Commit graph

583 commits

Author SHA1 Message Date
Eamon Walsh
7ab6b29011 Netlink socket handoff functions from Adam Jackson. 2009-03-10 20:31:38 -04:00
Eamon Walsh
5032faa984 bump libselinux to 2.0.78 2009-02-27 18:08:55 -05:00
Eamon Walsh
b27ff3397d Fix an incorrect conversion specifier in the discover_class code.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2009-02-27 18:07:15 -05:00
Joshua Brindle
46d0b2c939 bump libsepol to 2.0.35 2009-02-17 12:23:41 -05:00
Joshua Brindle
4e23951fe6 bump checkpolicy to 2.0.19 2009-02-17 12:22:40 -05:00
Joshua Brindle
6ed00ee094 bump sepolgen to 1.0.16 2009-02-17 12:19:32 -05:00
Joshua Brindle
c7e13bfea3 bump policycoreutils to 2.0.62 2009-02-17 12:18:05 -05:00
Joshua Brindle
f77e475fd8 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Add btrfs to fixfiles
Date: Tue, 17 Feb 2009 11:42:11 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hopefully will convert to seclabel when it is available.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkma6OMACgkQrlYvE4MpobNegwCfSBpm7O9wIKK+O89gC+Lwx+PV
rmsAn12IADGzhFu4thYK5qakacviWwfZ
=PtIL
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-17 11:43:11 -05:00
Joshua Brindle
be583ce332 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Several fixes to restorecond
Date: Tue, 17 Feb 2009 11:40:54 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Init script should be 755

libflashplayer.so has moved in the homedir and is now correct so no
longer needs to have labeling checked.

restorecond supports glob matching and should not complain on multiple
hard links if they match a glob.

So if a file has > 1 link and is an exact match complain, otherwise do not.

Also fix a couple of error messages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkma6JYACgkQrlYvE4MpobOoIACfUgUfpCuhvVTWyHgsq7/8hY0z
9WcAmgPK2KktAlY84HhtRmdu/Hy+9eE/
=zcCj
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-17 11:42:15 -05:00
Caleb Case
f7917ea9cf aliases for the boundry format
The boundry format mapped the primary field to a boolean in the
properties bitmap. This is appropriate for the kernel policy, but in
modular policy the primary field may be an integer that indicates the
primary type that is being aliased. In this case, the primary value cannot
be assumed to be boolean.

This patch creates a new module format that writes out the primary value
as was done before the boundry format.

Signed-off-by: Caleb Case <ccase@tresys.com>
Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:52:03 -05:00
Joshua Brindle
fb50c7b4ef Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: sepolgen patch
Date: Tue, 13 Jan 2009 08:59:51 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

md5 semodule packages is being retired.  Supposed to use hashlib now.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAklsnlcACgkQrlYvE4MpobMEHQCgiRH3w/m4vTnPSdKfYCJtPHKF
ncEAn2WdQb9l5uiUsmIvp+92mTBAcmCR
=RVRr
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:50:33 -05:00
Joshua Brindle
f5a700d107 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: policycoreutils_restorecond.patch
Date: Tue, 13 Jan 2009 08:53:50 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Add more error checking.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAklsnO4ACgkQrlYvE4MpobOqdgCgvkzLK6bi1m9oTv217A7CYIvZ
BRcAn005E3lop2wmkaH5DcfVwVv3kCYD
=Xjf4
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:48:37 -05:00
Joshua Brindle
244fd583d8 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: policycoreutils_semanage.patch
Date: Tue, 13 Jan 2009 08:55:56 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Add missing locallist option
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAklsnWwACgkQrlYvE4MpobPZJwCguhEXCkkeS+4QPeBIDMD/sMTv
yMoAoLz7d20UABT1La/JcUaMrXr/XLF7
=L7QI
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:46:40 -05:00
Joshua Brindle
d8b1ea603b Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Make removing of a module a warning rather then an error.
Date: Tue, 13 Jan 2009 08:57:17 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This way if I say a command line

semodule -r mypol -i newmypol

and mypol was not there the semodule command does not error out.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAklsnb0ACgkQrlYvE4MpobNwFACfTqc17wREKC2aAhLOIkfbqgeg
GxgAn2/ZBz5ljtyK1aiVkqoCBj98y9Ey
=I4uX
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:41:02 -05:00
Joshua Brindle
498861044a Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: audit2allow patch
Date: Tue, 13 Jan 2009 08:52:51 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Remove --tefile from manpage, option does not exist.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAklsnLIACgkQrlYvE4MpobOrGQCgs76GOeXnSKrLCX69GpCAiIZN
f4AAn312U9ill0sLCKWP1bsL661mctEH
=D9bQ
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-02-16 11:39:00 -05:00
Joshua Brindle
c8a18807d5 Merge branch 'master' of jbrindle@oss.tresys.com:/home/git/selinux
Conflicts:
	libselinux/ChangeLog
2009-01-12 10:53:11 -05:00
Joshua Brindle
a5dfb3abe0 bump sepolgen to 1.0.15 2009-01-12 10:49:36 -05:00
Joshua Brindle
10760735e9 bump libsemanage to 2.0.31 2009-01-12 10:45:26 -05:00
Joshua Brindle
a9e6fbdeae bump libselinux to 2.0.76 2009-01-12 10:44:08 -05:00
Joshua Brindle
36df93ed82 bump policycoreutils to 2.0.61 2009-01-12 10:42:48 -05:00
Joshua Brindle
3726a7783e regerate swig wrappers for commit 09836bf0c1 2009-01-12 10:39:15 -05:00
Joshua Brindle
09836bf0c1 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Add restorecon and install methods for libselinux python bindings.
Date: Tue, 06 Jan 2009 10:31:04 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel J Walsh wrote:
> Joshua Brindle wrote:
>> Daniel J Walsh wrote:
>> Luke Macken wrote restorecon and install functions used in Fedora
>> Infrastructure which can be used to install files with the proper
>> context and to fix the labels of files/directories without having to
>> exec restorecon.
>
>> diff --exclude-from=exclude -N -u -r
>> nsalibselinux/src/selinuxswig_python.i
>> libselinux-2.0.75/src/selinuxswig_python.i
>> --- nsalibselinux/src/selinuxswig_python.i    2008-08-28
>> 09:34:24.000000000 -0400
>> +++ libselinux-2.0.75/src/selinuxswig_python.i    2008-11-14
>> 17:09:50.000000000 -0500
>> @@ -6,6 +6,32 @@
>>     #include "selinux/selinux.h"
>> %}
>
>> +%pythoncode %{
>> +
>> +import shutil, os
>> +
>> +def restorecon(path, recursive=False):
>> +    """ Restore SELinux context on a given path """
>> +    mode = os.stat(path)[stat.ST_MODE]
>
>> stat doesn't exist here, perhaps he meant mode?
>
>> +    status, context = matchpathcon(path, mode)
>> +    if status == 0:
>> +        lsetfilecon(path, context)
>> +        if recursive:
>> +            os.path.walk(path, lambda arg, dirname, fnames:
>> +                             map(restorecon, [os.path.join(dirname, fname)
>> +                              s                for fname in fnames]),
>> None)
>
>> typo, the s causes a syntax error
>
>> +
>> +def copytree(src, dest):
>> +    """ An SELinux-friendly shutil.copytree method """
>> +    shutil.copytree(src, dest)
>> +    restorecon(dest, recursive=True)
>> +
>> +def install(src, dest):
>> +    """ An SELinux-friendly shutil.move method """
>> +    shutil.move(src, dest)
>> +    restorecon(dest, recursive=True)
>> +%}
>> +
>> /* security_get_boolean_names() typemap */
>> %typemap(argout) (char ***names, int *len) {
>>     PyObject* list = PyList_New(*$2);
>
>> This patch doesn't appear correct, I'll fix the things above, have you
>> been testing this at all?
>
> Must have sent you a bad patch.
>
>
> This is what the current patch looks like.
>
And this is still broken.

One more fix.

+    mode = os.stat(path)[stat.ST_MODE]
should be
+    mode = os.lstat(path)[stat.ST_MODE]

Modified to remove copytree and install functions

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:34:01 -05:00
Joshua Brindle
8b092bade5 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: chcat patch.
Date: Fri, 07 Nov 2008 09:39:32 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Prevent chcat from expanding number of categories above max size of
command line.  Arbitrarily picked 25.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkkUUyQACgkQrlYvE4MpobMDDwCg0DMLERlnHZyVmORa9de9f5tf
fQsAoJZpO646H5CFuXZuW6htHpPfHz/z
=4OcI
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:19:59 -05:00
Joshua Brindle
5cbb573fa5 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Small fixes for audit2allow
Date: Mon, 01 Dec 2008 15:19:09 -0500

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:19:59 -05:00
Joshua Brindle
b3b3f8186e Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Problem in sepolgen
Date: Mon, 01 Dec 2008 11:51:19 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

self.roles does not exist, need to return length of dictionary.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkk0FgYACgkQrlYvE4MpobP5HwCeNgjPTSPoqBQTXa14ZA9Jc0ww
yycAoNWJhg78BXm4L5Vg9cNAdNa7ggfD
=Uz8t
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:19:59 -05:00
Joshua Brindle
8c51c70d59 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: semodule patch to use new semanage interfaces
Date: Fri, 07 Nov 2008 09:41:24 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Allows semodule to read bzip compressed policy packages directly.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkkUU5QACgkQrlYvE4MpobMHGQCdGwEl3h1ZwV92u1mfgrr3z7XT
NGYAoIwz76N7QFdEr8I0t3ncGhbo6heq
=raBi
-----END PGP SIGNATURE-----

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:19:58 -05:00
Joshua Brindle
844e23c77b regenerate swig bindings for compression support from commit 142bafa24900b5d9480818c9e81670bbeba2b44d 2009-01-12 10:19:58 -05:00
Joshua Brindle
71cb6604ad regenerate swig bindings for color translation in commit cfa3cb6fa5 2009-01-12 10:19:58 -05:00
Joshua Brindle
df77db47e5 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Now that F11 has started, I am putting in the compression support.
Date: Mon, 12 Jan 2009 10:37:23 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joshua Brindle wrote:
> Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> libsemanage patch to add compression.
>>
>> Uses bzip compression, all pp files in active/previous stored in
>> compressed state.  Added new interfaces to be user by policycoreutils to
>> specify file rather then memory map.
>>
>> Also uses link instead of copy whenever possible to save disk space.
>> Seeing about a 10 fold savings on policy footprint.
>
> resend
>
> Comments inline
>
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/include/semanage/modules.h
> libsemanage-2.0.28/include/semanage/modules.h
>> --- nsalibsemanage/include/semanage/modules.h 2008-08-28
> 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/include/semanage/modules.h 2008-10-13
> 12:35:22.000000000 -0400
>> @@ -30,10 +30,16 @@
>>
>> int semanage_module_install(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_install_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_upgrade(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_upgrade_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_install_base(semanage_handle_t *,
>> char *module_data, size_t data_len);
>> +int semanage_module_install_base_file(semanage_handle_t *,
>> + const char *module_name);
>> int semanage_module_remove(semanage_handle_t *, char *module_name);
>>
>> /* semanage_module_info is for getting information on installed
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/Makefile
> libsemanage-2.0.28/src/Makefile
>> --- nsalibsemanage/src/Makefile 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/Makefile 2008-10-13 12:35:22.000000000 -0400
>> @@ -54,7 +54,7 @@
>> ranlib $@
>>
>> $(LIBSO): $(LOBJS)
>> - $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr
> -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
>> + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lbz2
> -lustr -L$(LIBDIR)
> -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
>> ln -sf $@ $(TARGET)
>>
>> conf-scan.c: conf-scan.l conf-parse.h
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c
> libsemanage-2.0.28/src/direct_api.c
>> --- nsalibsemanage/src/direct_api.c 2008-09-15 12:20:44.000000000 -0400
>> +++ libsemanage-2.0.28/src/direct_api.c 2008-10-13 16:36:51.000000000
> -0400
>> @@ -50,6 +50,7 @@
>> #include "semanage_store.h"
>> #include "database_policydb.h"
>> #include "policy.h"
>> +#include <sys/mman.h>
>>
>> static void semanage_direct_destroy(semanage_handle_t * sh);
>> static int semanage_direct_disconnect(semanage_handle_t * sh);
>> @@ -57,10 +58,13 @@
>> static int semanage_direct_commit(semanage_handle_t * sh);
>> static int semanage_direct_install(semanage_handle_t * sh, char *data,
>> size_t data_len);
>> +static int semanage_direct_install_file(semanage_handle_t * sh, const
> char *module_name);
>> static int semanage_direct_upgrade(semanage_handle_t * sh, char *data,
>> size_t data_len);
>> +static int semanage_direct_upgrade_file(semanage_handle_t * sh, const
> char *module_name);
>> static int semanage_direct_install_base(semanage_handle_t * sh, char
> *base_data,
>> size_t data_len);
>> +static int semanage_direct_install_base_file(semanage_handle_t * sh,
> const char *module_name);
>> static int semanage_direct_remove(semanage_handle_t * sh, char
> *module_name);
>> static int semanage_direct_list(semanage_handle_t * sh,
>> semanage_module_info_t ** modinfo,
>> @@ -73,8 +77,11 @@
>> .begin_trans = semanage_direct_begintrans,
>> .commit = semanage_direct_commit,
>> .install = semanage_direct_install,
>> + .install_file = semanage_direct_install_file,
>> .upgrade = semanage_direct_upgrade,
>> + .upgrade_file = semanage_direct_upgrade_file,
>> .install_base = semanage_direct_install_base,
>> + .install_base_file = semanage_direct_install_base_file,
>> .remove = semanage_direct_remove,
>> .list = semanage_direct_list
>> };
>> @@ -378,12 +385,157 @@
>> return 0;
>> }
>>
>> +#include <stdlib.h>
>> +#include <bzlib.h>
>> +#include <string.h>
>> +#include <sys/sendfile.h>
>> +
>> +/* bzip() a file to '*data', returning the total number of
> uncompressed bytes
>> + * in the file. Returns 0 if file could not be decompressed. */
>
> Why 0? Can we make this -1?
>
Fixed
>> +static size_t bzip(const char *filename, char *data, size_t num_bytes) {
>> + BZFILE* b;
>> + size_t size = 1<<16;
>> + int bzerror;
>> + size_t total = 0;
>> + size_t len = 0;
>> + FILE *f;
>> +
>> + if ((f = fopen(filename, "wb")) == NULL) {
>> + return 0;
>> + }
>> +
>> + b = BZ2_bzWriteOpen( &bzerror, f, 9, 0, 0);
>> + if (bzerror != BZ_OK) {
>> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 );
>> + return 0;
>> + }
>> +
>> + while ( num_bytes > total ) {
>> + if (num_bytes - total > size) {
>> + len = size;
>> + } else {
>> + len = num_bytes - total;
>> + }
>> + BZ2_bzWrite ( &bzerror, b, &data[total], len );
>> + if (bzerror == BZ_IO_ERROR) {
>> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 );
>> + return 0;
>> + }
>> + total += len;
>> + }
>> +
>> + BZ2_bzWriteClose ( &bzerror, b, 0, 0, 0 );
>> + fclose(f);
>> + if (bzerror == BZ_IO_ERROR) {
>> + return 0;
>> + }
>> + return total;
>> +}
>> +
>> +/* bunzip() a file to '*data', returning the total number of
> uncompressed bytes
>> + * in the file. Returns 0 if file could not be decompressed. */
>
> Same as above.
>
Fixed
>> +size_t bunzip(FILE *f, char **data) {
>> + BZFILE* b;
>> + size_t nBuf;
>> + char buf[1<<18];
>> + size_t size = sizeof(buf);
>> + int bzerror;
>> + size_t total=0;
>> +
>> + b = BZ2_bzReadOpen ( &bzerror, f, 0, 0, NULL, 0 );
>> + if ( bzerror != BZ_OK ) {
>> + BZ2_bzReadClose ( &bzerror, b );
>> + return 0;
>> + }
>> +
>> + char *uncompress = realloc(NULL, size);
>> +
>> + while ( bzerror == BZ_OK) {
>> + nBuf = BZ2_bzRead ( &bzerror, b, buf, sizeof(buf));
>> + if (( bzerror == BZ_OK ) || ( bzerror == BZ_STREAM_END )) {
>> + if (total + nBuf > size) {
>> + size *= 2;
>> + uncompress = realloc(uncompress, size);
>> + }
>> + memcpy(&uncompress[total], buf, nBuf);
>> + total += nBuf;
>> + }
>> + }
>> + if ( bzerror != BZ_STREAM_END ) {
>> + BZ2_bzReadClose ( &bzerror, b );
>> + free(uncompress);
>> + return 0;
>> + }
>> + BZ2_bzReadClose ( &bzerror, b );
>> +
>> + *data = uncompress;
>> + return total;
>> +}
>> +
>> +/* mmap() a file to '*data',
>> + * If the file is bzip compressed map_file will uncompress
>> + * the file into '*data'.
>> + * Returns the total number of bytes in memory .
>> + * Returns 0 if file could not be opened or mapped. */
>
> Same as above
>
Fixed
>> +static size_t map_file(int fd, char **data, int *compressed)
>> +{
>> + int size;
>> + char *uncompress;
>> + if ((size = bunzip(fdopen(fd, "r"), &uncompress)) > 0) {
>> + *data = mmap(0, size, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, 0, 0);
>> + if (*data == MAP_FAILED) {
>> + free(uncompress);
>> + return 0;
>> + } else {
>> + memcpy(*data, uncompress, size);
>> + }
>> + free(uncompress);
>> + *compressed = 1;
>> + } else {
>> + struct stat sb;
>> + if (fstat(fd, &sb) == -1 ||
>> + (*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) ==
>> + MAP_FAILED) {
>> + size = 0;
>> + } else {
>> + size = sb.st_size;
>> + }
>> + *compressed = 0;
>> + }
>> +
>> + return size;
>> +}
>> +
>> +static int dupfile( const char *dest, int src_fd) {
>> + int dest_fd = -1;
>> + int retval = 0;
>> + int cnt;
>> + char buf[1<<18];
>> +
>> + if (lseek(src_fd, 0, SEEK_SET) == -1 ) return -1;
>> +
>> + if ((dest_fd = open(dest, O_WRONLY | O_CREAT | O_TRUNC,
>> + S_IRUSR | S_IWUSR)) == -1) {
>> + return -1;
>> + }
>> +
>> + while (( retval == 0 ) &&
>> + ( cnt = read(src_fd, buf, sizeof(buf)))> 0 ) {
>> + if (write(dest_fd, buf, cnt) < cnt) retval = -1;
>> + }
>> + close(dest_fd);
>> + return retval;
>> +}
>> +
>> /* Writes a block of data to a file. Returns 0 on success, -1 on
>> * error. */
>> static int write_file(semanage_handle_t * sh,
>> const char *filename, char *data, size_t num_bytes)
>> {
>> int out;
>> +
>> + /* Unlink no matter what, incase this file is a hard link, ignore
> error */
>> + unlink(filename);
>> if ((out =
>> open(filename, O_WRONLY | O_CREAT | O_TRUNC,
>> S_IRUSR | S_IWUSR)) == -1) {
>> @@ -499,7 +651,7 @@
>> sepol_policydb_t *out = NULL;
>>
>> /* Declare some variables */
>> - int modified, fcontexts_modified, ports_modified,
>> + int modified = 0, fcontexts_modified, ports_modified,
>> seusers_modified, users_extra_modified;
>> dbase_config_t *users = semanage_user_dbase_local(sh);
>> dbase_config_t *users_base = semanage_user_base_dbase_local(sh);
>> @@ -815,7 +967,9 @@
>> &filename)) != 0) {
>> goto cleanup;
>> }
>> - if (write_file(sh, filename, data, data_len) == -1) {
>> +
>> + if (bzip(filename, data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> retval = -3;
>> }
>> retval = 0;
>  retval = -3 gets smashed immediately afterward
>
>> @@ -826,19 +980,60 @@
>> return retval;
>> }
>>
>> -/* Similar to semanage_direct_install(), except that it checks that
>> - * there already exists a module with the same name and that the
>> - * module is an older version then the one in 'data'. Returns 0 on
>> - * success, -1 if out of memory, -2 if the data does not represent a
>> - * valid module file, -3 if error while writing file or reading
>> - * modules directory, -4 if there does not exist an older module or if
>> - * the previous module is same or newer than 'data'.
>> - */
>> -static int semanage_direct_upgrade(semanage_handle_t * sh,
>> - char *data, size_t data_len)
>> +/* Attempts to link a module to the sandbox's module directory,
> unlinking any
>> + * previous module stored within. Returns 0 on success, -1 if out of
> memory, -2 if the
>> + * data does not represent a valid module file, -3 if error while
>> + * writing file. */
>> +
>> +static int semanage_direct_install_file(semanage_handle_t * sh,
>> + const char *install_filename)
>> {
>> +
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd = -1;
>> +
>> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure here
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + char *module_name = NULL, *version = NULL, *filename = NULL;
>> + if ((retval = parse_module_headers(sh, data, data_len,
>> + &module_name, &version,
>> + &filename)) != 0) {
>> + goto cleanup;
>
> Probably need to free module_name, version, filename here
>
Why these are cleaned up in cleanup and if it gets an error it should
not have allocated memory?
>> + }
>> +
>> + if (data_len > 0) munmap(data, data_len);
>> + data_len = 0;
>> + retval = dupfile(filename, in_fd);
>> + free(version);
>> + free(filename);
>> + free(module_name);
>> +
>> + } else {
>> + retval = semanage_direct_install(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> + return retval;
>> +}
>> +
>> +
>> +static int get_direct_upgrade_filename(semanage_handle_t * sh,
>> + char *data, size_t data_len, char **outfilename) {
>> int i, retval, num_modules = 0;
>> - char *module_name = NULL, *version = NULL, *filename = NULL;
>> + char *filename = NULL, *module_name = NULL, *version = NULL;
>
> ?
Removed
>
>> semanage_module_info_t *modinfo = NULL;
>> if ((retval = parse_module_headers(sh, data, data_len,
>> &module_name, &version,
>> @@ -868,14 +1063,10 @@
>> if (retval == -4) {
>> ERR(sh, "There does not already exist a module named %s.",
>> module_name);
>> - goto cleanup;
>> - }
>> - if (write_file(sh, filename, data, data_len) == -1) {
>> - retval = -3;
>> }
>> +
>> cleanup:
>> free(version);
>> - free(filename);
>> free(module_name);
>> for (i = 0; modinfo != NULL && i < num_modules; i++) {
>> semanage_module_info_t *m =
>> @@ -883,6 +1074,80 @@
>> semanage_module_info_datum_destroy(m);
>> }
>> free(modinfo);
>> + if (retval == 0) {
>> + *outfilename = filename;
>> + } else {
>> + free(filename);
>> + }
>> + return retval;
>> +}
>> +
>> +/* Similar to semanage_direct_install(), except that it checks that
>> + * there already exists a module with the same name and that the
>> + * module is an older version then the one in 'data'. Returns 0 on
>> + * success, -1 if out of memory, -2 if the data does not represent a
>> + * valid module file, -3 if error while writing file or reading
>> + * modules directory, -4 if there does not exist an older module or if
>> + * the previous module is same or newer than 'data'.
>> + */
>> +static int semanage_direct_upgrade(semanage_handle_t * sh,
>> + char *data, size_t data_len)
>> +{
>> + char *filename = NULL;
>> + int retval = get_direct_upgrade_filename(sh,
>> + data, data_len,
>> + &filename);
>> + if (retval == 0) {
>> + if (bzip(filename, data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> + retval = -3;
>> + }
>> + free(filename);
>> + }
>> + return retval;
>> +}
>> +
>> +/* Attempts to link a module to the sandbox's module directory,
> unlinking any
>> + * previous module stored within.
>> + * Returns 0 on success, -1 if out of memory, -2 if the
>> + * data does not represent a valid module file, -3 if error while
>> + * writing file. */
>> +
>> +static int semanage_direct_upgrade_file(semanage_handle_t * sh,
>> + const char *module_filename)
>> +{
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd = -1;
>> +
>> + if ((in_fd = open(module_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + char *filename = NULL;
>> + retval = get_direct_upgrade_filename(sh,
>> + data, data_len,
>> + &filename);
>> +
>> + if (retval != 0) goto cleanup;
>> +
>> + retval = dupfile(filename, in_fd);
>> + free(filename);
>> + } else {
>> + retval = semanage_direct_upgrade(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> return retval;
>> }
>>
>> @@ -903,7 +1168,8 @@
>> if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) {
>> goto cleanup;
>> }
>> - if (write_file(sh, filename, base_data, data_len) == -1) {
>> + if (bzip(filename, base_data, data_len) == 0) {
>> + ERR(sh, "Error while writing to %s.", filename);
>> retval = -3;
>> }
>> retval = 0;
>
> retval gets smashed
>
Fixed, this was an existing bug, BTW
>> @@ -911,6 +1177,49 @@
>> return retval;
>> }
>>
>> +/* Writes a base module into a sandbox, overwriting any previous base
>> + * module.
>> + * Returns 0 on success, -1 if out of memory, -2 if the data does not
> represent
>> + * a valid base module file, -3 if error while writing file.
>> + */
>> +static int semanage_direct_install_base_file(semanage_handle_t * sh,
>> + const char *install_filename)
>> +{
>> + int retval = -1;
>> + char *data = NULL;
>> + size_t data_len = 0;
>> + int compressed = 0;
>> + int in_fd;
>> +
>> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) {
>> + return 0;
>
> returning 0 on failure
>
Fixed
>> + }
>> +
>> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) {
>> + goto cleanup;
>> + }
>> +
>> + if (compressed) {
>> + const char *filename = NULL;
>> + if ((retval = parse_base_headers(sh, data, data_len)) != 0) {
>> + goto cleanup;
>> + }
>> + if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) {
>> + goto cleanup;
>> + }
>> +
>> + retval = dupfile(filename, in_fd);
>> + } else {
>> + retval = semanage_direct_install_base(sh, data, data_len);
>> + }
>> +
>> + cleanup:
>> + close(in_fd);
>> + if (data_len > 0) munmap(data, data_len);
>> +
>> + return retval;
>> +}
>> +
>> /* Removes a module from the sandbox. Returns 0 on success, -1 if out
>> * of memory, -2 if module not found or could not be removed. */
>> static int semanage_direct_remove(semanage_handle_t * sh, char
> *module_name)
>> @@ -1005,15 +1314,26 @@
>> * report it */
>> continue;
>> }
>> + size_t size;
>> + char *data = NULL;
>> +
>> + if ((size = bunzip(fp, &data)) != 0) {
>> + fclose(fp);
>> + fp = fmemopen(data, size, "rb");
>
> unhandled error from fclose and fmemopen
>
Fixed fmemopen failure,  we don't check fclose failure anywhere in the code.
>> + }
>> + rewind(fp);
>> +
>> __fsetlocking(fp, FSETLOCKING_BYCALLER);
>> sepol_policy_file_set_fp(pf, fp);
>> if (sepol_module_package_info(pf, &type, &name, &version)) {
>> fclose(fp);
>> + free(data);
>> free(name);
>> free(version);
>> continue;
>> }
>> fclose(fp);
>> + free(data);
>> if (type == SEPOL_POLICY_MOD) {
>> (*modinfo)[*num_modules].name = name;
>> (*modinfo)[*num_modules].version = version;
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.h
> libsemanage-2.0.28/src/direct_api.h
>> --- nsalibsemanage/src/direct_api.h 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/direct_api.h 2008-10-13 12:35:22.000000000
> -0400
>> @@ -37,4 +37,7 @@
>>
>> int semanage_direct_access_check(struct semanage_handle *sh);
>>
>> +#include <stdio.h>
>> +size_t bunzip(FILE *f, char **data);
>> +
>> #endif
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/src/libsemanage.map libsemanage-2.0.28/src/libsemanage.map
>> --- nsalibsemanage/src/libsemanage.map 2008-08-28 09:34:24.000000000
> -0400
>> +++ libsemanage-2.0.28/src/libsemanage.map 2008-10-13
> 12:35:22.000000000 -0400
>> @@ -3,8 +3,10 @@
>> semanage_is_managed; semanage_connect; semanage_disconnect;
>> semanage_msg_*;
>> semanage_begin_transaction; semanage_commit;
>> - semanage_module_install; semanage_module_upgrade;
>> - semanage_module_install_base; semanage_module_remove;
>> + semanage_module_install; semanage_module_install_file;
>> + semanage_module_upgrade; semanage_module_upgrade_file;
>> + semanage_module_install_base; semanage_module_install_base_file;
>> + semanage_module_remove;
>> semanage_module_list; semanage_module_info_datum_destroy;
>> semanage_module_list_nth; semanage_module_get_name;
>> semanage_module_get_version; semanage_select_store;
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c
> libsemanage-2.0.28/src/modules.c
>> --- nsalibsemanage/src/modules.c 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/modules.c 2008-10-13 12:35:22.000000000 -0400
>> @@ -52,6 +52,25 @@
>> return sh->funcs->install(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_install_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->install_file == NULL) {
>> + ERR(sh,
>> + "No install function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->install_file(sh, module_name);
>> +}
>> +
>> int semanage_module_upgrade(semanage_handle_t * sh,
>> char *module_data, size_t data_len)
>> {
>> @@ -71,6 +90,25 @@
>> return sh->funcs->upgrade(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_upgrade_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->upgrade_file == NULL) {
>> + ERR(sh,
>> + "No upgrade function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->upgrade_file(sh, module_name);
>> +}
>> +
>> int semanage_module_install_base(semanage_handle_t * sh,
>> char *module_data, size_t data_len)
>> {
>> @@ -90,6 +128,25 @@
>> return sh->funcs->install_base(sh, module_data, data_len);
>> }
>>
>> +int semanage_module_install_base_file(semanage_handle_t * sh,
>> + const char *module_name) {
>> +
>> + if (sh->funcs->install_base_file == NULL) {
>> + ERR(sh,
>> + "No install base function defined for this connection type.");
>> + return -1;
>> + } else if (!sh->is_connected) {
>> + ERR(sh, "Not connected.");
>> + return -1;
>> + } else if (!sh->is_in_transaction) {
>> + if (semanage_begin_transaction(sh) < 0) {
>> + return -1;
>> + }
>> + }
>> + sh->modules_modified = 1;
>> + return sh->funcs->install_base_file(sh, module_name);
>> +}
>> +
>> int semanage_module_remove(semanage_handle_t * sh, char *module_name)
>> {
>> if (sh->funcs->remove == NULL) {
>> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h
> libsemanage-2.0.28/src/policy.h
>> --- nsalibsemanage/src/policy.h 2008-08-28 09:34:24.000000000 -0400
>> +++ libsemanage-2.0.28/src/policy.h 2008-10-13 12:35:22.000000000 -0400
>> @@ -49,8 +49,14 @@
>> /* Install a policy module */
>> int (*install) (struct semanage_handle *, char *, size_t);
>>
>> + /* Install a policy module */
>> + int (*install_file) (struct semanage_handle *, const char *);
>> +
>> /* Upgrade a policy module */
>> int (*upgrade) (struct semanage_handle *, char *, size_t);
>> +
>> + /* Upgrade a policy module */
>> + int (*upgrade_file) (struct semanage_handle *, const char *);
>>
>> /* Remove a policy module */
>> int (*remove) (struct semanage_handle *, char *);
>> @@ -61,6 +67,9 @@
>>
>> /* Install base policy */
>> int (*install_base) (struct semanage_handle *, char *, size_t);
>> +
>> + /* Install a base module */
>> + int (*install_base_file) (struct semanage_handle *, const char *);
>> };
>>
>> /* Should be backend independent */
>> diff --exclude-from=exclude -N -u -r
> nsalibsemanage/src/semanage_store.c libsemanage-2.0.28/src/semanage_store.c
>> --- nsalibsemanage/src/semanage_store.c 2008-09-15 12:20:44.000000000
> -0400
>> +++ libsemanage-2.0.28/src/semanage_store.c 2008-10-13
> 12:57:29.000000000 -0400
>> @@ -440,6 +440,8 @@
>> char tmp[PATH_MAX];
>> char buf[4192];
>>
>> + if (link(src,dst) == 0) return 0;
>> +
>> n = snprintf(tmp, PATH_MAX, "%s.tmp", dst);
>> if (n < 0 || n >= PATH_MAX)
>> return -1;
>> @@ -1522,16 +1524,26 @@
>> ERR(sh, "Could not open module file %s for reading.", filename);
>> goto cleanup;
>> }
>> + size_t size;
>> + char *data = NULL;
>> +
>> + if ((size = bunzip(fp, &data)) != 0) {
>> + fclose(fp);
>> + fp = fmemopen(data, size, "rb");
>> + }
>
> unhandled error from fclose and fmemopen
>
Fixed as above
>
>> + rewind(fp);
>> __fsetlocking(fp, FSETLOCKING_BYCALLER);
>> sepol_policy_file_set_fp(pf, fp);
>> sepol_policy_file_set_handle(pf, sh->sepolh);
>> if (sepol_module_package_read(*package, pf, 0) == -1) {
>> ERR(sh, "Error while reading from module file %s.", filename);
>> fclose(fp);
>> + free(data);
>> goto cleanup;
>> }
>> sepol_policy_file_free(pf);
>> fclose(fp);
>> + free(data);
>> return retval;
>>
>> cleanup:
>
>
2009-01-12 10:19:44 -05:00
Eamon Walsh
7817c92986 Bump libselinux to 2.0.76 2009-01-05 18:31:55 -05:00
Eamon Walsh
f9b1f1a2a1 Add config path function for secolor.conf file.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2009-01-02 16:15:58 -05:00
Eamon Walsh
cfa3cb6fa5 Add client routines for translating raw security contexts into colors.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2008-12-31 18:51:42 -05:00
Eamon Walsh
aa92cfbe74 Bump libselinux to 2.0.75 2008-11-18 18:59:20 -05:00
Eamon Walsh
66b2af371a Allow shell-style wildcard patterns in the X labeling backend.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2008-11-14 16:18:48 -05:00
Stephen Smalley
f64fea9a0b Bump policycoreutils to 2.0.60 2008-11-12 16:26:21 -05:00
Stephen Smalley
b4fca3c40f semanage: Use semanage_mls_enabled
Change semanage/seobject to use semanage_mls_enabled() rather than
is_selinux_mls_enabled().  I dropped the mls enabled tests altogether
from the semanage front-end script since setting up a handle is done by
seobject.py; if those checks are actually important, we could move them
inside of the seobject methods, but I'm not clear on the real benefit of
those checks.  In seobject.py, I moved the setting of the is_mls_enabled
variable inside of get_handle(store) after the connect.  I also dropped
the is_mls_enabled test from setransRecords since no handle/connection
exists there (since translations are not managed via libsemanage), and
again I'm not clear that the check there was overly important/useful.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
2008-11-12 16:00:06 -05:00
Stephen Smalley
46dc67016b Bump libsemanage to 2.0.30. 2008-11-12 09:27:21 -05:00
Stephen Smalley
0a515c4610 libsemanage: Add semanage_mls_enabled interface
Add a semanage_mls_enabled() interface to libsemanage so that
semanage/seobject can be rewritten to use it to test whether MLS is
enabled for a given policy store rather than checking the runtime MLS
enabled status, which can be misleading when using semanage on a
SELinux-disabled host or when using semanage on a store other than the
active one.  Sample usage:
	from semanage import *
	handle = semanage_handle_create()
	rc = semanage_connect(handle)
	rc = semanage_mls_enabled(handle)

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2008-11-12 09:20:30 -05:00
Joshua Brindle
223bb406d8 Bump libsemanage to 2.0.29 and policycoreutils to 2.0.59 2008-11-09 11:20:40 -05:00
Christopher J. PeBenito
9e2c58f924 homedir_template generation skips USER lines
The current libsemanage code does not correctly add lines which include
USER in them into the homedir_template, for example:

/tmp/gconfd-USER -d	system_u:object_r:ROLE_tmp_t

This line was included in the past since it has ROLE.  However, with the
switch to UBAC separations, the line has changed to:

/tmp/gconfd-USER -d	system_u:object_r:user_tmp_t

and is no longer included.  The follwing patch fixes.

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2008-11-09 11:17:42 -05:00
Joshua Brindle
c35dcc43bc Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: Latest policycoreutils package has a minor problem
Date: Mon, 10 Nov 2008 09:04:39 -0500

Checking _local twice.

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2008-11-09 11:16:51 -05:00
Joshua Brindle
2c41d9d1a7 bump policycoreutils to 2.0.58 2008-11-07 19:25:17 -05:00
Joshua Brindle
1f4d94f4c4 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: seobject_fcontext patch allows you to modify a preexisting file context.
Date: Fri, 07 Nov 2008 09:46:36 -0500

Currently semanage is not allowed to change a file context mapping if it
matches exactly,  this patch allows you to modify the file context.

Signed-off-by: Joshua Brindle <method@manicmethod.com>

NOTE: original patch modified to remove unused list in fcontext get_all()
2008-11-07 19:20:39 -05:00
Joshua Brindle
dd808a1342 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: policycoreutils patch
Date: Thu, 23 Oct 2008 13:15:11 -0400

Change semange fcontext -a to check for local customizations rather then
 global, so you can modify a file context.

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2008-11-07 16:55:34 -05:00
Joshua Brindle
cb69455465 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: policycoreutils audit2allow patch
Date: Fri, 07 Nov 2008 09:36:44 -0500

audit2why can throw a runtime exception and typo in man page.

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2008-11-07 16:50:34 -05:00
Joshua Brindle
bcd43e0bf1 Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: newrole error message corrections.
Date: Fri, 07 Nov 2008 09:37:52 -0500

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2008-11-07 16:49:04 -05:00
Eamon Walsh
cc502813e0 Bump libselinux to 2.0.74 2008-11-03 13:45:19 -05:00
Eamon Walsh
eee0f022e4 Put a proper message type into each message logged by the userspace AVC.
Currently, the message types are defined but not used.

This will allow better separation of messages when logging to facilities
such as libaudit.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
2008-10-31 10:20:33 -04:00
Joshua Brindle
3d431ae08f bump libselinux and checkpolicy versions 2008-10-14 08:12:59 -04:00
Stephen Smalley
d5286d7169 Genfscon 'dash' issue
On Tue, 2008-10-14 at 02:00 +0000, korkishko Tymur wrote:
> I have checked policy_parse.y. It has following rule for genfscon:
>
> genfs_context_def	: GENFSCON identifier path '-' identifier security_context_def
> 	{if (define_genfs_context(1)) return -1;}
> 	| GENFSCON identifier path '-' '-' {insert_id("-", 0);} security_context_def
> 	{if (define_genfs_context(1)) return -1;}
> 	 | GENFSCON identifier path security_context_def
> 	{if (define_genfs_context(0)) return -1;}
>
> The rule for path definition (in policy_scan.l) has already included '-' (dash):
>
> "/"({alnum}|[_.-/])*	        { return(PATH); }
>
> In my understanding (maybe wrong), path is parsed first (and path might include '-') and only then separate '-' is parsed.
> But it still produces an error if path definition is correct and includes '-'.
>
> Any ideas/patches how to fix grammar rules are welcomed.

This looks like a bug in policy_scan.l - we are not escaping (via
backslash) special characters in the pattern and thus the "-" (dash) is
being interpreted rather than taken literally.  The same would seemingly
apply for "." (dot), and would seem relevant not only to PATH but also
for IDENTIFIER.  The patch below seems to fix this issue for me:
2008-10-14 07:36:16 -04:00