Fix the missing path prefix for Plugin init hook

author: Elena Reshetova <elena.reshetova@intel.com> 2013-04-18 15:19:13 +0300
committer: Elena Reshetova <elena.reshetova@intel.com> 2013-04-18 16:11:21 +0300
commit: 656291330e42f796d3720fdde4d43a15187bcd4f (patch)
tree: fdb8e9712a10fd919a7fdb68988078889fe1c2fd
parent: a398874186874187141a6519412b4f9180277afa (diff)
download: rpm-656291330e42f796d3720fdde4d43a15187bcd4f.tar.gz
rpm-656291330e42f796d3720fdde4d43a15187bcd4f.tar.bz2
rpm-656291330e42f796d3720fdde4d43a15187bcd4f.zip
1 files changed, 51 insertions, 13 deletions
diff --git a/plugins/msm-plugin.c b/plugins/msm-plugin.c
index 8de670ebe..ec3d0de54 100644
--- a/plugins/msm-plugin.c
+++ b/plugins/msm-plugin.c
@@ -42,9 +42,11 @@
 #include <rpm/rpmpgp.h>
 #include <rpm/rpmkeyring.h>
 #include <rpm/rpmdb.h>
+#include <lib/rpmts_internal.h>
 
 #include "rpmio/rpmbase64.h"
 #include "rpmio/rpmlog.h"
+#include "rpm/rpmfileutil.h"
 
 #include "msm.h"
 
@@ -95,27 +97,46 @@ rpmRC PLUGINHOOK_INIT_FUNC(rpmts _ts, const char *name, const char *opts)
 {
     ts = _ts;
     int res = 0;
+    char * fullPath = NULL, * fullPath1 = NULL;
 
-    rpmlog(RPMLOG_DEBUG, "reading device security policy from %s\n", DEVICE_SECURITY_POLICY);
-    root = msmProcessDevSecPolicyXml(DEVICE_SECURITY_POLICY);
+    if (!ts)
+    	return RPMRC_FAIL;
+    
+    fullPath = rpmGenPath(ts->rootDir, DEVICE_SECURITY_POLICY, NULL);
+    rpmlog(RPMLOG_DEBUG, "fullPath %s\n", fullPath);
+    if (!fullPath) {
+        rpmlog(RPMLOG_ERR, "building a full path failed\n");
+    	return RPMRC_FAIL;
+    }
+    		
+    rpmlog(RPMLOG_DEBUG, "reading device security policy from %s\n", fullPath);
+    root = msmProcessDevSecPolicyXml(fullPath);
 
     if (root) {
 	    if (msmSetupSWSources(NULL, root, NULL)) {
 	        rpmlog(RPMLOG_ERR, "Failed to setup device security policy from %s\n", 
-		       DEVICE_SECURITY_POLICY);
+		       fullPath);
 	        return RPMRC_FAIL;
 	    }
     } else {
 	    /* Do not allow plug-in to proceed without security policy existing */
 	    rpmlog(RPMLOG_ERR, "Failed to process sw sources from %s\n", 
-	           DEVICE_SECURITY_POLICY);
+	           fullPath);
 	        return RPMRC_FAIL;
     }
-
+    
+    msmFreePointer((void**)&fullPath);
+    
+    fullPath = rpmGenPath(ts->rootDir, SMACK_LOAD_PATH, NULL);
+    rpmlog(RPMLOG_DEBUG, "fullPath for SMACK_LOAD_PATH %s\n", fullPath);
+    if (!fullPath) {
+        rpmlog(RPMLOG_ERR, "building a full path failed\n");
+    	return RPMRC_FAIL;
+    }
     /* check its own security context and store it for the case when packages without manifest will be installed */
     struct stat buf;
 
-    if (stat(SMACK_LOAD_PATH, &buf) == 0) {
+    if (stat(fullPath, &buf) == 0) {
         res = smack_new_label_from_self(&ownSmackLabel);
         SmackEnabled = 1;
         if (res != 0) {
@@ -123,26 +144,39 @@ rpmRC PLUGINHOOK_INIT_FUNC(rpmts _ts, const char *name, const char *opts)
             return RPMRC_FAIL;
         }
     } else {
-        rpmlog(RPMLOG_INFO, "Smackfs isn't mounted at /sys/fs/smackfs/. Going to the image build mode. \n");
+        rpmlog(RPMLOG_INFO, "Smackfs isn't mounted at %s. Going to the image build mode. \n", fullPath);
         ownSmackLabel = strdup("_");
         SmackEnabled = 0;
     }
 
-    if (stat(SMACK_RULES_PATH, &buf) != 0) {
+    msmFreePointer((void**)&fullPath);    
+    fullPath = rpmGenPath(ts->rootDir, SMACK_RULES_PATH, NULL);
+    fullPath1 = rpmGenPath(ts->rootDir, SMACK_RULES_PATH_BEG, NULL);
+    rpmlog(RPMLOG_DEBUG, "fullPath for SMACK_RULES_PATH %s\n", fullPath);
+    rpmlog(RPMLOG_DEBUG, "fullPath1 for SMACK_RULES_PATH_BEG %s\n", fullPath1);
+    if ((!fullPath) || (!fullPath1)){
+        rpmlog(RPMLOG_ERR, "building a full path failed\n");
+    	return RPMRC_FAIL;
+    }
+    
+    if (stat(fullPath, &buf) != 0) {
         rpmlog(RPMLOG_DEBUG, "A directory for writing smack rules is missing. Creating one.\n");
         mode_t mode = S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IROTH; // 644 -rwer--r--
-    	 if (stat(SMACK_RULES_PATH_BEG, &buf) != 0) {
-        	if (mkdir(SMACK_RULES_PATH_BEG, mode) != 0) {
+    	 if (stat(fullPath1, &buf) != 0) {
+        	if (mkdir(fullPath1, mode) != 0) {
            		rpmlog(RPMLOG_ERR, "Failed to create a sub-directory for smack rules\n");
             		return RPMRC_FAIL;
         	}    
 	 }
-        if (mkdir(SMACK_RULES_PATH, mode) != 0){
+        if (mkdir(fullPath, mode) != 0){
             rpmlog(RPMLOG_ERR, "Failed to create a directory for smack rules\n");
             return RPMRC_FAIL;
         } 
     }
 
+    msmFreePointer((void**)&fullPath);    
+    msmFreePointer((void**)&fullPath1);    
+        
     rpmlog(RPMLOG_DEBUG, "rpm security context: %s\n", ownSmackLabel);
 
     cookie = magic_open(0); 
@@ -213,6 +247,11 @@ rpmRC PLUGINHOOK_FILE_CONFLICT_FUNC(rpmts ts, char* path,
 
 rpmRC PLUGINHOOK_TSM_PRE_FUNC(rpmts ts)
 {
+    if (!root) {
+        rpmlog(RPMLOG_DEBUG, "Policy is missing. Ending transaction\n");
+    	return RPMRC_FAIL;
+    }
+    
     return RPMRC_OK;
 }
 
@@ -223,8 +262,7 @@ static int findSWSourceBySignature(sw_source_x *sw_source, void *param, void* pa
     pgpDigParams sig = (pgpDigParams)param;
     DIGEST_CTX ctx = (DIGEST_CTX)param2;
     pgpDigParams key = NULL;
-    int res = 0;
-    
+     
     for (origin = sw_source->origins; origin; origin = origin->prev) {
 	    for (keyinfo = origin->keyinfos; keyinfo; keyinfo = keyinfo->prev) {
 	        if (pgpPrtParams(keyinfo->keydata, keyinfo->keylen, PGPTAG_PUBLIC_KEY, &key)) {
author	Elena Reshetova <elena.reshetova@intel.com>	2013-04-18 15:19:13 +0300
committer	Elena Reshetova <elena.reshetova@intel.com>	2013-04-18 16:11:21 +0300
commit	656291330e42f796d3720fdde4d43a15187bcd4f (patch)
tree	fdb8e9712a10fd919a7fdb68988078889fe1c2fd
parent	a398874186874187141a6519412b4f9180277afa (diff)
download	rpm-656291330e42f796d3720fdde4d43a15187bcd4f.tar.gz rpm-656291330e42f796d3720fdde4d43a15187bcd4f.tar.bz2 rpm-656291330e42f796d3720fdde4d43a15187bcd4f.zip