]>
Commit | Line | Data |
---|---|---|
7b3e1842 AM |
1 | --- shadow-4.0.3/lib/commonio.h.selinux 2001-08-14 17:09:54.000000000 -0400 |
2 | +++ shadow-4.0.3/lib/commonio.h 2003-06-20 15:52:54.000000000 -0400 | |
3 | @@ -1,5 +1,8 @@ | |
4 | /* $Id$ */ | |
38a55db2 | 5 | |
7b3e1842 AM |
6 | +#ifdef WITH_SELINUX |
7 | +#include <selinux/selinux.h> | |
38a55db2 | 8 | +#endif |
7b3e1842 AM |
9 | /* |
10 | * Linked list entry. | |
11 | */ | |
12 | @@ -70,6 +73,9 @@ struct commonio_db { | |
13 | */ | |
14 | FILE *fp; | |
38a55db2 | 15 | |
7b3e1842 AM |
16 | +#ifdef WITH_SELINUX |
17 | + security_context_t scontext; | |
38a55db2 | 18 | +#endif |
38a55db2 | 19 | /* |
7b3e1842 | 20 | * Head, tail, current position in linked list. |
38a55db2 | 21 | */ |
7b3e1842 AM |
22 | --- shadow-4.0.3/lib/Makefile.am.selinux 2003-06-20 15:46:31.000000000 -0400 |
23 | +++ shadow-4.0.3/lib/Makefile.am 2003-06-20 15:51:00.000000000 -0400 | |
24 | @@ -1,14 +1,14 @@ | |
38a55db2 | 25 | |
7b3e1842 | 26 | AUTOMAKE_OPTIONS = 1.0 foreign |
38a55db2 | 27 | |
7b3e1842 AM |
28 | -DEFS = |
29 | +DEFS = -DWITH_SELINUX | |
30 | INCLUDES = -I$(top_srcdir) | |
38a55db2 | 31 | |
6a0e841c | 32 | lib_LTLIBRARIES = libshadow.la |
38a55db2 | 33 | |
7b3e1842 AM |
34 | libshadow_la_LDFLAGS = -version-info 0:0:0 |
35 | libshadow_la_LIBADD = $(INTLLIBS) $(LIBCRYPT) $(LIBTCFS) $(LIBSKEY) $(LIBMD) \ | |
36 | - $(top_builddir)/libmisc/libmisc.la | |
6a0e841c | 37 | + $(top_builddir)/libmisc/libmisc.la -lselinux |
38a55db2 | 38 | |
7b3e1842 AM |
39 | libshadow_la_SOURCES = \ |
40 | commonio.c \ | |
41 | --- shadow-4.0.3/lib/commonio.c.selinux 2003-06-20 15:53:16.000000000 -0400 | |
42 | +++ shadow-4.0.3/lib/commonio.c 2003-07-08 13:53:32.033078008 -0400 | |
43 | @@ -15,7 +15,10 @@ RCSID("$Id: commonio.c,v 1.22 2001/11/17 | |
44 | #ifdef HAVE_SHADOW_H | |
45 | #include <shadow.h> | |
38a55db2 | 46 | #endif |
38a55db2 | 47 | - |
7b3e1842 AM |
48 | +#ifdef WITH_SELINUX |
49 | +#include <selinux/selinux.h> | |
50 | +static security_context_t old_context=NULL; | |
51 | +#endif | |
52 | #include "commonio.h" | |
38a55db2 | 53 | |
7b3e1842 AM |
54 | /* local function prototypes */ |
55 | @@ -437,6 +440,15 @@ commonio_open(struct commonio_db *db, in | |
56 | return 0; | |
38a55db2 | 57 | } |
58 | ||
7b3e1842 AM |
59 | +#ifdef WITH_SELINUX |
60 | + db->scontext=NULL; | |
61 | + if (is_selinux_enabled() && (! db->readonly)) { | |
62 | + if (fgetfilecon(fileno(db->fp),&db->scontext) < 0) { | |
63 | + goto cleanup; | |
64 | + } | |
38a55db2 | 65 | + } |
38a55db2 | 66 | +#endif |
67 | + | |
7b3e1842 AM |
68 | buflen = BUFLEN; |
69 | buf = (char *) malloc(buflen); | |
70 | if (!buf) | |
71 | @@ -492,6 +504,12 @@ cleanup_buf: | |
72 | free(buf); | |
73 | cleanup: | |
74 | free_linked_list(db); | |
75 | +#ifdef WITH_SELINUX | |
76 | + if (db->scontext!= NULL) { | |
77 | + freecon(db->scontext); | |
78 | + db->scontext=NULL; | |
79 | + } | |
38a55db2 | 80 | +#endif |
7b3e1842 AM |
81 | fclose(db->fp); |
82 | db->fp = NULL; | |
83 | errno = ENOMEM; | |
84 | @@ -627,6 +645,19 @@ commonio_close(struct commonio_db *db) | |
85 | goto fail; | |
38a55db2 | 86 | } |
38a55db2 | 87 | |
7b3e1842 AM |
88 | +#ifdef WITH_SELINUX |
89 | + if (db->scontext != NULL) { | |
90 | + int stat=getfscreatecon(&old_context); | |
91 | + if (stat< 0) { | |
92 | + errors++; | |
93 | + goto fail; | |
94 | + } | |
95 | + if (setfscreatecon(db->scontext)<0) { | |
96 | + errors++; | |
97 | + goto fail; | |
98 | + } | |
38a55db2 | 99 | + } |
38a55db2 | 100 | +#endif |
7b3e1842 AM |
101 | /* |
102 | * Create backup file. | |
103 | */ | |
104 | @@ -683,14 +714,26 @@ commonio_close(struct commonio_db *db) | |
105 | goto fail; | |
106 | ||
107 | nscd_need_reload = 1; | |
108 | - | |
109 | + goto success; | |
110 | +fail: | |
111 | + errors++; | |
112 | success: | |
113 | - free_linked_list(db); | |
114 | - return 1; | |
115 | ||
116 | -fail: | |
117 | +#ifdef WITH_SELINUX | |
118 | + if (db->scontext != NULL) { | |
119 | + if (setfscreatecon(old_context)<0) { | |
120 | + errors++; | |
121 | + } | |
122 | + if (old_context != NULL) { | |
123 | + freecon(old_context); | |
124 | + old_context=NULL; | |
125 | + } | |
126 | + freecon(db->scontext); | |
127 | + db->scontext=NULL; | |
38a55db2 | 128 | + } |
129 | +#endif | |
7b3e1842 AM |
130 | free_linked_list(db); |
131 | - return 0; | |
132 | + return errors==0; | |
38a55db2 | 133 | } |
38a55db2 | 134 | |
38a55db2 | 135 | |
7b3e1842 AM |
136 | --- shadow-4.0.3/src/Makefile.am.selinux 2003-06-20 15:50:17.000000000 -0400 |
137 | +++ shadow-4.0.3/src/Makefile.am 2003-06-20 15:50:44.000000000 -0400 | |
138 | @@ -4,7 +4,7 @@ EXTRA_DOST = .indent.pro | |
139 | ubindir = ${prefix}/bin | |
140 | usbindir = ${prefix}/sbin | |
141 | ||
142 | -DEFS = -D_HAVE_CONFIG_H -DLOCALEDIR=\"$(datadir)/locale\" | |
143 | +DEFS = -D_HAVE_CONFIG_H -DLOCALEDIR=\"$(datadir)/locale\" -DWITH_SELINUX | |
38a55db2 | 144 | |
7b3e1842 AM |
145 | INCLUDES = -I${top_srcdir} \ |
146 | -I${top_srcdir}/lib \ |