* [PATCH] homedir_template generation skips USER lines
@ 2008-11-11 14:49 Christopher J. PeBenito
2008-11-11 20:39 ` Joshua Brindle
0 siblings, 1 reply; 2+ messages in thread
From: Christopher J. PeBenito @ 2008-11-11 14:49 UTC (permalink / raw)
To: selinux
The current libsemanage code does not correctly add lines which include
USER in them into the homedir_template, for example:
/tmp/gconfd-USER -d system_u:object_r:ROLE_tmp_t
This line was included in the past since it has ROLE. However, with the
switch to UBAC separations, the line has changed to:
/tmp/gconfd-USER -d system_u:object_r:user_tmp_t
and is no longer included. The follwing patch fixes.
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index ab79c28..9f197ed 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -983,7 +983,8 @@ int semanage_split_fc(semanage_handle_t * sh)
while (fgets_unlocked(buf, PATH_MAX, file_con)) {
if (!strncmp(buf, "HOME_DIR", 8) ||
- !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE")) {
+ !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE") ||
+ strstr(buf, "USER")) {
/* This contains one of the template variables, write it to homedir.template */
if (write(hd, buf, strlen(buf)) < 0) {
ERR(sh, "Write to %s failed.",
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] homedir_template generation skips USER lines
2008-11-11 14:49 [PATCH] homedir_template generation skips USER lines Christopher J. PeBenito
@ 2008-11-11 20:39 ` Joshua Brindle
0 siblings, 0 replies; 2+ messages in thread
From: Joshua Brindle @ 2008-11-11 20:39 UTC (permalink / raw)
To: Christopher J. PeBenito; +Cc: selinux
Christopher J. PeBenito wrote:
> The current libsemanage code does not correctly add lines which include
> USER in them into the homedir_template, for example:
>
> /tmp/gconfd-USER -d system_u:object_r:ROLE_tmp_t
>
> This line was included in the past since it has ROLE. However, with the
> switch to UBAC separations, the line has changed to:
>
> /tmp/gconfd-USER -d system_u:object_r:user_tmp_t
>
> and is no longer included. The follwing patch fixes.
>
> diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
> index ab79c28..9f197ed 100644
> --- a/libsemanage/src/semanage_store.c
> +++ b/libsemanage/src/semanage_store.c
> @@ -983,7 +983,8 @@ int semanage_split_fc(semanage_handle_t * sh)
>
> while (fgets_unlocked(buf, PATH_MAX, file_con)) {
> if (!strncmp(buf, "HOME_DIR", 8) ||
> - !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE")) {
> + !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE") ||
> + strstr(buf, "USER")) {
> /* This contains one of the template variables, write it to homedir.template */
> if (write(hd, buf, strlen(buf)) < 0) {
> ERR(sh, "Write to %s failed.",
>
>
>
>
Merged in libsemanage-2.0.29
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-11-11 20:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-11 14:49 [PATCH] homedir_template generation skips USER lines Christopher J. PeBenito
2008-11-11 20:39 ` Joshua Brindle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.