diff options
| -rw-r--r-- | packaging/debugsource-package.diff | 10 | ||||
| -rw-r--r-- | packaging/device-sec-policy | 2 | ||||
| -rw-r--r-- | packaging/disableperl.patch | 18 | ||||
| -rw-r--r-- | packaging/eu-strip.patch | 69 | ||||
| -rw-r--r-- | packaging/finddebuginfo.diff | 10 | ||||
| -rw-r--r-- | packaging/macros | 3 | ||||
| -rw-r--r-- | packaging/mimetype.diff | 24 | ||||
| -rw-r--r-- | packaging/nodigest.patch | 20 | ||||
| -rw-r--r-- | packaging/optflags.patch | 17 | ||||
| -rw-r--r-- | packaging/rpm-4.9.0-tizen-arm.patch | 5 | ||||
| -rw-r--r-- | packaging/rpm-macros.patch | 9 | ||||
| -rw-r--r-- | packaging/rpm-python.spec | 15 | ||||
| -rw-r--r-- | packaging/rpm.changes | 100 | ||||
| -rw-r--r-- | packaging/rpm.manifest | 11 | ||||
| -rw-r--r-- | packaging/rpm.spec | 165 | ||||
| -rw-r--r-- | packaging/security_4.9.1.patch | 647 | ||||
| -rwxr-xr-x | scripts/rpm.daily | 1 | ||||
| -rwxr-xr-x | scripts/rpm2cpio.sh | 1 | ||||
| -rwxr-xr-x | scripts/tgpg | 2 |
19 files changed, 564 insertions, 565 deletions
diff --git a/packaging/debugsource-package.diff b/packaging/debugsource-package.diff index f8e2dfe..998d9c4 100644 --- a/packaging/debugsource-package.diff +++ b/packaging/debugsource-package.diff @@ -29,7 +29,7 @@ Index: macros.in +Summary: Debug sources for package %{name}\ +Group: Development/Debug\ +AutoReqProv: 0\ -+Requires: %{name}-debuginfo = %{version}-%{release}\ ++Requires: %{name}-debuginfo = %{?epoch:%{epoch}:}%{version}-%{release}\ +%description debugsource\ +This package provides debug sources for package %{name}.\ +Debug sources are useful when developing applications that use this\ @@ -47,12 +47,12 @@ Index: scripts/find-debuginfo.sh $strict || strict_error=WARNING -# Strip ELF binaries --find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) -print 0 | sort -z | +-find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) -print | +# Strip ELF binaries (and no static libraries) -+find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) ! -name "*.a" -print0 | sort -z | - xargs --no-run-if-empty -0 stat -c '%h %D_%i %n' | ++find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) ! -name "*.a" -print | + file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped/\1/p' | + xargs --no-run-if-empty stat -c '%h %D_%i %n' | while read nlinks inum f; do - case $(objdump -h $f 2>/dev/null | egrep -o '(debug[\.a-z_]*|gnu.version)') in @@ -300,10 +300,16 @@ if [ -d "${RPM_BUILD_ROOT}/usr/lib" -o - (cd "${RPM_BUILD_ROOT}/usr" diff --git a/packaging/device-sec-policy b/packaging/device-sec-policy index 83c0c46..626b905 100644 --- a/packaging/device-sec-policy +++ b/packaging/device-sec-policy @@ -33,6 +33,8 @@ tRrR5cbqmVr8tkFjS/QK6TWfNMM= <package name="ac-domain-system"> <provide> <ac_domain name="_" policy="shared"/> + <ac_domain name="*" policy="shared"/> + <ac_domain name="^" policy="shared"/> <ac_domain name="Isolated"/> </provide> </package> diff --git a/packaging/disableperl.patch b/packaging/disableperl.patch deleted file mode 100644 index f5937b0..0000000 --- a/packaging/disableperl.patch +++ /dev/null @@ -1,18 +0,0 @@ -Index: rpm-4.9.1/fileattrs/perl.attr -=================================================================== ---- rpm-4.9.1.orig/fileattrs/perl.attr -+++ rpm-4.9.1/fileattrs/perl.attr -@@ -1,3 +1,3 @@ --%__perl_requires %{_rpmconfigdir}/perl.req -+#%__perl_requires %{_rpmconfigdir}/perl.req - %__perl_magic ^.*perl .*$ - %__perl_flags exeonly -Index: rpm-4.9.1/fileattrs/perllib.attr -=================================================================== ---- rpm-4.9.1.orig/fileattrs/perllib.attr -+++ rpm-4.9.1/fileattrs/perllib.attr -@@ -1,3 +1,3 @@ - %__perllib_provides %{_rpmconfigdir}/perl.prov --%__perllib_requires %{_rpmconfigdir}/perl.req -+#%__perllib_requires %{_rpmconfigdir}/perl.req - %__perllib_magic ^Perl[[:digit:]] module source.* diff --git a/packaging/eu-strip.patch b/packaging/eu-strip.patch deleted file mode 100644 index bacef74..0000000 --- a/packaging/eu-strip.patch +++ /dev/null @@ -1,69 +0,0 @@ -Index: rpm-4.9.1/scripts/find-debuginfo.sh -=================================================================== ---- rpm-4.9.1.orig/scripts/find-debuginfo.sh -+++ rpm-4.9.1/scripts/find-debuginfo.sh -@@ -95,13 +95,18 @@ debugdir="${RPM_BUILD_ROOT}/usr/lib/debu - - strip_to_debug() - { -- local g= - local r= - $strip_r && r=--reloc-debug-sections -- $strip_g && case "$(file -bi "$2")" in -- application/x-sharedlib*) g=-g ;; -+ case $2 in -+ *.ko) -+ # don't attempt to create a minimal backtrace binary for -+ # kernel modules as this just causes the stripping process -+ # to be skipped entirely -+ eu-strip --remove-comment $r -f "$1" "$2" || exit -+ ;; -+ *) -+ eu-strip --remove-comment -g -f "$1" "$2" || exit - esac -- eu-strip --remove-comment $r $g -f "$1" "$2" || exit - chmod 444 "$1" || exit - } - -@@ -229,8 +234,6 @@ while read nlinks inum f; do - fi - - echo "extracting debug info from $f" -- mode=$(stat -c %a "$f") -- chmod +w "$f" - id=$($(DEBUGEDIT=$(which debugedit 2>/dev/null); \ - echo ${DEBUGEDIT:-/usr/lib/rpm/debugedit}) -b "$RPM_BUILD_DIR" \ - -d /usr/src/debug -i -l "$SOURCEFILE" "$f") || exit -@@ -250,25 +253,13 @@ while read nlinks inum f; do - esac - - mkdir -p "${debugdn}" -- objcopy --only-keep-debug $f $debugfn || : -- ( -- shopt -s extglob -- strip_option="--strip-all" -- case "$f" in -- *.ko) -- strip_option="--strip-debug" ;; -- *$STRIP_KEEP_SYMTAB*) -- if test -n "$STRIP_KEEP_SYMTAB"; then -- strip_option="--strip-debug" -- fi -- ;; -- esac -- if test "$NO_DEBUGINFO_STRIP_DEBUG" = true ; then -- strip_option= -- fi -- objcopy --add-gnu-debuglink=$debugfn -R .comment -R .GCC.command.line $strip_option $f -- chmod $mode $f -- ) || : -+ if test -w "$f"; then -+ strip_to_debug "${debugfn}" "$f" -+ else -+ chmod u+w "$f" -+ strip_to_debug "${debugfn}" "$f" -+ chmod u-w "$f" -+ fi - - if [ -n "$id" ]; then - make_id_link "$id" "$dn/$(basename $f)" diff --git a/packaging/finddebuginfo.diff b/packaging/finddebuginfo.diff index 3d1245e..e3bf4d5 100644 --- a/packaging/finddebuginfo.diff +++ b/packaging/finddebuginfo.diff @@ -39,17 +39,17 @@ - -print | -file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped/\1/p' | -xargs --no-run-if-empty stat -c '%h %D_%i %n' | -+find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) -print 0 | sort -z | -+xargs --no-run-if-empty -0 stat -c '%h %D_%i %n' | ++find $RPM_BUILD_ROOT ! -path "${debugdir}/*.debug" -type f \( -perm +111 -or -name "*.so*" -or -name "*.ko" \) -print | ++file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped/\1/p' | ++xargs --no-run-if-empty stat -c '%h %D_%i %n' | while read nlinks inum f; do + case $(objdump -h $f 2>/dev/null | egrep -o '(debug[\.a-z_]*|gnu.version)') in + *debuglink*) continue ;; + *debug*) ;; + *gnu.version*) -+ echo "WARNING: "`echo $f | sed -e "s,^$RPM_BUILD_ROOT/*,/,"`" is already stripped!" -+ continue ++ echo "WARNING: "`echo $f | sed -e "s,^$RPM_BUILD_ROOT/*,/,"`" has no debug info!" + ;; -+ *) continue ;; ++ *) ;; + esac get_debugfn "$f" [ -f "${debugfn}" ] && continue diff --git a/packaging/macros b/packaging/macros index 0592502..4bf2d1a 100644 --- a/packaging/macros +++ b/packaging/macros @@ -145,7 +145,6 @@ %{!?__debug_package:/usr/lib/rpm/brp-strip %{__strip}} \ /usr/lib/rpm/brp-strip-static-archive %{__strip} \ /usr/lib/rpm/brp-strip-comment-note %{__strip} %{__objdump} \ - /usr/lib/rpm/brp-python-bytecompile \ /usr/lib/rpm/brp-python-hardlink \ %{!?disable_docs_package:/usr/lib/rpm/tizen/find-docs.sh %{buildroot}} \ %{nil} @@ -237,7 +236,7 @@ rm -rf %{?buildroot:%{buildroot}} \ # Should unpackaged files in a build root terminate a build? %_unpackaged_files_terminate_build 1 -%__global_cflags -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security +%__global_cflags -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Wl,--as-needed # Disable lookups %_hkp_keyserver %{nil} diff --git a/packaging/mimetype.diff b/packaging/mimetype.diff index ff1fd96..e69de29 100644 --- a/packaging/mimetype.diff +++ b/packaging/mimetype.diff @@ -1,24 +0,0 @@ -Index: autodeps/linux.prov -=================================================================== ---- autodeps/linux.prov.orig -+++ autodeps/linux.prov -@@ -11,6 +11,7 @@ solist=($(printf "%s\n" "${filelist[@]}" - pythonlist= - tcllist= - monolist=($(printf "%s\n" "${filelist[@]}" | egrep "\\.(exe|dll)\$")) -+mimetypelist=($(printf "%s\n" "${filelist[@]}" | egrep "\\.(desktop)\$")) - - # - # --- Alpha does not mark 64bit dependencies -@@ -59,6 +60,11 @@ done | sort -u - printf "%s\n" "${tcllist[@]}" | /usr/lib/rpm/tcl.prov | sort -u - - # -+# --- mimetypes in .desktop files -+[ -x /usr/lib/rpm/mimetypes.prov -a -n "$mimetypelist" ] && -+ printf "%s\n" "${mimetypelist[@]}" | /usr/lib/rpm/mimetypes.prov | sort -u -+ -+# - # --- Mono exes/dlls - : ${MONO_PREFIX=/usr} - if [ -x $MONO_PREFIX/bin/mono -a -n "$monolist" ] ; then diff --git a/packaging/nodigest.patch b/packaging/nodigest.patch new file mode 100644 index 0000000..1eb101b --- /dev/null +++ b/packaging/nodigest.patch @@ -0,0 +1,20 @@ +diff -urNp rpm-4.9.1.orig/rpmqv.c rpm-4.9.1/rpmqv.c +--- rpm-4.9.1.orig/rpmqv.c 2014-03-04 11:19:08.000000000 +0900 ++++ rpm-4.9.1/rpmqv.c 2014-05-26 10:26:25.183992358 +0900 +@@ -76,12 +76,16 @@ int main(int argc, char *argv[]) + + #if defined(IAM_RPMQV) + QVA_t qva = &rpmQVKArgs; ++ qva->qva_flags |= VERIFY_FILEDIGEST; + #endif + + #ifdef IAM_RPMEIU + struct rpmInstallArguments_s * ia = &rpmIArgs; ++ ia->transFlags |= RPMTRANS_FLAG_NOFILEDIGEST; + #endif + ++ rpmcliQueryFlags |= VERIFY_DIGEST; ++ + poptContext optCon; + int ec = 0; + #ifdef IAM_RPMEIU diff --git a/packaging/optflags.patch b/packaging/optflags.patch index d38ed6d..5b6f51e 100644 --- a/packaging/optflags.patch +++ b/packaging/optflags.patch @@ -1,8 +1,6 @@ -Index: rpm-4.9.1/rpmrc.in -=================================================================== ---- rpm-4.9.1.orig/rpmrc.in -+++ rpm-4.9.1/rpmrc.in -@@ -12,10 +12,10 @@ +--- rpm-4.9.1.orig/rpmrc.in 2014-05-30 11:31:55.031950000 +0900 ++++ rpm-4.9.1/rpmrc.in 2014-05-30 11:36:33.899950616 +0900 +@@ -12,16 +12,16 @@ # "fat" binary with both archs, for Darwin optflags: fat -O2 -g -arch i386 -arch ppc @@ -17,6 +15,13 @@ Index: rpm-4.9.1/rpmrc.in optflags: pentium3 -O2 -g -march=pentium3 optflags: pentium4 -O2 -g -march=pentium4 optflags: athlon -O2 -g -march=athlon + optflags: geode -Os -g -m32 -march=geode + optflags: ia64 -O2 -g +-optflags: x86_64 -O2 -g ++optflags: x86_64 %{__global_cflags} + optflags: amd64 -O2 -g + optflags: ia32e -O2 -g + @@ -58,18 +58,19 @@ optflags: hppa2.0 -O2 -g -mpa-risc-1-0 optflags: mips -O2 -g optflags: mipsel -O2 -g @@ -40,7 +45,7 @@ Index: rpm-4.9.1/rpmrc.in +optflags: armv5tejl %{__global_cflags} -march=armv5te +Optflags: armv5tel %{__global_cflags} -fmessage-length=0 -march=armv5te -mlittle-endian +Optflags: armv6l %{__global_cflags} -fmessage-length=0 -march=armv6 -mlittle-endian -mfpu=vfp -mfloat-abi=softfp -D__SOFTFP__ -+Optflags: armv7l %{__global_cflags} -fmessage-length=0 -march=armv7-a -mtune=cortex-a8 -mlittle-endian -mfpu=vfpv3 -mfloat-abi=softfp -D__SOFTFP__ ++Optflags: armv7l %{__global_cflags} -fmessage-length=0 -march=armv7-a -mtune=cortex-a8 -mlittle-endian -mfpu=vfpv3 -mfloat-abi=softfp -D__SOFTFP__ -mthumb -Wa,-mimplicit-it=thumb +optflags: armv7hl %{__global_cflags} -fmessage-length=0 -march=armv7-a -mfloat-abi=hard -mfpu=vfpv3-d16 -mno-thumb +optflags: armv7nhl %{__global_cflags} -fmessage-length=0 -march=armv7-a -mfloat-abi=hard -mfpu=neon -mno-thumb +optflags: armv7thl %{__global_cflags} -fmessage-length=0 -march=armv7-a -mfloat-abi=hard -mfpu=vfpv3-d16 -mthumb diff --git a/packaging/rpm-4.9.0-tizen-arm.patch b/packaging/rpm-4.9.0-tizen-arm.patch index fb1dfbc..b977090 100644 --- a/packaging/rpm-4.9.0-tizen-arm.patch +++ b/packaging/rpm-4.9.0-tizen-arm.patch @@ -76,13 +76,12 @@ Index: rpm-4.9.0/installplatform =================================================================== --- rpm-4.9.0.orig/installplatform +++ rpm-4.9.0/installplatform -@@ -19,7 +19,8 @@ RPMRC_GNU="`$RPM --eval '%{_gnu}'`" +@@ -19,7 +19,7 @@ RPMRC_GNU="`$RPM --eval '%{_gnu}'`" case "$arch" in i[3456]86|pentium[34]|athlon|geode) SUBSTS='s_i386_i386_ s_i386_i486_ s_i386_i586_ s_i386_i686_ s_i386_pentium3_ s_i386_pentium4_ s_i386_athlon_ s_i386_geode_' ;; alpha*) SUBSTS='s_alpha_alpha_ s_alpha_alphaev5_ s_alpha_alphaev56_ s_alpha_alphapca56_ s_alpha_alphaev6_ s_alpha_alphaev67_' ;; - arm*) SUBSTS='s_arm_arm_ s_arm_armv3l_ s_arm_armv4l_ s_arm_armv4tl_ s_arm_armv5tel_ s_arm_armv5tejl_ s_arm_armv6l_ s_arm_armv7l_' ;; -+ arm*) SUBSTS='s_arm_arm_ s_arm_armv3l_ s_arm_armv4l_ s_arm_armv4tl_ s_arm_armv5tel_ s_arm_armv5tejl_ s_arm_armv6l_ s_arm_armv7l_ s_arm_armv7hl_ s_arm_armv7nhl_ s_arm_armv7tnhl -+ _ s_arm_armv7thl_' ;; ++ arm*) SUBSTS='s_arm_arm_ s_arm_armv3l_ s_arm_armv4l_ s_arm_armv4tl_ s_arm_armv5tel_ s_arm_armv5tejl_ s_arm_armv6l_ s_arm_armv7l_ s_arm_armv7hl_ s_arm_armv7nhl_ s_arm_armv7tnhl_ s_arm_armv7thl_' ;; sh4*) SUBSTS='s_sh4_sh4_ s_sh4_sh4a_' ;; sparc*) SUBSTS='s_sparc\(64\|64v\|v9v\|v9\)_sparc_ s_sparc64_sparcv9_;s_sparc\([^v]\|$\)_sparcv9\1_ s_sparcv9_sparc64_;s_sparc\([^6]\|$\)_sparc64\1_' ;; powerpc*|ppc*) SUBSTS='s_ppc64_ppc_ s_ppc\([^6ip]\|$\)_ppc64\1_ s_ppc\([^6ip]\|$\)_ppciseries_ s_ppc\([^6ip]\|$\)_ppcpseries_ s_ppc\([^6ip]\|$\)_ppc64iseries_ s_ppc\([^6ip]\|$\)_ppc64pseries_' ;; diff --git a/packaging/rpm-macros.patch b/packaging/rpm-macros.patch index 8f3e1a2..44dfb31 100644 --- a/packaging/rpm-macros.patch +++ b/packaging/rpm-macros.patch @@ -14,6 +14,15 @@ Index: rpm-4.9.0/platform.in =================================================================== --- rpm-4.9.0.orig/platform.in +++ rpm-4.9.0/platform.in +@@ -21,7 +21,7 @@ + %_exec_prefix @exec_prefix@ + %_bindir @bindir@ + %_sbindir @sbindir@ +-%_libexecdir @libexecdir@ ++%_libexecdir @exec_prefix@/lib + %_datarootdir @datarootdir@ + %_datadir @datadir@ + %_sysconfdir @sysconfdir@ @@ -76,6 +76,26 @@ @redhat@#%defattr(-,root,root,-)\ @redhat@#%{nil} diff --git a/packaging/rpm-python.spec b/packaging/rpm-python.spec index a55899a..6671a65 100644 --- a/packaging/rpm-python.spec +++ b/packaging/rpm-python.spec @@ -15,13 +15,13 @@ Summary: The RPM package management system Name: rpm-python Version: %{rpmver} -Release: 1 +Release: 4 +License: GPLv2+ BuildRequires: python-devel -%{expand:%(sed -n -e '/^Source1001:/d' -e '/^Source0:/,/^##PYTHON##/p' <%_sourcedir/rpm.spec)} +%{expand:%(sed -n -e '/^Source0:/,/^##PYTHON##/p' <%_sourcedir/rpm.spec)} Source100: rpm.spec -Source1001: packaging/rpm-python.manifest +Source1002: rpm-python.manifest Requires: popt >= 1.10.2.1 -Requires: curl Requires: rpm = %{version} BuildRequires: db4-devel @@ -41,11 +41,11 @@ BuildRequires: ncurses-devel BuildRequires: bzip2-devel >= 0.9.0c-2 BuildRequires: liblua-devel >= 5.1 BuildRequires: libcap-devel -BuildRequires: xz-devel >= 4.999.8 -BuildRequires: uthash-devel BuildRequires: libxml2-devel BuildRequires: libattr-devel -BuildRequires: pkgconfig(libsmack) +BuildRequires: uthash-devel +BuildRequires: smack-devel +BuildRequires: xz-devel >= 4.999.8 %description @@ -60,6 +60,7 @@ the package like its version, a description, etc. %install rm -rf $RPM_BUILD_ROOT +cp %{SOURCE1002} . make DESTDIR="$RPM_BUILD_ROOT" install find "%{buildroot}" -not -type d -and -not -path %{buildroot}%{_libdir}/python%{py_ver}/site-packages/rpm/\* -print0 | xargs -0 rm pushd $RPM_BUILD_ROOT/%py_sitedir/rpm diff --git a/packaging/rpm.changes b/packaging/rpm.changes deleted file mode 100644 index fa42028..0000000 --- a/packaging/rpm.changes +++ /dev/null @@ -1,100 +0,0 @@ -* Thu Jan 17 20:11:27 UTC 2013 - tracy.graydon@intel.com -- Cherry-pick 6863478fddde08f15ef1368267a9f52d1b3e1ada from 1.0_post branch to fix optflags.patch. -- Resolve conflicts with changelog and spec file resulting from cherry-pick -- Fixes DEVT-41 - -* Thu Sep 6 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Using libmagic instead of file utility to check file's content - -* Wed Sep 5 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Removing the fopen check before setting xattr - - Changing fsetxattr to lsetxattr - -* Tue Sep 4 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Adding an option to specify wildcards in file paths (bug TDIS-121) - - Adding a possibility to specify more fine-grained permits (bug TDIS-120) - - Minor cosmetic fixes - -* Tue Aug 21 2012 William Douglas <william.douglas@intel.com> submit/trunk/2012-08-08.064212@5befd2c -- Fix stripping for kernel modules. - -* Tue Aug 21 2012 William Douglas <william.douglas@intel.com> submit/trunk/2012-08-08.064212@aa8ef92 -- Revert 88da3b2439b41193f3d964db7d4a7f0e8321c8f1 - -* Wed Aug 08 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Moving the setup of xattr to the FSM_CLOSED hook - - Adding a new ac domain "Isolated" to the policy - - Using "Isolated" domain in cases when default labels of the files can't be determined - -* Mon Aug 06 2012 William Douglas <william.douglas@intel.com> build/2012-07-30.142546@9c7636b -[ William Douglas ] -- Keep function symbols for backtraces. - -* Mon Aug 06 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Fix the smack directory creation when subdir is present - - Add a check for access type lenght - - Small code rearrangments - -* Mon Jul 30 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Changes to the security plugin - - Cosmetic change to msmFreePointer function - - Adding more log on errors - - Removing the decription tags - - Verifying the allowed characters in label, domain and access type - - Not allowing sections in manifest to repeat - - Improving handling of hash lists - -* Fri Jul 24 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Fixing the handling of all_packages uthash list -- Changing the free functions to use msmFreePointer in order to delete safely -- Changing the request handling in order to allow only one domain name inside a request section -- Changing the allowed length of the label or domain to be 255 - -* Fri Jul 12 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Fixing the path handling in plugin during labelling phase -- Fixing the sw source retrival in case verify hook isn't called - -* Fri Jul 10 2012 Elena Reshetova <elena.reshetova@intel.com> - 4.9.0 -- Fixing rpm-security-plugin bug PTSEC-22: dbus manifest is not generated correctly -- Fixing rpm-security-plugin bug PTSEC-24: package upgrade removes the file from /etc/smack/accesses.d - -* Wed Jul 04 2012 Anas Nashif <anas.nashif@intel.com> 6bf3412 -- remove auto dependencies - -* Mon Jun 25 2012 Anas Nashif <anas.nashif@intel.com> ab35aed -- update release -- require bzip2-devel >= 1.0.5 - -* Mon Jun 25 2012 Anas Nashif <anas.nashif@intel.com> 70cc161 -- require bzip2-devel >= 1.0.5 - -* Thu Jun 21 2012 Anas Nashif <anas.nashif@intel.com> c290eab -- disable perl auto requires -- fixed optflags - -* Wed Jun 20 2012 Elena, Reshetova <elena.reshetova@intel.com> dd9dc00 -- fixing pre/posttrans scripts calls and plugin - -* Fri Jun 15 2012 Ryan Ware <ryan.r.ware@intel.com> bf466c3 -- Version 4.9.0, release to OBS - -* Tue Jun 12 2012 Elena, Reshetova <elena.reshetova@intel.com> 733aadb -- Fixng rpm-security-plugin bugs (PTSEC-19, PTSEC-20, PTSEC-21) - -* Wed May 30 2012 Ryan Ware <ryan.r.ware@intel.com> 91057db -- Add default Smack manifest for rpm.spec -- Add default Smack manifest for rpm-python.spec - -* Tue May 29 2012 Elena, Reshetova <elena.reshetova@intel.com> 3257c01 -- adding fixes for exec label handling and fixing plugin dependencies - -* Mon May 21 2012 Kim Kibum <kb0929.kim@samsung.com> dec48cf -- Upload Tizen:Base source -[ Hyesook Choi ] -- Initial empty repository - diff --git a/packaging/rpm.manifest b/packaging/rpm.manifest index 017d22d..1b09e73 100644 --- a/packaging/rpm.manifest +++ b/packaging/rpm.manifest @@ -1,5 +1,10 @@ <manifest> - <request> - <domain name="_"/> - </request> + <request> + <domain name="_"/> + </request> + <assign> + <filesystem path="/bin/rpm" exec_label="none" /> + <filesystem path="/usr/bin/*" exec_label="none" /> + <filesystem path="/usr/lib/rpm/*" exec_label="none" /> + </assign> </manifest> diff --git a/packaging/rpm.spec b/packaging/rpm.spec index dc3d903..b2f70cb 100644 --- a/packaging/rpm.spec +++ b/packaging/rpm.spec @@ -1,11 +1,16 @@ # run internal testsuite? +%define release_prefix 4.3 %bcond_without check + Name: rpm Version: 4.9.1 -Release: 4 +Release: %{release_prefix} Summary: The RPM package management system Url: http://www.rpm.org/ +# Partially GPL/LGPL dual-licensed and some bits with BSD +# SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD +License: GPLv2+ Group: System/Base Source0: http://rpm.org/releases/rpm-4.9.x/rpm-%{version}.tar.bz2 Source1: libsymlink.attr @@ -13,7 +18,7 @@ Source11: db-4.8.30.tar.gz Source20: macros Source21: find-docs.sh Source22: device-sec-policy -Source1001: packaging/rpm.manifest +Source1001: rpm.manifest Patch1: db.diff # quilt patches start here @@ -44,17 +49,10 @@ Patch84: rpmbuild_rpmfc_4.9.1_fix.patch Patch85: rpmio_base64_4.9.1_fix.patch Patch86: rpmlib_format_value_4.9.1_fix.patch Patch87: security_4.9.1.patch -Patch90: disableperl.patch -Patch100: eu-strip.patch -# Partially GPL/LGPL dual-licensed and some bits with BSD -# SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD -License: GPLv2+ ##PYTHON## -Requires: curl - -BuildRequires: bzip2-devel >= 1.0.5 +BuildRequires: bzip2-devel >= 0.9.0c-2 BuildRequires: elfutils-devel >= 0.112 BuildRequires: elfutils-libelf-devel BuildRequires: libfile-devel @@ -123,7 +121,7 @@ Requires: /bin/grep Requires: /bin/gzip Requires: lzma Requires: patch >= 2.5 -Requires: pkgconfig +Requires: pkg-config Requires: rpm = %{version} Requires: /bin/sed Requires: unzip @@ -138,6 +136,8 @@ that are used to build packages using the RPM Package Manager. Summary: MSM security plugin for rpm Group: Development/Libraries Requires: rpm = %{version}-%{release} +Requires: libxml2 +Requires: file %description security-plugin This package contains the MSM security plugin for rpm that performs @@ -178,8 +178,7 @@ rm -f rpmdb/db.h %patch85 -p1 %patch86 -p1 %patch87 -p1 -b .msm -%patch90 -p1 -%patch100 -p1 + rm -f m4/libtool.m4 @@ -201,12 +200,14 @@ libtoolize -f -c --localstatedir=%{_localstatedir} \ --sharedstatedir=%{_localstatedir}/lib \ --libdir=%{_libdir} \ + --libexecdir=%{_libexecdir} \ %if %{with python} --enable-python \ %endif --with-lua \ --with-cap \ - --with-msm + --with-msm \ + --disable-dchecks make %{?_smp_mflags} @@ -216,9 +217,10 @@ make %{?_smp_mflags} find %{buildroot} -regex ".*\\.la$" | xargs rm -f -- mkdir -p %{buildroot}%{_sysconfdir}/rpm -mkdir -p %{buildroot}%{_libdir}/rpm -install -m 644 %{SOURCE1} %{buildroot}%{_libdir}/rpm/fileattrs/libsymlink.attr +mkdir -p %{buildroot}%{_libexecdir}/rpm +install -m 644 %{SOURCE1} %{buildroot}%{_libexecdir}/rpm/fileattrs/libsymlink.attr install -m 644 %{SOURCE22} ${RPM_BUILD_ROOT}%{_sysconfdir}/device-sec-policy +install -m 644 %{SOURCE22} ${RPM_BUILD_ROOT}%{_libdir}/rpm-plugins/msm-device-sec-policy mkdir -p %{buildroot}%{_localstatedir}/lib/rpm #install -m 755 scripts/firmware.prov %{buildroot}%{_prefix}/lib/rpm @@ -236,12 +238,17 @@ done #macros -mkdir -p %{buildroot}%{_libdir}/rpm/tizen -install -m 755 %{SOURCE21} %{buildroot}%{_libdir}/rpm/tizen -install -m 644 %{SOURCE20} %{buildroot}%{_libdir}/rpm/tizen +mkdir -p %{buildroot}%{_libexecdir}/rpm/tizen +install -m 755 %{SOURCE21} %{buildroot}%{_libexecdir}/rpm/tizen +install -m 644 %{SOURCE20} %{buildroot}%{_libexecdir}/rpm/tizen + +mkdir -p %{buildroot}/usr/share/license +cp %{_builddir}/%{buildsubdir}/COPYING %{buildroot}/usr/share/license/%{name} +cp %{_builddir}/%{buildsubdir}/COPYING %{buildroot}/usr/share/license/%{name}-libs +cp %{_builddir}/%{buildsubdir}/COPYING %{buildroot}/usr/share/license/%{name}-security-plugin # avoid dragging in tonne of perl libs for an unused script -chmod 0644 %{buildroot}/%{_libdir}/rpm/perldeps.pl +chmod 0644 %{buildroot}/%{_libexecdir}/rpm/perldeps.pl rm -rf %{buildroot}%{_mandir}/*/man? %clean @@ -271,15 +278,15 @@ exit 0 %files -f rpm.lang -%manifest rpm.manifest %defattr(-,root,root,-) +/usr/share/license/rpm %doc GROUPS COPYING CREDITS %exclude /usr/lib/rpm/rpmdb_loadcvt %dir %{_sysconfdir}/rpm %attr(0755, root, root) %dir %{_localstatedir}/lib/rpm %attr(0644, root, root) %verify(not md5 size mtime) %ghost %config(missingok,noreplace) %{_localstatedir}/lib/rpm/* -%attr(0755, root, root) %dir %{_libdir}/rpm +%attr(0755, root, root) %dir %{_libexecdir}/rpm /bin/rpm %{_bindir}/rpmkeys @@ -292,87 +299,89 @@ exit 0 %{_libdir}/rpm-plugins/exec.so %{_libdir}/rpm-plugins/sepolicy.so -%{_libdir}/rpm/elfdeps +%{_libexecdir}/rpm/macros +%{_libexecdir}/rpm/tizen/macros +%{_libexecdir}/rpm/rpmpopt* +%{_libexecdir}/rpm/rpmrc -%{_libdir}/rpm/macros -%{_libdir}/rpm/tizen/macros -%{_libdir}/rpm/rpmpopt* -%{_libdir}/rpm/rpmrc +%{_libexecdir}/rpm/rpmdb_* +%{_libexecdir}/rpm/rpm.daily +%{_libexecdir}/rpm/rpm.log +%{_libexecdir}/rpm/rpm2cpio.sh +%{_libexecdir}/rpm/tgpg -%{_libdir}/rpm/rpmdb_* -%{_libdir}/rpm/rpm.daily -%{_libdir}/rpm/rpm.log -%{_libdir}/rpm/rpm2cpio.sh -%{_libdir}/rpm/tgpg - -%{_libdir}/rpm/platform +%{_libexecdir}/rpm/platform +%manifest rpm.manifest %files libs -%manifest rpm.manifest %defattr(-,root,root) %{_libdir}/librpm*.so.* +/usr/share/license/%{name}-libs +%manifest rpm.manifest %files build -%manifest rpm.manifest %defattr(-,root,root) %{_bindir}/rpmbuild %{_bindir}/gendiff -%{_libdir}/rpm/fileattrs/*.attr -%{_libdir}/rpm/script.req - -%{_libdir}/rpm/brp-* -%{_libdir}/rpm/check-buildroot -%{_libdir}/rpm/check-files -%{_libdir}/rpm/check-prereqs -%{_libdir}/rpm/check-rpaths* -%{_libdir}/rpm/debugedit -%{_libdir}/rpm/find-debuginfo.sh -%{_libdir}/rpm/tizen/find-docs.sh -%{_libdir}/rpm/find-lang.sh -%{_libdir}/rpm/find-provides -%{_libdir}/rpm/find-requires -%{_libdir}/rpm/javadeps -%{_libdir}/rpm/mono-find-provides -%{_libdir}/rpm/mono-find-requires -%{_libdir}/rpm/ocaml-find-provides.sh -%{_libdir}/rpm/ocaml-find-requires.sh -%{_libdir}/rpm/osgideps.pl -%{_libdir}/rpm/perldeps.pl -%{_libdir}/rpm/libtooldeps.sh -%{_libdir}/rpm/pkgconfigdeps.sh -%{_libdir}/rpm/perl.prov -#%{_libdir}/rpm/debuginfo.prov -#%{_libdir}/rpm/firmware.prov -%{_libdir}/rpm/perl.req -%{_libdir}/rpm/tcl.req -%{_libdir}/rpm/pythondeps.sh -%{_libdir}/rpm/rpmdeps -%{_libdir}/rpm/config.guess -%{_libdir}/rpm/config.sub -%{_libdir}/rpm/mkinstalldirs -%{_libdir}/rpm/desktop-file.prov -%{_libdir}/rpm/fontconfig.prov - -%{_libdir}/rpm/macros.perl -%{_libdir}/rpm/macros.python -%{_libdir}/rpm/macros.php +%{_libexecdir}/rpm/fileattrs/*.attr +%{_libexecdir}/rpm/script.req + +%{_libexecdir}/rpm/brp-* +%{_libexecdir}/rpm/check-buildroot +%{_libexecdir}/rpm/check-files +%{_libexecdir}/rpm/check-prereqs +%{_libexecdir}/rpm/check-rpaths* +%{_libexecdir}/rpm/debugedit +%{_libexecdir}/rpm/elfdeps +%{_libexecdir}/rpm/find-debuginfo.sh +%{_libexecdir}/rpm/tizen/find-docs.sh +%{_libexecdir}/rpm/find-lang.sh +%{_libexecdir}/rpm/find-provides +%{_libexecdir}/rpm/find-requires +%{_libexecdir}/rpm/javadeps +%{_libexecdir}/rpm/mono-find-provides +%{_libexecdir}/rpm/mono-find-requires +%{_libexecdir}/rpm/ocaml-find-provides.sh +%{_libexecdir}/rpm/ocaml-find-requires.sh +%{_libexecdir}/rpm/osgideps.pl +%{_libexecdir}/rpm/perldeps.pl +%{_libexecdir}/rpm/libtooldeps.sh +%{_libexecdir}/rpm/pkgconfigdeps.sh +%{_libexecdir}/rpm/perl.prov +#%{_libexecdir}/rpm/debuginfo.prov +#%{_libexecdir}/rpm/firmware.prov +%{_libexecdir}/rpm/perl.req +%{_libexecdir}/rpm/tcl.req +%{_libexecdir}/rpm/pythondeps.sh +%{_libexecdir}/rpm/rpmdeps +%{_libexecdir}/rpm/config.guess +%{_libexecdir}/rpm/config.sub +%{_libexecdir}/rpm/mkinstalldirs +%{_libexecdir}/rpm/desktop-file.prov +%{_libexecdir}/rpm/fontconfig.prov + +%{_libexecdir}/rpm/macros.perl +%{_libexecdir}/rpm/macros.python +%{_libexecdir}/rpm/macros.php +%manifest rpm.manifest %files devel -%manifest rpm.manifest %defattr(-,root,root) %{_includedir}/rpm %{_libdir}/librp*[a-z].so %{_bindir}/rpmgraph %{_libdir}/pkgconfig/rpm.pc +%manifest rpm.manifest %files security-plugin -%manifest rpm.manifest %defattr(-,root,root) %{_libdir}/rpm-plugins/msm.so %config(noreplace) %{_sysconfdir}/device-sec-policy - +%{_libdir}/rpm-plugins/msm-device-sec-policy +/usr/share/license/%{name}-security-plugin +%manifest rpm.manifest diff --git a/packaging/security_4.9.1.patch b/packaging/security_4.9.1.patch index e943951..8c82fbf 100644 --- a/packaging/security_4.9.1.patch +++ b/packaging/security_4.9.1.patch @@ -1,6 +1,6 @@ diff -Nuarp rpm/build/files.c rpm-security/build/files.c ---- rpm/build/files.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/build/files.c 2012-08-06 12:49:34.333011443 +0300 +--- rpm/build/files.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/build/files.c 2012-10-01 10:29:50.283983646 +0300 @@ -827,6 +827,7 @@ static VFA_t virtualFileAttributes[] = { { "%readme", 0, RPMFILE_README }, { "%license", 0, RPMFILE_LICENSE }, @@ -43,8 +43,8 @@ diff -Nuarp rpm/build/files.c rpm-security/build/files.c (void) processBinaryFile(pkg, &fl, fileName); } diff -Nuarp rpm/build/parsePreamble.c rpm-security/build/parsePreamble.c ---- rpm/build/parsePreamble.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/build/parsePreamble.c 2012-08-06 12:49:34.333011443 +0300 +--- rpm/build/parsePreamble.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/build/parsePreamble.c 2012-10-01 10:29:50.287983644 +0300 @@ -216,7 +216,7 @@ static int addSource(rpmSpec spec, Packa *fieldp = '\0'; @@ -63,8 +63,8 @@ diff -Nuarp rpm/build/parsePreamble.c rpm-security/build/parsePreamble.c }; diff -Nuarp rpm/configure.ac rpm-security/configure.ac ---- rpm/configure.ac 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/configure.ac 2012-08-06 12:49:34.337011459 +0300 +--- rpm/configure.ac 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/configure.ac 2012-10-01 10:29:50.291983643 +0300 @@ -653,6 +653,65 @@ AC_SUBST(WITH_SELINUX_LIB) AC_SUBST(WITH_SEMANAGE_LIB) AM_CONDITIONAL(SELINUX,[test "$with_selinux" = yes]) @@ -131,7 +131,7 @@ diff -Nuarp rpm/configure.ac rpm-security/configure.ac # libcap WITH_CAP_LIB= AC_ARG_WITH(cap, [AS_HELP_STRING([--with-cap],[build with capability support])], -@@ -732,6 +791,11 @@ AS_IF([test "$enable_plugins" = yes],[ +@@ -732,6 +791,17 @@ AS_IF([test "$enable_plugins" = yes],[ ]) AM_CONDITIONAL(ENABLE_PLUGINS,[test "$enable_plugins" = yes]) @@ -140,6 +140,12 @@ diff -Nuarp rpm/configure.ac rpm-security/configure.ac + AC_DEFINE(ENABLE_SECURITY, 1, [Build with security plugin support?]) +]) +AM_CONDITIONAL(ENABLE_SECURITY,[test "$enable_security" = yes]) ++ ++AC_ARG_ENABLE(dchecks, [AS_HELP_STRING([--disable-dchecks],[build without domain checks])],,[enable_dchecks=yes]) ++AS_IF([test "$enable_dchecks" = yes],[ ++ AC_DEFINE(ENABLE_DCHECKS, 1, [Build with domain checks]) ++]) ++AM_CONDITIONAL(ENABLE_DCHECKS,[test "$enable_dchecks" = yes]) with_dmalloc=no AC_ARG_WITH(dmalloc, [AS_HELP_STRING([--with-dmalloc],[build with dmalloc debugging support])]) @@ -151,8 +157,8 @@ diff -Nuarp rpm/configure.ac rpm-security/configure.ac ]) AC_OUTPUT diff -Nuarp rpm/lib/fsm.c rpm-security/lib/fsm.c ---- rpm/lib/fsm.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/fsm.c 2012-08-06 12:49:34.337011459 +0300 +--- rpm/lib/fsm.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/fsm.c 2012-10-01 10:36:53.175964792 +0300 @@ -28,6 +28,8 @@ #include "lib/rpmts_internal.h" /* rpmtsSELabelFoo() only */ #include "lib/rpmug.h" @@ -183,7 +189,17 @@ diff -Nuarp rpm/lib/fsm.c rpm-security/lib/fsm.c if (fsm->li->filex[i] < 0) continue; fsm->ix = fsm->li->filex[i]; rc = fsmMapPath(fsm); -@@ -1654,6 +1661,13 @@ static int fsmStage(FSM_t fsm, fileStage +@@ -1263,6 +1270,9 @@ static int fsmMkdirs(FSM_t fsm) + } + } + ++ /* Call plugin hook to label the directory */ ++ rc = rpmsecurityCallDirLabel(fsm, rc); ++ + if (fsm->fcontext == NULL) + rpmlog(RPMLOG_DEBUG, + "%s directory created with perms %04o, no context.\n", +@@ -1654,6 +1664,13 @@ static int fsmStage(FSM_t fsm, fileStage break; } @@ -197,18 +213,22 @@ diff -Nuarp rpm/lib/fsm.c rpm-security/lib/fsm.c /* Extract file from archive. */ rc = fsmNext(fsm, FSM_PROCESS); if (rc) { -@@ -1665,6 +1679,8 @@ static int fsmStage(FSM_t fsm, fileStage - (void) fsmNext(fsm, FSM_NOTIFY); - - rc = fsmNext(fsm, FSM_FINI); +@@ -2026,6 +2043,12 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS + /* + * Set file security context (if not disabled). + */ ++ + /* Call security plugin with return code to finish the file. */ -+ rc = rpmsecurityCallFsmClosed(fsm, rc); - if (rc) { - break; - } ++ if (!rc) { ++ rc = rpmsecurityCallFsmClosed(fsm, rc); ++ } ++ + if (!rc && !getuid()) { + rc = fsmMapFContext(fsm); + if (!rc) { diff -Nuarp rpm/lib/Makefile.am rpm-security/lib/Makefile.am ---- rpm/lib/Makefile.am 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/Makefile.am 2012-08-06 12:49:34.337011459 +0300 +--- rpm/lib/Makefile.am 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/Makefile.am 2012-10-01 10:29:50.295983643 +0300 @@ -36,7 +36,8 @@ librpm_la_SOURCES = \ verify.c rpmlock.c rpmlock.h misc.h \ rpmscript.h rpmscript.c legacy.c merge.c \ @@ -220,8 +240,8 @@ diff -Nuarp rpm/lib/Makefile.am rpm-security/lib/Makefile.am librpm_la_LDFLAGS = -version-info 2:1:0 diff -Nuarp rpm/lib/package.c rpm-security/lib/package.c ---- rpm/lib/package.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/package.c 2012-08-06 12:49:34.341011475 +0300 +--- rpm/lib/package.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/package.c 2012-10-01 10:29:50.295983643 +0300 @@ -18,6 +18,8 @@ #include "rpmio/rpmio_internal.h" /* fd digest bits */ #include "lib/header_internal.h" /* XXX headerCheck */ @@ -244,8 +264,8 @@ diff -Nuarp rpm/lib/package.c rpm-security/lib/package.c case RPMRC_OK: /* Signature is OK. */ rpmlog(RPMLOG_DEBUG, "%s: %s", fn, msg); diff -Nuarp rpm/lib/rpmfi.h rpm-security/lib/rpmfi.h ---- rpm/lib/rpmfi.h 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmfi.h 2012-08-06 12:49:34.341011475 +0300 +--- rpm/lib/rpmfi.h 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/rpmfi.h 2012-10-01 10:29:50.299983645 +0300 @@ -60,6 +60,7 @@ enum rpmfileAttrs_e { RPMFILE_EXCLUDE = (1 << 9), /*!< from %%exclude, internal */ RPMFILE_UNPATCHED = (1 << 10), /*!< placeholder (SuSE) */ @@ -255,8 +275,8 @@ diff -Nuarp rpm/lib/rpmfi.h rpm-security/lib/rpmfi.h typedef rpmFlags rpmfileAttrs; diff -Nuarp rpm/lib/rpmscript.c rpm-security/lib/rpmscript.c ---- rpm/lib/rpmscript.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmscript.c 2012-08-06 12:49:34.341011475 +0300 +--- rpm/lib/rpmscript.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/rpmscript.c 2012-10-01 10:29:50.299983645 +0300 @@ -14,6 +14,8 @@ #include "rpmio/rpmlua.h" #include "lib/rpmscript.h" @@ -287,8 +307,8 @@ diff -Nuarp rpm/lib/rpmscript.c rpm-security/lib/rpmscript.c } diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c --- rpm/lib/rpmsecurity.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/lib/rpmsecurity.c 2012-08-06 12:49:34.345011498 +0300 -@@ -0,0 +1,269 @@ ++++ rpm-security/lib/rpmsecurity.c 2012-10-01 10:39:43.959957177 +0300 +@@ -0,0 +1,281 @@ +#include "system.h" + +#include <rpm/rpmmacro.h> @@ -313,7 +333,8 @@ diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c + rpmRC (*SECURITYHOOK_FSM_OPENED_FUNC)(FSM_t); + rpmRC (*SECURITYHOOK_FSM_UPDATED_FUNC)(FSM_t); + rpmRC (*SECURITYHOOK_FSM_CLOSED_FUNC)(FSM_t, int); -+ rpmRC (*SECURITYHOOK_POST_PSM_FUNC)(rpmte, char*, int); ++ rpmRC (*SECURITYHOOK_FSM_DIR_LABEL_FUNC)(FSM_t, int); ++ rpmRC (*SECURITYHOOK_POST_PSM_FUNC)(rpmte, int); + rpmRC (*SECURITYHOOK_POST_TSM_FUNC)(rpmts); + rpmRC (*SECURITYHOOK_CLEANUP_FUNC)(void); + int count; @@ -362,6 +383,7 @@ diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_FSM_OPENED_FUNC); + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_FSM_UPDATED_FUNC); + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_FSM_CLOSED_FUNC); ++ RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_FSM_DIR_LABEL_FUNC); + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_POST_PSM_FUNC); + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_POST_TSM_FUNC); + RPMSECURITY_GET_HOOK_FUNC(SECURITYHOOK_CLEANUP_FUNC); @@ -487,12 +509,12 @@ diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c + return RPMRC_OK; +} + -+rpmRC rpmsecurityCallPostPsm(rpmte te, char* rootDir, int rpmrc) ++rpmRC rpmsecurityCallPostPsm(rpmte te, int rpmrc) +{ + if (securityPlugin) { -+ rpmRC (*hookFunc)(rpmte, char*, int); ++ rpmRC (*hookFunc)(rpmte, int); + RPMSECURITY_SET_HOOK_FUNC(SECURITYHOOK_POST_PSM_FUNC); -+ return hookFunc(te, rootDir, rpmrc); ++ return hookFunc(te, rpmrc); + } + return rpmrc; +} @@ -537,6 +559,16 @@ diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c + return rpmrc; +} + ++rpmRC rpmsecurityCallDirLabel(FSM_t fsm, int rpmrc) ++{ ++ if (securityPlugin) { ++ rpmRC (*hookFunc)(FSM_t, int); ++ RPMSECURITY_SET_HOOK_FUNC(SECURITYHOOK_FSM_DIR_LABEL_FUNC); ++ return hookFunc(fsm, rpmrc); ++ } ++ return rpmrc; ++} ++ +rpmRC rpmsecurityCallVerify(rpmKeyring keyring, rpmtd sigtd, + pgpDig dig, rpmRC rpmrc) +{ @@ -560,8 +592,8 @@ diff -Nuarp rpm/lib/rpmsecurity.c rpm-security/lib/rpmsecurity.c +} diff -Nuarp rpm/lib/rpmsecurity.h rpm-security/lib/rpmsecurity.h --- rpm/lib/rpmsecurity.h 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/lib/rpmsecurity.h 2012-08-06 12:49:34.345011498 +0300 -@@ -0,0 +1,161 @@ ++++ rpm-security/lib/rpmsecurity.h 2012-10-01 10:37:47.415962375 +0300 +@@ -0,0 +1,169 @@ +#ifndef _SECURITY_H +#define _SECURITY_H + @@ -690,14 +722,22 @@ diff -Nuarp rpm/lib/rpmsecurity.h rpm-security/lib/rpmsecurity.h +rpmRC rpmsecurityCallFsmClosed(FSM_t fsm, int rpmrc); + +/** \ingroup rpmsecurity ++ * Call the security dir labelling plugin hook. ++ * This hook is called for each dir not explicitly included into the package ++ * @param fsm fsm in question ++ * @param rpmrc success from RPM ++ * @return RPMRC_OK on success, RPMRC_FAIL otherwise ++ */ ++rpmRC rpmsecurityCallDirLabel(FSM_t fsm, int rpmrc); ++ ++/** \ingroup rpmsecurity + * Call the security post psm plugin hook. + * This hook is called after the package state machine has finished. + * @param te transaction element in question -+ * @param rootDir root directory for installation + * @param rpmrc success from RPM + * @return RPMRC_OK on success, RPMRC_FAIL otherwise + */ -+rpmRC rpmsecurityCallPostPsm(rpmte te, char* rootDir, int rpmrc); ++rpmRC rpmsecurityCallPostPsm(rpmte te, int rpmrc); + +/** \ingroup rpmsecurity + * Call the security post tsm plugin hook. @@ -724,8 +764,8 @@ diff -Nuarp rpm/lib/rpmsecurity.h rpm-security/lib/rpmsecurity.h +#endif +#endif /* _SECURITY_H */ diff -Nuarp rpm/lib/rpmtag.h rpm-security/lib/rpmtag.h ---- rpm/lib/rpmtag.h 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmtag.h 2012-08-06 12:49:34.345011498 +0300 +--- rpm/lib/rpmtag.h 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/rpmtag.h 2012-10-01 10:29:50.303983646 +0300 @@ -299,7 +299,8 @@ typedef enum rpmTag_e { RPMTAG_ORDERNAME = 5035, /* s[] */ RPMTAG_ORDERVERSION = 5036, /* s[] */ @@ -736,50 +776,51 @@ diff -Nuarp rpm/lib/rpmtag.h rpm-security/lib/rpmtag.h RPMTAG_FIRSTFREE_TAG /*!< internal */ } rpmTag; -diff -Nuarp rpm/lib/rpmte.c rpm-security/lib/rpmte.c ---- rpm/lib/rpmte.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmte.c 2012-08-06 12:49:34.345011498 +0300 -@@ -14,7 +14,9 @@ - #include <rpm/rpmlog.h> - - #include "lib/rpmplugins.h" +diff -Nuarp rpm/lib/psm.c rpm-security/lib/psm.c +--- rpm/lib/psm.c 2012-10-01 12:29:23.183663849 +0300 ++++ rpm-security/lib/psm.c 2013-07-31 13:58:41.293078800 +0300 +@@ -24,6 +24,7 @@ + #include "lib/rpmte_internal.h" /* XXX internal apis */ + #include "lib/rpmdb_internal.h" /* rpmdbAdd/Remove */ + #include "lib/rpmscript.h" +#include "lib/rpmsecurity.h" - #include "lib/rpmte_internal.h" -+#include "lib/rpmts_internal.h" #include "debug.h" -@@ -895,7 +897,7 @@ int rpmteProcess(rpmte te, pkgGoal goal) - /* Only install/erase resets pkg file info */ - int scriptstage = (goal != PKG_INSTALL && goal != PKG_ERASE); - int reset_fi = (scriptstage == 0); -- int failed = 1; -+ int failed = 0; +@@ -1067,16 +1068,22 @@ rpmRC rpmpsmRun(rpmts ts, rpmte te, pkgG + switch (goal) { + case PKG_INSTALL: + case PKG_ERASE: +- op = (goal == PKG_INSTALL) ? RPMTS_OP_INSTALL : RPMTS_OP_ERASE; +- rpmswEnter(rpmtsOp(psm->ts, op), 0); ++ /* Call security plugin to set te for next operations */ ++ if (rpmsecurityCallPrePsm(te) != RPMRC_FAIL) { - /* Dont bother opening for elements without pre/posttrans scripts */ - if (goal == PKG_PRETRANS || goal == PKG_POSTTRANS) { -@@ -909,7 +911,17 @@ int rpmteProcess(rpmte te, pkgGoal goal) - } +- rc = rpmpsmNext(psm, PSM_INIT); +- if (!rc) rc = rpmpsmNext(psm, PSM_PRE); +- if (!rc) rc = rpmpsmNext(psm, PSM_PROCESS); +- if (!rc) rc = rpmpsmNext(psm, PSM_POST); +- (void) rpmpsmNext(psm, PSM_FINI); ++ op = (goal == PKG_INSTALL) ? RPMTS_OP_INSTALL : RPMTS_OP_ERASE; ++ rpmswEnter(rpmtsOp(psm->ts, op), 0); - if (rpmteOpen(te, reset_fi)) { -- failed = rpmpsmRun(te->ts, te, goal); -+ /* Call security plugin to set te for next operations */ -+ /* But do not call plugin for the pre/posttrans scripts */ -+ if (goal != PKG_PRETRANS && goal != PKG_POSTTRANS) -+ failed = rpmsecurityCallPrePsm(te); -+ if (!failed) { -+ failed = rpmpsmRun(te->ts, te, goal); -+ /* Call security plugin to finish any te related tasks */ -+ /* But do not call plugin for the pre/posttrans scripts */ -+ if (goal != PKG_PRETRANS && goal != PKG_POSTTRANS) -+ failed = rpmsecurityCallPostPsm(te, te->ts->rootDir, failed); -+ } - rpmteClose(te, reset_fi); - } - +- rpmswExit(rpmtsOp(psm->ts, op), 0); ++ rc = rpmpsmNext(psm, PSM_INIT); ++ if (!rc) rc = rpmpsmNext(psm, PSM_PRE); ++ if (!rc) rc = rpmpsmNext(psm, PSM_PROCESS); ++ if (!rc) rc = rpmpsmNext(psm, PSM_POST); ++ (void) rpmpsmNext(psm, PSM_FINI); ++ ++ rpmswExit(rpmtsOp(psm->ts, op), 0); ++ } ++ /* Run post transaction element hook for all plugins */ ++ rpmsecurityCallPostPsm(te, rc); + break; + case PKG_PRETRANS: + case PKG_POSTTRANS: diff -Nuarp rpm/lib/rpmts.c rpm-security/lib/rpmts.c ---- rpm/lib/rpmts.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmts.c 2012-08-06 12:49:34.345011498 +0300 +--- rpm/lib/rpmts.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/rpmts.c 2012-10-01 10:29:50.303983646 +0300 @@ -24,6 +24,7 @@ #include "lib/rpmal.h" #include "lib/rpmchroot.h" @@ -798,8 +839,8 @@ diff -Nuarp rpm/lib/rpmts.c rpm-security/lib/rpmts.c if (_rpmts_stats) rpmtsPrintStats(ts); diff -Nuarp rpm/lib/rpmtypes.h rpm-security/lib/rpmtypes.h ---- rpm/lib/rpmtypes.h 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/rpmtypes.h 2012-08-06 12:49:34.349011527 +0300 +--- rpm/lib/rpmtypes.h 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/rpmtypes.h 2012-10-01 10:29:50.303983646 +0300 @@ -78,6 +78,7 @@ typedef struct rpmPubkey_s * rpmPubkey; typedef struct rpmKeyring_s * rpmKeyring; @@ -809,8 +850,8 @@ diff -Nuarp rpm/lib/rpmtypes.h rpm-security/lib/rpmtypes.h typedef struct rpmgi_s * rpmgi; diff -Nuarp rpm/lib/transaction.c rpm-security/lib/transaction.c ---- rpm/lib/transaction.c 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/lib/transaction.c 2012-08-06 12:49:34.349011527 +0300 +--- rpm/lib/transaction.c 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/lib/transaction.c 2012-10-01 10:29:50.307983646 +0300 @@ -21,6 +21,8 @@ #include "lib/rpmts_internal.h" #include "rpmio/rpmhook.h" @@ -861,8 +902,8 @@ diff -Nuarp rpm/lib/transaction.c rpm-security/lib/transaction.c if (!(rpmtsFlags(ts) & (RPMTRANS_FLAG_NOPOST))) { rpmlog(RPMLOG_DEBUG, "running post-transaction scripts\n"); diff -Nuarp rpm/macros.in rpm-security/macros.in ---- rpm/macros.in 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/macros.in 2012-08-06 12:49:34.349011527 +0300 +--- rpm/macros.in 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/macros.in 2012-10-01 10:29:50.307983646 +0300 @@ -1070,5 +1070,7 @@ done \ %__collection_sepolicy %{__plugindir}/sepolicy.so %__collection_sepolicy_flags 1 @@ -872,8 +913,8 @@ diff -Nuarp rpm/macros.in rpm-security/macros.in # \endverbatim #*/ diff -Nuarp rpm/Makefile.am rpm-security/Makefile.am ---- rpm/Makefile.am 2012-07-11 11:00:50.000000000 +0300 -+++ rpm-security/Makefile.am 2012-08-06 12:49:34.349011527 +0300 +--- rpm/Makefile.am 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/Makefile.am 2012-10-01 10:29:50.311983646 +0300 @@ -29,7 +29,11 @@ if ENABLE_PLUGINS SUBDIRS += plugins endif @@ -897,8 +938,8 @@ diff -Nuarp rpm/Makefile.am rpm-security/Makefile.am pkginclude_HEADERS += sign/rpmsign.h diff -Nuarp rpm/preinstall.am rpm-security/preinstall.am ---- rpm/preinstall.am 2012-07-11 11:00:51.000000000 +0300 -+++ rpm-security/preinstall.am 2012-08-06 12:49:34.349011527 +0300 +--- rpm/preinstall.am 2012-08-08 09:33:56.000000000 +0300 ++++ rpm-security/preinstall.am 2012-10-01 10:29:50.311983646 +0300 @@ -114,6 +114,14 @@ include/rpm/rpmvf.h: lib/rpmvf.h include $(INSTALL_DATA) $(top_srcdir)/lib/rpmvf.h include/rpm/rpmvf.h BUILT_SOURCES += include/rpm/rpmvf.h @@ -916,7 +957,7 @@ diff -Nuarp rpm/preinstall.am rpm-security/preinstall.am BUILT_SOURCES += include/rpm/rpmsign.h diff -Nuarp rpm/security/Makefile.am rpm-security/security/Makefile.am --- rpm/security/Makefile.am 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/Makefile.am 2012-08-06 12:49:34.369011618 +0300 ++++ rpm-security/security/Makefile.am 2012-10-01 10:29:50.315983644 +0300 @@ -0,0 +1,24 @@ +# Makefile for rpm library. + @@ -944,7 +985,7 @@ diff -Nuarp rpm/security/Makefile.am rpm-security/security/Makefile.am +endif diff -Nuarp rpm/security/Makefile.msm rpm-security/security/Makefile.msm --- rpm/security/Makefile.msm 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/Makefile.msm 2012-08-06 12:49:34.369011618 +0300 ++++ rpm-security/security/Makefile.msm 2012-10-01 10:29:50.315983644 +0300 @@ -0,0 +1,15 @@ +CC=gcc +CFLAGS=-g -Wall @@ -963,8 +1004,8 @@ diff -Nuarp rpm/security/Makefile.msm rpm-security/security/Makefile.msm + rm msmmatch *.o diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c --- rpm/security/msm.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msm.c 2012-08-06 13:32:38.137823835 +0300 -@@ -0,0 +1,915 @@ ++++ rpm-security/security/msm.c 2012-10-01 10:53:48.919919507 +0300 +@@ -0,0 +1,982 @@ +/* + * This file is part of MSM security plugin + * Greatly based on the code of MSSF security plugin @@ -1007,6 +1048,7 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c +#include <rpm/rpmmacro.h> +#include <rpm/rpmpgp.h> +#include <rpm/rpmkeyring.h> ++#include <lib/rpmts_internal.h> +#include <rpm/rpmdb.h> + +#include "rpmio/base64.h" @@ -1025,10 +1067,7 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + manifest_x *mfx; /*!< parsed manifest data */ + rpmte te; /*!< related te */ + struct packagecontext *next; /*!< next in linked list */ -+ HASHContext *hashctx; /*!< current digest context */ -+ const char *path; /*!< file being processed */ + struct smack_accesses *smack_accesses; /*!< handle to smack_accesses */ -+ ino_t ino; /*!< inode of the file */ +} packagecontext; + +static rpmts ts = NULL; @@ -1041,60 +1080,141 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c +static fileconflict *allfileconflicts = NULL; +static char* ownSmackLabel = NULL; +static int SmackEnabled = 0; -+static magic_t cookie; ++static magic_t cookie = NULL; ++ ++static int copyFile(char *old_filename, char *new_filename) ++{ ++ FD_t ptr_old, ptr_new; ++ int res; ++ ++ ptr_old = Fopen(old_filename, "r.fdio"); ++ ptr_new = Fopen(new_filename, "w.fdio"); ++ ++ if ((ptr_old == NULL) || (Ferror(ptr_old))) { ++ return -1; ++ } ++ ++ if ((ptr_new == NULL) || (Ferror(ptr_new))) { ++ Fclose(ptr_old); ++ return -1; ++ } ++ ++ res = ufdCopy(ptr_old, ptr_new); ++ ++ Fclose(ptr_new); ++ Fclose(ptr_old); ++ return res; ++} + +rpmRC SECURITYHOOK_INIT_FUNC(rpmts _ts, const char *_opts) +{ + ts = _ts; -+ int res = 0; ++ char *fullPath = NULL, *fullPath1 = NULL; ++ struct stat buf; + -+ rpmlog(RPMLOG_INFO, "reading device security policy from %s\n", DEVICE_SECURITY_POLICY); -+ root = msmProcessDevSecPolicyXml(DEVICE_SECURITY_POLICY); ++ fullPath = rpmGenPath(ts->rootDir, DEVICE_SECURITY_POLICY, NULL); ++ rpmlog(RPMLOG_DEBUG, "fullPath %s\n", fullPath); ++ if (!fullPath) { ++ rpmlog(RPMLOG_ERR, "Building a full path failed for device security policy\n"); ++ goto plugin_error; ++ } + -+ if (root) { -+ if (msmSetupSWSources(NULL, root, NULL)) { -+ rpmlog(RPMLOG_ERR, "Failed to setup device security policy from %s\n", -+ DEVICE_SECURITY_POLICY); -+ return RPMRC_FAIL; -+ } ++ if (stat(fullPath, &buf) != 0) { // the policy file is missing ++ if (ts->rootDir) { // we are running with --root option and policy is missing, need to copy it for now ++ // first create prefix for it ++ char *sysconfdir = rpmExpand("%{?_sysconfdir}", NULL); ++ if (!sysconfdir || !strcmp(sysconfdir, "")) { ++ rpmlog(RPMLOG_ERR, "Failed to expand %%_sysconfdir macro\n"); ++ goto plugin_error; ++ } ++ fullPath1 = rpmGenPath(ts->rootDir, sysconfdir, NULL); ++ rpmlog(RPMLOG_DEBUG, "fullPath1 %s\n", fullPath1); ++ msmFreePointer((void**)&sysconfdir); ++ if (!fullPath1) { ++ rpmlog(RPMLOG_ERR, "Building a full path for sysconfdir failed\n"); ++ goto plugin_error; ++ } ++ if (rpmioMkpath(fullPath1, 0755, getuid(), getgid()) != 0) { ++ rpmlog(RPMLOG_ERR, "Failed to create a path for policy file\n"); ++ goto plugin_error; ++ } ++ if(copyFile(DEVICE_SECURITY_POLICY_DEF, fullPath) == -1) { ++ /* Do not allow plug-in to proceed without security policy existing */ ++ rpmlog(RPMLOG_ERR, "Failed to copy the policy outside of chroot. Abort installation.\n"); ++ goto plugin_error; ++ } + } else { -+ /* Do not allow plug-in to proceed without security policy existing */ -+ rpmlog(RPMLOG_ERR, "Failed to process sw sources from %s\n", -+ DEVICE_SECURITY_POLICY); -+ return RPMRC_FAIL; ++ /* Do not allow plug-in to proceed without security policy existing */ ++ rpmlog(RPMLOG_ERR, "Policy file is missing at %s. Abort installation.\n", ++ fullPath); ++ goto plugin_error; ++ } + } + -+ /* check its own security context and store it for the case when packages without manifest will be installed */ -+ struct stat buf; ++ rpmlog(RPMLOG_INFO, "reading device security policy from %s\n", fullPath); ++ root = msmProcessDevSecPolicyXml(fullPath); ++ if (!root) { ++ rpmlog(RPMLOG_ERR, "Failed process sw sources from %s\n", fullPath); ++ goto plugin_error; ++ } else { ++ if (msmSetupSWSources(NULL, root, NULL)) { ++ rpmlog(RPMLOG_ERR, "Failed to setup security policy from %s\n",fullPath); ++ goto plugin_error; ++ } ++ } ++ ++ msmFreePointer((void**)&fullPath); ++ msmFreePointer((void**)&fullPath1); ++ ++ fullPath = rpmGenPath(ts->rootDir, SMACK_LOAD_PATH, NULL); ++ rpmlog(RPMLOG_DEBUG, "fullPath for SMACK_LOAD_PATH %s\n", fullPath); ++ if (!fullPath) { ++ rpmlog(RPMLOG_ERR, "Building a full path for smack load failed\n"); ++ goto plugin_error; ++ } + -+ if (stat(SMACK_LOAD_PATH, &buf) == 0) { -+ res = smack_new_label_from_self(&ownSmackLabel); ++ /* check its own security context and store it for the case when packages without manifest will be installed */ ++ if (stat(fullPath, &buf) == 0) { ++ int res = smack_new_label_from_self(&ownSmackLabel); + SmackEnabled = 1; -+ if (res != 0) { ++ if (res < 0) { + rpmlog(RPMLOG_ERR, "Failed to obtain rpm security context\n"); -+ return RPMRC_FAIL; ++ goto plugin_error; + } + } else { -+ rpmlog(RPMLOG_INFO, "Smack disabled in kernel. Going to the image build mode. \n"); ++ rpmlog(RPMLOG_INFO, "Smackfs isn't mounted at %s. Going to the image build mode. \n", fullPath); + ownSmackLabel = strdup("_"); + SmackEnabled = 0; + } + -+ if (stat(SMACK_RULES_PATH, &buf) != 0) { -+ rpmlog(RPMLOG_INFO, "A directory for writing smack rules is missing. Creating one.\n"); ++ msmFreePointer((void**)&fullPath); ++ fullPath = rpmGenPath(ts->rootDir, SMACK_RULES_PATH, NULL); ++ fullPath1 = rpmGenPath(ts->rootDir, SMACK_RULES_PATH_BEG, NULL); ++ rpmlog(RPMLOG_DEBUG, "fullPath for SMACK_RULES_PATH %s\n", fullPath); ++ rpmlog(RPMLOG_DEBUG, "fullPath1 for SMACK_RULES_PATH_BEG %s\n", fullPath1); ++ if ((!fullPath) || (!fullPath1)){ ++ rpmlog(RPMLOG_ERR, "Building a full path failed for smack rules path\n"); ++ goto plugin_error; ++ } ++ ++ if (stat(fullPath, &buf) != 0) { ++ rpmlog(RPMLOG_DEBUG, "A directory for writing smack rules is missing. Creating one.\n"); + mode_t mode = S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IROTH; // 644 -rwer--r-- -+ if (stat(SMACK_RULES_PATH_BEG, &buf) != 0) { -+ if (mkdir(SMACK_RULES_PATH_BEG, mode) != 0) { -+ rpmlog(RPMLOG_ERR, "Failed to create a sub-directory for smack rules\n"); -+ return RPMRC_FAIL; -+ } -+ } -+ if (mkdir(SMACK_RULES_PATH, mode) != 0){ ++ if (stat(fullPath1, &buf) != 0) { ++ if (mkdir(fullPath1, mode) != 0) { ++ rpmlog(RPMLOG_ERR, "Failed to create a sub-directory for smack rules\n"); ++ goto plugin_error; ++ } ++ } ++ if (mkdir(fullPath, mode) != 0){ + rpmlog(RPMLOG_ERR, "Failed to create a directory for smack rules\n"); -+ return RPMRC_FAIL; ++ goto plugin_error; + } + } + ++ msmFreePointer((void**)&fullPath); ++ msmFreePointer((void**)&fullPath1); ++ + rpmlog(RPMLOG_DEBUG, "rpm security context: %s\n", ownSmackLabel); + + cookie = magic_open(0); @@ -1108,6 +1228,11 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + } + + return RPMRC_OK; ++ ++plugin_error: ++ msmFreePointer((void**)&fullPath); ++ msmFreePointer((void**)&fullPath1); ++ return RPMRC_FAIL; +} + +static int findSWSourceByName(sw_source_x *sw_source, void *param) @@ -1119,7 +1244,10 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c +static char *getFilePath(const char *dirName, const char *baseName) +{ + char *fullName = NULL; -+ size_t len = strlen(dirName); ++ size_t len = 0; ++ ++ if (!dirName) return fullName; ++ len = strlen(dirName); + + if (baseName) { + if (dirName[len-1] == '/') { @@ -1516,11 +1644,11 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + } + + rpmlog(RPMLOG_DEBUG, "Starting the security setup...\n"); -+ + unsigned int smackLabel = 0; + + if (rootSWSource || ctx->mfx->sw_source) { + if (ctx->mfx->sw_sources) { ++ smackLabel = 1; /* setting this one on since this manifest doesn't have any define/request section */ + ret = msmSetupSWSources(ctx->smack_accesses, ctx->mfx, ts); + if (ret) { + rpmlog(RPMLOG_ERR, "SW source setup failed for %s\n", @@ -1571,7 +1699,7 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + goto fail; + } + } -+ ++ + /* last check is needed in order to catch in advance + the situation when no ac domain defined or requested */ + if (smackLabel == 0) { @@ -1614,14 +1742,18 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c +rpmRC SECURITYHOOK_FSM_OPENED_FUNC(FSM_t fsm) +{ + ++ //check if there any conflicts that prevent file being written to the disk ++ + fileconflict *fc; + packagecontext *ctx = context; + if (!ctx) return RPMRC_FAIL; + -+ ctx->path = getFilePath(fsm->dirName, fsm->baseName); ++ char* fullpath = getFilePath(fsm->dirName, fsm->baseName); ++ if (!fullpath) return RPMRC_FAIL; ++ rpmlog(RPMLOG_DEBUG, "Constructed file name: %s\n", fullpath); ++ HASH_FIND(hh, allfileconflicts, fullpath, strlen(fullpath), fc); ++ msmFreePointer((void**)&fullpath); + -+ rpmlog(RPMLOG_DEBUG, "Constructed file name: %s\n", ctx->path); -+ HASH_FIND(hh, allfileconflicts, ctx->path, strlen(ctx->path), fc); + if (fc) { + /* There is a conflict, see if we are not allowed to overwrite */ + if (!current || (strcmp(current->rankkey, fc->sw_source->rankkey) > 0)) { @@ -1633,15 +1765,6 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + rpmteN(ctx->te), current->name, fc->path, fc->sw_source->name); + } + -+ ctx->hashctx = NULL; -+ if (fsm->digestalgo != PGPHASHALGO_SHA1) { -+ if ((ctx->hashctx = HASH_Create(HASH_AlgSHA1)) == NULL) { -+ rpmlog(RPMLOG_ERR, "Failed to create hash context %s for %s\n", -+ fsm->path, rpmteN(ctx->te)); -+ return RPMRC_FAIL; -+ } -+ HASH_Begin(ctx->hashctx); -+ } + return RPMRC_OK; +} + @@ -1651,30 +1774,7 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + packagecontext *ctx = context; + if (!ctx) return RPMRC_FAIL; + -+ -+ -+ if (ctx->hashctx) { -+ const unsigned char *ptr = (unsigned char *)fsm->wrbuf; -+ size_t len = fsm->rdnb; -+ size_t partlen = ~(unsigned int)0xFF; -+ while (len > 0) { -+ if (len < partlen) { -+ partlen = len; -+ } -+ HASH_Update(ctx->hashctx, ptr, partlen); -+ ptr += partlen; -+ len -= partlen; -+ } -+ if (!ctx->ino) { -+ /* get file inode number, this is used later on to */ -+ /* make sure that we set credentials to correct file */ -+ struct stat st; -+ int fd = Fileno(fsm->wfd); -+ if (!fstat(fd, &st)) -+ ctx->ino = st.st_ino; -+ } -+ } -+ ++ //no need to have any hashes calculation now + + return RPMRC_OK; +} @@ -1682,60 +1782,70 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c +rpmRC SECURITYHOOK_FSM_CLOSED_FUNC(FSM_t fsm, int rpmrc) +{ + -+ unsigned char digest[SHA1_LENGTH] = { 0 }; + packagecontext *ctx = context; + if (!ctx) return RPMRC_FAIL; ++ if (rpmrc) return rpmrc; + + rpmlog(RPMLOG_DEBUG, "Started with FSM_CLOSED_FUNC hook for file dir name: %s, base name %s \n", fsm->dirName, fsm->baseName); + -+ if (ctx->hashctx) { -+ unsigned int digestlen = HASH_ResultLenContext(ctx->hashctx); -+ if (digestlen > SHA1_LENGTH) digestlen = SHA1_LENGTH; -+ HASH_End(ctx->hashctx, digest, &digestlen, digestlen); -+ HASH_Destroy(ctx->hashctx); -+ } else if (fsm->digestalgo == PGPHASHALGO_SHA1) { -+ unsigned int digestlen = rpmDigestLength(fsm->digestalgo); -+ if (digestlen > SHA1_LENGTH) digestlen = SHA1_LENGTH; -+ memcpy(digest, fsm->digest, digestlen); -+ } -+ if (!rpmrc) { -+ if (ctx->mfx) { -+ file_x *file = xcalloc(1, sizeof(*file)); -+ if (file) { -+ file->path = ctx->path; -+ file->ino = ctx->ino; -+ memcpy(file->digest, digest, SHA1_LENGTH); -+ LISTADD(ctx->mfx->files, file); -+ ctx->path = NULL; -+ ctx->ino = 0; -+ if (rpmteType(ctx->te) == TR_ADDED) { -+ if (msmSetFileXAttributes(ctx->mfx, file->path, cookie) < 0) { -+ rpmlog(RPMLOG_ERR, "Setting of extended attributes failed for file %s from package %s\n", ++ if (ctx->mfx) { ++ file_x *file = xcalloc(1, sizeof(*file)); ++ if (file) { ++ file->path = getFilePath(fsm->dirName, fsm->baseName); ++ LISTADD(ctx->mfx->files, file); ++ if (rpmteType(ctx->te) == TR_ADDED) { ++ if (msmSetFileXAttributes(ctx->mfx, file->path, cookie) < 0) { ++ rpmlog(RPMLOG_ERR, "Setting of extended attributes failed for file %s from package %s\n", + file->path, rpmteN(ctx->te)); -+ return RPMRC_FAIL; -+ } -+ } ++ return RPMRC_FAIL; ++ } ++ } + -+ } -+ } else { -+ rpmlog(RPMLOG_ERR, "Manifest is missing while it should be present for the package %s\n", ++ } else ++ return RPMRC_FAIL; ++ } else { ++ rpmlog(RPMLOG_ERR, "Manifest is missing while it should be present for the package %s\n", + rpmteN(ctx->te)); + return RPMRC_FAIL; -+ } + } + + rpmlog(RPMLOG_DEBUG, "Finished with FSM_CLOSED_FUNC hook for file dir name: %s, base name %s \n", fsm->dirName, fsm->baseName); + return RPMRC_OK; +} + -+rpmRC SECURITYHOOK_POST_PSM_FUNC(rpmte te, char* rootDir, int rpmrc) ++rpmRC SECURITYHOOK_FSM_DIR_LABEL_FUNC(FSM_t fsm, int rpmrc) +{ -+ -+ int ret = 0; + packagecontext *ctx = context; + if (!ctx) return RPMRC_FAIL; ++ if (rpmrc) return rpmrc; ++ ++ rpmlog(RPMLOG_DEBUG, "Started with FSM_DIR_LABEL_FUNC hook for file fsm->path: %s \n", fsm->path); ++ if (ctx->mfx) { ++ if (msmSetFileXAttributes(ctx->mfx, fsm->path, cookie) < 0) { ++ rpmlog(RPMLOG_ERR, "Setting of extended attributes failed for dir %s from package %s\n", ++ fsm->path, rpmteN(ctx->te)); ++ rpmrc = RPMRC_FAIL; ++ } ++ ++ } else { ++ rpmlog(RPMLOG_ERR, "Manifest is missing while it should be present for the package %s\n", ++ rpmteN(ctx->te)); ++ return RPMRC_FAIL; ++ } + -+ if (rpmrc) { ++ rpmlog(RPMLOG_DEBUG, "Finished with FSM_DIR_LABEL_FUNC hook for file fsm->path: %s \n", fsm->path); ++ return rpmrc; ++} ++ ++ ++rpmRC SECURITYHOOK_POST_PSM_FUNC(rpmte te, int rpmrc) ++{ ++ ++ rpmRC res = RPMRC_FAIL; ++ packagecontext *ctx = context; ++ if (!ctx) return res; ++ ++ if (rpmrc == RPMRC_FAIL) { + /* failure in rpm psm, rollback */ + if (rpmteType(ctx->te) == TR_ADDED) + msmCancelPackage(ctx->mfx->name); @@ -1771,13 +1881,13 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + + } + ++ res = RPMRC_OK; ++ + exit: ++ + current = NULL; + -+ if (ret) { -+ return RPMRC_FAIL; -+ } -+ return rpmrc; ++ return res; +} + +rpmRC SECURITYHOOK_POST_TSM_FUNC(rpmts _ts) @@ -1785,6 +1895,12 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + + packagecontext *ctx = context; + if (!ctx) return RPMRC_FAIL; ++ msmFreeInternalHashes(); // free hash structures first ++ ++ if (root) { ++ msmSaveDeviceSecPolicyXml(root, ts->rootDir); ++ if (!rootSWSource) root = msmFreeManifestXml(root); ++ } + return RPMRC_OK; +} + @@ -1795,7 +1911,6 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + packagecontext *next = ctx->next; + msmFreePointer((void**)&ctx->data); + ctx->mfx = msmFreeManifestXml(ctx->mfx); -+ msmFreePointer((void**)&ctx->path); + if (ctx->smack_accesses) smack_accesses_free(ctx->smack_accesses); + msmFreePointer((void**)&ctx); + ctx = next; @@ -1807,14 +1922,6 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + +rpmRC SECURITYHOOK_CLEANUP_FUNC(void) +{ -+ -+ msmFreeInternalHashes(); // free hash structures first -+ -+ if (root) { -+ msmSaveDeviceSecPolicyXml(root); -+ if (!rootSWSource) root = msmFreeManifestXml(root); -+ } -+ + ts = NULL; + + contextsHead = contextsTail = msmFree(contextsHead); @@ -1830,7 +1937,7 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + } + + msmFreePointer((void**)&ownSmackLabel); -+ magic_close(cookie); ++ if (cookie) magic_close(cookie); + + return RPMRC_OK; +} @@ -1880,10 +1987,11 @@ diff -Nuarp rpm/security/msm.c rpm-security/security/msm.c + *ptr = NULL; + return; +} ++ diff -Nuarp rpm/security/msmconfig.c rpm-security/security/msmconfig.c --- rpm/security/msmconfig.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msmconfig.c 2012-08-06 12:49:34.377011655 +0300 -@@ -0,0 +1,264 @@ ++++ rpm-security/security/msmconfig.c 2012-10-01 10:29:50.323983642 +0300 +@@ -0,0 +1,273 @@ +/* + * This file is part of MSM security plugin + * Greatly based on the code of MSSF security plugin @@ -2117,10 +2225,18 @@ diff -Nuarp rpm/security/msmconfig.c rpm-security/security/msmconfig.c + * @param mfx data to serialize + * @return RPMRC_OK or RPMRC_FAIL + */ -+rpmRC msmSaveDeviceSecPolicyXml(manifest_x *mfx) ++rpmRC msmSaveDeviceSecPolicyXml(manifest_x *mfx, const char *rootDir) +{ + FILE *outFile; -+ rpmRC rc = RPMRC_OK; ++ rpmRC rc = RPMRC_OK; ++ char *fullPath = NULL; ++ ++ fullPath = rpmGenPath(rootDir, DEVICE_SECURITY_POLICY, NULL); ++ rpmlog(RPMLOG_DEBUG, "fullPath %s\n", fullPath); ++ if (!fullPath) { ++ rpmlog(RPMLOG_ERR, "Building a full path failed for device security policy\n"); ++ return RPMRC_FAIL; ++ } + + /* if data doesn't have sw_source information, no need to do anything */ + if (mfx && mfx->sw_sources) { @@ -2132,26 +2248,27 @@ diff -Nuarp rpm/security/msmconfig.c rpm-security/security/msmconfig.c + LISTHEAD(mfx->sw_sources, sw_source); + msmHandleSWSource(rootnode, sw_source); + -+ outFile = fopen(DEVICE_SECURITY_POLICY, "w"); ++ outFile = fopen(fullPath, "w"); + if (outFile) { + xmlElemDump(outFile, doc, rootnode); + fclose(outFile); + } else { + rpmlog(RPMLOG_ERR, "Unable to write device security policy%s\n", -+ DEVICE_SECURITY_POLICY); ++ fullPath); + rc = RPMRC_FAIL; + } + xmlFreeDoc(doc); + xmlCleanupParser(); + } + ++ msmFreePointer((void**)&fullPath); + return rc; +} + diff -Nuarp rpm/security/msm.h rpm-security/security/msm.h --- rpm/security/msm.h 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msm.h 2012-08-06 12:49:34.377011655 +0300 -@@ -0,0 +1,469 @@ ++++ rpm-security/security/msm.h 2012-10-01 10:29:50.323983642 +0300 +@@ -0,0 +1,471 @@ +/* + * This file is part of MSM security plugin + * Greatly based on the code of MSSF security plugin @@ -2193,12 +2310,13 @@ diff -Nuarp rpm/security/msm.h rpm-security/security/msm.h +#define SMACK_RULES_PATH "/etc/smack/accesses.d/" +#define SMACK_RULES_PATH_BEG "/etc/smack/" +#define DEVICE_SECURITY_POLICY "/etc/device-sec-policy" ++#define DEVICE_SECURITY_POLICY_DEF "/usr/lib/rpm-plugins/msm-device-sec-policy" +#define SMACK_LOAD_PATH "/smack/load" + +#define SMACK_ISOLATED_LABEL "Isolated" + +#define SMACK_LABEL_LENGTH 255 -+#define SMACK_ACCESS_TYPE_LENGHT 5 ++#define SMACK_ACCESS_TYPE_LENGHT 6 +#define SMACK_UNINSTALL 1 +#define RANK_LIMIT 10000 + @@ -2590,9 +2708,10 @@ diff -Nuarp rpm/security/msm.h rpm-security/security/msm.h +/** \ingroup msm + * Saves configuration into /etc/dev-sec-policy. + * @param mfx data to serialize ++ * @param rooDir ts->rootDir prefix + * @return RPMRC_OK or RPMRC_FAIL + */ -+rpmRC msmSaveDeviceSecPolicyXml(manifest_x *root); ++rpmRC msmSaveDeviceSecPolicyXml(manifest_x *root, const char *rootDir); + +/** \ingroup msm + * Depth first tree traversal for sw source tree. @@ -2623,8 +2742,8 @@ diff -Nuarp rpm/security/msm.h rpm-security/security/msm.h +#endif diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c --- rpm/security/msmmanifest.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msmmanifest.c 2012-08-06 12:49:34.381011684 +0300 -@@ -0,0 +1,1484 @@ ++++ rpm-security/security/msmmanifest.c 2012-10-01 10:29:50.323983642 +0300 +@@ -0,0 +1,1501 @@ +/* + * This file is part of MSM security plugin + * Greatly based on the code of MSSF security plugin @@ -2684,7 +2803,8 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + } + while ( type[idx] != '\0' ){ + if ((type[idx] !='a') && (type[idx]!='r') && (type[idx]!='w') && -+ (type[idx]!='x') && (type[idx]!='t') && (type[idx] !='-')) { ++ (type[idx]!='x') && (type[idx]!='t') && (type[idx] !='-') && ++ (type[idx] != 'l')) { + rpmlog(RPMLOG_ERR, "Not allowed character in access type: %s\n", type); + res = -1; + break; @@ -3189,6 +3309,11 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + + rpmlog(RPMLOG_DEBUG, "request\n"); + ++ if (!define->name) { ++ rpmlog(RPMLOG_ERR, "An attempt to define a domain without a name. Abort.\n"); ++ return -1; ++ } ++ + depth = xmlTextReaderDepth(reader); + while ((ret = msmNextChildElement(reader, depth))) { + node = xmlTextReaderConstName(reader); @@ -3231,6 +3356,7 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + rpmlog(RPMLOG_ERR, "Not allowed element in domain request section: %s\n", ASCII(node)); + return -1; + } ++ if (ret < 0) return ret; + } + + return ret; @@ -3242,6 +3368,12 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + int ret, depth; + + rpmlog(RPMLOG_DEBUG, "permit\n"); ++ ++ if (!define->name) { ++ rpmlog(RPMLOG_ERR, "An attempt to define a domain without a name. Abort.\n"); ++ return -1; ++ } ++ + depth = xmlTextReaderDepth(reader); + + while ((ret = msmNextChildElement(reader, depth))) { @@ -3298,6 +3430,7 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + rpmlog(RPMLOG_ERR, "Not allowed element in domain permit section: %s\n", ASCII(node)); + return -1; + } ++ if (ret < 0) return ret; + } + + return ret; @@ -3310,6 +3443,11 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + + rpmlog(RPMLOG_DEBUG, "provide\n"); + ++ if (!define->name) { ++ rpmlog(RPMLOG_ERR, "An attempt to define a domain without a name. Abort.\n"); ++ return -1; ++ } ++ + depth = xmlTextReaderDepth(reader); + while ((ret = msmNextChildElement(reader, depth))) { + node = xmlTextReaderConstName(reader); @@ -3347,6 +3485,7 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + rpmlog(RPMLOG_ERR, "Not allowed element in domain provide section: %s\n", ASCII(node)); + return -1; + } ++ if (ret < 0) return ret; + } + + return ret; @@ -3443,12 +3582,9 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + + if (ret < 0) return ret; + } -+ + return ret; +} + -+ -+ +static int msmProcessKeyinfo(xmlTextReaderPtr reader, origin_x *origin) +{ + const xmlChar *keydata; @@ -3546,6 +3682,7 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + } + } else return -1; + } else return -1; ++ if (ret < 0) return ret; + } + return ret; +} @@ -3575,7 +3712,6 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c + } + } else return -1; + } else return -1; -+ + if (ret < 0) return ret; + } + return ret; @@ -4111,7 +4247,7 @@ diff -Nuarp rpm/security/msmmanifest.c rpm-security/security/msmmanifest.c +} diff -Nuarp rpm/security/msmmatch.c rpm-security/security/msmmatch.c --- rpm/security/msmmatch.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msmmatch.c 2012-08-06 12:49:34.381011684 +0300 ++++ rpm-security/security/msmmatch.c 2012-10-01 10:29:50.327983644 +0300 @@ -0,0 +1,71 @@ +/* + * This file is part of MSM security plugin @@ -4186,8 +4322,8 @@ diff -Nuarp rpm/security/msmmatch.c rpm-security/security/msmmatch.c + diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c --- rpm/security/msmxattr.c 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/msmxattr.c 2012-08-06 13:37:44.891344948 +0300 -@@ -0,0 +1,1316 @@ ++++ rpm-security/security/msmxattr.c 2012-10-01 10:29:50.327983644 +0300 +@@ -0,0 +1,1338 @@ +/* + * This file is part of MSM security plugin + * Greatly based on the code of MSSF security plugin @@ -4196,7 +4332,7 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + * + * Contact: Tero Aho <ext-tero.aho@nokia.com> + * -+ * Copyright (C) 2011 - 2012 Intel Corporation. ++ * Copyright (C) 2011 - 2013 Intel Corporation. + * + * Contact: Elena Reshetova <elena.reshetova@intel.com> + * @@ -4907,7 +5043,9 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + HASH_FIND(hh, all_ac_domains, mfx->request->ac_domain, strlen(mfx->request->ac_domain), defined_ac_domain); + if (!defined_ac_domain){ // request for a undefined domain. + rpmlog(RPMLOG_ERR, "Request for a domain name %s that hasn't been yet defined by any package\n", mfx->request->ac_domain); ++ #ifdef ENABLE_DCHECKS + return -1; ++ #endif + } + + //now check that the package can join the requested AC domain @@ -4921,7 +5059,9 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + + //need to check if developer allowed other packages to join this domain + if (msmCheckDomainJoinPossibility(mfx, defined_ac_domain) < 0 ) ++ #ifdef ENABLE_DCHECKS + return -1; ++ #endif + + // now checking if security policy allows to join this domain + if (msmIsRequestAllowed(mfx, defined_ac_domain)) { @@ -4930,8 +5070,11 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + + } else { + rpmlog(RPMLOG_ERR, "Request for a domain name %s isn't allowed based on package sw source\n", mfx->request->ac_domain); ++ #ifdef ENABLE_DCHECKS + return -1; ++ #endif + } ++ return 0; +} + +static int msmSetupProvides(struct smack_accesses *smack_accesses, package_x *package) @@ -5078,8 +5221,11 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + if (mfx->define->d_requests) { + for (d_request = mfx->define->d_requests; d_request; d_request = d_request->prev) { + // first check if the current's package sw source can grant access to requested domain -+ if ( msmCheckDomainRequestOrPermit(mfx, d_request->label_name) < 0 ) ++ if ( msmCheckDomainRequestOrPermit(mfx, d_request->label_name) < 0 ) { ++ #ifdef ENABLE_DCHECKS + return -1; ++ #endif ++ } + if ( smack_accesses_add(smack_accesses, mfx->define->name, d_request->label_name, d_request->ac_type) < 0 ) { + rpmlog(RPMLOG_ERR, "Failed to set smack rules for domain requests\n"); + return -1; @@ -5091,13 +5237,18 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + if (mfx->define->d_permits) { + for (d_permit = mfx->define->d_permits; d_permit; d_permit = d_permit->prev) { + // first check if the current's package sw source can grant access to permited domain -+ if ( msmCheckDomainRequestOrPermit(mfx, d_permit->label_name) < 0 ) ++ if ( msmCheckDomainRequestOrPermit(mfx, d_permit->label_name) < 0 ) { ++ #ifdef ENABLE_DCHECKS + return -1; ++ #endif ++ } + if (!d_permit->to_label_name) + ret = smack_accesses_add(smack_accesses, d_permit->label_name, mfx->define->name, d_permit->ac_type); + else { + if ( msmCheckLabelProvisioning(mfx, d_permit->to_label_name) < 0 ) -+ return -1; ++ #ifdef ENABLE_DCHECKS ++ return -1; ++ #endif + ret = smack_accesses_add(smack_accesses, d_permit->label_name, d_permit->to_label_name, d_permit->ac_type); + } + if (ret < 0) { @@ -5144,7 +5295,6 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + strncpy(buffer + strlen(SMACK_RULES_PATH), package_name, strlen(package_name)); + rpmlog(RPMLOG_DEBUG, "smack rule file path %s, SmackEnabled %d\n", buffer, SmackEnabled); + -+ + if (flag == SMACK_UNINSTALL) { /* uninstallation case */ + FILE* fd = fopen(buffer, "r"); + if (fd) { @@ -5202,6 +5352,7 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c +int msmSetupPackages(struct smack_accesses *smack_accesses, package_x *packages, sw_source_x *sw_source) +{ + package_x *package, *first = NULL; ++ char *p_rankkey, *c_rankkey; + for (package = packages; package; package = package->prev) { + package_x *current_p; + rpmlog(RPMLOG_DEBUG, "before HASH_FIND, package->name %s\n", package->name); @@ -5211,19 +5362,26 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + if (!current_p->sw_source) { + return -1; + } ++ p_rankkey = strdup(package->sw_source->rankkey); ++ c_rankkey = strdup(current_p->sw_source->rankkey); ++ p_rankkey = strtok(p_rankkey, "."); ++ c_rankkey = strtok(c_rankkey, "."); + /* this is an upgrade, remove old one from config */ -+ if (strcmp(package->sw_source->rankkey, current_p->sw_source->rankkey) <= 0) { ++ if ((strcmp(p_rankkey, c_rankkey) < 0) || ++ (strcmp(package->sw_source->name, current_p->sw_source->name) == 0)) { + HASH_DELETE(hh, allpackages, current_p); + rpmlog(RPMLOG_INFO, "sw source %s upgraded package %s previously provided in sw source %s\n", + package->sw_source->name, package->name, current_p->sw_source->name); + current_p->newer = package; + package->older = current_p; + } else { -+ /* upgrade from lower ranked sw source is not allowed */ ++ /* upgrade from lower or similary ranked sw source is not allowed */ + rpmlog(RPMLOG_ERR, "sw source %s tried to upgrade package %s previously provided in sw source %s\n", + package->sw_source->name, package->name, current_p->sw_source->name); + return -1; + } ++ msmFreePointer((void**)&p_rankkey); ++ msmFreePointer((void**)&c_rankkey); + } else { + if (sw_source) { + rpmlog(RPMLOG_INFO, "sw source %s provided package %s\n", package->sw_source->name, package->name); @@ -5333,8 +5491,7 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c +int msmSetFileXAttributes(manifest_x *mfx, const char* filepath, magic_t cookie) +{ + provide_x *provide = NULL; -+ filesystem_x *filesystem = NULL; -+ ++ filesystem_x *filesystem = NULL; + size_t len = 0, match = 0; + const char *label = NULL; + const char *exec_label = NULL; @@ -5342,6 +5499,7 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + const char isolatedLabel[] = SMACK_ISOLATED_LABEL; + struct stat st; + ++ if (!filepath) return -1; + if (mfx->name) { + package_x *package = msmCheckPackage(mfx->name); + if (!package) @@ -5433,7 +5591,7 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + } + + if (type) { //marked as transmutable+ -+ if (S_ISDIR(st.st_mode)) { //check that it is a directory ++ if ((lstat(filepath, &st) != -1) && (S_ISDIR(st.st_mode))) { //check that it is a directory + char at_true[] = "TRUE"; + rpmlog(RPMLOG_INFO, "setting SMACK64TRANSMUTE %s for %s\n", at_true, filepath); + if ( lsetxattr(filepath, SMACK64TRANSMUTE, at_true, strlen(at_true), 0) < 0 ) { @@ -5506,8 +5664,8 @@ diff -Nuarp rpm/security/msmxattr.c rpm-security/security/msmxattr.c + diff -Nuarp rpm/security/security.h rpm-security/security/security.h --- rpm/security/security.h 1970-01-01 02:00:00.000000000 +0200 -+++ rpm-security/security/security.h 2012-08-06 12:49:34.381011684 +0300 -@@ -0,0 +1,25 @@ ++++ rpm-security/security/security.h 2012-10-01 10:29:50.327983644 +0300 +@@ -0,0 +1,26 @@ +#include "system.h" + +#include <rpm/rpmmacro.h> @@ -5524,11 +5682,12 @@ diff -Nuarp rpm/security/security.h rpm-security/security/security.h +rpmRC SECURITYHOOK_PRE_TSM_FUNC(rpmts _ts); +rpmRC SECURITYHOOK_POST_TSM_FUNC(rpmts _ts); +rpmRC SECURITYHOOK_PRE_PSM_FUNC(rpmte _te); -+rpmRC SECURITYHOOK_POST_PSM_FUNC(rpmte _te, char * rootDir, int rpmrc); ++rpmRC SECURITYHOOK_POST_PSM_FUNC(rpmte _te, int rpmrc); +rpmRC SECURITYHOOK_SCRIPT_EXEC_FUNC(ARGV_const_t argv); +rpmRC SECURITYHOOK_FSM_OPENED_FUNC(FSM_t fsm); +rpmRC SECURITYHOOK_FSM_UPDATED_FUNC(FSM_t fsm); +rpmRC SECURITYHOOK_FSM_CLOSED_FUNC(FSM_t fsm, int rpmrc); ++rpmRC SECURITYHOOK_FSM_DIR_LABEL_FUNC(FSM_t fsm, int rpmrc); +rpmRC SECURITYHOOK_VERIFY_FUNC(rpmKeyring keyring, rpmtd sigtd, + pgpDig dig, rpmRC rpmrc); +rpmRC SECURITYHOOK_FILE_CONFLICT_FUNC(rpmts ts, rpmte te, rpmfi fi, diff --git a/scripts/rpm.daily b/scripts/rpm.daily index 3a199cc..a65c93e 100755 --- a/scripts/rpm.daily +++ b/scripts/rpm.daily @@ -1,4 +1,5 @@ #!/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin tmpfile=`/bin/mktemp /var/log/rpmpkgs.XXXXXXXXX` || exit 1 /bin/rpm -qa --qf '%{name}-%{version}-%{release}.%{arch}.rpm\n' 2>&1 \ diff --git a/scripts/rpm2cpio.sh b/scripts/rpm2cpio.sh index b03ee36..b81022c 100755 --- a/scripts/rpm2cpio.sh +++ b/scripts/rpm2cpio.sh @@ -1,4 +1,5 @@ #!/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin pkg=$1 if [ "$pkg" = "" -o ! -e "$pkg" ]; then diff --git a/scripts/tgpg b/scripts/tgpg index 238cffb..491740d 100755 --- a/scripts/tgpg +++ b/scripts/tgpg @@ -1,5 +1,5 @@ #!/bin/sh - +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin for pkg in $* do |