[policycoreutils/f14/master] rsynccmd should run outside of execcon

Daniel J Walsh dwalsh at fedoraproject.org
Tue Mar 29 18:26:28 UTC 2011 

commit b7430583da8244bb815ede75c552bd8bd4383a9f
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Tue Mar 29 14:26:23 2011 -0400

    rsynccmd should run outside of execcon

 policycoreutils-rhat.patch |   41 +++++++++++++++++++++++------------------
 policycoreutils.spec       |    5 ++++-
 2 files changed, 27 insertions(+), 19 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 6955be6..e49a441 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -2125,7 +2125,7 @@ index 0000000..e7b8991
 +and
 +.I Thomas Liu <tliu at fedoraproject.org>
 diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
-index ec692e7..d8171d8 100644
+index ec692e7..49dad71 100644
 --- a/policycoreutils/sandbox/seunshare.c
 +++ b/policycoreutils/sandbox/seunshare.c
 @@ -1,28 +1,35 @@
@@ -2256,14 +2256,10 @@ index ec692e7..d8171d8 100644
 +		retval = -1; \
 +	} while(0)
 +
- /**
-- * This function makes sure the mounted directory is owned by the user executing
-- * seunshare.
-- * If so, it returns 0. If it can not figure this out or they are different, it returns -1.
++/**
 + * Spawn external command using system() with dropped privileges.
 + * TODO: avoid system() and use exec*() instead
-  */
--static int verify_mount(const char *mntdir, struct passwd *pwd) {
++ */
 +static int spawn_command(const char *cmd, uid_t uid){
 +	int child;
 +	int status = -1;
@@ -2323,11 +2319,15 @@ index ec692e7..d8171d8 100644
 +	 (one)->st_uid == (two)->st_uid && (one)->st_gid == (two)->st_gid && \
 +	 (one)->st_mode == (two)->st_mode)
 +
-+/**
+ /**
+- * This function makes sure the mounted directory is owned by the user executing
+- * seunshare.
+- * If so, it returns 0. If it can not figure this out or they are different, it returns -1.
 + * Sanity check specified directory.  Store stat info for future comparison, or
 + * compare with previously saved info to detect replaced directories.
 + * Note: This function does not perform owner checks.
-+ */
+  */
+-static int verify_mount(const char *mntdir, struct passwd *pwd) {
 +static int verify_directory(const char *dir, struct stat *st_in, struct stat *st_out) {
  	struct stat sb;
 -	if (stat(mntdir, &sb) == -1) {
@@ -2364,7 +2364,7 @@ index ec692e7..d8171d8 100644
  			break;
  		}
  	}
-@@ -131,45 +236,520 @@ static int verify_shell(const char *shell_name)
+@@ -131,45 +236,525 @@ static int verify_shell(const char *shell_name)
  	return rc;
  }
  
@@ -2797,10 +2797,6 @@ index ec692e7..d8171d8 100644
 +			goto err;
 +		}
 +
-+		if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
-+			goto err;
-+		}
-+
 +		/* ok to not reach this if there is an error */
 +		setfsuid(0);
 +	}
@@ -2853,6 +2849,15 @@ index ec692e7..d8171d8 100644
 +		}
 +	}
 +
++	setfsuid(pwd->pw_uid);
++
++	if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
++		goto err;
++	}
++
++	/* ok to not reach this if there is an error */
++	setfsuid(0);
++
 +	if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
 +		fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
 +		cleanup_tmpdir(tmpdir, src, pwd, 0);
@@ -2899,7 +2904,7 @@ index ec692e7..d8171d8 100644
  		{NULL, 0, 0, 0}
  	};
  
-@@ -180,6 +760,12 @@ int main(int argc, char **argv) {
+@@ -180,6 +765,12 @@ int main(int argc, char **argv) {
  		return -1;
  	}
  
@@ -2912,7 +2917,7 @@ index ec692e7..d8171d8 100644
  	struct passwd *pwd=getpwuid(uid);
  	if (!pwd) {
  		perror(_("getpwduid failed"));
-@@ -187,34 +773,30 @@ int main(int argc, char **argv) {
+@@ -187,34 +778,30 @@ int main(int argc, char **argv) {
  	}
  
  	if (verify_shell(pwd->pw_shell) < 0) {
@@ -2958,7 +2963,7 @@ index ec692e7..d8171d8 100644
  			break;
  		default:
  			fprintf(stderr, "%s\n", USAGE_STRING);
-@@ -223,76 +805,84 @@ int main(int argc, char **argv) {
+@@ -223,76 +810,84 @@ int main(int argc, char **argv) {
  	}
  
  	if (! homedir_s && ! tmpdir_s) {
@@ -3092,7 +3097,7 @@ index ec692e7..d8171d8 100644
  		if (display) 
  			rc |= setenv("DISPLAY", display, 1);
  		rc |= setenv("HOME", pwd->pw_dir, 1);
-@@ -300,22 +890,41 @@ int main(int argc, char **argv) {
+@@ -300,22 +895,41 @@ int main(int argc, char **argv) {
  		rc |= setenv("USER", pwd->pw_name, 1);
  		rc |= setenv("LOGNAME", pwd->pw_name, 1);
  		rc |= setenv("PATH", DEFAULT_PATH, 1);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index c73a2cd..eb45bd1 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.85
-Release: 27%{?dist}
+Release: 28%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -318,6 +318,9 @@ fi
 exit 0
 
 %changelog
+* Tue Mar 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-28
+- rsynccmd should run outside of execcon
+
 * Thu Mar 24 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-27
 - Fix semange node handling of ipv6 addresses

More information about the scm-commits mailing list