diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/cpio.c | 1 | ||||
-rw-r--r-- | lib/cpio.h | 19 | ||||
-rw-r--r-- | lib/fsm.c | 49 | ||||
-rw-r--r-- | lib/fsm.h | 27 | ||||
-rw-r--r-- | lib/poptI.c | 7 | ||||
-rw-r--r-- | lib/poptQV.c | 8 | ||||
-rw-r--r-- | lib/rpmcli.h | 3 | ||||
-rw-r--r-- | lib/rpmfi.c | 2 | ||||
-rw-r--r-- | lib/rpmfi.h | 2 | ||||
-rw-r--r-- | lib/rpminstall.c | 14 | ||||
-rw-r--r-- | lib/rpmlib.h | 2 | ||||
-rw-r--r-- | lib/rpmsx.c | 6 | ||||
-rw-r--r-- | lib/rpmsx.h | 3 | ||||
-rw-r--r-- | lib/rpmts.c | 1 | ||||
-rw-r--r-- | lib/rpmts.h | 6 | ||||
-rw-r--r-- | lib/verify.c | 4 |
16 files changed, 119 insertions, 35 deletions
diff --git a/lib/cpio.c b/lib/cpio.c index 24bb52e89..cbd76d986 100644 --- a/lib/cpio.c +++ b/lib/cpio.c @@ -228,6 +228,7 @@ const char *const cpioStrerror(int rc) case CPIOERR_READLINK_FAILED: s = "readlink"; break; case CPIOERR_READ_FAILED: s = "read"; break; case CPIOERR_COPY_FAILED: s = "copy"; break; + case CPIOERR_LSETFCON_FAILED: s = "lsetfilecon"; break; case CPIOERR_HDR_SIZE: s = _("Header size too big"); break; case CPIOERR_UNKNOWN_FILETYPE: s = _("Unknown file type"); break; diff --git a/lib/cpio.h b/lib/cpio.h index 1dcaa2acf..b7362f138 100644 --- a/lib/cpio.h +++ b/lib/cpio.h @@ -41,15 +41,16 @@ enum cpioErrorReturns { CPIOERR_READLINK_FAILED = (19 | CPIOERR_CHECK_ERRNO), CPIOERR_READ_FAILED = (20 | CPIOERR_CHECK_ERRNO), CPIOERR_COPY_FAILED = (21 | CPIOERR_CHECK_ERRNO), - CPIOERR_HDR_SIZE = (22 ), - CPIOERR_HDR_TRAILER = (23 ), - CPIOERR_UNKNOWN_FILETYPE= (24 ), - CPIOERR_MISSING_HARDLINK= (25 ), - CPIOERR_MD5SUM_MISMATCH = (26 ), - CPIOERR_INTERNAL = (27 ), - CPIOERR_UNMAPPED_FILE = (28 ), - CPIOERR_ENOENT = (29 ), - CPIOERR_ENOTEMPTY = (30 ) + CPIOERR_LSETFCON_FAILED = (22 | CPIOERR_CHECK_ERRNO), + CPIOERR_HDR_SIZE = (23 ), + CPIOERR_HDR_TRAILER = (24 ), + CPIOERR_UNKNOWN_FILETYPE= (25 ), + CPIOERR_MISSING_HARDLINK= (26 ), + CPIOERR_MD5SUM_MISMATCH = (27 ), + CPIOERR_INTERNAL = (28 ), + CPIOERR_UNMAPPED_FILE = (29 ), + CPIOERR_ENOENT = (30 ), + CPIOERR_ENOTEMPTY = (31 ) }; /** \ingroup payload @@ -618,6 +618,32 @@ int fsmTeardown(FSM_t fsm) return rc; } +static int fsmMapFContext(FSM_t fsm) + /*@modifies fsm @*/ +{ + rpmts ts = fsmGetTs(fsm); + rpmfi fi = fsmGetFi(fsm); + struct stat * st = &fsm->sb; + + /* + * Find file security context (if not disabled). + */ + fsm->fcontext = NULL; + if (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) { + rpmsx sx = rpmtsREContext(ts); + + if (sx != NULL) { + /* Get file security context from patterns. */ + fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode); + sx = rpmsxFree(sx); + } else { + /* Get file security context from package. */ + fsm->fcontext = rpmfiFContext(fi); + } + } + return 0; +} + int fsmMapPath(FSM_t fsm) { rpmfi fi = fsmGetFi(fsm); /* XXX const except for fstates */ @@ -757,6 +783,9 @@ int fsmMapAttrs(FSM_t fsm) { rpmts ts = fsmGetTs(fsm); + /* + * Set file md5 (if not disabled). + */ if (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOMD5)) { fsm->fmd5sum = (fi->fmd5s ? fi->fmd5s[i] : NULL); fsm->md5sum = (fi->md5s ? (fi->md5s + (16 * i)) : NULL); @@ -1929,6 +1958,15 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break; } fsm->opath = _free(fsm->opath); } + /* + * Set file security context (if not disabled). + */ + if (!rc && !getuid()) { + rc = fsmMapFContext(fsm); + if (!rc) + rc = fsmNext(fsm, FSM_LSETFCON); + fsm->fcontext = NULL; + } if (S_ISLNK(st->st_mode)) { if (!rc && !getuid()) rc = fsmNext(fsm, FSM_LCHOWN); @@ -2099,6 +2137,16 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break; default: rc = CPIOERR_RMDIR_FAILED; /*@switchbreak@*/ break; } break; + case FSM_LSETFCON: + if (fsm->fcontext == NULL) + break; + rc = lsetfilecon(fsm->path, (security_context_t)fsm->fcontext); + if (_fsm_debug && (stage & FSM_SYSCALL)) + rpmMessage(RPMMESS_DEBUG, " %8s (%s, %s) %s\n", cur, + fsm->path, fsm->fcontext, + (rc < 0 ? strerror(errno) : "")); + if (rc < 0) rc = CPIOERR_LSETFCON_FAILED; + break; case FSM_CHOWN: rc = chown(fsm->path, st->st_uid, st->st_gid); if (_fsm_debug && (stage & FSM_SYSCALL)) @@ -2405,6 +2453,7 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break; case FSM_RENAME: return "Rename"; case FSM_MKDIR: return "Mkdir"; case FSM_RMDIR: return "rmdir"; + case FSM_LSETFCON: return "lsetfcon"; case FSM_CHOWN: return "chown"; case FSM_LCHOWN: return "lchown"; case FSM_CHMOD: return "chmod"; @@ -54,18 +54,19 @@ typedef enum fileStage_e { FSM_RENAME = _fs(34), FSM_MKDIR = _fs(35), FSM_RMDIR = _fs(36), - FSM_CHOWN = _fs(37), - FSM_LCHOWN = _fs(38), - FSM_CHMOD = _fs(39), - FSM_UTIME = _fs(40), - FSM_SYMLINK = _fs(41), - FSM_LINK = _fs(42), - FSM_MKFIFO = _fs(43), - FSM_MKNOD = _fs(44), - FSM_LSTAT = _fs(45), - FSM_STAT = _fs(46), - FSM_READLINK= _fs(47), - FSM_CHROOT = _fs(48), + FSM_LSETFCON= _fs(39), + FSM_CHOWN = _fs(40), + FSM_LCHOWN = _fs(41), + FSM_CHMOD = _fs(42), + FSM_UTIME = _fs(43), + FSM_SYMLINK = _fs(44), + FSM_LINK = _fs(45), + FSM_MKFIFO = _fs(46), + FSM_MKNOD = _fs(47), + FSM_LSTAT = _fs(48), + FSM_STAT = _fs(49), + FSM_READLINK= _fs(50), + FSM_CHROOT = _fs(51), FSM_NEXT = _fd(65), FSM_EAT = _fd(66), @@ -188,6 +189,8 @@ struct fsm_s { const char * fmd5sum; /*!< Hex MD5 sum (NULL disables). */ /*@shared@*/ /*@relnull@*/ const char * md5sum; /*!< Binary MD5 sum (NULL disables). */ +/*@dependent@*/ /*@observer@*/ /*@null@*/ + const char * fcontext; /*!< File security context (NULL disables). */ unsigned fflags; /*!< File flags. */ fileAction action; /*!< File disposition. */ diff --git a/lib/poptI.c b/lib/poptI.c index 114f103b8..1cfe99674 100644 --- a/lib/poptI.c +++ b/lib/poptI.c @@ -120,6 +120,10 @@ static void installArgCallback( /*@unused@*/ poptContext con, ia->transFlags |= RPMTRANS_FLAG_NOMD5; break; + case RPMCLI_POPT_NOCONTEXTS: + ia->transFlags |= RPMTRANS_FLAG_NOCONTEXTS; + break; + case RPMCLI_POPT_FORCE: ia->probFilter |= ( RPMPROB_FILTER_REPLACEPKG @@ -225,6 +229,9 @@ struct poptOption rpmInstallPoptTable[] = { { "nomd5", '\0', 0, NULL, RPMCLI_POPT_NOMD5, N_("don't verify MD5 digest of files"), NULL }, + { "nocontexts", '\0',0, NULL, RPMCLI_POPT_NOCONTEXTS, + N_("don't install file security contexts"), NULL}, + { "noorder", '\0', POPT_BIT_SET, &rpmIArgs.installInterfaceFlags, INSTALL_NOORDER, N_("do not reorder package installation to satisfy dependencies"), diff --git a/lib/poptQV.c b/lib/poptQV.c index dc2820dc5..52ecf5230 100644 --- a/lib/poptQV.c +++ b/lib/poptQV.c @@ -194,6 +194,10 @@ static void queryArgCallback(poptContext con, qva->qva_flags |= VERIFY_MD5; break; + case RPMCLI_POPT_NOCONTEXTS: + qva->qva_flags |= VERIFY_CONTEXTS; + break; + #ifdef NOTYET case RPMCLI_POPT_FORCE: ia->probFilter |= @@ -299,8 +303,8 @@ struct poptOption rpmVerifyPoptTable[] = { &rpmQVKArgs.qva_flags, VERIFY_RDEV, N_("don't verify mode of files"), NULL }, - { "nocontexts", '\0', POPT_BIT_SET|POPT_ARGFLAG_DOC_HIDDEN, &rpmQVKArgs.qva_flags, VERIFY_CONTEXTS, - N_("don't verify file contexts"), NULL}, + { "nocontexts", '\0', POPT_ARGFLAG_DOC_HIDDEN, NULL, RPMCLI_POPT_NOCONTEXTS, + N_("don't verify file security contexts"), NULL }, { "nofiles", '\0', POPT_BIT_SET, &rpmQVKArgs.qva_flags, VERIFY_FILES, N_("don't verify files in package"), NULL}, #ifdef DYING diff --git a/lib/rpmcli.h b/lib/rpmcli.h index 36e5baf8c..1b32710fa 100644 --- a/lib/rpmcli.h +++ b/lib/rpmcli.h @@ -81,6 +81,7 @@ rpmcliFini(/*@only@*/ /*@null@*/ poptContext optCon) #define RPMCLI_POPT_NOSIGNATURE -1029 #define RPMCLI_POPT_NODIGEST -1030 #define RPMCLI_POPT_NOHDRCHK -1031 +#define RPMCLI_POPT_NOCONTEXTS -1032 /* ==================================================================== */ /** \name RPMQV */ @@ -388,7 +389,7 @@ int rpmcliQuery(rpmts ts, QVA_t qva, /*@null@*/ const char ** argv) int rpmVerifyFile(const rpmts ts, rpmfi fi, /*@out@*/ rpmVerifyAttrs * res, rpmVerifyAttrs omitMask) /*@globals h_errno, fileSystem, internalState @*/ - /*@modifies fi, *res, fileSystem, internalState @*/ + /*@modifies ts, fi, *res, fileSystem, internalState @*/ /*@requires maxSet(res) >= 0 @*/; /*@=incondefs@*/ diff --git a/lib/rpmfi.c b/lib/rpmfi.c index 87745f131..2d4df32ee 100644 --- a/lib/rpmfi.c +++ b/lib/rpmfi.c @@ -1189,7 +1189,7 @@ static inline unsigned char nibble(char c) (_fi)->_data = memcpy(xmalloc((_fi)->fc * sizeof(*(_fi)->_data)), \ (_fi)->_data, (_fi)->fc * sizeof(*(_fi)->_data)) -rpmfi rpmfiNew(rpmts ts, Header h, rpmTag tagN, int scareMem) +rpmfi rpmfiNew(const rpmts ts, Header h, rpmTag tagN, int scareMem) { HGE_t hge = (scareMem ? (HGE_t) headerGetEntryMinMemory : (HGE_t) headerGetEntry); diff --git a/lib/rpmfi.h b/lib/rpmfi.h index af0ad2362..2af691234 100644 --- a/lib/rpmfi.h +++ b/lib/rpmfi.h @@ -509,7 +509,7 @@ rpmfi rpmfiFree(/*@killref@*/ /*@only@*/ /*@null@*/ rpmfi fi) * @return new file info set */ /*@null@*/ -rpmfi rpmfiNew(/*@null@*/ rpmts ts, Header h, rpmTag tagN, int scareMem) +rpmfi rpmfiNew(/*@null@*/ const rpmts ts, Header h, rpmTag tagN, int scareMem) /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ /*@modifies ts, h, rpmGlobalMacroContext, fileSystem @*/; diff --git a/lib/rpminstall.c b/lib/rpminstall.c index 7593ec4b6..6df8c5e41 100644 --- a/lib/rpminstall.c +++ b/lib/rpminstall.c @@ -307,7 +307,21 @@ int rpmInstall(rpmts ts, if (rpmExpandNumeric("%{?_repackage_all_erasures}")) ia->transFlags |= RPMTRANS_FLAG_REPACKAGE; + /* Initialize security context patterns (if not already done). */ + if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) { + rpmsx sx = rpmtsREContext(ts); + if (sx == NULL) { + const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL); + if (fn != NULL && *fn != '\0') { + sx = rpmsxNew(fn); + (void) rpmtsSetREContext(ts, sx); + } + fn = _free(fn); + } + sx = rpmsxFree(sx); + } (void) rpmtsSetFlags(ts, ia->transFlags); + probFilter = ia->probFilter; relocations = ia->relocations; diff --git a/lib/rpmlib.h b/lib/rpmlib.h index 9356a074a..81ab496ac 100644 --- a/lib/rpmlib.h +++ b/lib/rpmlib.h @@ -937,7 +937,7 @@ typedef enum rpmtransFlags_e { /*@-enummemuse@*/ RPMTRANS_FLAG_KEEPOBSOLETE = (1 << 7), /*!< @todo Document. */ /*@=enummemuse@*/ - /* (1 << 8) unused. */ + RPMTRANS_FLAG_NOCONTEXTS = (1 << 8), /*!< from --nocontexts */ RPMTRANS_FLAG_DIRSTASH = (1 << 9), /*!< from --dirstash */ RPMTRANS_FLAG_REPACKAGE = (1 << 10), /*!< from --repackage */ diff --git a/lib/rpmsx.c b/lib/rpmsx.c index cf77a8c97..f01690ceb 100644 --- a/lib/rpmsx.c +++ b/lib/rpmsx.c @@ -619,7 +619,7 @@ rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse) const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode) { - const char * context = NULL; + const char * fcontext = NULL; const char * myfn = fn; /*@-mods@*/ int fstem = rpmsxFind(sx, &myfn); @@ -652,7 +652,7 @@ const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode) continue; /*@notreached@*/ /*@switchbreak@*/ break; case 0: - context = rpmsxContext(sx); + fcontext = rpmsxContext(sx); /*@switchbreak@*/ break; default: { static char errbuf[255 + 1]; @@ -666,5 +666,5 @@ const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode) break; } - return context; + return fcontext; } diff --git a/lib/rpmsx.h b/lib/rpmsx.h index bd54739c4..e66196ce5 100644 --- a/lib/rpmsx.h +++ b/lib/rpmsx.h @@ -97,6 +97,7 @@ struct rpmsx_s { int nsxs; /*!< No. of file stems. */ int maxsxs; /*!< No. of allocated file stems. */ int reverse; /*!< Reverse traversal? */ +/*@refs@*/ int nrefs; /*!< Reference count. */ }; #endif /* defined(_RPMSX_INTERNAL) */ @@ -295,7 +296,7 @@ rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse) * @param fmode file mode * @return file security context */ -/*@null@*/ +/*@owned@*/ /*@null@*/ const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode) /*@modifies sx @*/; diff --git a/lib/rpmts.c b/lib/rpmts.c index 315728188..e29bc3342 100644 --- a/lib/rpmts.c +++ b/lib/rpmts.c @@ -54,6 +54,7 @@ extern int statvfs (const char * file, /*@out@*/ struct statvfs * buf) /*@access rpmps @*/ /*@access rpmDiskSpaceInfo @*/ +/*@access rpmsx @*/ /*@access rpmte @*/ /*@access rpmtsi @*/ /*@access fnpyKey @*/ diff --git a/lib/rpmts.h b/lib/rpmts.h index 229bc1ea5..e901f461e 100644 --- a/lib/rpmts.h +++ b/lib/rpmts.h @@ -592,8 +592,8 @@ int rpmtsSetChrootDone(rpmts ts, int chrootDone) * @return file security context patterns */ /*@null@*/ -rpmsx rpmtsREContext(rpmts ts) - /*@*/; +rpmsx rpmtsREContext(const rpmts ts) + /*@modifies ts @*/; /** \ingroup rpmts * Get file security context patterns. @@ -602,7 +602,7 @@ rpmsx rpmtsREContext(rpmts ts) * @return 0 on success */ int rpmtsSetREContext(rpmts ts, rpmsx sx) - /*@*/; + /*@modifies ts, sx @*/; /** \ingroup rpmts * Get transaction id, i.e. transaction time stamp. diff --git a/lib/verify.c b/lib/verify.c index 1890a1a34..4b087f7e7 100644 --- a/lib/verify.c +++ b/lib/verify.c @@ -119,6 +119,7 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi, /* * Verify file security context. */ +/*@-branchstate@*/ if (flags & RPMVERIFY_CONTEXTS) { security_context_t con; @@ -142,6 +143,7 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi, freecon(con); } } +/*@=branchstate@*/ if (flags & RPMVERIFY_MD5) { unsigned char md5sum[16]; @@ -281,7 +283,7 @@ static int rpmVerifyScript(/*@unused@*/ QVA_t qva, rpmts ts, */ static int verifyHeader(QVA_t qva, const rpmts ts, rpmfi fi) /*@globals h_errno, fileSystem, internalState @*/ - /*@modifies fi, fileSystem, internalState @*/ + /*@modifies ts, fi, fileSystem, internalState @*/ { char buf[BUFSIZ]; char * t, * te; |