int security_compute_create_name(const char * scon, const char * tcon, security_class_t tclass, const char *objname, char ** newcon) { int ret; char * rscon; char * rtcon; char * rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; if (selinux_trans_to_raw_context(tcon, &rtcon)) { freecon(rscon); return -1; } ret = security_compute_create_name_raw(rscon, rtcon, tclass, objname, &rnewcon); freecon(rscon); freecon(rtcon); if (!ret) { ret = selinux_raw_to_trans_context(rnewcon, newcon); freecon(rnewcon); } return ret; }
int security_compute_member(const char * scon, const char * tcon, security_class_t tclass, char ** newcon) { int ret; char * rscon; char * rtcon; char * rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; if (selinux_trans_to_raw_context(tcon, &rtcon)) { freecon(rscon); return -1; } ret = security_compute_member_raw(rscon, rtcon, tclass, &rnewcon); freecon(rscon); freecon(rtcon); if (!ret) { if (selinux_raw_to_trans_context(rnewcon, newcon)) { *newcon = NULL; ret = -1; } freecon(rnewcon); } return ret; }
/* Send audit message */ static int send_audit_message(pam_handle_t *pamh, int success, security_context_t default_context, security_context_t selected_context) { int rc=0; #ifdef HAVE_LIBAUDIT char *msg = NULL; int audit_fd = audit_open(); security_context_t default_raw=NULL; security_context_t selected_raw=NULL; rc = -1; if (audit_fd < 0) { if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT) return 0; /* No audit support in kernel */ pam_syslog(pamh, LOG_ERR, "Error connecting to audit system."); return rc; } if (selinux_trans_to_raw_context(default_context, &default_raw) < 0) { pam_syslog(pamh, LOG_ERR, "Error translating default context."); default_raw = NULL; } if (selinux_trans_to_raw_context(selected_context, &selected_raw) < 0) { pam_syslog(pamh, LOG_ERR, "Error translating selected context."); selected_raw = NULL; } if (asprintf(&msg, "pam: default-context=%s selected-context=%s", default_raw ? default_raw : (default_context ? default_context : "?"), selected_raw ? selected_raw : (selected_context ? selected_context : "?")) < 0) { pam_syslog(pamh, LOG_ERR, "Error allocating memory."); goto out; } if (audit_log_user_message(audit_fd, AUDIT_USER_ROLE_CHANGE, msg, NULL, NULL, NULL, success) <= 0) { pam_syslog(pamh, LOG_ERR, "Error sending audit message."); goto out; } rc = 0; out: free(msg); freecon(default_raw); freecon(selected_raw); close(audit_fd); #else pam_syslog(pamh, LOG_NOTICE, "pam: default-context=%s selected-context=%s success %d", default_context, selected_context, success); #endif return rc; }
/* translates SELinux context from human to raw format and * appends it to the mount extra options. * * returns -1 on error and 0 on success */ static int append_context(const char *optname, char *optdata, char **extra_opts) { security_context_t raw = NULL; char *data = NULL; if (is_selinux_enabled() != 1) /* ignore the option if we running without selinux */ return 0; if (optdata == NULL || *optdata == '\0' || optname == NULL) return -1; /* TODO: use strip_quotes() for all mount options? */ data = *optdata == '"' ? strip_quotes(optdata) : optdata; if (selinux_trans_to_raw_context( (security_context_t) data, &raw) == -1 || raw == NULL) return -1; if (verbose) printf(_("%s: translated %s '%s' to '%s'\n"), progname, optname, data, (char *) raw); *extra_opts = append_opt(*extra_opts, optname, NULL); *extra_opts = xstrconcat4(*extra_opts, "\"", (char *) raw, "\""); freecon(raw); return 0; }
Datum sepgsql_mcstrans_in(PG_FUNCTION_ARGS) { text *label = PG_GETARG_TEXT_P(0); char *raw_label; char *result; if (!sepgsql_is_enabled()) ereport(ERROR, (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE), errmsg("sepgsql is not enabled"))); if (selinux_trans_to_raw_context(text_to_cstring(label), &raw_label) < 0) ereport(ERROR, (errcode(ERRCODE_INTERNAL_ERROR), errmsg("SELinux: could not translate security label: %m"))); PG_TRY(); { result = pstrdup(raw_label); } PG_CATCH(); { freecon(raw_label); PG_RE_THROW(); } PG_END_TRY(); freecon(raw_label); PG_RETURN_TEXT_P(cstring_to_text(result)); }
int setfilecon(const char *path, const security_context_t context) { int ret; security_context_t rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; ret = setfilecon_raw(path, rcontext); freecon(rcontext); return ret; }
int security_check_context(const security_context_t con) { int ret; security_context_t rcon; if (selinux_trans_to_raw_context(con, &rcon)) return -1; ret = security_check_context_raw(rcon); freecon(rcon); return ret; }
int security_compute_av_flags(const char * scon, const char * tcon, security_class_t tclass, access_vector_t requested, struct av_decision *avd) { char * rscon; char * rtcon; int ret; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; if (selinux_trans_to_raw_context(tcon, &rtcon)) { freecon(rscon); return -1; } ret = security_compute_av_flags_raw(rscon, rtcon, tclass, requested, avd); freecon(rscon); freecon(rtcon); return ret; }
int security_canonicalize_context(const char * con, char ** canoncon) { int ret; char * rcon; char * rcanoncon; if (selinux_trans_to_raw_context(con, &rcon)) return -1; ret = security_canonicalize_context_raw(rcon, &rcanoncon); freecon(rcon); if (!ret) { ret = selinux_raw_to_trans_context(rcanoncon, canoncon); freecon(rcanoncon); } return ret; }
static security_context_t get_scon(void) { static char dummy_NIL[1] = ""; security_context_t con = NULL; int ret = -1; int raw = TRUE; switch (opts->from_type) { case OPTS_FROM_ARG: if (!(con = strdup(opts->f.arg))) err(EXIT_FAILURE, " Couldn't allocate security context"); raw = !opts->disp_raw; /* always do conversion */ break; case OPTS_FROM_STDIN: { char buf[4096] = ""; char *ptr = buf; while (!*ptr) { if (!(ptr = fgets(buf, sizeof(buf), stdin))) err(EXIT_FAILURE, " Couldn't read security context"); ptr += strspn(ptr, " \n\t"); ptr[strcspn(ptr, " \n\t")] = 0; } if (!(con = strdup(ptr))) err(EXIT_FAILURE, " Couldn't allocate security context"); raw = !opts->disp_raw; /* always do conversion */ break; } case OPTS_FROM_CUR: ret = getcon_raw(&con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get current security context"); break; case OPTS_FROM_CUREXE: ret = getexeccon_raw(&con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get current exec security context"); if (!con) con = strdup(dummy_NIL); break; case OPTS_FROM_CURFS: ret = getfscreatecon_raw(&con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get current fs security context"); if (!con) con = strdup(dummy_NIL); break; case OPTS_FROM_CURKEY: ret = getkeycreatecon_raw(&con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get current key security context"); if (!con) con = strdup(dummy_NIL); break; case OPTS_FROM_PROC: ret = getpidcon_raw(opts->f.pid, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for pid %lu", (unsigned long)opts->f.pid); break; case OPTS_FROM_PROCEXE: ret = my_getpidexeccon_raw(opts->f.pid, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for pid %lu", (unsigned long)opts->f.pid); if (!con) con = strdup(dummy_NIL); break; case OPTS_FROM_PROCFS: ret = my_getpidfscreatecon_raw(opts->f.pid, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for pid %lu", (unsigned long)opts->f.pid); if (!con) con = strdup(dummy_NIL); /* disabled -- override with normal context ... { opts->from_type = OPTS_FROM_PROC; return (get_scon()); } */ break; case OPTS_FROM_PROCKEY: ret = my_getpidkeycreatecon_raw(opts->f.pid, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for pid %lu", (unsigned long)opts->f.pid); if (!con) con = strdup(dummy_NIL); break; case OPTS_FROM_FILE: ret = getfilecon_raw(opts->f.file, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for file %s", opts->f.file); break; case OPTS_FROM_LINK: ret = lgetfilecon_raw(opts->f.link, &con); if (ret == -1) err(EXIT_FAILURE, " Couldn't get security context for symlink %s", opts->f.link); break; default: assert(FALSE); } if (opts->disp_raw != raw) { security_context_t ncon = NULL; if (opts->disp_raw) selinux_trans_to_raw_context(con, &ncon); else selinux_raw_to_trans_context(con, &ncon); freecon(con); con = ncon; } return (con); }
/* * do_set_domain * It tries to replace the domain/range of the current context. */ static int do_set_domain(security_context_t old_context, char *domain, server_rec *s) { security_context_t new_context; security_context_t raw_context; context_t context; char *range; /* * Compute the new security context */ context = context_new(old_context); if (!context) { ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "SELinux: context_new(\"%s\") failed", old_context); return -1; } range = strchr(domain, ':'); if (range) *range++ = '\0'; if (domain && strcmp(domain, "*") != 0) context_type_set(context, domain); if (range && strcmp(range, "*") != 0) context_range_set(context, range); if (range) *--range = ':'; /* fixup */ new_context = context_str(context); if (!new_context) { ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "SELinux: context_str(\"%s:%s:%s:%s\") failed", context_user_get(context), context_role_get(context), context_type_get(context), context_range_get(context)); context_free(context); return -1; } /* * If old_context == new_context, we don't need to do anything */ if (selinux_trans_to_raw_context(new_context, &raw_context) < 0) { ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "SELinux: selinux_trans_to_raw_context(\"%s\") failed", new_context); context_free(context); return -1; } context_free(context); if (!strcmp(old_context, raw_context)) { freecon(raw_context); return 1; } if (setcon_raw(raw_context) < 0) { ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "SELinux: setcon_raw(\"%s\") failed", raw_context); freecon(raw_context); return -1; } freecon(raw_context); return 0; }