mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-08 22:49:44 +00:00
00beeba1fc
16 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Yuli Khodorkovskiy
|
5e75b96e91 |
libsemanage: add the ability to set an alternative root path for store
Allow an alternative selinux store root path to be used. The option can be set in semanage.conf as store_root. If no option is provided, the default path for the store_root is "/var/lib/selinux". Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
||
Yuli Khodorkovskiy
|
cae4a4c951 |
libsemanage: add support for HLL to CIL compilers
An HLL to CIL compiler must exist in the compiler_directory path which is configubrable in semanage.conf. By default, this path is /usr/libexec/selinux/hll/. The compiler name needs to match the HLL language extension. For example, for pp files, /usr/libexec/selinux/hll/pp must exist. The HLL infrastructure uncompresses the HLL module and pipes the data to the appropriate CIL compiler. The output CIL from the compiler is read from another pipe, compressed, and saved to the module store as a cached CIL file. This file will be used on all subsequent policy builds, unless a new module is installed with the same name at the same priority, at which point the cache is deleted and is subsequently rebuilt and cached. A new option is added to semanage.conf, ignore_cache, which if set to true will cause the cached CIL files to be ignored and all HLL files to be recompiled and the resulting CIL to be recached. Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
||
Steve Lawrence
|
d5bcc2285f |
libsemanage: update install functions to support CIL
With CIL, the filename and language extension are no longer stored in the modules themselves like with pp files. So parse this information from the filename when given a file to install, and require the information be passed when just data. Symbolic versioning is used to maintain ABI compatability with the old install functions. API compatability is not maintained. Also, remove version from the module info struct and the semanage_module_info_{get,set}_version functions. These functions have not been part of an official release, so removing them without providing ABI/API compatability should not break anything. Because versioning is removed, semanage_module_upgrade can no longer perform the necessary checks to ensure an old module is not overriding a newer module. So, this just remove the upgrade functions from the API. Functions are added to maintain ABI compatability, which call the install functions. Also, CIL has no concept of a base module, so remove the notion of a base module, including the API functions semanage_module_base_install and related functions. To maintain ABI compatability, functions are added which call the new install functions, thus treating base modules as if they are normal modules. Signed-off-by: Steve Lawrence <slawrence@tresys.com> Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
||
Steve Lawrence
|
c35678eb6d |
libsemanage: add back support for semange_set_root using the new source policy infrastructure
Removed in commits: - Revert "libsemanage: introduce semanage_set_root and friends" - Revert "libsemanage: Alternate path for semanage.conf" - Revert "libsemanage: Use default semanage.conf as a fallback" Signed-off-by: Steve Lawrence <slawrence@tresys.com> |
||
Caleb Case
|
1875c85d5b |
libsemanage: add functions to public api
include/semanage/handle.h * Exports the handle get/set default priority functions. include/semanage/module.h * Exports the module info management functions. * Exports the get/set enabled status functions. * Exports the module key management functions. * Exports the module install, upgrade, remove info/key functions. include/semanage/semanage.h This patch includes the modifications to the map file for exporting the necessary functions. Examples: /* changing the default priority for a distro install */ semanage_set_default_priority(sh, 100); /* creating module meta data */ semanage_module_info_t *modinfo = NULL; semanage_module_info_create(sh, &modinfo); /* filling in that data */ semanage_module_info_set_priority( sh, modinfo, semanage_get_default_priority(sh)); semanage_module_info_set_name( sh, modinfo, "mymodule"); semanage_module_info_set_version( sh, modinfo, "0.1.2"); semanage_module_info_set_lang_ext( sh, modinfo, "pp"); semanage_module_info_set_enabled( sh, modinfo, -1); /* Sets enabled to default: * If the module was already enabled/disabled * then it will remain so after install. * If it wasn't, then it will be enabled. */ /* install the module */ semanage_module_install_info(sh, modinfo, data, data_len); /* cleanup modinfo */ semanage_module_info_destroy(sh, modinfo); /* create a key for retrieving a module's meta data */ semanage_module_key_t *modkey = NULL; semanage_module_key_create(sh, &modkey); /* Only set the module name, this will find the highest * priority module of that name. */ semanage_module_key_set_name(sh, modkey, "mymodule"); /* get the newly installed module */ semanage_module_get_module_info(sh, modkey, &modinfo); /* get the priority of the module found */ uint16_t priority = 0; semanage_module_info_get_priority(sh, modinfo, &priority); /* set the priority in the key to the one found */ semanage_module_key_set_priority(sh, modkey, priority); /* remove the highest priority module with the name "mymodule" */ semanage_module_remove_key(sh, modkey); /* print all the modules installed */ semanage_module_info_t *modinfos = NULL; int modinfos_len = 0; semanage_module_list_all(sh, &modinfos, &modinfos_len); char *name = NULL; int i = 0; for (i = 0; i < modinfos_len; i++) { semanage_module_info_get_priority( sh, semanage_module_list_nth(modinfos, i), &priority); semanage_module_info_get_name( sh, semanage_module_list_nth(modinfos, i), &name); printf("%d\t%s\n", priority, name); } Signed-off-by: Chad Sellers <csellers@tresys.com> |
||
Steve Lawrence
|
844810d9ac |
Revert "libsemanage: introduce semanage_set_root and friends"
This reverts commit
|
||
Steve Lawrence
|
30a2df81eb |
Revert "Last attempt at upstreaming semodule_disable patch."
This reverts commit
|
||
Guido Trentalancia
|
eb695e5a56 |
whole tree: default make target to all not install
Change the default "make" target for the libraries from "install" to "all" in the makefiles. Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com> |
||
Harry Ciao
|
e4bc1b223d |
libsepol: libsemanage: policycoreutils: Create a new preserve_tunables flag in sepol_handle_t.
By default only the effective branch of a tunable conditional would be expanded and written to raw policy, while all needless unused branches would be discarded. Add a new option '-P' or "--preserve_tunables" to the semodule program. By default it is 0, if set to 1 then the above preserve_tunables flag in the sepol_handle_t would be set to 1 accordingly. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com> |
||
Eric Paris
|
9cd587f553 |
libsemanage: introduce semanage_set_root and friends
Allow applications to specify an alternate root for selinux stores. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com> |
||
Daniel J Walsh
|
654dcb897e |
Last attempt at upstreaming semodule_disable patch.
This patch allows you to disable/Enable policy modules. It never seems to get upstreamed. :^( Signed-off-by: Joshua Brindle <method@manicmethod.com> |
||
Chad Sellers
|
bd74c23c7b |
libsemanage: Add function to turn off file contexts validation
This patch adds a function to turn off file contexts validation. We need this for cross-installs in rpm, where we install policy into a chroot that has binaries of a different architecture which cannot be executed on the build system. So, we would like to use this function to disable executing setfiles. This of course means the file contexts could be invalid, but we're willing to take that risk. Signed-off-by: Chad Sellers <csellers@tresys.com> |
||
Christopher Pardy
|
200efad4cb |
libsemanage: maintain disable dontaudit state between handle commits
Currently any changes made to the policy which require committing a handle cause dontaudit rules to be re-enabled. This is confusing, and frustrating for users who want to edit policy with dontaudit rules turned off. This patch allows semanage to remember the last state of the dontaudit rules and apply them as default whenever a handle is connected. Additionally other functions may check for the file semanage creates to determine if dontaudit rules are turned on. This knowledge can be useful for tools like SETroubleshoot which may want to change their behavior depending on the state of the dontaudit rules. In the event that a the file cannot be created a call to commit will fail. Signed-off-by: Christopher Pardy <cpardy@redhat.com> [sds: Removed duplicate from other patch and cleaned up style.] [sds: Changed uses of semanage_fname to semanage_path.] Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> |
||
Joshua Brindle
|
df77db47e5 |
Author: Daniel J Walsh
Email: dwalsh@redhat.com Subject: Now that F11 has started, I am putting in the compression support. Date: Mon, 12 Jan 2009 10:37:23 -0500 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joshua Brindle wrote: > Daniel J Walsh wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> libsemanage patch to add compression. >> >> Uses bzip compression, all pp files in active/previous stored in >> compressed state. Added new interfaces to be user by policycoreutils to >> specify file rather then memory map. >> >> Also uses link instead of copy whenever possible to save disk space. >> Seeing about a 10 fold savings on policy footprint. > > resend > > Comments inline > >> diff --exclude-from=exclude -N -u -r > nsalibsemanage/include/semanage/modules.h > libsemanage-2.0.28/include/semanage/modules.h >> --- nsalibsemanage/include/semanage/modules.h 2008-08-28 > 09:34:24.000000000 -0400 >> +++ libsemanage-2.0.28/include/semanage/modules.h 2008-10-13 > 12:35:22.000000000 -0400 >> @@ -30,10 +30,16 @@ >> >> int semanage_module_install(semanage_handle_t *, >> char *module_data, size_t data_len); >> +int semanage_module_install_file(semanage_handle_t *, >> + const char *module_name); >> int semanage_module_upgrade(semanage_handle_t *, >> char *module_data, size_t data_len); >> +int semanage_module_upgrade_file(semanage_handle_t *, >> + const char *module_name); >> int semanage_module_install_base(semanage_handle_t *, >> char *module_data, size_t data_len); >> +int semanage_module_install_base_file(semanage_handle_t *, >> + const char *module_name); >> int semanage_module_remove(semanage_handle_t *, char *module_name); >> >> /* semanage_module_info is for getting information on installed >> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/Makefile > libsemanage-2.0.28/src/Makefile >> --- nsalibsemanage/src/Makefile 2008-08-28 09:34:24.000000000 -0400 >> +++ libsemanage-2.0.28/src/Makefile 2008-10-13 12:35:22.000000000 -0400 >> @@ -54,7 +54,7 @@ >> ranlib $@ >> >> $(LIBSO): $(LOBJS) >> - $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr > -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs >> + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lbz2 > -lustr -L$(LIBDIR) > -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs >> ln -sf $@ $(TARGET) >> >> conf-scan.c: conf-scan.l conf-parse.h >> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c > libsemanage-2.0.28/src/direct_api.c >> --- nsalibsemanage/src/direct_api.c 2008-09-15 12:20:44.000000000 -0400 >> +++ libsemanage-2.0.28/src/direct_api.c 2008-10-13 16:36:51.000000000 > -0400 >> @@ -50,6 +50,7 @@ >> #include "semanage_store.h" >> #include "database_policydb.h" >> #include "policy.h" >> +#include <sys/mman.h> >> >> static void semanage_direct_destroy(semanage_handle_t * sh); >> static int semanage_direct_disconnect(semanage_handle_t * sh); >> @@ -57,10 +58,13 @@ >> static int semanage_direct_commit(semanage_handle_t * sh); >> static int semanage_direct_install(semanage_handle_t * sh, char *data, >> size_t data_len); >> +static int semanage_direct_install_file(semanage_handle_t * sh, const > char *module_name); >> static int semanage_direct_upgrade(semanage_handle_t * sh, char *data, >> size_t data_len); >> +static int semanage_direct_upgrade_file(semanage_handle_t * sh, const > char *module_name); >> static int semanage_direct_install_base(semanage_handle_t * sh, char > *base_data, >> size_t data_len); >> +static int semanage_direct_install_base_file(semanage_handle_t * sh, > const char *module_name); >> static int semanage_direct_remove(semanage_handle_t * sh, char > *module_name); >> static int semanage_direct_list(semanage_handle_t * sh, >> semanage_module_info_t ** modinfo, >> @@ -73,8 +77,11 @@ >> .begin_trans = semanage_direct_begintrans, >> .commit = semanage_direct_commit, >> .install = semanage_direct_install, >> + .install_file = semanage_direct_install_file, >> .upgrade = semanage_direct_upgrade, >> + .upgrade_file = semanage_direct_upgrade_file, >> .install_base = semanage_direct_install_base, >> + .install_base_file = semanage_direct_install_base_file, >> .remove = semanage_direct_remove, >> .list = semanage_direct_list >> }; >> @@ -378,12 +385,157 @@ >> return 0; >> } >> >> +#include <stdlib.h> >> +#include <bzlib.h> >> +#include <string.h> >> +#include <sys/sendfile.h> >> + >> +/* bzip() a file to '*data', returning the total number of > uncompressed bytes >> + * in the file. Returns 0 if file could not be decompressed. */ > > Why 0? Can we make this -1? > Fixed >> +static size_t bzip(const char *filename, char *data, size_t num_bytes) { >> + BZFILE* b; >> + size_t size = 1<<16; >> + int bzerror; >> + size_t total = 0; >> + size_t len = 0; >> + FILE *f; >> + >> + if ((f = fopen(filename, "wb")) == NULL) { >> + return 0; >> + } >> + >> + b = BZ2_bzWriteOpen( &bzerror, f, 9, 0, 0); >> + if (bzerror != BZ_OK) { >> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); >> + return 0; >> + } >> + >> + while ( num_bytes > total ) { >> + if (num_bytes - total > size) { >> + len = size; >> + } else { >> + len = num_bytes - total; >> + } >> + BZ2_bzWrite ( &bzerror, b, &data[total], len ); >> + if (bzerror == BZ_IO_ERROR) { >> + BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); >> + return 0; >> + } >> + total += len; >> + } >> + >> + BZ2_bzWriteClose ( &bzerror, b, 0, 0, 0 ); >> + fclose(f); >> + if (bzerror == BZ_IO_ERROR) { >> + return 0; >> + } >> + return total; >> +} >> + >> +/* bunzip() a file to '*data', returning the total number of > uncompressed bytes >> + * in the file. Returns 0 if file could not be decompressed. */ > > Same as above. > Fixed >> +size_t bunzip(FILE *f, char **data) { >> + BZFILE* b; >> + size_t nBuf; >> + char buf[1<<18]; >> + size_t size = sizeof(buf); >> + int bzerror; >> + size_t total=0; >> + >> + b = BZ2_bzReadOpen ( &bzerror, f, 0, 0, NULL, 0 ); >> + if ( bzerror != BZ_OK ) { >> + BZ2_bzReadClose ( &bzerror, b ); >> + return 0; >> + } >> + >> + char *uncompress = realloc(NULL, size); >> + >> + while ( bzerror == BZ_OK) { >> + nBuf = BZ2_bzRead ( &bzerror, b, buf, sizeof(buf)); >> + if (( bzerror == BZ_OK ) || ( bzerror == BZ_STREAM_END )) { >> + if (total + nBuf > size) { >> + size *= 2; >> + uncompress = realloc(uncompress, size); >> + } >> + memcpy(&uncompress[total], buf, nBuf); >> + total += nBuf; >> + } >> + } >> + if ( bzerror != BZ_STREAM_END ) { >> + BZ2_bzReadClose ( &bzerror, b ); >> + free(uncompress); >> + return 0; >> + } >> + BZ2_bzReadClose ( &bzerror, b ); >> + >> + *data = uncompress; >> + return total; >> +} >> + >> +/* mmap() a file to '*data', >> + * If the file is bzip compressed map_file will uncompress >> + * the file into '*data'. >> + * Returns the total number of bytes in memory . >> + * Returns 0 if file could not be opened or mapped. */ > > Same as above > Fixed >> +static size_t map_file(int fd, char **data, int *compressed) >> +{ >> + int size; >> + char *uncompress; >> + if ((size = bunzip(fdopen(fd, "r"), &uncompress)) > 0) { >> + *data = mmap(0, size, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_ANONYMOUS, 0, 0); >> + if (*data == MAP_FAILED) { >> + free(uncompress); >> + return 0; >> + } else { >> + memcpy(*data, uncompress, size); >> + } >> + free(uncompress); >> + *compressed = 1; >> + } else { >> + struct stat sb; >> + if (fstat(fd, &sb) == -1 || >> + (*data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == >> + MAP_FAILED) { >> + size = 0; >> + } else { >> + size = sb.st_size; >> + } >> + *compressed = 0; >> + } >> + >> + return size; >> +} >> + >> +static int dupfile( const char *dest, int src_fd) { >> + int dest_fd = -1; >> + int retval = 0; >> + int cnt; >> + char buf[1<<18]; >> + >> + if (lseek(src_fd, 0, SEEK_SET) == -1 ) return -1; >> + >> + if ((dest_fd = open(dest, O_WRONLY | O_CREAT | O_TRUNC, >> + S_IRUSR | S_IWUSR)) == -1) { >> + return -1; >> + } >> + >> + while (( retval == 0 ) && >> + ( cnt = read(src_fd, buf, sizeof(buf)))> 0 ) { >> + if (write(dest_fd, buf, cnt) < cnt) retval = -1; >> + } >> + close(dest_fd); >> + return retval; >> +} >> + >> /* Writes a block of data to a file. Returns 0 on success, -1 on >> * error. */ >> static int write_file(semanage_handle_t * sh, >> const char *filename, char *data, size_t num_bytes) >> { >> int out; >> + >> + /* Unlink no matter what, incase this file is a hard link, ignore > error */ >> + unlink(filename); >> if ((out = >> open(filename, O_WRONLY | O_CREAT | O_TRUNC, >> S_IRUSR | S_IWUSR)) == -1) { >> @@ -499,7 +651,7 @@ >> sepol_policydb_t *out = NULL; >> >> /* Declare some variables */ >> - int modified, fcontexts_modified, ports_modified, >> + int modified = 0, fcontexts_modified, ports_modified, >> seusers_modified, users_extra_modified; >> dbase_config_t *users = semanage_user_dbase_local(sh); >> dbase_config_t *users_base = semanage_user_base_dbase_local(sh); >> @@ -815,7 +967,9 @@ >> &filename)) != 0) { >> goto cleanup; >> } >> - if (write_file(sh, filename, data, data_len) == -1) { >> + >> + if (bzip(filename, data, data_len) == 0) { >> + ERR(sh, "Error while writing to %s.", filename); >> retval = -3; >> } >> retval = 0; > retval = -3 gets smashed immediately afterward > >> @@ -826,19 +980,60 @@ >> return retval; >> } >> >> -/* Similar to semanage_direct_install(), except that it checks that >> - * there already exists a module with the same name and that the >> - * module is an older version then the one in 'data'. Returns 0 on >> - * success, -1 if out of memory, -2 if the data does not represent a >> - * valid module file, -3 if error while writing file or reading >> - * modules directory, -4 if there does not exist an older module or if >> - * the previous module is same or newer than 'data'. >> - */ >> -static int semanage_direct_upgrade(semanage_handle_t * sh, >> - char *data, size_t data_len) >> +/* Attempts to link a module to the sandbox's module directory, > unlinking any >> + * previous module stored within. Returns 0 on success, -1 if out of > memory, -2 if the >> + * data does not represent a valid module file, -3 if error while >> + * writing file. */ >> + >> +static int semanage_direct_install_file(semanage_handle_t * sh, >> + const char *install_filename) >> { >> + >> + int retval = -1; >> + char *data = NULL; >> + size_t data_len = 0; >> + int compressed = 0; >> + int in_fd = -1; >> + >> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) { >> + return 0; > > returning 0 on failure here > Fixed >> + } >> + >> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { >> + goto cleanup; >> + } >> + >> + if (compressed) { >> + char *module_name = NULL, *version = NULL, *filename = NULL; >> + if ((retval = parse_module_headers(sh, data, data_len, >> + &module_name, &version, >> + &filename)) != 0) { >> + goto cleanup; > > Probably need to free module_name, version, filename here > Why these are cleaned up in cleanup and if it gets an error it should not have allocated memory? >> + } >> + >> + if (data_len > 0) munmap(data, data_len); >> + data_len = 0; >> + retval = dupfile(filename, in_fd); >> + free(version); >> + free(filename); >> + free(module_name); >> + >> + } else { >> + retval = semanage_direct_install(sh, data, data_len); >> + } >> + >> + cleanup: >> + close(in_fd); >> + if (data_len > 0) munmap(data, data_len); >> + >> + return retval; >> +} >> + >> + >> +static int get_direct_upgrade_filename(semanage_handle_t * sh, >> + char *data, size_t data_len, char **outfilename) { >> int i, retval, num_modules = 0; >> - char *module_name = NULL, *version = NULL, *filename = NULL; >> + char *filename = NULL, *module_name = NULL, *version = NULL; > > ? Removed > >> semanage_module_info_t *modinfo = NULL; >> if ((retval = parse_module_headers(sh, data, data_len, >> &module_name, &version, >> @@ -868,14 +1063,10 @@ >> if (retval == -4) { >> ERR(sh, "There does not already exist a module named %s.", >> module_name); >> - goto cleanup; >> - } >> - if (write_file(sh, filename, data, data_len) == -1) { >> - retval = -3; >> } >> + >> cleanup: >> free(version); >> - free(filename); >> free(module_name); >> for (i = 0; modinfo != NULL && i < num_modules; i++) { >> semanage_module_info_t *m = >> @@ -883,6 +1074,80 @@ >> semanage_module_info_datum_destroy(m); >> } >> free(modinfo); >> + if (retval == 0) { >> + *outfilename = filename; >> + } else { >> + free(filename); >> + } >> + return retval; >> +} >> + >> +/* Similar to semanage_direct_install(), except that it checks that >> + * there already exists a module with the same name and that the >> + * module is an older version then the one in 'data'. Returns 0 on >> + * success, -1 if out of memory, -2 if the data does not represent a >> + * valid module file, -3 if error while writing file or reading >> + * modules directory, -4 if there does not exist an older module or if >> + * the previous module is same or newer than 'data'. >> + */ >> +static int semanage_direct_upgrade(semanage_handle_t * sh, >> + char *data, size_t data_len) >> +{ >> + char *filename = NULL; >> + int retval = get_direct_upgrade_filename(sh, >> + data, data_len, >> + &filename); >> + if (retval == 0) { >> + if (bzip(filename, data, data_len) == 0) { >> + ERR(sh, "Error while writing to %s.", filename); >> + retval = -3; >> + } >> + free(filename); >> + } >> + return retval; >> +} >> + >> +/* Attempts to link a module to the sandbox's module directory, > unlinking any >> + * previous module stored within. >> + * Returns 0 on success, -1 if out of memory, -2 if the >> + * data does not represent a valid module file, -3 if error while >> + * writing file. */ >> + >> +static int semanage_direct_upgrade_file(semanage_handle_t * sh, >> + const char *module_filename) >> +{ >> + int retval = -1; >> + char *data = NULL; >> + size_t data_len = 0; >> + int compressed = 0; >> + int in_fd = -1; >> + >> + if ((in_fd = open(module_filename, O_RDONLY)) == -1) { >> + return 0; > > returning 0 on failure > Fixed >> + } >> + >> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { >> + goto cleanup; >> + } >> + >> + if (compressed) { >> + char *filename = NULL; >> + retval = get_direct_upgrade_filename(sh, >> + data, data_len, >> + &filename); >> + >> + if (retval != 0) goto cleanup; >> + >> + retval = dupfile(filename, in_fd); >> + free(filename); >> + } else { >> + retval = semanage_direct_upgrade(sh, data, data_len); >> + } >> + >> + cleanup: >> + close(in_fd); >> + if (data_len > 0) munmap(data, data_len); >> + >> return retval; >> } >> >> @@ -903,7 +1168,8 @@ >> if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) { >> goto cleanup; >> } >> - if (write_file(sh, filename, base_data, data_len) == -1) { >> + if (bzip(filename, base_data, data_len) == 0) { >> + ERR(sh, "Error while writing to %s.", filename); >> retval = -3; >> } >> retval = 0; > > retval gets smashed > Fixed, this was an existing bug, BTW >> @@ -911,6 +1177,49 @@ >> return retval; >> } >> >> +/* Writes a base module into a sandbox, overwriting any previous base >> + * module. >> + * Returns 0 on success, -1 if out of memory, -2 if the data does not > represent >> + * a valid base module file, -3 if error while writing file. >> + */ >> +static int semanage_direct_install_base_file(semanage_handle_t * sh, >> + const char *install_filename) >> +{ >> + int retval = -1; >> + char *data = NULL; >> + size_t data_len = 0; >> + int compressed = 0; >> + int in_fd; >> + >> + if ((in_fd = open(install_filename, O_RDONLY)) == -1) { >> + return 0; > > returning 0 on failure > Fixed >> + } >> + >> + if ((data_len = map_file(in_fd, &data, &compressed)) == 0) { >> + goto cleanup; >> + } >> + >> + if (compressed) { >> + const char *filename = NULL; >> + if ((retval = parse_base_headers(sh, data, data_len)) != 0) { >> + goto cleanup; >> + } >> + if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) { >> + goto cleanup; >> + } >> + >> + retval = dupfile(filename, in_fd); >> + } else { >> + retval = semanage_direct_install_base(sh, data, data_len); >> + } >> + >> + cleanup: >> + close(in_fd); >> + if (data_len > 0) munmap(data, data_len); >> + >> + return retval; >> +} >> + >> /* Removes a module from the sandbox. Returns 0 on success, -1 if out >> * of memory, -2 if module not found or could not be removed. */ >> static int semanage_direct_remove(semanage_handle_t * sh, char > *module_name) >> @@ -1005,15 +1314,26 @@ >> * report it */ >> continue; >> } >> + size_t size; >> + char *data = NULL; >> + >> + if ((size = bunzip(fp, &data)) != 0) { >> + fclose(fp); >> + fp = fmemopen(data, size, "rb"); > > unhandled error from fclose and fmemopen > Fixed fmemopen failure, we don't check fclose failure anywhere in the code. >> + } >> + rewind(fp); >> + >> __fsetlocking(fp, FSETLOCKING_BYCALLER); >> sepol_policy_file_set_fp(pf, fp); >> if (sepol_module_package_info(pf, &type, &name, &version)) { >> fclose(fp); >> + free(data); >> free(name); >> free(version); >> continue; >> } >> fclose(fp); >> + free(data); >> if (type == SEPOL_POLICY_MOD) { >> (*modinfo)[*num_modules].name = name; >> (*modinfo)[*num_modules].version = version; >> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.h > libsemanage-2.0.28/src/direct_api.h >> --- nsalibsemanage/src/direct_api.h 2008-08-28 09:34:24.000000000 -0400 >> +++ libsemanage-2.0.28/src/direct_api.h 2008-10-13 12:35:22.000000000 > -0400 >> @@ -37,4 +37,7 @@ >> >> int semanage_direct_access_check(struct semanage_handle *sh); >> >> +#include <stdio.h> >> +size_t bunzip(FILE *f, char **data); >> + >> #endif >> diff --exclude-from=exclude -N -u -r > nsalibsemanage/src/libsemanage.map libsemanage-2.0.28/src/libsemanage.map >> --- nsalibsemanage/src/libsemanage.map 2008-08-28 09:34:24.000000000 > -0400 >> +++ libsemanage-2.0.28/src/libsemanage.map 2008-10-13 > 12:35:22.000000000 -0400 >> @@ -3,8 +3,10 @@ >> semanage_is_managed; semanage_connect; semanage_disconnect; >> semanage_msg_*; >> semanage_begin_transaction; semanage_commit; >> - semanage_module_install; semanage_module_upgrade; >> - semanage_module_install_base; semanage_module_remove; >> + semanage_module_install; semanage_module_install_file; >> + semanage_module_upgrade; semanage_module_upgrade_file; >> + semanage_module_install_base; semanage_module_install_base_file; >> + semanage_module_remove; >> semanage_module_list; semanage_module_info_datum_destroy; >> semanage_module_list_nth; semanage_module_get_name; >> semanage_module_get_version; semanage_select_store; >> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c > libsemanage-2.0.28/src/modules.c >> --- nsalibsemanage/src/modules.c 2008-08-28 09:34:24.000000000 -0400 >> +++ libsemanage-2.0.28/src/modules.c 2008-10-13 12:35:22.000000000 -0400 >> @@ -52,6 +52,25 @@ >> return sh->funcs->install(sh, module_data, data_len); >> } >> >> +int semanage_module_install_file(semanage_handle_t * sh, >> + const char *module_name) { >> + >> + if (sh->funcs->install_file == NULL) { >> + ERR(sh, >> + "No install function defined for this connection type."); >> + return -1; >> + } else if (!sh->is_connected) { >> + ERR(sh, "Not connected."); >> + return -1; >> + } else if (!sh->is_in_transaction) { >> + if (semanage_begin_transaction(sh) < 0) { >> + return -1; >> + } >> + } >> + sh->modules_modified = 1; >> + return sh->funcs->install_file(sh, module_name); >> +} >> + >> int semanage_module_upgrade(semanage_handle_t * sh, >> char *module_data, size_t data_len) >> { >> @@ -71,6 +90,25 @@ >> return sh->funcs->upgrade(sh, module_data, data_len); >> } >> >> +int semanage_module_upgrade_file(semanage_handle_t * sh, >> + const char *module_name) { >> + >> + if (sh->funcs->upgrade_file == NULL) { >> + ERR(sh, >> + "No upgrade function defined for this connection type."); >> + return -1; >> + } else if (!sh->is_connected) { >> + ERR(sh, "Not connected."); >> + return -1; >> + } else if (!sh->is_in_transaction) { >> + if (semanage_begin_transaction(sh) < 0) { >> + return -1; >> + } >> + } >> + sh->modules_modified = 1; >> + return sh->funcs->upgrade_file(sh, module_name); >> +} >> + >> int semanage_module_install_base(semanage_handle_t * sh, >> char *module_data, size_t data_len) >> { >> @@ -90,6 +128,25 @@ >> return sh->funcs->install_base(sh, module_data, data_len); >> } >> >> +int semanage_module_install_base_file(semanage_handle_t * sh, >> + const char *module_name) { >> + >> + if (sh->funcs->install_base_file == NULL) { >> + ERR(sh, >> + "No install base function defined for this connection type."); >> + return -1; >> + } else if (!sh->is_connected) { >> + ERR(sh, "Not connected."); >> + return -1; >> + } else if (!sh->is_in_transaction) { >> + if (semanage_begin_transaction(sh) < 0) { >> + return -1; >> + } >> + } >> + sh->modules_modified = 1; >> + return sh->funcs->install_base_file(sh, module_name); >> +} >> + >> int semanage_module_remove(semanage_handle_t * sh, char *module_name) >> { >> if (sh->funcs->remove == NULL) { >> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h > libsemanage-2.0.28/src/policy.h >> --- nsalibsemanage/src/policy.h 2008-08-28 09:34:24.000000000 -0400 >> +++ libsemanage-2.0.28/src/policy.h 2008-10-13 12:35:22.000000000 -0400 >> @@ -49,8 +49,14 @@ >> /* Install a policy module */ >> int (*install) (struct semanage_handle *, char *, size_t); >> >> + /* Install a policy module */ >> + int (*install_file) (struct semanage_handle *, const char *); >> + >> /* Upgrade a policy module */ >> int (*upgrade) (struct semanage_handle *, char *, size_t); >> + >> + /* Upgrade a policy module */ >> + int (*upgrade_file) (struct semanage_handle *, const char *); >> >> /* Remove a policy module */ >> int (*remove) (struct semanage_handle *, char *); >> @@ -61,6 +67,9 @@ >> >> /* Install base policy */ >> int (*install_base) (struct semanage_handle *, char *, size_t); >> + >> + /* Install a base module */ >> + int (*install_base_file) (struct semanage_handle *, const char *); >> }; >> >> /* Should be backend independent */ >> diff --exclude-from=exclude -N -u -r > nsalibsemanage/src/semanage_store.c libsemanage-2.0.28/src/semanage_store.c >> --- nsalibsemanage/src/semanage_store.c 2008-09-15 12:20:44.000000000 > -0400 >> +++ libsemanage-2.0.28/src/semanage_store.c 2008-10-13 > 12:57:29.000000000 -0400 >> @@ -440,6 +440,8 @@ >> char tmp[PATH_MAX]; >> char buf[4192]; >> >> + if (link(src,dst) == 0) return 0; >> + >> n = snprintf(tmp, PATH_MAX, "%s.tmp", dst); >> if (n < 0 || n >= PATH_MAX) >> return -1; >> @@ -1522,16 +1524,26 @@ >> ERR(sh, "Could not open module file %s for reading.", filename); >> goto cleanup; >> } >> + size_t size; >> + char *data = NULL; >> + >> + if ((size = bunzip(fp, &data)) != 0) { >> + fclose(fp); >> + fp = fmemopen(data, size, "rb"); >> + } > > unhandled error from fclose and fmemopen > Fixed as above > >> + rewind(fp); >> __fsetlocking(fp, FSETLOCKING_BYCALLER); >> sepol_policy_file_set_fp(pf, fp); >> sepol_policy_file_set_handle(pf, sh->sepolh); >> if (sepol_module_package_read(*package, pf, 0) == -1) { >> ERR(sh, "Error while reading from module file %s.", filename); >> fclose(fp); >> + free(data); >> goto cleanup; >> } >> sepol_policy_file_free(pf); >> fclose(fp); >> + free(data); >> return retval; >> >> cleanup: > > |
||
Stephen Smalley
|
0a515c4610 |
libsemanage: Add semanage_mls_enabled interface
Add a semanage_mls_enabled() interface to libsemanage so that semanage/seobject can be rewritten to use it to test whether MLS is enabled for a given policy store rather than checking the runtime MLS enabled status, which can be misleading when using semanage on a SELinux-disabled host or when using semanage on a store other than the active one. Sample usage: from semanage import * handle = semanage_handle_create() rc = semanage_connect(handle) rc = semanage_mls_enabled(handle) Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> |
||
Joshua Brindle
|
13cd4c8960 | initial import from svn trunk revision 2950 |