diff options
author | Manoj Srivastava <srivasta@debian.org> | 2014-02-09 16:09:49 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-09 16:17:20 +0000 |
commit | 07f2a771c490bd68cd5c5ea9c535705e93bd94f3 (patch) | |
tree | 3e2ead17b4c91699c13b0417d46bfd750a04e0b8 /openbsd-compat/port-linux.c | |
parent | 950be7e1b1a01ee9b25e2a72726a6370b8acacb6 (diff) |
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach
will need an SSH protocol change. In the meantime, this came from Debian's
SELinux maintainer, so we'll keep it until we have something better.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
Bug-Debian: http://bugs.debian.org/394795
Last-Update: 2013-09-14
Patch-Name: selinux-role.patch
Diffstat (limited to 'openbsd-compat/port-linux.c')
-rw-r--r-- | openbsd-compat/port-linux.c | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 4637a7a3e..de6ad3fd7 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c | |||
@@ -29,6 +29,12 @@ | |||
29 | #include <string.h> | 29 | #include <string.h> |
30 | #include <stdio.h> | 30 | #include <stdio.h> |
31 | 31 | ||
32 | #ifdef WITH_SELINUX | ||
33 | #include "key.h" | ||
34 | #include "hostfile.h" | ||
35 | #include "auth.h" | ||
36 | #endif | ||
37 | |||
32 | #include "log.h" | 38 | #include "log.h" |
33 | #include "xmalloc.h" | 39 | #include "xmalloc.h" |
34 | #include "port-linux.h" | 40 | #include "port-linux.h" |
@@ -58,7 +64,7 @@ ssh_selinux_enabled(void) | |||
58 | 64 | ||
59 | /* Return the default security context for the given username */ | 65 | /* Return the default security context for the given username */ |
60 | static security_context_t | 66 | static security_context_t |
61 | ssh_selinux_getctxbyname(char *pwname) | 67 | ssh_selinux_getctxbyname(char *pwname, const char *role) |
62 | { | 68 | { |
63 | security_context_t sc = NULL; | 69 | security_context_t sc = NULL; |
64 | char *sename = NULL, *lvl = NULL; | 70 | char *sename = NULL, *lvl = NULL; |
@@ -73,9 +79,16 @@ ssh_selinux_getctxbyname(char *pwname) | |||
73 | #endif | 79 | #endif |
74 | 80 | ||
75 | #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL | 81 | #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL |
76 | r = get_default_context_with_level(sename, lvl, NULL, &sc); | 82 | if (role != NULL && role[0]) |
83 | r = get_default_context_with_rolelevel(sename, role, lvl, NULL, | ||
84 | &sc); | ||
85 | else | ||
86 | r = get_default_context_with_level(sename, lvl, NULL, &sc); | ||
77 | #else | 87 | #else |
78 | r = get_default_context(sename, NULL, &sc); | 88 | if (role != NULL && role[0]) |
89 | r = get_default_context_with_role(sename, role, NULL, &sc); | ||
90 | else | ||
91 | r = get_default_context(sename, NULL, &sc); | ||
79 | #endif | 92 | #endif |
80 | 93 | ||
81 | if (r != 0) { | 94 | if (r != 0) { |
@@ -105,7 +118,7 @@ ssh_selinux_getctxbyname(char *pwname) | |||
105 | 118 | ||
106 | /* Set the execution context to the default for the specified user */ | 119 | /* Set the execution context to the default for the specified user */ |
107 | void | 120 | void |
108 | ssh_selinux_setup_exec_context(char *pwname) | 121 | ssh_selinux_setup_exec_context(char *pwname, const char *role) |
109 | { | 122 | { |
110 | security_context_t user_ctx = NULL; | 123 | security_context_t user_ctx = NULL; |
111 | 124 | ||
@@ -114,7 +127,7 @@ ssh_selinux_setup_exec_context(char *pwname) | |||
114 | 127 | ||
115 | debug3("%s: setting execution context", __func__); | 128 | debug3("%s: setting execution context", __func__); |
116 | 129 | ||
117 | user_ctx = ssh_selinux_getctxbyname(pwname); | 130 | user_ctx = ssh_selinux_getctxbyname(pwname, role); |
118 | if (setexeccon(user_ctx) != 0) { | 131 | if (setexeccon(user_ctx) != 0) { |
119 | switch (security_getenforce()) { | 132 | switch (security_getenforce()) { |
120 | case -1: | 133 | case -1: |
@@ -136,7 +149,7 @@ ssh_selinux_setup_exec_context(char *pwname) | |||
136 | 149 | ||
137 | /* Set the TTY context for the specified user */ | 150 | /* Set the TTY context for the specified user */ |
138 | void | 151 | void |
139 | ssh_selinux_setup_pty(char *pwname, const char *tty) | 152 | ssh_selinux_setup_pty(char *pwname, const char *tty, const char *role) |
140 | { | 153 | { |
141 | security_context_t new_tty_ctx = NULL; | 154 | security_context_t new_tty_ctx = NULL; |
142 | security_context_t user_ctx = NULL; | 155 | security_context_t user_ctx = NULL; |
@@ -147,7 +160,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) | |||
147 | 160 | ||
148 | debug3("%s: setting TTY context on %s", __func__, tty); | 161 | debug3("%s: setting TTY context on %s", __func__, tty); |
149 | 162 | ||
150 | user_ctx = ssh_selinux_getctxbyname(pwname); | 163 | user_ctx = ssh_selinux_getctxbyname(pwname, role); |
151 | 164 | ||
152 | /* XXX: should these calls fatal() upon failure in enforcing mode? */ | 165 | /* XXX: should these calls fatal() upon failure in enforcing mode? */ |
153 | 166 | ||