* Mon Mar 20 2006 Dan Walsh <dwalsh@redhat.com> 1.30-4

- Open file descriptor to make sure file does not change from underneath.
2006-03-21 04:07:13 +00:00 · 2006-03-21 04:07:13 +00:00 · 751b4ff02b
commit 751b4ff02b
parent b0a7b268a9
2 changed files with 50 additions and 24 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,6 +1,6 @@
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.30/Makefile
 --- nsapolicycoreutils/Makefile	2005-11-29 10:55:01.000000000 -0500
-+++ policycoreutils-1.30/Makefile	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/Makefile	2006-03-20 22:51:07.000000000 -0500
@@ -1,4 +1,4 @@
 -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
 +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
@ -9,7 +9,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils
 	@for subdir in $(SUBDIRS); do \
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-1.30/restorecond/Makefile
 --- nsapolicycoreutils/restorecond/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/Makefile	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/Makefile	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,29 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -42,7 +42,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile pol
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-1.30/restorecond/restorecond.8
 --- nsapolicycoreutils/restorecond/restorecond.8	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.8	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/restorecond.8	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,31 @@
 +.TH "restorecond" "8" "2002031409" "" ""
 +.SH "NAME"
@ -77,8 +77,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +.BR restorecon (8),
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30/restorecond/restorecond.c
 --- nsapolicycoreutils/restorecond/restorecond.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.c	2006-03-20 15:57:28.000000000 -0500
-@@ -0,0 +1,436 @@
+++ policycoreutils-1.30/restorecond/restorecond.c	2006-03-20 22:51:13.000000000 -0500
+@@ -0,0 +1,452 @@
 +/*
 + * restorecond
 + *
@ -235,13 +235,26 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	security_context_t prev_context=NULL;
 +	struct stat st;
 +	char path[PATH_MAX+1];
+	int fd=-1;
 +	if (debug_mode)
 +		printf("restore %s\n", filename);
 +
-+	if (lstat(filename, &st)!=0) return;
+	fd = open(filename, O_NOFOLLOW | O_RDONLY );
+	if ( fd < 0 ) {
+		syslog(LOG_ERR,"Unable to open file (%s) %s\n", filename,strerror(errno));
+		return;
+	}
+
+
+	if (fstat(fd, &st)!=0) {
+		syslog(LOG_ERR,"Unable to stat file (%s) %s\n", filename,strerror(errno));
+		close(fd);
+		return;
+	}
 +
 +	if (st.st_nlink > 1) {
 +		syslog(LOG_ERR,"Will not restore a file with more than one hard link (%s) %s\n", filename,strerror(errno));
+		close(fd);
 +		return;
 +	}
 +
@ -251,7 +264,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +		syslog(LOG_ERR,"matchpathcon(%s) failed %s\n", filename,strerror(errno));
 +		return;
 +	} 
-+	retcontext=lgetfilecon(filename,&prev_context);
+	retcontext=fgetfilecon(fd,&prev_context);
 +	
 +	if (retcontext >= 0 || errno == ENODATA) {
 +		if (retcontext < 0) prev_context=NULL;
@ -261,15 +274,17 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +			if (only_changed_user(scontext, prev_context) != 0) {
 +				free(scontext);
 +				free(prev_context);
+				close(fd);
 +				return;
 +			}
 +
-+			if (lsetfilecon(filename,scontext) < 0) {
+			if (fsetfilecon(fd,scontext) < 0) {
 +				syslog(LOG_ERR,"set context %s->%s failed:'%s'\n",
 +					filename, scontext, strerror(errno));
 +				if (retcontext >= 0)
 +					free(prev_context);
 +				free(scontext);
+				close(fd);
 +				return;
 +			}
 +			syslog(LOG_WARNING,"Reset file context %s: %s->%s\n", filename, prev_context, scontext);
@ -282,6 +297,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +			filename, strerror(errno));
 +	}
 +	free(scontext);
+	close(fd);
 +}
 +
 +static void process_config(int fd, FILE *cfg) {
@ -517,14 +533,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +}
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.30/restorecond/restorecond.conf
 --- nsapolicycoreutils/restorecond/restorecond.conf	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.conf	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/restorecond.conf	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,3 @@
 +/etc/resolv.conf
 +/etc/mtab
 +~/public_html
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-1.30/restorecond/restorecond.h
 --- nsapolicycoreutils/restorecond/restorecond.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.h	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/restorecond.h	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,31 @@
 +/* restorecond.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -559,8 +575,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-1.30/restorecond/restorecond.init
 --- nsapolicycoreutils/restorecond/restorecond.init	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.init	2006-03-17 23:29:02.000000000 -0500
-@@ -0,0 +1,57 @@
+++ policycoreutils-1.30/restorecond/restorecond.init	2006-03-20 23:04:15.000000000 -0500
+@@ -0,0 +1,61 @@
 +#!/bin/sh
 +#
 +# restorecond:		Daemo used to maintain path file context
@ -591,6 +607,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	rm -f  /var/lock/subsys/restorecond
 +        echo
 +}
+restart() 
+{
+    stop
+    start
+}
 +
 +[ -f /usr/sbin/restorecond ] || exit 0
 +
@ -606,11 +627,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	status restorecond
 +	;;
 +  restart|reload)
-+	stop
-+	start
+	restart
 +	;;
 +  condrestart)
-+	[ -e /var/lock/subsys/restorecond ] && (stop; start)
+	[ -e /var/lock/subsys/restorecond ] && restart || :
 +	;;
 +  *)
 +        echo $"Usage: $0 {start|stop|restart|reload|condrestart}"
@ -620,7 +640,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +exit 0
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.c policycoreutils-1.30/restorecond/stringslist.c
 --- nsapolicycoreutils/restorecond/stringslist.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/stringslist.c	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/stringslist.c	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,118 @@
 +/*
 + * Copyright (C) 2006 Red Hat 
@ -742,7 +762,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.h policycoreutils-1.30/restorecond/stringslist.h
 --- nsapolicycoreutils/restorecond/stringslist.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/stringslist.h	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/stringslist.h	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,37 @@
 +/* stringslist.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -783,7 +803,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-1.30/restorecond/utmpwatcher.c
 --- nsapolicycoreutils/restorecond/utmpwatcher.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/utmpwatcher.c	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/utmpwatcher.c	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,105 @@
 +/*
 + * utmpwatcher.c
@ -892,7 +912,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.h policycoreutils-1.30/restorecond/utmpwatcher.h
 --- nsapolicycoreutils/restorecond/utmpwatcher.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/utmpwatcher.h	2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/restorecond/utmpwatcher.h	2006-03-20 22:51:07.000000000 -0500
@@ -0,0 +1,29 @@
 +/* utmpwatcher.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@ -925,7 +945,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30/scripts/fixfiles
 --- nsapolicycoreutils/scripts/fixfiles	2006-01-04 13:07:46.000000000 -0500
-+++ policycoreutils-1.30/scripts/fixfiles	2006-03-20 15:50:23.000000000 -0500
+++ policycoreutils-1.30/scripts/fixfiles	2006-03-20 22:51:07.000000000 -0500
@@ -124,7 +124,15 @@
     exit $?
 fi
@ -945,8 +965,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
 LogReadOnly
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30/semanage/seobject.py
 --- nsapolicycoreutils/semanage/seobject.py	2006-03-10 09:48:05.000000000 -0500
-+++ policycoreutils-1.30/semanage/seobject.py	2006-03-17 23:29:02.000000000 -0500
-@@ -549,7 +548,7 @@
+++ policycoreutils-1.30/semanage/seobject.py	2006-03-20 22:51:07.000000000 -0500
+@@ -549,7 +549,7 @@
 				raise ValueError("Could not list roles for user %s" % name)
 
 			roles = string.join(rlist, ' ');
@ -955,7 +975,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py pol
 
 		return ddict
 
-@@ -559,10 +558,10 @@
+@@ -559,10 +559,10 @@
 		keys.sort()
 		if is_mls_enabled == 1:
 			if heading:
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -5,7 +5,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
 Version: 1.30
-Release: 3
+Release: 4
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -103,7 +103,13 @@ rm -rf ${RPM_BUILD_ROOT}
 %attr(755,root,root) /etc/rc.d/init.d/restorecond
 %config(noreplace) /etc/selinux/restorecond.conf

+%post
+service restorecond condrestart
+
 %changelog
+* Mon Mar 20 2006 Dan Walsh <dwalsh@redhat.com> 1.30-4
+- Open file descriptor to make sure file does not change from underneath.
+
 * Fri Mar 17 2006 Dan Walsh <dwalsh@redhat.com> 1.30-3
 - Fixes for restorecond attack via symlinks
 - Fixes for fixfiles