From patchwork Sat Apr 23 06:04:56 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Zaman X-Patchwork-Id: 8916931 Return-Path: X-Original-To: patchwork-selinux@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id E836C9F1C1 for ; Sat, 23 Apr 2016 06:10:16 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 1F47420254 for ; Sat, 23 Apr 2016 06:10:16 +0000 (UTC) Received: from emvm-gh1-uea09.nsa.gov (smtp.nsa.gov [8.44.101.9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A872D20225 for ; Sat, 23 Apr 2016 06:10:14 +0000 (UTC) X-TM-IMSS-Message-ID: Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS SMTP Service 7.1) id b0b0003f00006453 ; Sat, 23 Apr 2016 02:07:46 -0400 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3N68Ceq007968; Sat, 23 Apr 2016 02:08:12 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u3N65eIS117838 for ; Sat, 23 Apr 2016 02:05:40 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3N65XAI007368 for ; Sat, 23 Apr 2016 02:05:40 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0CzBACSDxtX/yQp0Apegw2Be7d2gmqBIAgXhGcBgQ8CgW4BAQEBAQFmJ4RCAQEBAxIVGQEBNwEPUTQBBQEcGSKICAGgd4ExPjGKT4UoAQSMSQEBAQEBAQQCARcGCoQNjVwLQIJDjVhziUmOFmOIRoVlRY0sMIEOYoF4DRuBWF8BiHoBAQE X-IPAS-Result: A0CzBACSDxtX/yQp0Apegw2Be7d2gmqBIAgXhGcBgQ8CgW4BAQEBAQFmJ4RCAQEBAxIVGQEBNwEPUTQBBQEcGSKICAGgd4ExPjGKT4UoAQSMSQEBAQEBAQQCARcGCoQNjVwLQIJDjVhziUmOFmOIRoVlRY0sMIEOYoF4DRuBWF8BiHoBAQE X-IronPort-AV: E=Sophos;i="5.24,520,1454994000"; d="scan'208";a="5403916" Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov) ([10.208.41.36]) by goalie.tycho.ncsc.mil with ESMTP; 23 Apr 2016 02:05:39 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3AP9e2TR/TjbJK9v9uRHKM819IXTAuvvDOBiVQ1KB9?= =?us-ascii?q?0OIcTK2v8tzYMVDF4r011RmSDdWdtKsP2rqempujcFJDyK7JiGoFfp1IWk1Nou?= =?us-ascii?q?QttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXsq3G/pQQfBg/4fVIs?= =?us-ascii?q?YL+lSsiN1o/mh6ibwN76XUZhvHKFe7R8LRG7/036l/I9ps9cEJs30QbDuXBSeu?= =?us-ascii?q?5blitCLFOXmAvgtI/rpMYwu3cYh/V07MNEUKPnb4wkXLdYC3IgKGlz68r15jfZ?= =?us-ascii?q?Sg7axHIHVWNeoBNNCg6NuBPzRZD3mjP3rOR83iidO4v9SrViCmfq1LtiVBK90H?= =?us-ascii?q?RPDDU+6myC0sE=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1EQAQBwDxtXiMTAVdFegw2Be7d2gmqBI?= =?us-ascii?q?AgXgXaCcQGBDwKBbgEBAQEBAQICDwEBAQgLCwkfgl59Wz0BAQEDEhUZAQE3AQ9?= =?us-ascii?q?RNAEFARwZIogIAaB3gTE+MYpPhSgBBIxJAQEBAQEBBAIBFwYKhA2NXAtAgkONW?= =?us-ascii?q?HOJSY4WY4hGhWVFjSwwgQ6CWg0RCoFYXwGIegEBAQ?= X-IPAS-Result: =?us-ascii?q?A1EQAQBwDxtXiMTAVdFegw2Be7d2gmqBIAgXgXaCcQGBDwK?= =?us-ascii?q?BbgEBAQEBAQICDwEBAQgLCwkfgl59Wz0BAQEDEhUZAQE3AQ9RNAEFARwZIogIA?= =?us-ascii?q?aB3gTE+MYpPhSgBBIxJAQEBAQEBBAIBFwYKhA2NXAtAgkONWHOJSY4WY4hGhWV?= =?us-ascii?q?FjSwwgQ6CWg0RCoFYXwGIegEBAQ?= X-IronPort-AV: E=Sophos;i="5.24,520,1454976000"; d="scan'208";a="12950731" Received: from emvm-gh1-uea09.nsa.gov ([10.208.42.194]) by emsm-gh1-uea10.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 23 Apr 2016 06:05:39 +0000 X-TM-IMSS-Message-ID: Received: from mail-pf0-f196.google.com (mail-pf0-f196.google.com [209.85.192.196]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id b0ada15d00006430 ; Sat, 23 Apr 2016 02:05:10 -0400 Received: by mail-pf0-f196.google.com with SMTP id r187so11959288pfr.2 for ; Fri, 22 Apr 2016 23:05:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=perfinion-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jpKMZOccruv23wM8onjmpLNtOc/ZycvbvmtwJxIxYsM=; b=Wnl5EgWuzyu1bEBm8GK664g2exJwdiVUgB2i5oLxPEJjwleFcDt2qg2b2SKm352ST6 TFMwHF1SCoSXrYKtZ6n7glz45dpTVrMMYK/djgEPsPlCassovMfik4M0ZRXS0fiUP0BY 32OK3+hTVCqiRp/uKGUKMin7CsCNr9va8r9aEkOK76cBloivvyVYw6HDVrkmRqD4a0kN KGPj0XROa+/l78mu2R2aF/x+DW9x8orHmVBvW7OTYD9ZNBODoVGIO/GcFDeG+YyYHfAi /SxMsU3+CX3/rFu6FGJ9g80xpg7rFQTdr6JXn/a9sW5LLAgCrTUBUIJjGoS9Qv6iz8Cx 4IBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jpKMZOccruv23wM8onjmpLNtOc/ZycvbvmtwJxIxYsM=; b=ccNkSsBvuWcB8ngcdk11XToqKRun5tOkhFQK2bp5uZzTd/9dWeAfP28IYoJwZSJVR7 UwkYLfWfdI83dM/Kbr1GAWbec0CWDg/rHqjH0T2Ms8CBjaGeV4OyHYXt1dj0qozF5D5m 7chfGqqZTv5S5ircerZsbcM1/zJGd09GGC9y++rjjhNfd8EhdYNLm9wIHl9lf0jOFx76 UVce9xVhGFI7QstPEuhbHhbrRtk/cxkyHJU2GIz9rbnF6CAhw0C8IrjWc163OBnn6J02 iIPFlqmgL6nyCRKG+CJXcrkMVsUyTEfsA0X8zX53INqwJcqSRiTxVNcFuZM0KyX1uHaD 5mkw== X-Gm-Message-State: AOPr4FWnMuZ/J+RTFg8jRaT4ecYCd/eZTAL8ZdChclKvdN6hCKFSdVZw2+9ELxiwJwtLcQ== X-Received: by 10.98.24.88 with SMTP id 85mr802190pfy.52.1461391536933; Fri, 22 Apr 2016 23:05:36 -0700 (PDT) Received: from localhost ([2404:e800:e600:38b:b52d:863:7600:b418]) by smtp.gmail.com with ESMTPSA id 187sm12288733pff.66.2016.04.22.23.05.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Apr 2016 23:05:36 -0700 (PDT) From: Jason Zaman To: selinux@tycho.nsa.gov Subject: [PATCH v2 5/8] genhomedircon: Add uid and gid to struct user_entry Date: Sat, 23 Apr 2016 14:04:56 +0800 Message-Id: <1461391499-20593-6-git-send-email-jason@perfinion.com> X-Mailer: git-send-email 2.7.3 In-Reply-To: <1461391499-20593-1-git-send-email-jason@perfinion.com> References: <1460131535-15688-1-git-send-email-jason@perfinion.com> <1461391499-20593-1-git-send-email-jason@perfinion.com> X-TM-AS-MML: disable X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RP_MATCHES_RCVD, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Signed-off-by: Jason Zaman --- libsemanage/src/genhomedircon.c | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 1a7882c..56c58e0 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -82,10 +82,13 @@ #define FALLBACK_PREFIX "user" #define FALLBACK_LEVEL "s0" #define FALLBACK_NAME ".*" +#define FALLBACK_UIDGID "[0-9]+" #define DEFAULT_LOGIN "__default__" typedef struct user_entry { char *name; + char *uid; + char *gid; char *sename; char *prefix; char *home; @@ -628,11 +631,13 @@ static int name_user_cmp(char *key, semanage_user_t ** val) } static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n, - const char *sen, const char *pre, const char *h, - const char *l) + const char *u, const char *g, const char *sen, + const char *pre, const char *h, const char *l) { genhomedircon_user_entry_t *temp = NULL; char *name = NULL; + char *uid = NULL; + char *gid = NULL; char *sename = NULL; char *prefix = NULL; char *home = NULL; @@ -644,6 +649,12 @@ static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n, name = strdup(n); if (!name) goto cleanup; + uid = strdup(u); + if (!uid) + goto cleanup; + gid = strdup(g); + if (!gid) + goto cleanup; sename = strdup(sen); if (!sename) goto cleanup; @@ -658,6 +669,8 @@ static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n, goto cleanup; temp->name = name; + temp->uid = uid; + temp->gid = gid; temp->sename = sename; temp->prefix = prefix; temp->home = home; @@ -669,6 +682,8 @@ static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n, cleanup: free(name); + free(uid); + free(gid); free(sename); free(prefix); free(home); @@ -687,6 +702,8 @@ static void pop_user_entry(genhomedircon_user_entry_t ** list) temp = *list; *list = temp->next; free(temp->name); + free(temp->uid); + free(temp->gid); free(temp->sename); free(temp->prefix); free(temp->home); @@ -738,7 +755,8 @@ static int setup_fallback_user(genhomedircon_settings_t * s) level = FALLBACK_LEVEL; } - if (push_user_entry(&(s->fallback), FALLBACK_NAME, 0, 0, + if (push_user_entry(&(s->fallback), FALLBACK_NAME, + FALLBACK_UIDGID, FALLBACK_UIDGID, seuname, prefix, "", level) != 0) errors = STATUS_ERR; semanage_user_key_free(key); @@ -768,6 +786,8 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, const char *seuname = NULL; const char *prefix = NULL; const char *level = NULL; + char uid[10]; + char gid[10]; struct passwd pwstorage, *pwent = NULL; unsigned int i; long rbuflen; @@ -852,7 +872,13 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, } if (ignore(pwent->pw_dir)) continue; - if (push_user_entry(&head, name, seuname, + + if (snprintf(uid, sizeof(uid), "%d", pwent->pw_uid) < 0 + || snprintf(gid, sizeof(gid), "%d", pwent->pw_gid) < 0) { + *errors = STATUS_ERR; + goto cleanup; + } + if (push_user_entry(&head, name, uid, gid, seuname, prefix, pwent->pw_dir, level) != STATUS_SUCCESS) { *errors = STATUS_ERR; break;