Fix the indentation and formatting in signature related files.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 12 ++--
sign/rpmgensig.c | 3 ++-
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/lib/rpmsignfiles.c b/lib/rpmsignf
Check the range of the algo index parameter before using it for
accessing an array.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/lib/rpmsignfiles.c b/lib/rpmsignfiles.c
index b7d9ccc..97a5be4
-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/header.c | 2 +-
lib/header_internal.h | 5 +++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/lib/header.c b/lib/header.c
index 81f2038..ae292f9 100644
--- a/lib/header.c
+++ b/lib/header.c
@@ -99,7 +99,7 @@
Fix various memory leaks in file signature related functions.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 2 ++
rpmsign.c | 4 +++-
sign/rpmgensig.c | 24 +---
3 files changed, 22 insertions(+), 8 deletions(-)
diff
write into security.ima xattr. Check for a signature
consisting of only zeroes and do not write it into the filesystem.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 4
plugins/ima.c | 36 +++-
2 files chang
> @@ -104,7 +104,7 @@ static int base64_decode_value(unsigned char value_in)
> {
> static const int decoding[] =
>
From: Stefan Berger <stef...@us.ibm.com>
Check the range of the algo index parameter before using it for
accessing an array.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/lib/rpmsignf
This series of patches fixes several issues related to signed files
produced by rpmsign.
Stefan
Stefan Berger (5):
Fix indentation and formatting
Fix various memory leaks in file signature related functions.
Check range of algo index parameter before accessing array with it
Extend
From: Stefan Berger <stef...@us.ibm.com>
Fix the indentation and formatting in signature related files.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 12 ++--
sign/rpmgensig.c | 3 ++-
2 files changed, 8 insertions(+), 7 deletions(-)
From: Stefan Berger <stef...@us.ibm.com>
Extend the header size to 64MB in case an RPM has a lot of files
and the file signatures do not fit within the current limit of 16MB.
An example for an RPM with many files is kcbench-data-4.0. It contains
more than 52000 files. With each sig
From: Stefan Berger <stef...@us.ibm.com>
Fix various memory leaks in file signature related functions.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 2 ++
rpmsign.c | 4 +++-
sign/rpmgensig.c | 24 +---
3 files
From: Stefan Berger <stef...@us.ibm.com>
Do not try to convert a zero-length file digest to a binary representation.
Zero-length file digests may stem from directory entries and symbolic links.
Return an empty signature in this case.
Returning an empty signature results in the ima.so
From: Stefan Berger <stef...@us.ibm.com>
Do not try to convert a zero-length file digest to a binary representation.
Zero-length file digests may stem from directory entries and symbolic links.
Return an empty signature in this case.
Returning an empty signature results in the ima.so
From: Stefan Berger <stef...@us.ibm.com>
Extend the header size to 256MB in case an RPM has a lot of files
and the file signatures do not fit within the current limit of 16MB.
An example for an RPM with many files is kcbench-data-4.0. It contains
more than 52000 files. With each sig
ld call this function
with this
flag always set?
Stefan
>
> Lubos
>
> - Original Message -
> > From: "Florian Festi" <ffe...@redhat.com>
> > To: "Stefan Berger" <stef...@us.ibm.com>
> > Cc: rpm-maint@lists.rpm.org
&g
"Rpm-maint" wrote on 04/27/2016 05:45:56
AM:
>
> I get the following warning:
>
> ima.c:23:1: warning: ‘PACKED’ attribute directive ignored [-Wattributes]
> } __attribute__((PACKED));
>
> May be there is an simpler way to check for the header being zeros
"Rpm-maint" <rpm-maint-boun...@lists.rpm.org> wrote on 04/29/2016 01:42:06
PM:
>
> On Fri, 29 Apr 2016, Stefan Berger wrote:
>
> > From: Stefan Berger <stef...@us.ibm.com>
> >
> > Extend the header size to 256MB in case an RPM has a lot of fi
Use the default hash algorithm md5 on RPMs that do not contain the
RPMTAG_FILEDIGESTALGO. This may be the case if the default hash
algorithm used on files is md5 and thus no RPMTAG_FILEDIGESTALGO is
being written (see build/files.c:genCpioListAndHeader()).
Signed-off-by: Stefan Berger <s
are run since they may invoke executables that
were just installed; so we move the IMA plugin from the psm_post hook
to the fsm_file_prepare hook.
Regards,
Stefan
Stefan Berger (2):
ima-plugin: Have executable configuration files signed
ima-plugin: Move the IMA plugin
Since newly installed files may be invoked by post install scriptlets,
we need to have them signed before the scriptlets are executed.
Therefore, we now move the IMA plugin to the fsm_file_prepare hook.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
plugins/ima.
Some configuration files are executables and so they require the
signature in the extended attribute. If they are not executable,
they can be skipped.
Examples for configuration files that are also executables are
the grub files in /etc/grub.d.
Signed-off-by: Stefan Berger <s
We want to prevent that the IMA plugin applies signatures of the older
version of files. So we have to check whether we are in the install
(TR_ADDED) or remove (TR_REMOVED) cycle of a package. We only apply
signatures in the install cycle.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.
Stefan Berger <stef...@linux.vnet.ibm.com> wrote on 09/21/2016 02:04:08
PM:
> From: Stefan Berger <stef...@linux.vnet.ibm.com>
> To: rpm-maint@lists.rpm.org
> Cc: fionnuala.gun...@gmail.com, stef...@linux.vnet.ibm.com,
> zo...@linux.vnet.ibm.com, Stefan Berger/Watson
to extend that hook with the rpmte
parameter type
Regards,
Stefan
Stefan Berger (3):
ima-plugin: Have executable configuration files signed
ima-plugin: Only run the IMA plugin on package installation
plugins: Pass rpmte to scriptlet_pre and call IMA plugin in this hook
lib
Panu Matilainen <pmati...@laiskiainen.org> wrote on 09/23/2016 04:15:22
AM:
> From: Panu Matilainen <pmati...@laiskiainen.org>
> To: Stefan Berger <stef...@linux.vnet.ibm.com>, rpm-maint@lists.rpm.org
> Cc: Stefan Berger/Watson/IBM@IBMUS, fionnuala.gun...@gmail.com
Panu Matilainen <pmati...@laiskiainen.org> wrote on 09/23/2016 02:44:48
AM:
> From: Panu Matilainen <pmati...@laiskiainen.org>
> To: Stefan Berger <stef...@linux.vnet.ibm.com>, rpm-maint@lists.rpm.org
> Cc: Stefan Berger/Watson/IBM@IBMUS, fionnuala.gun...@gmail.com
Panu Matilainen <pmati...@laiskiainen.org> wrote on 09/23/2016 03:03:48
AM:
> From: Panu Matilainen <pmati...@laiskiainen.org>
> To: Stefan Berger <stef...@linux.vnet.ibm.com>, rpm-maint@lists.rpm.org
> Cc: Stefan Berger/Watson/IBM@IBMUS, fionnuala.gun...@gmail.com
Panu Matilainen wrote on 09/23/2016 07:50:15
AM:
> >>
> >> So... to achieve all this and actually behave correct in the face of
> >> skipped files - whether due to color, netshared path or other file
> >> policies - the IMA plugin should really just do what the
Panu Matilainen <pmati...@laiskiainen.org> wrote on 09/23/2016 03:30:54
PM:
> From: Panu Matilainen <pmati...@laiskiainen.org>
> To: Stefan Berger/Watson/IBM@IBMUS
> Cc: fionnuala.gun...@gmail.com, rpm-maint@lists.rpm.org, Stefan
> Berger <stef...@linux.vnet.ibm.com&g
Move the IMA plugin to the fsm_post hook. Check whether the given
return code indicates and error, and do nothing in case it does
show an error. There is nothing to clean up, so we can do that.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
plugins/ima.c | 6 +++---
1 file c
Some configuration files are executables and so they require the
signature in the extended attribute. If they are not executable,
they can be skipped.
Examples for configuration files that are also executables are
the grub files in /etc/grub.d.
Signed-off-by: Stefan Berger <s
Introduce fsm_pre and fsm_post hooks, which are invoked
before and after the package files are installed.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
---
lib/psm.c| 6 +-
lib/rpmplugin.h | 6 ++
lib/rpmplugins.c | 35 ++
@pmatilai Would it be possible to have these 4 patches applied to the latest
rpm built for Fedora 26 and later?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
A potential side-effect of having signatures applied to configuration files is
that the configuration files may be modified by the user or programs /
post-installation scripts and the signature on these files may become invalid
or be removed as part of the modification of the configuration
@pmatilai Is the problem limited to the fsmMkfile() function? I suppose this is
where the hard links are created. Would the solution be to do things in a
different order in that function ?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view
@patrickc25000 I will have to patch the rpm package you are using with these
patches and have you test it...
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Odd, the symlink test case works on my system...
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/342#issuecomment-339842010___
@stefanberger pushed 3 commits.
01a97c6 Create first hard link file and keep open, write it at end
f05ea9c remove redundant 'nocontent' parameter from expandRegular
c07b93d Remove redundant 'exclusive' parameter from expandRegular
--
You are receiving this because you are subscribed to this
Closed #342.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/342#event-1313091691___
Rpm-maint mailing list
Reopened #342.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/342#event-1313092365___
Rpm-maint mailing list
This series of patches attempts to address the errors we are seeing when
installing RPMs that contain hard links and an IMA policy that measures on
reading and writing of files. The problem has been explained in issue #333.
The solution is to open the first file that is created empty but now
@stefanberger pushed 1 commit.
b2fa119 split off function wfd_open() to open a file
--
You are receiving this because you are subscribed to this thread.
View it on GitHub:
@pmatilai Is there a reason that in case of hard links the file gets written
only after all the hard links have been created? It looks a bit complicated ...
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
The problem seems to be that only the last entry has the file content... so the
empty file that's created first cannot be written since the RPM entry currently
being processed doesn't have the data. Then a couple of hard links may get
created and only the last entry (hardlink) found there has
This PR https://github.com/rpm-software-management/rpm/pull/374 now addresses
the issue.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
I'll try to look at it this week. I suppose we can introduce a new command line
option and an option for the macros file? Any suggestion? Is there another
option that already works like this with a command line option and an option in
the macros file ?
--
You are receiving this because you
I just pushed an update but I haven't tested it, yet. Any comments on it?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@pmatilai So, tested it now. It works for me.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/374#issuecomment-363114593___
I am using the variable `_write_signatures_on_config_files`. Maybe it should be
`_write_ima_signatures_on_config_files`?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@n3npq With this patch we would basically allow everything to be signed for
which we have signatures since we previously only filtered out %config files
that were not executable. If a %ghost file has a signature stored in the rpm,
it would at least now have it written out as well. If %ghost
So from the documentation at
http://ftp.rpm.org/max-rpm/s1-rpm-inside-files-list-directives.html I take that
the file is neither packaged nor installed. Since it's not packaged, the RPM
also doesn't carry a signature and we cannot write a signature out. If someone
wants to write signatures out
The --replacefiles option seems to work on an equivalent of a regex matching
all files (`.*`). You are saying 'What rpm lacks is an ability to apply
--replacefiles to only some of the %config files in the packages being
installed in a single transaction'. What other choice do we have then than
Please see https://github.com/rpm-software-management/rpm/issues/364 for the
request.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@n3npq All I can say that I have a user who wants to have signatures written on
%config files. This is what is driving this patch.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Good point. Using .init now. :-)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/374#issuecomment-364449325___
Rpm-maint mailing
@pmatilai I updated the patch to use `%_ima_sign_config_files`.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@n3npq: Re 'Adding the ability to change the ima signature in the xattr after
installation, so that the modified, not the original %config template, would
(at least) change my opinion, similarly for %ghost. But that isn't what is
being proposed.': How would that work without including the
@n3npq: I am not sure how your suggestion of 'a per-file override of an
inherited per-transaction AND mask would provide the ability to disable
RPMFILE_CONFIG on a per-file basis' would translate into an implementation.
Would we want this to be IMA specific? Maybe a list of regular expressions
58 matches
Mail list logo