diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 4a0aaca..e072a95 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -650,6 +650,119 @@ index 5da2e0d..7c5bab0 100644 clean: -rm -f $(TARGETS) *.o +diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c +index 3bb3c4b..d16e331 100644 +--- a/policycoreutils/sandbox/seunshare.c ++++ b/policycoreutils/sandbox/seunshare.c +@@ -31,6 +31,12 @@ + #include /* for context-mangling functions */ + #include + ++ ++/* ++ * Note setfsuid never returns an error code. But the compiler complains if ++ * I do not check, so I am checking for -1, which should never happen. ++ */ ++ + #ifdef USE_NLS + #include /* for setlocale() */ + #include /* for gettext() */ +@@ -617,12 +623,15 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src, + free(cmdbuf); cmdbuf = NULL; + + /* remove runtime temporary directory */ +- setfsuid(0); ++ if (setfsuid(0) < 0) ++ rc++; ++ + if (rmdir(tmpdir) == -1) + fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno)); +- setfsuid(pwd->pw_uid); ++ if (setfsuid(pwd->pw_uid) < 0) ++ rc++; + +- return 0; ++ return rc; + } + + /** +@@ -642,7 +651,9 @@ static char *create_tmpdir(const char *src, struct stat *src_st, + + /* get selinux context */ + if (execcon) { +- setfsuid(pwd->pw_uid); ++ if (setfsuid(pwd->pw_uid) < 0) ++ goto err; ++ + if ((fd_s = open(src, O_RDONLY)) < 0) { + fprintf(stderr, _("Failed to open directory %s: %s\n"), src, strerror(errno)); + goto err; +@@ -661,7 +672,8 @@ static char *create_tmpdir(const char *src, struct stat *src_st, + } + + /* ok to not reach this if there is an error */ +- setfsuid(0); ++ if (setfsuid(0) < 0) ++ goto err; + } + + if (asprintf(&tmpdir, "/tmp/.sandbox-%s-XXXXXX", pwd->pw_name) == -1) { +@@ -716,14 +728,16 @@ static char *create_tmpdir(const char *src, struct stat *src_st, + } + } + +- setfsuid(pwd->pw_uid); ++ if (setfsuid(pwd->pw_uid) < 0) ++ goto err; + + if (rsynccmd(src, tmpdir, &cmdbuf) < 0) { + goto err; + } + + /* ok to not reach this if there is an error */ +- setfsuid(0); ++ if (setfsuid(0) < 0) ++ goto err; + + if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) { + fprintf(stderr, _("Failed to populate runtime temporary directory\n")); +@@ -916,7 +930,8 @@ int main(int argc, char **argv) { + /* Changing fsuid is usually required when user-specified directory is + * on an NFS mount. It's also desired to avoid leaking info about + * existence of the files not accessible to the user. */ +- setfsuid(uid); ++ if (setfsuid(uid) < 0) ++ return -1; + + /* verify homedir and tmpdir */ + if (homedir_s && ( +@@ -925,7 +940,7 @@ int main(int argc, char **argv) { + if (tmpdir_s && ( + verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 || + check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1; +- setfsuid(0); ++ if (setfsuid(0) < 0) return -1; + + /* create runtime tmpdir */ + if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s, +@@ -959,7 +974,7 @@ int main(int argc, char **argv) { + } + + /* assume fsuid==ruid after this point */ +- setfsuid(uid); ++ if (setfsuid(uid) < 0) goto childerr; + + /* mount homedir and tmpdir, in this order */ + if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir, +@@ -1005,7 +1020,7 @@ int main(int argc, char **argv) { + + /* selinux context */ + if (execcon && setexeccon(execcon) != 0) { +- fprintf(stderr, _("Could not set exec context to %s.\n"), execcon); ++ fprintf(stderr, _("Could not set exec context to %s. %s\n"), execcon, strerror(errno)); + goto childerr; + } + diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles index 989b1ae..19a4ff0 100755 --- a/policycoreutils/scripts/fixfiles