[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH V3] NEW API: add a new api restorecon



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/25/2012 09:47 PM, Wanlong Gao wrote:
> On 10/25/2012 02:14 AM, Daniel J Walsh wrote: On 10/24/2012 11:42 AM,
> Richard W.M. Jones wrote:
>>>> Dan & Dan,
>>>> 
>>>> Any comments on the design of this restorecon interface?  As
>>>> implemented here, it is merely a simple encoding of the restorecon
>>>> command line tool and arguments.
>>>> 
>>>> My main worry is that it'll use the wrong policy file, or perhaps no
>>>> policy file, or if SELinux isn't enabled properly it'll end up
>>>> destroying labels instead of setting them.
>>>> 
>>>> Also I've no idea if it's legit to run restorecon on a filesystem
>>>> from one guest, using the restorecon command from another system (the
>>>> host in this case).
>>>> 
>>>> Rich.
>>>> 
> The restorecon inside the guest will attempt to read 
> /etc/selinux/context/POLICYTYPE/files/file_context  If it exists.
> 
>> So, Rich, we have some problems here?
> 
>> Thanks, Wanlong Gao
> 
> 
> - From restorecons point of view does this file exists?  And is it in the
> container.
> 
> Also restorecon will only work if it thinks SELinux is enabled and the
> kernel undestands the labels.  If from the restorecon point of view SELinux
> is not enabled or /proc/fs/selinux points to the hosts /proc/fs/selinux
> then there is a chance that the host will reject labels in the guest.
> 
> If you want to fix labels in a guest where the process thinks SELinux is 
> disabled, then setfiles would be a better tool.
> 
> 
>>>> On Wed, Oct 24, 2012 at 10:00:53PM +0800, Wanlong Gao wrote:
>>>>> Add a new api restorecon to restore file(s) default SELinux
>>>>> security contexts.
>>>>> 
>>>>> Signed-off-by: Wanlong Gao <gaowanlong cn fujitsu com> --- 
>>>>> daemon/selinux.c     | 52 
>>>>> ++++++++++++++++++++++++++++++++++++++++++++++++++++
>>>>> generator/actions.ml | 26 ++++++++++++++++++++++++++
>>>>> gobject/Makefile.inc |  6 ++++-- po/POTFILES          |  1 +
>>>>> src/MAX_PROC_NR      |  2 +- 5 files changed, 84 insertions(+), 3
>>>>> deletions(-)
>>>>> 
>>>>> diff --git a/daemon/selinux.c b/daemon/selinux.c index
>>>>> 40590e1..f5e8cb2 100644 --- a/daemon/selinux.c +++
>>>>> b/daemon/selinux.c @@ -31,6 +31,10 @@ #include "actions.h" #include
>>>>> "optgroups.h"
>>>>> 
>>>>> +#define MAX_ARGS 128 + +GUESTFSD_EXT_CMD(str_restorecon,
>>>>> restorecon); + #if defined(HAVE_LIBSELINUX)
>>>>> 
>>>>> int @@ -106,3 +110,51 @@ do_getcon (void) }
>>>>> 
>>>>> #endif /* !HAVE_LIBSELINUX */ + +int +do_restorecon (const char 
>>>>> *pathname, +               const char *labelprefix, +
>>>>> int recursion, +               int force) +{ +  int r; +  size_t i
>>>>> = 0; + char *buf; +  char *err; +  const char *argv[MAX_ARGS]; + +
>>>>> buf = sysroot_path (pathname); +  if (!buf) { +
>>>>> reply_with_error ("malloc"); +    return -1; +  } + +  ADD_ARG
>>>>> (argv, i, str_restorecon); + +  if (optargs_bitmask &
>>>>> GUESTFS_RESTORECON_LABELPREFIX_BITMASK) { + ADD_ARG (argv, i,
>>>>> "-L"); +    ADD_ARG (argv, i, labelprefix); +  } + + if
>>>>> (optargs_bitmask & GUESTFS_RESTORECON_RECURSION_BITMASK) +    if 
>>>>> (recursion) +      ADD_ARG (argv, i, "-R"); + +  if
>>>>> (optargs_bitmask & GUESTFS_RESTORECON_FORCE_BITMASK) +    if
>>>>> (force) +      ADD_ARG (argv, i, "-F"); + +  ADD_ARG (argv, i,
>>>>> buf); +  ADD_ARG (argv, i, NULL); + +  r = commandv (NULL, &err,
>>>>> argv); +  free (buf); +  if (r == -1) { + reply_with_error ("%s:
>>>>> %s", pathname, err); +    free (err); +    return -1; +  } + +
>>>>> free (err); +  return 0; +} diff --git a/generator/actions.ml
>>>>> b/generator/actions.ml index 71aee37..786c229 100644 ---
>>>>> a/generator/actions.ml +++ b/generator/actions.ml @@ -10241,6 
>>>>> +10241,32 @@ If the optional C<suffix> parameter is given, then
>>>>> the suffix
>>>>> 
>>>>> See also: C<guestfs_mkdtemp>." };
>>>>> 
>>>>> +  { defaults with +    name = "restorecon"; +    style = RErr,
>>>>> [Pathname "pathname"], [OString "labelprefix"; OBool "recursion";
>>>>> OBool "force"]; + proc_nr = Some 374; +    optional = Some
>>>>> "selinux"; +    tests = [ + InitScratchFS, IfAvailable "selinux",
>>>>> TestRun ( +        [["mkdir"; "/a"]; +         ["mkdir"; "/a/b"]; +
>>>>> ["touch"; "/a/b/c"]; + ["mkdir"; "/a/d"]; +         ["touch";
>>>>> "/a/d/e"]; + ["restorecon"; "/a"; "NOARG"; "true"; "true"]]) +
>>>>> ]; +    shortdesc = "restore file(s) default SELinux security
>>>>> contexts"; +    longdesc = "\ +This program is primarily used to
>>>>> reset the security context (type) +(extended attributes) on one or
>>>>> more files. + +It can be run at any time to correct errors, to add
>>>>> support for new policy. + +If a file object does not have a
>>>>> context, restorecon will write the default +context to the file
>>>>> object's extended attributes. If a file object has a +context, 
>>>>> C<restorecon> will only modify the type portion of the security
>>>>> +context. The C<force> option will force a replacement of the
>>>>> entire context."}; + ]
>>>>> 
>>>>> (* Non-API meta-commands available only in guestfish. diff --git 
>>>>> a/gobject/Makefile.inc b/gobject/Makefile.inc index
>>>>> 95a4b6b..7451d8e 100644 --- a/gobject/Makefile.inc +++
>>>>> b/gobject/Makefile.inc @@ -82,7 +82,8 @@ guestfs_gobject_headers= \
>>>>>  include/guestfs-gobject/optargs-hivex_open.h \ 
>>>>> include/guestfs-gobject/optargs-xfs_repair.h \ 
>>>>> include/guestfs-gobject/optargs-mke2fs.h \ - 
>>>>> include/guestfs-gobject/optargs-mktemp.h + 
>>>>> include/guestfs-gobject/optargs-mktemp.h \ + 
>>>>> include/guestfs-gobject/optargs-restorecon.h
>>>>> 
>>>>> guestfs_gobject_sources= \ src/session.c \ @@ -146,4 +147,5 @@ 
>>>>> guestfs_gobject_sources= \ src/optargs-hivex_open.c \ 
>>>>> src/optargs-xfs_repair.c \ src/optargs-mke2fs.c \ - 
>>>>> src/optargs-mktemp.c +  src/optargs-mktemp.c \ + 
>>>>> src/optargs-restorecon.c diff --git a/po/POTFILES b/po/POTFILES
>>>>> index a73377d..8d6656b 100644 --- a/po/POTFILES +++ b/po/POTFILES
>>>>> @@ -167,6 +167,7 @@ gobject/src/optargs-mount_local.c 
>>>>> gobject/src/optargs-ntfsclone_out.c gobject/src/optargs-ntfsfix.c 
>>>>> gobject/src/optargs-ntfsresize.c +gobject/src/optargs-restorecon.c
>>>>>  gobject/src/optargs-rsync.c gobject/src/optargs-rsync_in.c 
>>>>> gobject/src/optargs-rsync_out.c diff --git a/src/MAX_PROC_NR 
>>>>> b/src/MAX_PROC_NR index a5c3fde..38a45c3 100644 ---
>>>>> a/src/MAX_PROC_NR +++ b/src/MAX_PROC_NR @@ -1 +1 @@ -373 +374 --
>>>>> 1.8.0
> 
>> 
> 

BTW It is fairly easy to add C Code to do the labeling here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCKlrgACgkQrlYvE4MpobNY6ACgoYJRoSP7c4Jpe4FJynwPGfhA
lO4An003i3sFF8w5RjXxsi7GUTzgSy5/
=veTC
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]