diff options
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | lib/compat/Makefile.am | 5 | ||||
| -rw-r--r-- | lib/compat/compat.h | 4 | ||||
| -rw-r--r-- | lib/compat/selinux.c | 81 | ||||
| -rw-r--r-- | m4/dpkg-libs.m4 | 2 | ||||
| -rw-r--r-- | src/script.c | 48 |
6 files changed, 94 insertions, 47 deletions
diff --git a/debian/changelog b/debian/changelog index d503006e4..8ed61fd68 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,7 @@ dpkg (1.17.11) UNRELEASED; urgency=low * Changes to libcompat: - Make the library testable. - Do not run qsort() over the scandir() list if it is NULL. + - Add a setexecfilecon() compatibility function out from dpkg code. * Use SELinux setexecfilecon() if available in dpkg instead of ad-hoc code. [ Updated programs translations ] diff --git a/lib/compat/Makefile.am b/lib/compat/Makefile.am index 975f86357..72c50b23b 100644 --- a/lib/compat/Makefile.am +++ b/lib/compat/Makefile.am @@ -10,6 +10,7 @@ noinst_LTLIBRARIES = libcompat-test.la libcompat.la libcompat_test_la_CPPFLAGS = $(AM_CPPFLAGS) -DTEST_LIBCOMPAT=1 libcompat_test_la_SOURCES = \ compat.h \ + selinux.c \ strnlen.c \ strndup.c \ strerror.c \ @@ -56,6 +57,10 @@ if !HAVE_STRSIGNAL libcompat_la_SOURCES += strsignal.c endif +if !HAVE_SETEXECFILECON +libcompat_la_SOURCES += selinux.c +endif + if !HAVE_C99_SNPRINTF libcompat_la_SOURCES += snprintf.c vsnprintf.c endif diff --git a/lib/compat/compat.h b/lib/compat/compat.h index 52379ec8e..643aa3c17 100644 --- a/lib/compat/compat.h +++ b/lib/compat/compat.h @@ -170,6 +170,10 @@ int alphasort(const void *a, const void *b); int unsetenv(const char *x); #endif +#if TEST_LIBCOMPAT || !defined(HAVE_SETEXECFILECON) +int setexecfilecon(const char *filename, const char *fallback_type); +#endif + #ifdef __cplusplus } #endif diff --git a/lib/compat/selinux.c b/lib/compat/selinux.c new file mode 100644 index 000000000..087317527 --- /dev/null +++ b/lib/compat/selinux.c @@ -0,0 +1,81 @@ +/* + * libcompat - system compatibility library + * + * Based on code from libselinux, Public Domain. + * Copyright © 2014 Guillem Jover <guillem@debian.org> + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +#include <config.h> + +#include <string.h> +#include <stdlib.h> + +#include <selinux/selinux.h> +#include <selinux/flask.h> +#include <selinux/context.h> + +#include "compat.h" + +int +setexecfilecon(const char *filename, const char *fallback) +{ + int rc; + + security_context_t curcon = NULL, newcon = NULL, filecon = NULL; + context_t tmpcon = NULL; + + if (is_selinux_enabled() < 1) + return 0; + + rc = getcon(&curcon); + if (rc < 0) + goto out; + + rc = getfilecon(filename, &filecon); + if (rc < 0) + goto out; + + rc = security_compute_create(curcon, filecon, SECCLASS_PROCESS, &newcon); + if (rc < 0) + goto out; + + if (strcmp(curcon, newcon) == 0) { + /* No default transition, use fallback for now. */ + rc = -1; + tmpcon = context_new(curcon); + if (tmpcon == NULL) + goto out; + if (context_type_set(tmpcon, fallback)) + goto out; + freecon(newcon); + newcon = strdup(context_str(tmpcon)); + if (newcon == NULL) + goto out; + } + + rc = setexeccon(newcon); + +out: + if (rc < 0 && security_getenforce() == 0) + rc = 0; + + context_free(tmpcon); + freecon(newcon); + freecon(curcon); + freecon(filecon); + + return rc; +} diff --git a/m4/dpkg-libs.m4 b/m4/dpkg-libs.m4 index 2f3b76c44..156da2f0b 100644 --- a/m4/dpkg-libs.m4 +++ b/m4/dpkg-libs.m4 @@ -92,6 +92,8 @@ if test "x$with_selinux" != "xno"; then [AC_DEFINE([HAVE_SETEXECFILECON], [1], [Define to 1 if SELinux setexecfilecon is present]) ]) + AM_CONDITIONAL(HAVE_SETEXECFILECON, + [test "x$ac_cv_lib_selinux_setexecfilecon" = "xyes"]) AC_CHECK_HEADER([selinux/selinux.h],, [if test -n "$with_selinux"; then diff --git a/src/script.c b/src/script.c index e776611bd..d552f3f76 100644 --- a/src/script.c +++ b/src/script.c @@ -33,8 +33,6 @@ #ifdef WITH_SELINUX #include <selinux/selinux.h> -#include <selinux/flask.h> -#include <selinux/context.h> #endif #include <dpkg/i18n.h> @@ -145,53 +143,9 @@ static int maintscript_set_exec_context(struct command *cmd, const char *fallback) { int rc = 0; + #ifdef WITH_SELINUX -#if HAVE_SETEXECFILECON rc = setexecfilecon(cmd->filename, fallback); -#else - security_context_t curcon = NULL, newcon = NULL, filecon = NULL; - context_t tmpcon = NULL; - - if (is_selinux_enabled() < 1) - return 0; - - rc = getcon(&curcon); - if (rc < 0) - goto out; - - rc = getfilecon(cmd->filename, &filecon); - if (rc < 0) - goto out; - - rc = security_compute_create(curcon, filecon, SECCLASS_PROCESS, &newcon); - if (rc < 0) - goto out; - - if (strcmp(curcon, newcon) == 0) { - /* No default transition, use fallback for now. */ - rc = -1; - tmpcon = context_new(curcon); - if (tmpcon == NULL) - goto out; - if (context_type_set(tmpcon, fallback)) - goto out; - freecon(newcon); - newcon = strdup(context_str(tmpcon)); - if (newcon == NULL) - goto out; - } - - rc = setexeccon(newcon); - -out: - if (rc < 0 && security_getenforce() == 0) - rc = 0; - - context_free(tmpcon); - freecon(newcon); - freecon(curcon); - freecon(filecon); -#endif #endif return rc < 0 ? rc : 0; |