Attachment #471338 for bug #617074

View | Details | Raw Unified | Return to bug 617074
Collapse All | Expand All

Lines 68-74 Link Here

(-)vixie-cron-4.1/Makefile (-1 / +2 lines)
68	#<<want to use a nonstandard CC?>>	68	#<<want to use a nonstandard CC?>>
69	CC = gcc -Wall -Wno-unused -Wno-comment	69	CC = gcc -Wall -Wno-unused -Wno-comment
70	#<<manifest defines>>	70	#<<manifest defines>>
71	DEFS =	71	DEFS = -s -DWITH_SELINUX
		72	LIBS += -lselinux
72	#(SGI IRIX systems need this)	73	#(SGI IRIX systems need this)
73	#DEFS = -D_BSD_SIGNALS -Dconst=	74	#DEFS = -D_BSD_SIGNALS -Dconst=
74	#<<the name of the BSD-like install program>>	75	#<<the name of the BSD-like install program>>

Lines 28-33 Link Here

(-)vixie-cron-4.1/database.c (-1 / +121 lines)
28		28
29	#include "cron.h"	29	#include "cron.h"
30		30
		31	#ifdef WITH_SELINUX
		32	#include <selinux/selinux.h>
		33	#include <selinux/context.h>
		34	#include <selinux/get_context_list.h>
		35	#define SYSUSERNAME "system_u"
		36	#else
		37	#define SYSUSERNAME "system"
		38	#endif
		39
31	#define TMAX(a,b) ((a)>(b)?(a):(b))	40	#define TMAX(a,b) ((a)>(b)?(a):(b))
32		41
33	static void process_crontab(const char , const char ,	42	static void process_crontab(const char , const char ,
Lines 183-189 Link Here
183	if (fname == NULL) {	192	if (fname == NULL) {
184	/* must be set to something for logging purposes.	193	/* must be set to something for logging purposes.
185	*/	194	*/
186	fname = "system";	195	fname = SYSUSERNAME;
187	} else if ((pw = getpwnam(uname)) == NULL) {	196	} else if ((pw = getpwnam(uname)) == NULL) {
188	/* file doesn't have a user in passwd file.	197	/* file doesn't have a user in passwd file.
189	*/	198	*/
Lines 245-250 Link Here
245	free_user(u);	254	free_user(u);
246	log_it(fname, getpid(), "RELOAD", tabname);	255	log_it(fname, getpid(), "RELOAD", tabname);
247	}	256	}
		257	#ifdef WITH_SELINUX
		258	if (is_selinux_enabled()) {
		259	security_context_t file_context=NULL;
		260	security_context_t user_context=NULL;
		261	context_t current_context = NULL;
		262	char *current_context_str = NULL;
		263	struct av_decision avd;
		264	int retval=0;
		265	char *seuser=NULL;
		266	char *level=NULL;
		267	int sys_user = 0;
		268
		269	sys_user = strcmp(SYSUSERNAME, fname);
		270
		271	if (fgetfilecon(crontab_fd, &file_context) < OK) {
		272	log_it(fname, getpid(), "getfilecon FAILED", tabname);
		273	goto next_crontab;
		274	}
		275
		276	if (sys_user != 0) {
		277	if (getseuserbyname(fname, &seuser, &level) < 0) {
		278	log_it(fname, getpid(), "NO SEUSER", tabname);
		279	goto next_crontab;
		280	}
		281	} else {
		282	if (getcon(&current_context_str) < 0) {
		283	log_it(fname, getpid(), "getcon FAILED", tabname);
		284	goto next_crontab;
		285	}
		286
		287	current_context = context_new(current_context_str);
		288	if (current_context == 0) {
		289	log_it(fname, getpid(), "context new FAILED", tabname);
		290	freecon(current_context_str);
		291	goto next_crontab;
		292	}
		293
		294	seuser = context_user_get(current_context);
		295	level = context_range_get(current_context);
		296	}
		297
		298	if (get_default_context_with_level(seuser, level, NULL, &user_context) < 0) {
		299	log_it(fname, getpid(), "NO CONTEXT", tabname);
		300	freecon(file_context);
		301	if (sys_user != 0) {
		302	free(seuser);
		303	free(level);
		304	}
		305	freecon(current_context_str);
		306	context_free(current_context);
		307	goto next_crontab;
		308	}
		309
		310	/*
		311	* Since crontab files are not directly executed,
		312	* crond must ensure that the crontab file has
		313	* a context that is appropriate for the context of
		314	* the user cron job. It performs an entrypoint
		315	* permission check for this purpose.
		316	*/
		317	security_class_t file_class;
		318	access_vector_t entrypoint_bit;
		319	file_class = string_to_security_class("file");
		320	if (file_class == 0) {
321	log_it(fname, getpid(), "file CLASS NOT DEFINED", tabname);
322	freecon(current_context_str);
323	context_free(current_context);
324	freecon(user_context);
325	freecon(file_context);
326	if (sys_user != 0) {
327	free(seuser);
328	free(level);
329	}
330	goto next_crontab;
331	}
332
333	entrypoint_bit = string_to_av_perm(file_class, "entrypoint");
334	if (entrypoint_bit == 0) {
335	log_it(fname, getpid(), "file:entrypoint AV NOT DEFINED", tabname);
336	freecon(current_context_str);
337	context_free(current_context);
338	freecon(user_context);
339	freecon(file_context);
340	if (sys_user != 0) {
341	free(seuser);
342	free(level);
343	}
344	goto next_crontab;
345	}
346
347	retval = security_compute_av_raw(user_context,
348	file_context,
349	file_class,
350	entrypoint_bit,
351	&avd);
352
353	freecon(user_context);
354	freecon(file_context);
355	if (sys_user != 0) {
356	free(seuser);
357	free(level);
358	}
359	context_free(current_context);
360	freecon(current_context_str);
361
362	if (retval \|\| ((entrypoint_bit & avd.allowed) != entrypoint_bit)) {
363	log_it(fname, getpid(), "ENTRYPOINT FAILED", tabname);
364	goto next_crontab;
365	}
366	}
367	#endif
248	u = load_user(crontab_fd, pw, fname);	368	u = load_user(crontab_fd, pw, fname);
249	if (u != NULL) {	369	if (u != NULL) {
250	u->mtime = statbuf->st_mtime;	370	u->mtime = statbuf->st_mtime;

Lines 25-30 Link Here

(-)vixie-cron-4.1/do_command.c (+49 lines)
25		25
26	#include "cron.h"	26	#include "cron.h"
27		27
		28	#ifdef WITH_SELINUX
		29	#include <selinux/selinux.h>
		30	#include <selinux/context.h>
		31	#include <selinux/get_context_list.h>
		32	#endif
		33
28	static void child_process(entry , user );	34	static void child_process(entry , user );
29	static int safe_p(const char , const char );	35	static int safe_p(const char , const char );
30		36
Lines 265-270 Link Here
265	_exit(OK_EXIT);	271	_exit(OK_EXIT);
266	}	272	}
267	# endif /DEBUGGING/	273	# endif /DEBUGGING/
		274	#ifdef WITH_SELINUX
		275	if (is_selinux_enabled()) {
		276	char *seuser = NULL;
		277	char *level = NULL;
		278	char *current_context_str = NULL;
		279	security_context_t scontext;
		280	context_t current_context = NULL;
		281
		282	if (strcmp("system_u", u->name) != 0) {
		283	if (getseuserbyname(u->name, &seuser, &level) < 0) {
		284	fprintf(stderr, "getseuserbyname: Could not determine seuser for user %s\n", u->name);
		285	_exit(ERROR_EXIT);
		286	}
		287	} else {
		288	if (getcon(&current_context_str) < 0) {
		289	fprintf(stderr, "getcon FAILED\n");
		290	_exit(ERROR_EXIT);
		291	}
		292
		293	current_context = context_new(current_context_str);
		294	if (current_context == NULL) {
		295	fprintf(stderr, "failed to create new context: %s\n", current_context_str);
		296	freecon(current_context_str);
		297	_exit(ERROR_EXIT);
		298	}
		299
		300	seuser = context_user_get(current_context);
		301	}
		302
		303	if (get_default_context_with_level(seuser, level, NULL, &scontext) < 0) {
		304	fprintf(stderr, "get_default_context_with_level: could not get security context for user %s, seuser %s\n", u->name, seuser);
		305	_exit(ERROR_EXIT);
		306	}
		307
		308	if (setexeccon(scontext) < 0) {
		309	fprintf(stderr, "setexeccon: Could not set exec context to %s for user %s\n", scontext, u->name);
		310	_exit(ERROR_EXIT);
		311	}
		312	free(seuser);
		313	free(level);
		314	freecon(scontext);
		315	}
		316	#endif
268	execle(shell, shell, "-c", e->cmd, (char *)0, e->envp);	317	execle(shell, shell, "-c", e->cmd, (char *)0, e->envp);
269	fprintf(stderr, "execl: couldn't exec `%s'\n", shell);	318	fprintf(stderr, "execl: couldn't exec `%s'\n", shell);
270	perror("execl");	319	perror("execl");

Return to bug 617074