summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/cpio.c1
-rw-r--r--lib/cpio.h19
-rw-r--r--lib/fsm.c49
-rw-r--r--lib/fsm.h27
-rw-r--r--lib/poptI.c7
-rw-r--r--lib/poptQV.c8
-rw-r--r--lib/rpmcli.h3
-rw-r--r--lib/rpmfi.c2
-rw-r--r--lib/rpmfi.h2
-rw-r--r--lib/rpminstall.c14
-rw-r--r--lib/rpmlib.h2
-rw-r--r--lib/rpmsx.c6
-rw-r--r--lib/rpmsx.h3
-rw-r--r--lib/rpmts.c1
-rw-r--r--lib/rpmts.h6
-rw-r--r--lib/verify.c4
16 files changed, 119 insertions, 35 deletions
diff --git a/lib/cpio.c b/lib/cpio.c
index 24bb52e89..cbd76d986 100644
--- a/lib/cpio.c
+++ b/lib/cpio.c
@@ -228,6 +228,7 @@ const char *const cpioStrerror(int rc)
case CPIOERR_READLINK_FAILED: s = "readlink"; break;
case CPIOERR_READ_FAILED: s = "read"; break;
case CPIOERR_COPY_FAILED: s = "copy"; break;
+ case CPIOERR_LSETFCON_FAILED: s = "lsetfilecon"; break;
case CPIOERR_HDR_SIZE: s = _("Header size too big"); break;
case CPIOERR_UNKNOWN_FILETYPE: s = _("Unknown file type"); break;
diff --git a/lib/cpio.h b/lib/cpio.h
index 1dcaa2acf..b7362f138 100644
--- a/lib/cpio.h
+++ b/lib/cpio.h
@@ -41,15 +41,16 @@ enum cpioErrorReturns {
CPIOERR_READLINK_FAILED = (19 | CPIOERR_CHECK_ERRNO),
CPIOERR_READ_FAILED = (20 | CPIOERR_CHECK_ERRNO),
CPIOERR_COPY_FAILED = (21 | CPIOERR_CHECK_ERRNO),
- CPIOERR_HDR_SIZE = (22 ),
- CPIOERR_HDR_TRAILER = (23 ),
- CPIOERR_UNKNOWN_FILETYPE= (24 ),
- CPIOERR_MISSING_HARDLINK= (25 ),
- CPIOERR_MD5SUM_MISMATCH = (26 ),
- CPIOERR_INTERNAL = (27 ),
- CPIOERR_UNMAPPED_FILE = (28 ),
- CPIOERR_ENOENT = (29 ),
- CPIOERR_ENOTEMPTY = (30 )
+ CPIOERR_LSETFCON_FAILED = (22 | CPIOERR_CHECK_ERRNO),
+ CPIOERR_HDR_SIZE = (23 ),
+ CPIOERR_HDR_TRAILER = (24 ),
+ CPIOERR_UNKNOWN_FILETYPE= (25 ),
+ CPIOERR_MISSING_HARDLINK= (26 ),
+ CPIOERR_MD5SUM_MISMATCH = (27 ),
+ CPIOERR_INTERNAL = (28 ),
+ CPIOERR_UNMAPPED_FILE = (29 ),
+ CPIOERR_ENOENT = (30 ),
+ CPIOERR_ENOTEMPTY = (31 )
};
/** \ingroup payload
diff --git a/lib/fsm.c b/lib/fsm.c
index 5b9687824..34a4bb3b4 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -618,6 +618,32 @@ int fsmTeardown(FSM_t fsm)
return rc;
}
+static int fsmMapFContext(FSM_t fsm)
+ /*@modifies fsm @*/
+{
+ rpmts ts = fsmGetTs(fsm);
+ rpmfi fi = fsmGetFi(fsm);
+ struct stat * st = &fsm->sb;
+
+ /*
+ * Find file security context (if not disabled).
+ */
+ fsm->fcontext = NULL;
+ if (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) {
+ rpmsx sx = rpmtsREContext(ts);
+
+ if (sx != NULL) {
+ /* Get file security context from patterns. */
+ fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
+ sx = rpmsxFree(sx);
+ } else {
+ /* Get file security context from package. */
+ fsm->fcontext = rpmfiFContext(fi);
+ }
+ }
+ return 0;
+}
+
int fsmMapPath(FSM_t fsm)
{
rpmfi fi = fsmGetFi(fsm); /* XXX const except for fstates */
@@ -757,6 +783,9 @@ int fsmMapAttrs(FSM_t fsm)
{ rpmts ts = fsmGetTs(fsm);
+ /*
+ * Set file md5 (if not disabled).
+ */
if (ts != NULL && !(rpmtsFlags(ts) & RPMTRANS_FLAG_NOMD5)) {
fsm->fmd5sum = (fi->fmd5s ? fi->fmd5s[i] : NULL);
fsm->md5sum = (fi->md5s ? (fi->md5s + (16 * i)) : NULL);
@@ -1929,6 +1958,15 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
}
fsm->opath = _free(fsm->opath);
}
+ /*
+ * Set file security context (if not disabled).
+ */
+ if (!rc && !getuid()) {
+ rc = fsmMapFContext(fsm);
+ if (!rc)
+ rc = fsmNext(fsm, FSM_LSETFCON);
+ fsm->fcontext = NULL;
+ }
if (S_ISLNK(st->st_mode)) {
if (!rc && !getuid())
rc = fsmNext(fsm, FSM_LCHOWN);
@@ -2099,6 +2137,16 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
default: rc = CPIOERR_RMDIR_FAILED; /*@switchbreak@*/ break;
}
break;
+ case FSM_LSETFCON:
+ if (fsm->fcontext == NULL)
+ break;
+ rc = lsetfilecon(fsm->path, (security_context_t)fsm->fcontext);
+ if (_fsm_debug && (stage & FSM_SYSCALL))
+ rpmMessage(RPMMESS_DEBUG, " %8s (%s, %s) %s\n", cur,
+ fsm->path, fsm->fcontext,
+ (rc < 0 ? strerror(errno) : ""));
+ if (rc < 0) rc = CPIOERR_LSETFCON_FAILED;
+ break;
case FSM_CHOWN:
rc = chown(fsm->path, st->st_uid, st->st_gid);
if (_fsm_debug && (stage & FSM_SYSCALL))
@@ -2405,6 +2453,7 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
case FSM_RENAME: return "Rename";
case FSM_MKDIR: return "Mkdir";
case FSM_RMDIR: return "rmdir";
+ case FSM_LSETFCON: return "lsetfcon";
case FSM_CHOWN: return "chown";
case FSM_LCHOWN: return "lchown";
case FSM_CHMOD: return "chmod";
diff --git a/lib/fsm.h b/lib/fsm.h
index 6da9020df..c37c8d11c 100644
--- a/lib/fsm.h
+++ b/lib/fsm.h
@@ -54,18 +54,19 @@ typedef enum fileStage_e {
FSM_RENAME = _fs(34),
FSM_MKDIR = _fs(35),
FSM_RMDIR = _fs(36),
- FSM_CHOWN = _fs(37),
- FSM_LCHOWN = _fs(38),
- FSM_CHMOD = _fs(39),
- FSM_UTIME = _fs(40),
- FSM_SYMLINK = _fs(41),
- FSM_LINK = _fs(42),
- FSM_MKFIFO = _fs(43),
- FSM_MKNOD = _fs(44),
- FSM_LSTAT = _fs(45),
- FSM_STAT = _fs(46),
- FSM_READLINK= _fs(47),
- FSM_CHROOT = _fs(48),
+ FSM_LSETFCON= _fs(39),
+ FSM_CHOWN = _fs(40),
+ FSM_LCHOWN = _fs(41),
+ FSM_CHMOD = _fs(42),
+ FSM_UTIME = _fs(43),
+ FSM_SYMLINK = _fs(44),
+ FSM_LINK = _fs(45),
+ FSM_MKFIFO = _fs(46),
+ FSM_MKNOD = _fs(47),
+ FSM_LSTAT = _fs(48),
+ FSM_STAT = _fs(49),
+ FSM_READLINK= _fs(50),
+ FSM_CHROOT = _fs(51),
FSM_NEXT = _fd(65),
FSM_EAT = _fd(66),
@@ -188,6 +189,8 @@ struct fsm_s {
const char * fmd5sum; /*!< Hex MD5 sum (NULL disables). */
/*@shared@*/ /*@relnull@*/
const char * md5sum; /*!< Binary MD5 sum (NULL disables). */
+/*@dependent@*/ /*@observer@*/ /*@null@*/
+ const char * fcontext; /*!< File security context (NULL disables). */
unsigned fflags; /*!< File flags. */
fileAction action; /*!< File disposition. */
diff --git a/lib/poptI.c b/lib/poptI.c
index 114f103b8..1cfe99674 100644
--- a/lib/poptI.c
+++ b/lib/poptI.c
@@ -120,6 +120,10 @@ static void installArgCallback( /*@unused@*/ poptContext con,
ia->transFlags |= RPMTRANS_FLAG_NOMD5;
break;
+ case RPMCLI_POPT_NOCONTEXTS:
+ ia->transFlags |= RPMTRANS_FLAG_NOCONTEXTS;
+ break;
+
case RPMCLI_POPT_FORCE:
ia->probFilter |=
( RPMPROB_FILTER_REPLACEPKG
@@ -225,6 +229,9 @@ struct poptOption rpmInstallPoptTable[] = {
{ "nomd5", '\0', 0, NULL, RPMCLI_POPT_NOMD5,
N_("don't verify MD5 digest of files"), NULL },
+ { "nocontexts", '\0',0, NULL, RPMCLI_POPT_NOCONTEXTS,
+ N_("don't install file security contexts"), NULL},
+
{ "noorder", '\0', POPT_BIT_SET,
&rpmIArgs.installInterfaceFlags, INSTALL_NOORDER,
N_("do not reorder package installation to satisfy dependencies"),
diff --git a/lib/poptQV.c b/lib/poptQV.c
index dc2820dc5..52ecf5230 100644
--- a/lib/poptQV.c
+++ b/lib/poptQV.c
@@ -194,6 +194,10 @@ static void queryArgCallback(poptContext con,
qva->qva_flags |= VERIFY_MD5;
break;
+ case RPMCLI_POPT_NOCONTEXTS:
+ qva->qva_flags |= VERIFY_CONTEXTS;
+ break;
+
#ifdef NOTYET
case RPMCLI_POPT_FORCE:
ia->probFilter |=
@@ -299,8 +303,8 @@ struct poptOption rpmVerifyPoptTable[] = {
&rpmQVKArgs.qva_flags, VERIFY_RDEV,
N_("don't verify mode of files"), NULL },
- { "nocontexts", '\0', POPT_BIT_SET|POPT_ARGFLAG_DOC_HIDDEN, &rpmQVKArgs.qva_flags, VERIFY_CONTEXTS,
- N_("don't verify file contexts"), NULL},
+ { "nocontexts", '\0', POPT_ARGFLAG_DOC_HIDDEN, NULL, RPMCLI_POPT_NOCONTEXTS,
+ N_("don't verify file security contexts"), NULL },
{ "nofiles", '\0', POPT_BIT_SET, &rpmQVKArgs.qva_flags, VERIFY_FILES,
N_("don't verify files in package"), NULL},
#ifdef DYING
diff --git a/lib/rpmcli.h b/lib/rpmcli.h
index 36e5baf8c..1b32710fa 100644
--- a/lib/rpmcli.h
+++ b/lib/rpmcli.h
@@ -81,6 +81,7 @@ rpmcliFini(/*@only@*/ /*@null@*/ poptContext optCon)
#define RPMCLI_POPT_NOSIGNATURE -1029
#define RPMCLI_POPT_NODIGEST -1030
#define RPMCLI_POPT_NOHDRCHK -1031
+#define RPMCLI_POPT_NOCONTEXTS -1032
/* ==================================================================== */
/** \name RPMQV */
@@ -388,7 +389,7 @@ int rpmcliQuery(rpmts ts, QVA_t qva, /*@null@*/ const char ** argv)
int rpmVerifyFile(const rpmts ts, rpmfi fi,
/*@out@*/ rpmVerifyAttrs * res, rpmVerifyAttrs omitMask)
/*@globals h_errno, fileSystem, internalState @*/
- /*@modifies fi, *res, fileSystem, internalState @*/
+ /*@modifies ts, fi, *res, fileSystem, internalState @*/
/*@requires maxSet(res) >= 0 @*/;
/*@=incondefs@*/
diff --git a/lib/rpmfi.c b/lib/rpmfi.c
index 87745f131..2d4df32ee 100644
--- a/lib/rpmfi.c
+++ b/lib/rpmfi.c
@@ -1189,7 +1189,7 @@ static inline unsigned char nibble(char c)
(_fi)->_data = memcpy(xmalloc((_fi)->fc * sizeof(*(_fi)->_data)), \
(_fi)->_data, (_fi)->fc * sizeof(*(_fi)->_data))
-rpmfi rpmfiNew(rpmts ts, Header h, rpmTag tagN, int scareMem)
+rpmfi rpmfiNew(const rpmts ts, Header h, rpmTag tagN, int scareMem)
{
HGE_t hge =
(scareMem ? (HGE_t) headerGetEntryMinMemory : (HGE_t) headerGetEntry);
diff --git a/lib/rpmfi.h b/lib/rpmfi.h
index af0ad2362..2af691234 100644
--- a/lib/rpmfi.h
+++ b/lib/rpmfi.h
@@ -509,7 +509,7 @@ rpmfi rpmfiFree(/*@killref@*/ /*@only@*/ /*@null@*/ rpmfi fi)
* @return new file info set
*/
/*@null@*/
-rpmfi rpmfiNew(/*@null@*/ rpmts ts, Header h, rpmTag tagN, int scareMem)
+rpmfi rpmfiNew(/*@null@*/ const rpmts ts, Header h, rpmTag tagN, int scareMem)
/*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/
/*@modifies ts, h, rpmGlobalMacroContext, fileSystem @*/;
diff --git a/lib/rpminstall.c b/lib/rpminstall.c
index 7593ec4b6..6df8c5e41 100644
--- a/lib/rpminstall.c
+++ b/lib/rpminstall.c
@@ -307,7 +307,21 @@ int rpmInstall(rpmts ts,
if (rpmExpandNumeric("%{?_repackage_all_erasures}"))
ia->transFlags |= RPMTRANS_FLAG_REPACKAGE;
+ /* Initialize security context patterns (if not already done). */
+ if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
+ rpmsx sx = rpmtsREContext(ts);
+ if (sx == NULL) {
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0') {
+ sx = rpmsxNew(fn);
+ (void) rpmtsSetREContext(ts, sx);
+ }
+ fn = _free(fn);
+ }
+ sx = rpmsxFree(sx);
+ }
(void) rpmtsSetFlags(ts, ia->transFlags);
+
probFilter = ia->probFilter;
relocations = ia->relocations;
diff --git a/lib/rpmlib.h b/lib/rpmlib.h
index 9356a074a..81ab496ac 100644
--- a/lib/rpmlib.h
+++ b/lib/rpmlib.h
@@ -937,7 +937,7 @@ typedef enum rpmtransFlags_e {
/*@-enummemuse@*/
RPMTRANS_FLAG_KEEPOBSOLETE = (1 << 7), /*!< @todo Document. */
/*@=enummemuse@*/
- /* (1 << 8) unused. */
+ RPMTRANS_FLAG_NOCONTEXTS = (1 << 8), /*!< from --nocontexts */
RPMTRANS_FLAG_DIRSTASH = (1 << 9), /*!< from --dirstash */
RPMTRANS_FLAG_REPACKAGE = (1 << 10), /*!< from --repackage */
diff --git a/lib/rpmsx.c b/lib/rpmsx.c
index cf77a8c97..f01690ceb 100644
--- a/lib/rpmsx.c
+++ b/lib/rpmsx.c
@@ -619,7 +619,7 @@ rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse)
const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode)
{
- const char * context = NULL;
+ const char * fcontext = NULL;
const char * myfn = fn;
/*@-mods@*/
int fstem = rpmsxFind(sx, &myfn);
@@ -652,7 +652,7 @@ const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode)
continue;
/*@notreached@*/ /*@switchbreak@*/ break;
case 0:
- context = rpmsxContext(sx);
+ fcontext = rpmsxContext(sx);
/*@switchbreak@*/ break;
default:
{ static char errbuf[255 + 1];
@@ -666,5 +666,5 @@ const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode)
break;
}
- return context;
+ return fcontext;
}
diff --git a/lib/rpmsx.h b/lib/rpmsx.h
index bd54739c4..e66196ce5 100644
--- a/lib/rpmsx.h
+++ b/lib/rpmsx.h
@@ -97,6 +97,7 @@ struct rpmsx_s {
int nsxs; /*!< No. of file stems. */
int maxsxs; /*!< No. of allocated file stems. */
int reverse; /*!< Reverse traversal? */
+/*@refs@*/
int nrefs; /*!< Reference count. */
};
#endif /* defined(_RPMSX_INTERNAL) */
@@ -295,7 +296,7 @@ rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse)
* @param fmode file mode
* @return file security context
*/
-/*@null@*/
+/*@owned@*/ /*@null@*/
const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode)
/*@modifies sx @*/;
diff --git a/lib/rpmts.c b/lib/rpmts.c
index 315728188..e29bc3342 100644
--- a/lib/rpmts.c
+++ b/lib/rpmts.c
@@ -54,6 +54,7 @@ extern int statvfs (const char * file, /*@out@*/ struct statvfs * buf)
/*@access rpmps @*/
/*@access rpmDiskSpaceInfo @*/
+/*@access rpmsx @*/
/*@access rpmte @*/
/*@access rpmtsi @*/
/*@access fnpyKey @*/
diff --git a/lib/rpmts.h b/lib/rpmts.h
index 229bc1ea5..e901f461e 100644
--- a/lib/rpmts.h
+++ b/lib/rpmts.h
@@ -592,8 +592,8 @@ int rpmtsSetChrootDone(rpmts ts, int chrootDone)
* @return file security context patterns
*/
/*@null@*/
-rpmsx rpmtsREContext(rpmts ts)
- /*@*/;
+rpmsx rpmtsREContext(const rpmts ts)
+ /*@modifies ts @*/;
/** \ingroup rpmts
* Get file security context patterns.
@@ -602,7 +602,7 @@ rpmsx rpmtsREContext(rpmts ts)
* @return 0 on success
*/
int rpmtsSetREContext(rpmts ts, rpmsx sx)
- /*@*/;
+ /*@modifies ts, sx @*/;
/** \ingroup rpmts
* Get transaction id, i.e. transaction time stamp.
diff --git a/lib/verify.c b/lib/verify.c
index 1890a1a34..4b087f7e7 100644
--- a/lib/verify.c
+++ b/lib/verify.c
@@ -119,6 +119,7 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi,
/*
* Verify file security context.
*/
+/*@-branchstate@*/
if (flags & RPMVERIFY_CONTEXTS) {
security_context_t con;
@@ -142,6 +143,7 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi,
freecon(con);
}
}
+/*@=branchstate@*/
if (flags & RPMVERIFY_MD5) {
unsigned char md5sum[16];
@@ -281,7 +283,7 @@ static int rpmVerifyScript(/*@unused@*/ QVA_t qva, rpmts ts,
*/
static int verifyHeader(QVA_t qva, const rpmts ts, rpmfi fi)
/*@globals h_errno, fileSystem, internalState @*/
- /*@modifies fi, fileSystem, internalState @*/
+ /*@modifies ts, fi, fileSystem, internalState @*/
{
char buf[BUFSIZ];
char * t, * te;