- (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux

is enabled set the security context to "sftpd_t" before running the
   internal sftp server   Based on a patch from jchadima at redhat.

ChangeLog

@@ -28,6 +28,9 @@
      [ssh-keygen.1]
      ssh-keygen now uses AES-128 for private keys
  - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
+ - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
+   is enabled set the security context to "sftpd_t" before running the
+   internal sftp server   Based on a patch from jchadima at redhat.
 
 20091011
  - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for

openbsd-compat/port-linux.c

@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.5 2008/03/26 20:27:21 dtucker Exp $ */
+/* $Id: port-linux.c,v 1.6 2009/10/24 04:04:13 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -29,6 +29,7 @@
 
 #ifdef WITH_SELINUX
 #include "log.h"
+#include "xmalloc.h"
 #include "port-linux.h"
 
 #include <selinux/selinux.h>
@@ -168,4 +169,38 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
 		freecon(user_ctx);
 	debug3("%s: done", __func__);
 }
+
+void
+ssh_selinux_change_context(const char *newname)
+{
+	int len, newlen;
+	char *oldctx, *newctx, *cx;
+
+	if (!ssh_selinux_enabled())
+		return;
+
+	if (getcon((security_context_t *)&oldctx) < 0) {
+		logit("%s: getcon failed with %s", __func__, strerror (errno));
+		return;
+	}
+	if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
+	    NULL) {
+		logit ("%s: unparseable context %s", __func__, oldctx);
+		return;
+	}
+
+	newlen = strlen(oldctx) + strlen(newname) + 1;
+	newctx = xmalloc(newlen);
+	len = cx - oldctx + 1;
+	memcpy(newctx, oldctx, len);
+	strlcpy(newctx + len, newname, newlen - len);
+	if ((cx = index(cx + 1, ':')))
+		strlcat(newctx, cx, newlen);
+	debug3("%s: setting context from '%s' to '%s'", __func__, oldctx,
+	    newctx);
+	if (setcon(newctx) < 0)
+		logit("%s: setcon failed with %s", __func__, strerror (errno));
+	xfree(oldctx);
+	xfree(newctx);
+}
 #endif /* WITH_SELINUX */

openbsd-compat/port-linux.h

@@ -1,4 +1,4 @@
-/* $Id: port-linux.h,v 1.2 2008/03/26 20:27:21 dtucker Exp $ */
+/* $Id: port-linux.h,v 1.3 2009/10/24 04:04:13 dtucker Exp $ */
 
 /*
  * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
@@ -23,6 +23,7 @@
 int ssh_selinux_enabled(void);
 void ssh_selinux_setup_pty(char *, const char *);
 void ssh_selinux_setup_exec_context(char *);
+void ssh_selinux_change_context(const char *);
 #endif
 
 #endif /* ! _PORT_LINUX_H */

session.c

@@ -1796,6 +1796,9 @@ do_child(Session *s, const char *command)
 		argv[i] = NULL;
 		optind = optreset = 1;
 		__progname = argv[0];
+#ifdef WITH_SELINUX
+		ssh_selinux_change_context("sftpd_t");
+#endif
 		exit(sftp_server_main(i, argv, s->pw));
 	}