Do not remove the runtime directory /run/setrans/, which is the parent
for the security context translation socket .setrans-unix, when the
service is stopped, so the path can not be taken over by a foreign
program, which could lead to a compromise of the context translation of
libselinux.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
Provide a top level LICENSE file explaining how multiple the SELinux
userspace is released under multiple different licenses. Also ensure
that all the different license files share a consistent file name,
LICENSE, to make it easier for people to identify the license files.
This is to help meet the OpenSSF Best Practices requirements.
Signed-off-by: Paul Moore <paul@paul-moore.com>
Quoting pcre.org:
There are two major versions of the PCRE library. The current
version, PCRE2, released in 2015, is now at version 10.39.
The older, but still widely deployed PCRE library, originally
released in 1997, is at version 8.45. This version of PCRE is now at
end of life, and is no longer being actively maintained. Version
8.45 is expected to be the final release of the older PCRE library,
and new projects should use PCRE2 instead.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
Mark local functions static.
Export functions of mcscolor.c in mcscolor.h and avoid bare extern
function declarations.
Drop unused function emit_whitespace().
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Fixes:
trans: a🅱️c:s9 -> a🅱️c:TOP SECRET != a🅱️c:TOP SECRET SUCCESS
untrans: a🅱️c:T O P S E C R E T -> a🅱️c:s9 != a🅱️c:s9 SUCCESS
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Acked-by: James Carter <jwcart2@gmail.com>
On Ubuntu 20.04, when building with clang -Werror -Wextra-semi-stmt
(which is not the default build configuration), the compiler reports:
mcstransd.c:72:35: error: empty expression statement has no effect;
remove unnecessary ';' to silence this warning
[-Werror,-Wextra-semi-stmt]
log_debug("%s\n", "cleanup_exit");
^
Replace the empty log_debug substitution with a do { ... } while (0)
construction to silence this warning.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
The return value of context_new needs to be free with context_free.
Signed-off-by: bauen1 <j2468h@gmail.com>
Acked-by: William Roberts <william.c.roberts@intel.com>
It stopped too early, exposing a bug in sudo selinux_restore_tty():
SELINUX_ERR op=setxattr invalid_context="wheel.id:wheel.role:users.terminals.pty.pty_file:SystemLow"
avc: denied { mac_admin } for pid=859 comm="sudo" capability=33 scontext=wheel.id:wheel.role:sudo.wheel.subj:s0 tcontext=wheel.id:wheel.role:sudo.wheel.subj:s0 tclass=capability2 permissive=0
If we want to be able to reference human readable contexts in SELinuxContext= and nspawn -Z and -L then we need mcstrans ASAP
v2: stop late, but do stop
Signed-off-by: Dominick Grift <dac.override@gmail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
Follow-up of: 9eb9c93275 ("Get rid of security_context_t and fix const declarations.")
Acked-by: William Roberts <william.c.roberts@intel.com>
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Use codespell (https://github.com/codespell-project/codespell) in order
to find many common misspellings that are present in English texts.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
According to "check_dominance" function:
Range defined as "s15:c0.c1023" does not dominate any other range than
"s15:c0.c1023" (does not dominate "s15", "s15:c0.c200", etc.).
While range defined as "s15-s15:c0.c1023" dominates all of the above.
This is either a bug, or "s15:c0.c1023" should not be used in the
examples.
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This reverts commit fe17b3d2d9.
MLS ranges should be compared based on dominance.
This fixes mlscolor-test on mcstrans examples.
Eg. mlscolor-test using /usr/share/mcstrans/examples/urcsts when executed on mls
machine fails as follows:
\#pushd /usr/share/mcstrans/examples/urcsts
\#cp -f secolor.conf /etc/selinux/mls/secolor.conf
\#cp -f setrans.conf /etc/selinux/mls/setrans.conf
\#systemctl restart mcstransd
\#python3 /usr/share/mcstrans/util/mlscolor-test urcsts.color
For 'system_u:system_r:inetd_t:SystemLow' got
'#000000#000000#000000#000000#000000#000000#000000#000000' expected
'#000000#000000#000000#000000#000000#000000#000000#008000'
...
mlscolor-test done with 19 errors
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Move setrans.conf manpage to section 5 as it describes the documentation
for "File formats and conventions"
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
raw_color() uses color_str as an output argument which is assigned to a new
allocated memory. Therefore it should fail when color_str is null; or
when *color_str is not null in order to avoid a memory leak.
Fixes:
>>> selinux.selinux_raw_context_to_color('system_u:system_r:inetd_t:s0')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
OSError: [Errno 0] Error
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
There is a call to getpeercon_raw() in mcstransd, but nothing is done
with the context. The purpose of process_request() is to translate a
context and we would like that to succeed even if, for some reason,
getpeercon_raw() fails.
Signed-off-by: Yuli Khodorkovskiy <yuli@crunchydata.com>
Signed-off-by: Joshua Brindle <joshua.brindle@crunchydata.com>
There are many memory leaks in mcstrans. Clean them up in order to
reduce the noise in clang's static analyzer report. Some are remaining,
because they are more complex to fix.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
