- (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux

   is enabled set the security context to "sftpd_t" before running the
   internal sftp server   Based on a patch from jchadima at redhat.

4 files changed, 44 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 1b06168ae..37c928182 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,9 @@
      [ssh-keygen.1]
      ssh-keygen now uses AES-128 for private keys
  - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
+ - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
+   is enabled set the security context to "sftpd_t" before running the
+   internal sftp server   Based on a patch from jchadima at redhat.
 
 20091011
  - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index ad262758e..88c601e20 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.5 2008/03/26 20:27:21 dtucker Exp $ */
+/* $Id: port-linux.c,v 1.6 2009/10/24 04:04:13 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -29,6 +29,7 @@
 
 #ifdef WITH_SELINUX
 #include "log.h"
+#include "xmalloc.h"
 #include "port-linux.h"
 
 #include <selinux/selinux.h>
@@ -168,4 +169,38 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
                 freecon(user_ctx);
         debug3("%s: done", __func__);
 }
+
+void
+ssh_selinux_change_context(const char *newname)
+{
+        int len, newlen;
+        char *oldctx, *newctx, *cx;
+
+        if (!ssh_selinux_enabled())
+                return;
+
+        if (getcon((security_context_t *)&oldctx) < 0) {
+                logit("%s: getcon failed with %s", __func__, strerror (errno));
+                return;
+        }
+        if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
+            NULL) {
+                logit ("%s: unparseable context %s", __func__, oldctx);
+                return;
+        }
+
+        newlen = strlen(oldctx) + strlen(newname) + 1;
+        newctx = xmalloc(newlen);
+        len = cx - oldctx + 1;
+        memcpy(newctx, oldctx, len);
+        strlcpy(newctx + len, newname, newlen - len);
+        if ((cx = index(cx + 1, ':')))
+                strlcat(newctx, cx, newlen);
+        debug3("%s: setting context from '%s' to '%s'", __func__, oldctx,
+            newctx);
+        if (setcon(newctx) < 0)
+                logit("%s: setcon failed with %s", __func__, strerror (errno));
+        xfree(oldctx);
+        xfree(newctx);
+}
 #endif /* WITH_SELINUX */
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h
index 5cd39bf83..6ad4a49f6 100644
--- a/openbsd-compat/port-linux.h
+++ b/openbsd-compat/port-linux.h
@@ -1,4 +1,4 @@
-/* $Id: port-linux.h,v 1.2 2008/03/26 20:27:21 dtucker Exp $ */
+/* $Id: port-linux.h,v 1.3 2009/10/24 04:04:13 dtucker Exp $ */
 
 /*
  * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
@@ -23,6 +23,7 @@
 int ssh_selinux_enabled(void);
 void ssh_selinux_setup_pty(char *, const char *);
 void ssh_selinux_setup_exec_context(char *);
+void ssh_selinux_change_context(const char *);
 #endif
 
 #endif /* ! _PORT_LINUX_H */
diff --git a/session.c b/session.c
index d55419fbd..78192314a 100644
--- a/session.c
+++ b/session.c
@@ -1796,6 +1796,9 @@ do_child(Session *s, const char *command)
                 argv[i] = NULL;
                 optind = optreset = 1;
                 __progname = argv[0];
+#ifdef WITH_SELINUX
+                ssh_selinux_change_context("sftpd_t");
+#endif
                 exit(sftp_server_main(i, argv, s->pw));
         }