From patchwork Mon Aug 22 20:23:00 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gary Tierney X-Patchwork-Id: 9294363 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 19BC2607F0 for ; Mon, 22 Aug 2016 20:31:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 09CD728AA3 for ; Mon, 22 Aug 2016 20:31:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id F300F28AA7; Mon, 22 Aug 2016 20:31:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (smtp.nsa.gov [8.44.101.8]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3DCB228AA3 for ; Mon, 22 Aug 2016 20:31:08 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.28,561,1464652800"; d="scan'208";a="16825871" IronPort-PHdr: =?us-ascii?q?9a23=3AHe57RhDWL/N/6/wJW14DUyQJP3N1i/DPJgcQr6Af?= =?us-ascii?q?oPdwSP78pMbcNUDSrc9gkEXOFd2CrakV0qyN6eu+BSRAuc/H6yFaNsQUFlcsso?= =?us-ascii?q?Y/p0QYGsmLCEn2frbBThcRO4B8bmJj5GyxKkNPGczzNBX4q3y26iMOSF2kbVIm?= =?us-ascii?q?btr8FoOatcmrzef6o8SVOFQRwmHnKu0uZFXu9EOK55FQ2dMjYo8KiTLx6kNSfO?= =?us-ascii?q?pXwW46bXmypD3bovmKwZh47i5LsOgg/cMTGY/zfqA/UKAKRG9+azN92dfv/SXn?= =?us-ascii?q?YUPPoyJEEzZerh0dGAXB7RfnTr/toyD6sax7wyDcMsroHp4uXjH3wK5xWVfUiS?= =?us-ascii?q?odMTMouDXYg9Zhyr5arQinqg1XzIvEJoqSMawtLevmYdoGSD8ZDY5qXCtbD9b5?= =?us-ascii?q?NtMC?= X-IPAS-Result: =?us-ascii?q?A2GJBADsX7tX/wHyM5BdGgEBAQGDJoFSuXkjh21MAQEBAQE?= =?us-ascii?q?BAQIBAlsngjIEAxGCFQIEAQIkExQgDgMJAQEXCCEICAMBLQsKEQ4LBRgEh3UBG?= =?us-ascii?q?gSiI5cTAYUWHoYNiF8RAWiFDwWOH4spgWSNPYluhWCQN1SCRYE2b4VFgTYBAQE?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 22 Aug 2016 20:29:39 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7MKTY4T013943; Mon, 22 Aug 2016 16:29:36 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u7MKQjWX104770 for ; Mon, 22 Aug 2016 16:26:45 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7MKQiak013026 for ; Mon, 22 Aug 2016 16:26:44 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1CvAwABX7tXhxMP49RdGwEBAYR4pFIEkSGEDIYdAoFnTAEBAQEBAQECEwEBAQgNCQkZhQ4CAQMnYiAxPBsZiBYBHqIilxEBhGUxHoYNiVmFDwWOH4spgWSNPY9OkDeCdyKBNm+GewEBAQ X-IPAS-Result: A1CvAwABX7tXhxMP49RdGwEBAYR4pFIEkSGEDIYdAoFnTAEBAQEBAQECEwEBAQgNCQkZhQ4CAQMnYiAxPBsZiBYBHqIilxEBhGUxHoYNiVmFDwWOH4spgWSNPY9OkDeCdyKBNm+GewEBAQ X-IronPort-AV: E=Sophos;i="5.28,561,1464667200"; d="scan'208";a="5658641" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 22 Aug 2016 16:26:44 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3A70mRyRcPlH5I87nPPdOvIAHTlGMj4u6mDksu8pMi?= =?us-ascii?q?zoh2WeGdxc6/bB7h7PlgxGXEQZ/co6odzbGH6ua7Aydevd7B6ClEK80UEUddyI?= =?us-ascii?q?0/pE8JOIa9E0r1LfrnPWQRPf9pcxtbxUy9KlVfA83kZlff8TWY5D8WHQjjZ0Iu?= =?us-ascii?q?frymUrDbg8n/7e2u4ZqbO1wO32vkJ+goZ0vq5UWJ749N0NMkcv5wgjLy4VJwM9?= =?us-ascii?q?xMwm1pIV/B1z3d3eyXuKBZziJLpvg6/NRBW6ipN44xTLhfESh0ezttvJ6j5lH/?= =?us-ascii?q?Sl6U638dVHgGugZZCAjCqhfhV9H+tTWpmPB63Xy1NNfnBYw1VC6k4rYjHBDhkj?= =?us-ascii?q?ZBKz806mfam+R/ibIdqxWk8U8si7XIaZ2YYaItNpjWeskXEDJM?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0GLAgABX7tXhxMP49RdHAEBvnuGHQKBZ?= =?us-ascii?q?0wBAQEBAQEBAgECEAEBAQgNCQkZL4IyFoIXAgEDgQkgMTwbGYgWAR6iIpcRAYU?= =?us-ascii?q?WHoYNjmgFjh+LKYFkjT2PTpA3gncigTaHagEBAQ?= X-IPAS-Result: =?us-ascii?q?A0GLAgABX7tXhxMP49RdHAEBvnuGHQKBZ0wBAQEBAQEBAgE?= =?us-ascii?q?CEAEBAQgNCQkZL4IyFoIXAgEDgQkgMTwbGYgWAR6iIpcRAYUWHoYNjmgFjh+LK?= =?us-ascii?q?YFkjT2PTpA3gncigTaHagEBAQ?= X-IronPort-AV: E=Sophos;i="5.28,561,1464652800"; d="scan'208";a="18659376" Received: from mout.gmx.net ([212.227.15.19]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Aug 2016 20:23:11 +0000 Received: from home ([79.71.36.116]) by mail.gmx.com (mrgmx003) with ESMTPA (Nemesis) id 0M6Ana-1bDDvj1xve-00yAHY for ; Mon, 22 Aug 2016 22:23:09 +0200 From: Gary Tierney To: selinux@tycho.nsa.gov Subject: [PATCH 1/2] genhomedircon: generate contexts for logins mapped to the default user Date: Mon, 22 Aug 2016 21:23:00 +0100 Message-Id: <1471897381-21216-2-git-send-email-gary.tierney@gmx.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1471897381-21216-1-git-send-email-gary.tierney@gmx.com> References: <1471897381-21216-1-git-send-email-gary.tierney@gmx.com> X-Provags-ID: V03:K0:2FwIp6TPbGfaEZDXgGYMwlnfGKEqWYDvREQl3NwbJSRji45dEPN 8i3LclkknkoKMGsw7TF650d2VvnTQJyEj4q2FZFwV414lW9Z9nkP1AyTon8nvdRdLwhfaIy PyvnfXE43P1/smDwNeGzrB5YjIVt3rc90iwvN4ctPyYOYl9mBqR+O3Nj6ORDGvwBbZCFun3 abDjM6i2wqTLnIs/1uYrg== X-UI-Out-Filterresults: notjunk:1; V01:K0:IdqW6bYiQXg=:Xu1aSF3SE1qWGAghDtdaV2 0ZqDaOrEM3Q5nvxfQSEkIUoDBQidgmjv3fBefh08m9FKrnaQs9uetooeX+YduJQx+l1UzW2kA VxmyQE4d7/IoEVL/GoNIvK74qVFWCzrh4cREUAKaenAC1GzBn7G539GfUr+h2BJr0P+yKexHz bE+3pihHaUx4XvfsEvvxat0KWeJ5lStv3EcF0pu/XSTgi/khRTM5vutDDnzPPn1e/oW0frKcV 03U593SC37SDU9fEPSsp2D0++sNaQ79/Sui4oZXz4T0mW0f3TR4AwF6e0xCtGlMjT8+8T98vb rj/snCPLAOJ9gC3HyEviU7YkhBgTEd76ic6ZsZVWKmXe9VZN0uqZ84jvni8kxtN1ONppWGwv+ M3wUpXkpC27RwdNQoBCQb0k3mPsPvnqLvWYQtdtPvbXpEf3NU55UjPzzoASVnbKIDT4NPg1z7 Tx2zHEpy4Gb/svrffbiVQkSBNlp/KOJJGOLBiEOPj7wXLYLRtfap0wMapfMhDCn82sQ5a5SV9 +Oe90vyQkpBqDw/PVYPUlFr0JXdH2eZN9zuJZN6CAaCPk4uv1kHuca2t8H9dmN1RsB1Duf/MY Bw1hiVrQF20HjmCDrj+kE46K5Pv57hYgTPzlcNKTbTZkLCn5Xqp8dVbXtULbDkq0Da6xXYO7M G27ZtDQ7VQ+DVsgnjOxUKAIP8JM7cjcpj8tL21y519U3Qzk7WN4twR6BL+PFZPi4AFbbabax1 qNpIlxZcbSE5LlrF1qwAOldkFmXPV8zS1C7IaV0mcIl6j/OKXfxWE3nicS4= X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Gary Tierney Removes a test in get_users() which excludes any logins that are explicitly mapped to the default user from file context generation, which results in logins mapped to the fallback user with home directories outside of LU_HOMEDIRECTORY (in the absence of usepasswd=True) having no matching file_contexts.homedirs entries. Signed-off-by: Gary Tierney --- libsemanage/src/genhomedircon.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index c5ea436..698b907 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -853,9 +853,6 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, seuname = semanage_seuser_get_sename(seuser_list[i]); name = semanage_seuser_get_name(seuser_list[i]); - if (strcmp(name,"root") && strcmp(seuname, s->fallback->sename) == 0) - continue; - if (strcmp(name, DEFAULT_LOGIN) == 0) continue;