diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index cabf060..fcca135 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.73/audit2allow/audit2allow +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.74/audit2allow/audit2allow --- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500 -+++ policycoreutils-2.0.73/audit2allow/audit2allow 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/audit2allow/audit2allow 2009-09-17 15:05:17.000000000 -0400 @@ -42,6 +42,8 @@ from optparse import OptionParser @@ -38,9 +38,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po else: # This is the default if no input is specified f = sys.stdin -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.73/load_policy/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.74/load_policy/Makefile --- nsapolicycoreutils/load_policy/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.73/load_policy/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/load_policy/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -1,6 +1,6 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -49,18 +49,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.73/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.74/Makefile --- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.73/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -1,4 +1,4 @@ -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.73/restorecond/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.74/restorecond/Makefile --- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.73/restorecond/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -1,17 +1,28 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr @@ -107,16 +107,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po relabel: install /sbin/restorecon $(SBINDIR)/restorecond -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.73/restorecond/org.selinux.Restorecond.service +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service --- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/restorecond/org.selinux.Restorecond.service 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,3 @@ +[D-BUS Service] +Name=org.selinux.Restorecond +Exec=/usr/sbin/restorecond -u -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.73/restorecond/restorecond.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.74/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.73/restorecond/restorecond.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.c 2009-09-17 15:05:17.000000000 -0400 @@ -48,294 +48,38 @@ #include #include @@ -607,9 +607,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po } + + -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.73/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.74/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.73/restorecond/restorecond.conf 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.conf 2009-09-17 15:05:17.000000000 -0400 @@ -4,8 +4,5 @@ /etc/mtab /var/run/utmp @@ -620,9 +620,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po /root/.ssh/* - - -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.73/restorecond/restorecond.desktop +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.74/restorecond/restorecond.desktop --- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/restorecond/restorecond.desktop 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.desktop 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,7 @@ +[Desktop Entry] +Name=File Context maintainer @@ -631,9 +631,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +Encoding=UTF-8 +Type=Application +StartupNotify=false -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.73/restorecond/restorecond.h +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.74/restorecond/restorecond.h --- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.73/restorecond/restorecond.h 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.h 2009-09-17 15:05:17.000000000 -0400 @@ -24,7 +24,21 @@ #ifndef RESTORED_CONFIG_H #define RESTORED_CONFIG_H @@ -658,9 +658,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +extern void watch_list_free(int fd); #endif -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.73/restorecond/restorecond.init +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.74/restorecond/restorecond.init --- nsapolicycoreutils/restorecond/restorecond.init 2009-08-20 15:49:21.000000000 -0400 -+++ policycoreutils-2.0.73/restorecond/restorecond.init 2009-09-14 15:32:27.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond.init 2009-09-17 15:05:17.000000000 -0400 @@ -75,16 +75,15 @@ status restorecond RETVAL=$? @@ -680,15 +680,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po exit $RETVAL - -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.73/restorecond/restorecond_user.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.74/restorecond/restorecond_user.conf --- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/restorecond/restorecond_user.conf 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/restorecond_user.conf 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,2 @@ +~/* +~/public_html/* -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.73/restorecond/user.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.74/restorecond/user.c --- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/restorecond/user.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/user.c 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,237 @@ +/* + * restorecond @@ -927,9 +927,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + return 0; +} + -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.73/restorecond/watch.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.74/restorecond/watch.c --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/restorecond/watch.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/restorecond/watch.c 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,254 @@ +#define _GNU_SOURCE +#include @@ -1185,9 +1185,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + exitApp("Error watching config file."); +} + -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.73/sandbox/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.74/sandbox/Makefile --- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/sandbox/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,31 @@ +# Installation directories. +PREFIX ?= ${DESTDIR}/usr @@ -1220,9 +1220,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + ../../scripts/Lindent $(wildcard *.[ch]) + +relabel: -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.73/sandbox/sandbox +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.74/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/sandbox/sandbox 2009-09-16 15:46:50.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandbox 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,202 @@ +#!/usr/bin/python -E +import os, sys, getopt, socket, random, fcntl, shutil @@ -1426,9 +1426,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + + sys.exit(rc) + -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.73/sandbox/sandbox.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.74/sandbox/sandbox.8 --- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/sandbox/sandbox.8 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandbox.8 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,26 @@ +.TH SANDBOX "8" "May 2009" "chcat" "User Commands" +.SH NAME @@ -1456,9 +1456,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +.TP +runcon(1) +.PP -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.73/sandbox/sandboxX.sh +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.74/sandbox/sandboxX.sh --- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/sandbox/sandboxX.sh 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,16 @@ +#!/bin/bash +export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`" @@ -1476,13 +1476,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +exit $EXITCODE +break +done -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.73/sandbox/seunshare.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.74/sandbox/seunshare.c --- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/sandbox/seunshare.c 2009-09-09 17:05:42.000000000 -0400 -@@ -0,0 +1,203 @@ ++++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-09-17 15:05:44.000000000 -0400 +@@ -0,0 +1,284 @@ +#include +#include +#include ++#include +#include +#include +#define _GNU_SOURCE @@ -1493,10 +1494,17 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +#include +#include +#include /* for getopt_long() form of getopt() */ ++#include ++#include ++#include + +#include +#include /* for context-mangling functions */ + ++#include ++#include ++#include ++ +/** + * This function will drop the capabilities so that we are left + * only with access to the audit system and the ability to raise @@ -1507,15 +1515,21 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + * + * Returns zero on success, non-zero otherwise + */ -+static int drop_capabilities(int all) ++static int drop_capabilities(int all, uid_t uid) +{ + capng_clear(CAPNG_SELECT_BOTH); + + if (all) { + if (capng_lock() < 0) + return -1; ++ /* Change uid */ ++ if (setresuid(uid, uid, uid)) { ++ fprintf(stderr, "Error changing uid, aborting.\n"); ++ return -1; ++ } + } else { -+ if (capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1) < 0) { ++ if (capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SETPCAP, CAP_SETUID, -1) < 0) { ++ fprintf(stderr, "Error running capng_updatev\n"); + return -1; + } + } @@ -1552,6 +1566,50 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +} +#define USAGE_STRING "USAGE: seunshare [ -t tmpdir ] [ -h homedir ] -- CONTEXT executable [args] " + ++ ++ ++static int verify_mount(const char *mntdir, struct passwd *pwd) { ++ struct stat sb; ++ if (stat(mntdir, &sb) == -1) { ++ perror("Invalid mount point"); ++ return -1; ++ } ++ if (sb.st_uid != pwd->pw_uid) { ++ errno = EPERM; ++ syslog(LOG_AUTHPRIV | LOG_ALERT, "%s attempted to mount an invalid directory, %s", pwd->pw_name, mntdir); ++ perror("Invalid mount point, reporting to administrator"); ++ return -1; ++ } ++ return 0; ++} ++ ++/** ++ * This function checks to see if the shell is known in /etc/shells. ++ * If so, it returns 1. On error or illegal shell, it returns 0. ++ */ ++static int verify_shell(const char *shell_name) ++{ ++ int found = 0; ++ const char *buf; ++ ++ if (!(shell_name && shell_name[0])) ++ return found; ++ ++ while ((buf = getusershell()) != NULL) { ++ /* ignore comments */ ++ if (*buf == '#') ++ continue; ++ ++ /* check the shell skipping newline char */ ++ if (!strcmp(shell_name, buf)) { ++ found = 1; ++ break; ++ } ++ } ++ endusershell(); ++ return found; ++} ++ +int main(int argc, char **argv) { + int rc; + int status = -1; @@ -1570,13 +1628,24 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + }; + capng_print_caps_text(CAPNG_PRINT_STDOUT, CAPNG_EFFECTIVE); + -+ struct passwd *pwd=getpwuid(getuid()); ++ uid_t uid = getuid(); ++ ++ if (!uid) { ++ fprintf(stderr, "Must not be root"); ++ return -1; ++ } ++ ++ struct passwd *pwd=getpwuid(uid); + if (!pwd) { + perror("getpwduid failed"); + return -1; + } + -+ if (drop_capabilities(FALSE)) { ++ if (verify_shell(pwd->pw_shell) == 0) { ++ fprintf(stderr, "Error! Shell is not valid.\n"); ++ } ++ ++ if (drop_capabilities(FALSE, uid)) { + perror("Failed to drop capabilities"); + return -1; + } @@ -1590,9 +1659,12 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + switch (clflag) { + case 't': + tmpdir_s = optarg; ++ if (verify_mount(tmpdir_s, pwd) < 0) return -1; + break; + case 'h': + homedir_s = optarg; ++ if (verify_mount(homedir_s, pwd) < 0) return -1; ++ if (verify_mount(pwd->pw_dir, pwd) < 0) return -1; + break; + default: + fprintf(stderr, "%s\n", USAGE_STRING); @@ -1627,42 +1699,50 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + return -1; + } + ++ if (homedir_s && verify_mount(pwd->pw_dir, pwd) < 0) ++ return -1; ++ + if (tmpdir_s && mount(tmpdir_s, "/tmp", NULL, MS_BIND, NULL) < 0) { + perror("Failed to mount /tmp"); + return -1; + } + -+ if (drop_capabilities(TRUE)) { ++ if (tmpdir_s && verify_mount("/tmp", pwd) < 0) ++ return -1; ++ ++ if (drop_capabilities(TRUE, uid)) { + perror("Failed to drop all capabilities"); + return -1; + } + + int child = fork(); + if (!child) { ++ char *display=NULL; + /* Construct a new environment */ + char *d = getenv("DISPLAY"); -+ if (!d) { -+ perror("DISPLAY Not set"); -+ exit(-1); ++ if (d) { ++ display = strdup(d); ++ if (!display) { ++ perror("Out of memory"); ++ exit(-1); ++ } + } + -+ char *display = strdup(d); -+ if (!display) { -+ perror("Out of memory"); -+ exit(-1); -+ } + if ((rc = clearenv())) { + perror("Unable to clear environment"); ++ free(display); + exit(-1); + } + + if (setexeccon(scontext)) { + fprintf(stderr, "Could not set exec context to %s.\n", + scontext); ++ free(display); + exit(-1); + } + -+ rc |= setenv("DISPLAY", display, 1); ++ if (display) ++ rc |= setenv("DISPLAY", display, 1); + rc |= setenv("HOME", pwd->pw_dir, 1); + rc |= setenv("SHELL", pwd->pw_shell, 1); + rc |= setenv("USER", pwd->pw_name, 1); @@ -1675,6 +1755,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + } + + execv(argv[optind], argv + optind); ++ free(display); + perror("execv"); + exit(-1); + } else { @@ -1683,9 +1764,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + + return status; +} -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.73/scripts/chcat +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.74/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2009-06-23 15:36:07.000000000 -0400 -+++ policycoreutils-2.0.73/scripts/chcat 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/chcat 2009-09-17 15:05:17.000000000 -0400 @@ -435,6 +435,8 @@ continue except ValueError, e: @@ -1695,9 +1776,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po sys.exit(errors) -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.73/scripts/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.74/scripts/Makefile --- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400 -+++ policycoreutils-2.0.73/scripts/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/scripts/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -5,7 +5,7 @@ MANDIR ?= $(PREFIX)/share/man LOCALEDIR ?= /usr/share/locale @@ -1707,9 +1788,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po install: all -mkdir -p $(BINDIR) -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.73/semanage/semanage +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.74/semanage/semanage --- nsapolicycoreutils/semanage/semanage 2009-09-08 09:03:10.000000000 -0400 -+++ policycoreutils-2.0.73/semanage/semanage 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/semanage/semanage 2009-09-17 15:05:17.000000000 -0400 @@ -85,6 +85,7 @@ -F, --file Treat target as an input file for command, change multiple settings -p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6) @@ -1800,9 +1881,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po return -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.73/semanage/seobject.py +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.74/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2009-09-08 09:03:10.000000000 -0400 -+++ policycoreutils-2.0.73/semanage/seobject.py 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/semanage/seobject.py 2009-09-17 15:05:17.000000000 -0400 @@ -1586,9 +1586,16 @@ raise ValueError(_("Could not delete the file context %s") % target) semanage_fcontext_key_free(k) @@ -1834,9 +1915,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po for k in keys: if fcon_dict[k]: if is_mls_enabled: -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.73/semodule/semodule.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.74/semodule/semodule.8 --- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.73/semodule/semodule.8 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/semodule/semodule.8 2009-09-17 15:05:17.000000000 -0400 @@ -30,11 +30,17 @@ install/replace a module package .TP @@ -1856,9 +1937,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po .B \-r,\-\-remove=MODULE_NAME remove existing module .TP -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.73/semodule/semodule.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.74/semodule/semodule.c --- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.73/semodule/semodule.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/semodule/semodule.c 2009-09-17 15:05:17.000000000 -0400 @@ -22,12 +22,12 @@ #include @@ -1976,9 +2057,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po semanage_module_info_datum_destroy (m); } -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.73/setfiles/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.74/setfiles/Makefile --- nsapolicycoreutils/setfiles/Makefile 2009-07-07 15:32:32.000000000 -0400 -+++ policycoreutils-2.0.73/setfiles/Makefile 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/Makefile 2009-09-17 15:05:17.000000000 -0400 @@ -5,7 +5,7 @@ LIBDIR ?= $(PREFIX)/lib AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null) @@ -1997,9 +2078,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po restorecon: setfiles ln -sf setfiles restorecon -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.73/setfiles/restore.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.74/setfiles/restore.c --- nsapolicycoreutils/setfiles/restore.c 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/setfiles/restore.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/restore.c 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,519 @@ +#include "restore.h" + @@ -2520,9 +2601,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po + + + -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.73/setfiles/restore.h +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.74/setfiles/restore.h --- nsapolicycoreutils/setfiles/restore.h 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.73/setfiles/restore.h 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/restore.h 2009-09-17 15:05:17.000000000 -0400 @@ -0,0 +1,49 @@ +#ifndef RESTORE_H +#define RESTORE_H @@ -2573,9 +2654,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po +int process_one(char *name, int recurse); + +#endif -diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.73/setfiles/setfiles.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.74/setfiles/setfiles.c --- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:43.000000000 -0400 -+++ policycoreutils-2.0.73/setfiles/setfiles.c 2009-09-09 17:05:42.000000000 -0400 ++++ policycoreutils-2.0.74/setfiles/setfiles.c 2009-09-17 15:05:17.000000000 -0400 @@ -1,26 +1,12 @@ -#ifndef _GNU_SOURCE -#define _GNU_SOURCE @@ -3027,7 +3108,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po - - if (context) - freecon(context); -- + - /* - * Do not relabel the file if -n was used. - */ @@ -3066,7 +3147,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po - progname, ftsent->fts_path); - return SKIP; - } - +- - int rc = restore(ftsent); - if (rc == ERR) { - if (!abort_on_error) @@ -3189,7 +3270,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po return -1; } -@@ -804,20 +298,30 @@ +@@ -804,20 +300,30 @@ char *buf = NULL; size_t buf_len; char *base; @@ -3228,7 +3309,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if (!strcmp(base, SETFILES)) { /* -@@ -832,28 +336,28 @@ +@@ -832,28 +338,28 @@ iamrestorecon = 0; recurse = 1; expand_realpath = 0; @@ -3265,7 +3346,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po ctx_validate = 0; /* restorecon only: silent exit if no SELinux. -@@ -915,37 +419,37 @@ +@@ -915,37 +421,37 @@ input_filename = optarg; break; case 'd': @@ -3312,7 +3393,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po break; case 'R': case 'r': -@@ -958,7 +462,7 @@ +@@ -958,7 +464,7 @@ argv[0]); exit(1); } @@ -3321,7 +3402,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po fprintf(stderr, "%s: only one -r can be specified\n", argv[0]); -@@ -969,23 +473,23 @@ +@@ -969,23 +475,23 @@ case 's': use_input_file = 1; input_filename = "-"; @@ -3350,7 +3431,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po break; case 'W': warn_no_match = 1; -@@ -1033,18 +537,13 @@ +@@ -1033,18 +539,13 @@ } /* Load the file contexts configuration and check it. */ @@ -3372,7 +3453,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po if (use_input_file) { FILE *f = stdin; ssize_t len; -@@ -1061,6 +560,9 @@ +@@ -1061,6 +562,9 @@ delim = (null_terminated != 0) ? '\0' : '\n'; while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) { buf[len - 1] = 0; @@ -3382,7 +3463,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po errors |= process_one_realpath(buf); } if (strcmp(input_filename, "-") != 0) -@@ -1070,22 +572,21 @@ +@@ -1070,22 +574,21 @@ errors |= process_one_realpath(argv[i]); } } diff --git a/policycoreutils.spec b/policycoreutils.spec index e99da09..811672a 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.74 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -297,6 +297,9 @@ fi exit 0 %changelog +* Thu Sep 17 2009 Dan Walsh 2.0.74-2 +- Security fixes for seunshare + * Thu Sep 17 2009 Dan Walsh 2.0.74-1 - Update to upstream * Change semodule upgrade behavior to install even if the module