From edd5aaafc0ae153141117e68135f7aea42c066f1 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 16 Nov 2012 16:49:57 -0500
Subject: [PATCH] Return EPERM if login program can not reach default label for
 user

- Attempt to return container info from audit2why
---
 libselinux-rhat.patch | 46 +++++++++++++++++++++++++++++++-
 libselinux.spec       | 61 +++++++++++++++++++++++--------------------
 2 files changed, 78 insertions(+), 29 deletions(-)

diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 2157f0f..bd52906 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -126,7 +126,7 @@ index 9f16f77..4835f2f 100644
  .SH FILES
  /etc/selinux/config
 diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
-index 02483a3..c804e84 100644
+index 02483a3..647ea4c 100644
 --- a/libselinux/src/audit2why.c
 +++ b/libselinux/src/audit2why.c
 @@ -164,6 +164,9 @@ static PyObject *finish(PyObject *self __attribute__((unused)), PyObject *args)
@@ -191,6 +191,32 @@ index 02483a3..c804e84 100644
    if (!PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path))
      return NULL;
    result = __policy_init(init_path);
+@@ -306,6 +298,7 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
+ 	return result;						
+ 
+ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) {
++	char *reason_buf = NULL;
+ 	security_context_t scon; 
+ 	security_context_t tcon;
+ 	char *tclassstr; 
+@@ -376,7 +369,7 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ 	}
+ 
+ 	/* Reproduce the computation. */
+-	rc = sepol_compute_av_reason(ssid, tsid, tclass, av, &avd, &reason);
++	rc = sepol_compute_av_reason_buffer(ssid, tsid, tclass, av, &avd, &reason, &reason_buf);
+ 	if (rc < 0) {
+ 		RETURN(BADCOMPUTE)
+ 	}
+@@ -417,6 +410,8 @@ static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args
+ 	}
+ 
+ 	if (reason & SEPOL_COMPUTEAV_CONS) {
++		printf("%s\n", reason_buf);
++		free(reason_buf);
+ 		RETURN(CONSTRAINT);
+ 	}
+ 
 diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
 index 802a07f..6ff83a7 100644
 --- a/libselinux/src/avc.c
@@ -213,6 +239,24 @@ index 825f295..d11c8dc 100644
      S_(SEPGSQL_CONTEXTS, "/contexts/sepgsql_contexts")
 -    S_(BOOLEAN_SUBS, "/booleans.subs")
 +    S_(BOOLEAN_SUBS, "/booleans.subs_dist")
+diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
+index e02157c..e653ecc 100644
+--- a/libselinux/src/get_context_list.c
++++ b/libselinux/src/get_context_list.c
+@@ -489,7 +489,12 @@ int get_ordered_context_list(const char *user,
+ 		reachable[nordered] = NULL;
+ 		rc = nordered;
+ 	} else {
+-		rc = nreach;
++		if (security_getenforce()) {
++			errno = EPERM;
++			rc = -1;
++		} else {
++			rc = nreach;
++		}
+ 	}
+ 
+       out:
 diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
 index 02b3cd2..301e4d6 100644
 --- a/libselinux/src/label_file.c
diff --git a/libselinux.spec b/libselinux.spec
index 43a057e..f76c2cd 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -10,7 +10,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.1.12
-Release: 7%{?dist}
+Release: 8%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@@ -241,6 +241,10 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so
 
 %changelog
+* Fri Nov 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-8
+- Return EPERM if login program can not reach default label for user
+- Attempt to return container info from audit2why
+
 * Thu Nov 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-7
 - Apply patch from eparis to fix leaked file descriptor in new labeling code
 
@@ -401,7 +405,7 @@ rm -rf %{buildroot}
 	* Cleanup Man pages
 	* merge freecon with getcon man page
 
-* Mon Dec 18 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-5
+* Mon Dec 19 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-5
 - Add patch from Richard Haines
       When selabel_lookup found an invalid context with validation enabled, it
       always stated it was 'file_contexts' whether media, x, db or file.
@@ -558,7 +562,7 @@ context
 	by Dan Walsh.
 	* Update man pages for selinux_color_* functions by Richard Haines.
 
-* Wed Apr 5 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.101-1
+* Wed Apr 6 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.101-1
 - Clean up patch to make handling of constructor  cleanup more portable
   * db_language object class support for selabel_lookup from KaiGai Kohei.
   * Library destructors for thread local storage keys from Eamon Walsh.
@@ -607,10 +611,10 @@ pthread_key_delete, and is ignored.
 - Update to upstream 
 	* Thread local storage fixes from Eamon Walsh.
 
-* Wed Dec 2 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.96-9
+* Sat Dec 4 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.96-9
 - Add /etc/tmpfiles.d support for /var/run/setrans
 
-* Sun Nov 24 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.96-8
+* Wed Nov 24 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.96-8
 - Ghost /var/run/setrans
 
 * Wed Sep 29 2010 jkeating - 2.0.96-7
@@ -643,7 +647,7 @@ pthread_key_delete, and is ignored.
 * Wed Mar 24 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.94-1
 	* Set errno=EINVAL for invalid contexts from Dan Walsh.
 
-* Sun Mar 16 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.93-1
+* Tue Mar 16 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.93-1
 - Update to upstream 
 	* Show strerror for security_getenforce() by Colin Waters.
 	* Merged selabel database support by KaiGai Kohei.
@@ -1172,23 +1176,23 @@ pthread_key_delete, and is ignored.
 	* Merged patch to drop support for old /etc/sysconfig/selinux and
 	  /etc/security policy file layout from Steve Grubb.
 
-* Tue Mar 8 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.5-2
+* Thu Mar 8 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.5-2
 - Do not fail on permission denied in getsebool
 
 * Tue Feb 27 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.5-1
 - Upgrade to upstream
 	* Merged init_selinuxmnt() and is_selinux_enabled() improvements from Steve Grubb.
 
-* Fri Feb 21 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.4-1
+* Wed Feb 21 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.4-1
 - Upgrade to upstream
 	* Removed sending of setrans init message.
 	* Merged matchpathcon memory leak fix from Steve Grubb.
 
-* Thu Feb 20 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.2-1
+* Tue Feb 20 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.2-1
 - Upgrade to upstream
 	* Merged more swig initializers from Dan Walsh.
 
-* Tue Feb 20 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.1-1
+* Sun Feb 18 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.1-1
 - Upgrade to upstream
 	* Merged patch from Todd Miller to convert int types over to C99 style.
 
@@ -1208,7 +1212,8 @@ pthread_key_delete, and is ignored.
 * Wed Jan 17 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.6-1
 - Upgrade to upstream
 	* Merged man page updates to make "apropos selinux" work from Dan Walsh.
-* Wed Jan 15 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.5-1
+
+* Wed Jan 17 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.5-1
 - Upgrade to upstream
 	* Merged getdefaultcon utility from Dan Walsh.
 
@@ -1274,7 +1279,7 @@ Resolves: #200110
 * Wed Sep 27 2006 Jeremy Katz <katzj@redhat.com> - 1.30.28-3
 - really make -devel depend on libsepol-devel
 
-* Wed Sep  25 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.28-2
+* Wed Sep  27 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.28-2
 - Add sgrubb patch for polmatch
 
 * Wed Sep  13 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.28-1
@@ -1441,7 +1446,7 @@ Resolves: #200110
 	  a regular file.
 	* Merged python binding t_output_helper removal patch from Dan Walsh.
 
-* Mon Apr 11 2006 Dan Walsh <dwalsh@redhat.com> 1.30.1-2
+* Tue Apr 11 2006 Dan Walsh <dwalsh@redhat.com> 1.30.1-2
 - Fix python bindings for matchpathcon
 - Fix booleans man page
 
@@ -1476,7 +1481,7 @@ Resolves: #200110
 - Upgrade to latest from NSA
 	* Added getseuser test program.
 
-* Fri Jan 7 2006 Dan Walsh <dwalsh@redhat.com> 1.29.4-1
+* Fri Jan 6 2006 Dan Walsh <dwalsh@redhat.com> 1.29.4-1
 - Upgrade to latest from NSA
 	* Added format attribute to myprintf in matchpathcon.c and
 	  removed obsoleted rootlen variable in init_selinux_config().
@@ -1682,13 +1687,13 @@ Resolves: #200110
 - Update to latest from NSA
 - Add getseuserbyname
 
-* Fri Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-6
+* Fri Sep 16 2005 Dan Walsh <dwalsh@redhat.com> 1.26-6
 - Fix patch call
 
-* Tue Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-5
+* Tue Sep 13 2005 Dan Walsh <dwalsh@redhat.com> 1.26-5
 - Fix strip_con call
 
-* Tue Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-3
+* Tue Sep 13 2005 Dan Walsh <dwalsh@redhat.com> 1.26-3
 - Go back to original libsetrans code
 
 * Mon Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-2
@@ -1754,13 +1759,13 @@ Resolves: #200110
 	* Changed security_load_booleans to process booleans.local 
 	  even if booleans file doesn't exist.
 	
-* Fri Apr 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-3
+* Fri Apr 29 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-3
 - Fix avcstat to clear totals
 
-* Fri Apr 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-2
+* Fri Apr 29 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-2
 - Add info to man page
 
-* Fri Apr 26 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-1
+* Fri Apr 29 2005 Dan Walsh <dwalsh@redhat.com> 1.23.10-1
 - Update from NSA
 	* Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
 	* Rewrote get_ordered_context_list and helpers, including
@@ -1875,7 +1880,7 @@ Resolves: #200110
 * Mon Jan 24 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-3
 - rpmexeccon should not fail in permissive mode.
 
-* Fri Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-2
+* Fri Jan 21 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-2
 - fix printf in avcstat
 
 * Thu Jan 20 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-1
@@ -2039,7 +2044,7 @@ Resolves: #200110
 - Update from NSA
 - Add optflags
 
-* Fri Aug 26 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-1
+* Fri Aug 27 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-1
 - Update from NSA
 
 * Thu Aug 26 2004 Dan Walsh <dwalsh@redhat.com> 1.17.2-1
@@ -2081,7 +2086,7 @@ Resolves: #200110
 * Thu Aug 12 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-2
 - Add man page for boolean functions and SELinux
 
-* Sat Aug 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1
+* Sun Aug 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1
 - Latest from NSA
 
 * Mon Jul 19 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-1
@@ -2107,7 +2112,7 @@ Resolves: #200110
 * Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
 - rebuilt
 
-* Sat Jun 13 2004 Dan Walsh <dwalsh@redhat.com> 1.13.3-2
+* Sun Jun 13 2004 Dan Walsh <dwalsh@redhat.com> 1.13.3-2
 - Fix selinux_config to break once it finds SELINUXTYPE.
 
 * Fri May 28 2004 Dan Walsh <dwalsh@redhat.com> 1.13.2-1
@@ -2119,7 +2124,7 @@ Resolves: #200110
 * Mon May 17 2004 Dan Walsh <dwalsh@redhat.com> 1.12-2
 - add man patch
 
-* Thu May 14 2004 Dan Walsh <dwalsh@redhat.com> 1.12-1
+* Fri May 14 2004 Dan Walsh <dwalsh@redhat.com> 1.12-1
 - Update with latest from NSA
 
 * Wed May 5 2004 Dan Walsh <dwalsh@redhat.com> 1.11.4-1
@@ -2211,7 +2216,7 @@ Resolves: #200110
 * Mon Oct 27 2003 Dan Walsh <dwalsh@redhat.com> 1.3-2
 - Fix x86_64 build
 
-* Wed Oct 21 2003 Dan Walsh <dwalsh@redhat.com> 1.3-1
+* Wed Oct 22 2003 Dan Walsh <dwalsh@redhat.com> 1.3-1
 - Latest tarball from NSA.
 
 * Tue Oct 21 2003 Dan Walsh <dwalsh@redhat.com> 1.2-9
@@ -2235,12 +2240,12 @@ Resolves: #200110
 * Fri Sep  12 2003 Dan Walsh <dwalsh@redhat.com> 1.2-3
 - Update with latest from NSA.
 
-* Fri Aug  28 2003 Dan Walsh <dwalsh@redhat.com> 1.2-2
+* Thu Aug  28 2003 Dan Walsh <dwalsh@redhat.com> 1.2-2
 - Fix to build on x86_64
 
 * Thu Aug  21 2003 Dan Walsh <dwalsh@redhat.com> 1.2-1
 - update for version 1.2
 
-* Wed May 27 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
+* Tue May 27 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
 - Initial version