Commit Graph

5 Commits

Author SHA1 Message Date
Nicolas Iooss
c672254329 restorecond: invalidate local_lock_fd properly when closing it
If flock(local_lock_fd,...) fails, in function local_server(), the file
descriptor to the lock file is closed but local_lock_fd is not reset to
-1. This leads to server() calling end_local_server(), which closes the
file descriptor again.

Fix this double-close issue by setting local_lock_fd to -1 after closing
it.

This issue was found by using Facebook's Infer static analyzer.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-03-03 15:53:32 +01:00
Nicolas Iooss
3c80aa6ac9
restorecond/user: handle SIGTERM properly
When restorecond starts, it installs a SIGTERM handler in order to exit
cleanly (by removing its PID file). When restorecond --user starts,
there is no PID file, and g_main_loop_run() does not stop when master_fd
is closed. This leads to an unkillable service, which is an issue.

Fix this by overriding the handler for SIGTERM in restorecond --user.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2020-04-26 15:14:07 +02:00
Nicolas Iooss
252925ccdf
restorecond: migrate to GDbus API provided by glib-gio
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955940 states:

    dbus-glib is a deprecated D-Bus library with some significant design
    flaws, and is essentially unmaintained.

restorecond uses dbus-glib in order to spawn as a D-Bus service on the
session bus of users. This makes restorecond stays so long as the user
session exists.

Migrate from dbus-glib to GDbus API for the implementation of this
feature.

Moreover restorecond currently uses a D-Bus signal to trigger starting
the service. This is quite inappropriate, as stated for example in
https://dbus.freedesktop.org/doc/dbus-tutorial.html#members

    Methods are operations that can be invoked on an object, with
    optional input (aka arguments or "in parameters") and output (aka
    return values or "out parameters"). Signals are broadcasts from the
    object to any interested observers of the object; signals may
    contain a data payload.

Implementing a method is more appropriate. It appears that all D-Bus
users can implement method Ping from interface org.freedesktop.DBus.Peer
(https://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-peer)
and that calling this method is enough to trigger the launch of the
service. This can be tested in a shell by running:

    gdbus call --session --dest=org.selinux.Restorecond \
        --object-path=/ --method=org.freedesktop.DBus.Peer.Ping

As this method is automatically provided, there is no need to implement
its handling in the service.

Fixed: https://github.com/SELinuxProject/selinux/issues/217

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2020-04-26 15:14:03 +02:00
Nicolas Iooss
b550c0e202
Fix many misspellings
Use codespell (https://github.com/codespell-project/codespell) in order
to find many common misspellings that are present in English texts.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-18 22:47:35 +02:00
Stephen Smalley
00be13634a Move policycoreutils/restorecond to restorecond.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-11-16 11:19:50 -05:00