[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH V3] NEW API: add a new api restorecon



Dan & Dan,

Any comments on the design of this restorecon interface?  As
implemented here, it is merely a simple encoding of the restorecon
command line tool and arguments.

My main worry is that it'll use the wrong policy file, or perhaps no
policy file, or if SELinux isn't enabled properly it'll end up
destroying labels instead of setting them.

Also I've no idea if it's legit to run restorecon on a filesystem from
one guest, using the restorecon command from another system (the host
in this case).

Rich.

On Wed, Oct 24, 2012 at 10:00:53PM +0800, Wanlong Gao wrote:
> Add a new api restorecon to restore file(s) default
> SELinux security contexts.
> 
> Signed-off-by: Wanlong Gao <gaowanlong cn fujitsu com>
> ---
>  daemon/selinux.c     | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>  generator/actions.ml | 26 ++++++++++++++++++++++++++
>  gobject/Makefile.inc |  6 ++++--
>  po/POTFILES          |  1 +
>  src/MAX_PROC_NR      |  2 +-
>  5 files changed, 84 insertions(+), 3 deletions(-)
> 
> diff --git a/daemon/selinux.c b/daemon/selinux.c
> index 40590e1..f5e8cb2 100644
> --- a/daemon/selinux.c
> +++ b/daemon/selinux.c
> @@ -31,6 +31,10 @@
>  #include "actions.h"
>  #include "optgroups.h"
>  
> +#define MAX_ARGS 128
> +
> +GUESTFSD_EXT_CMD(str_restorecon, restorecon);
> +
>  #if defined(HAVE_LIBSELINUX)
>  
>  int
> @@ -106,3 +110,51 @@ do_getcon (void)
>  }
>  
>  #endif /* !HAVE_LIBSELINUX */
> +
> +int
> +do_restorecon (const char *pathname,
> +               const char *labelprefix,
> +               int recursion,
> +               int force)
> +{
> +  int r;
> +  size_t i = 0;
> +  char *buf;
> +  char *err;
> +  const char *argv[MAX_ARGS];
> +
> +  buf = sysroot_path (pathname);
> +  if (!buf) {
> +    reply_with_error ("malloc");
> +    return -1;
> +  }
> +
> +  ADD_ARG (argv, i, str_restorecon);
> +
> +  if (optargs_bitmask & GUESTFS_RESTORECON_LABELPREFIX_BITMASK) {
> +    ADD_ARG (argv, i, "-L");
> +    ADD_ARG (argv, i, labelprefix);
> +  }
> +
> +  if (optargs_bitmask & GUESTFS_RESTORECON_RECURSION_BITMASK)
> +    if (recursion)
> +      ADD_ARG (argv, i, "-R");
> +
> +  if (optargs_bitmask & GUESTFS_RESTORECON_FORCE_BITMASK)
> +    if (force)
> +      ADD_ARG (argv, i, "-F");
> +
> +  ADD_ARG (argv, i, buf);
> +  ADD_ARG (argv, i, NULL);
> +
> +  r = commandv (NULL, &err, argv);
> +  free (buf);
> +  if (r == -1) {
> +    reply_with_error ("%s: %s", pathname, err);
> +    free (err);
> +    return -1;
> +  }
> +
> +  free (err);
> +  return 0;
> +}
> diff --git a/generator/actions.ml b/generator/actions.ml
> index 71aee37..786c229 100644
> --- a/generator/actions.ml
> +++ b/generator/actions.ml
> @@ -10241,6 +10241,32 @@ If the optional C<suffix> parameter is given, then the suffix
>  
>  See also: C<guestfs_mkdtemp>." };
>  
> +  { defaults with
> +    name = "restorecon";
> +    style = RErr, [Pathname "pathname"], [OString "labelprefix"; OBool "recursion"; OBool "force"];
> +    proc_nr = Some 374;
> +    optional = Some "selinux";
> +    tests = [
> +      InitScratchFS, IfAvailable "selinux", TestRun (
> +        [["mkdir"; "/a"];
> +         ["mkdir"; "/a/b"];
> +         ["touch"; "/a/b/c"];
> +         ["mkdir"; "/a/d"];
> +         ["touch"; "/a/d/e"];
> +         ["restorecon"; "/a"; "NOARG"; "true"; "true"]])
> +    ];
> +    shortdesc = "restore file(s) default SELinux security contexts";
> +    longdesc = "\
> +This program is primarily used to reset the security context (type)
> +(extended attributes) on one or more files.
> +
> +It can be run at any time to correct errors, to add support for new policy.
> +
> +If a file object does not have a context, restorecon will write the default
> +context to the file object's extended attributes. If a file object has a
> +context, C<restorecon> will only modify the type portion of the security
> +context.  The C<force> option will force a replacement of the entire context."};
> +
>  ]
>  
>  (* Non-API meta-commands available only in guestfish.
> diff --git a/gobject/Makefile.inc b/gobject/Makefile.inc
> index 95a4b6b..7451d8e 100644
> --- a/gobject/Makefile.inc
> +++ b/gobject/Makefile.inc
> @@ -82,7 +82,8 @@ guestfs_gobject_headers= \
>    include/guestfs-gobject/optargs-hivex_open.h \
>    include/guestfs-gobject/optargs-xfs_repair.h \
>    include/guestfs-gobject/optargs-mke2fs.h \
> -  include/guestfs-gobject/optargs-mktemp.h
> +  include/guestfs-gobject/optargs-mktemp.h \
> +  include/guestfs-gobject/optargs-restorecon.h
>  
>  guestfs_gobject_sources= \
>    src/session.c \
> @@ -146,4 +147,5 @@ guestfs_gobject_sources= \
>    src/optargs-hivex_open.c \
>    src/optargs-xfs_repair.c \
>    src/optargs-mke2fs.c \
> -  src/optargs-mktemp.c
> +  src/optargs-mktemp.c \
> +  src/optargs-restorecon.c
> diff --git a/po/POTFILES b/po/POTFILES
> index a73377d..8d6656b 100644
> --- a/po/POTFILES
> +++ b/po/POTFILES
> @@ -167,6 +167,7 @@ gobject/src/optargs-mount_local.c
>  gobject/src/optargs-ntfsclone_out.c
>  gobject/src/optargs-ntfsfix.c
>  gobject/src/optargs-ntfsresize.c
> +gobject/src/optargs-restorecon.c
>  gobject/src/optargs-rsync.c
>  gobject/src/optargs-rsync_in.c
>  gobject/src/optargs-rsync_out.c
> diff --git a/src/MAX_PROC_NR b/src/MAX_PROC_NR
> index a5c3fde..38a45c3 100644
> --- a/src/MAX_PROC_NR
> +++ b/src/MAX_PROC_NR
> @@ -1 +1 @@
> -373
> +374
> -- 
> 1.8.0


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]