From patchwork Wed Sep 27 08:16:44 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vit Mojzis <vmojzis@redhat.com>
X-Patchwork-Id: 9973383
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E703860365 for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 27 Sep 2017 08:19:19 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D7F8B285D9
	for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 27 Sep 2017 08:19:19 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id CC8BE29034; Wed, 27 Sep 2017 08:19:19 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from ucol19pa09.eemsg.mail.mil (ucol19pa09.eemsg.mail.mil
	[214.24.24.82])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4B353285D9
	for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 27 Sep 2017 08:19:18 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.42,444,1500940800"; d="scan'208";a="535625875"
Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3])
	by ucol19pa09.eemsg.mail.mil with ESMTP; 27 Sep 2017 08:19:18 +0000
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea11.NCSC.MIL with ESMTP; 27 Sep 2017 08:19:15 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v8R8JDvG015403;
	Wed, 27 Sep 2017 04:19:14 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	v8R8HEcY170612 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Wed, 27 Sep 2017 04:17:14 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v8R8HEnL014922
	for <selinux@tycho.nsa.gov>; Wed, 27 Sep 2017 04:17:14 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1DQAgB5XctZZCIYGNZbHAEBBAEBCgEBg?=
	=?us-ascii?q?zEoAyIBQW4njwmPCJozChMQhRgChFZXAQIBAQEBAQIEHBSFeAYnYlFXiHiBUgM?=
	=?us-ascii?q?NqjI6iwIBCyEFgyuCAoFRhmOBYYcmHwWhIIdejHINi0qHO5VHgTmBZVMlFYYYg?=
	=?us-ascii?q?VB0AYgqAQEB?=
X-IPAS-Result: =?us-ascii?q?A1DQAgB5XctZZCIYGNZbHAEBBAEBCgEBgzEoAyIBQW4njwm?=
	=?us-ascii?q?PCJozChMQhRgChFZXAQIBAQEBAQIEHBSFeAYnYlFXiHiBUgMNqjI6iwIBCyEFg?=
	=?us-ascii?q?yuCAoFRhmOBYYcmHwWhIIdejHINi0qHO5VHgTmBZVMlFYYYgVB0AYgqAQEB?=
X-IronPort-AV: E=Sophos;i="5.42,444,1500955200";
   d="scan'208";a="64936"
Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.35])
	by goalie.tycho.ncsc.mil with ESMTP; 27 Sep 2017 04:17:11 -0400
Received: from ucol19pa03.eemsg.mail.mil ([214.24.24.34])
	by emsm-gh1-uea11.NCSC.MIL with ESMTP; 27 Sep 2017 08:17:10 +0000
X-EEMSG-check-005: 0
X-EEMSG-check-006: 000-001;80157866-eb8d-4ec8-abb9-b3881b66033f
Authentication-Results: ucol19pa14.eemsg.mail.mil;
	dkim=neutral (message not signed) header.i=none
X-EEMSG-check-008: 525814003|UCOL19PA14_EEMSG_MP12.csd.disa.mil
X-EEMSG-check-001: false
X-EEMSG-SBRS: 3.5
X-EEMSG-ORIG-IP: 209.132.183.28
X-EEMSG-check-002: true
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A0BVAABYXMtZhxy3hNFbGwEBAQMBAQEJAQEBgzEoAWZuJ44VdI8ImCGCEgojhRgChFY/GAECAQEBAQEBARMBAQEKCwkIKC+FGQMDJ2JRV4h4gVIQqjI6iwIBCyEFgyuCAoFRhmOBYYcmHwWhIIdejHINi0qHO5VHgTkfgUZTJRWFc4F1PjYBiCoBAQE
X-IPAS-Result: 
 A0BVAABYXMtZhxy3hNFbGwEBAQMBAQEJAQEBgzEoAWZuJ44VdI8ImCGCEgojhRgChFY/GAECAQEBAQEBARMBAQEKCwkIKC+FGQMDJ2JRV4h4gVIQqjI6iwIBCyEFgyuCAoFRhmOBYYcmHwWhIIdejHINi0qHO5VHgTkfgUZTJRWFc4F1PjYBiCoBAQE
Received: from mx1.redhat.com ([209.132.183.28])
	by ucol19pa14.eemsg.mail.mil with ESMTP; 27 Sep 2017 08:17:09 +0000
Received: from smtp.corp.redhat.com
	(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B0765FED4
	for <selinux@tycho.nsa.gov>; Wed, 27 Sep 2017 08:17:07 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com B0765FED4
Received: from Thinkpad_450.redhat.com (unknown [10.40.205.5])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 6AA0D7EA3D
	for <selinux@tycho.nsa.gov>; Wed, 27 Sep 2017 08:17:06 +0000 (UTC)
X-EEMSG-check-009: 444-444
From: Vit Mojzis <vmojzis@redhat.com>
To: selinux@tycho.nsa.gov
Date: Wed, 27 Sep 2017 10:16:44 +0200
Message-Id: <20170927081645.32481-2-vmojzis@redhat.com>
In-Reply-To: <20170927081645.32481-1-vmojzis@redhat.com>
References: <20170927081645.32481-1-vmojzis@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.29]); Wed, 27 Sep 2017 08:17:07 +0000 (UTC)
Subject: [PATCH 1/2] libsemanage: Add support for listing
	fcontext.homedirs file
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1409813
---
 libsemanage/include/semanage/fcontexts_policy.h |  4 ++++
 libsemanage/src/direct_api.c                    |  6 ++++++
 libsemanage/src/fcontexts_policy.c              |  8 ++++++++
 libsemanage/src/handle.h                        | 19 +++++++++++++------
 4 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/libsemanage/include/semanage/fcontexts_policy.h b/libsemanage/include/semanage/fcontexts_policy.h
index a50db2b..199a1e1 100644
--- a/libsemanage/include/semanage/fcontexts_policy.h
+++ b/libsemanage/include/semanage/fcontexts_policy.h
@@ -26,4 +26,8 @@ extern int semanage_fcontext_list(semanage_handle_t * handle,
 				  semanage_fcontext_t *** records,
 				  unsigned int *count);
 
+extern int semanage_fcontext_list_homedirs(semanage_handle_t * handle,
+				  semanage_fcontext_t *** records,
+				  unsigned int *count);
+
 #endif
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index 65842df..886a228 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -210,6 +210,12 @@ int semanage_direct_connect(semanage_handle_t * sh)
 				     semanage_fcontext_dbase_local(sh)) < 0)
 		goto err;
 
+	if (fcontext_file_dbase_init(sh,
+				     selinux_file_context_homedir_path(),
+				     selinux_file_context_homedir_path(),
+				     semanage_fcontext_dbase_homedirs(sh)) < 0)
+		goto err;
+
 	if (seuser_file_dbase_init(sh,
 				   semanage_path(SEMANAGE_ACTIVE,
 						 SEMANAGE_SEUSERS_LOCAL),
diff --git a/libsemanage/src/fcontexts_policy.c b/libsemanage/src/fcontexts_policy.c
index 0b063b1..98490ab 100644
--- a/libsemanage/src/fcontexts_policy.c
+++ b/libsemanage/src/fcontexts_policy.c
@@ -51,3 +51,11 @@ int semanage_fcontext_list(semanage_handle_t * handle,
 	dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle);
 	return dbase_list(handle, dconfig, records, count);
 }
+
+int semanage_fcontext_list_homedirs(semanage_handle_t * handle,
+			   semanage_fcontext_t *** records, unsigned int *count)
+{
+
+	dbase_config_t *dconfig = semanage_fcontext_dbase_homedirs(handle);
+	return dbase_list(handle, dconfig, records, count);
+}
diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
index 889871d..1780ac8 100644
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@@ -79,7 +79,7 @@ struct semanage_handle {
 	struct semanage_policy_table *funcs;
 
 	/* Object databases */
-#define DBASE_COUNT      23
+#define DBASE_COUNT      24
 
 /* Local modifications */
 #define DBASE_LOCAL_USERS_BASE  0
@@ -102,13 +102,14 @@ struct semanage_handle {
 #define DBASE_POLICY_INTERFACES  15
 #define DBASE_POLICY_BOOLEANS    16
 #define DBASE_POLICY_FCONTEXTS   17
-#define DBASE_POLICY_SEUSERS     18
-#define DBASE_POLICY_NODES       19
-#define DBASE_POLICY_IBPKEYS     20
-#define DBASE_POLICY_IBENDPORTS  21
+#define DBASE_POLICY_FCONTEXTS_H 18
+#define DBASE_POLICY_SEUSERS     19
+#define DBASE_POLICY_NODES       20
+#define DBASE_POLICY_IBPKEYS     21
+#define DBASE_POLICY_IBENDPORTS  22
 
 /* Active kernel policy */
-#define DBASE_ACTIVE_BOOLEANS    22
+#define DBASE_ACTIVE_BOOLEANS    23
 	dbase_config_t dbase[DBASE_COUNT];
 };
 
@@ -236,6 +237,12 @@ static inline
 }
 
 static inline
+    dbase_config_t * semanage_fcontext_dbase_homedirs(semanage_handle_t * handle)
+{
+	return &handle->dbase[DBASE_POLICY_FCONTEXTS_H];
+}
+
+static inline
     dbase_config_t * semanage_seuser_dbase_policy(semanage_handle_t * handle)
 {
 	return &handle->dbase[DBASE_POLICY_SEUSERS];