[Libguestfs] [PATCH V3] NEW API: add a new api restorecon
Daniel J Walsh
dwalsh at redhat.com
Fri Oct 26 13:57:13 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/25/2012 09:47 PM, Wanlong Gao wrote:
> On 10/25/2012 02:14 AM, Daniel J Walsh wrote: On 10/24/2012 11:42 AM,
> Richard W.M. Jones wrote:
>>>> Dan & Dan,
>>>>
>>>> Any comments on the design of this restorecon interface? As
>>>> implemented here, it is merely a simple encoding of the restorecon
>>>> command line tool and arguments.
>>>>
>>>> My main worry is that it'll use the wrong policy file, or perhaps no
>>>> policy file, or if SELinux isn't enabled properly it'll end up
>>>> destroying labels instead of setting them.
>>>>
>>>> Also I've no idea if it's legit to run restorecon on a filesystem
>>>> from one guest, using the restorecon command from another system (the
>>>> host in this case).
>>>>
>>>> Rich.
>>>>
> The restorecon inside the guest will attempt to read
> /etc/selinux/context/POLICYTYPE/files/file_context If it exists.
>
>> So, Rich, we have some problems here?
>
>> Thanks, Wanlong Gao
>
>
> - From restorecons point of view does this file exists? And is it in the
> container.
>
> Also restorecon will only work if it thinks SELinux is enabled and the
> kernel undestands the labels. If from the restorecon point of view SELinux
> is not enabled or /proc/fs/selinux points to the hosts /proc/fs/selinux
> then there is a chance that the host will reject labels in the guest.
>
> If you want to fix labels in a guest where the process thinks SELinux is
> disabled, then setfiles would be a better tool.
>
>
>>>> On Wed, Oct 24, 2012 at 10:00:53PM +0800, Wanlong Gao wrote:
>>>>> Add a new api restorecon to restore file(s) default SELinux
>>>>> security contexts.
>>>>>
>>>>> Signed-off-by: Wanlong Gao <gaowanlong at cn.fujitsu.com> ---
>>>>> daemon/selinux.c | 52
>>>>> ++++++++++++++++++++++++++++++++++++++++++++++++++++
>>>>> generator/actions.ml | 26 ++++++++++++++++++++++++++
>>>>> gobject/Makefile.inc | 6 ++++-- po/POTFILES | 1 +
>>>>> src/MAX_PROC_NR | 2 +- 5 files changed, 84 insertions(+), 3
>>>>> deletions(-)
>>>>>
>>>>> diff --git a/daemon/selinux.c b/daemon/selinux.c index
>>>>> 40590e1..f5e8cb2 100644 --- a/daemon/selinux.c +++
>>>>> b/daemon/selinux.c @@ -31,6 +31,10 @@ #include "actions.h" #include
>>>>> "optgroups.h"
>>>>>
>>>>> +#define MAX_ARGS 128 + +GUESTFSD_EXT_CMD(str_restorecon,
>>>>> restorecon); + #if defined(HAVE_LIBSELINUX)
>>>>>
>>>>> int @@ -106,3 +110,51 @@ do_getcon (void) }
>>>>>
>>>>> #endif /* !HAVE_LIBSELINUX */ + +int +do_restorecon (const char
>>>>> *pathname, + const char *labelprefix, +
>>>>> int recursion, + int force) +{ + int r; + size_t i
>>>>> = 0; + char *buf; + char *err; + const char *argv[MAX_ARGS]; + +
>>>>> buf = sysroot_path (pathname); + if (!buf) { +
>>>>> reply_with_error ("malloc"); + return -1; + } + + ADD_ARG
>>>>> (argv, i, str_restorecon); + + if (optargs_bitmask &
>>>>> GUESTFS_RESTORECON_LABELPREFIX_BITMASK) { + ADD_ARG (argv, i,
>>>>> "-L"); + ADD_ARG (argv, i, labelprefix); + } + + if
>>>>> (optargs_bitmask & GUESTFS_RESTORECON_RECURSION_BITMASK) + if
>>>>> (recursion) + ADD_ARG (argv, i, "-R"); + + if
>>>>> (optargs_bitmask & GUESTFS_RESTORECON_FORCE_BITMASK) + if
>>>>> (force) + ADD_ARG (argv, i, "-F"); + + ADD_ARG (argv, i,
>>>>> buf); + ADD_ARG (argv, i, NULL); + + r = commandv (NULL, &err,
>>>>> argv); + free (buf); + if (r == -1) { + reply_with_error ("%s:
>>>>> %s", pathname, err); + free (err); + return -1; + } + +
>>>>> free (err); + return 0; +} diff --git a/generator/actions.ml
>>>>> b/generator/actions.ml index 71aee37..786c229 100644 ---
>>>>> a/generator/actions.ml +++ b/generator/actions.ml @@ -10241,6
>>>>> +10241,32 @@ If the optional C<suffix> parameter is given, then
>>>>> the suffix
>>>>>
>>>>> See also: C<guestfs_mkdtemp>." };
>>>>>
>>>>> + { defaults with + name = "restorecon"; + style = RErr,
>>>>> [Pathname "pathname"], [OString "labelprefix"; OBool "recursion";
>>>>> OBool "force"]; + proc_nr = Some 374; + optional = Some
>>>>> "selinux"; + tests = [ + InitScratchFS, IfAvailable "selinux",
>>>>> TestRun ( + [["mkdir"; "/a"]; + ["mkdir"; "/a/b"]; +
>>>>> ["touch"; "/a/b/c"]; + ["mkdir"; "/a/d"]; + ["touch";
>>>>> "/a/d/e"]; + ["restorecon"; "/a"; "NOARG"; "true"; "true"]]) +
>>>>> ]; + shortdesc = "restore file(s) default SELinux security
>>>>> contexts"; + longdesc = "\ +This program is primarily used to
>>>>> reset the security context (type) +(extended attributes) on one or
>>>>> more files. + +It can be run at any time to correct errors, to add
>>>>> support for new policy. + +If a file object does not have a
>>>>> context, restorecon will write the default +context to the file
>>>>> object's extended attributes. If a file object has a +context,
>>>>> C<restorecon> will only modify the type portion of the security
>>>>> +context. The C<force> option will force a replacement of the
>>>>> entire context."}; + ]
>>>>>
>>>>> (* Non-API meta-commands available only in guestfish. diff --git
>>>>> a/gobject/Makefile.inc b/gobject/Makefile.inc index
>>>>> 95a4b6b..7451d8e 100644 --- a/gobject/Makefile.inc +++
>>>>> b/gobject/Makefile.inc @@ -82,7 +82,8 @@ guestfs_gobject_headers= \
>>>>> include/guestfs-gobject/optargs-hivex_open.h \
>>>>> include/guestfs-gobject/optargs-xfs_repair.h \
>>>>> include/guestfs-gobject/optargs-mke2fs.h \ -
>>>>> include/guestfs-gobject/optargs-mktemp.h +
>>>>> include/guestfs-gobject/optargs-mktemp.h \ +
>>>>> include/guestfs-gobject/optargs-restorecon.h
>>>>>
>>>>> guestfs_gobject_sources= \ src/session.c \ @@ -146,4 +147,5 @@
>>>>> guestfs_gobject_sources= \ src/optargs-hivex_open.c \
>>>>> src/optargs-xfs_repair.c \ src/optargs-mke2fs.c \ -
>>>>> src/optargs-mktemp.c + src/optargs-mktemp.c \ +
>>>>> src/optargs-restorecon.c diff --git a/po/POTFILES b/po/POTFILES
>>>>> index a73377d..8d6656b 100644 --- a/po/POTFILES +++ b/po/POTFILES
>>>>> @@ -167,6 +167,7 @@ gobject/src/optargs-mount_local.c
>>>>> gobject/src/optargs-ntfsclone_out.c gobject/src/optargs-ntfsfix.c
>>>>> gobject/src/optargs-ntfsresize.c +gobject/src/optargs-restorecon.c
>>>>> gobject/src/optargs-rsync.c gobject/src/optargs-rsync_in.c
>>>>> gobject/src/optargs-rsync_out.c diff --git a/src/MAX_PROC_NR
>>>>> b/src/MAX_PROC_NR index a5c3fde..38a45c3 100644 ---
>>>>> a/src/MAX_PROC_NR +++ b/src/MAX_PROC_NR @@ -1 +1 @@ -373 +374 --
>>>>> 1.8.0
>
>>
>
BTW It is fairly easy to add C Code to do the labeling here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlCKlrgACgkQrlYvE4MpobNY6ACgoYJRoSP7c4Jpe4FJynwPGfhA
lO4An003i3sFF8w5RjXxsi7GUTzgSy5/
=veTC
-----END PGP SIGNATURE-----
More information about the Libguestfs
mailing list