a24f66486d
- Save homedir_template in the policy store for genhomedircon https://bugs.gentoo.org/558686
148 lines
4.3 KiB
Diff
148 lines
4.3 KiB
Diff
diff --git libsemanage-2.4/src/direct_api.c libsemanage-2.4/src/direct_api.c
|
|
index b0ed338..875c513 100644
|
|
--- libsemanage-2.4/src/direct_api.c
|
|
+++ libsemanage-2.4/src/direct_api.c
|
|
@@ -1137,6 +1137,9 @@ static int semanage_direct_commit(semanage_handle_t * sh)
|
|
if (retval < 0)
|
|
goto cleanup;
|
|
|
|
+ /* remove FC_TMPL now that it is now longer needed */
|
|
+ unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
|
|
+
|
|
pfcontexts->dtable->drop_cache(pfcontexts->dbase);
|
|
|
|
/* SEUsers */
|
|
@@ -1241,11 +1244,6 @@ static int semanage_direct_commit(semanage_handle_t * sh)
|
|
sepol_policydb_free(out);
|
|
out = NULL;
|
|
|
|
- /* remove files that are automatically generated and no longer needed */
|
|
- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
|
|
- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL));
|
|
- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA));
|
|
-
|
|
if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) {
|
|
retval = semanage_install_sandbox(sh);
|
|
}
|
|
@@ -1355,7 +1353,7 @@ static int semanage_direct_install_file(semanage_handle_t * sh,
|
|
int in_fd = -1;
|
|
char *path = NULL;
|
|
char *filename;
|
|
- char *lang_ext;
|
|
+ char *lang_ext = NULL;
|
|
char *separator;
|
|
|
|
if ((in_fd = open(install_filename, O_RDONLY)) == -1) {
|
|
@@ -1387,17 +1385,20 @@ static int semanage_direct_install_file(semanage_handle_t * sh,
|
|
goto cleanup;
|
|
}
|
|
*separator = '\0';
|
|
+ lang_ext = separator + 1;
|
|
}
|
|
|
|
separator = strrchr(filename, '.');
|
|
if (separator == NULL) {
|
|
- ERR(sh, "Module does not have a valid extension.");
|
|
- retval = -1;
|
|
- goto cleanup;
|
|
+ if (lang_ext == NULL) {
|
|
+ ERR(sh, "Module does not have a valid extension.");
|
|
+ retval = -1;
|
|
+ goto cleanup;
|
|
+ }
|
|
+ } else {
|
|
+ *separator = '\0';
|
|
+ lang_ext = separator + 1;
|
|
}
|
|
- *separator = '\0';
|
|
-
|
|
- lang_ext = separator + 1;
|
|
|
|
retval = semanage_direct_install(sh, data, data_len, filename, lang_ext);
|
|
|
|
diff --git libsemanage-2.4/tests/test_utilities.c libsemanage-2.4/tests/test_utilities.c
|
|
index 4d25b07..32cc33c 100644
|
|
--- libsemanage-2.4/tests/test_utilities.c
|
|
+++ libsemanage-2.4/tests/test_utilities.c
|
|
@@ -45,7 +45,7 @@ void test_slurp_file_filter(void);
|
|
|
|
char fname[] = {
|
|
'T', 'E', 'S', 'T', '_', 'T', 'E', 'M', 'P', '_', 'X', 'X', 'X', 'X',
|
|
- 'X', 'X'
|
|
+ 'X', 'X', '\0'
|
|
};
|
|
int fd;
|
|
FILE *fptr;
|
|
diff --git libsemanage-2.4/utils/semanage_migrate_store libsemanage-2.4/utils/semanage_migrate_store
|
|
index 03b492e..22842fc 100755
|
|
--- libsemanage-2.4/utils/semanage_migrate_store
|
|
+++ libsemanage-2.4/utils/semanage_migrate_store
|
|
@@ -1,4 +1,4 @@
|
|
-#!/usr/bin/python -E
|
|
+#!/usr/bin/python3 -E
|
|
|
|
|
|
from __future__ import print_function
|
|
@@ -17,7 +17,7 @@ try:
|
|
import selinux
|
|
import semanage
|
|
except:
|
|
- print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
|
|
+ print("You must install libselinux-python3 and libsemanage-python3 before running this tool", file=sys.stderr)
|
|
exit(1)
|
|
|
|
|
|
@@ -221,7 +221,7 @@ def rebuild_policy():
|
|
|
|
|
|
def oldroot_path():
|
|
- return "/etc/selinux"
|
|
+ return "%s/etc/selinux" % ROOT
|
|
|
|
def oldstore_path(store):
|
|
return "%s/%s/modules/active" % (oldroot_path(), store)
|
|
@@ -233,7 +233,7 @@ def disabledmodules_path(store):
|
|
return "%s/disabled" % newmodules_path(store)
|
|
|
|
def newroot_path():
|
|
- return PATH
|
|
+ return "%s%s" % (ROOT, PATH)
|
|
|
|
def newstore_path(store):
|
|
return "%s/%s/active" % (newroot_path(), store)
|
|
@@ -260,6 +260,8 @@ if __name__ == "__main__":
|
|
help="Disable rebuilding policy after migration (default: no)")
|
|
parser.add_option("-P", "--path", dest="path",
|
|
help="Set path for the policy store (default: /var/lib/selinux)")
|
|
+ parser.add_option("-r", "--root", dest="root",
|
|
+ help="Set an alternative root for the migration (default: /)")
|
|
|
|
(options, args) = parser.parse_args()
|
|
|
|
@@ -272,6 +274,10 @@ if __name__ == "__main__":
|
|
if PATH is None:
|
|
PATH = "/var/lib/selinux"
|
|
|
|
+ ROOT = options.root
|
|
+ if ROOT is None:
|
|
+ ROOT = ""
|
|
+
|
|
# List of paths that go in the active 'root'
|
|
TOPPATHS = [
|
|
"commit_num",
|
|
@@ -282,9 +288,13 @@ if __name__ == "__main__":
|
|
"file_contexts.local",
|
|
"seusers",
|
|
"users.local",
|
|
+ "users_extra",
|
|
"users_extra.local",
|
|
"disable_dontaudit",
|
|
- "preserve_tunables" ]
|
|
+ "preserve_tunables",
|
|
+ "policy.kern",
|
|
+ "file_contexts",
|
|
+ "homedir_template"]
|
|
|
|
|
|
create_dir_from(oldroot_path(), newroot_path(), 0o755)
|