Re: [PATCH] libsemanage: Add file_contexts and seusers to the store

[Stephen Smalley <sds@tycho.nsa.gov>]

On 07/22/2015 09:29 AM, Stephen Smalley wrote:
> On 07/21/2015 03:08 PM, Yuli Khodorkovskiy wrote:
>> This patch writes file_contexts and seusers to the policy store as well as
>> /etc/selinux/. Additionally, file_contexts and seusers are now parsed from the
>> store rather than the final directory which was the old behavior. This allows
>> all policy related files to be kept in the policy store.
>>
>> Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
> 
> Thanks, applied.

One caveat with these changes:  they require a semodule -B when
upgrading.  Otherwise any read-only transaction, e.g. semodule login -l,
will yield no results.

> 
>> ---
>>  libsemanage/src/direct_api.c             | 69 +++++++++++++++++++++++++-------
>>  libsemanage/src/semanage_store.c         | 49 ++++-------------------
>>  libsemanage/src/semanage_store.h         |  5 ++-
>>  libsemanage/utils/semanage_migrate_store |  3 +-
>>  4 files changed, 66 insertions(+), 60 deletions(-)
>>
>> diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
>> index 3c6b168..b11f2ba 100644
>> --- a/libsemanage/src/direct_api.c
>> +++ b/libsemanage/src/direct_api.c
>> @@ -248,18 +248,14 @@ int semanage_direct_connect(semanage_handle_t * sh)
>>  		goto err;
>>  
>>  	if (fcontext_file_dbase_init(sh,
>> -				     semanage_final_path(SEMANAGE_FINAL_SELINUX,
>> -							 SEMANAGE_FC),
>> -				     semanage_final_path(SEMANAGE_FINAL_TMP,
>> -							 SEMANAGE_FC),
>> +				     semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_FC),
>> +				     semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC),
>>  				     semanage_fcontext_dbase_policy(sh)) < 0)
>>  		goto err;
>>  
>>  	if (seuser_file_dbase_init(sh,
>> -				   semanage_final_path(SEMANAGE_FINAL_SELINUX,
>> -						       SEMANAGE_SEUSERS),
>> -				   semanage_final_path(SEMANAGE_FINAL_TMP,
>> -						       SEMANAGE_SEUSERS),
>> +				   semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_SEUSERS),
>> +				   semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS),
>>  				   semanage_seuser_dbase_policy(sh)) < 0)
>>  		goto err;
>>  
>> @@ -602,7 +598,7 @@ static int semanage_direct_update_seuser(semanage_handle_t * sh, cil_db_t *cildb
>>  	}
>>  
>>  	if (size > 0) {
>> -		ofilename = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS);
>> +		ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS);
>>  		if (ofilename == NULL) {
>>  			return -1;
>>  		}
>> @@ -1039,7 +1035,8 @@ static int semanage_direct_commit(semanage_handle_t * sh)
>>  	size_t fc_buffer_len = 0;
>>  	const char *ofilename = NULL;
>>  	const char *path;
>> -	int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0;
>> +	int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0,
>> +		missing_seusers = 0, missing_fc = 0, missing = 0;
>>  	sepol_policydb_t *out = NULL;
>>  	struct cil_db *cildb = NULL;
>>  	semanage_module_info_t *modinfos = NULL;
>> @@ -1151,10 +1148,26 @@ static int semanage_direct_commit(semanage_handle_t * sh)
>>  		if (access(path, F_OK) != 0) {
>>  			missing_policy_kern = 1;
>>  		}
>> +
>> +		path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC);
>> +
>> +		if (access(path, F_OK) != 0) {
>> +			missing_fc = 1;
>> +		}
>> +
>> +		path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS);
>> +
>> +		if (access(path, F_OK) != 0) {
>> +			missing_seusers = 1;
>> +		}
>>  	}
>>  
>> +	missing |= missing_policy_kern;
>> +	missing |= missing_fc;
>> +	missing |= missing_seusers;
>> +
>>  	/* If there were policy changes, or explicitly requested, rebuild the policy */
>> -	if (sh->do_rebuild || modified || missing_policy_kern) {
>> +	if (sh->do_rebuild || modified || missing) {
>>  		/* =================== Module expansion =============== */
>>  
>>  		retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos);
>> @@ -1312,15 +1325,41 @@ static int semanage_direct_commit(semanage_handle_t * sh)
>>  	if (retval < 0)
>>  		goto cleanup;
>>  
>> -	retval = semanage_copy_policydb(sh);
>> -	if (retval < 0)
>> +	retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL),
>> +			semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL),
>> +			sh->conf->file_mode);
>> +	if (retval < 0) {
>>  		goto cleanup;
>> +	}
>>  
>>  	path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL);
>>  	if (access(path, F_OK) == 0) {
>> -		retval = semanage_copy_fc_local(sh);
>> -		if (retval < 0)
>> +		retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL),
>> +							semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL),
>> +							sh->conf->file_mode);
>> +		if (retval < 0) {
>>  			goto cleanup;
>> +		}
>> +	}
>> +
>> +	path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC);
>> +	if (access(path, F_OK) == 0) {
>> +		retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC),
>> +							semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC),
>> +							sh->conf->file_mode);
>> +		if (retval < 0) {
>> +			goto cleanup;
>> +		}
>> +	}
>> +
>> +	path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS);
>> +	if (access(path, F_OK) == 0) {
>> +		retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS),
>> +							semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS),
>> +							sh->conf->file_mode);
>> +		if (retval < 0) {
>> +			goto cleanup;
>> +		}
>>  	}
>>  
>>  	/* run genhomedircon if its enabled, this should be the last operation
>> diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
>> index 2856aaf..fa0876f 100644
>> --- a/libsemanage/src/semanage_store.c
>> +++ b/libsemanage/src/semanage_store.c
>> @@ -111,7 +111,9 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = {
>>  	"/preserve_tunables",
>>  	"/modules/disabled",
>>  	"/policy.kern",
>> -	"/file_contexts.local"
>> +	"/file_contexts.local",
>> +	"/file_contexts",
>> +	"/seusers"
>>  };
>>  
>>  static char const * const semanage_final_prefix[SEMANAGE_FINAL_NUM] = {
>> @@ -666,7 +668,7 @@ static int semanage_filename_select(const struct dirent *d)
>>  
>>  /* Copies a file from src to dst.  If dst already exists then
>>   * overwrite it.  Returns 0 on success, -1 on error. */
>> -static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
>> +int semanage_copy_file(const char *src, const char *dst, mode_t mode)
>>  {
>>  	int in, out, retval = 0, amount_read, n, errsv = errno;
>>  	char tmp[PATH_MAX];
>> @@ -1425,11 +1427,11 @@ int semanage_split_fc(semanage_handle_t * sh)
>>  		goto cleanup;
>>  	}
>>  
>> -	fc = open(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC),
>> +	fc = open(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC),
>>  		  O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
>>  	if (fc < 0) {
>>  		ERR(sh, "Could not open %s for writing.",
>> -		    semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC));
>> +		    semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC));
>>  		goto cleanup;
>>  	}
>>  	hd = open(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL),
>> @@ -1454,8 +1456,7 @@ int semanage_split_fc(semanage_handle_t * sh)
>>  		} else {
>>  			if (write(fc, buf, strlen(buf)) < 0) {
>>  				ERR(sh, "Write to %s failed.",
>> -				    semanage_final_path(SEMANAGE_FINAL_TMP,
>> -							SEMANAGE_FC));
>> +				    semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC));
>>  				goto cleanup;
>>  			}
>>  		}
>> @@ -2914,39 +2915,3 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len,
>>  
>>  	return 0;
>>  }
>> -
>> -int semanage_copy_policydb(semanage_handle_t *sh)
>> -{
>> -	const char *src = NULL;
>> -	const char *dst = NULL;
>> -	int rc = -1;
>> -
>> -	src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL);
>> -	dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL);
>> -
>> -	rc = semanage_copy_file(src, dst, sh->conf->file_mode);
>> -	if (rc != 0) {
>> -		goto cleanup;
>> -	}
>> -
>> -cleanup:
>> -	return rc;
>> -}
>> -
>> -int semanage_copy_fc_local(semanage_handle_t *sh)
>> -{
>> -	const char *src = NULL;
>> -	const char *dst = NULL;
>> -	int rc = -1;
>> -
>> -	src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL);
>> -	dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL);
>> -
>> -	rc = semanage_copy_file(src, dst, sh->conf->file_mode);
>> -	if (rc != 0) {
>> -		goto cleanup;
>> -	}
>> -
>> -cleanup:
>> -	return rc;
>> -}
>> diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h
>> index ade43f2..acb6e3f 100644
>> --- a/libsemanage/src/semanage_store.h
>> +++ b/libsemanage/src/semanage_store.h
>> @@ -57,6 +57,8 @@ enum semanage_sandbox_defs {
>>  	SEMANAGE_MODULES_DISABLED,
>>  	SEMANAGE_STORE_KERNEL,
>>  	SEMANAGE_STORE_FC_LOCAL,
>> +	SEMANAGE_STORE_FC,
>> +	SEMANAGE_STORE_SEUSERS,
>>  	SEMANAGE_STORE_NUM_PATHS
>>  };
>>  
>> @@ -150,7 +152,6 @@ int semanage_nc_sort(semanage_handle_t * sh,
>>  		     size_t buf_len,
>>  		     char **sorted_buf, size_t * sorted_buf_len);
>>  
>> -int semanage_copy_policydb(semanage_handle_t *sh);
>> -int semanage_copy_fc_local(semanage_handle_t *sh);
>> +int semanage_copy_file(const char *src, const char *dst, mode_t mode);
>>  
>>  #endif
>> diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
>> index b170eda..6443002 100755
>> --- a/libsemanage/utils/semanage_migrate_store
>> +++ b/libsemanage/utils/semanage_migrate_store
>> @@ -244,7 +244,8 @@ if __name__ == "__main__":
>>  		"users_extra.local",
>>  		"disable_dontaudit",
>>  		"preserve_tunables",
>> -		"policy.kern" ]
>> +		"policy.kern",
>> +		"file_contexts"]
>>  
>>  
>>  	create_dir(newroot_path(), 0o755)
>>
> 
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>