Problem with semanage, looks like we don't handle the <<none>> context type?

Problem with semanage, looks like we don't handle the <<none>> context type?

[Daniel J Walsh]

cat /tmp/test.py
#!/usr/bin/python
from semanage import *
sh = semanage_handle_create()
rc, con = semanage_context_from_string(sh, "<<none>>")
rc,fcontext = semanage_fcontext_create(sh)
semanage_fcontext_set_con(sh, fcontext, con)


# python /tmp/test.py
Segmentation fault


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Joshua Brindle]

Daniel J Walsh wrote:
> cat /tmp/test.py
> #!/usr/bin/python
> from semanage import *
> sh = semanage_handle_create()
> rc, con = semanage_context_from_string(sh, "<<none>>")
> rc,fcontext = semanage_fcontext_create(sh)
> semanage_fcontext_set_con(sh, fcontext, con)
> 
> 
> # python /tmp/test.py
> Segmentation fault

Granted the segfault needs to be fixed but what exactly are you trying 
to accomplish? <<none>> is not a type, its just something matchpathcon 
uses to short circuit its labeling behavior.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Daniel J Walsh]

Joshua Brindle wrote:
> Daniel J Walsh wrote:
>> cat /tmp/test.py
>> #!/usr/bin/python
>> from semanage import *
>> sh = semanage_handle_create()
>> rc, con = semanage_context_from_string(sh, "<<none>>")
>> rc,fcontext = semanage_fcontext_create(sh)
>> semanage_fcontext_set_con(sh, fcontext, con)
>>
>>
>> # python /tmp/test.py
>> Segmentation fault
>
> Granted the segfault needs to be fixed but what exactly are you trying 
> to accomplish? <<none>> is not a type, its just something matchpathcon 
> uses to short circuit its labeling behavior.
>
I have a request from someone who wants to setup a directory that 
shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
nothing in the directory.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: Problem with semanage, looks like we don't handle the <<none>> context type?

[Joshua Brindle]

Daniel J Walsh wrote:
> Joshua Brindle wrote:
>> Daniel J Walsh wrote:
>>> cat /tmp/test.py
>>> #!/usr/bin/python
>>> from semanage import *
>>> sh = semanage_handle_create()
>>> rc, con = semanage_context_from_string(sh, "<<none>>") rc,fcontext =
>>> semanage_fcontext_create(sh) semanage_fcontext_set_con(sh,
>>> fcontext, con) 
>>> 
>>> 
>>> # python /tmp/test.py
>>> Segmentation fault
>> 
>> Granted the segfault needs to be fixed but what exactly are you
>> trying to accomplish? <<none>> is not a type, its just something
>> matchpathcon uses to short circuit its labeling behavior.
>> 
> I have a request from someone who wants to setup a directory
> that shortcuts the labeling behaviour.  IE wants restorecon
> and friends to do nothing in the directory.

Hrm... Interesting. We probably need to add special logic to libsemanage
to handle this case. 

In the mean time he can just add it to a .fc file in a policy package
and insert that.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Daniel J Walsh]

Joshua Brindle wrote:
> Daniel J Walsh wrote:
>   
>> Joshua Brindle wrote:
>>     
>>> Daniel J Walsh wrote:
>>>       
>>>> cat /tmp/test.py
>>>> #!/usr/bin/python
>>>> from semanage import *
>>>> sh = semanage_handle_create()
>>>> rc, con = semanage_context_from_string(sh, "<<none>>") rc,fcontext =
>>>> semanage_fcontext_create(sh) semanage_fcontext_set_con(sh,
>>>> fcontext, con) 
>>>>
>>>>
>>>> # python /tmp/test.py
>>>> Segmentation fault
>>>>         
>>> Granted the segfault needs to be fixed but what exactly are you
>>> trying to accomplish? <<none>> is not a type, its just something
>>> matchpathcon uses to short circuit its labeling behavior.
>>>
>>>       
>> I have a request from someone who wants to setup a directory
>> that shortcuts the labeling behaviour.  IE wants restorecon
>> and friends to do nothing in the directory.
>>     
>
> Hrm... Interesting. We probably need to add special logic to libsemanage
> to handle this case. 
>
> In the mean time he can just add it to a .fc file in a policy package
> and insert that.
>   
Yes that is what he did.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Stephen Smalley]

On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
> Joshua Brindle wrote:
> > Daniel J Walsh wrote:
> >> cat /tmp/test.py
> >> #!/usr/bin/python
> >> from semanage import *
> >> sh = semanage_handle_create()
> >> rc, con = semanage_context_from_string(sh, "<<none>>")
> >> rc,fcontext = semanage_fcontext_create(sh)
> >> semanage_fcontext_set_con(sh, fcontext, con)
> >>
> >>
> >> # python /tmp/test.py
> >> Segmentation fault
> >
> > Granted the segfault needs to be fixed but what exactly are you trying 
> > to accomplish? <<none>> is not a type, its just something matchpathcon 
> > uses to short circuit its labeling behavior.
> >
> I have a request from someone who wants to setup a directory that 
> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
> nothing in the directory.

libsemanage maps a NULL context to <<none>>.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Daniel J Walsh]

Stephen Smalley wrote:
> On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
>   
>> Joshua Brindle wrote:
>>     
>>> Daniel J Walsh wrote:
>>>       
>>>> cat /tmp/test.py
>>>> #!/usr/bin/python
>>>> from semanage import *
>>>> sh = semanage_handle_create()
>>>> rc, con = semanage_context_from_string(sh, "<<none>>")
>>>> rc,fcontext = semanage_fcontext_create(sh)
>>>> semanage_fcontext_set_con(sh, fcontext, con)
>>>>
>>>>
>>>> # python /tmp/test.py
>>>> Segmentation fault
>>>>         
>>> Granted the segfault needs to be fixed but what exactly are you trying 
>>> to accomplish? <<none>> is not a type, its just something matchpathcon 
>>> uses to short circuit its labeling behavior.
>>>
>>>       
>> I have a request from someone who wants to setup a directory that 
>> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
>> nothing in the directory.
>>     
>
> libsemanage maps a NULL context to <<none>>.
>
>   
Ok if I change the python to not set the context at all, then semanage 
does the right thing.

# semanage fcontext -a -t '<<none>>' /data

                if type != "<<none>>":
                       (rc, con) = semanage_context_create(self.sh)
                       ...
                       rc = semanage_fcontext_set_con(self.sh, fcontext, 
con)

Of course the syntax is a bit misleading from a technical point of view 
<<none>> is not a type.  But it works for me.



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Stephen Smalley]

On Wed, 2007-08-01 at 09:00 -0400, Daniel J Walsh wrote:
> Stephen Smalley wrote:
> > On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
> >   
> >> Joshua Brindle wrote:
> >>     
> >>> Daniel J Walsh wrote:
> >>>       
> >>>> cat /tmp/test.py
> >>>> #!/usr/bin/python
> >>>> from semanage import *
> >>>> sh = semanage_handle_create()
> >>>> rc, con = semanage_context_from_string(sh, "<<none>>")
> >>>> rc,fcontext = semanage_fcontext_create(sh)
> >>>> semanage_fcontext_set_con(sh, fcontext, con)
> >>>>
> >>>>
> >>>> # python /tmp/test.py
> >>>> Segmentation fault
> >>>>         
> >>> Granted the segfault needs to be fixed but what exactly are you trying 
> >>> to accomplish? <<none>> is not a type, its just something matchpathcon 
> >>> uses to short circuit its labeling behavior.
> >>>
> >>>       
> >> I have a request from someone who wants to setup a directory that 
> >> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
> >> nothing in the directory.
> >>     
> >
> > libsemanage maps a NULL context to <<none>>.
> >
> >   
> Ok if I change the python to not set the context at all, then semanage 
> does the right thing.
> 
> # semanage fcontext -a -t '<<none>>' /data
> 
>                 if type != "<<none>>":
>                        (rc, con) = semanage_context_create(self.sh)
>                        ...
>                        rc = semanage_fcontext_set_con(self.sh, fcontext, 
> con)
> 
> Of course the syntax is a bit misleading from a technical point of view 
> <<none>> is not a type.  But it works for me.

Looks like the seg fault is occuring from sepol_context_clone()
(semanage_fcontext_set_con -> semanage_context_clone ->
sepol_context_clone), because the con was set to NULL by
semanage_context_from_string -> sepol_context_from_string (tests for
"<<none>>").  So we can make sepol_context_clone() gracefully handle a
NULL con (just set *con_ptr = NULL and return 0) or have
semanage_fcontext_set_con() test for NULL on entry and handle it there.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Stephen Smalley]

On Wed, 2007-08-01 at 08:29 -0400, Stephen Smalley wrote:
> On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
> > Joshua Brindle wrote:
> > > Daniel J Walsh wrote:
> > >> cat /tmp/test.py
> > >> #!/usr/bin/python
> > >> from semanage import *
> > >> sh = semanage_handle_create()
> > >> rc, con = semanage_context_from_string(sh, "<<none>>")
> > >> rc,fcontext = semanage_fcontext_create(sh)
> > >> semanage_fcontext_set_con(sh, fcontext, con)
> > >>
> > >>
> > >> # python /tmp/test.py
> > >> Segmentation fault
> > >
> > > Granted the segfault needs to be fixed but what exactly are you trying 
> > > to accomplish? <<none>> is not a type, its just something matchpathcon 
> > > uses to short circuit its labeling behavior.
> > >
> > I have a request from someone who wants to setup a directory that 
> > shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
> > nothing in the directory.
> 
> libsemanage maps a NULL context to <<none>>.

Also, you never did a semanage_context_create() in the above.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Stephen Smalley]

On Wed, 2007-08-01 at 09:02 -0400, Stephen Smalley wrote:
> On Wed, 2007-08-01 at 08:29 -0400, Stephen Smalley wrote:
> > On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
> > > Joshua Brindle wrote:
> > > > Daniel J Walsh wrote:
> > > >> cat /tmp/test.py
> > > >> #!/usr/bin/python
> > > >> from semanage import *
> > > >> sh = semanage_handle_create()
> > > >> rc, con = semanage_context_from_string(sh, "<<none>>")
> > > >> rc,fcontext = semanage_fcontext_create(sh)
> > > >> semanage_fcontext_set_con(sh, fcontext, con)
> > > >>
> > > >>
> > > >> # python /tmp/test.py
> > > >> Segmentation fault
> > > >
> > > > Granted the segfault needs to be fixed but what exactly are you trying 
> > > > to accomplish? <<none>> is not a type, its just something matchpathcon 
> > > > uses to short circuit its labeling behavior.
> > > >
> > > I have a request from someone who wants to setup a directory that 
> > > shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
> > > nothing in the directory.
> > 
> > libsemanage maps a NULL context to <<none>>.
> 
> Also, you never did a semanage_context_create() in the above.

Ah, never mind - not necessary.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Daniel J Walsh]

[-- Attachment #1: Type: text/plain, Size: 1775 bytes --]

Stephen Smalley wrote:
> On Wed, 2007-08-01 at 08:29 -0400, Stephen Smalley wrote:
>   
>> On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
>>     
>>> Joshua Brindle wrote:
>>>       
>>>> Daniel J Walsh wrote:
>>>>         
>>>>> cat /tmp/test.py
>>>>> #!/usr/bin/python
>>>>> from semanage import *
>>>>> sh = semanage_handle_create()
>>>>> rc, con = semanage_context_from_string(sh, "<<none>>")
>>>>> rc,fcontext = semanage_fcontext_create(sh)
>>>>> semanage_fcontext_set_con(sh, fcontext, con)
>>>>>
>>>>>
>>>>> # python /tmp/test.py
>>>>> Segmentation fault
>>>>>           
>>>> Granted the segfault needs to be fixed but what exactly are you trying 
>>>> to accomplish? <<none>> is not a type, its just something matchpathcon 
>>>> uses to short circuit its labeling behavior.
>>>>
>>>>         
>>> I have a request from someone who wants to setup a directory that 
>>> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
>>> nothing in the directory.
>>>       
>> libsemanage maps a NULL context to <<none>>.
>>     
>
> Also, you never did a semanage_context_create() in the above.
>
>   

rc, con = semanage_context_from_string(sh, "<<none>>")
Should do the same, well at least

rc, con = semanage_context_from_string(sh, "system_u:object_r:etc_t")

Should


Anyways I worked on this a little further,  I now have creation working and modification partially working.

I can create a <<none>> entry as described in a previous mail, and I can modify it to a normal context.  But I have 
no way of modifying a normal context to a <<none>> without deleting and recreating the entry.

                       rc = semanage_fcontext_set_con(self.sh, fcontext, None)

Segfaults.

Attached patch has the relevant changes to seobject.py






[-- Attachment #2: seobject.py.patch --]
[-- Type: text/x-patch, Size: 5695 bytes --]

--- nsapolicycoreutils/semanage/seobject.py	2007-07-16 14:20:41.000000000 -0400
+++ policycoreutils-2.0.22/semanage/seobject.py	2007-08-01 09:54:14.000000000 -0400
@@ -1024,14 +1025,31 @@
 	def __init__(self):
 		semanageRecords.__init__(self)
 		
-	def add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
+        def createcon(self, target, seuser = "system_u"):
+                (rc, con) = semanage_context_create(self.sh)
+                if rc < 0:
+                       raise ValueError(_("Could not create context for %s") % target)
 		if seuser == "":
 			seuser = "system_u"
+
+                rc = semanage_context_set_user(self.sh, con, seuser)
+                if rc < 0:
+                       raise ValueError(_("Could not set user in file context for %s") % target)
+		
+                rc = semanage_context_set_role(self.sh, con, "object_r")
+                if rc < 0:
+                       raise ValueError(_("Could not set role in file context for %s") % target)
+
 		if is_mls_enabled == 1:
-			if serange == "":
-				serange = "s0"
-			else:
-				serange = untranslate(serange)
+                       rc = semanage_context_set_mls(self.sh, con, "s0")
+                       if rc < 0:
+                              raise ValueError(_("Could not set mls fields in file context for %s") % target)
+
+                return con
+               
+	def add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
+		if is_mls_enabled == 1:
+                       serange = untranslate(serange)
 			
 		if type == "":
 			raise ValueError(_("SELinux Type is required"))
@@ -1051,33 +1069,23 @@
 			raise ValueError(_("Could not create file context for %s") % target)
 		
 		rc = semanage_fcontext_set_expr(self.sh, fcontext, target)
-		(rc, con) = semanage_context_create(self.sh)
-		if rc < 0:
-			raise ValueError(_("Could not create context for %s") % target)
-
-		rc = semanage_context_set_user(self.sh, con, seuser)
-		if rc < 0:
-			raise ValueError(_("Could not set user in file context for %s") % target)
-		
-		rc = semanage_context_set_role(self.sh, con, "object_r")
-		if rc < 0:
-			raise ValueError(_("Could not set role in file context for %s") % target)
-
-		rc = semanage_context_set_type(self.sh, con, type)
-		if rc < 0:
-			raise ValueError(_("Could not set type in file context for %s") % target)
+                if type != "<<none>>":
+                       con = self.createcon(target, seuser)
 
-		if serange != "":
-			rc = semanage_context_set_mls(self.sh, con, serange)
-			if rc < 0:
-				raise ValueError(_("Could not set mls fields in file context for %s") % target)
+                       rc = semanage_context_set_type(self.sh, con, type)
+                       if rc < 0:
+                              raise ValueError(_("Could not set type in file context for %s") % target)
+
+                       if serange != "":
+                              rc = semanage_context_set_mls(self.sh, con, serange)
+                              if rc < 0:
+                                     raise ValueError(_("Could not set mls fields in file context for %s") % target)
+                       rc = semanage_fcontext_set_con(self.sh, fcontext, con)
+                       if rc < 0:
+                              raise ValueError(_("Could not set file context for %s") % target)
 
 		semanage_fcontext_set_type(fcontext, file_types[ftype])
 
-		rc = semanage_fcontext_set_con(self.sh, fcontext, con)
-		if rc < 0:
-			raise ValueError(_("Could not set file context for %s") % target)
-
 		rc = semanage_begin_transaction(self.sh)
 		if rc < 0:
 			raise ValueError(_("Could not start semanage transaction"))
@@ -1090,7 +1098,8 @@
 		if rc < 0:
 			raise ValueError(_("Could not add file context for %s") % target)
 
-		semanage_context_free(con)
+                if type != "<<none>>":
+                       semanage_context_free(con)
 		semanage_fcontext_key_free(k)
 		semanage_fcontext_free(fcontext)
 
@@ -1112,16 +1121,29 @@
 		if rc < 0:
 			raise ValueError(_("Could not query file context for %s") % target)
 
-		con = semanage_fcontext_get_con(fcontext)
+                if setype != "<<none>>":
+                       con = semanage_fcontext_get_con(fcontext)
 			
-		if serange != "":
-			semanage_context_set_mls(self.sh, con, untranslate(serange))
-		if seuser != "":
-			semanage_context_set_user(self.sh, con, seuser)	
-		if setype != "":
-			semanage_context_set_type(self.sh, con, setype)
-
-		rc = semanage_begin_transaction(self.sh)
+                       if con == None:
+                              con = self.createcon(target)
+                              
+                       if serange != "":
+                              semanage_context_set_mls(self.sh, con, untranslate(serange))
+                       if seuser != "":
+                              semanage_context_set_user(self.sh, con, seuser)
+                              
+                       if setype != "":
+                              semanage_context_set_type(self.sh, con, setype)
+
+                       rc = semanage_fcontext_set_con(self.sh, fcontext, con)
+                       if rc < 0:
+                              raise ValueError(_("Could not set file context for %s") % target)
+                else:
+                       rc = semanage_fcontext_set_con(self.sh, fcontext, None)
+                       if rc < 0:
+                              raise ValueError(_("Could not set file context for %s") % target)
+                       
+                rc = semanage_begin_transaction(self.sh)
 		if rc < 0:
 			raise ValueError(_("Could not start semanage transaction"))
 

Re: Problem with semanage, looks like we don't handle the <<none>> context type?

[Stephen Smalley]

On Wed, 2007-08-01 at 09:57 -0400, Daniel J Walsh wrote:
> Stephen Smalley wrote:
> > On Wed, 2007-08-01 at 08:29 -0400, Stephen Smalley wrote:
> >   
> >> On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
> >>     
> >>> Joshua Brindle wrote:
> >>>       
> >>>> Daniel J Walsh wrote:
> >>>>         
> >>>>> cat /tmp/test.py
> >>>>> #!/usr/bin/python
> >>>>> from semanage import *
> >>>>> sh = semanage_handle_create()
> >>>>> rc, con = semanage_context_from_string(sh, "<<none>>")
> >>>>> rc,fcontext = semanage_fcontext_create(sh)
> >>>>> semanage_fcontext_set_con(sh, fcontext, con)
> >>>>>
> >>>>>
> >>>>> # python /tmp/test.py
> >>>>> Segmentation fault
> >>>>>           
> >>>> Granted the segfault needs to be fixed but what exactly are you trying 
> >>>> to accomplish? <<none>> is not a type, its just something matchpathcon 
> >>>> uses to short circuit its labeling behavior.
> >>>>
> >>>>         
> >>> I have a request from someone who wants to setup a directory that 
> >>> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
> >>> nothing in the directory.
> >>>       
> >> libsemanage maps a NULL context to <<none>>.
> >>     
> >
> > Also, you never did a semanage_context_create() in the above.
> >
> >   
> 
> rc, con = semanage_context_from_string(sh, "<<none>>")
> Should do the same, well at least
> 
> rc, con = semanage_context_from_string(sh, "system_u:object_r:etc_t")
> 
> Should
> 
> 
> Anyways I worked on this a little further,  I now have creation working and modification partially working.
> 
> I can create a <<none>> entry as described in a previous mail, and I can modify it to a normal context.  But I have 
> no way of modifying a normal context to a <<none>> without deleting and recreating the entry.
> 
>                        rc = semanage_fcontext_set_con(self.sh, fcontext, None)
> 
> Segfaults.

Try this patch for libsepol.

Make sepol_context_clone correctly handle a NULL context (for the
"<<none>>" case).

Index: libsepol/src/context_record.c
===================================================================
--- libsepol/src/context_record.c	(revision 2502)
+++ libsepol/src/context_record.c	(working copy)
@@ -154,6 +154,12 @@
 {
 
 	sepol_context_t *new_con = NULL;
+
+	if (!con) {
+		*con_ptr = NULL;
+		return 0;
+	}
+	  
 	if (sepol_context_create(handle, &new_con) < 0)
 		goto err;
 

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.