regular-expressions.patch
|
|
||||||
Patch0012: 0012-libselinux-Strip-spaces-before-values-in-config.patch
|
|
||||||
Patch0013: 0013-libselinux-Ignore-missing-directories-when-i-is-used.patch
|
|
||||||
Patch0014: 0014-libselinux-restorecon-Fix-memory-leak-xattr_value.patch
|
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
%if 0%{?with_ruby}
|
%if 0%{?with_ruby}
|
||||||
@ -280,22 +274,6 @@ rm -f %{buildroot}%{_mandir}/man8/togglesebool*
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Dec 07 2022 Vit Mojzis <vmojzis@redhat.com> - 2.9-8
|
|
||||||
- restorecon: Fix memory leak - xattr_value (#2137965)
|
|
||||||
|
|
||||||
* Tue Dec 06 2022 Vit Mojzis <vmojzis@redhat.com> - 2.9-7
|
|
||||||
- Restorecon: Ignore missing directories when -i is used (#2137965)
|
|
||||||
|
|
||||||
* Thu Jul 07 2022 Vit Mojzis <vmojzis@redhat.com> - 2.9-6
|
|
||||||
- Describe fcontext regular expressions (#1904059)
|
|
||||||
- Strip spaces before values in config (#2012145)
|
|
||||||
|
|
||||||
* Tue Oct 20 2020 Vit Mojzis <vmojzis@redhat.com> - 2.9-5
|
|
||||||
- Deprecate security_compute_user(), update man pages (#1879368)
|
|
||||||
|
|
||||||
* Thu Sep 24 2020 Vit Mojzis <vmojzis@redhat.com> - 2.9-4
|
|
||||||
- Eliminate use of security_compute_user() (#1879368)
|
|
||||||
|
|
||||||
* Fri Nov 08 2019 Vit Mojzis <vmojzis@redhat.com> - 2.9-3
|
* Fri Nov 08 2019 Vit Mojzis <vmojzis@redhat.com> - 2.9-3
|
||||||
- Fix mcstrans secolor examples in secolor.conf man page (#1770270)
|
- Fix mcstrans secolor examples in secolor.conf man page (#1770270)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user