Incorporate the latest upstream SELinux changes into the Android
build tree.
% git merge aosp/upstream-master --no-ff
A followup commit will make Android specific changes to allow
this code to compile.
- Known issue: -
Multiple implementations of partial directory match digesting.
To fix bug 62302954 ("Investigate restorecon() / selabel_lookup()
performance"), Android implemented a number of patches, including
7d4a56f84d
The upstream SELinux community ended up writing their own variant of
Android's patch, which accomplishes the same thing. This patch is at
e016502c0a
This merge has the effect of having both patches in the tree at the same
time, which could be confusing. However, the new upstream code isn't
used by Android, so there's no impact (other than code bloat and
duplication).
Change-Id: I2bb804b71763c0c3ba77fe48d42787298f85a9d7
Test: treehugger
While using Ansible's Selinux module to manage ports, I discovered
that numerical ports caused an unhandled exception in 'seobject.py'.
This appears to be a bug, and I am proposing a fix which checks the
type of the argument before operating on it. This maintains the
original functionality in the case of a string, and acts in the same
fashion if you supply an integer.
I did not find any open bug report against the SELinux project. The
downstream bug report is here:
https://github.com/ansible/ansible/issues/60968
Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us>
Commit 73b7ff410c ("Only invoke RPM on RPM-enabled Linux distributions") used
platform.linux_distribution() function to detect whether the system is rpm
based. This function is deprecated since Python 3.5 and it's removed from Python
3.8 - https://bugs.python.org/issue28167
The original problem is already fixed by another commit
671f83b42b ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
value"):
$ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
Failed to retrieve rpm info for selinux-policy
Created the following files:
mypolicy/testpolicy.te # Type Enforcement file
mypolicy/testpolicy.if # Interface file
mypolicy/testpolicy.fc # File Contexts file
mypolicy/testpolicy_selinux.spec # Spec file
mypolicy/testpolicy.sh # Setup Script
Fixes:
File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
AttributeError: module 'platform' has no attribute 'linux_distribution'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes:
# semanage port -a -p sctp -t port_t 1234
ValueError: Protocol udp or tcp is required
# semanage port -d -p sctp -t port_t 1234
ValueError: Protocol udp or tcp is required
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Return value of "customized" has to be iterable.
Fixes:
"semanage export" with no modules in the system (eg. monolithic policy)
crashes:
Traceback (most recent call last):
File "/usr/sbin/semanage", line 970, in <module>
do_parser()
File "/usr/sbin/semanage", line 949, in do_parser
args.func(args)
File "/usr/sbin/semanage", line 771, in handleExport
for c in OBJECT.customized():
TypeError: 'NoneType' object is not iterable
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
- Add "customized" method to permissiveRecords which is than used for
"semanage permissive --extract" and "semanage export"
- Enable "semanage permissive --deleteall" (already implemented)
- Add "permissive" to the list of modules exported using
"semanage export"
- Update "semanage permissive" man page
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Other python scripts already use python3 by default. Both files don't have exec
bits so they have to be run using python interpret on command line anyway:
$ python3 ./setup.py ...
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Using the "s0" default means that new login mappings are always added with "s0"
range instead of the range of SELinux user.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Use codespell (https://github.com/codespell-project/codespell) in order
to find many common misspellings that are present in English texts.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
chcat_add() defines variable cmd twice before calling
subprocess.check_call(cmd, ...). Remove the first definition.
This bug was found using lgtm.com analyzer:
eac5e661ca/files/python/chcat/chcat (L118)
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
lunch && make -j
repo upload .
Test: compiles and boots
Change-Id: Ia2dbf92e3127aa779bec3c46f171d3ef6c1cbfe5
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
lunch && make -j
repo upload .
Test: compiles and boots
Change-Id: I75ccf5307012a2517c0fdf13bea806e10b8b8595
Additionally, resolve build time errors due to
c19395d722
libselinux: selinux_set_mapping: fix handling of unknown classes/perm
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
lunch && make -j
repo upload .
Test: device boots and no obvious problems.
Change-Id: Ib3a6c086ceadaeaaaf35498d53b2b3e3ad5b8945
This really isn't needed, as we just rebased 5 days ago. However, I
wanted to minimize the diff in case anyone happens to look at
b/126376007 today.
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
repo upload .
Test: device boots and no obvious problems.
Bug: 126376007
Change-Id: I290900ec5285ca98212b90d0ac536da9d27b16c9
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
repo upload .
Test: device compiles and boots
Change-Id: I2b5b1a201d43ee94fc909dd8bca5595bc7f0e522
- Python 2.7 is planned to be the last of the 2.x releases
- It's generally advised to use Python 3
- Majority of python/ scripts are already switched python3
- Users with python 2 only can still use:
$ make PYTHON=/usr/bin/python ....
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Previous code traceback-ed when one of the mentioned option was used without
any argument as this state was not handled by the argument parser.
action='store' stores arguments as a list while the original
action='store_const' used str therefore it's needed to convert list to str
before it's sent to moduleRecords class.
Fixes:
^_^ semanage module -a
Traceback (most recent call last):
File "/usr/sbin/semanage", line 963, in <module>
do_parser()
File "/usr/sbin/semanage", line 942, in do_parser
args.func(args)
File "/usr/sbin/semanage", line 608, in handleModule
OBJECT.add(args.module_name, args.priority)
File "/usr/lib/python3.7/site-packages/seobject.py", line 402, in add
if not os.path.exists(file):
File "/usr/lib64/python3.7/genericpath.py", line 19, in exists
os.stat(path)
TypeError: stat: path should be string, bytes, os.PathLike or integer, not NoneType
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
seobject.py is not supposed to be used as entrypoint therefore the shebang is
unnecessary. It also doesn't need execute bits.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
setools 4.2.0 dropped support for Python 2. On systems where
/usr/bin/python is Python 2, several tools are now broken because of
this. Update the shebang of these tools to /usr/bin/python3.
For future reference, as semanage/seobject.py, sepolicy and sepolgen
import setools, every program that uses one of these modules need to be
run with Python 3. The following programs do not use any of these
modules so their shebangs have not been modified:
dbus/selinux_server.py
libsemanage/utils/semanage_migrate_store
mcstrans/share/util/mlscolor-test
mcstrans/share/util/mlstrans-test
sandbox/start
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
The files in sepolicy's module directory are not supposed to used as
executable files. The shebang line is therefore not needed.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
repo upload .
Test: device compiles and boots
Change-Id: If92a0b5e99e69ac0434197fa848b736b9cf0bf77
This method prints a usage message including the message to the standard error
and terminates the program with a status code of 2.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fix gathering boolean values by fixing always False if condition
(determining whether the values are listed from local store).
Fix listing boolean values by printing the correct values and not
forcing the use of security_get_boolean_active (which causes
crash when listing booleans that are not present in active policy).
Fixes:
# dnf install selinux-policy-mls
# cat > mypolicy.cil
(boolean xyz false)
# semodule -i mypolicy.cil -s mls
# semanage boolean -l -S mls
...
irssi_use_full_network (off , off) Allow the Irssi IRC Client to connect to any port, and to bind to any unreserved port.
mozilla_plugin_use_bluejeans (off , off) Allow mozilla plugin to use Bluejeans.
OSError: No such file or directory
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
modify_button_clicked() used variable "type" in a comparison instead of
"ftype". This is a bug, which has been found with flake8 3.7.0. This
linter reported:
python/sepolicy/sepolicy/gui.py:1548:20: F823 local variable 'type'
{0} referenced before assignment
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Flake8 3.7.0 added a new fatal error message when parsing Python files:
python/semanage/semanage:112:16: F632 use ==/!= to compare str, bytes, and int literals
python/semanage/semanage:124:23: F632 use ==/!= to compare str, bytes, and int literals
...
python/sepolgen/src/sepolgen/output.py:77:8: F632 use ==/!= to compare str, bytes, and int literals
python/sepolgen/src/sepolgen/output.py:80:8: F632 use ==/!= to compare str, bytes, and int literals
python/sepolgen/src/sepolgen/output.py:83:8: F632 use ==/!= to compare str, bytes, and int literals
python/sepolicy/sepolicy/generate.py:646:16: F632 use ==/!= to compare str, bytes, and int literals
python/sepolicy/sepolicy/generate.py:1349:16: F632 use ==/!= to compare str, bytes, and int literals
Fix all these warnings.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Flake8 3.7.0 warns about lines that are over-indented, i.e. lines that
are indented with more than 4 spaces:
python/sepolgen/src/sepolgen/refparser.py:1047:26: E117 over-indented
python/sepolgen/src/sepolgen/yacc.py:2569:21: E117 over-indented
python/sepolicy/sepolicy/interface.py:196:13: E117 over-indented
python/sepolicy/sepolicy/interface.py:198:13: E117 over-indented
python/sepolicy/sepolicy/interface.py:215:13: E117 over-indented
python/sepolicy/sepolicy/interface.py:217:13: E117 over-indented
python/sepolicy/sepolicy/manpage.py:172:13: E117 over-indented
python/sepolicy/sepolicy/manpage.py:174:13: E117 over-indented
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
repo upload .
Test: device boots and no obvious problems.
Change-Id: I6beff804808e92d1002ead226c7d5c702f373cdc
Using "sepolicy gui" sometimes leads to an exception when entering the
Files tab:
Traceback (most recent call last):
File "python/sepolicy/sepolicy/gui.py", line 1345, in tab_change
self.show_mislabeled_files_only.set_visible(self.mislabeled_files)
AttributeError: 'SELinuxGui' object has no attribute 'mislabeled_files'
Indeed, when application_selected() calls show_applications_page(), this
function calls tab_change(), which can use mislabeled_files in this
line:
self.show_mislabeled_files_only.set_visible(self.mislabeled_files)
Make sure that mislabeled_files is initialized by defining it in
__init__(), in order to fix this error. Its value will be properly set
later, by calling several initializers, which is why the original
assignment to False is kept in:
self.mislabeled_files = False
self.executable_files_initialize(app)
self.network_initialize(app)
self.writable_files_initialize(app)
self.transitions_into_initialize(app)
self.transitions_from_initialize(app)
self.application_files_initialize(app)
self.transitions_files_initialize(app)
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When running "make install-headers" on refpolicy,
/usr/share/selinux/refpolicy/Makefile does not exist but
/usr/share/selinux/refpolicy/include/Makefile does. Use it when
available.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Introduce option --attr-helper to sepolgen-ifgen to make it possible to
override /usr/bin/sepolgen-ifgen-attr-helper and use it in the testuite
in order to test the helper which has been compiled from the project
instead of the one installed on the system.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
audit2allow testsuite requires a system which uses SELinux with a MLS
policy. This is a lot to ask for a continuous integretation system.
Thankfully this can be worked around by using option -p to run the tools
with a specific configuration. Doing this, the testsuite can even be run
on a system without SELinux.
This approach requires building a custom policy for parsing test.log.
Add a minimal policy written in CIL for this need.
While at it:
* Do not invoke "sudo sepolgen-ifgen" but produce a file in a writable
directory (instead of /var/lib/sepolgen/interface_info)
* Use sys.executable instead of 'python', in order to really test
python3 and python2 when calling the test script with one of these
interpreters.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
