rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.443, 1.444 policycoreutils.spec, 1.643, 1.644
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Sep 17 19:19:55 UTC 2009
- Previous message (by thread): rpms/diffuse/devel .cvsignore, 1.5, 1.6 diffuse.spec, 1.5, 1.6 sources, 1.5, 1.6
- Next message (by thread): rpms/setroubleshoot-plugins/devel .cvsignore, 1.36, 1.37 setroubleshoot-plugins.spec, 1.41, 1.42 sources, 1.37, 1.38
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23202
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Thu Sep 17 2009 Dan Walsh <dwalsh at redhat.com> 2.0.74-2
- Security fixes for seunshare
policycoreutils-rhat.patch:
Makefile | 2
audit2allow/audit2allow | 14
load_policy/Makefile | 2
restorecond/Makefile | 24 -
restorecond/org.selinux.Restorecond.service | 3
restorecond/restorecond.c | 422 +++---------------
restorecond/restorecond.conf | 5
restorecond/restorecond.desktop | 7
restorecond/restorecond.h | 18
restorecond/restorecond.init | 5
restorecond/restorecond_user.conf | 2
restorecond/user.c | 237 ++++++++++
restorecond/watch.c | 254 +++++++++++
sandbox/Makefile | 31 +
sandbox/sandbox | 202 ++++++++
sandbox/sandbox.8 | 26 +
sandbox/sandboxX.sh | 16
sandbox/seunshare.c | 284 ++++++++++++
scripts/Makefile | 2
scripts/chcat | 2
semanage/semanage | 27 +
semanage/seobject.py | 11
semodule/semodule.8 | 8
semodule/semodule.c | 53 ++
setfiles/Makefile | 4
setfiles/restore.c | 519 ++++++++++++++++++++++
setfiles/restore.h | 49 ++
setfiles/setfiles.c | 643 +++-------------------------
28 files changed, 1919 insertions(+), 953 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.443
retrieving revision 1.444
diff -u -p -r1.443 -r1.444
--- policycoreutils-rhat.patch 17 Sep 2009 13:07:45 -0000 1.443
+++ policycoreutils-rhat.patch 17 Sep 2009 19:19:53 -0000 1.444
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.73/audit2allow/audit2allow
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.74/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
-+++ policycoreutils-2.0.73/audit2allow/audit2allow 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/audit2allow/audit2allow 2009-09-17 15:05:17.000000000 -0400
@@ -42,6 +42,8 @@
from optparse import OptionParser
@@ -38,9 +38,9 @@ diff --exclude-from=exclude --exclude=se
else:
# This is the default if no input is specified
f = sys.stdin
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.73/load_policy/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/Makefile policycoreutils-2.0.74/load_policy/Makefile
--- nsapolicycoreutils/load_policy/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.73/load_policy/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/load_policy/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -1,6 +1,6 @@
# Installation directories.
PREFIX ?= ${DESTDIR}/usr
@@ -49,18 +49,18 @@ diff --exclude-from=exclude --exclude=se
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.73/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.74/Makefile
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.73/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.73/restorecond/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.74/restorecond/Makefile
--- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.73/restorecond/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -1,17 +1,28 @@
# Installation directories.
PREFIX ?= ${DESTDIR}/usr
@@ -107,16 +107,16 @@ diff --exclude-from=exclude --exclude=se
relabel: install
/sbin/restorecon $(SBINDIR)/restorecond
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.73/restorecond/org.selinux.Restorecond.service
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/restorecond/org.selinux.Restorecond.service 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/org.selinux.Restorecond.service 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,3 @@
+[D-BUS Service]
+Name=org.selinux.Restorecond
+Exec=/usr/sbin/restorecond -u
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.73/restorecond/restorecond.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.74/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.73/restorecond/restorecond.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond.c 2009-09-17 15:05:17.000000000 -0400
@@ -48,294 +48,38 @@
#include <signal.h>
#include <string.h>
@@ -607,9 +607,9 @@ diff --exclude-from=exclude --exclude=se
}
+
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.73/restorecond/restorecond.conf
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.74/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.73/restorecond/restorecond.conf 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond.conf 2009-09-17 15:05:17.000000000 -0400
@@ -4,8 +4,5 @@
/etc/mtab
/var/run/utmp
@@ -620,9 +620,9 @@ diff --exclude-from=exclude --exclude=se
/root/.ssh/*
-
-
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.73/restorecond/restorecond.desktop
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.74/restorecond/restorecond.desktop
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/restorecond/restorecond.desktop 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond.desktop 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,7 @@
+[Desktop Entry]
+Name=File Context maintainer
@@ -631,9 +631,9 @@ diff --exclude-from=exclude --exclude=se
+Encoding=UTF-8
+Type=Application
+StartupNotify=false
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.73/restorecond/restorecond.h
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.74/restorecond/restorecond.h
--- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.73/restorecond/restorecond.h 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond.h 2009-09-17 15:05:17.000000000 -0400
@@ -24,7 +24,21 @@
#ifndef RESTORED_CONFIG_H
#define RESTORED_CONFIG_H
@@ -658,9 +658,9 @@ diff --exclude-from=exclude --exclude=se
+extern void watch_list_free(int fd);
#endif
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.73/restorecond/restorecond.init
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.74/restorecond/restorecond.init
--- nsapolicycoreutils/restorecond/restorecond.init 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.73/restorecond/restorecond.init 2009-09-14 15:32:27.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond.init 2009-09-17 15:05:17.000000000 -0400
@@ -75,16 +75,15 @@
status restorecond
RETVAL=$?
@@ -680,15 +680,15 @@ diff --exclude-from=exclude --exclude=se
exit $RETVAL
-
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.73/restorecond/restorecond_user.conf
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.74/restorecond/restorecond_user.conf
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/restorecond/restorecond_user.conf 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/restorecond_user.conf 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,2 @@
+~/*
+~/public_html/*
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.73/restorecond/user.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.74/restorecond/user.c
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/restorecond/user.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/user.c 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,237 @@
+/*
+ * restorecond
@@ -927,9 +927,9 @@ diff --exclude-from=exclude --exclude=se
+ return 0;
+}
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.73/restorecond/watch.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.74/restorecond/watch.c
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/restorecond/watch.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/restorecond/watch.c 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,254 @@
+#define _GNU_SOURCE
+#include <sys/inotify.h>
@@ -1185,9 +1185,9 @@ diff --exclude-from=exclude --exclude=se
+ exitApp("Error watching config file.");
+}
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.73/sandbox/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.74/sandbox/Makefile
--- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/sandbox/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,31 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -1220,9 +1220,9 @@ diff --exclude-from=exclude --exclude=se
+ ../../scripts/Lindent $(wildcard *.[ch])
+
+relabel:
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.73/sandbox/sandbox
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.74/sandbox/sandbox
--- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/sandbox 2009-09-16 15:46:50.000000000 -0400
++++ policycoreutils-2.0.74/sandbox/sandbox 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,202 @@
+#!/usr/bin/python -E
+import os, sys, getopt, socket, random, fcntl, shutil
@@ -1426,9 +1426,9 @@ diff --exclude-from=exclude --exclude=se
+
+ sys.exit(rc)
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.73/sandbox/sandbox.8
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.74/sandbox/sandbox.8
--- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/sandbox.8 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/sandbox/sandbox.8 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,26 @@
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
+.SH NAME
@@ -1456,9 +1456,9 @@ diff --exclude-from=exclude --exclude=se
+.TP
+runcon(1)
+.PP
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.73/sandbox/sandboxX.sh
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.74/sandbox/sandboxX.sh
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/sandboxX.sh 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,16 @@
+#!/bin/bash
+export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`"
@@ -1476,13 +1476,14 @@ diff --exclude-from=exclude --exclude=se
+exit $EXITCODE
+break
+done
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.73/sandbox/seunshare.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.74/sandbox/seunshare.c
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/seunshare.c 2009-09-09 17:05:42.000000000 -0400
-@@ -0,0 +1,203 @@
++++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-09-17 15:05:44.000000000 -0400
+@@ -0,0 +1,284 @@
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/wait.h>
++#include <syslog.h>
+#include <sys/mount.h>
+#include <pwd.h>
+#define _GNU_SOURCE
@@ -1493,10 +1494,17 @@ diff --exclude-from=exclude --exclude=se
+#include <stdlib.h>
+#include <cap-ng.h>
+#include <getopt.h> /* for getopt_long() form of getopt() */
++#include <limits.h>
++#include <stdlib.h>
++#include <errno.h>
+
+#include <selinux/selinux.h>
+#include <selinux/context.h> /* for context-mangling functions */
+
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <unistd.h>
++
+/**
+ * This function will drop the capabilities so that we are left
+ * only with access to the audit system and the ability to raise
@@ -1507,15 +1515,21 @@ diff --exclude-from=exclude --exclude=se
+ *
+ * Returns zero on success, non-zero otherwise
+ */
-+static int drop_capabilities(int all)
++static int drop_capabilities(int all, uid_t uid)
+{
+ capng_clear(CAPNG_SELECT_BOTH);
+
+ if (all) {
+ if (capng_lock() < 0)
+ return -1;
++ /* Change uid */
++ if (setresuid(uid, uid, uid)) {
++ fprintf(stderr, "Error changing uid, aborting.\n");
++ return -1;
++ }
+ } else {
-+ if (capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1) < 0) {
++ if (capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SETPCAP, CAP_SETUID, -1) < 0) {
++ fprintf(stderr, "Error running capng_updatev\n");
+ return -1;
+ }
+ }
@@ -1552,6 +1566,50 @@ diff --exclude-from=exclude --exclude=se
+}
+#define USAGE_STRING "USAGE: seunshare [ -t tmpdir ] [ -h homedir ] -- CONTEXT executable [args] "
+
++
++
++static int verify_mount(const char *mntdir, struct passwd *pwd) {
++ struct stat sb;
++ if (stat(mntdir, &sb) == -1) {
++ perror("Invalid mount point");
++ return -1;
++ }
++ if (sb.st_uid != pwd->pw_uid) {
++ errno = EPERM;
++ syslog(LOG_AUTHPRIV | LOG_ALERT, "%s attempted to mount an invalid directory, %s", pwd->pw_name, mntdir);
++ perror("Invalid mount point, reporting to administrator");
++ return -1;
++ }
++ return 0;
++}
++
++/**
++ * This function checks to see if the shell is known in /etc/shells.
++ * If so, it returns 1. On error or illegal shell, it returns 0.
++ */
++static int verify_shell(const char *shell_name)
++{
++ int found = 0;
++ const char *buf;
++
++ if (!(shell_name && shell_name[0]))
++ return found;
++
++ while ((buf = getusershell()) != NULL) {
++ /* ignore comments */
++ if (*buf == '#')
++ continue;
++
++ /* check the shell skipping newline char */
++ if (!strcmp(shell_name, buf)) {
++ found = 1;
++ break;
++ }
++ }
++ endusershell();
++ return found;
++}
++
+int main(int argc, char **argv) {
+ int rc;
+ int status = -1;
@@ -1570,13 +1628,24 @@ diff --exclude-from=exclude --exclude=se
+ };
+ capng_print_caps_text(CAPNG_PRINT_STDOUT, CAPNG_EFFECTIVE);
+
-+ struct passwd *pwd=getpwuid(getuid());
++ uid_t uid = getuid();
++
++ if (!uid) {
++ fprintf(stderr, "Must not be root");
++ return -1;
++ }
++
++ struct passwd *pwd=getpwuid(uid);
+ if (!pwd) {
+ perror("getpwduid failed");
+ return -1;
+ }
+
-+ if (drop_capabilities(FALSE)) {
++ if (verify_shell(pwd->pw_shell) == 0) {
++ fprintf(stderr, "Error! Shell is not valid.\n");
++ }
++
++ if (drop_capabilities(FALSE, uid)) {
+ perror("Failed to drop capabilities");
+ return -1;
+ }
@@ -1590,9 +1659,12 @@ diff --exclude-from=exclude --exclude=se
+ switch (clflag) {
+ case 't':
+ tmpdir_s = optarg;
++ if (verify_mount(tmpdir_s, pwd) < 0) return -1;
+ break;
+ case 'h':
+ homedir_s = optarg;
++ if (verify_mount(homedir_s, pwd) < 0) return -1;
++ if (verify_mount(pwd->pw_dir, pwd) < 0) return -1;
+ break;
+ default:
+ fprintf(stderr, "%s\n", USAGE_STRING);
@@ -1627,42 +1699,50 @@ diff --exclude-from=exclude --exclude=se
+ return -1;
+ }
+
++ if (homedir_s && verify_mount(pwd->pw_dir, pwd) < 0)
++ return -1;
++
+ if (tmpdir_s && mount(tmpdir_s, "/tmp", NULL, MS_BIND, NULL) < 0) {
+ perror("Failed to mount /tmp");
+ return -1;
+ }
+
-+ if (drop_capabilities(TRUE)) {
++ if (tmpdir_s && verify_mount("/tmp", pwd) < 0)
++ return -1;
++
++ if (drop_capabilities(TRUE, uid)) {
+ perror("Failed to drop all capabilities");
+ return -1;
+ }
+
+ int child = fork();
+ if (!child) {
++ char *display=NULL;
+ /* Construct a new environment */
+ char *d = getenv("DISPLAY");
-+ if (!d) {
-+ perror("DISPLAY Not set");
-+ exit(-1);
++ if (d) {
++ display = strdup(d);
++ if (!display) {
++ perror("Out of memory");
++ exit(-1);
++ }
+ }
+
-+ char *display = strdup(d);
-+ if (!display) {
-+ perror("Out of memory");
-+ exit(-1);
-+ }
+ if ((rc = clearenv())) {
+ perror("Unable to clear environment");
++ free(display);
+ exit(-1);
+ }
+
+ if (setexeccon(scontext)) {
+ fprintf(stderr, "Could not set exec context to %s.\n",
+ scontext);
++ free(display);
+ exit(-1);
+ }
+
-+ rc |= setenv("DISPLAY", display, 1);
++ if (display)
++ rc |= setenv("DISPLAY", display, 1);
+ rc |= setenv("HOME", pwd->pw_dir, 1);
+ rc |= setenv("SHELL", pwd->pw_shell, 1);
+ rc |= setenv("USER", pwd->pw_name, 1);
@@ -1675,6 +1755,7 @@ diff --exclude-from=exclude --exclude=se
+ }
+
+ execv(argv[optind], argv + optind);
++ free(display);
+ perror("execv");
+ exit(-1);
+ } else {
@@ -1683,9 +1764,9 @@ diff --exclude-from=exclude --exclude=se
+
+ return status;
+}
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.73/scripts/chcat
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.74/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2009-06-23 15:36:07.000000000 -0400
-+++ policycoreutils-2.0.73/scripts/chcat 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/scripts/chcat 2009-09-17 15:05:17.000000000 -0400
@@ -435,6 +435,8 @@
continue
except ValueError, e:
@@ -1695,9 +1776,9 @@ diff --exclude-from=exclude --exclude=se
sys.exit(errors)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.73/scripts/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.74/scripts/Makefile
--- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.73/scripts/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/scripts/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -5,7 +5,7 @@
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
@@ -1707,9 +1788,9 @@ diff --exclude-from=exclude --exclude=se
install: all
-mkdir -p $(BINDIR)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.73/semanage/semanage
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.74/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2009-09-08 09:03:10.000000000 -0400
-+++ policycoreutils-2.0.73/semanage/semanage 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/semanage/semanage 2009-09-17 15:05:17.000000000 -0400
@@ -85,6 +85,7 @@
-F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
@@ -1800,9 +1881,9 @@ diff --exclude-from=exclude --exclude=se
return
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.73/semanage/seobject.py
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.74/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2009-09-08 09:03:10.000000000 -0400
-+++ policycoreutils-2.0.73/semanage/seobject.py 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/semanage/seobject.py 2009-09-17 15:05:17.000000000 -0400
@@ -1586,9 +1586,16 @@
raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k)
@@ -1834,9 +1915,9 @@ diff --exclude-from=exclude --exclude=se
for k in keys:
if fcon_dict[k]:
if is_mls_enabled:
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.73/semodule/semodule.8
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.74/semodule/semodule.8
--- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400
-+++ policycoreutils-2.0.73/semodule/semodule.8 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/semodule/semodule.8 2009-09-17 15:05:17.000000000 -0400
@@ -30,11 +30,17 @@
install/replace a module package
.TP
@@ -1856,9 +1937,9 @@ diff --exclude-from=exclude --exclude=se
.B \-r,\-\-remove=MODULE_NAME
remove existing module
.TP
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.73/semodule/semodule.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.74/semodule/semodule.c
--- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400
-+++ policycoreutils-2.0.73/semodule/semodule.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/semodule/semodule.c 2009-09-17 15:05:17.000000000 -0400
@@ -22,12 +22,12 @@
#include <semanage/modules.h>
@@ -1976,9 +2057,9 @@ diff --exclude-from=exclude --exclude=se
semanage_module_info_datum_destroy
(m);
}
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.73/setfiles/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.74/setfiles/Makefile
--- nsapolicycoreutils/setfiles/Makefile 2009-07-07 15:32:32.000000000 -0400
-+++ policycoreutils-2.0.73/setfiles/Makefile 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/setfiles/Makefile 2009-09-17 15:05:17.000000000 -0400
@@ -5,7 +5,7 @@
LIBDIR ?= $(PREFIX)/lib
AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
@@ -1997,9 +2078,9 @@ diff --exclude-from=exclude --exclude=se
restorecon: setfiles
ln -sf setfiles restorecon
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.73/setfiles/restore.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.74/setfiles/restore.c
--- nsapolicycoreutils/setfiles/restore.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/setfiles/restore.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/setfiles/restore.c 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,519 @@
+#include "restore.h"
+
@@ -2520,9 +2601,9 @@ diff --exclude-from=exclude --exclude=se
+
+
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.73/setfiles/restore.h
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.74/setfiles/restore.h
--- nsapolicycoreutils/setfiles/restore.h 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/setfiles/restore.h 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/setfiles/restore.h 2009-09-17 15:05:17.000000000 -0400
@@ -0,0 +1,49 @@
+#ifndef RESTORE_H
+#define RESTORE_H
@@ -2573,9 +2654,9 @@ diff --exclude-from=exclude --exclude=se
+int process_one(char *name, int recurse);
+
+#endif
-diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.73/setfiles/setfiles.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.74/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2009-09-17 08:59:43.000000000 -0400
-+++ policycoreutils-2.0.73/setfiles/setfiles.c 2009-09-09 17:05:42.000000000 -0400
++++ policycoreutils-2.0.74/setfiles/setfiles.c 2009-09-17 15:05:17.000000000 -0400
@@ -1,26 +1,12 @@
-#ifndef _GNU_SOURCE
-#define _GNU_SOURCE
@@ -3027,7 +3108,7 @@ diff --exclude-from=exclude --exclude=se
-
- if (context)
- freecon(context);
--
+
- /*
- * Do not relabel the file if -n was used.
- */
@@ -3066,7 +3147,7 @@ diff --exclude-from=exclude --exclude=se
- progname, ftsent->fts_path);
- return SKIP;
- }
-
+-
- int rc = restore(ftsent);
- if (rc == ERR) {
- if (!abort_on_error)
@@ -3189,7 +3270,7 @@ diff --exclude-from=exclude --exclude=se
return -1;
}
-@@ -804,20 +298,30 @@
+@@ -804,20 +300,30 @@
char *buf = NULL;
size_t buf_len;
char *base;
@@ -3228,7 +3309,7 @@ diff --exclude-from=exclude --exclude=se
if (!strcmp(base, SETFILES)) {
/*
-@@ -832,28 +336,28 @@
+@@ -832,28 +338,28 @@
iamrestorecon = 0;
recurse = 1;
expand_realpath = 0;
@@ -3265,7 +3346,7 @@ diff --exclude-from=exclude --exclude=se
ctx_validate = 0;
/* restorecon only: silent exit if no SELinux.
-@@ -915,37 +419,37 @@
+@@ -915,37 +421,37 @@
input_filename = optarg;
break;
case 'd':
@@ -3312,7 +3393,7 @@ diff --exclude-from=exclude --exclude=se
break;
case 'R':
case 'r':
-@@ -958,7 +462,7 @@
+@@ -958,7 +464,7 @@
argv[0]);
exit(1);
}
@@ -3321,7 +3402,7 @@ diff --exclude-from=exclude --exclude=se
fprintf(stderr,
"%s: only one -r can be specified\n",
argv[0]);
-@@ -969,23 +473,23 @@
+@@ -969,23 +475,23 @@
case 's':
use_input_file = 1;
input_filename = "-";
@@ -3350,7 +3431,7 @@ diff --exclude-from=exclude --exclude=se
break;
case 'W':
warn_no_match = 1;
-@@ -1033,18 +537,13 @@
+@@ -1033,18 +539,13 @@
}
/* Load the file contexts configuration and check it. */
@@ -3372,7 +3453,7 @@ diff --exclude-from=exclude --exclude=se
if (use_input_file) {
FILE *f = stdin;
ssize_t len;
-@@ -1061,6 +560,9 @@
+@@ -1061,6 +562,9 @@
delim = (null_terminated != 0) ? '\0' : '\n';
while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) {
buf[len - 1] = 0;
@@ -3382,7 +3463,7 @@ diff --exclude-from=exclude --exclude=se
errors |= process_one_realpath(buf);
}
if (strcmp(input_filename, "-") != 0)
-@@ -1070,22 +572,21 @@
+@@ -1070,22 +574,21 @@
errors |= process_one_realpath(argv[i]);
}
}
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.643
retrieving revision 1.644
diff -u -p -r1.643 -r1.644
--- policycoreutils.spec 17 Sep 2009 13:07:47 -0000 1.643
+++ policycoreutils.spec 17 Sep 2009 19:19:55 -0000 1.644
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.74
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -297,6 +297,9 @@ fi
exit 0
%changelog
+* Thu Sep 17 2009 Dan Walsh <dwalsh at redhat.com> 2.0.74-2
+- Security fixes for seunshare
+
* Thu Sep 17 2009 Dan Walsh <dwalsh at redhat.com> 2.0.74-1
- Update to upstream
* Change semodule upgrade behavior to install even if the module
- Previous message (by thread): rpms/diffuse/devel .cvsignore, 1.5, 1.6 diffuse.spec, 1.5, 1.6 sources, 1.5, 1.6
- Next message (by thread): rpms/setroubleshoot-plugins/devel .cvsignore, 1.36, 1.37 setroubleshoot-plugins.spec, 1.41, 1.42 sources, 1.37, 1.38
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list