Commit graph

954 commits

Author SHA1 Message Date
Stephen Smalley
5d2b8d49ec Revert "If users of seobject set serange or seuser to "", we need to override."
This reverts commit 5102ed4cb8.
This breaks non-MLS systems.

Reported-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2013-11-26 14:01:18 -05:00
Stephen Smalley
feb6f9ffdd Bump policycoreutils version to 2.2.3.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-13 11:06:05 -05:00
Dan Walsh
e8718ef514 Make sure we do the polkit check on all dbus interfaces.
Change policy kit to only allow access on the console.
2013-11-13 11:00:29 -05:00
Dan Walsh
ef102bf81a Call proper dbus function
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2013-11-13 11:00:18 -05:00
Stephen Smalley
27238433ad Bump libselinux version to 2.2.1 for pkg-config fix.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-06 14:56:30 -05:00
Stephen Smalley
7e7916932b Remove -lpthread from pkg-config file.
libselinux uses weak bindings to pthread functions and will fall
back to non-threaded implementations if the caller is not linked
with libpthread.  Avoid requiring all users of libselinux to
link with libpthread.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-06 14:55:23 -05:00
Stephen Smalley
f0f1ff4470 Bump policycoreutils version for semanage import default encoding bug fix.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-06 09:29:05 -05:00
Daniel J Walsh
a2b443b214 Patch to remove default encoding patch.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The default encoding patch, was never upstreamed.  default_encoding module
switched python2 to always use unicode.  Potentially in some languages
semanage will blow up when errors are reported.

The need for this patch is going away in python3, which should be the default
in Fedora 21/22.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlJ5DT4ACgkQrlYvE4MpobMvrgCfcEvZY4q7F17q9dbYJrHJXpae
Ut8AoM2TP99Ca0/lJAjoMTGsqr50P35/
=BHTe
-----END PGP SIGNATURE-----
2013-11-06 09:27:17 -05:00
Stephen Smalley
f64918ff71 Add make-update script and fix release script.
make-update script is for generating an update for an existing release,
e.g. for a bug fix update.

release script is for generating a new release.

Per-package tagging may fail on the release script if the version
has not changed; this is harmless.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-31 14:34:02 -04:00
Stephen Smalley
ac74dde4ae Bump policycoreutils version for sepolicy generate bug fix.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-31 12:16:30 -04:00
Dan Walsh
b33b4f42d5 Make yum/extract_rpms optional so that apt based systems can use tool 2013-10-31 12:11:04 -04:00
Dan Walsh
e27d51b17e Add test suite for audit2allow and sepolgen_ifgen 2013-10-31 11:05:28 -04:00
Stephen Smalley
75fdea94bb Bump version for bug fix to sepolgen-ifgen.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-31 10:13:10 -04:00
Dan Walsh
bbf72baca1 Add back attributes flag to fix exception crash. 2013-10-31 10:11:20 -04:00
Stephen Smalley
0135eaa24f Cosmetic: Fix libsepol ChangeLog dates from 2012.
Someone didn't know what year it was when they made those changes.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-31 09:40:00 -04:00
Stephen Smalley
c525be35fb Update to latest Lindent script from kernel tree.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 14:34:25 -04:00
Stephen Smalley
6abcb4f293 Drop obsolete script. 2013-10-30 14:33:51 -04:00
Stephen Smalley
75740f4f34 Add tagging and wiki section generation to the release script.
Tag the release before generating it, and automatically generate
a template for use in updating the wiki page.  Also, make the
output directory unique to each release, delete any prior contents,
and tell the user where to find it.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 14:28:30 -04:00
Stephen Smalley
674e068306 Adjust build instructions to clarify x86_64 vs x86.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 12:51:19 -04:00
Stephen Smalley
7c4bb77999 Version bump for release.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 12:45:19 -04:00
Stephen Smalley
8e5d465335 Update ChangeLog files.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 12:42:05 -04:00
Laurent Bigonville
9792099fd7 Properly build the swig exception file even if the headers are missing
During build if the headers are not installed in the system path, the
generated swig exception (.i) file might be empty.
2013-10-30 12:19:02 -04:00
Stephen Smalley
4b41f10db9 Merge branch 'constraintnames' 2013-10-30 11:56:36 -04:00
Stephen Smalley
e40b6ede5f Drop semodule_path; obsoleted by elimination of genhomedircon script.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-29 12:21:02 -04:00
Dan Walsh
4bc2cd49d4 Update version of policy file to match what was shipped since Fedora 19 2013-10-29 11:43:02 -04:00
Dan Walsh
cde05f3b61 Have sepolgen return additional constraint information 2013-10-29 08:49:52 -04:00
Dan Walsh
3ddff86b8f Have audit2allow output additional constraint information 2013-10-29 08:49:52 -04:00
Dan Walsh
579236d30a Fix line spacing on audit2allow output 2013-10-29 08:49:52 -04:00
Dan Walsh
4a674abd34 Return the sections of the source and target context that differ
Help the administrator/policy developer to see what parts of the label are different.

For example if you get a constraint violation and the role of the source and target
differ, audit2allow will suggest this might be the problem.
2013-10-29 08:49:52 -04:00
Dan Walsh
6d0f111421 Change audit2why to return constraint information on denial.
This patch uses Richard Haines fixes in libsepol to help identify which
constraint is blocking access.  The end goal is helping policy writers
and administrators to diagnose issues with their policy.
2013-10-29 08:49:51 -04:00
Richard Haines
9eefe11b3a libsepol: V1 Allow constraint denials to be determined.
Adds policy source defined 'type' or 'typeattribute' names to
constraints by adding additional structures (->type_names->types) to a
binary policy.
Before this change all typeattributes were expanded to lists of types
and added to the constraint under ->names. This made it difficult for
system admins to determine from the policy source what attribute
needed to be updated. To facilitate analysis of constraint failures
a new function has also been added, see sepol_compute_av_reason_buffer.

As additional structures have been added to policy, the policy version
is also updated (POLICYDB_VERSION_CONSTRAINT_NAMES). There is also a
corresponding kernel patch to handle the additional structures.

sepol_compute_av_reason_buffer is an extended version of
sepol_compute_av_reason. This will return a buffer with constraint
expression information, containing the constrain type, class, perms,
keywords etc.. It will also contain which constraint expr failed plus
the final outcome. The buffer MUST be free'd with free(3).

The type information output by sepol_compute_av_reason_buffer depends on
the policy version:
If >= POLICYDB_VERSION_CONSTRAINT_NAMES, then the output will be
whatever was in the original policy (type or attribute names).
If < POLICYDB_VERSION_CONSTRAINT_NAMES, then the output will be
the types listed in the constraint (as no attribute information is
available in these versions).
For users and roles whatever policy version, only the names are listed
(as role attributes are not currently held in the constraint).

Also added are two functions that obtain the class and permissions
from a binary policy file that has been loaded for testing:
sepol_string_to_security_class
sepol_string_to_av_perm

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2013-10-29 08:49:51 -04:00
Dan Walsh
e3b1bb1ab7 Make sure userdel cleans up after itself in test 2013-10-28 17:04:45 -04:00
Dan Walsh
959a4e3177 Catch IOError errors within audit2allow 2013-10-28 17:04:36 -04:00
Stephen Smalley
8b114a3bf2 Fix avc_has_perm() returns -1 even when SELinux is in permissive mode.
If we get an EINVAL from security_compute_av* (indicates an invalid
source or target security context, likely due to a policy reload that
removed one or the other) and we are in permissive mode, then handle it
like any other permission denial, i.e. log but do not deny it.

Reported-by: Laurent Bigonville <bigon@debian.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-28 16:52:50 -04:00
Stephen Smalley
0ddd534a11 Add a README with instructions on building. 2013-10-28 13:34:47 -04:00
Dan Walsh
e3048525ad Michal Trunecka patch to allow restorecon to accept paths with {}
The restorecon is unable to resolve paths using braced expressions like this: /sbin/

./restorecon:  lstat(/sbin/ip{6,}tables*) failed:  No such file or directory

The problem is that restorecon calls glob function without GLOB_BRACE flag, which en
2013-10-25 16:12:40 -04:00
Stephen Smalley
a08010023b Update ChangeLogs and bump VERSIONs to an intermediate value.
2.1.99 is just a placeholder to distinguish it from the prior release.
2.2 will be the released version.  Switching to 2-component versions.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-25 15:14:23 -04:00
Stephen Smalley
56258807ea Revert "Richard Haines patch that allows us discover constraint violation information"
This reverts commit 56b49ab711.

Conflicts:
	libselinux/src/audit2why.c
2013-10-25 13:53:03 -04:00
Stephen Smalley
07e8f316da Fix sepolgen test case.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-25 12:54:04 -04:00
Stephen Smalley
8b71d70b55 Add separate role declarations as required by modern checkpolicy.
Sadly, make test still fails on some tests.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-25 12:08:23 -04:00
Stephen Smalley
99b070d5fc Merge branch 'fedora' into master-merge 2013-10-25 09:26:32 -04:00
Dan Walsh
cc131892c7 Need to delete all managed objects before readding them 2013-10-25 09:26:21 -04:00
Dan Walsh
4f63201788 semanage user customized should use -L not -l
Fixes semanage extract/import problem.
2013-10-25 09:26:18 -04:00
Stephen Smalley
f458b76076 Merge branch 'fedora' into master-merge
Conflicts:
	libselinux/src/Makefile
	libselinux/src/selinux_config.c
	policycoreutils/audit2allow/audit2allow.1
	policycoreutils/scripts/fixfiles.8
	policycoreutils/semanage/semanage.8
	policycoreutils/sepolicy/Makefile
	policycoreutils/sepolicy/sepolicy/transition.py
	policycoreutils/setsebool/setsebool.8
2013-10-24 15:24:17 -04:00
Stephen Smalley
50eedb1e1f Ignore genhomedircon link. 2013-10-24 15:11:01 -04:00
Stephen Smalley
cfada081f4 libsemanage gained a dependency on libaudit.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-24 15:10:57 -04:00
Dan Walsh
fc965a99c6 Remove test_booleans_l from test, it is bogus 2013-10-24 15:10:55 -04:00
Sven Vermeulen
52d52fe2d6 Make RANLIB variable overridable
If the RANLIB variable is defined by the user, use that value instead of
the /usr/bin/ranlib binary.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2013-10-24 13:58:41 -04:00
Sven Vermeulen
e1ecb2cdb4 Update pkgconfig definition
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2013-10-24 13:58:41 -04:00
Sven Vermeulen
6068fcb361 Mount sys before trying to mount selinuxfs
If /sys is not present, the attempt to mount selinuxfs will of course
fail. So we try to mount /sys first (and only if that fails fall back to
the /selinux mount point) and then try to mount selinuxfs.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2013-10-24 13:58:41 -04:00