Package: dpkg
Version: 1.15.7.2
Severity: normal
The mode parameter to the matchpathcon() is used for the format type (IE file,
dir, etc) NOT for the permission bits. So the mask in the
set_selinux_path_context() function discards all the bits that we want. While
the man page matchpathcon(3) isn't exactly clear it is consistent with the
section of stat(2) relating to st_mode. I would appreciate suggestions for
how to improve matchpathcon(3) as it seems apparent that it needs to be
improved.
For files in /usr/sbin it seems that both code paths that call
set_selinux_path_context() are being executed, it would be good if we could
only call set_selinux_path_context() once as it's not the fastest function...
Please consider my tar_file_type_to_mode() function to be an illustration of
an algorithm in the form of working code. I don't think it will be acceptable
to be included as-is, but it should allow someone else to write something
better with minimal effort.
To reproduce this bug run a system with SE Linux enabled, install the package
policycoreutils, and then run the command "restorecon -R -v /usr/sbin", if
things work correctly then all objects contained in the package will have the
correct context and restorecon will not display any output. But the way
things work currently is that "restorecon -R -v /usr/sbin" gives the following
output:
restorecon reset /usr/sbin/load_policy context
system_u:object_r:load_policy_exec_t:s0->system_u:object_r:bin_t:s0
diff -ru dpkg-1.15.7.2-old//src/archives.c dpkg-1.15.7.2/src/archives.c
--- dpkg-1.15.7.2-old//src/archives.c 2010-05-19 15:55:01.000000000 +1000
+++ dpkg-1.15.7.2/src/archives.c 2010-07-03 16:44:32.154839759 +1000
@@ -276,7 +276,7 @@
/* Do nothing if we can't figure out what the context is, or if it has
* no context; in which case the default context shall be applied. */
- ret = matchpathcon(matchpath, mode & ~S_IFMT, &scontext);
+ ret = matchpathcon(matchpath, mode & S_IFMT, &scontext);
if (ret == -1 || (ret == 0 && scontext == NULL))
return;
@@ -388,6 +388,31 @@
return true;
}
+#ifdef WITH_SELINUX
+int tar_file_type_to_mode(enum TarFileType tft)
+{
+ switch(tft) {
+ case SymbolicLink:
+ return S_IFLNK;
+ case Directory:
+ return S_IFDIR;
+ case NormalFile0: case NormalFile1:
+ return 0;
+ case CharacterDevice:
+ return S_IFCHR;
+ case BlockDevice:
+ return S_IFBLK;
+ case FIFO:
+ return S_IFIFO;
+ case HardLink:
+ return -1;
+ default:
+ ohshit(_("archive contained object of unknown type 0x%x"),tft);
+ }
+
+}
+#endif
+
int tarobject(struct TarInfo *ti) {
static struct varbuf conffderefn, hardlinkfn, symlinkfn;
static int fd;
@@ -726,9 +751,11 @@
internerr("unknown tar type '%d', but already checked", ti->Type);
}
- set_selinux_path_context(fnamevb.buf, fnamenewvb.buf,
- nifd->namenode->statoverride ?
- nifd->namenode->statoverride->mode : ti->Mode);
+ /* if it's a hard link then the first link should have been lavelled to
+ there is nothing to do. */
+ if(ti->Type != HardLink)
+ set_selinux_path_context(fnamevb.buf, fnamenewvb.buf
+ , tar_file_type_to_mode(ti->Type));
/* CLEANUP: Now we have extracted the new object in .dpkg-new (or,
* if the file already exists as a directory and we were trying to extract
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dpkg depends on:
ii coreutils 8.5-1 GNU core utilities
ii libbz2-1.0 1.0.5-4 high-quality block-sorting file co
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libselinux1 2.0.94-1 SELinux runtime shared libraries
ii xz-utils 4.999.9beta+20100527-1 XZ-format compression utilities
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
dpkg recommends no packages.
Versions of packages dpkg suggests:
ii apt 0.7.25.3 Advanced front-end for dpkg
-- no debconf information
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
