Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2709] trunk/policycoreutils/newrole/newrole.c
|
From: <ssm...@us...> - 2007-12-21 16:49:26
|
Revision: 2709
http://selinux.svn.sourceforge.net/selinux/?rev=2709&view=rev
Author: ssmalley
Date: 2007-12-21 08:47:34 -0800 (Fri, 21 Dec 2007)
Log Message:
-----------
Author: "Reed, Tim \(US SSA\)"
Email: tim...@ba...
Subject: RE: newrole in the background
Date: Mon, 17 Dec 2007 12:40:13 -0800
Lets try this again....Patch Try #3
[allow newrole to be used non-interactively for command invocation
when configured to permit unauthenticated use]
Modified Paths:
--------------
trunk/policycoreutils/newrole/newrole.c
Modified: trunk/policycoreutils/newrole/newrole.c
===================================================================
--- trunk/policycoreutils/newrole/newrole.c 2007-12-14 15:38:00 UTC (rev 2708)
+++ trunk/policycoreutils/newrole/newrole.c 2007-12-21 16:47:34 UTC (rev 2709)
@@ -180,22 +180,24 @@
* program. This is the only function in this program that makes PAM
* calls.
*/
-int authenticate_via_pam(const char *ttyn, pam_handle_t *pam_handle)
+int authenticate_via_pam(const char *ttyn, pam_handle_t * pam_handle)
{
int result = 0; /* set to 0 (not authenticated) by default */
int pam_rc; /* pam return code */
const char *tty_name;
- if (strncmp(ttyn, "/dev/", 5) == 0)
- tty_name = ttyn + 5;
- else
- tty_name = ttyn;
+ if (ttyn) {
+ if (strncmp(ttyn, "/dev/", 5) == 0)
+ tty_name = ttyn + 5;
+ else
+ tty_name = ttyn;
- pam_rc = pam_set_item(pam_handle, PAM_TTY, tty_name);
- if (pam_rc != PAM_SUCCESS) {
- fprintf(stderr, _("failed to set PAM_TTY\n"));
- goto out;
+ pam_rc = pam_set_item(pam_handle, PAM_TTY, tty_name);
+ if (pam_rc != PAM_SUCCESS) {
+ fprintf(stderr, _("failed to set PAM_TTY\n"));
+ goto out;
+ }
}
/* Ask PAM to authenticate the user running this program */
@@ -216,8 +218,8 @@
#include "hashtab.h"
-static int free_hashtab_entry(hashtab_key_t key, hashtab_datum_t d,
- void *args __attribute__ ((unused)) )
+static int free_hashtab_entry(hashtab_key_t key, hashtab_datum_t d,
+ void *args __attribute__ ((unused)))
{
free(key);
free(d);
@@ -281,7 +283,8 @@
ret = hashtab_insert(app_service_names, app, service);
if (ret == HASHTAB_OVERFLOW) {
fprintf(stderr,
- _("newrole: service name configuration hashtable overflow\n"));
+ _
+ ("newrole: service name configuration hashtable overflow\n"));
goto err;
}
}
@@ -291,7 +294,8 @@
err:
free(app);
free(service);
- fprintf(stderr, _("newrole: %s: error on line %lu.\n"), config_file_path, lineno);
+ fprintf(stderr, _("newrole: %s: error on line %lu.\n"),
+ config_file_path, lineno);
free(line_buf);
return -1;
}
@@ -357,7 +361,7 @@
endspent();
if (!(p_shadow_line)) {
fprintf(stderr, _("Cannot find your entry in the shadow "
- "passwd file.\n"));
+ "passwd file.\n"));
return 0;
}
@@ -384,7 +388,7 @@
int found = 0;
const char *buf;
- if (! (shell_name && shell_name[0]))
+ if (!(shell_name && shell_name[0]))
return found;
while ((buf = getusershell()) != NULL) {
@@ -439,7 +443,7 @@
pw->pw_dir = strdup(pw->pw_dir);
pw->pw_shell = strdup(pw->pw_shell);
- if (! (pw->pw_name && pw->pw_dir && pw->pw_shell)) {
+ if (!(pw->pw_name && pw->pw_dir && pw->pw_shell)) {
fprintf(stderr, _("Out of memory!\n"));
goto out_free;
}
@@ -450,7 +454,7 @@
}
return 0;
-out_free:
+ out_free:
free(pw->pw_name);
free(pw->pw_dir);
free(pw->pw_shell);
@@ -473,8 +477,8 @@
char const *term_env;
char const *display_env;
char const *xauthority_env;
- char *term = NULL; /* temporary container */
- char *display = NULL; /* temporary container */
+ char *term = NULL; /* temporary container */
+ char *display = NULL; /* temporary container */
char *xauthority = NULL; /* temporary container */
int rc;
@@ -495,7 +499,7 @@
if (xauthority_env)
xauthority = strdup(xauthority_env);
if ((term_env && !term) || (display_env && !display) ||
- (xauthority_env && !xauthority)) {
+ (xauthority_env && !xauthority)) {
rc = -1;
goto out;
}
@@ -518,7 +522,7 @@
rc |= setenv("USER", pw->pw_name, 1);
rc |= setenv("LOGNAME", pw->pw_name, 1);
rc |= setenv("PATH", DEFAULT_PATH, 1);
-out:
+ out:
free(term);
free(display);
free(xauthority);
@@ -593,7 +597,7 @@
_("Error dropping SETUID capability, aborting\n"));
goto out;
}
-out:
+ out:
if (cap_free(tmp_caps) || cap_free(new_caps))
fprintf(stderr, _("Error freeing caps\n"));
return rc;
@@ -617,8 +621,9 @@
int rc = 0;
cap_t new_caps;
cap_value_t cap_list[] = { CAP_AUDIT_WRITE, CAP_SETUID,
- CAP_SYS_ADMIN, CAP_FOWNER, CAP_CHOWN,
- CAP_DAC_OVERRIDE };
+ CAP_SYS_ADMIN, CAP_FOWNER, CAP_CHOWN,
+ CAP_DAC_OVERRIDE
+ };
if (!getuid())
return 0;
@@ -647,7 +652,7 @@
fprintf(stderr, _("Error dropping capabilities, aborting\n"));
goto out;
}
-out:
+ out:
if (cap_free(new_caps))
fprintf(stderr, _("Error freeing caps\n"));
return rc;
@@ -738,21 +743,24 @@
* in permissive mode.
*/
static int relabel_tty(const char *ttyn, security_context_t new_context,
- security_context_t *tty_context,
- security_context_t *new_tty_context)
+ security_context_t * tty_context,
+ security_context_t * new_tty_context)
{
int fd;
int enforcing = security_getenforce();
security_context_t tty_con = NULL;
security_context_t new_tty_con = NULL;
+ if (!ttyn)
+ return 0;
+
if (enforcing < 0) {
fprintf(stderr, _("Could not determine enforcing mode.\n"));
return -1;
}
/* Re-open TTY descriptor */
- fd = open(ttyn, O_RDWR|O_NONBLOCK);
+ fd = open(ttyn, O_RDWR | O_NONBLOCK);
if (fd < 0) {
fprintf(stderr, _("Error! Could not open %s.\n"), ttyn);
return fd;
@@ -761,7 +769,7 @@
if (fgetfilecon(fd, &tty_con) < 0) {
fprintf(stderr, _("%s! Could not get current context "
- "for %s, not relabeling tty.\n"),
+ "for %s, not relabeling tty.\n"),
enforcing ? "Error" : "Warning", ttyn);
if (enforcing)
goto close_fd;
@@ -770,8 +778,8 @@
if (tty_con &&
(security_compute_relabel(new_context, tty_con,
SECCLASS_CHR_FILE, &new_tty_con) < 0)) {
- fprintf(stderr, _("%s! Could not get new context for %s, "
- "not relabeling tty.\n"),
+ fprintf(stderr, _("%s! Could not get new context for %s, "
+ "not relabeling tty.\n"),
enforcing ? "Error" : "Warning", ttyn);
if (enforcing)
goto close_fd;
@@ -792,7 +800,7 @@
*new_tty_context = new_tty_con;
return fd;
-close_fd:
+ close_fd:
freecon(tty_con);
close(fd);
return -1;
@@ -814,6 +822,9 @@
int rc = 0;
security_context_t chk_tty_context = NULL;
+ if (!ttyn)
+ goto skip_relabel;
+
if (!new_tty_context)
goto skip_relabel;
@@ -831,7 +842,7 @@
if ((rc = fsetfilecon(fd, tty_context)) < 0)
fprintf(stderr,
_("Warning! Could not restore context for %s\n"), ttyn);
-skip_relabel:
+ skip_relabel:
freecon(chk_tty_context);
return rc;
}
@@ -847,7 +858,7 @@
*/
static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
security_context_t old_context,
- security_context_t *new_context,
+ security_context_t * new_context,
int *preserve_environment)
{
int flag_index; /* flag index in argv[] */
@@ -859,7 +870,7 @@
char *range_ptr = NULL;
security_context_t new_con = NULL;
security_context_t tty_con = NULL;
- context_t context = NULL; /* manipulatable form of new_context */
+ context_t context = NULL; /* manipulatable form of new_context */
const struct option long_options[] = {
{"role", 1, 0, 'r'},
{"type", 1, 0, 't'},
@@ -903,21 +914,26 @@
case 'l':
if (!is_selinux_mls_enabled()) {
fprintf(stderr, _("Sorry, -l may be used with "
- "SELinux MLS support.\n"));
+ "SELinux MLS support.\n"));
return -1;
}
if (level_s) {
fprintf(stderr, _("Error: multiple levels "
- "specified\n"));
+ "specified\n"));
return -1;
}
- if (fgetfilecon(0,&tty_con) >= 0) {
- if (selinux_check_securetty_context(tty_con) < 0) {
- fprintf(stderr, _("Error: you are not allowed to change levels on a non secure terminal\n"));
+ if (ttyn) {
+ if (fgetfilecon(STDIN_FILENO, &tty_con) >= 0) {
+ if (selinux_check_securetty_context
+ (tty_con) < 0) {
+ fprintf(stderr,
+ _
+ ("Error: you are not allowed to change levels on a non secure terminal \n"));
+ freecon(tty_con);
+ return -1;
+ }
freecon(tty_con);
- return -1;
}
- freecon(tty_con);
}
level_s = optarg;
@@ -936,7 +952,7 @@
/* Fill in a default type if one hasn't been specified. */
if (role_s && !type_s) {
- /* get_default_type() returns malloc'd memory */
+ /* get_default_type() returns malloc'd memory */
if (get_default_type(role_s, &type_ptr)) {
fprintf(stderr, _("Couldn't get default type.\n"));
send_audit_message(0, old_context, new_con, ttyn);
@@ -968,7 +984,8 @@
}
if (level_s) {
- range_ptr = build_new_range(level_s,context_range_get(context));
+ range_ptr =
+ build_new_range(level_s, context_range_get(context));
if (!range_ptr) {
fprintf(stderr,
_("failed to build new range with level %s\n"),
@@ -1005,7 +1022,7 @@
context_free(context);
return 0;
-err_free:
+ err_free:
free(type_ptr);
free(range_ptr);
/* Don't free new_con, context_free(context) handles this */
@@ -1048,7 +1065,7 @@
security_context_t new_context = NULL; /* target security context */
security_context_t old_context = NULL; /* original securiy context */
security_context_t tty_context = NULL; /* current context of tty */
- security_context_t new_tty_context = NULL; /* new context of tty */
+ security_context_t new_tty_context = NULL; /* new context of tty */
struct passwd pw; /* struct derived from passwd file line */
char *ttyn = NULL; /* tty path */
@@ -1062,8 +1079,8 @@
#ifdef USE_PAM
int rc;
- int pam_status; /* pam return code */
- pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */
+ int pam_status; /* pam return code */
+ pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */
/* This is a jump table of functions for PAM to use when it wants to *
* communicate with the user. We'll be using misc_conv(), which is *
@@ -1097,7 +1114,7 @@
if (!is_selinux_enabled()) {
fprintf(stderr, _("Sorry, newrole may be used only on "
- "a SELinux kernel.\n"));
+ "a SELinux kernel.\n"));
return -1;
}
@@ -1117,11 +1134,10 @@
return -1;
}
- ttyn = ttyname(0);
+ ttyn = ttyname(STDIN_FILENO);
if (!ttyn || *ttyn == '\0') {
fprintf(stderr,
- _("Error! Could not retrieve tty information.\n"));
- return -1;
+ _("Warning! Could not retrieve tty information.\n"));
}
if (parse_command_line_arguments(argc, argv, ttyn, old_context,
@@ -1141,7 +1157,8 @@
#ifdef USE_PAM
if (read_pam_config()) {
- fprintf(stderr, _("error on reading PAM service configuration.\n"));
+ fprintf(stderr,
+ _("error on reading PAM service configuration.\n"));
goto err_free;
}
@@ -1240,7 +1257,7 @@
}
#ifdef USE_PAM
#ifdef NAMESPACE_PRIV
- pam_status = pam_close_session(pam_handle,0);
+ pam_status = pam_close_session(pam_handle, 0);
if (pam_status != PAM_SUCCESS) {
fprintf(stderr, "pam_close_session failed with %s\n",
pam_strerror(pam_handle, pam_status));
@@ -1265,23 +1282,25 @@
/* CHILD */
/* Close the tty and reopen descriptors 0 through 2 */
- if (close(fd) || close(0) || close(1) || close(2)) {
- fprintf(stderr, _("Could not close descriptors.\n"));
- goto err_close_pam;
+ if (ttyn) {
+ if (close(fd) || close(0) || close(1) || close(2)) {
+ fprintf(stderr, _("Could not close descriptors.\n"));
+ goto err_close_pam;
+ }
+ fd = open(ttyn, O_RDONLY | O_NONBLOCK);
+ if (fd != 0)
+ goto err_close_pam;
+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ fd = open(ttyn, O_RDWR | O_NONBLOCK);
+ if (fd != 1)
+ goto err_close_pam;
+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ fd = open(ttyn, O_RDWR | O_NONBLOCK);
+ if (fd != 2)
+ goto err_close_pam;
+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+
}
- fd = open(ttyn, O_RDONLY|O_NONBLOCK);
- if (fd != 0)
- goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
- fd = open(ttyn, O_RDWR|O_NONBLOCK);
- if (fd != 1)
- goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
- fd = open(ttyn, O_RDWR|O_NONBLOCK);
- if (fd != 2)
- goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
-
/*
* Step 5: Execute a new shell with the new context in `new_context'.
*
@@ -1296,17 +1315,16 @@
shell_argv0 = NULL;
goto err_close_pam;
}
- argv[optind-1] = shell_argv0;
+ argv[optind - 1] = shell_argv0;
if (setexeccon(new_context)) {
fprintf(stderr, _("Could not set exec context to %s.\n"),
new_context);
goto err_close_pam;
}
-
#ifdef NAMESPACE_PRIV
/* Ask PAM to setup session for user running this program */
- pam_status = pam_open_session(pam_handle,0);
+ pam_status = pam_open_session(pam_handle, 0);
if (pam_status != PAM_SUCCESS) {
fprintf(stderr, "pam_open_session failed with %s\n",
pam_strerror(pam_handle, pam_status));
@@ -1326,7 +1344,7 @@
/* Handle environment changes */
if (restore_environment(preserve_environment, old_environ, &pw)) {
fprintf(stderr, _("Unable to restore the environment, "
- "aborting\n"));
+ "aborting\n"));
goto err_close_pam_session;
}
execv(pw.pw_shell, argv + optind - 1);
@@ -1337,21 +1355,21 @@
* If we reach here, then we failed to exec the new shell.
*/
perror(_("failed to exec shell\n"));
-err_close_pam_session:
+ err_close_pam_session:
#ifdef NAMESPACE_PRIV
- pam_status = pam_close_session(pam_handle,0);
- if(pam_status != PAM_SUCCESS)
+ pam_status = pam_close_session(pam_handle, 0);
+ if (pam_status != PAM_SUCCESS)
fprintf(stderr, "pam_close_session failed with %s\n",
pam_strerror(pam_handle, pam_status));
#endif
-err_close_pam:
+ err_close_pam:
#ifdef USE_PAM
rc = pam_end(pam_handle, pam_status);
if (rc != PAM_SUCCESS)
fprintf(stderr, "pam_end failed with %s\n",
pam_strerror(pam_handle, rc));
#endif
-err_free:
+ err_free:
freecon(tty_context);
freecon(new_tty_context);
freecon(old_context);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
