From 3c7327842cdcebe15caecb84a14c2b6b6eb10560 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Fri, 3 Mar 2023 11:46:33 +0100
Subject: [PATCH] ch(g)passwd: Check selinux permissions upon startup

The permission also need to be checked before process_root_flag() since
that can chroot into non-selinux environment (unavailable selinux mount
point for example).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
---
 src/chgpasswd.c | 6 ++++++
 src/chpasswd.c  | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/src/chgpasswd.c b/src/chgpasswd.c
index b750994e2..fe4055d8a 100644
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -424,6 +424,12 @@ int main (int argc, char **argv)
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
 
+#ifdef WITH_SELINUX
+	if (check_selinux_permit ("passwd") != 0) {
+		return (E_NOPERM);
+	}
+#endif				/* WITH_SELINUX */
+
 	process_root_flag ("-R", argc, argv);
 
 	process_flags (argc, argv);
diff --git a/src/chpasswd.c b/src/chpasswd.c
index 4a04c4f46..3cfd611eb 100644
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@@ -452,6 +452,12 @@ int main (int argc, char **argv)
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
 
+#ifdef WITH_SELINUX
+	if (check_selinux_permit ("passwd") != 0) {
+		return (E_NOPERM);
+	}
+#endif				/* WITH_SELINUX */
+
 	process_flags (argc, argv);
 
 	salt = get_salt();
-- 
2.47.2