[policycoreutils/f17] Add policycoreutils-setfsuid.patch
Miroslav Grepl
mgrepl at fedoraproject.org
Wed Oct 24 12:48:49 UTC 2012
commit d6d5e59c6dcf75afab81c288e27df8b339a242e0
Author: Miroslav Grepl <mgrepl at redhat.com>
Date: Wed Oct 24 14:48:36 2012 +0200
Add policycoreutils-setfsuid.patch
policycoreutils-setfsuid.patch | 111 ++++++++++++++++++++++++++++++++++++++++
policycoreutils.spec | 2 +
2 files changed, 113 insertions(+), 0 deletions(-)
---
diff --git a/policycoreutils-setfsuid.patch b/policycoreutils-setfsuid.patch
new file mode 100644
index 0000000..28bbe6f
--- /dev/null
+++ b/policycoreutils-setfsuid.patch
@@ -0,0 +1,111 @@
+--- policycoreutils-2.1.12/sandbox/seunshare.c 2012-07-04 13:35:21.000000000 +0200
++++ policycoreutils-2.1.13/sandbox/seunshare.c 2012-10-24 14:34:49.346593664 +0200
+@@ -31,6 +31,12 @@
+ #include <selinux/context.h> /* for context-mangling functions */
+ #include <dirent.h>
+
++
++/*
++ * Note setfsuid never returns an error code. But the compiler complains if
++ * I do not check, so I am checking for -1, which should never happen.
++ */
++
+ #ifdef USE_NLS
+ #include <locale.h> /* for setlocale() */
+ #include <libintl.h> /* for gettext() */
+@@ -617,12 +623,15 @@
+ free(cmdbuf); cmdbuf = NULL;
+
+ /* remove runtime temporary directory */
+- setfsuid(0);
++ if (setfsuid(0) < 0)
++ rc++;
++
+ if (rmdir(tmpdir) == -1)
+ fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno));
+- setfsuid(pwd->pw_uid);
++ if (setfsuid(pwd->pw_uid) < 0)
++ rc++;
+
+- return 0;
++ return rc;
+ }
+
+ /**
+@@ -642,7 +651,9 @@
+
+ /* get selinux context */
+ if (execcon) {
+- setfsuid(pwd->pw_uid);
++ if (setfsuid(pwd->pw_uid) < 0)
++ goto err;
++
+ if ((fd_s = open(src, O_RDONLY)) < 0) {
+ fprintf(stderr, _("Failed to open directory %s: %s\n"), src, strerror(errno));
+ goto err;
+@@ -661,7 +672,8 @@
+ }
+
+ /* ok to not reach this if there is an error */
+- setfsuid(0);
++ if (setfsuid(0) < 0)
++ goto err;
+ }
+
+ if (asprintf(&tmpdir, "/tmp/.sandbox-%s-XXXXXX", pwd->pw_name) == -1) {
+@@ -716,14 +728,16 @@
+ }
+ }
+
+- setfsuid(pwd->pw_uid);
++ if (setfsuid(pwd->pw_uid) < 0)
++ goto err;
+
+ if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
+ goto err;
+ }
+
+ /* ok to not reach this if there is an error */
+- setfsuid(0);
++ if (setfsuid(0) < 0)
++ goto err;
+
+ if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
+ fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
+@@ -916,7 +930,8 @@
+ /* Changing fsuid is usually required when user-specified directory is
+ * on an NFS mount. It's also desired to avoid leaking info about
+ * existence of the files not accessible to the user. */
+- setfsuid(uid);
++ if (setfsuid(uid) < 0)
++ return -1;
+
+ /* verify homedir and tmpdir */
+ if (homedir_s && (
+@@ -925,7 +940,7 @@
+ if (tmpdir_s && (
+ verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 ||
+ check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1;
+- setfsuid(0);
++ if (setfsuid(0) < 0) return -1;
+
+ /* create runtime tmpdir */
+ if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s,
+@@ -959,7 +974,7 @@
+ }
+
+ /* assume fsuid==ruid after this point */
+- setfsuid(uid);
++ if (setfsuid(uid) < 0) goto childerr;
+
+ /* mount homedir and tmpdir, in this order */
+ if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir,
+@@ -1005,7 +1020,7 @@
+
+ /* selinux context */
+ if (execcon && setexeccon(execcon) != 0) {
+- fprintf(stderr, _("Could not set exec context to %s.\n"), execcon);
++ fprintf(stderr, _("Could not set exec context to %s. %s\n"), execcon, strerror(errno));
+ goto childerr;
+ }
+
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 5c2f687..6d5164e 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -24,6 +24,7 @@ Source8: policycoreutils_man_ru2.tar.bz2
Source10: restorecond.service
Patch: policycoreutils-rhat.patch
Patch4: policycoreutils-sepolgen.patch
+Patch5: policycoreutils-setfsuid.patch
Obsoletes: policycoreutils < 2.0.61-2
Conflicts: filesystem < 3
Provides: /sbin/fixfiles
@@ -65,6 +66,7 @@ context.
%setup -q -a 1
%patch -p1 -b .rhat
%patch4 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
+%patch5 -p1 -b .setfsuid
%build
make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
More information about the scm-commits
mailing list