Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-libs/pwdb/files/pwdb-0.62-selinux.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-libs/pwdb/files/pwdb-0.62-selinux.patch')
-rw-r--r--sys-libs/pwdb/files/pwdb-0.62-selinux.patch445
1 files changed, 445 insertions, 0 deletions
diff --git a/sys-libs/pwdb/files/pwdb-0.62-selinux.patch b/sys-libs/pwdb/files/pwdb-0.62-selinux.patch
new file mode 100644
index 000000000000..c31579cc8d98
--- /dev/null
+++ b/sys-libs/pwdb/files/pwdb-0.62-selinux.patch
@@ -0,0 +1,445 @@
+--- pwdb-0.62/examples/Makefile.pwdbselinux 1998-10-06 19:57:04.000000000 -0400
++++ pwdb-0.62/examples/Makefile 2003-07-09 14:45:54.702663000 -0400
+@@ -4,6 +4,8 @@ PROGS = posix gentest tpwdb radtest grou
+ SRCS = $(addsuffix .c,$(PROGS))
+ OBJS = $(addsuffix .o,$(PROGS))
+
++SELINUXLIBS = -lselinux
++
+ # rules
+ junk:
+ @echo "this is not a top-level Makefile"
+@@ -14,20 +16,20 @@ junk:
+
+ all: ${PROGS} ../libpwdb/libpwdb.a
+
+-posix: posix.o ../libpwdb/libpwdb.a
+- $(CC) -o $@ $< ../libpwdb/libpwdb.a -lnsl
++posix: posix.o ../libpwdb/libpwdb.a
++ $(CC) -o $@ $< ../libpwdb/libpwdb.a -lnsl ${SELINUXLIBS}
+
+ tpwdb: tpwdb.o ../libpwdb/libpwdb.a
+- ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl
++ ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl ${SELINUXLIBS}
+
+ radtest: radtest.o ../libpwdb/libpwdb.a
+- ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl
++ ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl ${SELINUXLIBS}
+
+ gentest: gentest.o ../libpwdb/libpwdb.a
+- ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl
++ ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl ${SELINUXLIBS}
+
+ grouptest: grouptest.o ../libpwdb/libpwdb.a
+- ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl
++ ${CC} -g -o $@ $< ../libpwdb/libpwdb.a -lnsl ${SELINUXLIBS}
+
+ clean:
+ rm -f ${PROGS} *.o *~
+--- pwdb-0.62/libpwdb/shadow/shadowio.c.pwdbselinux 1998-10-06 16:58:43.000000000 -0400
++++ pwdb-0.62/libpwdb/shadow/shadowio.c 2003-07-09 14:45:54.705662544 -0400
+@@ -16,6 +16,12 @@
+
+ #include "../_pwdb_internal.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++static int selinux_enabled=0;
++static security_context_t prev_context=NULL;
++#endif
++
+ struct spw_file_entry {
+ char *spwf_line;
+ int spwf_changed;
+@@ -259,8 +265,28 @@ int __pwdb_spw_close (void)
+ if (fstat (fileno (spwfp), &sb))
+ return 0;
+
+- if (create_backup_file(spwfp, backup, &sb))
+- return 0;
++#ifdef WITH_SELINUX
++ if (selinux_enabled=is_selinux_enabled()) {
++ security_context_t passwd_context=NULL;
++ if (fgetfilecon(fileno (spwfp),&passwd_context)<0) {
++ return 0;
++ };
++ if (getfscreatecon(&prev_context)<0) {
++ freecon(passwd_context);
++ return 0;
++ }
++ if (setfscreatecon(passwd_context)) {
++ freecon(passwd_context);
++ freecon(prev_context);
++ return 0;
++ }
++ freecon(passwd_context);
++ }
++#endif
++ if (create_backup_file(spwfp, backup, &sb)){
++ errors++;
++ goto errorexit;
++ }
+
+ isopen = 0;
+ (void) fclose (spwfp);
+@@ -278,11 +304,15 @@ int __pwdb_spw_close (void)
+ */
+
+ spwfp = fopen_with_umask(newfile, "w", 0777);
+- if (!spwfp)
+- return 0;
++ if (!spwfp){
++ errors++;
++ goto errorexit;
++ }
+ if (chown(newfile, sb.st_uid, sb.st_gid) ||
+- chmod(newfile, sb.st_mode))
+- return 0;
++ chmod(newfile, sb.st_mode)){
++ errors++;
++ goto errorexit;
++ }
+
+ /*
+ * Check each member in the list and write out any elements
+@@ -308,7 +338,7 @@ int __pwdb_spw_close (void)
+
+ if (errors) {
+ unlink (newfile);
+- return 0;
++ goto errorexit;
+ }
+
+ /*
+@@ -352,7 +382,20 @@ int __pwdb_spw_close (void)
+ }
+ spwf_tail = 0;
+ isopen = 0;
+- return 1;
++
++ errorexit:
++#ifdef WITH_SELINUX
++ if (selinux_enabled) {
++ if (setfscreatecon(prev_context)) {
++ errors++;
++ }
++ if (prev_context != NULL) {
++ freecon(prev_context);
++ prev_context=NULL;
++ }
++ }
++#endif
++ return errors==0;
+ }
+
+ int __pwdb_spw_update (const struct __pwdb_spwd *spwd)
+--- pwdb-0.62/libpwdb/shadow/sgroupio.c.pwdbselinux 1998-10-06 16:58:43.000000000 -0400
++++ pwdb-0.62/libpwdb/shadow/sgroupio.c 2003-07-09 14:45:54.704662696 -0400
+@@ -16,6 +16,12 @@
+
+ #include "../_pwdb_internal.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++static int selinux_enabled=0;
++static security_context_t prev_context=NULL;
++#endif
++
+ static int islocked;
+ static int isopen;
+ static int open_modes;
+@@ -278,8 +284,28 @@ int __pwdb_sgr_close (void)
+ if (fstat (fileno (sgrfp), &sb))
+ return 0;
+
+- if (create_backup_file(sgrfp, backup, &sb))
+- return 0;
++#ifdef WITH_SELINUX
++ if (selinux_enabled=is_selinux_enabled()) {
++ security_context_t passwd_context=NULL;
++ if (fgetfilecon(fileno (sgrfp),&passwd_context)<0) {
++ return 0;
++ };
++ if (getfscreatecon(&prev_context)<0) {
++ freecon(passwd_context);
++ return 0;
++ }
++ if (setfscreatecon(passwd_context)) {
++ freecon(passwd_context);
++ freecon(prev_context);
++ return 0;
++ }
++ freecon(passwd_context);
++ }
++#endif
++ if (create_backup_file(sgrfp, backup, &sb)){
++ errors++;
++ goto errorexit;
++ }
+
+ isopen = 0;
+ (void) fclose (sgrfp);
+@@ -296,11 +322,15 @@ int __pwdb_sgr_close (void)
+ */
+
+ sgrfp = fopen_with_umask(newfile, "w", 0777);
+- if (!sgrfp)
+- return 0;
++ if (!sgrfp){
++ errors++;
++ goto errorexit;
++ }
+ if (chown(newfile, sb.st_uid, sb.st_gid) ||
+- chmod(newfile, sb.st_mode))
+- return 0;
++ chmod(newfile, sb.st_mode)){
++ errors++;
++ goto errorexit;
++ }
+
+ /*
+ * Check each member in the list and write out any elements
+@@ -326,7 +356,7 @@ int __pwdb_sgr_close (void)
+
+ if (errors) {
+ unlink (newfile);
+- return 0;
++ goto errorexit;
+ }
+
+ /*
+@@ -370,7 +400,20 @@ int __pwdb_sgr_close (void)
+ }
+ sgr_tail = 0;
+ isopen = 0;
+- return 1;
++
++ errorexit:
++#ifdef WITH_SELINUX
++ if (selinux_enabled) {
++ if (setfscreatecon(prev_context)) {
++ errors++;
++ }
++ if (prev_context != NULL) {
++ freecon(prev_context);
++ prev_context=NULL;
++ }
++ }
++#endif
++ return errors==0;
+ }
+
+ int __pwdb_sgr_update (const struct __pwdb_sgrp *sgrent)
+--- pwdb-0.62/libpwdb/unix/pwio.c.pwdbselinux 1998-10-06 16:58:43.000000000 -0400
++++ pwdb-0.62/libpwdb/unix/pwio.c 2003-07-09 14:45:54.707662240 -0400
+@@ -16,6 +16,11 @@
+
+ #include "../_pwdb_internal.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++static int selinux_enabled=0;
++static security_context_t prev_context=NULL;
++#endif
+ struct pw_file_entry {
+ char *pwf_line;
+ int pwf_changed;
+@@ -204,8 +209,28 @@ int __pwdb_pw_close (void)
+ if (fstat (fileno (pwfp), &sb))
+ return 0;
+
+- if (create_backup_file(pwfp, backup, &sb))
+- return 0;
++#ifdef WITH_SELINUX
++ if (selinux_enabled=is_selinux_enabled()) {
++ security_context_t passwd_context=NULL;
++ if (fgetfilecon(fileno (pwfp),&passwd_context)<0) {
++ return 0;
++ };
++ if (getfscreatecon(&prev_context)<0) {
++ freecon(passwd_context);
++ return 0;
++ }
++ if (setfscreatecon(passwd_context)) {
++ freecon(passwd_context);
++ freecon(prev_context);
++ return 0;
++ }
++ freecon(passwd_context);
++ }
++#endif
++ if (create_backup_file(pwfp, backup, &sb)) {
++ errors++;
++ goto errorexit;
++ }
+
+ isopen = 0;
+ (void) fclose (pwfp);
+@@ -222,11 +247,15 @@ int __pwdb_pw_close (void)
+ */
+
+ pwfp = fopen_with_umask(newfile, "w", 0777);
+- if (!pwfp)
+- return 0;
++ if (!pwfp) {
++ errors++;
++ goto errorexit;
++ }
+ if (chown(newfile, sb.st_uid, sb.st_gid) ||
+- chmod(newfile, sb.st_mode))
+- return 0;
++ chmod(newfile, sb.st_mode)) {
++ errors++;
++ goto errorexit;
++ }
+
+ /*
+ * Check each member in the list and write out any elements
+@@ -251,7 +280,7 @@ int __pwdb_pw_close (void)
+
+ if (errors) {
+ unlink (newfile);
+- return 0;
++ goto errorexit;
+ }
+
+ /*
+@@ -294,7 +323,20 @@ int __pwdb_pw_close (void)
+ }
+ pwf_tail = 0;
+ isopen = 0;
+- return 1;
++
++ errorexit:
++#ifdef WITH_SELINUX
++ if (selinux_enabled) {
++ if (setfscreatecon(prev_context)) {
++ errors++;
++ }
++ if (prev_context != NULL) {
++ freecon(prev_context);
++ prev_context=NULL;
++ }
++ }
++#endif
++ return errors==0;
+ }
+
+ /*
+--- pwdb-0.62/libpwdb/unix/groupio.c.pwdbselinux 1998-10-06 16:58:43.000000000 -0400
++++ pwdb-0.62/libpwdb/unix/groupio.c 2003-07-09 14:45:54.708662088 -0400
+@@ -11,6 +11,12 @@
+ #include "../_pwdb_internal.h"
+
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++int selinux_enabled=0;
++static security_context_t prev_context=NULL;
++#endif
++
+ static int islocked;
+ static int isopen;
+ static int open_modes;
+@@ -259,8 +265,28 @@ int __pwdb_gr_close (void)
+ if (fstat (fileno (grfp), &sb))
+ return 0;
+
+- if (create_backup_file(grfp, backup, &sb))
+- return 0;
++#ifdef WITH_SELINUX
++ if (selinux_enabled=is_selinux_enabled()) {
++ security_context_t group_context=NULL;
++ if (fgetfilecon(fileno (grfp),&group_context)<0) {
++ return 0;
++ };
++ if (getfscreatecon(&prev_context)<0) {
++ freecon(group_context);
++ return 0;
++ }
++ if (setfscreatecon(group_context)) {
++ freecon(group_context);
++ freecon(prev_context);
++ return 0;
++ }
++ freecon(group_context);
++ }
++#endif
++ if (create_backup_file(grfp, backup, &sb)) {
++ errors++;
++ goto errorexit;
++ }
+
+ isopen = 0;
+ (void) fclose (grfp);
+@@ -278,11 +304,15 @@ int __pwdb_gr_close (void)
+ */
+
+ grfp = fopen_with_umask(newfile, "w", 0777);
+- if (!grfp)
+- return 0;
++ if (!grfp) {
++ errors++;
++ goto errorexit;
++ }
+ if (chown(newfile, sb.st_uid, sb.st_gid) ||
+- chmod(newfile, sb.st_mode))
+- return 0;
++ chmod(newfile, sb.st_mode)) {
++ errors++;
++ goto errorexit;
++ }
+
+ /*
+ * Check each member in the list and write out any elements
+@@ -308,7 +338,7 @@ int __pwdb_gr_close (void)
+
+ if (errors) {
+ unlink (newfile);
+- return 0;
++ goto errorexit;
+ }
+
+ /*
+@@ -351,7 +381,19 @@ int __pwdb_gr_close (void)
+ }
+ grf_tail = 0;
+ isopen = 0;
+- return 1;
++ errorexit:
++#ifdef WITH_SELINUX
++ if (selinux_enabled) {
++ if (setfscreatecon(prev_context)) {
++ errors++;
++ }
++ if (prev_context != NULL) {
++ freecon(prev_context);
++ prev_context=NULL;
++ }
++ }
++#endif
++ return errors==0;
+ }
+
+ /* update an entry */
+--- pwdb-0.62/libpwdb/Makefile.pwdbselinux 1999-04-10 05:31:20.000000000 -0400
++++ pwdb-0.62/libpwdb/Makefile 2003-07-09 14:45:54.709661936 -0400
+@@ -22,7 +22,7 @@ HEADERS = pwdb/pwdb_public.h pwdb/pwdb_c
+
+ # needed for generic interface compilation
+ # if header files are not installed (CG)
+-CFLAGS+=-I.
++CFLAGS+=-I. -DWITH_SELINUX
+
+ CFLAGS+=# -DDEBUG
+
+@@ -50,6 +50,6 @@ all: $(LIBSTATIC) $(LIBDYNAME)
+
+
+ $(LIBDYNAME): $(LIBOBJ)
+- $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,$(LIBSONAME) -Wl,-x -o $(LIBFILENAME) $(LIBOBJ) -lcrypt -lnsl -lc
++ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,$(LIBSONAME) -Wl,-x -o $(LIBFILENAME) $(LIBOBJ) -lcrypt -lnsl -lc -lselinux
+ @ln -sf $(LIBFILENAME) $@
+
+ $(LIBSTATIC): $(LIBOBJ)
+ $(AR) $@ $(LIBOBJ)