[policycoreutils/f14/master] rsynccmd should run outside of execcon
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Mar 29 18:26:28 UTC 2011
commit b7430583da8244bb815ede75c552bd8bd4383a9f
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Mar 29 14:26:23 2011 -0400
rsynccmd should run outside of execcon
policycoreutils-rhat.patch | 41 +++++++++++++++++++++++------------------
policycoreutils.spec | 5 ++++-
2 files changed, 27 insertions(+), 19 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 6955be6..e49a441 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -2125,7 +2125,7 @@ index 0000000..e7b8991
+and
+.I Thomas Liu <tliu at fedoraproject.org>
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
-index ec692e7..d8171d8 100644
+index ec692e7..49dad71 100644
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -1,28 +1,35 @@
@@ -2256,14 +2256,10 @@ index ec692e7..d8171d8 100644
+ retval = -1; \
+ } while(0)
+
- /**
-- * This function makes sure the mounted directory is owned by the user executing
-- * seunshare.
-- * If so, it returns 0. If it can not figure this out or they are different, it returns -1.
++/**
+ * Spawn external command using system() with dropped privileges.
+ * TODO: avoid system() and use exec*() instead
- */
--static int verify_mount(const char *mntdir, struct passwd *pwd) {
++ */
+static int spawn_command(const char *cmd, uid_t uid){
+ int child;
+ int status = -1;
@@ -2323,11 +2319,15 @@ index ec692e7..d8171d8 100644
+ (one)->st_uid == (two)->st_uid && (one)->st_gid == (two)->st_gid && \
+ (one)->st_mode == (two)->st_mode)
+
-+/**
+ /**
+- * This function makes sure the mounted directory is owned by the user executing
+- * seunshare.
+- * If so, it returns 0. If it can not figure this out or they are different, it returns -1.
+ * Sanity check specified directory. Store stat info for future comparison, or
+ * compare with previously saved info to detect replaced directories.
+ * Note: This function does not perform owner checks.
-+ */
+ */
+-static int verify_mount(const char *mntdir, struct passwd *pwd) {
+static int verify_directory(const char *dir, struct stat *st_in, struct stat *st_out) {
struct stat sb;
- if (stat(mntdir, &sb) == -1) {
@@ -2364,7 +2364,7 @@ index ec692e7..d8171d8 100644
break;
}
}
-@@ -131,45 +236,520 @@ static int verify_shell(const char *shell_name)
+@@ -131,45 +236,525 @@ static int verify_shell(const char *shell_name)
return rc;
}
@@ -2797,10 +2797,6 @@ index ec692e7..d8171d8 100644
+ goto err;
+ }
+
-+ if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
-+ goto err;
-+ }
-+
+ /* ok to not reach this if there is an error */
+ setfsuid(0);
+ }
@@ -2853,6 +2849,15 @@ index ec692e7..d8171d8 100644
+ }
+ }
+
++ setfsuid(pwd->pw_uid);
++
++ if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
++ goto err;
++ }
++
++ /* ok to not reach this if there is an error */
++ setfsuid(0);
++
+ if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
+ fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
+ cleanup_tmpdir(tmpdir, src, pwd, 0);
@@ -2899,7 +2904,7 @@ index ec692e7..d8171d8 100644
{NULL, 0, 0, 0}
};
-@@ -180,6 +760,12 @@ int main(int argc, char **argv) {
+@@ -180,6 +765,12 @@ int main(int argc, char **argv) {
return -1;
}
@@ -2912,7 +2917,7 @@ index ec692e7..d8171d8 100644
struct passwd *pwd=getpwuid(uid);
if (!pwd) {
perror(_("getpwduid failed"));
-@@ -187,34 +773,30 @@ int main(int argc, char **argv) {
+@@ -187,34 +778,30 @@ int main(int argc, char **argv) {
}
if (verify_shell(pwd->pw_shell) < 0) {
@@ -2958,7 +2963,7 @@ index ec692e7..d8171d8 100644
break;
default:
fprintf(stderr, "%s\n", USAGE_STRING);
-@@ -223,76 +805,84 @@ int main(int argc, char **argv) {
+@@ -223,76 +810,84 @@ int main(int argc, char **argv) {
}
if (! homedir_s && ! tmpdir_s) {
@@ -3092,7 +3097,7 @@ index ec692e7..d8171d8 100644
if (display)
rc |= setenv("DISPLAY", display, 1);
rc |= setenv("HOME", pwd->pw_dir, 1);
-@@ -300,22 +890,41 @@ int main(int argc, char **argv) {
+@@ -300,22 +895,41 @@ int main(int argc, char **argv) {
rc |= setenv("USER", pwd->pw_name, 1);
rc |= setenv("LOGNAME", pwd->pw_name, 1);
rc |= setenv("PATH", DEFAULT_PATH, 1);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index c73a2cd..eb45bd1 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.85
-Release: 27%{?dist}
+Release: 28%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -318,6 +318,9 @@ fi
exit 0
%changelog
+* Tue Mar 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-28
+- rsynccmd should run outside of execcon
+
* Thu Mar 24 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-27
- Fix semange node handling of ipv6 addresses
More information about the scm-commits
mailing list