More fixes for seunshare
This commit is contained in:
parent
121d321149
commit
d04e8562ad
|
@ -1749,7 +1749,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
@python test_sandbox.py -v
|
@python test_sandbox.py -v
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox
|
||||||
--- nsapolicycoreutils/sandbox/sandbox 2010-06-16 08:04:12.000000000 -0400
|
--- nsapolicycoreutils/sandbox/sandbox 2010-06-16 08:04:12.000000000 -0400
|
||||||
+++ policycoreutils-2.0.83/sandbox/sandbox 2011-03-18 17:53:51.106277829 -0400
|
+++ policycoreutils-2.0.83/sandbox/sandbox 2011-03-24 17:54:19.483719915 -0400
|
||||||
@@ -1,5 +1,6 @@
|
@@ -1,5 +1,6 @@
|
||||||
-#! /usr/bin/python -E
|
-#! /usr/bin/python -E
|
||||||
+#! /usr/bin/python -Es
|
+#! /usr/bin/python -Es
|
||||||
|
@ -1779,7 +1779,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
import gettext
|
import gettext
|
||||||
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
||||||
gettext.textdomain(PROGNAME)
|
gettext.textdomain(PROGNAME)
|
||||||
@@ -41,6 +44,7 @@
|
@@ -41,11 +44,20 @@
|
||||||
import __builtin__
|
import __builtin__
|
||||||
__builtin__.__dict__['_'] = unicode
|
__builtin__.__dict__['_'] = unicode
|
||||||
|
|
||||||
|
@ -1787,7 +1787,20 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
DEFAULT_TYPE = "sandbox_t"
|
DEFAULT_TYPE = "sandbox_t"
|
||||||
DEFAULT_X_TYPE = "sandbox_x_t"
|
DEFAULT_X_TYPE = "sandbox_x_t"
|
||||||
SAVE_FILES = {}
|
SAVE_FILES = {}
|
||||||
@@ -63,15 +67,15 @@
|
|
||||||
|
random.seed(None)
|
||||||
|
+
|
||||||
|
+def chcon(path, context, recursive=False):
|
||||||
|
+ """ Set the SELinux context on a given path """
|
||||||
|
+ selinux.lsetfilecon(path, context)
|
||||||
|
+ if recursive:
|
||||||
|
+ for root, dirs, files in os.walk(path):
|
||||||
|
+ for name in files + dirs:
|
||||||
|
+ selinux.lsetfilecon(os.path.join(root,name), context)
|
||||||
|
|
||||||
|
def sighandler(signum, frame):
|
||||||
|
signal.signal(signum, signal.SIG_IGN)
|
||||||
|
@@ -63,15 +75,15 @@
|
||||||
sys.stderr.flush()
|
sys.stderr.flush()
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
@ -1807,7 +1820,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
if not os.path.exists(newdir):
|
if not os.path.exists(newdir):
|
||||||
os.makedirs(newdir)
|
os.makedirs(newdir)
|
||||||
dest = newdir + "/" + bname
|
dest = newdir + "/" + bname
|
||||||
@@ -81,9 +85,10 @@
|
@@ -81,9 +93,10 @@
|
||||||
shutil.copytree(file, dest)
|
shutil.copytree(file, dest)
|
||||||
else:
|
else:
|
||||||
shutil.copy2(file, dest)
|
shutil.copy2(file, dest)
|
||||||
|
@ -1820,7 +1833,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
|
|
||||||
SAVE_FILES[file] = (dest, os.path.getmtime(dest))
|
SAVE_FILES[file] = (dest, os.path.getmtime(dest))
|
||||||
|
|
||||||
@@ -161,10 +166,10 @@
|
@@ -161,10 +174,10 @@
|
||||||
if not self.__options.homedir or not self.__options.tmpdir:
|
if not self.__options.homedir or not self.__options.tmpdir:
|
||||||
self.usage(_("Homedir and tempdir required for level mounts"))
|
self.usage(_("Homedir and tempdir required for level mounts"))
|
||||||
|
|
||||||
|
@ -1834,7 +1847,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
|
|
||||||
def __mount_callback(self, option, opt, value, parser):
|
def __mount_callback(self, option, opt, value, parser):
|
||||||
self.__mount = True
|
self.__mount = True
|
||||||
@@ -172,6 +177,15 @@
|
@@ -172,6 +185,15 @@
|
||||||
def __x_callback(self, option, opt, value, parser):
|
def __x_callback(self, option, opt, value, parser):
|
||||||
self.__mount = True
|
self.__mount = True
|
||||||
setattr(parser.values, option.dest, True)
|
setattr(parser.values, option.dest, True)
|
||||||
|
@ -1850,7 +1863,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
|
|
||||||
def __validdir(self, option, opt, value, parser):
|
def __validdir(self, option, opt, value, parser):
|
||||||
if not os.path.isdir(value):
|
if not os.path.isdir(value):
|
||||||
@@ -194,6 +208,8 @@
|
@@ -194,6 +216,8 @@
|
||||||
self.__include(option, opt, i[:-1], parser)
|
self.__include(option, opt, i[:-1], parser)
|
||||||
except IOError, e:
|
except IOError, e:
|
||||||
sys.stderr.write(str(e))
|
sys.stderr.write(str(e))
|
||||||
|
@ -1859,7 +1872,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
fd.close()
|
fd.close()
|
||||||
|
|
||||||
def __copyfiles(self):
|
def __copyfiles(self):
|
||||||
@@ -212,13 +228,15 @@
|
@@ -212,13 +236,15 @@
|
||||||
/etc/gdm/Xsession
|
/etc/gdm/Xsession
|
||||||
""")
|
""")
|
||||||
else:
|
else:
|
||||||
|
@ -1877,7 +1890,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
kill -TERM $WM_PID 2> /dev/null
|
kill -TERM $WM_PID 2> /dev/null
|
||||||
""" % (command, wm, command))
|
""" % (command, wm, command))
|
||||||
fd.close()
|
fd.close()
|
||||||
@@ -226,14 +244,25 @@
|
@@ -226,14 +252,25 @@
|
||||||
|
|
||||||
def usage(self, message = ""):
|
def usage(self, message = ""):
|
||||||
error_exit("%s\n%s" % (self.__parser.usage, message))
|
error_exit("%s\n%s" % (self.__parser.usage, message))
|
||||||
|
@ -1907,7 +1920,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
|
|
||||||
parser = OptionParser(version=self.VERSION, usage=usage)
|
parser = OptionParser(version=self.VERSION, usage=usage)
|
||||||
parser.disable_interspersed_args()
|
parser.disable_interspersed_args()
|
||||||
@@ -268,6 +297,10 @@
|
@@ -268,6 +305,10 @@
|
||||||
action="callback", callback=self.__validdir,
|
action="callback", callback=self.__validdir,
|
||||||
help=_("alternate /tmp directory to use for mounting"))
|
help=_("alternate /tmp directory to use for mounting"))
|
||||||
|
|
||||||
|
@ -1918,7 +1931,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
parser.add_option("-W", "--windowmanager", dest="wm",
|
parser.add_option("-W", "--windowmanager", dest="wm",
|
||||||
type="string",
|
type="string",
|
||||||
default="/usr/bin/matchbox-window-manager -use_titlebar no",
|
default="/usr/bin/matchbox-window-manager -use_titlebar no",
|
||||||
@@ -276,13 +309,17 @@
|
@@ -276,13 +317,17 @@
|
||||||
parser.add_option("-l", "--level", dest="level",
|
parser.add_option("-l", "--level", dest="level",
|
||||||
help=_("MCS/MLS level for the sandbox"))
|
help=_("MCS/MLS level for the sandbox"))
|
||||||
|
|
||||||
|
@ -1937,7 +1950,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
if self.__options.setype:
|
if self.__options.setype:
|
||||||
self.setype = self.__options.setype
|
self.setype = self.__options.setype
|
||||||
|
|
||||||
@@ -300,6 +337,10 @@
|
@@ -300,6 +345,10 @@
|
||||||
self.__homedir = self.__options.homedir
|
self.__homedir = self.__options.homedir
|
||||||
self.__tmpdir = self.__options.tmpdir
|
self.__tmpdir = self.__options.tmpdir
|
||||||
else:
|
else:
|
||||||
|
@ -1948,7 +1961,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
if len(cmds) == 0:
|
if len(cmds) == 0:
|
||||||
self.usage(_("Command required"))
|
self.usage(_("Command required"))
|
||||||
cmds[0] = fullpath(cmds[0])
|
cmds[0] = fullpath(cmds[0])
|
||||||
@@ -329,44 +370,43 @@
|
@@ -329,44 +378,43 @@
|
||||||
def __setup_dir(self):
|
def __setup_dir(self):
|
||||||
if self.__options.level or self.__options.session:
|
if self.__options.level or self.__options.session:
|
||||||
return
|
return
|
||||||
|
@ -1957,7 +1970,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
- os.mkdir(sandboxdir)
|
- os.mkdir(sandboxdir)
|
||||||
|
|
||||||
if self.__options.homedir:
|
if self.__options.homedir:
|
||||||
selinux.chcon(self.__options.homedir, self.__filecon, recursive=True)
|
- selinux.chcon(self.__options.homedir, self.__filecon, recursive=True)
|
||||||
|
+ chcon(self.__options.homedir, self.__filecon, recursive=True)
|
||||||
self.__homedir = self.__options.homedir
|
self.__homedir = self.__options.homedir
|
||||||
else:
|
else:
|
||||||
selinux.setfscreatecon(self.__filecon)
|
selinux.setfscreatecon(self.__filecon)
|
||||||
|
@ -1965,7 +1979,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ self.__homedir = mkdtemp(dir="/tmp", prefix=".sandbox_home_")
|
+ self.__homedir = mkdtemp(dir="/tmp", prefix=".sandbox_home_")
|
||||||
|
|
||||||
if self.__options.tmpdir:
|
if self.__options.tmpdir:
|
||||||
selinux.chcon(self.__options.tmpdir, self.__filecon, recursive=True)
|
- selinux.chcon(self.__options.tmpdir, self.__filecon, recursive=True)
|
||||||
|
+ chcon(self.__options.tmpdir, self.__filecon, recursive=True)
|
||||||
self.__tmpdir = self.__options.tmpdir
|
self.__tmpdir = self.__options.tmpdir
|
||||||
else:
|
else:
|
||||||
selinux.setfscreatecon(self.__filecon)
|
selinux.setfscreatecon(self.__filecon)
|
||||||
|
@ -2012,7 +2027,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
|
|
||||||
selinux.setexeccon(self.__execcon)
|
selinux.setexeccon(self.__execcon)
|
||||||
rc = subprocess.Popen(self.__cmds).wait()
|
rc = subprocess.Popen(self.__cmds).wait()
|
||||||
@@ -404,7 +444,7 @@
|
@@ -404,7 +452,7 @@
|
||||||
sandbox = Sandbox()
|
sandbox = Sandbox()
|
||||||
rc = sandbox.main()
|
rc = sandbox.main()
|
||||||
except OSError, error:
|
except OSError, error:
|
||||||
|
@ -2222,7 +2237,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+.I Thomas Liu <tliu@fedoraproject.org>
|
+.I Thomas Liu <tliu@fedoraproject.org>
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.83/sandbox/seunshare.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.83/sandbox/seunshare.c
|
||||||
--- nsapolicycoreutils/sandbox/seunshare.c 2010-06-16 08:04:12.000000000 -0400
|
--- nsapolicycoreutils/sandbox/seunshare.c 2010-06-16 08:04:12.000000000 -0400
|
||||||
+++ policycoreutils-2.0.83/sandbox/seunshare.c 2011-03-18 17:53:42.821186805 -0400
|
+++ policycoreutils-2.0.83/sandbox/seunshare.c 2011-03-24 17:53:45.207410252 -0400
|
||||||
@@ -1,28 +1,35 @@
|
@@ -1,28 +1,35 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Authors: Dan Walsh <dwalsh@redhat.com>
|
+ * Authors: Dan Walsh <dwalsh@redhat.com>
|
||||||
|
@ -2432,20 +2447,20 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+
|
+
|
||||||
+ if (lstat(dir, st_out) == -1) {
|
+ if (lstat(dir, st_out) == -1) {
|
||||||
+ fprintf(stderr, _("Failed to stat %s: %s\n"), dir, strerror(errno));
|
+ fprintf(stderr, _("Failed to stat %s: %s\n"), dir, strerror(errno));
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+ if (! S_ISDIR(st_out->st_mode)) {
|
|
||||||
+ fprintf(stderr, _("Error: %s is not a directory: %s\n"), dir, strerror(errno));
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
- if (sb.st_uid != pwd->pw_uid) {
|
- if (sb.st_uid != pwd->pw_uid) {
|
||||||
- errno = EPERM;
|
- errno = EPERM;
|
||||||
- syslog(LOG_AUTHPRIV | LOG_ALERT, "%s attempted to mount an invalid directory, %s", pwd->pw_name, mntdir);
|
- syslog(LOG_AUTHPRIV | LOG_ALERT, "%s attempted to mount an invalid directory, %s", pwd->pw_name, mntdir);
|
||||||
- perror(_("Invalid mount point, reporting to administrator"));
|
- perror(_("Invalid mount point, reporting to administrator"));
|
||||||
+ if (st_in && !equal_stats(st_in, st_out)) {
|
+ if (! S_ISDIR(st_out->st_mode)) {
|
||||||
+ fprintf(stderr, _("Error: %s was replaced by a different directory\n"), dir);
|
+ fprintf(stderr, _("Error: %s is not a directory: %s\n"), dir, strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
+ if (st_in && !equal_stats(st_in, st_out)) {
|
||||||
|
+ fprintf(stderr, _("Error: %s was replaced by a different directory\n"), dir);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
+
|
+
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -2459,7 +2474,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -131,45 +236,509 @@
|
@@ -131,45 +236,520 @@
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2729,17 +2744,34 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+/*
|
+/*
|
||||||
+ This function returns 0 on success and -1 on failure.
|
+ If path is empy or ends with "/." or "/.. return -1 else return 0;
|
||||||
+ The cmdbuf will contain the rsync command string to copy all files from
|
+ */
|
||||||
+ src dir to tmp. cmdbuf can be NULL if no files need to be compied;
|
+static int bad_path(const char *path) {
|
||||||
+*/
|
+ const char *ptr;
|
||||||
|
+ ptr = path;
|
||||||
|
+ while (*ptr) ptr++;
|
||||||
|
+ if (ptr == path) return -1; // ptr null
|
||||||
|
+ ptr--;
|
||||||
|
+ if (ptr != path && *ptr == '.') {
|
||||||
|
+ ptr--;
|
||||||
|
+ if (*ptr == '/') return -1; // path ends in /.
|
||||||
|
+ if (*ptr == '.') {
|
||||||
|
+ if (ptr != path) {
|
||||||
|
+ ptr--;
|
||||||
|
+ if (*ptr == '/') return -1; // path ends in /..
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
+static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
|
+static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
|
||||||
+{
|
+{
|
||||||
+ char *buf = NULL;
|
+ char *buf = NULL;
|
||||||
+ char *newbuf = NULL;
|
+ char *newbuf = NULL;
|
||||||
+ glob_t fglob;
|
+ glob_t fglob;
|
||||||
+ fglob.gl_offs = 0;
|
+ fglob.gl_offs = 0;
|
||||||
+ int flags = GLOB_DOOFFS | GLOB_TILDE;
|
+ int flags = GLOB_PERIOD;
|
||||||
+ unsigned int i = 0;
|
+ unsigned int i = 0;
|
||||||
+ int rc = -1;
|
+ int rc = -1;
|
||||||
+
|
+
|
||||||
|
@ -2749,43 +2781,36 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
return -1;
|
return -1;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ if (glob(buf, flags, NULL, &fglob) < 0) {
|
+ if (glob(buf, flags, NULL, &fglob) != 0) {
|
||||||
+ free(buf); buf = NULL;
|
+ free(buf); buf = NULL;
|
||||||
+ return -1;
|
+ return -1;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ free(buf); buf = NULL;
|
+ free(buf); buf = NULL;
|
||||||
+
|
+
|
||||||
+ /* append match glob for all hidden files in src dir exclude . and .. */
|
|
||||||
+ if (asprintf(&buf, "%s/.[^.]*", src) == -1) {
|
|
||||||
+ fprintf(stderr, "Out of memory\n");
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (glob(buf, flags | GLOB_APPEND ,NULL, &fglob) < 0) {
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ free(buf); buf = NULL;
|
|
||||||
+
|
|
||||||
+ for ( i=0; i < fglob.gl_pathc; i++) {
|
+ for ( i=0; i < fglob.gl_pathc; i++) {
|
||||||
|
+ const char *path = fglob.gl_pathv[i];
|
||||||
|
+
|
||||||
|
+ if (bad_path(path)) continue;
|
||||||
|
+
|
||||||
+ if (!buf) {
|
+ if (!buf) {
|
||||||
+ if (asprintf(&newbuf, "%s", fglob.gl_pathv[i]) == -1) {
|
+ if (asprintf(&newbuf, "\'%s\'", path) == -1) {
|
||||||
+ fprintf(stderr, "Out of memory\n");
|
+ fprintf(stderr, "Out of memory\n");
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ }
|
+ }
|
||||||
+ } else {
|
+ } else {
|
||||||
+ if (asprintf(&newbuf, "%s %s", buf, fglob.gl_pathv[i]) == -1) {
|
+ if (asprintf(&newbuf, "%s \'%s\'", buf, path) == -1) {
|
||||||
+ fprintf(stderr, "Out of memory\n");
|
+ fprintf(stderr, "Out of memory\n");
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ }
|
+ }
|
||||||
+ }
|
+ }
|
||||||
|
+
|
||||||
+ free(buf); buf = newbuf;
|
+ free(buf); buf = newbuf;
|
||||||
+ newbuf = NULL;
|
+ newbuf = NULL;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ if (buf) {
|
+ if (buf) {
|
||||||
+ if (asprintf(&newbuf, "/usr/bin/rsync -trlHDq %s '%s/'", buf, dst) == -1) {
|
+ if (asprintf(&newbuf, "/usr/bin/rsync -trlHDq %s '%s'", buf, dst) == -1) {
|
||||||
+ fprintf(stderr, "Out of memory\n");
|
+ fprintf(stderr, "Out of memory\n");
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ }
|
+ }
|
||||||
|
@ -2800,8 +2825,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ free(buf); buf = NULL;
|
+ free(buf); buf = NULL;
|
||||||
+ globfree(&fglob);
|
+ globfree(&fglob);
|
||||||
+ return rc;
|
+ return rc;
|
||||||
+}
|
}
|
||||||
+
|
|
||||||
|
-#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -t tmpdir ] [ -h homedir ] -- CONTEXT executable [args] ")
|
||||||
+/**
|
+/**
|
||||||
+ * Clean up runtime temporary directory. Returns 0 if no problem was detected,
|
+ * Clean up runtime temporary directory. Returns 0 if no problem was detected,
|
||||||
+ * >0 if some error was detected, but errors here are treated as non-fatal and
|
+ * >0 if some error was detected, but errors here are treated as non-fatal and
|
||||||
|
@ -2844,9 +2870,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ setfsuid(pwd->pw_uid);
|
+ setfsuid(pwd->pw_uid);
|
||||||
+
|
+
|
||||||
+ return 0;
|
+ return 0;
|
||||||
}
|
+}
|
||||||
|
+
|
||||||
-#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -t tmpdir ] [ -h homedir ] -- CONTEXT executable [args] ")
|
|
||||||
+/**
|
+/**
|
||||||
+ * seunshare will create a tmpdir in /tmp, with root ownership. The parent
|
+ * seunshare will create a tmpdir in /tmp, with root ownership. The parent
|
||||||
+ * process waits for it child to exit to attempt to remove the directory. If
|
+ * process waits for it child to exit to attempt to remove the directory. If
|
||||||
|
@ -2881,6 +2906,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ fprintf(stderr, _("Failed to get context of the directory %s: %s\n"), src, strerror(errno));
|
+ fprintf(stderr, _("Failed to get context of the directory %s: %s\n"), src, strerror(errno));
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ }
|
+ }
|
||||||
|
+
|
||||||
|
+ if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
+ /* ok to not reach this if there is an error */
|
+ /* ok to not reach this if there is an error */
|
||||||
+ setfsuid(0);
|
+ setfsuid(0);
|
||||||
+ }
|
+ }
|
||||||
|
@ -2933,10 +2963,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ }
|
+ }
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
|
+ if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
|
||||||
+ fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
|
+ fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
|
||||||
+ cleanup_tmpdir(tmpdir, src, pwd, 0);
|
+ cleanup_tmpdir(tmpdir, src, pwd, 0);
|
||||||
|
@ -2983,7 +3009,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
{NULL, 0, 0, 0}
|
{NULL, 0, 0, 0}
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -180,6 +749,12 @@
|
@@ -180,6 +760,12 @@
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2996,7 +3022,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
struct passwd *pwd=getpwuid(uid);
|
struct passwd *pwd=getpwuid(uid);
|
||||||
if (!pwd) {
|
if (!pwd) {
|
||||||
perror(_("getpwduid failed"));
|
perror(_("getpwduid failed"));
|
||||||
@@ -187,34 +762,30 @@
|
@@ -187,34 +773,30 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
if (verify_shell(pwd->pw_shell) < 0) {
|
if (verify_shell(pwd->pw_shell) < 0) {
|
||||||
|
@ -3042,7 +3068,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
fprintf(stderr, "%s\n", USAGE_STRING);
|
fprintf(stderr, "%s\n", USAGE_STRING);
|
||||||
@@ -223,76 +794,84 @@
|
@@ -223,76 +805,84 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! homedir_s && ! tmpdir_s) {
|
if (! homedir_s && ! tmpdir_s) {
|
||||||
|
@ -3093,7 +3119,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ * on an NFS mount. It's also desired to avoid leaking info about
|
+ * on an NFS mount. It's also desired to avoid leaking info about
|
||||||
+ * existence of the files not accessible to the user. */
|
+ * existence of the files not accessible to the user. */
|
||||||
+ setfsuid(uid);
|
+ setfsuid(uid);
|
||||||
+
|
|
||||||
|
- if (drop_capabilities(uid)) {
|
||||||
|
- perror(_("Failed to drop all capabilities"));
|
||||||
+ /* verify homedir and tmpdir */
|
+ /* verify homedir and tmpdir */
|
||||||
+ if (homedir_s && (
|
+ if (homedir_s && (
|
||||||
+ verify_directory(homedir_s, NULL, &st_homedir) < 0 ||
|
+ verify_directory(homedir_s, NULL, &st_homedir) < 0 ||
|
||||||
|
@ -3102,9 +3130,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
+ verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 ||
|
+ verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 ||
|
||||||
+ check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1;
|
+ check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1;
|
||||||
+ setfsuid(0);
|
+ setfsuid(0);
|
||||||
|
+
|
||||||
- if (drop_capabilities(uid)) {
|
|
||||||
- perror(_("Failed to drop all capabilities"));
|
|
||||||
+ /* create runtime tmpdir */
|
+ /* create runtime tmpdir */
|
||||||
+ if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s,
|
+ if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s,
|
||||||
+ &st_tmpdir_r, pwd, execcon)) == NULL) {
|
+ &st_tmpdir_r, pwd, execcon)) == NULL) {
|
||||||
|
@ -3175,7 +3201,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
|
||||||
if (display)
|
if (display)
|
||||||
rc |= setenv("DISPLAY", display, 1);
|
rc |= setenv("DISPLAY", display, 1);
|
||||||
rc |= setenv("HOME", pwd->pw_dir, 1);
|
rc |= setenv("HOME", pwd->pw_dir, 1);
|
||||||
@@ -300,22 +879,41 @@
|
@@ -300,22 +890,41 @@
|
||||||
rc |= setenv("USER", pwd->pw_name, 1);
|
rc |= setenv("USER", pwd->pw_name, 1);
|
||||||
rc |= setenv("LOGNAME", pwd->pw_name, 1);
|
rc |= setenv("LOGNAME", pwd->pw_name, 1);
|
||||||
rc |= setenv("PATH", DEFAULT_PATH, 1);
|
rc |= setenv("PATH", DEFAULT_PATH, 1);
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.83
|
Version: 2.0.83
|
||||||
Release: 33.6%{?dist}
|
Release: 33.7%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
|
@ -316,6 +316,9 @@ fi
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Mar 24 2011 Dan Walsh <dwalsh@redhat.com> 2.0.83-33.5
|
||||||
|
- More fixes for seunshare
|
||||||
|
|
||||||
* Fri Mar 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.83-33.5
|
* Fri Mar 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.83-33.5
|
||||||
- Fix rsync command to work if the directory is old.
|
- Fix rsync command to work if the directory is old.
|
||||||
- Fix all tests
|
- Fix all tests
|
||||||
|
|
Loading…
Reference in New Issue