/* Author: Mark Goldman <mgoldman@tresys.com>
|
* Paul Rosenfeld <prosenfeld@tresys.com>
|
* Todd C. Miller <tmiller@tresys.com>
|
*
|
* Copyright (C) 2007 Tresys Technology, LLC
|
*
|
* This library is free software; you can redistribute it and/or modify
|
* it under the terms of the GNU Lesser General Public License as
|
* published by the Free Software Foundation; either version 2.1 of the
|
* License, or (at your option) any later version.
|
*
|
* This library is distributed in the hope that it will be useful, but
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
* Lesser General Public License for more details.
|
*
|
* You should have received a copy of the GNU Lesser General Public
|
* License along with this library; if not, write to the Free Software
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
* 02110-1301 USA
|
*/
|
|
#include <semanage/handle.h>
|
#include <semanage/seusers_policy.h>
|
#include <semanage/users_policy.h>
|
#include <semanage/user_record.h>
|
#include <semanage/fcontext_record.h>
|
#include <semanage/fcontexts_policy.h>
|
#include <sepol/context.h>
|
#include <sepol/context_record.h>
|
#include "semanage_store.h"
|
#include "seuser_internal.h"
|
#include "debug.h"
|
|
#include "utilities.h"
|
#include "genhomedircon.h"
|
|
#include <assert.h>
|
#include <ctype.h>
|
#include <limits.h>
|
#include <stdio.h>
|
#include <stdlib.h>
|
#include <string.h>
|
#include <sys/types.h>
|
#include <sys/stat.h>
|
#include <fcntl.h>
|
#include <pwd.h>
|
#include <errno.h>
|
#include <unistd.h>
|
#include <regex.h>
|
#include <grp.h>
|
#include <search.h>
|
|
/* paths used in get_home_dirs() */
|
#define PATH_ETC_USERADD "/etc/default/useradd"
|
#define PATH_ETC_LIBUSER "/etc/libuser.conf"
|
#define PATH_DEFAULT_HOME "/home"
|
#define PATH_EXPORT_HOME "/export/home"
|
#define PATH_ETC_LOGIN_DEFS "/etc/login.defs"
|
|
/* other paths */
|
#define PATH_SHELLS_FILE "/etc/shells"
|
#define PATH_NOLOGIN_SHELL "/sbin/nologin"
|
|
/* comments written to context file */
|
#define COMMENT_FILE_CONTEXT_HEADER "#\n#\n# " \
|
"User-specific file contexts, generated via libsemanage\n" \
|
"# use semanage command to manage system users to change" \
|
" the file_context\n#\n#\n"
|
|
#define COMMENT_USER_HOME_CONTEXT "\n\n#\n# Home Context for user %s" \
|
"\n#\n\n"
|
|
/* placeholders used in the template file
|
which are searched for and replaced */
|
#define TEMPLATE_HOME_ROOT "HOME_ROOT"
|
#define TEMPLATE_HOME_DIR "HOME_DIR"
|
/* these are legacy */
|
#define TEMPLATE_USER "USER"
|
#define TEMPLATE_ROLE "ROLE"
|
/* new names */
|
#define TEMPLATE_USERNAME "%{USERNAME}"
|
#define TEMPLATE_USERID "%{USERID}"
|
|
#define FALLBACK_SENAME "user_u"
|
#define FALLBACK_PREFIX "user"
|
#define FALLBACK_LEVEL "s0"
|
#define FALLBACK_NAME "[^/]+"
|
#define FALLBACK_UIDGID "[0-9]+"
|
#define DEFAULT_LOGIN "__default__"
|
|
#define CONTEXT_NONE "<<none>>"
|
|
typedef struct user_entry {
|
char *name;
|
char *uid;
|
char *gid;
|
char *sename;
|
char *prefix;
|
char *home;
|
char *level;
|
char *login;
|
char *homedir_role;
|
struct user_entry *next;
|
} genhomedircon_user_entry_t;
|
|
typedef struct {
|
const char *fcfilepath;
|
int usepasswd;
|
const char *homedir_template_path;
|
genhomedircon_user_entry_t *fallback;
|
semanage_handle_t *h_semanage;
|
sepol_policydb_t *policydb;
|
} genhomedircon_settings_t;
|
|
typedef struct {
|
const char *search_for;
|
const char *replace_with;
|
} replacement_pair_t;
|
|
typedef struct {
|
const char *dir;
|
int matched;
|
} fc_match_handle_t;
|
|
typedef struct IgnoreDir {
|
struct IgnoreDir *next;
|
char *dir;
|
} ignoredir_t;
|
|
ignoredir_t *ignore_head = NULL;
|
|
static void ignore_free(void) {
|
ignoredir_t *next;
|
|
while (ignore_head) {
|
next = ignore_head->next;
|
free(ignore_head->dir);
|
free(ignore_head);
|
ignore_head = next;
|
}
|
}
|
|
static int ignore_setup(char *ignoredirs) {
|
char *tok;
|
ignoredir_t *ptr = NULL;
|
|
tok = strtok(ignoredirs, ";");
|
while(tok) {
|
ptr = calloc(sizeof(ignoredir_t),1);
|
if (!ptr)
|
goto err;
|
ptr->dir = strdup(tok);
|
if (!ptr->dir)
|
goto err;
|
|
ptr->next = ignore_head;
|
ignore_head = ptr;
|
|
tok = strtok(NULL, ";");
|
}
|
|
return 0;
|
err:
|
free(ptr);
|
ignore_free();
|
return -1;
|
}
|
|
static int ignore(const char *homedir) {
|
ignoredir_t *ptr = ignore_head;
|
while (ptr) {
|
if (strcmp(ptr->dir, homedir) == 0) {
|
return 1;
|
}
|
ptr = ptr->next;
|
}
|
return 0;
|
}
|
|
static int prefix_is_homedir_role(const semanage_user_t *user,
|
const char *prefix)
|
{
|
return strcmp(OBJECT_R, prefix) == 0 ||
|
semanage_user_has_role(user, prefix);
|
}
|
|
static semanage_list_t *default_shell_list(void)
|
{
|
semanage_list_t *list = NULL;
|
|
if (semanage_list_push(&list, "/bin/csh")
|
|| semanage_list_push(&list, "/bin/tcsh")
|
|| semanage_list_push(&list, "/bin/ksh")
|
|| semanage_list_push(&list, "/bin/bsh")
|
|| semanage_list_push(&list, "/bin/ash")
|
|| semanage_list_push(&list, "/usr/bin/ksh")
|
|| semanage_list_push(&list, "/usr/bin/pdksh")
|
|| semanage_list_push(&list, "/bin/zsh")
|
|| semanage_list_push(&list, "/bin/sh")
|
|| semanage_list_push(&list, "/bin/bash"))
|
goto fail;
|
|
return list;
|
|
fail:
|
semanage_list_destroy(&list);
|
return NULL;
|
}
|
|
static semanage_list_t *get_shell_list(void)
|
{
|
FILE *shells;
|
char *temp = NULL;
|
semanage_list_t *list = NULL;
|
size_t buff_len = 0;
|
ssize_t len;
|
|
shells = fopen(PATH_SHELLS_FILE, "r");
|
if (!shells)
|
return default_shell_list();
|
while ((len = getline(&temp, &buff_len, shells)) > 0) {
|
if (temp[len-1] == '\n') temp[len-1] = 0;
|
if (strcmp(temp, PATH_NOLOGIN_SHELL)) {
|
if (semanage_list_push(&list, temp)) {
|
free(temp);
|
semanage_list_destroy(&list);
|
return default_shell_list();
|
}
|
}
|
}
|
free(temp);
|
|
return list;
|
}
|
|
/* Helper function called via semanage_fcontext_iterate() */
|
static int fcontext_matches(const semanage_fcontext_t *fcontext, void *varg)
|
{
|
const char *oexpr = semanage_fcontext_get_expr(fcontext);
|
fc_match_handle_t *handp = varg;
|
char *expr = NULL;
|
regex_t re;
|
int type, retval = -1;
|
size_t len;
|
|
/* Only match ALL or DIR */
|
type = semanage_fcontext_get_type(fcontext);
|
if (type != SEMANAGE_FCONTEXT_ALL && type != SEMANAGE_FCONTEXT_DIR)
|
return 0;
|
|
len = strlen(oexpr);
|
/* Define a macro to strip a literal string from the end of oexpr */
|
#define rstrip_oexpr_len(cstr, cstrlen) \
|
do { \
|
if (len >= (cstrlen) && !strncmp(oexpr + len - (cstrlen), (cstr), (cstrlen))) \
|
len -= (cstrlen); \
|
} while (0)
|
#define rstrip_oexpr(cstr) rstrip_oexpr_len(cstr, sizeof(cstr) - 1)
|
|
rstrip_oexpr(".+");
|
rstrip_oexpr(".*");
|
rstrip_oexpr("(/.*)?");
|
rstrip_oexpr("/");
|
|
#undef rstrip_oexpr_len
|
#undef rstrip_oexpr
|
|
/* Anchor oexpr at the beginning and append pattern to eat up trailing slashes */
|
if (asprintf(&expr, "^%.*s/*$", (int)len, oexpr) < 0)
|
return -1;
|
|
/* Check dir against expr */
|
if (regcomp(&re, expr, REG_EXTENDED) != 0)
|
goto done;
|
if (regexec(&re, handp->dir, 0, NULL, 0) == 0)
|
handp->matched = 1;
|
regfree(&re);
|
|
retval = 0;
|
|
done:
|
free(expr);
|
|
return retval;
|
}
|
|
static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s)
|
{
|
semanage_list_t *homedir_list = NULL;
|
semanage_list_t *shells = NULL;
|
fc_match_handle_t hand;
|
char *path = NULL;
|
uid_t temp, minuid = 500, maxuid = 60000;
|
int minuid_set = 0;
|
struct passwd *pwbuf;
|
struct stat buf;
|
|
path = semanage_findval(PATH_ETC_USERADD, "HOME", "=");
|
if (path && *path) {
|
if (semanage_list_push(&homedir_list, path))
|
goto fail;
|
}
|
free(path);
|
|
path = semanage_findval(PATH_ETC_LIBUSER, "LU_HOMEDIRECTORY", "=");
|
if (path && *path) {
|
if (semanage_list_push(&homedir_list, path))
|
goto fail;
|
}
|
free(path);
|
path = NULL;
|
|
if (!homedir_list) {
|
if (semanage_list_push(&homedir_list, PATH_DEFAULT_HOME)) {
|
goto fail;
|
}
|
}
|
|
if (!stat(PATH_EXPORT_HOME, &buf)) {
|
if (S_ISDIR(buf.st_mode)) {
|
if (semanage_list_push(&homedir_list, PATH_EXPORT_HOME)) {
|
goto fail;
|
}
|
}
|
}
|
|
if (!(s->usepasswd))
|
return homedir_list;
|
|
shells = get_shell_list();
|
assert(shells);
|
|
path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL);
|
if (path && *path) {
|
temp = atoi(path);
|
minuid = temp;
|
minuid_set = 1;
|
}
|
free(path);
|
path = NULL;
|
|
path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MAX", NULL);
|
if (path && *path) {
|
temp = atoi(path);
|
maxuid = temp;
|
}
|
free(path);
|
path = NULL;
|
|
path = semanage_findval(PATH_ETC_LIBUSER, "LU_UIDNUMBER", "=");
|
if (path && *path) {
|
temp = atoi(path);
|
if (!minuid_set || temp < minuid) {
|
minuid = temp;
|
minuid_set = 1;
|
}
|
}
|
free(path);
|
path = NULL;
|
|
errno = 0;
|
setpwent();
|
while (1) {
|
errno = 0;
|
pwbuf = getpwent();
|
if (pwbuf == NULL)
|
break;
|
if (pwbuf->pw_uid < minuid || pwbuf->pw_uid > maxuid)
|
continue;
|
if (!semanage_list_find(shells, pwbuf->pw_shell))
|
continue;
|
int len = strlen(pwbuf->pw_dir) -1;
|
for(; len > 0 && pwbuf->pw_dir[len] == '/'; len--) {
|
pwbuf->pw_dir[len] = '\0';
|
}
|
if (strcmp(pwbuf->pw_dir, "/") == 0)
|
continue;
|
if (ignore(pwbuf->pw_dir))
|
continue;
|
if (semanage_str_count(pwbuf->pw_dir, '/') <= 1)
|
continue;
|
if (!(path = strdup(pwbuf->pw_dir))) {
|
break;
|
}
|
|
semanage_rtrim(path, '/');
|
|
if (!semanage_list_find(homedir_list, path)) {
|
/*
|
* Now check for an existing file context that matches
|
* so we don't label a non-homedir as a homedir.
|
*/
|
hand.dir = path;
|
hand.matched = 0;
|
if (semanage_fcontext_iterate(s->h_semanage,
|
fcontext_matches, &hand) == STATUS_ERR)
|
goto fail;
|
|
/* NOTE: old genhomedircon printed a warning on match */
|
if (hand.matched) {
|
WARN(s->h_semanage, "%s homedir %s or its parent directory conflicts with a file context already specified in the policy. This usually indicates an incorrectly defined system account. If it is a system account please make sure its uid is less than %u or greater than %u or its login shell is /sbin/nologin.", pwbuf->pw_name, pwbuf->pw_dir, minuid, maxuid);
|
} else {
|
if (semanage_list_push(&homedir_list, path))
|
goto fail;
|
}
|
}
|
free(path);
|
path = NULL;
|
}
|
|
if (errno) {
|
WARN(s->h_semanage, "Error while fetching users. "
|
"Returning list so far.");
|
}
|
|
if (semanage_list_sort(&homedir_list))
|
goto fail;
|
|
endpwent();
|
semanage_list_destroy(&shells);
|
|
return homedir_list;
|
|
fail:
|
endpwent();
|
free(path);
|
semanage_list_destroy(&homedir_list);
|
semanage_list_destroy(&shells);
|
return NULL;
|
}
|
|
/**
|
* @param out the FILE to put all the output in.
|
* @return 0 on success
|
*/
|
static int write_file_context_header(FILE * out)
|
{
|
if (fprintf(out, COMMENT_FILE_CONTEXT_HEADER) < 0) {
|
return STATUS_ERR;
|
}
|
|
return STATUS_SUCCESS;
|
}
|
|
/* Predicates for use with semanage_slurp_file_filter() the homedir_template
|
* file currently contains lines that serve as the template for a user's
|
* homedir.
|
*
|
* It also contains lines that are the template for the parent of a
|
* user's home directory.
|
*
|
* Currently, the only lines that apply to the the root of a user's home
|
* directory are all prefixed with the string "HOME_ROOT". All other
|
* lines apply to a user's home directory. If this changes the
|
* following predicates need to change to reflect that.
|
*/
|
static int HOME_ROOT_PRED(const char *string)
|
{
|
return semanage_is_prefix(string, TEMPLATE_HOME_ROOT);
|
}
|
|
static int HOME_DIR_PRED(const char *string)
|
{
|
return semanage_is_prefix(string, TEMPLATE_HOME_DIR);
|
}
|
|
/* new names */
|
static int USERNAME_CONTEXT_PRED(const char *string)
|
{
|
return (int)(
|
(strstr(string, TEMPLATE_USERNAME) != NULL) ||
|
(strstr(string, TEMPLATE_USERID) != NULL)
|
);
|
}
|
|
/* This will never match USER if USERNAME or USERID are found. */
|
static int USER_CONTEXT_PRED(const char *string)
|
{
|
if (USERNAME_CONTEXT_PRED(string))
|
return 0;
|
|
return (int)(strstr(string, TEMPLATE_USER) != NULL);
|
}
|
|
static int STR_COMPARATOR(const void *a, const void *b)
|
{
|
return strcmp((const char *) a, (const char *) b);
|
}
|
|
/* make_tempate
|
* @param s the settings holding the paths to various files
|
* @param pred function pointer to function to use as filter for slurp
|
* file filter
|
* @return a list of lines from the template file with inappropriate
|
* lines filtered out.
|
*/
|
static semanage_list_t *make_template(genhomedircon_settings_t * s,
|
int (*pred) (const char *))
|
{
|
FILE *template_file = NULL;
|
semanage_list_t *template_data = NULL;
|
|
template_file = fopen(s->homedir_template_path, "r");
|
if (!template_file)
|
return NULL;
|
template_data = semanage_slurp_file_filter(template_file, pred);
|
fclose(template_file);
|
|
return template_data;
|
}
|
|
static char *replace_all(const char *str, const replacement_pair_t * repl)
|
{
|
char *retval, *retval2;
|
int i;
|
|
if (!str || !repl)
|
return NULL;
|
|
retval = strdup(str);
|
for (i = 0; retval != NULL && repl[i].search_for; i++) {
|
retval2 = semanage_str_replace(repl[i].search_for,
|
repl[i].replace_with, retval, 0);
|
free(retval);
|
retval = retval2;
|
}
|
return retval;
|
}
|
|
static const char *extract_context(const char *line)
|
{
|
const char *p = line;
|
size_t off;
|
|
off = strlen(p);
|
p += off;
|
/* consider trailing whitespaces */
|
while (off > 0) {
|
p--;
|
off--;
|
if (!isspace(*p))
|
break;
|
}
|
if (off == 0)
|
return NULL;
|
|
/* find the last field in line */
|
while (off > 0 && !isspace(*(p - 1))) {
|
p--;
|
off--;
|
}
|
return p;
|
}
|
|
static int check_line(genhomedircon_settings_t * s, const char *line)
|
{
|
sepol_context_t *ctx_record = NULL;
|
const char *ctx_str;
|
int result;
|
|
ctx_str = extract_context(line);
|
if (!ctx_str)
|
return STATUS_ERR;
|
|
result = sepol_context_from_string(s->h_semanage->sepolh,
|
ctx_str, &ctx_record);
|
if (result == STATUS_SUCCESS && ctx_record != NULL) {
|
result = sepol_context_check(s->h_semanage->sepolh,
|
s->policydb, ctx_record);
|
sepol_context_free(ctx_record);
|
}
|
return result;
|
}
|
|
static int write_replacements(genhomedircon_settings_t * s, FILE * out,
|
const semanage_list_t * tpl,
|
const replacement_pair_t *repl)
|
{
|
char *line;
|
|
for (; tpl; tpl = tpl->next) {
|
line = replace_all(tpl->data, repl);
|
if (!line)
|
goto fail;
|
if (check_line(s, line) == STATUS_SUCCESS) {
|
if (fprintf(out, "%s\n", line) < 0)
|
goto fail;
|
}
|
free(line);
|
}
|
return STATUS_SUCCESS;
|
|
fail:
|
free(line);
|
return STATUS_ERR;
|
}
|
|
static int write_contexts(genhomedircon_settings_t *s, FILE *out,
|
semanage_list_t *tpl, const replacement_pair_t *repl,
|
const genhomedircon_user_entry_t *user)
|
{
|
char *line, *temp;
|
sepol_context_t *context;
|
char *new_context_str;
|
|
for (; tpl; tpl = tpl->next) {
|
context = NULL;
|
new_context_str = NULL;
|
line = replace_all(tpl->data, repl);
|
if (!line) {
|
goto fail;
|
}
|
|
const char *old_context_str = extract_context(line);
|
if (!old_context_str) {
|
goto fail;
|
}
|
|
if (strcmp(old_context_str, CONTEXT_NONE) == 0) {
|
if (check_line(s, line) == STATUS_SUCCESS &&
|
fprintf(out, "%s\n", line) < 0) {
|
goto fail;
|
}
|
free(line);
|
continue;
|
}
|
|
sepol_handle_t *sepolh = s->h_semanage->sepolh;
|
|
if (sepol_context_from_string(sepolh, old_context_str,
|
&context) < 0) {
|
goto fail;
|
}
|
|
if (sepol_context_set_user(sepolh, context, user->sename) < 0) {
|
goto fail;
|
}
|
|
if (sepol_policydb_mls_enabled(s->policydb) &&
|
sepol_context_set_mls(sepolh, context, user->level) < 0) {
|
goto fail;
|
}
|
|
if (user->homedir_role &&
|
sepol_context_set_role(sepolh, context, user->homedir_role) < 0) {
|
goto fail;
|
}
|
|
if (sepol_context_to_string(sepolh, context,
|
&new_context_str) < 0) {
|
goto fail;
|
}
|
|
temp = semanage_str_replace(old_context_str, new_context_str,
|
line, 1);
|
if (!temp) {
|
goto fail;
|
}
|
free(line);
|
line = temp;
|
|
if (check_line(s, line) == STATUS_SUCCESS) {
|
if (fprintf(out, "%s\n", line) < 0)
|
goto fail;
|
}
|
|
free(line);
|
sepol_context_free(context);
|
free(new_context_str);
|
}
|
|
return STATUS_SUCCESS;
|
fail:
|
free(line);
|
sepol_context_free(context);
|
free(new_context_str);
|
return STATUS_ERR;
|
}
|
|
static int write_home_dir_context(genhomedircon_settings_t * s, FILE * out,
|
semanage_list_t * tpl, const genhomedircon_user_entry_t *user)
|
{
|
replacement_pair_t repl[] = {
|
{.search_for = TEMPLATE_HOME_DIR,.replace_with = user->home},
|
{.search_for = TEMPLATE_ROLE,.replace_with = user->prefix},
|
{NULL, NULL}
|
};
|
|
if (strcmp(user->name, FALLBACK_NAME) == 0) {
|
if (fprintf(out, COMMENT_USER_HOME_CONTEXT, FALLBACK_SENAME) < 0)
|
return STATUS_ERR;
|
} else {
|
if (fprintf(out, COMMENT_USER_HOME_CONTEXT, user->name) < 0)
|
return STATUS_ERR;
|
}
|
|
return write_contexts(s, out, tpl, repl, user);
|
}
|
|
static int write_home_root_context(genhomedircon_settings_t * s, FILE * out,
|
semanage_list_t * tpl, char *homedir)
|
{
|
replacement_pair_t repl[] = {
|
{.search_for = TEMPLATE_HOME_ROOT,.replace_with = homedir},
|
{NULL, NULL}
|
};
|
|
return write_replacements(s, out, tpl, repl);
|
}
|
|
static int write_username_context(genhomedircon_settings_t * s, FILE * out,
|
semanage_list_t * tpl,
|
const genhomedircon_user_entry_t *user)
|
{
|
replacement_pair_t repl[] = {
|
{.search_for = TEMPLATE_USERNAME,.replace_with = user->name},
|
{.search_for = TEMPLATE_USERID,.replace_with = user->uid},
|
{.search_for = TEMPLATE_ROLE,.replace_with = user->prefix},
|
{NULL, NULL}
|
};
|
|
return write_contexts(s, out, tpl, repl, user);
|
}
|
|
static int write_user_context(genhomedircon_settings_t * s, FILE * out,
|
semanage_list_t * tpl, const genhomedircon_user_entry_t *user)
|
{
|
replacement_pair_t repl[] = {
|
{.search_for = TEMPLATE_USER,.replace_with = user->name},
|
{.search_for = TEMPLATE_ROLE,.replace_with = user->prefix},
|
{NULL, NULL}
|
};
|
|
return write_contexts(s, out, tpl, repl, user);
|
}
|
|
static int seuser_sort_func(const void *arg1, const void *arg2)
|
{
|
const semanage_seuser_t **u1 = (const semanage_seuser_t **) arg1;
|
const semanage_seuser_t **u2 = (const semanage_seuser_t **) arg2;;
|
const char *name1 = semanage_seuser_get_name(*u1);
|
const char *name2 = semanage_seuser_get_name(*u2);
|
|
if (name1[0] == '%' && name2[0] == '%') {
|
return 0;
|
} else if (name1[0] == '%') {
|
return 1;
|
} else if (name2[0] == '%') {
|
return -1;
|
}
|
|
return strcmp(name1, name2);
|
}
|
|
static int user_sort_func(semanage_user_t ** arg1, semanage_user_t ** arg2)
|
{
|
return strcmp(semanage_user_get_name(*arg1),
|
semanage_user_get_name(*arg2));
|
}
|
|
static int name_user_cmp(char *key, semanage_user_t ** val)
|
{
|
return strcmp(key, semanage_user_get_name(*val));
|
}
|
|
static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n,
|
const char *u, const char *g, const char *sen,
|
const char *pre, const char *h, const char *l,
|
const char *ln, const char *hd_role)
|
{
|
genhomedircon_user_entry_t *temp = NULL;
|
char *name = NULL;
|
char *uid = NULL;
|
char *gid = NULL;
|
char *sename = NULL;
|
char *prefix = NULL;
|
char *home = NULL;
|
char *level = NULL;
|
char *lname = NULL;
|
char *homedir_role = NULL;
|
|
temp = malloc(sizeof(genhomedircon_user_entry_t));
|
if (!temp)
|
goto cleanup;
|
name = strdup(n);
|
if (!name)
|
goto cleanup;
|
uid = strdup(u);
|
if (!uid)
|
goto cleanup;
|
gid = strdup(g);
|
if (!gid)
|
goto cleanup;
|
sename = strdup(sen);
|
if (!sename)
|
goto cleanup;
|
prefix = strdup(pre);
|
if (!prefix)
|
goto cleanup;
|
home = strdup(h);
|
if (!home)
|
goto cleanup;
|
level = strdup(l);
|
if (!level)
|
goto cleanup;
|
lname = strdup(ln);
|
if (!lname)
|
goto cleanup;
|
if (hd_role) {
|
homedir_role = strdup(hd_role);
|
if (!homedir_role)
|
goto cleanup;
|
}
|
|
temp->name = name;
|
temp->uid = uid;
|
temp->gid = gid;
|
temp->sename = sename;
|
temp->prefix = prefix;
|
temp->home = home;
|
temp->level = level;
|
temp->login = lname;
|
temp->homedir_role = homedir_role;
|
temp->next = (*list);
|
(*list) = temp;
|
|
return STATUS_SUCCESS;
|
|
cleanup:
|
free(name);
|
free(uid);
|
free(gid);
|
free(sename);
|
free(prefix);
|
free(home);
|
free(level);
|
free(lname);
|
free(homedir_role);
|
free(temp);
|
return STATUS_ERR;
|
}
|
|
static void pop_user_entry(genhomedircon_user_entry_t ** list)
|
{
|
genhomedircon_user_entry_t *temp;
|
|
if (!list || !(*list))
|
return;
|
|
temp = *list;
|
*list = temp->next;
|
free(temp->name);
|
free(temp->uid);
|
free(temp->gid);
|
free(temp->sename);
|
free(temp->prefix);
|
free(temp->home);
|
free(temp->level);
|
free(temp->login);
|
free(temp->homedir_role);
|
free(temp);
|
}
|
|
static int setup_fallback_user(genhomedircon_settings_t * s)
|
{
|
semanage_seuser_t **seuser_list = NULL;
|
unsigned int nseusers = 0;
|
semanage_user_key_t *key = NULL;
|
semanage_user_t *u = NULL;
|
const char *name = NULL;
|
const char *seuname = NULL;
|
const char *prefix = NULL;
|
const char *level = NULL;
|
const char *homedir_role = NULL;
|
unsigned int i;
|
int retval;
|
int errors = 0;
|
|
retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers);
|
if (retval < 0 || (nseusers < 1)) {
|
/* if there are no users, this function can't do any other work */
|
return errors;
|
}
|
|
for (i = 0; i < nseusers; i++) {
|
name = semanage_seuser_get_name(seuser_list[i]);
|
if (strcmp(name, DEFAULT_LOGIN) == 0) {
|
seuname = semanage_seuser_get_sename(seuser_list[i]);
|
|
/* find the user structure given the name */
|
if (semanage_user_key_create(s->h_semanage, seuname,
|
&key) < 0) {
|
errors = STATUS_ERR;
|
break;
|
}
|
if (semanage_user_query(s->h_semanage, key, &u) < 0)
|
{
|
prefix = name;
|
level = FALLBACK_LEVEL;
|
}
|
else
|
{
|
prefix = semanage_user_get_prefix(u);
|
level = semanage_user_get_mlslevel(u);
|
if (!level)
|
level = FALLBACK_LEVEL;
|
}
|
|
if (prefix_is_homedir_role(u, prefix)) {
|
homedir_role = prefix;
|
}
|
|
if (push_user_entry(&(s->fallback), FALLBACK_NAME,
|
FALLBACK_UIDGID, FALLBACK_UIDGID,
|
seuname, prefix, "", level,
|
FALLBACK_NAME, homedir_role) != 0)
|
errors = STATUS_ERR;
|
semanage_user_key_free(key);
|
if (u)
|
semanage_user_free(u);
|
break;
|
}
|
}
|
|
for (i = 0; i < nseusers; i++)
|
semanage_seuser_free(seuser_list[i]);
|
free(seuser_list);
|
|
return errors;
|
}
|
|
static genhomedircon_user_entry_t *find_user(genhomedircon_user_entry_t *head,
|
const char *name)
|
{
|
for(; head; head = head->next) {
|
if (strcmp(head->name, name) == 0) {
|
return head;
|
}
|
}
|
|
return NULL;
|
}
|
|
static int add_user(genhomedircon_settings_t * s,
|
genhomedircon_user_entry_t **head,
|
semanage_user_t *user,
|
const char *name,
|
const char *sename,
|
const char *selogin)
|
{
|
if (selogin[0] == '%') {
|
genhomedircon_user_entry_t *orig = find_user(*head, name);
|
if (orig != NULL && orig->login[0] == '%') {
|
ERR(s->h_semanage, "User %s is already mapped to"
|
" group %s, but also belongs to group %s. Add an"
|
" explicit mapping for this user to"
|
" override group mappings.",
|
name, orig->login + 1, selogin + 1);
|
return STATUS_ERR;
|
} else if (orig != NULL) {
|
// user mappings take precedence
|
return STATUS_SUCCESS;
|
}
|
}
|
|
int retval = STATUS_ERR;
|
|
char *rbuf = NULL;
|
long rbuflen;
|
struct passwd pwstorage, *pwent = NULL;
|
const char *prefix = NULL;
|
const char *level = NULL;
|
const char *homedir_role = NULL;
|
char uid[11];
|
char gid[11];
|
|
errno = 0;
|
/* Allocate space for the getpwnam_r buffer */
|
rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
|
if (rbuflen == -1 && errno == 0)
|
/* sysconf returning -1 with no errno means indeterminate size */
|
rbuflen = 1024;
|
else if (rbuflen <= 0)
|
goto cleanup;
|
rbuf = malloc(rbuflen);
|
if (rbuf == NULL)
|
goto cleanup;
|
|
if (user) {
|
prefix = semanage_user_get_prefix(user);
|
level = semanage_user_get_mlslevel(user);
|
|
if (!level) {
|
level = FALLBACK_LEVEL;
|
}
|
} else {
|
prefix = name;
|
level = FALLBACK_LEVEL;
|
}
|
|
if (prefix_is_homedir_role(user, prefix)) {
|
homedir_role = prefix;
|
}
|
|
retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent);
|
if (retval != 0 || pwent == NULL) {
|
if (retval != 0 && retval != ENOENT) {
|
goto cleanup;
|
}
|
|
WARN(s->h_semanage,
|
"user %s not in password file", name);
|
retval = STATUS_SUCCESS;
|
goto cleanup;
|
}
|
|
int len = strlen(pwent->pw_dir) -1;
|
for(; len > 0 && pwent->pw_dir[len] == '/'; len--) {
|
pwent->pw_dir[len] = '\0';
|
}
|
|
if (strcmp(pwent->pw_dir, "/") == 0) {
|
/* don't relabel / genhomdircon checked to see if root
|
* was the user and if so, set his home directory to
|
* /root */
|
retval = STATUS_SUCCESS;
|
goto cleanup;
|
}
|
|
if (ignore(pwent->pw_dir)) {
|
retval = STATUS_SUCCESS;
|
goto cleanup;
|
}
|
|
len = snprintf(uid, sizeof(uid), "%u", pwent->pw_uid);
|
if (len < 0 || len >= (int)sizeof(uid)) {
|
goto cleanup;
|
}
|
|
len = snprintf(gid, sizeof(gid), "%u", pwent->pw_gid);
|
if (len < 0 || len >= (int)sizeof(gid)) {
|
goto cleanup;
|
}
|
|
retval = push_user_entry(head, name, uid, gid, sename, prefix,
|
pwent->pw_dir, level, selogin, homedir_role);
|
cleanup:
|
free(rbuf);
|
return retval;
|
}
|
|
static int get_group_users(genhomedircon_settings_t * s,
|
genhomedircon_user_entry_t **head,
|
semanage_user_t *user,
|
const char *sename,
|
const char *selogin)
|
{
|
int retval = STATUS_ERR;
|
unsigned int i;
|
|
long grbuflen;
|
char *grbuf = NULL;
|
struct group grstorage, *group = NULL;
|
struct passwd *pw = NULL;
|
|
errno = 0;
|
grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
|
if (grbuflen == -1 && errno == 0)
|
/* sysconf returning -1 with no errno means indeterminate size */
|
grbuflen = 1024;
|
else if (grbuflen <= 0)
|
goto cleanup;
|
grbuf = malloc(grbuflen);
|
if (grbuf == NULL)
|
goto cleanup;
|
|
const char *grname = selogin + 1;
|
|
errno = 0;
|
while (
|
(retval = getgrnam_r(grname, &grstorage, grbuf, (size_t) grbuflen, &group)) != 0 &&
|
errno == ERANGE
|
) {
|
char *new_grbuf;
|
grbuflen *= 2;
|
if (grbuflen < 0)
|
/* the member list could exceed 2Gb on a system with a 32-bit CPU (where
|
* sizeof(long) = 4) - if this ever happened, the loop would become infinite. */
|
goto cleanup;
|
new_grbuf = realloc(grbuf, grbuflen);
|
if (new_grbuf == NULL)
|
goto cleanup;
|
grbuf = new_grbuf;
|
}
|
if (retval != 0)
|
goto cleanup;
|
|
if (group == NULL) {
|
ERR(s->h_semanage, "Can't find group named %s\n", grname);
|
goto cleanup;
|
}
|
|
size_t nmembers = 0;
|
char **members = group->gr_mem;
|
|
while (*members != NULL) {
|
nmembers++;
|
members++;
|
}
|
|
for (i = 0; i < nmembers; i++) {
|
const char *uname = group->gr_mem[i];
|
|
if (add_user(s, head, user, uname, sename, selogin) < 0) {
|
goto cleanup;
|
}
|
}
|
|
setpwent();
|
while (1) {
|
errno = 0;
|
pw = getpwent();
|
if (pw == NULL)
|
break;
|
// skip users who also have this group as their
|
// primary group
|
if (lfind(pw->pw_name, group->gr_mem, &nmembers,
|
sizeof(char *), &STR_COMPARATOR)) {
|
continue;
|
}
|
|
if (group->gr_gid == pw->pw_gid) {
|
if (add_user(s, head, user, pw->pw_name,
|
sename, selogin) < 0) {
|
goto cleanup;
|
}
|
}
|
}
|
|
retval = STATUS_SUCCESS;
|
cleanup:
|
endpwent();
|
free(grbuf);
|
|
return retval;
|
}
|
|
static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
|
int *errors)
|
{
|
genhomedircon_user_entry_t *head = NULL;
|
semanage_seuser_t **seuser_list = NULL;
|
unsigned int nseusers = 0;
|
semanage_user_t **user_list = NULL;
|
unsigned int nusers = 0;
|
semanage_user_t **u = NULL;
|
const char *name = NULL;
|
const char *seuname = NULL;
|
unsigned int i;
|
int retval;
|
|
*errors = 0;
|
retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers);
|
if (retval < 0 || (nseusers < 1)) {
|
/* if there are no users, this function can't do any other work */
|
return NULL;
|
}
|
|
if (semanage_user_list(s->h_semanage, &user_list, &nusers) < 0) {
|
nusers = 0;
|
}
|
|
qsort(seuser_list, nseusers, sizeof(semanage_seuser_t *),
|
&seuser_sort_func);
|
qsort(user_list, nusers, sizeof(semanage_user_t *),
|
(int (*)(const void *, const void *))&user_sort_func);
|
|
for (i = 0; i < nseusers; i++) {
|
seuname = semanage_seuser_get_sename(seuser_list[i]);
|
name = semanage_seuser_get_name(seuser_list[i]);
|
|
if (strcmp(name, DEFAULT_LOGIN) == 0)
|
continue;
|
|
/* find the user structure given the name */
|
u = bsearch(seuname, user_list, nusers, sizeof(semanage_user_t *),
|
(int (*)(const void *, const void *))
|
&name_user_cmp);
|
|
/* %groupname syntax */
|
if (name[0] == '%') {
|
retval = get_group_users(s, &head, *u, seuname,
|
name);
|
} else {
|
retval = add_user(s, &head, *u, name,
|
seuname, name);
|
}
|
|
if (retval != 0) {
|
*errors = STATUS_ERR;
|
goto cleanup;
|
}
|
}
|
|
cleanup:
|
if (*errors) {
|
for (; head; pop_user_entry(&head)) {
|
/* the pop function takes care of all the cleanup
|
so the loop body is just empty */
|
}
|
}
|
for (i = 0; i < nseusers; i++) {
|
semanage_seuser_free(seuser_list[i]);
|
}
|
free(seuser_list);
|
|
for (i = 0; i < nusers; i++) {
|
semanage_user_free(user_list[i]);
|
}
|
free(user_list);
|
|
return head;
|
}
|
|
static int write_gen_home_dir_context(genhomedircon_settings_t * s, FILE * out,
|
semanage_list_t * username_context_tpl,
|
semanage_list_t * user_context_tpl,
|
semanage_list_t * homedir_context_tpl)
|
{
|
genhomedircon_user_entry_t *users;
|
int errors = 0;
|
|
users = get_users(s, &errors);
|
if (!users && errors) {
|
return STATUS_ERR;
|
}
|
|
for (; users; pop_user_entry(&users)) {
|
if (write_home_dir_context(s, out, homedir_context_tpl, users))
|
goto err;
|
if (write_username_context(s, out, username_context_tpl, users))
|
goto err;
|
if (write_user_context(s, out, user_context_tpl, users))
|
goto err;
|
}
|
|
return STATUS_SUCCESS;
|
err:
|
for (; users; pop_user_entry(&users)) {
|
/* the pop function takes care of all the cleanup
|
* so the loop body is just empty */
|
}
|
|
return STATUS_ERR;
|
}
|
|
/**
|
* @param s settings structure, stores various paths etc. Must never be NULL
|
* @param out the FILE to put all the output in.
|
* @return 0 on success
|
*/
|
static int write_context_file(genhomedircon_settings_t * s, FILE * out)
|
{
|
semanage_list_t *homedirs = NULL;
|
semanage_list_t *h = NULL;
|
semanage_list_t *homedir_context_tpl = NULL;
|
semanage_list_t *homeroot_context_tpl = NULL;
|
semanage_list_t *username_context_tpl = NULL;
|
semanage_list_t *user_context_tpl = NULL;
|
int retval = STATUS_SUCCESS;
|
|
homedir_context_tpl = make_template(s, &HOME_DIR_PRED);
|
homeroot_context_tpl = make_template(s, &HOME_ROOT_PRED);
|
username_context_tpl = make_template(s, &USERNAME_CONTEXT_PRED);
|
user_context_tpl = make_template(s, &USER_CONTEXT_PRED);
|
|
if (!homedir_context_tpl
|
&& !homeroot_context_tpl
|
&& !username_context_tpl
|
&& !user_context_tpl)
|
goto done;
|
|
if (write_file_context_header(out) != STATUS_SUCCESS) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
if (setup_fallback_user(s) != 0) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
if (homedir_context_tpl || homeroot_context_tpl) {
|
homedirs = get_home_dirs(s);
|
if (!homedirs) {
|
WARN(s->h_semanage,
|
"no home directories were available, exiting without writing");
|
goto done;
|
}
|
|
for (h = homedirs; h; h = h->next) {
|
char *temp = NULL;
|
|
if (asprintf(&temp, "%s/%s", h->data, FALLBACK_NAME) < 0) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
free(s->fallback->home);
|
s->fallback->home = temp;
|
|
if (write_home_dir_context(s, out, homedir_context_tpl,
|
s->fallback) != STATUS_SUCCESS) {
|
free(temp);
|
s->fallback->home = NULL;
|
retval = STATUS_ERR;
|
goto done;
|
}
|
if (write_home_root_context(s, out,
|
homeroot_context_tpl,
|
h->data) != STATUS_SUCCESS) {
|
free(temp);
|
s->fallback->home = NULL;
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
free(temp);
|
s->fallback->home = NULL;
|
}
|
}
|
if (user_context_tpl || username_context_tpl) {
|
if (write_username_context(s, out, username_context_tpl,
|
s->fallback) != STATUS_SUCCESS) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
if (write_user_context(s, out, user_context_tpl,
|
s->fallback) != STATUS_SUCCESS) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
if (write_gen_home_dir_context(s, out, username_context_tpl,
|
user_context_tpl, homedir_context_tpl)
|
!= STATUS_SUCCESS) {
|
retval = STATUS_ERR;
|
}
|
}
|
|
done:
|
/* Cleanup */
|
semanage_list_destroy(&homedirs);
|
semanage_list_destroy(&username_context_tpl);
|
semanage_list_destroy(&user_context_tpl);
|
semanage_list_destroy(&homedir_context_tpl);
|
semanage_list_destroy(&homeroot_context_tpl);
|
|
return retval;
|
}
|
|
int semanage_genhomedircon(semanage_handle_t * sh,
|
sepol_policydb_t * policydb,
|
int usepasswd,
|
char *ignoredirs)
|
{
|
genhomedircon_settings_t s;
|
FILE *out = NULL;
|
int retval = 0;
|
|
assert(sh);
|
|
s.homedir_template_path =
|
semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL);
|
s.fcfilepath =
|
semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_HOMEDIRS);
|
|
s.fallback = calloc(1, sizeof(genhomedircon_user_entry_t));
|
if (s.fallback == NULL) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
s.fallback->name = strdup(FALLBACK_NAME);
|
s.fallback->sename = strdup(FALLBACK_SENAME);
|
s.fallback->prefix = strdup(FALLBACK_PREFIX);
|
s.fallback->level = strdup(FALLBACK_LEVEL);
|
if (s.fallback->name == NULL
|
|| s.fallback->sename == NULL
|
|| s.fallback->prefix == NULL
|
|| s.fallback->level == NULL) {
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
if (ignoredirs) ignore_setup(ignoredirs);
|
|
s.usepasswd = usepasswd;
|
s.h_semanage = sh;
|
s.policydb = policydb;
|
|
if (!(out = fopen(s.fcfilepath, "w"))) {
|
/* couldn't open output file */
|
ERR(sh, "Could not open the file_context file for writing");
|
retval = STATUS_ERR;
|
goto done;
|
}
|
|
retval = write_context_file(&s, out);
|
|
done:
|
if (out != NULL)
|
fclose(out);
|
|
while (s.fallback)
|
pop_user_entry(&(s.fallback));
|
|
ignore_free();
|
|
return retval;
|
}
|
