[PATCH] mcstrans: preserve runtime directory

[PATCH] mcstrans: preserve runtime directory

[Christian Göttsche]

Do not remove the runtime directory /run/setrans/, which is the parent
for the security context translation socket .setrans-unix, when the
service is stopped, so the path can not be taken over by a foreign
program, which could lead to a compromise of the context translation of
libselinux.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 mcstrans/src/mcstrans.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mcstrans/src/mcstrans.service b/mcstrans/src/mcstrans.service
index c13cd09a..fdcfb0d4 100644
--- a/mcstrans/src/mcstrans.service
+++ b/mcstrans/src/mcstrans.service
@@ -9,6 +9,7 @@ Conflicts=shutdown.target
 [Service]
 ExecStart=/sbin/mcstransd -f
 RuntimeDirectory=setrans
+RuntimeDirectoryPreserve=true
 
 [Install]
 WantedBy=multi-user.target
-- 
2.39.0

Re: [PATCH] mcstrans: preserve runtime directory

[James Carter]

On Tue, Jan 17, 2023 at 12:36 PM Christian Göttsche
<cgzones@googlemail.com> wrote:
>
> Do not remove the runtime directory /run/setrans/, which is the parent
> for the security context translation socket .setrans-unix, when the
> service is stopped, so the path can not be taken over by a foreign
> program, which could lead to a compromise of the context translation of
> libselinux.
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

Acked-by: James Carter <jwcart2@gmail.com>

> ---
>  mcstrans/src/mcstrans.service | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/mcstrans/src/mcstrans.service b/mcstrans/src/mcstrans.service
> index c13cd09a..fdcfb0d4 100644
> --- a/mcstrans/src/mcstrans.service
> +++ b/mcstrans/src/mcstrans.service
> @@ -9,6 +9,7 @@ Conflicts=shutdown.target
>  [Service]
>  ExecStart=/sbin/mcstransd -f
>  RuntimeDirectory=setrans
> +RuntimeDirectoryPreserve=true
>
>  [Install]
>  WantedBy=multi-user.target
> --
> 2.39.0
>

Re: [PATCH] mcstrans: preserve runtime directory

[Petr Lautrbach]

Christian Göttsche <cgzones@googlemail.com> writes:

> Do not remove the runtime directory /run/setrans/, which is the parent
> for the security context translation socket .setrans-unix, when the
> service is stopped, so the path can not be taken over by a foreign
> program, which could lead to a compromise of the context translation of
> libselinux.
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

I lost Jim's Acked-by mail but according to
https://lore.kernel.org/all/CAP+JOzSvvg_2pZ6aeLGs9Oqh2nK0zpBGAURwbofh9DSAT39iVw@mail.gmail.com/
it was acked and it's merged now.

Thanks.



> ---
>  mcstrans/src/mcstrans.service | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/mcstrans/src/mcstrans.service b/mcstrans/src/mcstrans.service
> index c13cd09a..fdcfb0d4 100644
> --- a/mcstrans/src/mcstrans.service
> +++ b/mcstrans/src/mcstrans.service
> @@ -9,6 +9,7 @@ Conflicts=shutdown.target
>  [Service]
>  ExecStart=/sbin/mcstransd -f
>  RuntimeDirectory=setrans
> +RuntimeDirectoryPreserve=true
>  
>  [Install]
>  WantedBy=multi-user.target
> -- 
> 2.39.0