All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Christian Göttsche" <cgzones@googlemail.com>
To: selinux@vger.kernel.org
Subject: [RFC SHADOW PATCH 6/7] set_selinux_file_context(): prepare context for actual file type
Date: Tue, 13 Apr 2021 14:25:07 +0200	[thread overview]
Message-ID: <20210413122508.24745-7-cgzones@googlemail.com> (raw)
In-Reply-To: <20210413122508.24745-1-cgzones@googlemail.com>

Search the SELinux selabel database for the file type to be created.
Not specifying the file mode can cause an incorrect file context to be
returned.

Also prepare contexts in commonio_close() for the generic database
filename, not with the backup suffix appended, to ensure the desired
file context after the final rename.

Closes: #322
---
 lib/commonio.c    | 4 ++--
 lib/prototypes.h  | 2 +-
 lib/selinux.c     | 4 ++--
 libmisc/copydir.c | 8 ++++----
 src/useradd.c     | 4 ++--
 5 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/lib/commonio.c b/lib/commonio.c
index c5b3d104..3c81c796 100644
--- a/lib/commonio.c
+++ b/lib/commonio.c
@@ -974,7 +974,7 @@ int commonio_close (struct commonio_db *db)
 		snprintf (buf, sizeof buf, "%s-", db->filename);
 
 #ifdef WITH_SELINUX
-		if (set_selinux_file_context (buf) != 0) {
+		if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
 			errors++;
 		}
 #endif
@@ -1007,7 +1007,7 @@ int commonio_close (struct commonio_db *db)
 	snprintf (buf, sizeof buf, "%s+", db->filename);
 
 #ifdef WITH_SELINUX
-	if (set_selinux_file_context (buf) != 0) {
+	if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
 		errors++;
 	}
 #endif
diff --git a/lib/prototypes.h b/lib/prototypes.h
index ac9ad274..a3c4f7c2 100644
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@@ -334,7 +334,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
 
 /* selinux.c */
 #ifdef WITH_SELINUX
-extern int set_selinux_file_context (const char *dst_name);
+extern int set_selinux_file_context (const char *dst_name, mode_t mode);
 extern int reset_selinux_file_context (void);
 extern int check_selinux_permit (const char *perm_name);
 #endif
diff --git a/lib/selinux.c b/lib/selinux.c
index 41f4371d..719acda3 100644
--- a/lib/selinux.c
+++ b/lib/selinux.c
@@ -51,7 +51,7 @@ static bool selinux_enabled;
  *	Callers may have to Reset SELinux to create files with default
  *	contexts with reset_selinux_file_context
  */
-int set_selinux_file_context (const char *dst_name)
+int set_selinux_file_context (const char *dst_name, mode_t mode)
 {
 	if (!selinux_checked) {
 		selinux_enabled = is_selinux_enabled () > 0;
@@ -70,7 +70,7 @@ int set_selinux_file_context (const char *dst_name)
 			return security_getenforce () != 0;
 		}
 
-		r = selabel_lookup_raw(hnd, &fcontext_raw, dst_name, 0);
+		r = selabel_lookup_raw(hnd, &fcontext_raw, dst_name, mode);
 		selabel_close(hnd);
 		if (r < 0) {
 			/* No context specified for the searched path */
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
index e6aac6ec..1ca98b67 100644
--- a/libmisc/copydir.c
+++ b/libmisc/copydir.c
@@ -484,7 +484,7 @@ static int copy_dir (const char *src, const char *dst,
 	 */
 
 #ifdef WITH_SELINUX
-	if (set_selinux_file_context (dst) != 0) {
+	if (set_selinux_file_context (dst, S_IFDIR) != 0) {
 		return -1;
 	}
 #endif				/* WITH_SELINUX */
@@ -605,7 +605,7 @@ static int copy_symlink (const char *src, const char *dst,
 	}
 
 #ifdef WITH_SELINUX
-	if (set_selinux_file_context (dst) != 0) {
+	if (set_selinux_file_context (dst, S_IFLNK) != 0) {
 		free (oldlink);
 		return -1;
 	}
@@ -684,7 +684,7 @@ static int copy_special (const char *src, const char *dst,
 	int err = 0;
 
 #ifdef WITH_SELINUX
-	if (set_selinux_file_context (dst) != 0) {
+	if (set_selinux_file_context (dst, statp->st_mode & S_IFMT) != 0) {
 		return -1;
 	}
 #endif				/* WITH_SELINUX */
@@ -744,7 +744,7 @@ static int copy_file (const char *src, const char *dst,
 		return -1;
 	}
 #ifdef WITH_SELINUX
-	if (set_selinux_file_context (dst) != 0) {
+	if (set_selinux_file_context (dst, S_IFREG) != 0) {
 		return -1;
 	}
 #endif				/* WITH_SELINUX */
diff --git a/src/useradd.c b/src/useradd.c
index dcda3196..b3fff895 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2177,7 +2177,7 @@ static void create_home (void)
 		++bhome;
 
 #ifdef WITH_SELINUX
-		if (set_selinux_file_context (prefix_user_home) != 0) {
+		if (set_selinux_file_context (prefix_user_home, S_IFDIR) != 0) {
 			fprintf (stderr,
 			         _("%s: cannot set SELinux context for home directory %s\n"),
 			         Prog, user_home);
@@ -2305,7 +2305,7 @@ static void create_mail (void)
 			sprintf (file, "%s/%s", spool, user_name);
 
 #ifdef WITH_SELINUX
-		if (set_selinux_file_context (file) != 0) {
+		if (set_selinux_file_context (file, S_IFREG) != 0) {
 			fprintf (stderr,
 			         _("%s: cannot set SELinux context for mailbox file %s\n"),
 			         Prog, file);
-- 
2.31.0


  parent reply	other threads:[~2021-04-13 12:25 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-13 12:25 [RFC SHADOW PATCH 0/7] SELinux modernizations Christian Göttsche
2021-04-13 12:25 ` [RFC SHADOW PATCH 1/7] struct commonio_db[selinux]: do not use deprecated type security_context_t Christian Göttsche
2021-04-13 12:25 ` [RFC SHADOW PATCH 2/7] vipw[selinux]: do not use deprecated typedef and skip context translation Christian Göttsche
2021-04-13 12:25 ` [RFC SHADOW PATCH 3/7] selinux.c: " Christian Göttsche
2021-04-13 12:25 ` [RFC SHADOW PATCH 4/7] selinux.c:reset_selinux_file_context(): do not fail in permissive mode Christian Göttsche
2021-04-13 12:25 ` [RFC SHADOW PATCH 5/7] selinux.c: use modern selabel interface instead of deprecated matchpathcon Christian Göttsche
2021-04-13 12:25 ` Christian Göttsche [this message]
2021-04-13 12:25 ` [RFC SHADOW PATCH 7/7] selinux: only open selabel database once Christian Göttsche
2021-04-27 14:10 ` [RFC SHADOW PATCH 0/7] SELinux modernizations Paul Moore
2021-04-28 14:02 ` James Carter
2021-04-28 14:10   ` Paul Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210413122508.24745-7-cgzones@googlemail.com \
    --to=cgzones@googlemail.com \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.