rpms/usbguard
6
0
Fork 0
Code Issues Pull Requests Releases Activity
97ffebda96
usbguard/usbguard-restore-support-access-control-names.patch
Radovan Sroka 2eb6b48d69
Backported two patches 
- selinux: allow policykit dbus comunnication
- restore support for access control filenames without a group

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
2022-03-15 10:53:59 +01:00

45 lines
1.5 KiB
Diff
Raw Blame History

From 22eb68cde27046c684e3ee2061b085b18fad863b Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Sat, 5 Mar 2022 17:22:05 +0100
Subject: [PATCH] Restore support for access control filenames without a group
Regression from commit b15ef713a9ac47e84525bbf829c7f444b84c3c81
of release 1.1.0, detailed analysis online at
https://github.com/USBGuard/usbguard/issues/540#issuecomment-1059784284
---
src/Daemon/Daemon.cpp | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/src/Daemon/Daemon.cpp b/src/Daemon/Daemon.cpp
index 45ddb76d..4ec2d934 100644
--- a/src/Daemon/Daemon.cpp
+++ b/src/Daemon/Daemon.cpp
@@ -446,12 +446,25 @@ namespace usbguard
void Daemon::parseIPCAccessControlFilename(const std::string& basename, std::string* const ptr_user,
std::string* const ptr_group)
{
+ // There are five supported forms:
+ // - "<user>:<group>"
+ // - "<user>:"
+ // - "<user>"
+ // - ":<group>"
+ // - ":"
const auto ug_separator = basename.find_first_of(":");
const bool has_group = ug_separator != std::string::npos;
const std::string user = basename.substr(0, ug_separator);
const std::string group = has_group ? basename.substr(ug_separator + 1) : std::string();
- checkIPCAccessControlName(user);
- checkIPCAccessControlName(group);
+
+ if (! user.empty()) {
+ checkIPCAccessControlName(user);
+ }
+
+ if (! group.empty()) {
+ checkIPCAccessControlName(group);
+ }
+
*ptr_user = user;
*ptr_group = group;
}
Reference in New Issue View Git Blame Copy Permalink