libsemanage-2.7-11

- Revert "remove access() check to make setuid programs work" (#1557468)
2018-03-16 23:09:01 +01:00 · 2018-03-16 23:09:01 +01:00 · 84ddaa3113
commit 84ddaa3113
parent 4d223ca33e
2 changed files with 29 additions and 324 deletions
--- a/libsemanage-fedora.patch
+++ b/libsemanage-fedora.patch
@ -169,18 +169,10 @@ index 8ce2e2c..c8f4ff0 100644
 	}
 diff --git libsemanage-2.7/src/direct_api.c libsemanage-2.7/src/direct_api.c
-index 65842df..439122d 100644
+index 65842df..92d7517 100644
 --- libsemanage-2.7/src/direct_api.c
 +++ libsemanage-2.7/src/direct_api.c
-@@ -140,6 +140,7 @@ int semanage_direct_is_managed(semanage_handle_t * sh)
+@@ -148,9 +148,6 @@ int semanage_direct_connect(semanage_handle_t * sh)
 int semanage_direct_connect(semanage_handle_t * sh)
 {
 	const char *path;
 +	struct stat sb;
 	if (semanage_check_init(sh, sh->conf->store_root_path))
 		goto err;
@@ -148,9 +149,6 @@ int semanage_direct_connect(semanage_handle_t * sh)
 		if (semanage_create_store(sh, 1))
 			goto err;
@ -190,7 +182,7 @@ index 65842df..439122d 100644
 	sh->u.direct.translock_file_fd = -1;
 	sh->u.direct.activelock_file_fd = -1;
-@@ -210,6 +208,12 @@ int semanage_direct_connect(semanage_handle_t * sh)
+@@ -210,6 +207,12 @@ int semanage_direct_connect(semanage_handle_t * sh)
 				     semanage_fcontext_dbase_local(sh)) < 0)
 		goto err;
@ -203,26 +195,7 @@ index 65842df..439122d 100644
 	if (seuser_file_dbase_init(sh,
 				   semanage_path(SEMANAGE_ACTIVE,
 						 SEMANAGE_SEUSERS_LOCAL),
-@@ -299,10 +303,16 @@ int semanage_direct_connect(semanage_handle_t * sh)
+@@ -317,25 +320,43 @@ static void semanage_direct_destroy(semanage_handle_t * sh
 	/* set the disable dontaudit value */
 	path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_DISABLE_DONTAUDIT);
 -	if (access(path, F_OK) == 0)
 +
 +	if (stat(path, &sb) == 0)
 		sepol_set_disable_dontaudit(sh->sepolh, 1);
 -	else
 +	else if (errno == ENOENT) {
 +		/* The file does not exist */
 		sepol_set_disable_dontaudit(sh->sepolh, 0);
 +	} else {
 +		ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +		goto err;
 +	}
 	return STATUS_SUCCESS;
@@ -317,25 +327,43 @@ static void semanage_direct_destroy(semanage_handle_t * sh
 	/* do nothing */
 }
@ -275,7 +248,7 @@ index 65842df..439122d 100644
 		semanage_release_trans_lock(sh);
 	}
-@@ -349,6 +377,7 @@ static int semanage_direct_disconnect(semanage_handle_t * sh)
+@@ -349,6 +370,7 @@ static int semanage_direct_disconnect(semanage_handle_t * sh)
 	iface_file_dbase_release(semanage_iface_dbase_local(sh));
 	bool_file_dbase_release(semanage_bool_dbase_local(sh));
 	fcontext_file_dbase_release(semanage_fcontext_dbase_local(sh));
@ -283,7 +256,7 @@ index 65842df..439122d 100644
 	seuser_file_dbase_release(semanage_seuser_dbase_local(sh));
 	node_file_dbase_release(semanage_node_dbase_local(sh));
-@@ -368,15 +397,11 @@ static int semanage_direct_disconnect(semanage_handle_t * sh)
+@@ -368,15 +390,11 @@ static int semanage_direct_disconnect(semanage_handle_t * sh)
 	/* Release object databases: active kernel policy */
 	bool_activedb_dbase_release(semanage_bool_dbase_active(sh));
@ -300,30 +273,7 @@ index 65842df..439122d 100644
 	if (semanage_get_trans_lock(sh) < 0) {
 		return -1;
 	}
-@@ -1121,6 +1146,7 @@ static int semanage_compile_hll_modules(semanage_handle_t *sh,
+@@ -1153,6 +1171,14 @@ cleanup:
 	int status = 0;
 	int i;
 	char cil_path[PATH_MAX];
 +	struct stat sb;
 	assert(sh);
 	assert(modinfos);
@@ -1137,9 +1163,13 @@ static int semanage_compile_hll_modules(semanage_handle_t *sh,
 		}
 		if (semanage_get_ignore_module_cache(sh) == 0 &&
 -				access(cil_path, F_OK) == 0) {
 +				(status = stat(cil_path, &sb)) == 0) {
 			continue;
 		}
 +		if (status != 0 && errno != ENOENT) {
 +			ERR(sh, "Unable to access %s: %s\n", cil_path, strerror(errno));
 +			goto cleanup; //an error in the "stat" call
 +		}
 		status = semanage_compile_module(sh, &modinfos[i]);
 		if (status < 0) {
@@ -1153,6 +1183,14 @@ cleanup:
 	return status;
 }
@ -338,158 +288,15 @@ index 65842df..439122d 100644
 /********************* direct API functions ********************/
 /* Commits all changes in sandbox to the actual kernel policy.
-@@ -1169,6 +1207,8 @@ static int semanage_direct_commit(semanage_handle_t * sh)
+@@ -1169,6 +1195,7 @@ static int semanage_direct_commit(semanage_handle_t * sh)
 	sepol_policydb_t *out = NULL;
 	struct cil_db *cildb = NULL;
 	semanage_module_info_t *modinfos = NULL;
 +	mode_t mask = umask(0077);
 +	struct stat sb;
 	int do_rebuild, do_write_kernel, do_install;
 	int fcontexts_modified, ports_modified, seusers_modified,
-@@ -1207,10 +1247,16 @@ static int semanage_direct_commit(semanage_handle_t * sh)
+@@ -1544,44 +1571,44 @@ rebuild:
 	/* Create or remove the disable_dontaudit flag file. */
 	path = semanage_path(SEMANAGE_TMP, SEMANAGE_DISABLE_DONTAUDIT);
 -	if (access(path, F_OK) == 0)
 +	if (stat(path, &sb) == 0)
 		do_rebuild |= !(sepol_get_disable_dontaudit(sh->sepolh) == 1);
 -	else
 +	else if (errno == ENOENT) {
 +		/* The file does not exist */
 		do_rebuild |= (sepol_get_disable_dontaudit(sh->sepolh) == 1);
 +	} else {
 +		ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +		retval = -1;
 +		goto cleanup;
 +	}
 	if (sepol_get_disable_dontaudit(sh->sepolh) == 1) {
 		FILE *touch;
 		touch = fopen(path, "w");
@@ -1232,10 +1278,17 @@ static int semanage_direct_commit(semanage_handle_t * sh)
 	/* Create or remove the preserve_tunables flag file. */
 	path = semanage_path(SEMANAGE_TMP, SEMANAGE_PRESERVE_TUNABLES);
 -	if (access(path, F_OK) == 0)
 +	if (stat(path, &sb) == 0)
 		do_rebuild |= !(sepol_get_preserve_tunables(sh->sepolh) == 1);
 -	else
 +	else if (errno == ENOENT) {
 +		/* The file does not exist */
 		do_rebuild |= (sepol_get_preserve_tunables(sh->sepolh) == 1);
 +	} else {
 +		ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +		retval = -1;
 +		goto cleanup;
 +	}
 +
 	if (sepol_get_preserve_tunables(sh->sepolh) == 1) {
 		FILE *touch;
 		touch = fopen(path, "w");
@@ -1272,40 +1325,25 @@ static int semanage_direct_commit(semanage_handle_t * sh)
 	 * a rebuild.
 	 */
 	if (!do_rebuild) {
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 -		}
 -
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 -		}
 -
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 -		}
 -
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_LINKED);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 -		}
 -
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_SEUSERS_LINKED);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 -		}
 +		int files[] = {SEMANAGE_STORE_KERNEL,
 +					   SEMANAGE_STORE_FC,
 +					   SEMANAGE_STORE_SEUSERS,
 +					   SEMANAGE_LINKED,
 +					   SEMANAGE_SEUSERS_LINKED,
 +					   SEMANAGE_USERS_EXTRA_LINKED};
 +
 +		for (i = 0; i < (int) sizeof(files); i++) {
 +			path = semanage_path(SEMANAGE_TMP, files[i]);
 +			if (stat(path, &sb) != 0) {
 +				if (errno != ENOENT) {
 +					ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +					retval = -1;
 +					goto cleanup;
 +				}
 -		path = semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA_LINKED);
 -		if (access(path, F_OK) != 0) {
 -			do_rebuild = 1;
 -			goto rebuild;
 +				do_rebuild = 1;
 +				goto rebuild;
 +			}
 		}
 	}
@@ -1438,7 +1476,7 @@ rebuild:
 			goto cleanup;
 		path = semanage_path(SEMANAGE_TMP, SEMANAGE_SEUSERS_LINKED);
 -		if (access(path, F_OK) == 0) {
 +		if (stat(path, &sb) == 0) {
 			retval = semanage_copy_file(path,
 						    semanage_path(SEMANAGE_TMP,
 								  SEMANAGE_STORE_SEUSERS),
@@ -1446,12 +1484,17 @@ rebuild:
 			if (retval < 0)
 				goto cleanup;
 			pseusers->dtable->drop_cache(pseusers->dbase);
 -		} else {
 +		} else if (errno == ENOENT) {
 +			/* The file does not exist */
 			pseusers->dtable->clear(sh, pseusers->dbase);
 +		} else {
 +			ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +			retval = -1;
 +			goto cleanup;
 		}
 		path = semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA_LINKED);
 -		if (access(path, F_OK) == 0) {
 +		if (stat(path, &sb) == 0) {
 			retval = semanage_copy_file(path,
 						    semanage_path(SEMANAGE_TMP,
 								  SEMANAGE_USERS_EXTRA),
@@ -1459,8 +1502,13 @@ rebuild:
 			if (retval < 0)
 				goto cleanup;
 			pusers_extra->dtable->drop_cache(pusers_extra->dbase);
 -		} else {
 +		} else if (errno == ENOENT) {
 +			/* The file does not exist */
 			pusers_extra->dtable->clear(sh, pusers_extra->dbase);
 +		} else {
 +			ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +			retval = -1;
 +			goto cleanup;
 		}
 	}
@@ -1544,44 +1592,44 @@ rebuild:
 		goto cleanup;
 	}
@ -563,7 +370,7 @@ index 65842df..439122d 100644
 		}
 	} else {
 		WARN(sh, "WARNING: genhomedircon is disabled. \
-@@ -1618,17 +1666,21 @@ cleanup:
+@@ -1618,17 +1645,21 @@ cleanup:
 	free(mod_filenames);
 	sepol_policydb_free(out);
 	cil_db_destroy(&cildb);
@ -593,54 +400,7 @@ index 65842df..439122d 100644
 	return retval;
 }
-@@ -1786,6 +1838,7 @@ static int semanage_direct_extract(semanage_handle_t * sh,
+@@ -2000,6 +2031,7 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
 	ssize_t _data_len;
 	char *_data;
 	int compressed;
 +	struct stat sb;
 	/* get path of module */
 	rc = semanage_module_get_path(
@@ -1798,8 +1851,8 @@ static int semanage_direct_extract(semanage_handle_t * sh,
 		goto cleanup;
 	}
 -	if (access(module_path, F_OK) != 0) {
 -		ERR(sh, "Module does not exist: %s", module_path);
 +	if (stat(module_path, &sb) != 0) {
 +		ERR(sh, "Unable to access %s: %s\n", module_path, strerror(errno));
 		rc = -1;
 		goto cleanup;
 	}
@@ -1828,7 +1881,13 @@ static int semanage_direct_extract(semanage_handle_t * sh,
 		goto cleanup;
 	}
 -	if (extract_cil == 1 && strcmp(_modinfo->lang_ext, "cil") && access(input_file, F_OK) != 0) {
 +	if (extract_cil == 1 && strcmp(_modinfo->lang_ext, "cil") && stat(input_file, &sb) != 0) {
 +		if (errno != ENOENT) {
 +			ERR(sh, "Unable to access %s: %s\n", input_file, strerror(errno));
 +			rc = -1;
 +			goto cleanup;
 +		}
 +
 		rc = semanage_compile_module(sh, _modinfo);
 		if (rc < 0) {
 			goto cleanup;
@@ -1973,6 +2032,12 @@ static int semanage_direct_get_enabled(semanage_handle_t *sh,
 	}
 	if (stat(path, &sb) < 0) {
 +		if (errno != ENOENT) {
 +			ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +			status = -1;
 +			goto cleanup;
 +		}
 +
 		*enabled = 1;
 	}
 	else {
@@ -2000,6 +2065,7 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
 	const char *path = NULL;
 	FILE *fp = NULL;
 	semanage_module_info_t *modinfo = NULL;
@ -648,7 +408,7 @@ index 65842df..439122d 100644
 	/* check transaction */
 	if (!sh->is_in_transaction) {
-@@ -2060,7 +2126,9 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
+@@ -2060,7 +2092,9 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
 	switch (enabled) {
 		case 0: /* disable the module */
@ -658,31 +418,15 @@ index 65842df..439122d 100644
 			if (fp == NULL) {
 				ERR(sh,
-@@ -2296,6 +2364,12 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh,
+@@ -2706,6 +2740,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh,
 	/* set enabled/disabled status */
 	if (stat(fn, &sb) < 0) {
 +		if (errno != ENOENT) {
 +			ERR(sh, "Unable to access %s: %s\n", fn, strerror(errno));
 +			status = -1;
 +			goto cleanup;
 +		}
 +
 		ret = semanage_module_info_set_enabled(sh, *modinfo, 1);
 		if (ret != 0) {
 			status = -1;
@@ -2704,8 +2778,10 @@ static int semanage_direct_install_info(semanage_handle_t *sh,
 	int status = 0;
 	int ret = 0;
 	int type;
 +	struct stat sb;
 	char path[PATH_MAX];
 +	mode_t mask = umask(0077);
 	semanage_module_info_t *higher_info = NULL;
 	semanage_module_key_t higher_key;
-@@ -2754,7 +2830,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh,
+@@ -2754,7 +2789,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh,
 		if (higher_info->enabled == 0 && modinfo->enabled == -1) {
 			errno = 0;
 			WARN(sh,
@ -691,16 +435,7 @@ index 65842df..439122d 100644
 			     modinfo->name);
 		}
 	}
-@@ -2803,7 +2879,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh,
+@@ -2817,6 +2852,7 @@ cleanup:
 			goto cleanup;
 		}
 -		if (access(path, F_OK) == 0) {
 +		if (stat(path, &sb) == 0) {
 			ret = unlink(path);
 			if (ret != 0) {
 				ERR(sh, "Error while removing cached CIL file %s: %s", path, strerror(errno));
@@ -2817,6 +2893,7 @@ cleanup:
 	semanage_module_key_destroy(sh, &higher_key);
 	semanage_module_info_destroy(sh, higher_info);
 	free(higher_info);
@ -833,7 +568,7 @@ index d3eaa06..43681dd 100644
 Name: libsemanage
 diff --git libsemanage-2.7/src/semanage_store.c libsemanage-2.7/src/semanage_store.c
-index 6158d08..14ad99c 100644
+index 6158d08..4bd1d65 100644
 --- libsemanage-2.7/src/semanage_store.c
 +++ libsemanage-2.7/src/semanage_store.c
@@ -116,6 +116,7 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = {
@ -844,24 +579,7 @@ index 6158d08..14ad99c 100644
 	"/file_contexts",
 	"/seusers"
 };
-@@ -513,6 +514,7 @@ char *semanage_conf_path(void)
+@@ -537,7 +538,6 @@ char *semanage_conf_path(void)
 {
 	char *semanage_conf = NULL;
 	int len;
 +	struct stat sb;
 	len = strlen(semanage_root()) + strlen(selinux_path()) + strlen(SEMANAGE_CONF_FILE);
 	semanage_conf = calloc(len + 1, sizeof(char));
@@ -521,7 +523,7 @@ char *semanage_conf_path(void)
 	snprintf(semanage_conf, len + 1, "%s%s%s", semanage_root(), selinux_path(),
 		 SEMANAGE_CONF_FILE);
 -	if (access(semanage_conf, R_OK) != 0) {
 +	if (stat(semanage_conf, &sb) != 0 && errno == ENOENT) {
 		snprintf(semanage_conf, len + 1, "%s%s", selinux_path(), SEMANAGE_CONF_FILE);
 	}
@@ -537,7 +539,6 @@ char *semanage_conf_path(void)
 int semanage_create_store(semanage_handle_t * sh, int create)
 {
 	struct stat sb;
@ -869,7 +587,7 @@ index 6158d08..14ad99c 100644
 	const char *path = semanage_files[SEMANAGE_ROOT];
 	int fd;
-@@ -556,9 +557,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
+@@ -556,9 +556,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
 			return -1;
 		}
 	} else {
@ -881,7 +599,7 @@ index 6158d08..14ad99c 100644
 			    path);
 			return -1;
 		}
-@@ -579,9 +580,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
+@@ -579,9 +579,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
 			return -1;
 		}
 	} else {
@ -893,7 +611,7 @@ index 6158d08..14ad99c 100644
 			    path);
 			return -1;
 		}
-@@ -602,9 +603,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
+@@ -602,9 +602,9 @@ int semanage_create_store(semanage_handle_t * sh, int create)
 			return -1;
 		}
 	} else {
@ -905,7 +623,7 @@ index 6158d08..14ad99c 100644
 			    path);
 			return -1;
 		}
-@@ -623,8 +624,8 @@ int semanage_create_store(semanage_handle_t * sh, int create)
+@@ -623,8 +623,8 @@ int semanage_create_store(semanage_handle_t * sh, int create)
 			return -1;
 		}
 	} else {
@ -916,23 +634,7 @@ index 6158d08..14ad99c 100644
 			return -1;
 		}
 	}
-@@ -1508,8 +1509,14 @@ int semanage_split_fc(semanage_handle_t * sh)
+@@ -1739,9 +1739,9 @@ static int semanage_commit_sandbox(semanage_handle_t * sh)
 static int sefcontext_compile(semanage_handle_t * sh, const char *path) {
 	int r;
 +	struct stat sb;
 +
 +	if (stat(path, &sb) < 0) {
 +		if (errno != ENOENT) {
 +			ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
 +			return -1;
 +		}
 -	if (access(path, F_OK) != 0) {
 		return 0;
 	}
@@ -1739,9 +1746,9 @@ static int semanage_commit_sandbox(semanage_handle_t * sh)
 	if (!sh->conf->save_previous) {
 		int errsv = errno;
@ -944,7 +646,7 @@ index 6158d08..14ad99c 100644
 			goto cleanup;
 		}
 		errno = errsv;
-@@ -2098,6 +2105,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out,
+@@ -2098,6 +2098,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out,
 	const char *kernel_filename = NULL;
 	struct sepol_policy_file *pf = NULL;
 	FILE *outfile = NULL;
@ -952,7 +654,7 @@ index 6158d08..14ad99c 100644
 	if ((kernel_filename =
 	     semanage_path(SEMANAGE_TMP, file)) == NULL) {
-@@ -2126,6 +2134,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out,
+@@ -2126,6 +2127,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out,
 	if (outfile != NULL) {
 		fclose(outfile);
 	}
--- a/libsemanage.spec
+++ b/libsemanage.spec
@ -4,13 +4,13 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
 Version: 2.7
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: LGPLv2+
 Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/libsemanage-2.7.tar.gz
 # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
 # run:
 # $ VERSION=2.7 ./make-fedora-selinux-patch.sh libsemanage
-# HEAD https://github.com/fedora-selinux/selinux/commit/4e253a0231ca085df03b55c4c0490ad6a0e261eb
+# HEAD https://github.com/fedora-selinux/selinux/commit/7888343a2885bbf9739503055dfa6fa69f8b7213
 Patch1: libsemanage-fedora.patch
 URL: https://github.com/SELinuxProject/selinux/wiki
 Source1: semanage.conf
@ -179,6 +179,9 @@ sed -i '1s%\(#! */usr/bin/python\)\([^3].*\|\)$%\13\2%' %{buildroot}%{_libexecdi
 %{_libexecdir}/selinux/semanage_migrate_store
 %changelog
 * Fri Mar 16 2018 Petr Lautrbach <plautrba@workstation> - 2.7-11
 - Revert "remove access() check to make setuid programs work" (#1557468)
 * Tue Mar 13 2018 Petr Lautrbach <plautrba@redhat.com> - 2.7-10
 - properly check return value of iterate function
 - Use umask(0077) for fopen() write operations