This allows sepolgen to generate policy from AVC messages that contain
contexts translated by mcstrans.
Fixes:
\# echo "type=USER_AVC msg=audit(1468415802.940:2199604): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0-s15:c0.c1023 msg='avc: denied { status } for auid=n/a uid=0 gid=0 cmdline="/usr/lib/systemd/systemd-logind" scontext=system_u:system_r:systemd_logind_t:SystemLow-SystemHigh tcontext=system_u:system_r:init_t:s0-s15:c0.c1023 tclass=system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'" | audit2allow
libsepol.mls_from_string: invalid MLS context SystemLow-SystemHigh
libsepol.mls_from_string: could not construct mls context structure
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert
system_u:system_r:systemd_logind_t:SystemLow-SystemHigh to sid
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
in class policy, ports is usually initialized with the result of
get_all_ports(), which is a dict. If this function failed, the error was
not fatal but ports was left initialized as a list, which would trigger
other errors when accessing it.
Initialize ports as an empty dict in order to fix this issue.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When using sepolgen GUI on a system with a non-MLS policy,
sepolicy.info(sepolicy.PORT) does not define "range" attributes (since
commit 908340e8e7 ("sepolicy: support non-MLS policy in manpage")).
Replace them with None in get_all_ports() result.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When a translated string takes parameters with %, the % and the
parameters need to be after the call to the underline function in order
to work properly.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
It was removed from Python 3
Fixes:
File "polgengui.py", line 390, in forward
self.generate_policy()
File "polgengui.py", line 491, in generate_policy
my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
File "/home/plautrba/devel/github/bachradsusi/SELinuxProject-selinux/python/sepolicy/sepolicy/generate.py", line 468, in set_use_syslog
if not isinstance(val, types.BooleanType):
AttributeError: module 'types' has no attribute 'BooleanType'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
map() returns an iterator in python3, list in python2
Fixes:
File "/usr/lib/python3.6/site-packages/sepolicy/generate.py", line 114, in get_all_users
users.remove("system_u")
AttributeError: 'map' object has no attribute 'remove'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
moduleRecords.modify() calls nonexistent function
semanage_module_update_file (maybe it should have been
semanage_module_upgrade_file which is now obsolete and calls
semanage_module_install_file) and the job of updating a module is done
by moduleRecords.add().
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Commit 985753f changed behavior of seobject class constructors. While
semanage itself was fixed, there are other tools like
system-config-selinux and chcat which depend on the original behavior.
This change make the constructors backward compatible.
Fixes: $ system-config-selinux
Traceback (most recent call last):
File "/usr/share/system-config-selinux/system-config-selinux.py", line 196, in <module>
app = childWindow()
File "/usr/share/system-config-selinux/system-config-selinux.py", line 100, in __init__
self.add_page(booleansPage.booleansPage(xml))
File "/usr/share/system-config-selinux/booleansPage.py", line 142, in __init__
self.load(self.filter)
File "/usr/share/system-config-selinux/booleansPage.py", line 212, in load
self.booleans = seobject.booleanRecords()
TypeError: __init__() missing 1 required positional argument: 'args'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Arguments generate and gui was mixed together and information didn't make sense. This fix split gui and generate sections.
Signed-off-by: Lukas Vrabec <lvrabec@redhat.com>
Update Infiniband "port" and "key" listing and export to work on
python3.
{}.keys() does not support .sort() operation on Py3.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Replace nonexistent switch "-x" by "-z" (entry name).
Fix invalid index (the dictionary key is a 2-tuple).
Add MLS/MCS range (present in all entries).
Fixes:
#semanage ibendport -E
File "/usr/sbin/semanage", line 1049, in <module>
do_parser()
File "/usr/sbin/semanage", line 1028, in do_parser
args.func(args)
File "/usr/sbin/semanage", line 605, in handleIbendport
for i in OBJECT.customized():
File "/usr/lib64/python2.7/site-packages/seobject/__init__.py", line 1806, in customized
l.append("-a -t %s -x %s %s" % (ddict[k][0], k[2], k[0]))
IndexError: tuple index out of range
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
We want to call semanage_set_reload() only if -N option is used.
Fixes:
$ sudo umount /sys/fs/selinux
$ sudo semanage fcontext -a --type=postfix_local_tmp_t /var/opt/01789667
SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.31, searching for an older version.
SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.31: No such file or directory
/sbin/load_policy: Can't load policy: No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.31, searching for an older version.
SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.31: No such file or directory
/sbin/load_policy: Can't load policy: No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
FileNotFoundError: [Errno 2] No such file or directory
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
In order to do that we need to propagate args into seobject objects and
use args.store to get a store name.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Followed the following steps:
# In repo client
cd external/selinux
repo sync .
repo start mymerge .
git merge aosp/upstream-master --no-ff # resolve any conflicts
repo upload .
Test: compiles/boots no problems.
Change-Id: I4e7ee3fddfe021d128ebd70a663374367914b825
Include entries from file_contexts.homedirs when listing file contexts
via "semanage fcontext -l"
"semanage fcontext -l" so far ignored content of file_contexts.homedirs
file, which is confusing for users (more specific rules may be ignored in
favor of rules unseen to the user since file_contexts.homedirs has
higher priority than file_contexts).
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Several "sepolic gui" tabs raise exceptions when using a policy without
MLS because some dictionaries describing users and logins lack level and
range properties. Use conditions and get() where appropriate in order
to make "sepolicy gui" usable again with a non-MLS policy.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
In refpolicy, file_contexts.subs_dist begins with comments:
# This file can is used to configure base path aliases as in:
#
# /aliased_path /original_path_as_configured_in_file_contexts
#
The first line gets parsed in read_file_equiv even though it is not a
valid path substitution and the second line triggers an exception when
accessing f[1]:
IndexError: list index out of range
Parse substitutions only for lines which are not comment.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
On a system without any file context customizations, "sepolicy gui"
fails to load because it tries to read a non-existing file:
FileNotFoundError: [Errno 2] No such file or directory:
'/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'
Once this issue is fixed, another one is triggered:
FileNotFoundError: [Errno 2] No such file or directory:
'/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs
Use try/except to catch these exceptions and use OSError/errno.ENOENT to
keep the code compatible with Python 2.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
The space after "sepolicy(8)" breaks the formatting of section SEE ALSO
in man pages generated with sepolicy:
SEE ALSO
selinux(8), ssh(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8),
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This prevents the following exception to occur when using "sepolicy
manpage":
Traceback (most recent call last):
File "/bin/sepolicy", line 699, in <module>
args.func(args)
File "/bin/sepolicy", line 359, in manpage
m = ManPage(domain, path, args.root, args.source_files, args.web)
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 459, in __init__
self.__gen_man_page()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 548, in __gen_man_page
self._mcs_types()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 978, in _mcs_types
mcs_constrained_type = next(sepolicy.info(sepolicy.ATTRIBUTE, "mcs_constrained_type"))
StopIteration
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
"sepolicy manpage" fails when the system does not use MLS because
using x.context.range_ raises an exception. Avoid using range and levels
when _pol.mls is False.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When "sepolicy manpage" generates descriptions for file type, it uses a
mispelled _ra_content_t suffix for prettyprinting, which results in an
unwanted double-space on the line.
For example sepolicy manpage -d httpd_t produces:
.EX
.P
.B httpd_apcupsd_cgi_ra_content_t
.EE
- Set files with the httpd_apcupsd_cgi_ra_content_t type, if you
want to treat the files as httpd apcupsd cgi read/append content.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When running "sepolicy manpage" on a system without file_contexts.local,
the command fails with:
FileNotFoundError: [Errno 2] No such file or directory:
'//etc/selinux/refpolicy/contexts/files/file_contexts.local'
Verify that the file exists before using it.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Commit c624c4abaa ("sepolicy: Fix syntax errors in 'manpage -w'")
missed an occurence of print statement. While at it, fix self.os_version
test.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
SETools4 and Python 3 versions of map() and filter() uses iterators to
generates query results and these iterators can't be imply re-used. It
makes manpage and transitions operations really slow as they do lot of queries.
This patch changes it in the way that it caches results in lists for all
types, allow rules and transitions first and use cached results to
filter them using Python's filter() function.
Before:
$ time sepolicy manpage -d httpd_t sshd_t init_t
real 0m53.486s
user 0m53.171s
sys 0m0.054s
After:
$ time sepolicy manpage -d httpd_t sshd_t init_t
real 0m10.532s
user 0m10.368s
sys 0m0.114s
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes:
File "python/sepolicy/sepolicy/manpage.py", line 373, in _gen_css
print("%s has been created") % style_css
TypeError: unsupported operand type(s) for %: 'NoneType' and 'str'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
PYTHONLIBDIR is currently also used in sepolgen but has a different
behaviour regarding DESTDIR. Let's try to make this consistant.
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
As reported by Nicolas Iooss, there are still some inconsistencies
in the definitions and usage of Makefile variables related to bin
and sbin directories. Since we need to still support non-usrmerge
systems, we cannot completely synchronize them, but we can eliminate
unnecessary differences, remove unused variables, and drop the
USRSBINDIR variables.
Before:
$ find . -name Makefile -exec cat {} + |grep '^[A-Z_]*BINDIR' |sort -u
BINDIR=$(PREFIX)/bin
BINDIR ?= $(PREFIX)/bin
BINDIR ?= $(PREFIX)/sbin
SBINDIR ?= $(DESTDIR)/sbin
SBINDIR ?= $(PREFIX)/sbin
USRSBINDIR ?= $(PREFIX)/sbin
After:
$ find . -name Makefile -exec cat {} + | grep '^[A-Z_]*BINDIR' | sort -u
BINDIR ?= $(PREFIX)/bin
SBINDIR ?= $(DESTDIR)/sbin
SBINDIR ?= $(PREFIX)/sbin
This does not change the actual install location of any file.
It does drop the legacy symlink from /usr/sbin/load_policy to
/sbin/load_policy; packagers can create that separately if
desired.
Reported-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Fixes:
$ sepolicy network -d httpd_t
httpd_t: tcp name_connect
Traceback (most recent call last):
File /usr/bin/sepolicy, line 699, in <module>
args.func(args)
File /usr/bin/sepolicy, line 319, in network
_print_net(d, tcp, name_connect)
File /usr/bin/sepolicy, line 276, in _print_net
port_strings.sort(numcmp)
TypeError: must use keyword argument for key function
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes:
Verify sepolicy interface -c -i works ... Traceback (most recent call last):
File "/usr/bin/sepolicy", line 699, in <module>
args.func(args)
File "/usr/bin/sepolicy", line 508, in interface
print_interfaces(args.interfaces, args)
File "/usr/bin/sepolicy", line 492, in print_interfaces
interface_compile_test(i)
File "/usr/lib/python3.6/site-packages/sepolicy/interface.py", line 226, in interface_compile_test
fd.write(generate_compile_te(interface, idict))
File "/usr/lib/python3.6/site-packages/sepolicy/interface.py", line 184, in generate_compile_te
from templates import test_module
ModuleNotFoundError: No module named 'templates'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Commits a3d2c7a 6a7a5aa introduced inconsistent use of tabs and spaces
in indentation what makes python3.6 unhappy.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Update libsepol and libsemanage to work with ibendport records. Add local
storage for new and modified ibendport records in ibendports.local.
Update semanage to parse the ibendport command options to add, modify,
and delete them.
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Update libsepol and libsemanage to work with pkey records. Add local
storage for new and modified pkey records in pkeys.local. Update semanage
to parse the pkey command options to add, modify, and delete pkeys.
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Fixes:
$ sepolicy manpage -a
Traceback (most recent call last):
File "/usr/bin/sepolicy", line 699, in <module>
args.func(args)
File "/usr/bin/sepolicy", line 359, in manpage
m = ManPage(domain, path, args.root, args.source_files, args.web)
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 408, in __init__
self.__gen_man_page()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 495, in __gen_man_page
self._entrypoints()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 903, in _entrypoints
if len(entrypoints) > 1:
TypeError: object of type 'map' has no len()
$ sepolicy manpage -a
Traceback (most recent call last):
File "/usr/bin/sepolicy", line 699, in <module>
args.func(args)
File "/usr/bin/sepolicy", line 359, in manpage
m = ManPage(domain, path, args.root, args.source_files, args.web)
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 408, in __init__
self.__gen_man_page()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 497, in __gen_man_page
self._mcs_types()
File "/usr/lib/python3.6/site-packages/sepolicy/manpage.py", line 927, in _mcs_types
attributes = sepolicy.info(sepolicy.TYPE, (self.type))[0]["attributes"]
TypeError: 'generator' object is not subscriptable
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
This fixes a problem introduced in 18410c86 where ruletype is specified
as a string not a list.
Fixes:
>>> sepolicy.get_all_role_allows()
Traceback (most recent call last):
File "/usr/lib64/python3.6/site-packages/setools/policyrep/util.py", line 60, in lookup
return cls(value)
File "/usr/lib64/python3.6/enum.py", line 291, in __call__
return cls.__new__(cls, value)
File "/usr/lib64/python3.6/enum.py", line 533, in __new__
return cls._missing_(value)
File "/usr/lib64/python3.6/enum.py", line 546, in _missing_
raise ValueError("%r is not a valid %s" % (value, cls.__name__))
ValueError: 'a' is not a valid RBACRuletype
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes:
Traceback (most recent call last):
File "/usr/lib/python3.5/site-packages/sepolicy/gui.py", line 1447, in stripsort
return cmp(val1, val2)
NameError: name 'cmp' is not defined
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes python3 problem:
>>> print("Failed to retrieve rpm info for %s") % package
Failed to retrieve rpm info for %s
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: unsupported operand type(s) for %: 'NoneType' and 'str'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
map() and filter() changed their return values from list to iterators in
Python 3. This change drops filter() and map() from gui.py to make it
work on Python 2 and 3
Fixes:
Traceback (most recent call last):
File "/bin/sepolicy", line 700, in <module>
args.func(args)
File "/bin/sepolicy", line 326, in gui_run
sepolicy.gui.SELinuxGui(args.domain, args.test)
File "/usr/lib/python3.5/site-packages/sepolicy/gui.py", line 238, in __init__
if self.populate_system_policy() < 2:
File "/usr/lib/python3.5/site-packages/sepolicy/gui.py", line 835, in populate_system_policy
types = map(lambda x: x[1], filter(lambda x: x[0] == selinux_path, os.walk(selinux_path)))[0]
TypeError: 'map' object is not subscriptable
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
semodule in policycoreutils-2.4 changed the list format. With this
patch, org.selinux.semodule_list uses 'semodule --list=full' and the
code using this was adapted to the new format.
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1281309
Fixes:
File "/usr/lib64/python3.4/site-packages/sepolicy/gui.py", line 670, in lockdown_init
self.enable_unconfined_button.set_active(not self.module_dict["unconfined"]["Disabled"])
KeyError: 'unconfined'
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Fixes:
(sepolicy:2183): Gtk-WARNING **: Could not load image 'images/booleans.png': Failed to open file '/usr/lib64/python3.4/site-packages/sepolicy/images/booleans.png': No such file or directory
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
The toolchain automatically handles them and they break cross compiling.
LDFLAGS should also come before object files, some flags (eg,
-Wl,as-needed) can break things if they are in the wrong place)
Gentoo-Bug: https://bugs.gentoo.org/500674
Signed-off-by: Jason Zaman <jason@perfinion.com>
Please see go/android-upstream for merging a remote tracking branch into
Android. Automatic replication is already enabled for external/selinux.
This just merges those changes into Android's master branch.
The following patches are included in this merge:
7fe9a7be libsepol/cil: use __cil_ordered_lists_destroy() to free unordered_classorder_lists
602385d7 libsepol/cil: free the first operand if the second one is invalid
9feaf038 libsepol/cil: do not leak left-hand side of an invalid constraint
95e5c103 libsepol/cil: free bitmaps in cil_level_equals()
a2d40aae libsepol/cil: Move initialization of bitmap in __cil_permx_to_bitmap()
1cd3e1a4 libselinux, libsemanage: make PYPREFIX computation more robust
ed51e23f sepolgen: strip non-printable characters when parsing audit messages
32288896 semodule_package: do not leak memory when using -u or -s
ddaf0afe libsepol/cil: do not dereference args before checking it was not null
4176a292 libsemanage: never call memcpy with a NULL value
ccfbd9aa libsemanage/tests: include libsepol headers from $DESTDIR
6305bfbc mcstrans: do not dereference color_str if it is NULL
ded385d3 libselinux: initialize temp value in SWIG wrapper to prevent freeing garbage
43b24f01 libsepol: Define cgroup_seclabel policy capability
e720859f restorecond: add noreturn attribute to exitApp()
ef61dd7d checkpolicy: add noreturn attribute to usage()
840a7c91 secilc: add noreturn attribute to usage()
2f8926f7 mcstrans: add noreturn attribute to usage()
28a6a560 semodule-utils: add noreturn attribute to usage()
cd20f9c2 policycoreutils: add noreturn attribute to usage()
718bc4bc python/sepolicy: fix obtaining domain name in HTMLManPages
fba9d010 Python 3.6 invalid escape sequence deprecation fixes
317743bb python/semanage: fix export of fcontext socket entries
08648145 libsepol/cil: make reporting conflicting type transitions work
6707526f libsepol/cil: avoid freeing uninitialized values
9087bb9c checkpolicy: dereference rangehead after checking it was not NULL
dd11ab6f checkpolicy: Fix minor memory leak in checkpolicy
c408c70b libsepol/cil: Allow hexadecimal numbers in Xen context rules
526d0dad libsepol: Update module_to_cil to output hexadecimal for Xen rules
da2f2316 libsepol/cil: Use hexadecimal numbers when writing Xen rules
af0ce03e libsepol/cil: Add hexadecimal support for Xen ioportcon statements
4ccc267f mcstrans: fix typo in mcstransd.8 man page
6e3c3595 libsepol/cil: do not dereference a NULL pointer when calloc() fails
8c662db9 policycoreutils: fixfiles should handle path arguments more robustly
d0fafe03 policycoreutils: fixfiles: handle unexpected spaces in command
1da6fb06 policycoreutils/setfiles: stdout messages don't need program prefix
1ac883f1 policycoreutils/setfiles: don't scramble stdout and stderr together
5ed45797 policycoreutils: fixfiles: remove useless use of cat
a83f1cfd libsepol: do not dereference a NULL pointer when stack_init() fails
76f8c04c libsepol: make process_boolean() fail on invalid lines
b6579d26 libsepol: constify sepol_genbools()'s boolpath parameter
b251dbba libsepol: fix use-after-free in sepol_user_clone()
0438d5c4 libsemanage: do not close uninitialized file descriptors
85da6194 libsemanage: do not dereference a NULL pointer when calloc() fails
03298a22 libsemanage: genhomedircon: fix possible double-free
70a480bf libsepol: Add ability to convert binary policy to CIL
0a08fd1e libsepol: Add ability to convert binary policy to policy.conf file
13c27d6c checkpolicy: Add options to convert binary policy to CIL or a policy.conf
92f22e19 libsepol: In module_to_cil create one attribute for each unique set
Bug: 36508258
Test: code compiles and device boots, no obvious problems.
Change-Id: Id4b3df6aa651eca267f4fc28af1cfeb8825218c0
https://docs.python.org/3/whatsnew/3.6.html#deprecated-python-behavior
A backslash-character pair that is not a valid escape sequence now
generates a DeprecationWarning. Although this will eventually become a
SyntaxError, that will not be for several Python releases.
The problem appears when you use '-W error':
$ python3 -W error -c 'import re; re.findall("[^a-zA-Z0-9_\-\.]", " *%$")'
File "<string>", line 1
SyntaxError: invalid escape sequence \-
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
[ Edited commit message as per suggestion from Petr Lautrbach ]
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
HTMLManPages got domain name by splitting name of selinux manpage
on "_selinux" which doesn't work properly when domain name contains
"_selinux".
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Strip the following characters
\x1c File Separator
\x1d Group Separator
\x1e Record Separator
\x85 Next Line (C1 Control Code)
from audit message fields to make sure they are not evaluated
as part of some identifier (eg. ausearch used insert \x1d into
--raw output resulting in "unrecognized class" error messages).
This is done as part of str.split() in python3.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1406328
Please see go/android-upstream for merging a remote tracking branch into
Android. Automatic replication is already enabled for external/selinux.
This just merges those changes into Android's master branch.
Changes in this merge:
1cd972fc libselinux: selinux_restorecon: only log no default label warning for caller-supplied pathname
5b0ad2f0 libsemanage: genhomedircon: consider SEMANAGE_FCONTEXT_DIR in fcontext_matches()
baee7238 semanage, sepolicy: make tests not fail on systems without SELinux
dcd135cc Re-link programs after libsepol.a is updated
fd9e5ef7 libsepol: use constant keys in hashtab functions
ebe24ad2 libsepol: verify the right variable after calling calloc()
69ec21ce libsepol: remove useless assignments
6351fed5 libselinux: always free catalog in db_init()
6c853f3f libselinux: fix argument order in get_default_context_with_rolelevel() doc
cdc653a4 policycoreutils/hll/pp: Fix pp crash when processing base module
4a05e95f libsepol compilation fixes for macOS.
aa1a8a3c checkpolicy: always free id in define_type()
0a0d0552 checkpolicy: fix memory leaks in define_filename_trans()
42658e72 checkpolicy: add a missing free(id) in define_roleattribute()
7da9bc00 checkpolicy: do not leak memory when a class is not found in an avrule
ac7899fc policycoreutils: let output of `fixfiles` be redirected (as normal)
bd4ffeb4 policycoreutils/setfiles: set up a logging callback for libselinux
b88c4a47 libselinux: disable filespec hash table stats on non-debug builds
05abcb1d libselinux/src/regex.c: support old compilers for the endian check
1ef665cb libsepol: fix pp module to cil nodecon statement
b9213c7f libselinux: selinux_restorecon.3 man page typo fix
454768f5 setfiles: Fix setfiles progress indicator
cfea3971 policycoreutils: remove deprecated -o option from fixfiles verify
daaaf28b checkpolicy: Create common function for type declares and requires
bd057680 checkpolicy: Create common function for role declares and requires
a141c0d1 checkpolicy: Create common function for user declares and requires
a7a06789 checkpolicy: Cleanup error messages
d676e7ce checkpolicy: Move common require and declare code into new function
b6f3e008 checkpolicy: Improve check for identifier flavor mismatch
8adbd615 libsepol: Return +1 when declaration is followed by a require
5d56c267 checkpolicy: Remove uneeded return check in require_symbol()
192153db checkpolicy: Make print_error_msg() static
d6b5b037 libsepol: fix -Wwrite-strings warnings
a51b30ae libsemanage: make lang_ext parameter const in semanage_direct_write_langext()
2f94ac47 policycoreutils/hll/pp: fix -Wwrite-strings warnings
0df0b25d mcstrans: fix -Wwrite-strings warnings
9c770fe8 semodule_deps: hide -Wwrite-strings warnings
c33fd02d libsepol/tests: fix -Wwrite-strings warnings
68a4203f libsemanage/tests: fix -Wwrite-strings warnings
1f312a92 policycoreutils/semodule: fix -Wwrite-strings warnings
eeafde13 libsepol/cil: fix type confusion in cil_copy_ast
c9adfe2d Introduce Travis-CI tests
9edcf28a libsepol/cil: Destroy cil_tree_node stacks when finished resolving AST
Test: device boots and no obvious problems.
Change-Id: I4163a68b8b72c6d4e089803862a4998e0bd09e85
After libsepol is modified (for example while developing new features or
fixing bugs), running "make install" in the top-level directory does not
update the programs which use libsepol.a. Add this static library to the
target dependencies in order to force their updates. This makes "make"
use libsepol.a in the linking command without using LDLIBS.
While at it, copy what commit 14d7064348 ("libselinux: Allow
overriding libsepol.a location during build") introduced in libselinux
Makefile by using a new LIBSEPOLA variable in all Makefiles.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
selinux.security_getenforce() triggers an exception when running tests
on systems without SELinux. In order to skip tests which need SELinux in
enforcing mode, test selinux.is_selinux_enabled() too, like commit
945bc8853b ("sandbox: make test not fail on systems without SELinux").
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This merge was generated by following the instructions at
go/upstream-maintainers
Contains the following commits:
4791a99d python: Fix some typos
31fcd66d python/sepolicy/sepolicy/gui: Reflect sepolicy changes into gui
d479baa8 libsepol: Define extended_socket_class policy capability
ef387e88 python/sepolicy/sepolicy: Cleanup of gui code
8fe1b0ca python/sepolicy/sepolicy: optimise sepolicy gui loading
fc3d8cea selinux(8): fix display of man page references
7179fd87 man: standardize spacing with pointers in prototypes
af18b86e libsepol/cil: remove avrules with no affected types
bec41c4f policycoreutils/setfiles: Mention customizable types in restorecon man page
e51b2338 libsemanage/tests: make "make test" fail when a CUnit test fails
9e0cf6ec libsemanage/tests: make tests standalone
fd6bc593 libsemanage/tests: test more cases of semanage_split*()
a228bb37 libsemanage: simplify string utilities functions
57a3b1b4 libsemanage: add semanage_str_replace() utility function
300b8ad4 libsemanage: genhomedircon: drop ustr dependency
920ee9ee libsemanage: remove ustr library from Makefiles, README and pkg-config
055d14a9 libselinux/utils: do not create an empty /sbin directory
5db4537f libselinux: Fix unitialized variable compiler warnings
0abc25a3 libsemanage: Fix unitialized variable compiler warnings
c3b8d4aa libsepol/tests: fix -Wsometimes-uninitialized clang warnings
c39289c9 libsepol/tests: fix some memory leaks
da002468 checkpolicy: free id in define_port_context()
6ef96094 checkpolicy: fix memory leaks in genfscon statements parsing
47f61b0e checkpolicy: do not leak queue elements in queue_destroy()
c1ba8311 checkpolicy: free id where it was leaked
aa115d00 policycoreutils/restorecond: Decrease loglevel of termination message
58fb53bc libsemanage: genhomedircon: remove duplicated test condition
1004a3b3 libsemanage: increment the right index variable in for loop
0399ec64 libselinux: Generate SWIG wrappers for selinux_restorecon()
14f07097 libselinux: Rewrite restorecon() python method
d7b0941e checkpolicy: fix memory usage in define_bool_tunable()
d4923b49 libsepol: make capability index an unsigned int
3c85f9f1 libselinux: include errno.h instead of sys/errno.h
61f760b7 checkpolicy: always include ctypes.h
c667b33a mcstransd: fix and reorder includes
62f05898 policycoreutils, python: Fix bad manpage formatting in "SEE ALSO"
0e67689d restorecon manpage: link back to fixfiles
d66c54e2 libselinux: selinux_restorecon: only log no default label warning if recursive
6a2e352d libselinux: replace all malloc + memset by calloc in android label backend.
90889884 policy_define.c: don't free memory returned from queue_head()
Test: Device boots and no obvious problems
Change-Id: I726d5a6329061f1946ad056c52b42c9c4fb2b92b
Fix missing and surplus commas. Fix the following formatting errors:
.BR selinux(8)
renders the the "(8)" in bold as well as the "selinux". This is wrong.
.B selinux
(8)
renders with a space between "selinux" and "(8)", this is wrong.
.B selinux (8)
commits both of the above mistakes.
.BR selinux (8), apparmor (8)
omits the space separating "selinux(8)," and "apparmor(8)", this is wrong.
Correct all the above using the following markup:
.BR selinux (8),
.BR apparmor (8)
Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
Based on 77589dd354218f1f56d1c83747799606fa1b4899 by Dan Walsh.
Speed up gui loading.
Some minor bug fixes.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
sepolicy.get_init_entrypoint() now returns list of Type objects
instead of single string, which caused sepolicy gui to crash.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Aside from typos, change the way markup is applied to a tooltip
in sepolicy/gui so that the text can be translated.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Changes included in this merge:
9872b04a libsepol: check decl_id bounds before using it
fb237459 libsepol: detect duplicated symbol IDs
a206297e mcstrans/utils: make "make all" use $DESTDIR
527380a1 libsepol/tests: use LDFLAGS when linking
1c187d79 checkpolicy: remove -lfl from LDLIBS
ab270850 libsepol,libsemanage: write file name in flex output
c034875c policycoreutils/sepolicy/gui: fix current selinux state radiobutton
cf8625be libsepol: do not #include <sys/cdefs.h>
dd8d5671 libselinux: avcstat: Clean up redundant condition
fff90bd2 libsepol: sepol_av_to_string: clear static buffer
7e09f584 libsepol,libselinux,audit2allow: teach audit2why about type bounds failures
041e0010 python/sepolicy/sepolicy/gui: Fix getting python lib path
86e568c2 python/semanage/semanage: Unify argument handling
3fe4499f libsepol/cil: Add ability to write policy.conf file from CIL AST
93e677d8 secilc: Add secil2conf which creates a policy.conf from CIL policy
9e81e611 libsepol: Fix neverallow checking to also check the other types when self is included in a target type set.
468a0dba seobject: Handle python error returns correctly
Test: Android compiles and the device boots
Change-Id: I3ceb4d0ff9ee96d6347d33e6351e4846a8f37038
After 9406ace8 ("libsemanage: throw exceptions in python rather than
return NULL"), calls to libsemanage functions return Python exceptions
instead of returning negative error return codes. For systems that did not
have the applicable headers installed prior to build, the difference was
not seen. Following commit 9792099f ("Properly build the swig exception
file even if the headers are missing"), that issue has been resolved and
the underlying semanage_fcontext_query_local and semanage_fcontext_query
calls now result in an OSError return. This results in the following error
when attempting to modify a fcontext defined in the systems base policy.
libsemanage.dbase_llist_query: could not query record value (No such file or directory).
OSError: No such file or directory
To resolve the error, handle the OSError exception, but retain the
previous query operation.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1398427
Signed-off-by: Kyle Walker <kwalker@redhat.com>
Missing argument checks for "fcontext" and "boolean" were performed
outside of "argparse", resulting in shortened help message (without
argument details) and no error description.
Fix: perform these checks using "argparse" as is the case with other
semanage options.
Some "required argument" check were performed outside of "handle_opts"
obscuring the code.
Fix: Add required arguments to {fcontext boolean}_args and remove the
checks from handle{Fcontext Boolean}.
Remove unpaired parentheses from "semanage fcontext" usage message.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Python code is not platform specific and resides always in
lib (as opposed to lib64 on x64 architectures).
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Teach audit2why to recognize type bounds failures. This required
updating libsepol sepol_compute_av_reason() to identify bounds
failures, and updating libsepol context_struct_compute_av() to
include the type bounds logic from the kernel.
This could potentially be further augmented to provide more detailed
reporting via the reason buffer to include information similar to
what security_dump_masked_av() reports in the kernel. However, it
is unclear if this is needed. It is already possible to get type
bounds checking at policy build time by enabling expand-check=1
in /etc/selinux/semanage.conf (or by default when compiling
monolithic policy).
Before:
type=AVC msg=audit(1480451925.038:3225): avc: denied { getattr } for pid=7118 comm="chmod" path="/home/sds/selinux-testsuite/tests/bounds/bounds_file_blue" dev="dm-2" ino=23337697 scontext=unconfined_u:unconfined_r:test_bounds_child_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:test_bounds_file_blue_t:s0 tclass=file permissive=0
Was caused by:
Unknown - would be allowed by active policy
Possible mismatch between this policy and the one under which the audit message was generated.
Possible mismatch between current in-memory boolean settings vs. permanent ones.
After:
type=AVC msg=audit(1480451925.038:3225): avc: denied { getattr } for pid=7118 comm="chmod" path="/home/sds/selinux-testsuite/tests/bounds/bounds_file_blue" dev="dm-2" ino=23337697 scontext=unconfined_u:unconfined_r:test_bounds_child_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:test_bounds_file_blue_t:s0 tclass=file permissive=0
Was caused by:
Typebounds violation.
Add an allow rule for the parent type.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Radiobutton was always set to "Permissive" and couldn't be switched.
Update radiobutton together with status text in bottom left corner.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Changes included in this merge:
1e605e99 fix semanage fcontext help message
86bad3db libsepol: do not modify p->p_roles.nprim in role_set_expand
73313a75 libsepol: do not check decl->symtab[i].nprim
75b14a5d libsepol: ebitmap: reject loading bitmaps with incorrect high bit
bb96e130 enabled.c: Remove stdio_ext.h header
044f6ef1 procattr.c: Use __ANDROID__ instead of ANDROID
6f32d87a Merge pull request #35 from cgzones/semanage_fcontext_description
2e47b69c libsepol: do not write object_r types to policy file
8fdb2255 libsepol,checkpolicy: convert rangetrans and filenametrans to hashtabs
Test: code compiles / device boots
Change-Id: I094fefb8b04433ba8a42f1786e6f999b35351512
Commits included in this merge:
2e4d0bc8 Move policycoreutils/gui to gui.
4cc80867 Move policycoreutils/mcstrans to mcstrans.
00be1363 Move policycoreutils/restorecond to restorecond.
97bf196c Move policycoreutils/sandbox to sandbox.
63e6dba9 Move policycoreutils/sepolicy dbus service files to dbus.
48dc2326 Move policycoreutils/{sepolicy,audit2allow,semanage,scripts/chcat*} and sepolgen to python.
c9c97d6e Move policycoreutils/semodule_{deps,expand,link} to semodule-utils.
3dcdc463 Make it easy to omit optional components.
fe740954 Build mcstrans.
233fe333 mcstrans: Add .gitignore file
eeba5952 mcstrans: Add a relabel target.
50be5fcc Move sepolicy desktop and png files to gui.
b97d959a Move policycoreutils/sepolgen-ifgen into python/audit2allow.
6e4bb702 mcstrans: fix clang warnings
1c8505da Update release script for the new structure.
f0cc9543 Fix release script for packages that need prefixes.
6bd0b553 Add VERSION files for new components
65f5868c Move policycoreutils/semodule_package to semodule-utils.
44801294 restorecond: break source dependency on policycoreutils/setfiles
f0e61d33 Fix release script
25c167a6 Add COPYING files for new subdirs.
618a64ae semodule-utils: Drop -lselinux from Makefiles.
30cbe52c mcstrans: Fix Werror=shadow errors
089000ad mcstrans: take LIBDIR from args, dont guess
9123b38c Add stub make test targets to new subdirs
62cb9fc1 mcstrans: Add utils gitignore
c094ca96 restorecond: Add gitignore
7935dee8 Drop ChangeLog files
07ba7c68 mcstrans: Fix signed/unsigned warnings
af9f477f policydb.h: use AVTAB macros to avoid duplications
dcd473d5 expand_avrule_helper: cleanup
4129eb49 expand_terule_helper: cleanups
945bc885 sandbox: make test not fail on systems without SELinux
a441d510 mcstrans: fix global "make install"
489dd595 libselinux: audit2why: remove unused module_state structure
9140de74 libselinux, libsemanage: use Python-specific .so extension
a609434b libselinux: normalize enforce values from the kernel
49bfee85 checkpolicy: treat -self as an error
8f9057c2 label_file.h: actually use the results of compat_validate
Test: device boots with no obvious problems.
Change-Id: Ie0631d36bdfcbab4cd35d3f115e88e5e5b7ecf70
