1 diff -Nur a/Makefile b/Makefile
2 --- a/Makefile 2011-11-04 14:38:45.000000000 +0100
3 +++ b/Makefile 2011-11-27 18:02:23.488513229 +0100
5 -SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool po
6 +SUBDIRS = setfiles semanage semanage/default_encoding load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool po
8 INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
10 diff -Nur a/newrole/newrole.c b/newrole/newrole.c
11 --- a/newrole/newrole.c 2011-11-04 14:38:45.000000000 +0100
12 +++ b/newrole/newrole.c 2011-11-27 18:02:23.489513229 +0100
14 #if defined(AUDIT_LOG_PRIV) && !defined(NAMESPACE_PRIV)
15 static int drop_capabilities(int full)
17 + uid_t uid = getuid();
20 capng_clear(CAPNG_SELECT_BOTH);
24 - uid_t uid = getuid();
28 if (setresuid(uid, uid, uid)) {
29 fprintf(stderr, _("Error changing uid, aborting.\n"));
30 @@ -1030,10 +1030,11 @@
31 * if it makes sense to continue to run newrole, and setting up
32 * a scrubbed environment.
34 - if (drop_capabilities(FALSE)) {
35 +/* if (drop_capabilities(FALSE)) {
36 perror(_("Sorry, newrole failed to drop capabilities\n"));
40 if (set_signal_handles())
43 diff -Nur a/po/Makefile b/po/Makefile
44 --- a/po/Makefile 2011-11-04 14:38:45.000000000 +0100
45 +++ b/po/Makefile 2011-11-27 18:02:23.495513229 +0100
47 # What is this package?
48 NLSPACKAGE = policycoreutils
49 POTFILE = $(NLSPACKAGE).pot
50 -INSTALL = /usr/bin/install -c
51 +INSTALL = /usr/bin/install -c -p
52 INSTALL_DATA = $(INSTALL) -m 644
53 INSTALL_DIR = /usr/bin/install -d
55 diff -Nur a/restorecond/restorecond.c b/restorecond/restorecond.c
56 --- a/restorecond/restorecond.c 2011-11-04 14:38:44.000000000 +0100
57 +++ b/restorecond/restorecond.c 2011-11-27 18:02:23.496513229 +0100
62 + const char *null_array[1] = { NULL };
64 memset(&r_opts, 0, sizeof(r_opts));
67 r_opts.fts_flags = FTS_PHYSICAL;
68 r_opts.selabel_opt_validate = NULL;
69 r_opts.selabel_opt_path = NULL;
70 + r_opts.selabel_opt_prefixes = null_array;
71 r_opts.ignore_enoent = 1;
73 restore_init(&r_opts);
74 diff -Nur a/run_init/run_init.c b/run_init/run_init.c
75 --- a/run_init/run_init.c 2011-11-04 14:38:45.000000000 +0100
76 +++ b/run_init/run_init.c 2011-11-27 18:02:23.497513229 +0100
78 * execvp or using a exec(1) recycles pty's, and does not open a new
81 +#ifdef USE_OPEN_INIT_PTY
82 if (execvp("/usr/sbin/open_init_pty", argv)) {
87 + if (execvp(argv[1], argv + 1)) {
95 diff -Nur a/sandbox/Makefile b/sandbox/Makefile
96 --- a/sandbox/Makefile 2011-11-04 14:38:45.000000000 +0100
97 +++ b/sandbox/Makefile 2011-11-27 18:02:23.518513231 +0100
99 install -m 644 sandbox.8 $(MANDIR)/man8/
100 install -m 644 seunshare.8 $(MANDIR)/man8/
101 -mkdir -p $(MANDIR)/man5
102 - install -m 644 sandbox.conf.5 $(MANDIR)/man5/
103 + install -m 644 sandbox.5 $(MANDIR)/man5/sandbox.5
105 install -m 4755 seunshare $(SBINDIR)/
106 -mkdir -p $(SHAREDIR)
107 diff -Nur a/sandbox/sandbox b/sandbox/sandbox
108 --- a/sandbox/sandbox 2011-11-04 14:38:45.000000000 +0100
109 +++ b/sandbox/sandbox 2011-11-27 18:02:23.519513231 +0100
110 @@ -118,10 +118,30 @@
111 sock.bind("\0%s" % level)
112 fcntl.fcntl(sock.fileno(), fcntl.F_SETFD, fcntl.FD_CLOEXEC)
116 + level =selinux.getcon_raw()[1].split(":")[4]
117 + lowc,highc = level.split(".")
118 + low = int(lowc[1:])
119 + high = int(highc[1:])+1
120 + if high - low < 100:
125 + raise ValueError(_("User account must be setup with an MCS Range with more then 100 categories"))
129 - i1 = random.randrange(0, 1024)
130 - i2 = random.randrange(0, 1024)
131 + low, high = get_range()
136 + total = (total * total)/2 - total
139 + i1 = random.randrange(low, high)
140 + i2 = random.randrange(low, high)
151 + raise ValueError(_("Failed to find any unused categories"))
155 for i in [ "/", "./", "../" ]:
158 self.__homedir = None
162 + def __set_dpi(self):
163 + rc, out = commands.getstatusoutput("/usr/bin/xrdb -query")
167 + for i in out.split("\n"):
168 + if i.startswith("Xft.dpi:"):
169 + self.dpi = i.split()[1]
172 def __validate_mount(self):
173 if self.__options.level:
175 action="callback", callback=self.__mount_callback,
176 help=_("mount new home and/or tmp directory"))
178 + parser.add_option("-d", "--dpi",
179 + dest="dpi", action="store",default=self.dpi,
180 + help=_("dots per inch for X display: (%s)" % self.dpi))
181 parser.add_option("-S", "--session", action="store_true", dest="session",
182 default=False, help=_("run complete desktop session within sandbox"))
186 if self.__options.X_ind:
187 self.setype = DEFAULT_X_TYPE
188 - self.dpi=commands.getoutput("xrdb -query | grep dpi | /bin/cut -f 2")
190 if self.__options.setype:
191 self.setype = self.__options.setype
195 self.__setup_sandboxrc(self.__options.wm)
197 - cmds += [ "--", SANDBOXSH, self.__options.windowsize, self.dpi ]
198 + cmds += [ "--", SANDBOXSH, self.__options.windowsize, self.__options.dpi ]
200 cmds += [ "--" ] + self.__paths
201 return subprocess.Popen(cmds).wait()
202 diff -Nur a/sandbox/sandbox.5 b/sandbox/sandbox.5
203 --- a/sandbox/sandbox.5 1970-01-01 01:00:00.000000000 +0100
204 +++ b/sandbox/sandbox.5 2011-11-27 18:02:23.520513231 +0100
206 +.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
208 +sandbox.conf \- user config file for the SELinux sandbox
211 +When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
214 +Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
217 +These keywords are allowed.
222 +The name of the sandbox control group. Default is "sandbox".
226 +Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
230 +How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
234 +Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
244 +This manual page was written by
245 +.I Thomas Liu <tliu@fedoraproject.org>
246 diff -Nur a/sandbox/sandbox.8 b/sandbox/sandbox.8
247 --- a/sandbox/sandbox.8 2011-11-04 14:38:45.000000000 +0100
248 +++ b/sandbox/sandbox.8 2011-11-27 18:02:23.520513231 +0100
250 sandbox \- Run cmd under an SELinux sandbox
253 -[-C] [-c] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
254 +[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
258 -[-C] [-c] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
259 +[-C] [-c] [ -d DPI ] [-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
264 Create an X based Sandbox for gui apps, temporary files for
265 $HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
268 +Set the DPI value for the sanbox X Server. Defaults to the current X Sever DPI.
271 Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
273 diff -Nur a/sandbox/sandbox.conf.5 b/sandbox/sandbox.conf.5
274 --- a/sandbox/sandbox.conf.5 2011-11-04 14:38:45.000000000 +0100
275 +++ b/sandbox/sandbox.conf.5 1970-01-01 01:00:00.000000000 +0100
277 -.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
279 -sandbox.conf \- user config file for the SELinux sandbox
282 -When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
285 -Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
288 -These keywords are allowed.
293 -The name of the sandbox control group. Default is "sandbox".
297 -Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
301 -How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
305 -Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
315 -This manual page was written by
316 -.I Thomas Liu <tliu@fedoraproject.org>
317 diff -Nur a/sandbox/sandbox.init b/sandbox/sandbox.init
318 --- a/sandbox/sandbox.init 2011-11-04 14:38:45.000000000 +0100
319 +++ b/sandbox/sandbox.init 2011-11-27 18:02:23.521513231 +0100
323 # Source function library.
324 +. /etc/init.d/functions
326 LOCKFILE=/var/lock/subsys/sandbox
330 echo -n "Starting sandbox"
332 - [ -f "$LOCKFILE" ] && return 1
333 + [ -f "$LOCKFILE" ] && return 0
336 mount --make-rshared / || return $?
337 diff -Nur a/scripts/genhomedircon b/scripts/genhomedircon
338 --- a/scripts/genhomedircon 2011-11-04 14:38:45.000000000 +0100
339 +++ b/scripts/genhomedircon 2011-11-27 18:02:23.521513231 +0100
343 /usr/sbin/semodule -Bn
344 diff -Nur a/semanage/default_encoding/default_encoding.c b/semanage/default_encoding/default_encoding.c
345 --- a/semanage/default_encoding/default_encoding.c 1970-01-01 01:00:00.000000000 +0100
346 +++ b/semanage/default_encoding/default_encoding.c 2011-11-27 18:02:23.533513231 +0100
350 + * John Dennis <jdennis@redhat.com>
352 + * Copyright (C) 2009 Red Hat
353 + * see file 'COPYING' for use and warranty information
355 + * This program is free software; you can redistribute it and/or
356 + * modify it under the terms of the GNU General Public License as
357 + * published by the Free Software Foundation.
359 + * This program is distributed in the hope that it will be useful,
360 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
361 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
362 + * GNU General Public License for more details.
364 + * You should have received a copy of the GNU General Public License
365 + * along with this program; if not, write to the Free Software
366 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
371 +PyDoc_STRVAR(setdefaultencoding_doc,
372 +"setdefaultencoding(encoding='utf-8')\n\
374 +Set the current default string encoding used by the Unicode implementation.\n\
379 +setdefaultencoding(PyObject *self, PyObject *args, PyObject *kwds)
381 + static char *kwlist[] = {"utf-8", NULL};
384 + if (!PyArg_ParseTupleAndKeywords(args, kwds, "s:setdefaultencoding", kwlist, &encoding))
387 + if (PyUnicode_SetDefaultEncoding(encoding))
393 +static PyMethodDef methods[] = {
394 + {"setdefaultencoding", (PyCFunction)setdefaultencoding, METH_VARARGS|METH_KEYWORDS, setdefaultencoding_doc},
395 + {NULL, NULL} /* sentinel */
400 +initdefault_encoding_utf8(void)
402 + PyUnicode_SetDefaultEncoding("utf-8");
403 + Py_InitModule3("default_encoding_utf8", methods, "Forces the default encoding to utf-8");
405 diff -Nur a/semanage/default_encoding/Makefile b/semanage/default_encoding/Makefile
406 --- a/semanage/default_encoding/Makefile 1970-01-01 01:00:00.000000000 +0100
407 +++ b/semanage/default_encoding/Makefile 2011-11-27 18:02:23.533513231 +0100
410 + LDFLAGS="" python setup.py build
413 + LDFLAGS="" python setup.py install --root=$(DESTDIR)/
417 diff -Nur a/semanage/default_encoding/policycoreutils/__init__.py b/semanage/default_encoding/policycoreutils/__init__.py
418 --- a/semanage/default_encoding/policycoreutils/__init__.py 1970-01-01 01:00:00.000000000 +0100
419 +++ b/semanage/default_encoding/policycoreutils/__init__.py 2011-11-27 18:02:23.534513231 +0100
422 +# Copyright (C) 2006,2007,2008, 2009 Red Hat, Inc.
424 +# This program is free software; you can redistribute it and/or modify
425 +# it under the terms of the GNU General Public License as published by
426 +# the Free Software Foundation; either version 2 of the License, or
427 +# (at your option) any later version.
429 +# This program is distributed in the hope that it will be useful,
430 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
431 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
432 +# GNU General Public License for more details.
434 +# You should have received a copy of the GNU General Public License
435 +# along with this program; if not, write to the Free Software
436 +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
438 diff -Nur a/semanage/default_encoding/setup.py b/semanage/default_encoding/setup.py
439 --- a/semanage/default_encoding/setup.py 1970-01-01 01:00:00.000000000 +0100
440 +++ b/semanage/default_encoding/setup.py 2011-11-27 18:02:23.536513231 +0100
443 +# John Dennis <jdennis@redhat.com>
445 +# Copyright (C) 2009 Red Hat
446 +# see file 'COPYING' for use and warranty information
448 +# This program is free software; you can redistribute it and/or
449 +# modify it under the terms of the GNU General Public License as
450 +# published by the Free Software Foundation.
452 +# This program is distributed in the hope that it will be useful,
453 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
454 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
455 +# GNU General Public License for more details.
457 +# You should have received a copy of the GNU General Public License
458 +# along with this program; if not, write to the Free Software
459 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
461 +from distutils.core import setup, Extension
463 +default_encoding_utf8 = Extension('policycoreutils.default_encoding_utf8', ['default_encoding.c'])
465 +setup(name = 'policycoreutils-default-encoding',
467 + description = 'Forces the default encoding in Python to be utf-8',
468 + long_description = 'Forces the default encoding in Python to be utf-8',
469 + author = 'John Dennis',
470 + author_email = 'jdennis@redhat.com',
471 + maintainer = 'John Dennis',
472 + maintainer_email = 'jdennis@redhat.com',
473 + license = 'GPLv3+',
474 + platforms = 'posix',
477 + ext_modules = [default_encoding_utf8],
478 + packages=["policycoreutils"],
480 diff -Nur a/semanage/semanage b/semanage/semanage
481 --- a/semanage/semanage 2011-11-04 14:38:45.000000000 +0100
482 +++ b/semanage/semanage 2011-11-27 18:02:23.537513231 +0100
487 +import policycoreutils.default_encoding_utf8
488 import sys, getopt, re
493 gettext.install(PROGNAME,
494 localedir="/usr/share/locale",
500 @@ -283,11 +284,14 @@
506 + raise ValueError(_("You can't disable and enable at the same time"))
513 + raise ValueError(_("You can't disable and enable at the same time"))
516 if o == "-F" or o == "--file":
517 @@ -504,31 +508,36 @@
518 if len(sys.argv) < 3:
519 usage(_("Requires 2 or more arguments"))
521 - gopts, cmds = getopt.getopt(sys.argv[1:],
522 - '01adf:i:lhmno:p:s:FCDR:L:r:t:T:P:S:',
547 + gopts, cmds = getopt.getopt(sys.argv[1:],
548 + '01adf:i:lhmno:p:s:FCDR:L:r:t:T:P:S:',
573 + except getopt.error, error:
574 + usage(_("Options Error %s ") % error.msg)
577 if o == "-S" or o == '--store':
581 process_args(sys.argv[1:])
583 - except getopt.error, error:
584 - usage(_("Options Error %s ") % error.msg)
585 except ValueError, error:
586 errorExit(error.args[0])
587 except KeyError, error:
588 diff -Nur a/semanage/seobject.py b/semanage/seobject.py
589 --- a/semanage/seobject.py 2011-11-04 14:38:45.000000000 +0100
590 +++ b/semanage/seobject.py 2011-11-27 18:02:23.539513231 +0100
593 gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
594 gettext.textdomain(PROGNAME)
596 - gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
599 - __builtin__.__dict__['_'] = unicode
602 +translation=gettext.translation(PROGNAME, localedir = "/usr/share/locale", fallback=True)
603 +_=translation.ugettext
612 def __init__(self, store):
616 name = semanage_module_get_name(mod)
617 if name and name.startswith("permissive_"):
618 l.append(name.split("permissive_")[1])
622 def list(self, heading = 1, locallist = 0):
625 raise ValueError(_("Could not check if login mapping for %s is defined") % name)
627 - raise ValueError(_("Login mapping for %s is already defined") % name)
628 + semanage_seuser_key_free(k)
629 + return self.__modify(name, sename, serange)
633 grp.getgrnam(name[1:])
636 raise ValueError(_("Could not check if SELinux user %s is defined") % name)
638 - raise ValueError(_("SELinux user %s is already defined") % name)
639 + semanage_user_key_free(k)
640 + return self.__modify(name, roles, selevel, serange, prefix)
642 (rc, u) = semanage_user_create(self.sh)
645 return ( k, proto_d, low, high )
647 def __add(self, port, proto, serange, type):
649 if is_mls_enabled == 1:
655 def __modify(self, port, proto, serange, setype):
657 if serange == "" and setype == "":
658 if is_mls_enabled == 1:
659 raise ValueError(_("Requires setype or serange"))
660 @@ -1156,7 +1162,8 @@
662 (rc, exists) = semanage_node_exists(self.sh, k)
664 - raise ValueError(_("Addr %s already defined") % addr)
665 + semanage_node_key_free(k)
666 + return self.__modify(addr, mask, self.protocol[proto], serange, ctype)
668 (rc, node) = semanage_node_create(self.sh)
670 @@ -1172,7 +1179,6 @@
672 raise ValueError(_("Could not set mask for %s") % addr)
675 rc = semanage_context_set_user(self.sh, con, "system_u")
677 raise ValueError(_("Could not set user in addr context for %s") % addr)
678 @@ -1224,12 +1230,11 @@
680 raise ValueError(_("Addr %s is not defined") % addr)
682 - (rc, node) = semanage_node_query(self.sh, k)
683 + (rc, node) = semanage_node_query_local(self.sh, k)
685 raise ValueError(_("Could not query addr %s") % addr)
687 con = semanage_node_get_con(node)
690 semanage_context_set_mls(self.sh, con, untranslate(serange))
692 @@ -1357,7 +1362,8 @@
694 raise ValueError(_("Could not check if interface %s is defined") % interface)
696 - raise ValueError(_("Interface %s already defined") % interface)
697 + semanage_iface_key_free(k)
698 + return self.__modify(interface, serange, ctype)
700 (rc, iface) = semanage_iface_create(self.sh)
702 @@ -1525,6 +1531,7 @@
703 def __init__(self, store = ""):
704 semanageRecords.__init__(self, store)
706 + self.equiv_dist = {}
707 self.equal_ind = False
709 fd = open(selinux.selinux_file_context_subs_path(), "r")
710 @@ -1534,6 +1541,14 @@
715 + fd = open(selinux.selinux_file_context_subs_dist_path(), "r")
716 + for i in fd.readlines():
717 + src, dst = i.split()
718 + self.equiv_dist[src] = dst
725 @@ -1589,12 +1604,21 @@
729 + def check_equiv(self, target, fdict):
731 + if target.startswith(i+"/"):
732 + t = re.sub(i, fdict[i], target)
733 + raise ValueError(_("File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead") % (target, i, fdict[i], t))
736 def validate(self, target):
737 if target == "" or target.find("\n") >= 0:
738 raise ValueError(_("Invalid file specification"))
739 if target.find(" ") != -1:
740 raise ValueError(_("File specification can not include spaces"))
742 + self.check_equiv(target, self.equiv)
743 + self.check_equiv(target, self.equiv_dist)
745 def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
746 self.validate(target)
748 @@ -1618,7 +1642,8 @@
749 raise ValueError(_("Could not check if file context for %s is defined") % target)
752 - raise ValueError(_("File context for %s already defined") % target)
753 + semanage_fcontext_key_free(k)
754 + return self.__modify(target, type, ftype, serange, seuser)
756 (rc, fcontext) = semanage_fcontext_create(self.sh)
758 @@ -1825,9 +1850,17 @@
759 print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
761 print "%-50s %-18s <<None>>" % (k[0], k[1])
762 - if len(self.equiv.keys()) > 0:
765 + if len(self.equiv_dist):
768 + print _("\nSELinux Distribution fcontext Equivalence \n")
769 + for src in self.equiv_dist.keys():
770 + print "%s = %s" % (src, self.equiv_dist[src])
771 + if len(self.equiv):
773 - print _("\nSELinux fcontext Equivalence \n")
774 + print _("\nSELinux Local fcontext Equivalence \n")
776 for src in self.equiv.keys():
777 print "%s = %s" % (src, self.equiv[src])
778 diff -Nur a/setfiles/restore.c b/setfiles/restore.c
779 --- a/setfiles/restore.c 2011-11-04 14:38:45.000000000 +0100
780 +++ b/setfiles/restore.c 2011-11-27 18:02:23.540513231 +0100
784 +#include <selinux/context.h>
790 static file_spec_t *fl_head;
791 static int filespec_add(ino_t ino, const security_context_t con, const char *file);
792 -static int only_changed_user(const char *a, const char *b);
793 struct restore_opts *r_opts = NULL;
794 static void filespec_destroy(void);
795 static void filespec_eval(void);
797 void restore_init(struct restore_opts *opts)
800 - struct selinux_opt selinux_opts[] = {
801 - { SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
802 - { SELABEL_OPT_PATH, r_opts->selabel_opt_path }
804 - r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 2);
805 + struct selinux_opt selinux_opts[3];
807 + selinux_opts[0].type = SELABEL_OPT_VALIDATE;
808 + selinux_opts[0].value = r_opts->selabel_opt_validate;
809 + selinux_opts[1].type = SELABEL_OPT_PATH;
810 + selinux_opts[1].value = r_opts->selabel_opt_path;
811 + selinux_opts[2].type = SELABEL_OPT_PREFIXES;
812 + selinux_opts[2].values = r_opts->selabel_opt_prefixes;
814 + r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
816 perror(r_opts->selabel_opt_path);
820 char *my_file = strdupa(ftsent->fts_path);
822 - char *context, *newcon;
823 - int user_only_changed = 0;
824 + security_context_t curcon = NULL, newcon = NULL;
826 if (match(my_file, ftsent->fts_statp, &newcon) < 0)
827 /* Check for no matching specification. */
828 @@ -139,74 +143,105 @@
829 printf("%s: %s matched by %s\n", r_opts->progname, my_file, newcon);
833 + * Do not relabel if their is no default specification for this file
836 + if (strcmp(newcon, "<<none>>") == 0) {
840 /* Get the current context of the file. */
841 - ret = lgetfilecon_raw(ftsent->fts_accpath, &context);
842 + ret = lgetfilecon_raw(ftsent->fts_accpath, &curcon);
844 if (errno == ENODATA) {
848 fprintf(stderr, "%s get context on %s failed: '%s'\n",
849 r_opts->progname, my_file, strerror(errno));
852 - user_only_changed = 0;
854 - user_only_changed = only_changed_user(context, newcon);
857 /* lgetfilecon returns number of characters and ret needs to be reset
863 - * Do not relabel the file if the matching specification is
864 - * <<none>> or the file is already labeled according to the
866 + * Do not relabel the file if the file is already labeled according to
867 + * the specification.
869 - if ((strcmp(newcon, "<<none>>") == 0) ||
870 - (context && (strcmp(context, newcon) == 0))) {
872 + if (curcon && (strcmp(curcon, newcon) == 0)) {
876 - if (!r_opts->force && context && (is_context_customizable(context) > 0)) {
877 + if (!r_opts->force && curcon && (is_context_customizable(curcon) > 0)) {
878 if (r_opts->verbose > 1) {
880 "%s: %s not reset customized by admin to %s\n",
881 - r_opts->progname, my_file, context);
882 + r_opts->progname, my_file, curcon);
888 - if (r_opts->verbose) {
889 - /* If we're just doing "-v", trim out any relabels where
890 - * the user has r_opts->changed but the role and type are the
891 - * same. For "-vv", emit everything. */
892 - if (r_opts->verbose > 1 || !user_only_changed) {
893 - printf("%s reset %s context %s->%s\n",
894 - r_opts->progname, my_file, context ?: "", newcon);
896 + * Do not change label unless this is a force or the type is different
898 + if (!r_opts->force && curcon) {
899 + int types_differ = 0;
903 + cona = context_new(curcon);
907 + conb = context_new(newcon);
909 + context_free(cona);
913 + types_differ = strcmp(context_type_get(cona), context_type_get(conb));
914 + if (types_differ) {
915 + err |= context_user_set(conb, context_user_get(cona));
916 + err |= context_role_set(conb, context_role_get(cona));
917 + err |= context_range_set(conb, context_range_get(cona));
920 + newcon = strdup(context_str(conb));
923 + context_free(cona);
924 + context_free(conb);
926 + if (!types_differ || err) {
931 + if (r_opts->verbose) {
932 + printf("%s reset %s context %s->%s\n",
933 + r_opts->progname, my_file, curcon ?: "", newcon);
936 - if (r_opts->logging && !user_only_changed) {
938 + if (r_opts->logging) {
940 syslog(LOG_INFO, "relabeling %s from %s to %s\n",
941 - my_file, context, newcon);
942 + my_file, curcon, newcon);
944 syslog(LOG_INFO, "labeling %s to %s\n",
948 - if (r_opts->outfile && !user_only_changed)
949 + if (r_opts->outfile)
950 fprintf(r_opts->outfile, "%s\n", my_file);
956 * Do not relabel the file if -n was used.
958 - if (!r_opts->change || user_only_changed)
959 + if (!r_opts->change)
963 @@ -220,12 +255,15 @@
983 -/* Compare two contexts to see if their differences are "significant",
984 - * or whether the only difference is in the user. */
985 -static int only_changed_user(const char *a, const char *b)
987 - char *rest_a, *rest_b; /* Rest of the context after the user */
992 - rest_a = strchr(a, ':');
993 - rest_b = strchr(b, ':');
994 - if (!rest_a || !rest_b)
996 - return (strcmp(rest_a, rest_b) == 0);
1000 * Evaluate the association hash table distribution.
1002 diff -Nur a/setfiles/restorecon.8 b/setfiles/restorecon.8
1003 --- a/setfiles/restorecon.8 2011-11-04 14:38:45.000000000 +0100
1004 +++ b/setfiles/restorecon.8 2011-11-27 18:02:23.541513231 +0100
1009 -.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] pathname...
1010 +.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] [\-L labelprefix ] pathname...
1013 -.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-p] [\-v] [\-F]
1014 +.I \-f infilename [\-o outfilename ] [\-e directory ] [\-L labelprefix ] [\-R] [\-n] [\-p] [\-v] [\-F]
1017 This manual page describes the
1021 -This program is primarily used to set the security context
1022 +This program is primarily used to reset the security context (type)
1023 (extended attributes) on one or more files.
1025 It can be run at any time to correct errors, to add support for
1026 new policy, or with the \-n option it can just check whether the file
1027 contexts are all as you expect.
1029 +If a file object does not have a context, restorecon will write the default
1030 +context to the file object's extended attributes. If a file object has a
1031 +context, restorecon will only modify the type portion of the security context.
1032 +The -F option will force a replacement of the entire context.
1038 directory to exclude (repeat option for more than one directory.)
1041 +Tells selinux to only use the file context that match this prefix for labeling, -L can be called multiple times. Can speed up labeling if you are only doing one directory.
1043 +# restorecon -R -v -L /dev /dev
1047 change files and directories file labels recursively
1051 show changes in file labels.
1054 -show changes in file labels, if type, role, or user are changing.
1057 -Force reset of context to match file_context for customizable files, or the user section, if it has changed.
1058 +Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
1062 diff -Nur a/setfiles/restore.h b/setfiles/restore.h
1063 --- a/setfiles/restore.h 2011-11-04 14:38:45.000000000 +0100
1064 +++ b/setfiles/restore.h 2011-11-27 18:02:23.540513231 +0100
1066 int fts_flags; /* Flags to fts, e.g. follow links, follow mounts */
1067 const char *selabel_opt_validate;
1068 const char *selabel_opt_path;
1069 + const char **selabel_opt_prefixes;
1072 void restore_init(struct restore_opts *opts);
1073 diff -Nur a/setfiles/setfiles.8 b/setfiles/setfiles.8
1074 --- a/setfiles/setfiles.8 2011-11-04 14:38:45.000000000 +0100
1075 +++ b/setfiles/setfiles.8 2011-11-27 18:02:23.542513231 +0100
1080 -.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname...
1081 +.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-L labelprefix ] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname...
1083 This manual page describes the
1086 It can also be run at any time to correct errors, to add support for
1087 new policy, or with the \-n option it can just check whether the file
1088 contexts are all as you expect.
1090 +If a file object does not have a context, setfiles will write the default
1091 +context to the file object's extended attributes. If a file object has a
1092 +context, setfiles will only modify the type portion of the security context.
1093 +The -F option will force a replacement of the entire context.
1098 directory to exclude (repeat option for more than one directory.)
1101 -Force reset of context to match file_context for customizable files
1102 +Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
1105 +Tells selinux to only use the file context that match this prefix for labeling, -L can be called multiple times. Can speed up labeling if you are only doing one directory.
1108 save list of files with incorrect context in filename.
1114 -show changes in file labels, if type or role are changing.
1117 -show changes in file labels, if type, role, or user are changing.
1118 +show changes in file labels.
1121 display warnings about entries that had no matching files.
1122 diff -Nur a/setfiles/setfiles.c b/setfiles/setfiles.c
1123 --- a/setfiles/setfiles.c 2011-11-04 14:38:45.000000000 +0100
1124 +++ b/setfiles/setfiles.c 2011-11-27 18:02:23.542513231 +0100
1127 if (iamrestorecon) {
1129 - "usage: %s [-iFnprRv0] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
1130 + "usage: %s [-iFnprRv0] [ -L labelprefix ] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
1135 int main(int argc, char **argv)
1140 char *input_filename = NULL;
1141 int use_input_file = 0;
1144 int recurse; /* Recursive descent. */
1146 int mass_relabel = 0, errors = 0;
1147 + int num_prefixes = 0;
1148 + const char *null_array[1] = { NULL };
1150 memset(&r_opts, 0, sizeof(r_opts));
1153 r_opts.outfile = NULL;
1155 r_opts.hard_links = 1;
1156 + r_opts.selabel_opt_prefixes = null_array;
1161 exclude_non_seclabel_mounts();
1163 /* Process any options. */
1164 - while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FRW0")) > 0) {
1165 + while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FL:RW0")) > 0) {
1169 @@ -280,6 +283,35 @@
1175 + char **new_prefixes;
1177 + /* we need 1 for this entry and 1 for the NULL entry */
1178 + new_prefixes = malloc(sizeof(*new_prefixes) * (num_prefixes + 2));
1179 + if (!new_prefixes) {
1180 + fprintf(stderr, "Can't allocate memory for labeling prefix %s:%s\n",
1181 + optarg, strerror(errno));
1185 + memcpy(new_prefixes, r_opts.selabel_opt_prefixes, sizeof(*new_prefixes) * num_prefixes);
1186 + new_prefixes[num_prefixes] = strdup(optarg);
1187 + if (!new_prefixes[num_prefixes]) {
1188 + fprintf(stderr, "Can't allocate memory for labeling prefix %s:%s\n",
1189 + optarg, strerror(errno));
1193 + new_prefixes[num_prefixes + 1] = NULL;
1196 + if (r_opts.selabel_opt_prefixes != null_array)
1197 + free(r_opts.selabel_opt_prefixes);
1199 + r_opts.selabel_opt_prefixes = (const char **)new_prefixes;
1203 if (strcmp(optarg, "-") == 0) {
1204 r_opts.outfile = stdout;
1205 @@ -433,7 +465,15 @@
1207 fclose(r_opts.outfile);
1209 - if (r_opts.progress && r_opts.count >= STAR_COUNT)
1211 + if (r_opts.progress && r_opts.count >= STAR_COUNT)
1214 + free(r_opts.progname);
1216 + while (r_opts.selabel_opt_prefixes[i])
1217 + free((void *)r_opts.selabel_opt_prefixes[i++]);
1218 + if (r_opts.selabel_opt_prefixes != null_array)
1219 + free(r_opts.selabel_opt_prefixes);
1220 + free(r_opts.rootpath);