projects / packages / shadow.git / blame
| Commit | Line | Data |
|---|---|---|
| 7b3e1842 AM |
1 | --- shadow-4.0.3/lib/commonio.h.selinux 2001-08-14 17:09:54.000000000 -0400 |
| 2 | +++ shadow-4.0.3/lib/commonio.h 2003-06-20 15:52:54.000000000 -0400 | |
| 3 | @@ -1,5 +1,8 @@ | |
| 4 | /* $Id$ */ | |
| 38a55db2 | 5 | |
| 7b3e1842 AM |
6 | +#ifdef WITH_SELINUX |
| 7 | +#include <selinux/selinux.h> | |
| 38a55db2 | 8 | +#endif |
| 7b3e1842 AM |
9 | /* |
| 10 | * Linked list entry. | |
| 11 | */ | |
| 12 | @@ -70,6 +73,9 @@ struct commonio_db { | |
| 13 | */ | |
| 14 | FILE *fp; | |
| 38a55db2 | 15 | |
| 7b3e1842 AM |
16 | +#ifdef WITH_SELINUX |
| 17 | + security_context_t scontext; | |
| 38a55db2 | 18 | +#endif |
| 38a55db2 | 19 | /* |
| 7b3e1842 | 20 | * Head, tail, current position in linked list. |
| 38a55db2 | 21 | */ |
| 7b3e1842 AM |
22 | --- shadow-4.0.3/lib/Makefile.am.selinux 2003-06-20 15:46:31.000000000 -0400 |
| 23 | +++ shadow-4.0.3/lib/Makefile.am 2003-06-20 15:51:00.000000000 -0400 | |
| 24 | @@ -1,14 +1,14 @@ | |
| 38a55db2 | 25 | |
| 7b3e1842 | 26 | AUTOMAKE_OPTIONS = 1.0 foreign |
| 38a55db2 | 27 | |
| 7b3e1842 AM |
28 | -DEFS = |
| 29 | +DEFS = -DWITH_SELINUX | |
| 30 | INCLUDES = -I$(top_srcdir) | |
| 38a55db2 | 31 | |
| 7b3e1842 | 32 | noinst_LTLIBRARIES = libshadow.la |
| 38a55db2 | 33 | |
| 7b3e1842 AM |
34 | libshadow_la_LDFLAGS = -version-info 0:0:0 |
| 35 | libshadow_la_LIBADD = $(INTLLIBS) $(LIBCRYPT) $(LIBTCFS) $(LIBSKEY) $(LIBMD) \ | |
| 36 | - $(top_builddir)/libmisc/libmisc.la | |
| 37 | + $(top_builddir)/libmisc/libmisc.la | |
| 38a55db2 | 38 | |
| 7b3e1842 AM |
39 | libshadow_la_SOURCES = \ |
| 40 | commonio.c \ | |
| 41 | --- shadow-4.0.3/lib/commonio.c.selinux 2003-06-20 15:53:16.000000000 -0400 | |
| 42 | +++ shadow-4.0.3/lib/commonio.c 2003-07-08 13:53:32.033078008 -0400 | |
| 43 | @@ -15,7 +15,10 @@ RCSID("$Id: commonio.c,v 1.22 2001/11/17 | |
| 44 | #ifdef HAVE_SHADOW_H | |
| 45 | #include <shadow.h> | |
| 38a55db2 | 46 | #endif |
| 38a55db2 | 47 | - |
| 7b3e1842 AM |
48 | +#ifdef WITH_SELINUX |
| 49 | +#include <selinux/selinux.h> | |
| 50 | +static security_context_t old_context=NULL; | |
| 51 | +#endif | |
| 52 | #include "commonio.h" | |
| 38a55db2 | 53 | |
| 7b3e1842 AM |
54 | /* local function prototypes */ |
| 55 | @@ -437,6 +440,15 @@ commonio_open(struct commonio_db *db, in | |
| 56 | return 0; | |
| 38a55db2 | 57 | } |
| 58 | ||
| 7b3e1842 AM |
59 | +#ifdef WITH_SELINUX |
| 60 | + db->scontext=NULL; | |
| 61 | + if (is_selinux_enabled() && (! db->readonly)) { | |
| 62 | + if (fgetfilecon(fileno(db->fp),&db->scontext) < 0) { | |
| 63 | + goto cleanup; | |
| 64 | + } | |
| 38a55db2 | 65 | + } |
| 38a55db2 | 66 | +#endif |
| 67 | + | |
| 7b3e1842 AM |
68 | buflen = BUFLEN; |
| 69 | buf = (char *) malloc(buflen); | |
| 70 | if (!buf) | |
| 71 | @@ -492,6 +504,12 @@ cleanup_buf: | |
| 72 | free(buf); | |
| 73 | cleanup: | |
| 74 | free_linked_list(db); | |
| 75 | +#ifdef WITH_SELINUX | |
| 76 | + if (db->scontext!= NULL) { | |
| 77 | + freecon(db->scontext); | |
| 78 | + db->scontext=NULL; | |
| 79 | + } | |
| 38a55db2 | 80 | +#endif |
| 7b3e1842 AM |
81 | fclose(db->fp); |
| 82 | db->fp = NULL; | |
| 83 | errno = ENOMEM; | |
| 84 | @@ -627,6 +645,19 @@ commonio_close(struct commonio_db *db) | |
| 85 | goto fail; | |
| 38a55db2 | 86 | } |
| 38a55db2 | 87 | |
| 7b3e1842 AM |
88 | +#ifdef WITH_SELINUX |
| 89 | + if (db->scontext != NULL) { | |
| 90 | + int stat=getfscreatecon(&old_context); | |
| 91 | + if (stat< 0) { | |
| 92 | + errors++; | |
| 93 | + goto fail; | |
| 94 | + } | |
| 95 | + if (setfscreatecon(db->scontext)<0) { | |
| 96 | + errors++; | |
| 97 | + goto fail; | |
| 98 | + } | |
| 38a55db2 | 99 | + } |
| 38a55db2 | 100 | +#endif |
| 7b3e1842 AM |
101 | /* |
| 102 | * Create backup file. | |
| 103 | */ | |
| 104 | @@ -683,14 +714,26 @@ commonio_close(struct commonio_db *db) | |
| 105 | goto fail; | |
| 106 | ||
| 107 | nscd_need_reload = 1; | |
| 108 | - | |
| 109 | + goto success; | |
| 110 | +fail: | |
| 111 | + errors++; | |
| 112 | success: | |
| 113 | - free_linked_list(db); | |
| 114 | - return 1; | |
| 115 | ||
| 116 | -fail: | |
| 117 | +#ifdef WITH_SELINUX | |
| 118 | + if (db->scontext != NULL) { | |
| 119 | + if (setfscreatecon(old_context)<0) { | |
| 120 | + errors++; | |
| 121 | + } | |
| 122 | + if (old_context != NULL) { | |
| 123 | + freecon(old_context); | |
| 124 | + old_context=NULL; | |
| 125 | + } | |
| 126 | + freecon(db->scontext); | |
| 127 | + db->scontext=NULL; | |
| 38a55db2 | 128 | + } |
| 129 | +#endif | |
| 7b3e1842 AM |
130 | free_linked_list(db); |
| 131 | - return 0; | |
| 132 | + return errors==0; | |
| 38a55db2 | 133 | } |
| 38a55db2 | 134 | |
| 38a55db2 | 135 | |
| 7b3e1842 AM |
136 | --- shadow-4.0.3/src/Makefile.am.selinux 2003-06-20 15:50:17.000000000 -0400 |
| 137 | +++ shadow-4.0.3/src/Makefile.am 2003-06-20 15:50:44.000000000 -0400 | |
| 138 | @@ -4,7 +4,7 @@ EXTRA_DOST = .indent.pro | |
| 139 | ubindir = ${prefix}/bin | |
| 140 | usbindir = ${prefix}/sbin | |
| 141 | ||
| 142 | -DEFS = -D_HAVE_CONFIG_H -DLOCALEDIR=\"$(datadir)/locale\" | |
| 143 | +DEFS = -D_HAVE_CONFIG_H -DLOCALEDIR=\"$(datadir)/locale\" -DWITH_SELINUX | |
| 38a55db2 | 144 | |
| 7b3e1842 AM |
145 | INCLUDES = -I${top_srcdir} \ |
| 146 | -I${top_srcdir}/lib \ | |
| 147 | @@ -35,7 +35,7 @@ suidbins = su | |
| 38a55db2 | 148 | suidubins = chage chfn chsh expiry gpasswd newgrp passwd |
| 149 | ||
| 7b3e1842 AM |
150 | LDADD = $(top_builddir)/libmisc/libmisc.la \ |
| 151 | - $(top_builddir)/lib/libshadow.la | |
| 152 | + $(top_builddir)/lib/libshadow.la -lselinux | |
| 38a55db2 | 153 | |
| 154 | chpasswd_LDADD = $(LDADD) $(LIBPAM) | |
| 7b3e1842 | 155 | chage_LDADD = $(LDADD) $(LIBPAM) |