Re: [patch 0/4] libsemanage: genhomedircon regressions

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Todd C. Miller]

Daniel J Walsh wrote:
> Yes you are right.
>
> The problem is we need to find the failsafe account before writing the
> general account.
> 
> How about this patch.

There is some missing frees in there and I don't think we really
need to get the full users list.  I would write it like this.

 - todd

Index: libsemanage/src/genhomedircon.c
===================================================================
--- libsemanage/src/genhomedircon.c	(revision 2624)
+++ libsemanage/src/genhomedircon.c	(working copy)
@@ -575,6 +575,57 @@
 	return STATUS_SUCCESS;
 }
 
+static int setup_fallback_user(genhomedircon_settings_t * s)
+{
+	semanage_seuser_t **seuser_list = NULL;
+	unsigned int nseusers = 0;
+	semanage_user_key_t *key = NULL;
+	semanage_user_t *u = NULL;
+	const char *name = NULL;
+	const char *seuname = NULL;
+	const char *prefix = NULL;
+	unsigned int i;
+	int retval;
+	int errors = 0;
+
+	retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers);
+	if (retval < 0 || (nseusers < 1)) {
+		/* if there are no users, this function can't do any other work */
+		return errors;
+	}
+
+	for (i = 0; i < nseusers; i++) {
+		name = semanage_seuser_get_name(seuser_list[i]);
+		if (strcmp(name, DEFAULT_LOGIN) == 0) {
+			seuname = semanage_seuser_get_sename(seuser_list[i]);
+
+			/* find the user structure given the name */
+			if (semanage_user_key_create(s->h_semanage, seuname,
+						     &key) < 0) {
+				errors = STATUS_ERR;
+				break;
+			}
+			if (semanage_user_query(s->h_semanage, key, &u) < 0)
+				prefix = name;
+			else
+				prefix = semanage_user_get_prefix(u);
+
+			if (set_fallback_user(s, seuname, prefix) != 0)
+				errors = STATUS_ERR;
+			semanage_user_key_free(key);
+			if (u)
+				semanage_user_free(u);
+			break;
+		}
+	}
+
+	for (i = 0; i < nseusers; i++)
+		semanage_seuser_free(seuser_list[i]);
+	free(seuser_list);
+
+	return errors;
+}
+
 static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
 					     int *errors)
 {
@@ -616,30 +667,6 @@
 		goto cleanup;
 
 	for (i = 0; i < nseusers; i++) {
-		name = semanage_seuser_get_name(seuser_list[i]);
-		if (strcmp(name, DEFAULT_LOGIN) == 0) {
-			seuname = semanage_seuser_get_sename(seuser_list[i]);
-
-			/* find the user structure given the name */
-			u = bsearch(seuname, user_list, nusers,
-				    sizeof(semanage_user_t *),
-				    (int (*)(const void *, const void *))
-				    &name_user_cmp);
-			if (u) {
-				prefix = semanage_user_get_prefix(*u);
-			} else {
-				prefix = name;
-			}
-
-			if (set_fallback_user(s, seuname, prefix) != 0) {
-				*errors = STATUS_ERR;
-				goto cleanup;
-			}
-			break;
-		}
-	}
-
-	for (i = 0; i < nseusers; i++) {
 		seuname = semanage_seuser_get_sename(seuser_list[i]);
 
 		if (strcmp(seuname, s->fallback_user) == 0)
@@ -769,12 +796,10 @@
 		goto done;
 	}
 
-	if (write_gen_home_dir_context(s, out, user_context_tpl,
-				       homedir_context_tpl) != STATUS_SUCCESS) {
+	if (setup_fallback_user(s) != 0) {
 		retval = STATUS_ERR;
 		goto done;
 	}
-
 	for (h = homedirs; h; h = h->next) {
 		Ustr *temp = ustr_dup_cstr(h->data);
 
@@ -811,6 +836,11 @@
 		goto done;
 	}
 
+	if (write_gen_home_dir_context(s, out, user_context_tpl,
+				       homedir_context_tpl) != STATUS_SUCCESS) {
+		retval = STATUS_ERR;
+	}
+
       done:
 	/* Cleanup */
 	semanage_list_destroy(&homedirs);

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 14:04 -0400, Todd C. Miller wrote:
> Daniel J Walsh wrote:
> > Yes you are right.
> >
> > The problem is we need to find the failsafe account before writing the
> > general account.
> > 
> > How about this patch.
> 
> There is some missing frees in there and I don't think we really
> need to get the full users list.  I would write it like this.

Thanks, applied.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Daniel J Walsh]

[-- Attachment #1: Type: text/plain, Size: 380 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This patch makes sure /root gets labeled even if it is using the default
context.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHASDNrlYvE4MpobMRAuAAAJ0edHnaWRQ/RuE8llb+RQ9Zh43j6ACg2qXK
FsPmAB6fb4Ct9ytLVhxYijk=
=S8km
-----END PGP SIGNATURE-----

[-- Attachment #2: diff --]
[-- Type: text/plain, Size: 679 bytes --]

diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.11/src/genhomedircon.c
--- nsalibsemanage/src/genhomedircon.c	2007-10-01 09:54:35.000000000 -0400
+++ libsemanage-2.0.11/src/genhomedircon.c	2007-10-01 12:24:39.000000000 -0400
@@ -668,12 +668,11 @@
 
 	for (i = 0; i < nseusers; i++) {
 		seuname = semanage_seuser_get_sename(seuser_list[i]);
+		name = semanage_seuser_get_name(seuser_list[i]);
 
-		if (strcmp(seuname, s->fallback_user) == 0)
+		if (strcmp(name,"root") && strcmp(seuname, s->fallback_user) == 0)
 			continue;
 
-		name = semanage_seuser_get_name(seuser_list[i]);
-
 		if (strcmp(name, DEFAULT_LOGIN) == 0)
 			continue;
 

[-- Attachment #3: diff.sig --]
[-- Type: application/octet-stream, Size: 65 bytes --]

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Todd Miller]

Daniel J Walsh wrote:
> This patch makes sure /root gets labeled even if it is using the
> default context.

That looks reasonable to me.

 - todd


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Mon, 2007-10-01 at 12:31 -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> This patch makes sure /root gets labeled even if it is using the default
> context.

Thanks, merged.

> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iD8DBQFHASDNrlYvE4MpobMRAuAAAJ0edHnaWRQ/RuE8llb+RQ9Zh43j6ACg2qXK
> FsPmAB6fb4Ct9ytLVhxYijk=
> =S8km
> -----END PGP SIGNATURE-----
> plain text document attachment (diff)
> diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.11/src/genhomedircon.c
> --- nsalibsemanage/src/genhomedircon.c	2007-10-01 09:54:35.000000000 -0400
> +++ libsemanage-2.0.11/src/genhomedircon.c	2007-10-01 12:24:39.000000000 -0400
> @@ -668,12 +668,11 @@
>  
>  	for (i = 0; i < nseusers; i++) {
>  		seuname = semanage_seuser_get_sename(seuser_list[i]);
> +		name = semanage_seuser_get_name(seuser_list[i]);
>  
> -		if (strcmp(seuname, s->fallback_user) == 0)
> +		if (strcmp(name,"root") && strcmp(seuname, s->fallback_user) == 0)
>  			continue;
>  
> -		name = semanage_seuser_get_name(seuser_list[i]);
> -
>  		if (strcmp(name, DEFAULT_LOGIN) == 0)
>  			continue;
>  
-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

[patch 0/4] libsemanage: genhomedircon regressions

[Todd C. Miller]

This patch set fixes several regressions found in the new genhomedircon
replacement.  I've broken things up into their logical parts for easy
reading.  I've also included Dan's do_rebuild_file_context and swigify
patches as a 4th diff.  If we want to treat that completely separately
we can.

 - todd

-- 


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
> This patch set fixes several regressions found in the new genhomedircon
> replacement.  I've broken things up into their logical parts for easy
> reading.  I've also included Dan's do_rebuild_file_context and swigify
> patches as a 4th diff.  If we want to treat that completely separately
> we can.

patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
together as a single commit.

2/4 applied as a bug fix independent of the others.

4/4 dropped except for Makefile swigify target.

libsemanage 2.0.10.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 09:36 -0400, Stephen Smalley wrote:
> On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
> > This patch set fixes several regressions found in the new genhomedircon
> > replacement.  I've broken things up into their logical parts for easy
> > reading.  I've also included Dan's do_rebuild_file_context and swigify
> > patches as a 4th diff.  If we want to treat that completely separately
> > we can.
> 
> patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
> together as a single commit.
> 
> 2/4 applied as a bug fix independent of the others.
> 
> 4/4 dropped except for Makefile swigify target.
> 
> libsemanage 2.0.10.

Looking again at the output, the order differs - the libsemanage
genhomedircon puts the specific user entries first and then the
generic /home entries, which seems wrong given that later entries take
precedence for matchpathcon.  genhomedircon script does the opposite.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephen Smalley wrote:
> On Fri, 2007-09-28 at 09:36 -0400, Stephen Smalley wrote:
>> On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
>>> This patch set fixes several regressions found in the new genhomedircon
>>> replacement.  I've broken things up into their logical parts for easy
>>> reading.  I've also included Dan's do_rebuild_file_context and swigify
>>> patches as a 4th diff.  If we want to treat that completely separately
>>> we can.
>> patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
>> together as a single commit.
>>
>> 2/4 applied as a bug fix independent of the others.
>>
>> 4/4 dropped except for Makefile swigify target.
>>
>> libsemanage 2.0.10.
> 
> Looking again at the output, the order differs - the libsemanage
> genhomedircon puts the specific user entries first and then the
> generic /home entries, which seems wrong given that later entries take
> precedence for matchpathcon.  genhomedircon script does the opposite.
> 

It should be alright because of the specificity is greater.

/home/dwalsh/.*

vs

/home/.*
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFG/QhwrlYvE4MpobMRAs9nAKCBvu1gSUsxBfLLkwCfLeSU7ejQxgCfcYd+
8i2BugMuBIPJl+UUW5GX6rw=
=Uyti
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 09:58 -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Stephen Smalley wrote:
> > On Fri, 2007-09-28 at 09:36 -0400, Stephen Smalley wrote:
> >> On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
> >>> This patch set fixes several regressions found in the new genhomedircon
> >>> replacement.  I've broken things up into their logical parts for easy
> >>> reading.  I've also included Dan's do_rebuild_file_context and swigify
> >>> patches as a 4th diff.  If we want to treat that completely separately
> >>> we can.
> >> patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
> >> together as a single commit.
> >>
> >> 2/4 applied as a bug fix independent of the others.
> >>
> >> 4/4 dropped except for Makefile swigify target.
> >>
> >> libsemanage 2.0.10.
> > 
> > Looking again at the output, the order differs - the libsemanage
> > genhomedircon puts the specific user entries first and then the
> > generic /home entries, which seems wrong given that later entries take
> > precedence for matchpathcon.  genhomedircon script does the opposite.
> > 
> 
> It should be alright because of the specificity is greater.
> 
> /home/dwalsh/.*
> 
> vs
> 
> /home/.*

I don't think that works out in all cases, e.g.
matchpathcon /home/xguest/.ssh yields a different result.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 09:51 -0400, Stephen Smalley wrote:
> On Fri, 2007-09-28 at 09:58 -0400, Daniel J Walsh wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Stephen Smalley wrote:
> > > On Fri, 2007-09-28 at 09:36 -0400, Stephen Smalley wrote:
> > >> On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
> > >>> This patch set fixes several regressions found in the new genhomedircon
> > >>> replacement.  I've broken things up into their logical parts for easy
> > >>> reading.  I've also included Dan's do_rebuild_file_context and swigify
> > >>> patches as a 4th diff.  If we want to treat that completely separately
> > >>> we can.
> > >> patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
> > >> together as a single commit.
> > >>
> > >> 2/4 applied as a bug fix independent of the others.
> > >>
> > >> 4/4 dropped except for Makefile swigify target.
> > >>
> > >> libsemanage 2.0.10.
> > > 
> > > Looking again at the output, the order differs - the libsemanage
> > > genhomedircon puts the specific user entries first and then the
> > > generic /home entries, which seems wrong given that later entries take
> > > precedence for matchpathcon.  genhomedircon script does the opposite.
> > > 
> > 
> > It should be alright because of the specificity is greater.
> > 
> > /home/dwalsh/.*
> > 
> > vs
> > 
> > /home/.*
> 
> I don't think that works out in all cases, e.g.
> matchpathcon /home/xguest/.ssh yields a different result.

Old order (genhomedircon script output):
# matchpathcon /home/xguest/.ssh
/home/xguest/.ssh       xguest_u:object_r:xguest_home_t

New order (latest libsemanage):
# matchpathcon /home/xguest/.ssh
/home/xguest/.ssh       system_u:object_r:user_home_ssh_t

Which did you want it to be?

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Daniel J Walsh]

[-- Attachment #1: Type: text/plain, Size: 2203 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephen Smalley wrote:
> On Fri, 2007-09-28 at 09:51 -0400, Stephen Smalley wrote:
>> On Fri, 2007-09-28 at 09:58 -0400, Daniel J Walsh wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Stephen Smalley wrote:
>>>> On Fri, 2007-09-28 at 09:36 -0400, Stephen Smalley wrote:
>>>>> On Thu, 2007-09-27 at 16:07 -0400, Todd C. Miller wrote:
>>>>>> This patch set fixes several regressions found in the new genhomedircon
>>>>>> replacement.  I've broken things up into their logical parts for easy
>>>>>> reading.  I've also included Dan's do_rebuild_file_context and swigify
>>>>>> patches as a 4th diff.  If we want to treat that completely separately
>>>>>> we can.
>>>>> patch 1/4 yielded a non-buildable tree, so I applied 1/4 and 3/4
>>>>> together as a single commit.
>>>>>
>>>>> 2/4 applied as a bug fix independent of the others.
>>>>>
>>>>> 4/4 dropped except for Makefile swigify target.
>>>>>
>>>>> libsemanage 2.0.10.
>>>> Looking again at the output, the order differs - the libsemanage
>>>> genhomedircon puts the specific user entries first and then the
>>>> generic /home entries, which seems wrong given that later entries take
>>>> precedence for matchpathcon.  genhomedircon script does the opposite.
>>>>
>>> It should be alright because of the specificity is greater.
>>>
>>> /home/dwalsh/.*
>>>
>>> vs
>>>
>>> /home/.*
>> I don't think that works out in all cases, e.g.
>> matchpathcon /home/xguest/.ssh yields a different result.
> 
> Old order (genhomedircon script output):
> # matchpathcon /home/xguest/.ssh
> /home/xguest/.ssh       xguest_u:object_r:xguest_home_t
> 
> New order (latest libsemanage):
> # matchpathcon /home/xguest/.ssh
> /home/xguest/.ssh       system_u:object_r:user_home_ssh_t
> 
> Which did you want it to be?
> 
Yes you are right.

The problem is we need to find the failsafe account before writing the
general account.

How about this patch.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFG/RhdrlYvE4MpobMRAqTmAKDCE7++pT4Cyia9otRgxVKDGliybQCeORmj
JjDY5P3SDBwohQRC5uPJwNU=
=HkqG
-----END PGP SIGNATURE-----

[-- Attachment #2: diff --]
[-- Type: text/plain, Size: 3680 bytes --]

diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.10/src/genhomedircon.c
--- nsalibsemanage/src/genhomedircon.c	2007-09-28 09:48:57.000000000 -0400
+++ libsemanage-2.0.10/src/genhomedircon.c	2007-09-28 10:59:54.000000000 -0400
@@ -575,10 +575,8 @@
 	return STATUS_SUCCESS;
 }
 
-static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
-					     int *errors)
+static int setup_fallback_user(genhomedircon_settings_t * s)
 {
-	genhomedircon_user_entry_t *head = NULL;
 	semanage_seuser_t **seuser_list = NULL;
 	unsigned int nseusers = 0;
 	semanage_user_t **user_list = NULL;
@@ -587,17 +585,13 @@
 	const char *name = NULL;
 	const char *seuname = NULL;
 	const char *prefix = NULL;
-	struct passwd pwstorage, *pwent = NULL;
 	unsigned int i;
-	long rbuflen;
-	char *rbuf = NULL;
 	int retval;
-
-	*errors = 0;
+	int errors = 0;
 	retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers);
 	if (retval < 0 || (nseusers < 1)) {
 		/* if there are no users, this function can't do any other work */
-		return NULL;
+		return errors;
 	}
 
 	if (semanage_user_list(s->h_semanage, &user_list, &nusers) < 0) {
@@ -607,14 +601,6 @@
 	qsort(user_list, nusers, sizeof(semanage_user_t *),
 	      (int (*)(const void *, const void *))&user_sort_func);
 
-	/* Allocate space for the getpwnam_r buffer */
-	rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
-	if (rbuflen <= 0)
-		goto cleanup;
-	rbuf = malloc(rbuflen);
-	if (rbuf == NULL)
-		goto cleanup;
-
 	for (i = 0; i < nseusers; i++) {
 		name = semanage_seuser_get_name(seuser_list[i]);
 		if (strcmp(name, DEFAULT_LOGIN) == 0) {
@@ -630,14 +616,54 @@
 			} else {
 				prefix = name;
 			}
-
 			if (set_fallback_user(s, seuname, prefix) != 0) {
-				*errors = STATUS_ERR;
-				goto cleanup;
+				errors = STATUS_ERR;
 			}
 			break;
 		}
 	}
+	return errors;
+}
+
+static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
+					     int *errors)
+{
+	genhomedircon_user_entry_t *head = NULL;
+	semanage_seuser_t **seuser_list = NULL;
+	unsigned int nseusers = 0;
+	semanage_user_t **user_list = NULL;
+	unsigned int nusers = 0;
+	semanage_user_t **u = NULL;
+	const char *name = NULL;
+	const char *seuname = NULL;
+	const char *prefix = NULL;
+	struct passwd pwstorage, *pwent = NULL;
+	unsigned int i;
+	long rbuflen;
+	char *rbuf = NULL;
+	int retval;
+
+	*errors = 0;
+	retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers);
+	if (retval < 0 || (nseusers < 1)) {
+		/* if there are no users, this function can't do any other work */
+		return NULL;
+	}
+
+	if (semanage_user_list(s->h_semanage, &user_list, &nusers) < 0) {
+		nusers = 0;
+	}
+
+	qsort(user_list, nusers, sizeof(semanage_user_t *),
+	      (int (*)(const void *, const void *))&user_sort_func);
+
+	/* Allocate space for the getpwnam_r buffer */
+	rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+	if (rbuflen <= 0)
+		goto cleanup;
+	rbuf = malloc(rbuflen);
+	if (rbuf == NULL)
+		goto cleanup;
 
 	for (i = 0; i < nseusers; i++) {
 		seuname = semanage_seuser_get_sename(seuser_list[i]);
@@ -769,12 +795,10 @@
 		goto done;
 	}
 
-	if (write_gen_home_dir_context(s, out, user_context_tpl,
-				       homedir_context_tpl) != STATUS_SUCCESS) {
+	if (setup_fallback_user(s) != 0) {
 		retval = STATUS_ERR;
 		goto done;
 	}
-
 	for (h = homedirs; h; h = h->next) {
 		Ustr *temp = ustr_dup_cstr(h->data);
 
@@ -811,6 +835,12 @@
 		goto done;
 	}
 
+	if (write_gen_home_dir_context(s, out, user_context_tpl,
+				       homedir_context_tpl) != STATUS_SUCCESS) {
+		retval = STATUS_ERR;
+		goto done;
+	}
+
       done:
 	/* Cleanup */
 	semanage_list_destroy(&homedirs);

[-- Attachment #3: diff.sig --]
[-- Type: application/octet-stream, Size: 65 bytes --]

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Todd Miller]

Stephen Smalley wrote:
> Looking again at the output, the order differs - the libsemanage
> genhomedircon puts the specific user entries first and then the
> generic /home entries, which seems wrong given that later entries take
> precedence for matchpathcon.  genhomedircon script does the opposite.

This change was present in the modified diff Dan sent and I preserved
that change in the patch set.  At the time I had thought it was moved
to make the output better match the python script but that appears not
to be the case.

It is easy to change back but I'm sure there was a reason for the move.
Perhaps Dan can shed some light on this.

 - todd


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Todd Miller]

Josh just pointed out that unlike file_contexts,
file_contexts.homedir isn't sorted via semanage_fc_sort().

This is probably the best solution, though it would mean
we lose the comments (they get stripped out during the
sorting for obvious reasons).

Thoughts?

 - todd


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 11:00 -0400, Todd Miller wrote:
> Josh just pointed out that unlike file_contexts,
> file_contexts.homedir isn't sorted via semanage_fc_sort().
> 
> This is probably the best solution, though it would mean
> we lose the comments (they get stripped out during the
> sorting for obvious reasons).
> 
> Thoughts?

I'd have assumed that you want the general /home patterns to come first
always (lowest precedence), then the per-user patterns (and no conflicts
among the per-user patterns).  So I'm not sure why you'd want to sort it
heuristically like the rest of the file contexts.  The heuristics could
end up putting the general /home patterns later, which I don't think you
ever want.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Joshua Brindle]

Stephen Smalley wrote:
> On Fri, 2007-09-28 at 11:00 -0400, Todd Miller wrote:
>> Josh just pointed out that unlike file_contexts,
>> file_contexts.homedir isn't sorted via semanage_fc_sort().
>> 
>> This is probably the best solution, though it would mean we lose the
>> comments (they get stripped out during the sorting for obvious
>> reasons). 
>> 
>> Thoughts?
> 
> I'd have assumed that you want the general /home patterns to
> come first always (lowest precedence), then the per-user
> patterns (and no conflicts among the per-user patterns).  So
> I'm not sure why you'd want to sort it heuristically like the
> rest of the file contexts.  The heuristics could end up
> putting the general /home patterns later, which I don't think
> you ever want.


Matchpathcon should already read file_context.homedirs and matches
entries in it before going on to the file_context file so using the
fc_sort function would just be to sort the homedirs file and not sort
both files together.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: [patch 0/4] libsemanage: genhomedircon regressions

[Stephen Smalley]

On Fri, 2007-09-28 at 11:35 -0400, Joshua Brindle wrote:
> Stephen Smalley wrote:
> > On Fri, 2007-09-28 at 11:00 -0400, Todd Miller wrote:
> >> Josh just pointed out that unlike file_contexts,
> >> file_contexts.homedir isn't sorted via semanage_fc_sort().
> >> 
> >> This is probably the best solution, though it would mean we lose the
> >> comments (they get stripped out during the sorting for obvious
> >> reasons). 
> >> 
> >> Thoughts?
> > 
> > I'd have assumed that you want the general /home patterns to
> > come first always (lowest precedence), then the per-user
> > patterns (and no conflicts among the per-user patterns).  So
> > I'm not sure why you'd want to sort it heuristically like the
> > rest of the file contexts.  The heuristics could end up
> > putting the general /home patterns later, which I don't think
> > you ever want.
> 
> 
> Matchpathcon should already read file_context.homedirs and matches
> entries in it before going on to the file_context file so using the
> fc_sort function would just be to sort the homedirs file and not sort
> both files together.

I know - but my concern is that the fc sort code may get the internal
ordering of files_contexts.homedirs wrong.  We know that we always want
the general /home/.+ patterns in file_contexts.homedirs to precede the
per-user entries, and the per-user entries should be disjoint anyway so
their ordering relative to one another shouldn't matter.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [patch 0/4] libsemanage: genhomedircon regressions

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Todd Miller wrote:
> Stephen Smalley wrote:
>> Looking again at the output, the order differs - the libsemanage
>> genhomedircon puts the specific user entries first and then the
>> generic /home entries, which seems wrong given that later entries take
>> precedence for matchpathcon.  genhomedircon script does the opposite.
> 
> This change was present in the modified diff Dan sent and I preserved
> that change in the patch set.  At the time I had thought it was moved
> to make the output better match the python script but that appears not
> to be the case.
> 
> It is easy to change back but I'm sure there was a reason for the move.
> Perhaps Dan can shed some light on this.
> 
>  - todd
THe problem was the fallback_user was not determined at the time it was
being written out.  I have sent a new patch that separates out the
descovery of the fallback_user from gen_users.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFG/RqurlYvE4MpobMRArtLAJ9zp2AKWoO6jUvB25bYYZl19t8KwACfeA5k
XSwO4xxrQgvgvsBU10nUyBs=
=CxFA
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.