Compare commits
26 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
72a4d21573 | ||
|
df863663f2 | ||
|
9f197b5eb0 | ||
|
f415a12acc | ||
|
397914a5b7 | ||
|
de46aea469 | ||
|
fe90fcfea9 | ||
|
4cd6edc808 | ||
|
16246ac8b2 | ||
|
55fb6920ca | ||
|
78134e652a | ||
|
ed4c843b48 | ||
|
6d8189f150 | ||
|
4189d94570 | ||
|
f7c4958dbf | ||
|
c06fc4b8dd | ||
|
fd42cdb339 | ||
|
9f8f4e973f | ||
|
65350da6d3 | ||
|
b6d72dd04b | ||
|
312470de44 | ||
|
93a6f1fc9d | ||
|
2ab6e22253 | ||
|
513ebc6132 | ||
|
4d63979d6d | ||
|
aae6082678 |
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
954
policycoreutils-sandbox.patch
Normal file
954
policycoreutils-sandbox.patch
Normal file
@ -0,0 +1,954 @@
|
||||
diff -up policycoreutils-2.0.86/restorecond/restorecond_user.conf.sandbox policycoreutils-2.0.86/restorecond/restorecond_user.conf
|
||||
--- policycoreutils-2.0.86/restorecond/restorecond_user.conf.sandbox 2011-06-13 13:47:06.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/restorecond/restorecond_user.conf 2011-06-13 13:47:27.000000000 -0400
|
||||
@@ -4,4 +4,4 @@
|
||||
~/local/*
|
||||
~/.fonts/*
|
||||
~/.cache/*
|
||||
-
|
||||
+~/.config/*
|
||||
diff -up policycoreutils-2.0.86/sandbox/sandbox.8.sandbox policycoreutils-2.0.86/sandbox/sandbox.8
|
||||
--- policycoreutils-2.0.86/sandbox/sandbox.8.sandbox 2011-07-07 14:42:18.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/sandbox/sandbox.8 2012-01-03 11:09:22.391519370 -0500
|
||||
@@ -3,11 +3,11 @@
|
||||
sandbox \- Run cmd under an SELinux sandbox
|
||||
.SH SYNOPSIS
|
||||
.B sandbox
|
||||
-[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
|
||||
+[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
|
||||
|
||||
.br
|
||||
.B sandbox
|
||||
-[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
|
||||
+[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
|
||||
.br
|
||||
.SH DESCRIPTION
|
||||
.PP
|
||||
@@ -49,7 +49,7 @@ Use alternate tempory directory to mount
|
||||
Run a full desktop session, Requires level, and home and tmpdir.
|
||||
.TP
|
||||
\fB\-w windowsize\fR
|
||||
-Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
|
||||
+Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
|
||||
.TP
|
||||
\fB\-W windowmanager\fR
|
||||
Select alternative window manager to run within
|
||||
@@ -60,8 +60,14 @@ Default to /usr/bin/matchbox-window-mana
|
||||
Create an X based Sandbox for gui apps, temporary files for
|
||||
$HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
|
||||
.TP
|
||||
-\fB\-C\fR
|
||||
+\fB\-d\fR
|
||||
+Set the DPI value for the sanbox X Server. Defaults to the current X Sever DPI.
|
||||
+.TP
|
||||
+\fB\-c\fR
|
||||
Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
|
||||
+.TP
|
||||
+\fB\-C\fR
|
||||
+Use capabilities within the sandbox. By default applications executed within the sandbox will not be allowed to use capabilities (setuid apps), with the -C flag, you can use programs requiring capabilities.
|
||||
.PP
|
||||
.SH "SEE ALSO"
|
||||
.TP
|
||||
@@ -69,7 +75,7 @@ runcon(1), seunshare(8), selinux(8)
|
||||
.PP
|
||||
|
||||
.SH AUTHOR
|
||||
-This manual page was written by
|
||||
+This manual page was written by
|
||||
.I Dan Walsh <dwalsh@redhat.com>
|
||||
and
|
||||
.I Thomas Liu <tliu@fedoraproject.org>
|
||||
diff -up policycoreutils-2.0.86/sandbox/sandbox.sandbox policycoreutils-2.0.86/sandbox/sandbox
|
||||
--- policycoreutils-2.0.86/sandbox/sandbox.sandbox 2011-06-13 13:44:44.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/sandbox/sandbox 2012-01-03 11:08:43.619495043 -0500
|
||||
@@ -25,7 +25,7 @@ import selinux
|
||||
import signal
|
||||
from tempfile import mkdtemp
|
||||
import pwd
|
||||
-import commands
|
||||
+import commands
|
||||
import setools
|
||||
|
||||
PROGNAME = "policycoreutils"
|
||||
@@ -88,9 +88,7 @@ def copyfile(file, srcdir, dest):
|
||||
|
||||
except shutil.Error, elist:
|
||||
for e in elist.message:
|
||||
- # ignore files that are missing
|
||||
- if not e[2].startswith("[Errno 2]"):
|
||||
- sys.stderr.write(e[2])
|
||||
+ sys.stderr.write(e[2])
|
||||
|
||||
SAVE_FILES[file] = (dest, os.path.getmtime(dest))
|
||||
|
||||
@@ -120,10 +118,30 @@ def reserve(level):
|
||||
sock.bind("\0%s" % level)
|
||||
fcntl.fcntl(sock.fileno(), fcntl.F_SETFD, fcntl.FD_CLOEXEC)
|
||||
|
||||
+def get_range():
|
||||
+ try:
|
||||
+ level =selinux.getcon_raw()[1].split(":")[4]
|
||||
+ lowc,highc = level.split(".")
|
||||
+ low = int(lowc[1:])
|
||||
+ high = int(highc[1:])+1
|
||||
+ if high - low == 0:
|
||||
+ raise IndexError
|
||||
+
|
||||
+ return low,high
|
||||
+ except IndexError:
|
||||
+ raise ValueError(_("User account must be setup with an MCS Range"))
|
||||
+
|
||||
def gen_mcs():
|
||||
- while True:
|
||||
- i1 = random.randrange(0, 1024)
|
||||
- i2 = random.randrange(0, 1024)
|
||||
+ low, high = get_range()
|
||||
+
|
||||
+ level = None
|
||||
+ ctr = 0
|
||||
+ total = high-low
|
||||
+ total = (total * (total - 1))/2
|
||||
+ while ctr < total:
|
||||
+ ctr += 1
|
||||
+ i1 = random.randrange(low, high)
|
||||
+ i2 = random.randrange(low, high)
|
||||
if i1 == i2:
|
||||
continue
|
||||
if i1 > i2:
|
||||
@@ -136,7 +154,10 @@ def gen_mcs():
|
||||
except socket.error:
|
||||
continue
|
||||
break
|
||||
- return level
|
||||
+ if level:
|
||||
+ return level
|
||||
+ raise ValueError(_("Failed to find any unused category sets. Consider a larger MCS range for this user."))
|
||||
+
|
||||
|
||||
def fullpath(cmd):
|
||||
for i in [ "/", "./", "../" ]:
|
||||
@@ -170,7 +191,7 @@ class Sandbox:
|
||||
|
||||
if not os.path.exists(SEUNSHARE):
|
||||
raise ValueError(_("""
|
||||
-%s is required for the action you want to perform.
|
||||
+%s is required for the action you want to perform.
|
||||
""") % SEUNSHARE)
|
||||
|
||||
def __mount_callback(self, option, opt, value, parser):
|
||||
@@ -181,12 +202,12 @@ class Sandbox:
|
||||
setattr(parser.values, option.dest, True)
|
||||
if not os.path.exists(SEUNSHARE):
|
||||
raise ValueError(_("""
|
||||
-%s is required for the action you want to perform.
|
||||
+%s is required for the action you want to perform.
|
||||
""") % SEUNSHARE)
|
||||
|
||||
if not os.path.exists(SANDBOXSH):
|
||||
raise ValueError(_("""
|
||||
-%s is required for the action you want to perform.
|
||||
+%s is required for the action you want to perform.
|
||||
""") % SANDBOXSH)
|
||||
|
||||
def __validdir(self, option, opt, value, parser):
|
||||
@@ -246,26 +267,25 @@ kill -TERM $WM_PID 2> /dev/null
|
||||
|
||||
def usage(self, message = ""):
|
||||
error_exit("%s\n%s" % (self.__parser.usage, message))
|
||||
-
|
||||
+
|
||||
def __parse_options(self):
|
||||
from optparse import OptionParser
|
||||
types = ""
|
||||
try:
|
||||
types = _("""
|
||||
-Policy defines the following types for use with the -t:
|
||||
+Policy defines the following types for use with the -t:
|
||||
\t%s
|
||||
""") % "\n\t".join(setools.seinfo(setools.ATTRIBUTE, "sandbox_type")[0]['types'])
|
||||
except RuntimeError:
|
||||
pass
|
||||
|
||||
usage = _("""
|
||||
-sandbox [-h] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [-W windowmanager ] [ -w windowsize ] [[-i file ] ...] [ -t type ] command
|
||||
+sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [-W windowmanager ] [ -w windowsize ] [[-i file ] ...] [ -t type ] command
|
||||
|
||||
-sandbox [-h] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [-W windowmanager ] [ -w windowsize ] [[-i file ] ...] [ -t type ] -S
|
||||
+sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [-W windowmanager ] [ -w windowsize ] [[-i file ] ...] [ -t type ] -S
|
||||
%s
|
||||
""") % types
|
||||
|
||||
-
|
||||
parser = OptionParser(version=self.VERSION, usage=usage)
|
||||
parser.disable_interspersed_args()
|
||||
parser.add_option("-i", "--include",
|
||||
@@ -281,6 +301,10 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
action="callback", callback=self.__mount_callback,
|
||||
help=_("mount new home and/or tmp directory"))
|
||||
|
||||
+ parser.add_option("-d", "--dpi",
|
||||
+ dest="dpi", action="store",
|
||||
+ help=_("dots per inch for X display"))
|
||||
+
|
||||
parser.add_option("-S", "--session", action="store_true", dest="session",
|
||||
default=False, help=_("run complete desktop session within sandbox"))
|
||||
|
||||
@@ -291,17 +315,17 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
parser.add_option("-H", "--homedir",
|
||||
action="callback", callback=self.__validdir,
|
||||
type="string",
|
||||
- dest="homedir",
|
||||
+ dest="homedir",
|
||||
help=_("alternate home directory to use for mounting"))
|
||||
|
||||
- parser.add_option("-T", "--tmpdir", dest="tmpdir",
|
||||
+ parser.add_option("-T", "--tmpdir", dest="tmpdir",
|
||||
type="string",
|
||||
action="callback", callback=self.__validdir,
|
||||
help=_("alternate /tmp directory to use for mounting"))
|
||||
|
||||
parser.add_option("-w", "--windowsize", dest="windowsize",
|
||||
type="string", default=DEFAULT_WINDOWSIZE,
|
||||
- help="size of the sandbox window")
|
||||
+ help="size of the sandbox window")
|
||||
|
||||
parser.add_option("-W", "--windowmanager", dest="wm",
|
||||
type="string",
|
||||
@@ -311,9 +335,13 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
parser.add_option("-l", "--level", dest="level",
|
||||
help=_("MCS/MLS level for the sandbox"))
|
||||
|
||||
- parser.add_option("-C", "--cgroups",
|
||||
- action="store_true", dest="usecgroup", default=False,
|
||||
- help="Use cgroups to limit this sandbox.")
|
||||
+ parser.add_option("-c", "--cgroups",
|
||||
+ action="store_true", dest="usecgroup", default=False,
|
||||
+ help=_("Use cgroups to limit this sandbox."))
|
||||
+
|
||||
+ parser.add_option("-C", "--capabilities",
|
||||
+ action="store_true", dest="usecaps", default=False,
|
||||
+ help="Allow apps requiring capabilities to run within the sandbox.")
|
||||
|
||||
self.__parser=parser
|
||||
|
||||
@@ -366,8 +394,8 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
|
||||
con = selinux.getcon()[1].split(":")
|
||||
self.__execcon = "%s:%s:%s:%s" % (con[0], con[1], self.setype, level)
|
||||
- self.__filecon = "%s:%s:%s:%s" % (con[0], "object_r",
|
||||
- "%s_file_t" % self.setype[:-2],
|
||||
+ self.__filecon = "%s:%s:%s:%s" % (con[0], "object_r",
|
||||
+ "%s_file_t" % self.setype[:-2],
|
||||
level)
|
||||
def __setup_dir(self):
|
||||
if self.__options.level or self.__options.session:
|
||||
@@ -392,12 +420,20 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
def __execute(self):
|
||||
try:
|
||||
cmds = [ SEUNSHARE, "-Z", self.__execcon ]
|
||||
- if self.__options.usecgroup == True:
|
||||
+ if self.__options.usecgroup:
|
||||
cmds.append('-c')
|
||||
+ if self.__options.usecaps:
|
||||
+ cmds.append('-C')
|
||||
if self.__mount:
|
||||
cmds += [ "-t", self.__tmpdir, "-h", self.__homedir ]
|
||||
|
||||
if self.__options.X_ind:
|
||||
+ if self.__options.dpi:
|
||||
+ dpi = self.__options.dpi
|
||||
+ else:
|
||||
+ import gtk
|
||||
+ dpi = str(gtk.settings_get_default().props.gtk_xft_dpi/1024)
|
||||
+
|
||||
xmodmapfile = self.__homedir + "/.xmodmap"
|
||||
xd = open(xmodmapfile,"w")
|
||||
subprocess.Popen(["/usr/bin/xmodmap","-pke"],stdout=xd).wait()
|
||||
@@ -405,7 +441,7 @@ sandbox [-h] [-l level ] [-[X|M] [-H hom
|
||||
|
||||
self.__setup_sandboxrc(self.__options.wm)
|
||||
|
||||
- cmds += [ "--", SANDBOXSH, self.__options.windowsize ]
|
||||
+ cmds += [ "--", SANDBOXSH, self.__options.windowsize, dpi ]
|
||||
else:
|
||||
cmds += [ "--" ] + self.__paths
|
||||
return subprocess.Popen(cmds).wait()
|
||||
diff -up policycoreutils-2.0.86/sandbox/sandboxX.sh.sandbox policycoreutils-2.0.86/sandbox/sandboxX.sh
|
||||
--- policycoreutils-2.0.86/sandbox/sandboxX.sh.sandbox 2011-06-13 13:44:44.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/sandbox/sandboxX.sh 2012-01-03 11:10:04.985546365 -0500
|
||||
@@ -1,10 +1,12 @@
|
||||
-#!/bin/bash
|
||||
-context=`id -Z | secon -t `
|
||||
-export TITLE="`grep ^#TITLE: ~/.sandboxrc | /usr/bin/cut -b8-80` ($context)"
|
||||
-[ $# -eq 1 ] && export SCREENSIZE="$1" || export SCREENSIZE="1000x700"
|
||||
+#!/bin/bash
|
||||
+trap "" TERM
|
||||
+context=`id -Z | secon -t -l -P`
|
||||
+export TITLE="Sandbox $context -- `grep ^#TITLE: ~/.sandboxrc | /usr/bin/cut -b8-80`"
|
||||
+[ -z $1 ] && export SCREENSIZE="1000x700" || export SCREENSIZE="$1"
|
||||
+[ -z $2 ] && export DPI="96" || export DPI="$2"
|
||||
trap "exit 0" HUP
|
||||
|
||||
-(/usr/bin/Xephyr -nolisten tcp -title "$TITLE" -terminate -screen $SCREENSIZE -displayfd 5 5>&1 2>/dev/null) | while read D; do
|
||||
+(/usr/bin/Xephyr -title "$TITLE" -terminate -screen $SCREENSIZE -dpi $DPI -displayfd 5 5>&1 2>/dev/null) | while read D; do
|
||||
export DISPLAY=:$D
|
||||
cat > ~/seremote << __EOF
|
||||
#!/bin/sh
|
||||
@@ -13,7 +15,7 @@ __EOF
|
||||
chmod +x ~/seremote
|
||||
/usr/share/sandbox/start $HOME/.sandboxrc
|
||||
export EXITCODE=$?
|
||||
- kill -HUP 0
|
||||
+ kill -TERM 0
|
||||
break
|
||||
done
|
||||
exit 0
|
||||
diff -up policycoreutils-2.0.86/sandbox/seunshare.8.sandbox policycoreutils-2.0.86/sandbox/seunshare.8
|
||||
--- policycoreutils-2.0.86/sandbox/seunshare.8.sandbox 2011-07-07 14:41:16.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/sandbox/seunshare.8 2012-01-03 11:10:36.498566587 -0500
|
||||
@@ -3,11 +3,11 @@
|
||||
seunshare \- Run cmd with alternate homedir, tmpdir and/or SELinux context
|
||||
.SH SYNOPSIS
|
||||
.B seunshare
|
||||
-[ -v ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
|
||||
+[ -v ] [ -c ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
|
||||
.br
|
||||
.SH DESCRIPTION
|
||||
.PP
|
||||
-Run the
|
||||
+Run the
|
||||
.I executable
|
||||
within the specified context, using the alternate home directory and /tmp directory. The seunshare command unshares from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to execute the application under the specified SELinux context.
|
||||
|
||||
@@ -18,9 +18,15 @@ Alternate homedir to be used by the appl
|
||||
\fB\-t\ tmpdir
|
||||
Use alternate tempory directory to mount on /tmp. tmpdir must be owned by the user.
|
||||
.TP
|
||||
-\fB\-c cgroups\fR
|
||||
+\fB\-c --cgroups\fR
|
||||
Use cgroups to control this copy of seunshare. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
|
||||
.TP
|
||||
+\fB\-C --capabilities\fR
|
||||
+Allow apps executed within the namespace to use capabilities. Default is no capabilities.
|
||||
+.TP
|
||||
+\fB\-k --kill\fR
|
||||
+Kill all processes with matching MCS level.
|
||||
+.TP
|
||||
\fB\-Z\ context
|
||||
Use alternate SELinux context while runing the executable.
|
||||
.TP
|
||||
@@ -28,10 +34,10 @@ Use alternate SELinux context while runi
|
||||
Verbose output
|
||||
.SH "SEE ALSO"
|
||||
.TP
|
||||
-runcon(1), sandbox(8), selinux(8)
|
||||
+runcon(1), sandbox(8), selinux(8)
|
||||
.PP
|
||||
.SH AUTHOR
|
||||
-This manual page was written by
|
||||
+This manual page was written by
|
||||
.I Dan Walsh <dwalsh@redhat.com>
|
||||
and
|
||||
.I Thomas Liu <tliu@fedoraproject.org>
|
||||
diff -up policycoreutils-2.0.86/sandbox/seunshare.c.sandbox policycoreutils-2.0.86/sandbox/seunshare.c
|
||||
--- policycoreutils-2.0.86/sandbox/seunshare.c.sandbox 2011-06-13 13:44:44.000000000 -0400
|
||||
+++ policycoreutils-2.0.86/sandbox/seunshare.c 2012-01-03 11:08:59.081504712 -0500
|
||||
@@ -5,8 +5,9 @@
|
||||
|
||||
#define _GNU_SOURCE
|
||||
#include <signal.h>
|
||||
-#include <sys/types.h>
|
||||
+#include <sys/fsuid.h>
|
||||
#include <sys/stat.h>
|
||||
+#include <sys/types.h>
|
||||
#include <sys/wait.h>
|
||||
#include <syslog.h>
|
||||
#include <sys/mount.h>
|
||||
@@ -18,7 +19,6 @@
|
||||
#include <stdio.h>
|
||||
#include <regex.h>
|
||||
#include <unistd.h>
|
||||
-#include <sys/fsuid.h>
|
||||
#include <stdlib.h>
|
||||
#include <cap-ng.h>
|
||||
#include <getopt.h> /* for getopt_long() form of getopt() */
|
||||
@@ -29,6 +29,7 @@
|
||||
|
||||
#include <selinux/selinux.h>
|
||||
#include <selinux/context.h> /* for context-mangling functions */
|
||||
+#include <dirent.h>
|
||||
|
||||
#ifdef USE_NLS
|
||||
#include <locale.h> /* for setlocale() */
|
||||
@@ -42,8 +43,8 @@
|
||||
#define MS_REC 1<<14
|
||||
#endif
|
||||
|
||||
-#ifndef MS_PRIVATE
|
||||
-#define MS_PRIVATE 1<<18
|
||||
+#ifndef MS_SLAVE
|
||||
+#define MS_SLAVE 1<<19
|
||||
#endif
|
||||
|
||||
#ifndef PACKAGE
|
||||
@@ -52,21 +53,22 @@
|
||||
|
||||
#define BUF_SIZE 1024
|
||||
#define DEFAULT_PATH "/usr/bin:/bin"
|
||||
-
|
||||
-#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -c ] -t tmpdir -h homedir [-Z context] -- executable [args]")
|
||||
+#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -C ] [ -c ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z CONTEXT ] -- executable [args] ")
|
||||
|
||||
static int verbose = 0;
|
||||
+static int child = 0;
|
||||
|
||||
+static capng_select_t cap_set = CAPNG_SELECT_BOTH;
|
||||
|
||||
/**
|
||||
* This function will drop all capabilities.
|
||||
*/
|
||||
static int drop_caps()
|
||||
{
|
||||
- if (capng_have_capabilities(CAPNG_SELECT_BOTH) == CAPNG_NONE)
|
||||
+ if (capng_have_capabilities(cap_set) == CAPNG_NONE)
|
||||
return 0;
|
||||
- capng_clear(CAPNG_SELECT_BOTH);
|
||||
- if (capng_lock() == -1 || capng_apply(CAPNG_SELECT_BOTH) == -1) {
|
||||
+ capng_clear(cap_set);
|
||||
+ if (capng_lock() == -1 || capng_apply(cap_set) == -1) {
|
||||
fprintf(stderr, _("Failed to drop all capabilities\n"));
|
||||
return -1;
|
||||
}
|
||||
@@ -86,6 +88,13 @@ static int drop_privs(uid_t uid)
|
||||
}
|
||||
|
||||
/**
|
||||
+ * If the user sends a siginto to seunshare, kill the child's session
|
||||
+ */
|
||||
+void handler(int sig) {
|
||||
+ if (child > 0) kill(-child,sig);
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
* Take care of any signal setup.
|
||||
*/
|
||||
static int set_signal_handles(void)
|
||||
@@ -101,11 +110,16 @@ static int set_signal_handles(void)
|
||||
(void)sigprocmask(SIG_SETMASK, &empty, NULL);
|
||||
|
||||
/* Terminate on SIGHUP */
|
||||
- if (signal(SIGHUP, SIG_IGN) == SIG_ERR) {
|
||||
+ if (signal(SIGHUP, SIG_DFL) == SIG_ERR) {
|
||||
perror("Unable to set SIGHUP handler");
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (signal(SIGINT, handler) == SIG_ERR) {
|
||||
+ perror("Unable to set SIGINT handler");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -192,7 +206,7 @@ static int verify_directory(const char *
|
||||
struct stat sb;
|
||||
|
||||
if (st_out == NULL) st_out = &sb;
|
||||
-
|
||||
+
|
||||
if (lstat(dir, st_out) == -1) {
|
||||
fprintf(stderr, _("Failed to stat %s: %s\n"), dir, strerror(errno));
|
||||
return -1;
|
||||
@@ -241,7 +255,7 @@ static int verify_shell(const char *shel
|
||||
*/
|
||||
static int seunshare_mount(const char *src, const char *dst, struct stat *src_st)
|
||||
{
|
||||
- int flags = MS_REC;
|
||||
+ int flags = 0;
|
||||
int is_tmp = 0;
|
||||
|
||||
if (verbose)
|
||||
@@ -253,14 +267,6 @@ static int seunshare_mount(const char *s
|
||||
}
|
||||
|
||||
/* mount directory */
|
||||
- if (mount(dst, dst, NULL, MS_BIND | flags, NULL) < 0) {
|
||||
- fprintf(stderr, _("Failed to mount %s on %s: %s\n"), dst, dst, strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
- if (mount(dst, dst, NULL, MS_PRIVATE | flags, NULL) < 0) {
|
||||
- fprintf(stderr, _("Failed to make %s private: %s\n"), dst, strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
if (mount(src, dst, NULL, MS_BIND | flags, NULL) < 0) {
|
||||
fprintf(stderr, _("Failed to mount %s on %s: %s\n"), src, dst, strerror(errno));
|
||||
return -1;
|
||||
@@ -274,14 +280,6 @@ static int seunshare_mount(const char *s
|
||||
if (verbose)
|
||||
printf(_("Mounting /tmp on /var/tmp\n"));
|
||||
|
||||
- if (mount("/var/tmp", "/var/tmp", NULL, MS_BIND | flags, NULL) < 0) {
|
||||
- fprintf(stderr, _("Failed to mount /var/tmp on /var/tmp: %s\n"), strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
- if (mount("/var/tmp", "/var/tmp", NULL, MS_PRIVATE | flags, NULL) < 0) {
|
||||
- fprintf(stderr, _("Failed to make /var/tmp private: %s\n"), strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
if (mount("/tmp", "/var/tmp", NULL, MS_BIND | flags, NULL) < 0) {
|
||||
fprintf(stderr, _("Failed to mount /tmp on /var/tmp: %s\n"), strerror(errno));
|
||||
return -1;
|
||||
@@ -308,12 +306,12 @@ static int sandbox_error(const char *str
|
||||
static int match(const char *string, char *pattern)
|
||||
{
|
||||
int status;
|
||||
- regex_t re;
|
||||
+ regex_t re;
|
||||
if (regcomp(&re, pattern, REG_EXTENDED|REG_NOSUB) != 0) {
|
||||
return 0;
|
||||
}
|
||||
status = regexec(&re, string, (size_t)0, NULL, 0);
|
||||
- regfree(&re);
|
||||
+ regfree(&re);
|
||||
if (status != 0) {
|
||||
return 0;
|
||||
}
|
||||
@@ -334,8 +332,9 @@ static int setup_cgroups()
|
||||
char buf[BUF_SIZE];
|
||||
char *tok = NULL;
|
||||
int rc = -1;
|
||||
- const char* fname = "/etc/sysconfig/sandbox";
|
||||
-
|
||||
+ char *str = NULL;
|
||||
+ const char* fname = "/etc/sysconfig/sandbox";
|
||||
+
|
||||
if ((fp = fopen(fname, "rt")) == NULL) {
|
||||
fprintf(stderr, "Error opening sandbox config file.");
|
||||
return rc;
|
||||
@@ -343,12 +342,15 @@ static int setup_cgroups()
|
||||
while(fgets(buf, BUF_SIZE, fp) != NULL) {
|
||||
/* Skip comments */
|
||||
if (buf[0] == '#') continue;
|
||||
-
|
||||
+
|
||||
/* Copy the string, ignoring whitespace */
|
||||
int len = strlen(buf);
|
||||
- char *str = malloc((len + 1) * sizeof(char));
|
||||
-
|
||||
- int ind = 0;
|
||||
+ free(str);
|
||||
+ str = malloc((len + 1) * sizeof(char));
|
||||
+ if (!str)
|
||||
+ goto err;
|
||||
+
|
||||
+ int ind = 0;
|
||||
int i;
|
||||
for (i = 0; i < len; i++) {
|
||||
char cur = buf[i];
|
||||
@@ -358,7 +360,7 @@ static int setup_cgroups()
|
||||
}
|
||||
}
|
||||
str[ind] = '\0';
|
||||
-
|
||||
+
|
||||
tok = strtok(str, "=\n");
|
||||
if (tok != NULL) {
|
||||
if (!strcmp(tok, "CPUAFFINITY")) {
|
||||
@@ -382,7 +384,7 @@ static int setup_cgroups()
|
||||
fprintf(stderr, "Error parsing config file.");
|
||||
goto err;
|
||||
}
|
||||
-
|
||||
+
|
||||
} else if (!strcmp(tok, "CPUUSAGE")) {
|
||||
tok = strtok(NULL, "=\n");
|
||||
if (match(tok, "^[0-9]+\%")) {
|
||||
@@ -400,14 +402,14 @@ static int setup_cgroups()
|
||||
continue;
|
||||
}
|
||||
}
|
||||
-
|
||||
+
|
||||
}
|
||||
if (mem == NULL) {
|
||||
long phypz = sysconf(_SC_PHYS_PAGES);
|
||||
long psize = sysconf(_SC_PAGE_SIZE);
|
||||
memusage = phypz * psize * (float) memusage / 100.0;
|
||||
}
|
||||
-
|
||||
+
|
||||
cgroup_init();
|
||||
|
||||
int64_t current_runtime = 0;
|
||||
@@ -423,8 +425,8 @@ static int setup_cgroups()
|
||||
cgroup_get_cgroup(curr);
|
||||
cgroup_get_value_int64(cgroup_get_controller(curr, "cpu"), "cpu.rt_runtime_us", ¤t_runtime);
|
||||
cgroup_get_value_int64(cgroup_get_controller(curr, "cpu"), "cpu.rt_period_us", ¤t_period);
|
||||
- }
|
||||
-
|
||||
+ }
|
||||
+
|
||||
ret = cgroup_get_current_controller_path(getpid(), "memory", &curr_mem_path);
|
||||
if (ret) {
|
||||
sandbox_error("Error while trying to get current controller path.\n");
|
||||
@@ -432,33 +434,33 @@ static int setup_cgroups()
|
||||
struct cgroup *curr = cgroup_new_cgroup(curr_mem_path);
|
||||
cgroup_get_cgroup(curr);
|
||||
cgroup_get_value_int64(cgroup_get_controller(curr, "memory"), "memory.limit_in_bytes", ¤t_mem);
|
||||
- }
|
||||
-
|
||||
+ }
|
||||
+
|
||||
if (((float) cpupercentage) / 100.0> (float)current_runtime / (float) current_period) {
|
||||
sandbox_error("CPU usage restricted!\n");
|
||||
goto err;
|
||||
- }
|
||||
-
|
||||
- if (mem == NULL) {
|
||||
+ }
|
||||
+
|
||||
+ if (mem == NULL) {
|
||||
if (memusage > current_mem) {
|
||||
sandbox_error("Attempting to use more memory than allowed!");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
-
|
||||
+
|
||||
long nprocs = sysconf(_SC_NPROCESSORS_ONLN);
|
||||
-
|
||||
- struct sched_param sp;
|
||||
+
|
||||
+ struct sched_param sp;
|
||||
sp.sched_priority = sched_get_priority_min(SCHED_FIFO);
|
||||
sched_setscheduler(getpid(), SCHED_FIFO, &sp);
|
||||
struct cgroup *sandbox_group = cgroup_new_cgroup(cgroupname);
|
||||
cgroup_add_controller(sandbox_group, "memory");
|
||||
cgroup_add_controller(sandbox_group, "cpu");
|
||||
-
|
||||
+
|
||||
if (mem == NULL) {
|
||||
if (memusage > 0) {
|
||||
cgroup_set_value_uint64(cgroup_get_controller(sandbox_group, "memory"), "memory.limit_in_bytes", memusage);
|
||||
- }
|
||||
+ }
|
||||
} else {
|
||||
cgroup_set_value_string(cgroup_get_controller(sandbox_group, "memory"), "memory.limit_in_bytes", mem);
|
||||
}
|
||||
@@ -470,13 +472,13 @@ static int setup_cgroups()
|
||||
if (cpus != NULL) {
|
||||
cgroup_set_value_string(cgroup_get_controller(sandbox_group, "cpu"), "cgroup.procs",cpus);
|
||||
}
|
||||
-
|
||||
+
|
||||
uint64_t allocated_mem;
|
||||
if (cgroup_get_value_uint64(cgroup_get_controller(sandbox_group, "memory"), "memory.limit_in_bytes", &allocated_mem) > current_mem) {
|
||||
sandbox_error("Attempting to use more memory than allowed!\n");
|
||||
goto err;
|
||||
}
|
||||
-
|
||||
+
|
||||
rc = cgroup_create_cgroup(sandbox_group, 1);
|
||||
if (rc != 0) {
|
||||
sandbox_error("Failed to create group. Ensure that cgconfig service is running. \n");
|
||||
@@ -487,13 +489,15 @@ static int setup_cgroups()
|
||||
|
||||
rc = 0;
|
||||
err:
|
||||
+ fclose(fp);
|
||||
+ free(str);
|
||||
free(mem);
|
||||
free(cgroupname);
|
||||
free(cpus);
|
||||
return rc;
|
||||
}
|
||||
|
||||
-/*
|
||||
+/*
|
||||
If path is empy or ends with "/." or "/.. return -1 else return 0;
|
||||
*/
|
||||
static int bad_path(const char *path) {
|
||||
@@ -515,7 +519,7 @@ static int bad_path(const char *path) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
|
||||
+static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
|
||||
{
|
||||
char *buf = NULL;
|
||||
char *newbuf = NULL;
|
||||
@@ -559,7 +563,7 @@ static int rsynccmd(const char * src, co
|
||||
newbuf = NULL;
|
||||
}
|
||||
|
||||
- if (buf) {
|
||||
+ if (buf) {
|
||||
if (asprintf(&newbuf, "/usr/bin/rsync -trlHDq %s '%s'", buf, dst) == -1) {
|
||||
fprintf(stderr, "Out of memory\n");
|
||||
goto err;
|
||||
@@ -674,8 +678,12 @@ static char *create_tmpdir(const char *s
|
||||
if (verify_directory(tmpdir, NULL, out_st) < 0) {
|
||||
goto err;
|
||||
}
|
||||
- if (check_owner_uid(0, tmpdir, out_st) < 0) goto err;
|
||||
- if (check_owner_gid(getgid(), tmpdir, out_st) < 0) goto err;
|
||||
+
|
||||
+ if (check_owner_uid(0, tmpdir, out_st) < 0)
|
||||
+ goto err;
|
||||
+
|
||||
+ if (check_owner_gid(getgid(), tmpdir, out_st) < 0)
|
||||
+ goto err;
|
||||
|
||||
/* change permissions of the temporary directory */
|
||||
if ((fd_t = open(tmpdir, O_RDONLY)) < 0) {
|
||||
@@ -702,7 +710,7 @@ static char *create_tmpdir(const char *s
|
||||
|
||||
/* copy selinux context */
|
||||
if (execcon) {
|
||||
- if (fsetfilecon(fd_t, con) == -1) {
|
||||
+ if (fsetfilecon(fd_t, con) == -1) {
|
||||
fprintf(stderr, _("Failed to set context of the directory %s: %s\n"), tmpdir, strerror(errno));
|
||||
goto err;
|
||||
}
|
||||
@@ -734,12 +742,77 @@ good:
|
||||
return tmpdir;
|
||||
}
|
||||
|
||||
+#define PROC_BASE "/proc"
|
||||
+
|
||||
+static int
|
||||
+killall (security_context_t execcon)
|
||||
+{
|
||||
+ DIR *dir;
|
||||
+ security_context_t scon;
|
||||
+ struct dirent *de;
|
||||
+ pid_t *pid_table, pid, self;
|
||||
+ int i;
|
||||
+ int pids, max_pids;
|
||||
+ int running = 0;
|
||||
+ self = getpid();
|
||||
+ if (!(dir = opendir(PROC_BASE))) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+ max_pids = 256;
|
||||
+ pid_table = malloc(max_pids * sizeof (pid_t));
|
||||
+ if (!pid_table) {
|
||||
+ (void)closedir(dir);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ pids = 0;
|
||||
+ context_t con;
|
||||
+ con = context_new(execcon);
|
||||
+ const char *mcs = context_range_get(con);
|
||||
+ printf("mcs=%s\n", mcs);
|
||||
+ while ((de = readdir (dir)) != NULL) {
|
||||
+ if (!(pid = (pid_t)atoi(de->d_name)) || pid == self)
|
||||
+ continue;
|
||||
+
|
||||
+ if (pids == max_pids) {
|
||||
+ if (!(pid_table = realloc(pid_table, 2*pids*sizeof(pid_t)))) {
|
||||
+ (void)closedir(dir);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ max_pids *= 2;
|
||||
+ }
|
||||
+ pid_table[pids++] = pid;
|
||||
+ }
|
||||
+
|
||||
+ (void)closedir(dir);
|
||||
+
|
||||
+ for (i = 0; i < pids; i++) {
|
||||
+ pid_t id = pid_table[i];
|
||||
+
|
||||
+ if (getpidcon(id, &scon) == 0) {
|
||||
+
|
||||
+ context_t pidcon = context_new(scon);
|
||||
+ /* Attempt to kill remaining processes */
|
||||
+ if (strcmp(context_range_get(pidcon), mcs) == 0)
|
||||
+ kill(id, SIGKILL);
|
||||
+
|
||||
+ context_free(pidcon);
|
||||
+ freecon(scon);
|
||||
+ }
|
||||
+ running++;
|
||||
+ }
|
||||
+
|
||||
+ context_free(con);
|
||||
+ free(pid_table);
|
||||
+ return running;
|
||||
+}
|
||||
+
|
||||
int main(int argc, char **argv) {
|
||||
int status = -1;
|
||||
security_context_t execcon = NULL;
|
||||
|
||||
int clflag; /* holds codes for command line flags */
|
||||
int usecgroups = 0;
|
||||
+ int kill_all = 0;
|
||||
|
||||
char *homedir_s = NULL; /* homedir spec'd by user in argv[] */
|
||||
char *tmpdir_s = NULL; /* tmpdir spec'd by user in argv[] */
|
||||
@@ -752,18 +825,21 @@ int main(int argc, char **argv) {
|
||||
const struct option long_options[] = {
|
||||
{"homedir", 1, 0, 'h'},
|
||||
{"tmpdir", 1, 0, 't'},
|
||||
+ {"kill", 1, 0, 'k'},
|
||||
{"verbose", 1, 0, 'v'},
|
||||
{"cgroups", 1, 0, 'c'},
|
||||
{"context", 1, 0, 'Z'},
|
||||
+ {"capabilities", 1, 0, 'C'},
|
||||
{NULL, 0, 0, 0}
|
||||
};
|
||||
|
||||
uid_t uid = getuid();
|
||||
-
|
||||
+/*
|
||||
if (!uid) {
|
||||
fprintf(stderr, _("Must not be root"));
|
||||
return -1;
|
||||
}
|
||||
+*/
|
||||
|
||||
#ifdef USE_NLS
|
||||
setlocale(LC_ALL, "");
|
||||
@@ -783,7 +859,7 @@ int main(int argc, char **argv) {
|
||||
}
|
||||
|
||||
while (1) {
|
||||
- clflag = getopt_long(argc, argv, "cvh:t:Z:", long_options, NULL);
|
||||
+ clflag = getopt_long(argc, argv, "Ccvh:t:Z:", long_options, NULL);
|
||||
if (clflag == -1)
|
||||
break;
|
||||
|
||||
@@ -791,6 +867,9 @@ int main(int argc, char **argv) {
|
||||
case 't':
|
||||
tmpdir_s = optarg;
|
||||
break;
|
||||
+ case 'k':
|
||||
+ kill_all = 1;
|
||||
+ break;
|
||||
case 'h':
|
||||
homedir_s = optarg;
|
||||
break;
|
||||
@@ -800,6 +879,9 @@ int main(int argc, char **argv) {
|
||||
case 'c':
|
||||
usecgroups = 1;
|
||||
break;
|
||||
+ case 'C':
|
||||
+ cap_set = CAPNG_SELECT_CAPS;
|
||||
+ break;
|
||||
case 'Z':
|
||||
execcon = optarg;
|
||||
break;
|
||||
@@ -824,9 +906,11 @@ int main(int argc, char **argv) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- if (set_signal_handles()) return -1;
|
||||
+ if (set_signal_handles())
|
||||
+ return -1;
|
||||
|
||||
- if (usecgroups && setup_cgroups() < 0) return -1;
|
||||
+ if (usecgroups && setup_cgroups() < 0)
|
||||
+ return -1;
|
||||
|
||||
/* set fsuid to ruid */
|
||||
/* Changing fsuid is usually required when user-specified directory is
|
||||
@@ -851,7 +935,7 @@ int main(int argc, char **argv) {
|
||||
}
|
||||
|
||||
/* spawn child process */
|
||||
- int child = fork();
|
||||
+ child = fork();
|
||||
if (child == -1) {
|
||||
perror(_("Unable to fork"));
|
||||
goto err;
|
||||
@@ -859,6 +943,7 @@ int main(int argc, char **argv) {
|
||||
|
||||
if (child == 0) {
|
||||
char *display = NULL;
|
||||
+ char *LANG = NULL;
|
||||
int rc = -1;
|
||||
|
||||
if (unshare(CLONE_NEWNS) < 0) {
|
||||
@@ -866,6 +951,13 @@ int main(int argc, char **argv) {
|
||||
goto childerr;
|
||||
}
|
||||
|
||||
+ /* Remount / as SLAVE so that nothing mounted in the namespace
|
||||
+ shows up in the parent */
|
||||
+ if (mount("none", "/", NULL, MS_SLAVE | MS_REC , NULL) < 0) {
|
||||
+ perror(_("Failed to make / a SLAVE mountpoint\n"));
|
||||
+ goto childerr;
|
||||
+ }
|
||||
+
|
||||
/* assume fsuid==ruid after this point */
|
||||
setfsuid(uid);
|
||||
|
||||
@@ -884,12 +976,23 @@ int main(int argc, char **argv) {
|
||||
goto childerr;
|
||||
}
|
||||
}
|
||||
+
|
||||
+ /* construct a new environment */
|
||||
+ if ((LANG = getenv("LANG")) != NULL) {
|
||||
+ if ((LANG = strdup(LANG)) == NULL) {
|
||||
+ perror(_("Out of memory"));
|
||||
+ goto childerr;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
if ((rc = clearenv()) != 0) {
|
||||
perror(_("Failed to clear environment"));
|
||||
goto childerr;
|
||||
}
|
||||
- if (display)
|
||||
+ if (display)
|
||||
rc |= setenv("DISPLAY", display, 1);
|
||||
+ if (LANG)
|
||||
+ rc |= setenv("LANG", LANG, 1);
|
||||
rc |= setenv("HOME", pwd->pw_dir, 1);
|
||||
rc |= setenv("SHELL", pwd->pw_shell, 1);
|
||||
rc |= setenv("USER", pwd->pw_name, 1);
|
||||
@@ -899,7 +1002,7 @@ int main(int argc, char **argv) {
|
||||
fprintf(stderr, _("Failed to construct environment\n"));
|
||||
goto childerr;
|
||||
}
|
||||
-
|
||||
+
|
||||
/* selinux context */
|
||||
if (execcon && setexeccon(execcon) != 0) {
|
||||
fprintf(stderr, _("Could not set exec context to %s.\n"), execcon);
|
||||
@@ -910,13 +1013,12 @@ int main(int argc, char **argv) {
|
||||
perror(_("Failed to change dir to homedir"));
|
||||
goto childerr;
|
||||
}
|
||||
-
|
||||
setsid();
|
||||
-
|
||||
execv(argv[optind], argv + optind);
|
||||
fprintf(stderr, _("Failed to execute command %s: %s\n"), argv[optind], strerror(errno));
|
||||
childerr:
|
||||
free(display);
|
||||
+ free(LANG);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
@@ -926,10 +1028,15 @@ childerr:
|
||||
waitpid(child, &status, 0);
|
||||
status_to_retval(status, status);
|
||||
|
||||
+ /* Make sure all child processes exit */
|
||||
+ kill(-child,SIGTERM);
|
||||
+
|
||||
+ if (execcon && kill_all)
|
||||
+ killall(execcon);
|
||||
+
|
||||
if (tmpdir_r) cleanup_tmpdir(tmpdir_r, tmpdir_s, pwd, 1);
|
||||
|
||||
err:
|
||||
free(tmpdir_r);
|
||||
return status;
|
||||
}
|
||||
-
|
@ -6,8 +6,8 @@
|
||||
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.85
|
||||
Release: 12%{?dist}
|
||||
Version: 2.0.86
|
||||
Release: 7.3%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
# Based on git repository with tag 20101221
|
||||
@ -25,7 +25,8 @@ Patch: policycoreutils-rhat.patch
|
||||
Patch1: policycoreutils-po.patch
|
||||
Patch3: policycoreutils-gui.patch
|
||||
Patch4: policycoreutils-sepolgen.patch
|
||||
Obsoletes: policycoreutils < 2.0.61-2
|
||||
Patch5: policycoreutils-sandbox.patch
|
||||
Obsoletes: policycoreutils < 2.0.86-7
|
||||
|
||||
%global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
|
||||
|
||||
@ -63,6 +64,7 @@ context.
|
||||
%patch1 -p1 -b .rhatpo
|
||||
%patch3 -p1 -b .gui
|
||||
%patch4 -p1 -b .sepolgen
|
||||
%patch5 -p1 -b .sandbox
|
||||
|
||||
%build
|
||||
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE " LDFLAGS="-pie -Wl,-z,relro" all
|
||||
@ -119,6 +121,7 @@ Requires: /usr/bin/make
|
||||
Requires(pre): python >= 2.6
|
||||
Obsoletes: policycoreutils < 2.0.61-2
|
||||
Requires: setools-libs-python >= 3.3.7-6
|
||||
Requires: python-IPy
|
||||
|
||||
%description python
|
||||
The policycoreutils-python package contains the management tools use to manage an SELinux environment.
|
||||
@ -156,19 +159,19 @@ exit 0
|
||||
Summary: SELinux sandbox utilities
|
||||
Group: System Environment/Base
|
||||
Requires: policycoreutils-python = %{version}-%{release}
|
||||
Requires: xorg-x11-server-Xephyr
|
||||
Requires: xorg-x11-server-Xephyr /usr/bin/rsync /usr/bin/xmodmap
|
||||
Requires: matchbox-window-manager
|
||||
Requires(post): /sbin/chkconfig
|
||||
BuildRequires: libcap-ng-devel
|
||||
|
||||
%description sandbox
|
||||
The policycoreutils-python package contains the scripts to create graphical sandboxes
|
||||
The policycoreutils-sandbox package contains the scripts to create graphical sandboxes
|
||||
|
||||
%files sandbox
|
||||
%defattr(-,root,root,-)
|
||||
%{_datadir}/sandbox/sandboxX.sh
|
||||
%{_datadir}/sandbox/start
|
||||
%attr(0755,root,root) %caps(cap_setpcap,cap_fowner,cap_dac_override,cap_sys_admin,cap_sys_nice=pe) %{_sbindir}/seunshare
|
||||
%attr(0755,root,root) %caps(cap_setpcap,cap_setuid,cap_fowner,cap_dac_override,cap_sys_admin,cap_sys_nice=pe) %{_sbindir}/seunshare
|
||||
%{_mandir}/man8/seunshare.8*
|
||||
%{_mandir}/man5/sandbox.conf.5*
|
||||
|
||||
@ -180,6 +183,7 @@ exit 0
|
||||
if [ $1 -eq 1 ]; then
|
||||
/sbin/chkconfig sandbox --add
|
||||
fi
|
||||
|
||||
%preun sandbox
|
||||
if [ $1 -eq 0 ]; then
|
||||
/sbin/chkconfig sandbox --del
|
||||
@ -296,6 +300,7 @@ rm -rf %{buildroot}
|
||||
Summary: SELinux restorecond utilities
|
||||
Group: System Environment/Base
|
||||
Requires(post): /sbin/chkconfig
|
||||
Obsoletes: policycoreutils < 2.0.86-7
|
||||
|
||||
%description restorecond
|
||||
The policycoreutils-restorecond package contains the restorecond service.
|
||||
@ -329,6 +334,115 @@ fi
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Tue Jan 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.0.86-7.3
|
||||
- Fix the handling of namespaces in seunshare/sandbox.
|
||||
- Currently mounting of directories within sandbox is propogating to the
|
||||
- parent namesspace.
|
||||
|
||||
* Thu Jul 7 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-7.2
|
||||
- Change seunshare to send kill signals to the childs session.
|
||||
- Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
|
||||
- Add -k qualifier to seunshare to have it attempt to kill all processes with
|
||||
the matching MCS label.
|
||||
- Add -C option to sandbox and seunshare to maintain capabilities, otherwise
|
||||
the bounding set will be dropped.
|
||||
- Change --cgroups short name -c rather then -C for consistancy
|
||||
- Fix memory and fd leaks in seunshare
|
||||
|
||||
* Mon Jun 13 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-7.1
|
||||
- Do not drop capability bounding set in seunshare, this allows sandbox to
|
||||
- run setuid apps.
|
||||
- Cleanup policy generation template
|
||||
- Pass dpi settings to sandbox
|
||||
- Add .config/* to restorecond_users.conf
|
||||
|
||||
* Fri Apr 29 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-7
|
||||
- Clean up some of the templates for sepolgen
|
||||
|
||||
* Fri Apr 22 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-6
|
||||
- Apply patches from Christoph A.
|
||||
* fix sandbox title
|
||||
* stop xephyr from li
|
||||
- Also ignore errors on sandbox include of directory missing files
|
||||
|
||||
* Thu Apr 21 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-5
|
||||
- rebuild versus latest libsepol
|
||||
|
||||
* Mon Apr 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-4
|
||||
- Change fixfiles restore to delete unlabeled sockets in /tmp
|
||||
|
||||
* Mon Apr 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-2
|
||||
- rebuild versus latest libsepol
|
||||
|
||||
* Tue Apr 12 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-1
|
||||
- Update to upstream
|
||||
* Use correct color range in mcstrand by Richard Haines.
|
||||
|
||||
* Mon Apr 11 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-30
|
||||
- Add Elia Pinto patches to allow user to specify directories to ignore
|
||||
|
||||
* Tue Apr 5 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-29
|
||||
- Fix policycoreutils-sandbox description
|
||||
|
||||
* Tue Mar 29 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-28
|
||||
- rsynccmd should run outside of execcon
|
||||
|
||||
* Thu Mar 24 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-27
|
||||
- Fix semange node handling of ipv6 addresses
|
||||
|
||||
* Wed Mar 23 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-26
|
||||
- Fix sepolgen-ifgen call, add -p option
|
||||
|
||||
* Wed Mar 23 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-25
|
||||
- Fix sepolgen-ifgen call
|
||||
|
||||
* Fri Mar 18 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-24
|
||||
- Fix rsync command to work if the directory is old.
|
||||
- Fix all tests
|
||||
|
||||
* Wed Mar 16 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-23
|
||||
- Fix sepolgen to generate network polcy using generic_if and genric_node versus all_if and all_node
|
||||
|
||||
* Wed Mar 16 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-22
|
||||
- Return to original seunshare man page
|
||||
|
||||
* Fri Mar 11 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-21
|
||||
- change default location of HOMEDIR in sandbox to /tmp/.sandbox_home_*
|
||||
- This will allow default sandboxes to work on NFS homedirs without allowing
|
||||
access to homedir data
|
||||
|
||||
* Fri Mar 11 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-20
|
||||
- Change sepolgen-ifgen to search all available policy files
|
||||
- Exit in restorecond if it can not find a UID in the passwd database
|
||||
|
||||
* Wed Mar 9 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-19
|
||||
- Fix portspage in system-config-selinux to not crash
|
||||
- More fixes for seunshare from Tomas Hoger
|
||||
|
||||
* Tue Mar 8 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-18
|
||||
- put back in old handling of -T in sandbox command
|
||||
- Put back setsid in seunshare
|
||||
- Fix rsync to maintain times
|
||||
|
||||
* Tue Mar 8 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-17
|
||||
- Use rewritten seunshare from thoger
|
||||
|
||||
* Mon Mar 7 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-16
|
||||
- Require python-IPy for policycoreutils-python package
|
||||
- Fixes for sepologen
|
||||
- Usage statement needs -n name
|
||||
- Names with _ are being prevented
|
||||
- dbus apps should get _chat interface
|
||||
|
||||
* Thu Mar 3 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-15
|
||||
- Fix error message in seunshare, check for tmpdir existance before unlink.
|
||||
|
||||
* Fri Feb 25 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-13
|
||||
- Rewrite seunshare to make sure /tmp is mounted stickybit owned by root
|
||||
- Only allow names in polgengui that contain letters and numbers
|
||||
- Fix up node handling in semanage command
|
||||
- Update translations
|
||||
|
||||
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.85-12
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
|
@ -2,6 +2,7 @@
|
||||
Name=SELinux Policy Generation Tool
|
||||
Name[bn_IN]=SELinux Policy নির্মাণের সামগ্রী
|
||||
Name[ca]=Eina de generació de polítiques del SELinux
|
||||
Name[da]=Regelsætgenereringsværktøj til SELinux
|
||||
Name[de]=Tool zur Erstellung von SELinux-Richtlinien
|
||||
Name[es]=Generador de Políticas de SELinux
|
||||
Name[fi]=SELinux-käytäntöjen generointityökalu
|
||||
@ -24,12 +25,13 @@ Name[ru]=Средство создания политики SELinux
|
||||
Name[sv]=Genereringsverktyg för SELinuxpolicy
|
||||
Name[ta]=SELinux பாலிசி உற்பத்தி கருவி
|
||||
Name[te]=SELinux నిర్వహణ
|
||||
Name[uk]=Утиліта генерації політики SELinux
|
||||
Name[uk]=Утиліта генерації правил SELinux
|
||||
Name[zh_CN]=SELinux 策略生成工具
|
||||
Name[zh_TW]=SELinux 政策產生工具(SELinux Policy Generation Tool)
|
||||
Comment=Generate SELinux policy modules
|
||||
Comment[bn_IN]=SELinux নিয়মনীতির মডিউল নির্মাণ করুন
|
||||
Comment[ca]=Genera els mòduls de les polítiques de SELinux
|
||||
Comment[da]=Generér SELinux-regelsætmodul
|
||||
Comment[de]=Tool zur Erstellung von SELinux-Richtlinien
|
||||
Comment[es]=Generar módulos de política de SELinux
|
||||
Comment[fi]=Generoi SELinuxin käytäntömoduuleja
|
||||
|
2
sources
2
sources
@ -1,3 +1,3 @@
|
||||
49faa2e5f343317bcfcf34d7286f6037 sepolgen-1.0.23.tgz
|
||||
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
|
||||
92fa615448d443b22c4ad6ecf89fc974 policycoreutils-2.0.85.tgz
|
||||
13d864a8a6f8a933ef7aee7baf4a9662 policycoreutils-2.0.86.tgz
|
||||
|
@ -1,6 +1,7 @@
|
||||
[Desktop Entry]
|
||||
Name=SELinux Management
|
||||
Name[bn_IN]=SELinux পরিচালনা
|
||||
Name[da]=Håndtering af SELinux
|
||||
Name[de]=SELinux-Management
|
||||
Name[ca]=Gestió de SELinux
|
||||
Name[es]=Administración de SELinux
|
||||
@ -30,6 +31,7 @@ Name[zh_TW]=SELinux 管理
|
||||
Comment=Configure SELinux in a graphical setting
|
||||
Comment[bn_IN]=গ্রাফিক্যাল পরিবেশে SELinux কনফিগার করুন
|
||||
Comment[ca]=Configura SELinuc an mode de preferències gràfiques
|
||||
Comment[da]=Konfigurér SELinux i et grafisk miljø
|
||||
Comment[de]=SELinux in einer grafischen Einstellung konfigurieren
|
||||
Comment[es]=Defina SELinux en una configuración de interfaz gráfica
|
||||
Comment[fi]=Tee SELinuxin asetukset graafisesti
|
||||
|
Loading…
Reference in New Issue
Block a user