Commit Graph

551 Commits

Author SHA1 Message Date
Richard Haines
16a37c9f94 libselinux - correct selabel invalid context logging
When selabel_lookup found an invalid context with validation enabled, it
always stated it was 'file_contexts' whether media, x, db or file.
The fix is to store the spec file name in the selabel_lookup_rec on
selabel_open and use this as output for logs. Also a minor fix if key is
NULL to stop seg faults.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:35:05 -05:00
Dan Walsh
c4c0748091 policycoreutils: Fix Makefile to match other policycoreutils Makefiles
Include -W
Set LDLIBS consistently (include -L$(LIBDIR))
Don't explicitly call $(CC) let make do it.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:35:05 -05:00
Dan Walsh
5e46bb8647 libsemanage: Fallback_user_level can be NULL if you are not using MLS
If you build a distribution without MLS turned on, libsemanage will
crash if given a user without a level.  This patch allows users
without levels to be passed in.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:25:28 -05:00
Eric Paris
b39e8cab3c checkpolicy: add new helper to translate class sets into bitmaps
We use the exact same logic a bunch of places in policy_define.c to
translate a class set into a bitmap.  Make this into a helper function.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:25:28 -05:00
Eric Paris
915b5f885f libsemanage: add ignoredirs config for genhomedircon
For a long time /root has been treated differently in Red Hat
Distributions then upstream policy.

We do not want to label /root the same as a users homedir.  Because of
this we have carried a patch in libsemanage/genhomedircon.c to ignore
/root.

This patch adds a flag to semanage.conf, ignoredirs.  That will allow
distributions or users to specify directories that genhomedircon
should ignore when setting up users homedir labeling.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:25:28 -05:00
Dan Walsh
17fc79a5f6 policycoreutils: sandbox: Add back in . functions to sandbox.init script
In order to handle properly the display on boot the sandbox init
script has to source the functions file.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:25:28 -05:00
Eric Paris
efdcd1e981 policycoreutils: Remove excess whitespace
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:25:28 -05:00
Eric Paris
5c3211bcca sepolgen: better analysis of why things broke
combine analysys of audit2why into audit2allow, so users can see if a
boolean would solve an AVC or if it is a constrain violation.  Rather
then blindly adding allow rules to modules.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-21 12:22:05 -05:00
Eric Paris
d65c02f066 bump version and changelog 2011-12-05 16:20:45 -05:00
Eric Paris
85cfd2fe2e libselinux: use -W and -Werror in utils
Add the flags and fix the one build break.

Signed-off-by: Eric Paris <eparis@redhat.com>
2011-12-05 16:14:17 -05:00
Richard Haines
426d624723 libselinux: Add man/man5 man pages
Add service_seusers(5) - those in the ./logins directory, seusers(5),
user_contexts(5) - those in the ./contexts/users directory,
virtual_domain_context(5) and virtual_image_context(5) man pages.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-12-05 16:11:22 -05:00
Richard Haines
accf6a433f libselinux: Add man/man5 man pages
Add failsafe_context(5), local.users(5), removable_contexts(5) and
securetty_types(5) man pages.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-12-05 16:11:22 -05:00
Richard Haines
cc9e7e5865 libselinux: Add man/man5 man pages
Add booleans(5), customizable_types(5), default_contexts(5) and
default_type(5) man pages.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-12-05 16:11:22 -05:00
Richard Haines
af9608245a libselinux: Updated selabel_x(5) man page
Updated selabel_x(5) with X-Windows context configuration file format and
added x_contexts(5) man page that links to it.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:22 -05:00
Richard Haines
a566af7974 libselinux: Updated selabel_media(5) man page
Updated selabel_media(5) with media context configuration file format and
added media(5) man page that links to it.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:22 -05:00
Richard Haines
30bd4567cf libselinux: Updated selabel_db(5) man page
Updated selabel_db(5) with RDBMS context configuration file format and added sepgsql_contexts(5) man page that links to it.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:21 -05:00
Richard Haines
5f2e362d25 libselinux: Updated selabel_file(5) man page
Updated selabel_file(5) with file context configuration file format and
added file_contexts(5) man page that links to it. selabel_file(5) also
describes the .local, .homedirs, .subs and .subs_dist configuration file
formats.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:21 -05:00
Eric Paris
beb7dedf7b policycoreutils: add clean target to man Makefile
Empty clean target just so you can run make clean

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:21 -05:00
Richard Haines
6aec573f80 policycoreutils: Added SELinux config file man page.
Added new man page selinux_config(5) detailing the SELinux config file
format to new man/man5 directory plus Makefile.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:11:20 -05:00
Richard Haines
3e870d7c9b policycoreutils: sestatus: Updated sestatus and man pages.
sestatus has been modified to present additional information: SELinux root
directory, MLS flag and the deny_unknow flag. The man page has been updated
to reflect these changes and an sestatus.conf(5) man page has also been added.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Richard Haines
aed37210a3 libselinux: return EINVAL if invalid role selected
For get_default_context_with_role(3) and get_default_context_with_rolelevel(3),
return errno = EINVAL if invalid role.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Richard Haines
83161f73ea libselinux: get_default_type now sets EINVAL if no entry.
get_default_type(3) now returns with errno set to EINVAL if the entry does not
exist.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Richard Haines
d0a8d81882 libselinux: Mapped compute functions now obey deny_unknown flag
If selinux_set_mapping(3) is used to map classes, and an invalid class is used
to compute a decision (tclass = 0), the result did not obey the status of the
deny_unknown flag.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Richard Haines
98234cf543 libselinux: Remove assert in security_get_boolean_names(3)
Remove assert in security_get_boolean_names(3) if the len invalid and stop seg
fault if names is null. Set EINVAL instead and return error.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Dan Walsh
c705f0f4d8 policycoreutils: semanage: change src,dst to target,substitute for equivalency
No real code change.  Just to make it clear what a src and dst means.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Dan Walsh
b96d0fac86 policycoreutils: semanage: Make sure semanage fcontext -l -C prints even if local keys are not defined
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Dan Walsh
7e81db0eb8 libselinux: selinuxswig_python.i: don't make syscall if it won't change anything
Add a check to restorecon, to not change a context if the context on disk matches

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:38 -05:00
Eric Paris
79bcfa7286 policycoreutils: semanage: check file equivalence rules for conflict
Check for conflict on equivalence when adding a file context.
If a user adds a file context that begins with an equivalence string, we
throw an exception.

/usr/sbin/semanage: File spec /usr/lib64/dan conflicts with equivalency rule '/usr/lib64 /usr/lib'; Try adding '/usr/lib/dan' instead

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
7dd4e1eee1 policycoreutils: semanage: print local and dristo equiv rules
Print out the list of local and distribution file context equivalencies
rather than just local rules.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
a0af38a531 sepolgen: Allow ~ as a file identifier
We already allow this in policy, so allow it in sepolgen as well.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
c00affcc3e policycoreutils: sandbox: init script run twice is still successful
If sandbox init script is run multiple times to start it should still
return 0 rather than an error.  Things should still be set up.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Eric Paris
6c2ad1ce52 policycoreutils: sandbox: only complain if sandbox unable to launch
Instead of force an arbitrary 100 category requirement, only bomb if
there is a problem.  Error out if there are 0 categories or if we cannot
find a free category in a reasonable number of attempts.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
d9376680bd policycoreutils: sandbox: do not try forever to find available category set
We calculate the number of available legit category sets for a given
user and then try to find one that many times.  If we don't find one,
bail out.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
78b077cd09 policycoreutils: sandbox: make sure the domain launching sandbox has at least 100 categories
100 is very high, but at least we know the chances of finding a valid
combination is high.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
7ece124c51 policycoreutils: sandbox: Allow user to specify the DPI value for X in a sandbox
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Dan Walsh
a6065e5ab7 policycoreutils: po: Makefile use -p to preserve times to allow multilib simultatious installs of po files
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:37 -05:00
Eric Paris
cfb2a06e39 policycoreutils: sandbox: move sandbox.conf.5 to just sandbox.5
Since this file lives in /etc/sysconfig/ it does not include a .conf
extention.  Thus the man page should not include a .conf in the
filename.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:10:35 -05:00
Eric Paris
b6ccfd7c91 checkpolicy: allow ~ in filename transition rules
We found that we wanted a filename transition rule for ld.so.cache~
however ~ was not a valid character in a filename.

Fix-from: Miroslav Grepl <mgrepl@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:09:30 -05:00
Eric Paris
f00d415747 checkpolicy: test: Makefile: include -W and -Werror
Include the same error type options we build everything else with.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:09:30 -05:00
Eric Paris
58179a9988 checkpolicy: dismod: fix unused parameter errors
Either by dropping the parameter or marking it as unused depending on
what works.  We can't redefine hashtab_map callbacks as they must take all
three options, so just mark those unused.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:09:30 -05:00
Eric Paris
44d8a2fed9 checkpolicy: dis* fixed signed vs unsigned errors
A number of places we used unsigned variables and compared them against
signed variables.  This patch makes everything unsigned.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-12-05 16:09:30 -05:00
Eric Paris
14e4b70b93 Bump Version and Changelog for commit 2011-11-03 15:26:36 -04:00
Dan Walsh
077e863517 sepolgen: Return name field in avc data
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Dan Walsh
9cbd404ceb sepolgen: Ignore permissive qualifier if found in an interface
During Rawhide releases we change all "unconfined_domains" to
permissive domains in order to find new AVC messages without breaking
rawhide boxes.  The way we do this is changing the unconfined_domain
interface and putting permissive $1; in it.  sepolgen does not like
this and blows up the build.  This patch tells sepolgen to ignore the
permissive in an interface.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Dan Walsh
10fb8fdbb1 policycoreutils: restorecond: Add .local/share as a directory to watch
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Dan Walsh
b9b7bddb28 policycoreutils: setfiles: fix use before initialized
There are code paths where ret can be returned without being initialized

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Eric Paris
d4a39ca15b policycoreutils: label_file: style changes to make Eric happy.
Sometimes sticking to 80 characters sucks a lot.  I don't care.  Buy a
wider monitor so I can read the code.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Dan Walsh
24b31a9da5 policycoreutils: semodule: Document semodule -p in man page
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Eric Paris
e018eec325 policycoreutils: setfiles: close /proc/mounts file when finished
When testing for mount points to exclude we read /proc/mounts.  Close
this file when we are finished reading it.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00
Eric Paris
d5475a909a policycoreutils: make use of the new realpath_not_final function
Instead of coding the exact same thing and calling it symlink_realpath
use the function exported by libselinux.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-11-02 16:22:06 -04:00