Eliminate built-in selinux support. RIP.

- We hereby unceremoniously declare that from now on, SELinux and
  other similar mechanisms are to live in plugins, rpm doesn't need
  to know about every possible security etc mechanism there might be.
  Its a big commit but as its really just removals...
- We need to disable sepolicy collection plugin for now as it relies on
  built-in support for selinux, this not only makes no sense but
  wont work now that there is no built-in support. The sepolicy
  plugin needs to be merged into the selinux base plugin now.
- Another "breakage" is that --rebuilddb no longer relabels the database,
  this needs plugins to called in a place where they currently cannot
  be called. This needs to be resolved before next actual release.

lib/Makefile.am

@@ -45,7 +45,6 @@ librpm_la_LDFLAGS = -version-info 4:0:1
 librpm_la_LIBADD = \
 	$(top_builddir)/rpmio/librpmio.la \
 	@WITH_POPT_LIB@ \
-	@WITH_SELINUX_LIB@ \
 	@WITH_CAP_LIB@ \
 	@WITH_ACL_LIB@ \
 	@LIBINTL@

lib/fsm.c

@@ -108,7 +108,6 @@ struct fsm_s {
     cpioMapFlags mapFlags;	/*!< Bit(s) to control mapping. */
     const char * dirName;	/*!< File directory name. */
     const char * baseName;	/*!< File base name. */
-    struct selabel_handle *sehandle;	/*!< SELinux label handle (if any). */
     rpmPlugins plugins;    	/*!< Rpm plugins handle */
 
     unsigned fflags;		/*!< File flags. */
@@ -621,34 +620,6 @@ static FSM_t fsmFree(FSM_t fsm)
     return NULL;
 }
 
-/* Find and set file security context */
-static int fsmSetSELabel(struct selabel_handle *sehandle,
-			 const char *path, const char *dest, mode_t mode)
-{
-    int rc = 0;
-#if WITH_SELINUX
-    if (sehandle) {
-	security_context_t scon = NULL;
-
-	if (selabel_lookup_raw(sehandle, &scon, dest, mode) == 0) {
-	    rc = lsetfilecon(path, scon);
-
-	    if (_fsm_debug) {
-		rpmlog(RPMLOG_DEBUG, " %8s (%s, %s) %s\n",
-			__func__, path, scon,
-			(rc < 0 ? strerror(errno) : ""));
-	    }
-
-	    if (rc < 0 && errno == EOPNOTSUPP)
-		rc = 0;
-	}
-
-	freecon(scon);
-    }
-#endif
-    return rc ? CPIOERR_LSETFCON_FAILED : 0;
-}
-
 static int fsmSetFCaps(const char *path, const char *captxt)
 {
     int rc = 0;
@@ -1158,12 +1129,11 @@ static int fsmMknod(const char *path, mode_t mode, dev_t dev)
 /**
  * Create (if necessary) directories not explicitly included in package.
  * @param dnli		file state machine data
- * @param sehandle	selinux label handle (bah)
  * @param plugins	rpm plugins handle
  * @param action	file state machine action
  * @return		0 on success
  */
-static int fsmMkdirs(rpmfi fi, rpmfs fs, struct selabel_handle *sehandle, rpmPlugins plugins, rpmFileAction action)
+static int fsmMkdirs(rpmfi fi, rpmfs fs, rpmPlugins plugins, rpmFileAction action)
 {
     DNLI_t dnli = dnlInitIterator(fi, fs, 0);
     struct stat sb;
@@ -1240,8 +1210,6 @@ static int fsmMkdirs(rpmfi fi, rpmfs fs, struct selabel_handle *sehandle, rpmPlu
 		rpmpluginsCallFsmFilePost(plugins, dn, mode, op, rc);
 
 		if (!rc) {
-		    rc = fsmSetSELabel(sehandle, dn, dn, mode);
-
 		    rpmlog(RPMLOG_DEBUG,
 			    "%s directory created with perms %04o\n",
 			    dn, (unsigned)(mode & 07777));
@@ -1554,10 +1522,6 @@ static int fsmSetmeta(FSM_t fsm, int ix, const struct stat * st)
     if (!S_ISDIR(st->st_mode) && (fsm->suffix || fsm->nsuffix))
 	dest = fsmFsPath(fsm, 0, fsm->nsuffix);
 
-    /* Set file security context (if enabled) */
-    if (!rc && !getuid()) {
-	rc = fsmSetSELabel(fsm->sehandle, fsm->path, dest, st->st_mode);
-    }
     if (!rc && !getuid()) {
 	rc = fsmChown(fsm->path, st->st_mode, st->st_uid, st->st_gid);
     }
@@ -1678,14 +1642,13 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfi fi, FD_t cfd,
     if (archive == NULL)
 	rc = CPIOERR_INTERNAL;
 
-    fsm->sehandle = rpmtsSELabelHandle(ts);
     fsm->plugins = rpmtsPlugins(ts);
     /* transaction id used for temporary path suffix while installing */
     rasprintf(&fsm->suffix, ";%08x", (unsigned)rpmtsGetTid(ts));
 
     /* Detect and create directories not explicitly in package. */
     if (!rc) {
-	rc = fsmMkdirs(fi, rpmteGetFileStates(te), fsm->sehandle, fsm->plugins, fsm->action);
+	rc = fsmMkdirs(fi, rpmteGetFileStates(te), fsm->plugins, fsm->action);
     }
 
     while (!rc) {

lib/psm.c

@@ -416,7 +416,6 @@ static rpmRC runScript(rpmpsm psm, ARGV_const_t prefixes,
 		     stag != RPMTAG_PREUN &&
 		     stag != RPMTAG_PRETRANS &&
 		     stag != RPMTAG_VERIFYSCRIPT);
-    int selinux = !(rpmtsFlags(psm->ts) & RPMTRANS_FLAG_NOCONTEXTS);
 
     sfd = rpmtsNotify(psm->ts, psm->te, RPMCALLBACK_SCRIPT_START, stag, 0);
     if (sfd == NULL)
@@ -424,7 +423,7 @@ static rpmRC runScript(rpmpsm psm, ARGV_const_t prefixes,
 
     rpmswEnter(rpmtsOp(psm->ts, RPMTS_OP_SCRIPTLETS), 0);
     rc = rpmScriptRun(script, arg1, arg2, sfd,
-		      prefixes, warn_only, selinux, psm->ts->plugins);
+		      prefixes, warn_only, psm->ts->plugins);
     rpmswExit(rpmtsOp(psm->ts, RPMTS_OP_SCRIPTLETS), 0);
 
     /* Map warn-only errors to "notfound" for script stop callback */

lib/rpmdb.c

@@ -2680,7 +2680,6 @@ static int renameTag(const char * prefix,
 		     rpmTagVal dbtag)
 {
     int xx, rc = 0;
-    int selinux = is_selinux_enabled() && (matchpathcon_init(NULL) != -1);
     const char *base = rpmTagGetName(dbtag);
     char *src = rpmGetPath(prefix, "/", olddbpath, "/", base, NULL);
     char *dest = rpmGetPath(prefix, "/", newdbpath, "/", base, NULL);
@@ -2701,21 +2700,12 @@ static int renameTag(const char * prefix,
 	xx = chown(dest, st.st_uid, st.st_gid);
 	xx = chmod(dest, (st.st_mode & 07777));
 
-	if (selinux) {
-	    security_context_t scon = NULL;
-	    if (matchpathcon(dest, st.st_mode, &scon) != -1) {
-		(void) setfilecon(dest, scon);
-		freecon(scon);
-	    }
-	}
+	/* XXX: we should call file prepare plugins here for selinux etc! */
     }
 
 exit:
     free(src);
     free(dest);
-    if (selinux) {
-	(void) matchpathcon_fini();
-    }
     return rc;
 }
 

lib/rpmscript.c

@@ -29,7 +29,7 @@ struct rpmScript_s {
 /**
  * Run internal Lua script.
  */
-static rpmRC runLuaScript(rpmPlugins plugins, int selinux, ARGV_const_t prefixes,
+static rpmRC runLuaScript(rpmPlugins plugins, ARGV_const_t prefixes,
 		   const char *sname, rpmlogLvl lvl, FD_t scriptFd,
 		   ARGV_t * argvp, const char *script, int arg1, int arg2)
 {
@@ -93,7 +93,7 @@ static rpmRC runLuaScript(rpmPlugins plugins, int selinux, ARGV_const_t prefixes
 
 static const char * const SCRIPT_PATH = "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin";
 
-static void doScriptExec(int selinux, ARGV_const_t argv, ARGV_const_t prefixes,
+static void doScriptExec(ARGV_const_t argv, ARGV_const_t prefixes,
 			FD_t scriptFd, FD_t out)
 {
     int pipes[2];
@@ -165,11 +165,6 @@ static void doScriptExec(int selinux, ARGV_const_t argv, ARGV_const_t prefixes,
 	/* XXX Don't mtrace into children. */
 	unsetenv("MALLOC_CHECK_");
 
-	/* Permit libselinux to do the scriptlet exec. */
-	if (selinux == 1) {	
-	    xx = rpm_execcon(0, argv[0], argv, environ);
-	}
-
 	if (xx == 0) {
 	    xx = execv(argv[0], argv);
 	}
@@ -204,7 +199,7 @@ exit:
 /**
  * Run an external script.
  */
-static rpmRC runExtScript(rpmPlugins plugins, int selinux, ARGV_const_t prefixes,
+static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes,
 		   const char *sname, rpmlogLvl lvl, FD_t scriptFd,
 		   ARGV_t * argvp, const char *script, int arg1, int arg2)
 {
@@ -263,7 +258,7 @@ static rpmRC runExtScript(rpmPlugins plugins, int selinux, ARGV_const_t prefixes
 
 	/* Run scriptlet post fork hook for all plugins */
 	if (rpmpluginsCallScriptletForkPost(plugins, *argvp[0], RPMSCRIPTLET_FORK | RPMSCRIPTLET_EXEC) != RPMRC_FAIL) {
-	    doScriptExec(selinux, *argvp, prefixes, scriptFd, out);
+	    doScriptExec(*argvp, prefixes, scriptFd, out);
 	} else {
 	    _exit(126); /* exit 126 for compatibility with bash(1) */
 	}
@@ -305,7 +300,7 @@ exit:
 }
 
 rpmRC rpmScriptRun(rpmScript script, int arg1, int arg2, FD_t scriptFd,
-		   ARGV_const_t prefixes, int warn_only, int selinux, rpmPlugins plugins)
+		   ARGV_const_t prefixes, int warn_only, rpmPlugins plugins)
 {
     ARGV_t args = NULL;
     rpmlogLvl lvl = warn_only ? RPMLOG_WARNING : RPMLOG_ERR;
@@ -329,9 +324,9 @@ rpmRC rpmScriptRun(rpmScript script, int arg1, int arg2, FD_t scriptFd,
 
     if (rc != RPMRC_FAIL) {
 	if (script_type & RPMSCRIPTLET_EXEC) {
-	    rc = runExtScript(plugins, selinux, prefixes, script->descr, lvl, scriptFd, &args, script->body, arg1, arg2);
+	    rc = runExtScript(plugins, prefixes, script->descr, lvl, scriptFd, &args, script->body, arg1, arg2);
 	} else {
-	    rc = runLuaScript(plugins, selinux, prefixes, script->descr, lvl, scriptFd, &args, script->body, arg1, arg2);
+	    rc = runLuaScript(plugins, prefixes, script->descr, lvl, scriptFd, &args, script->body, arg1, arg2);
 	}
     }
 

lib/rpmscript.h

@@ -29,7 +29,7 @@ rpmScript rpmScriptFree(rpmScript script);
 
 RPM_GNUC_INTERNAL
 rpmRC rpmScriptRun(rpmScript script, int arg1, int arg2, FD_t scriptFd,
-                   ARGV_const_t prefixes, int warn_only, int selinux, rpmPlugins plugins);
+                   ARGV_const_t prefixes, int warn_only, rpmPlugins plugins);
 
 RPM_GNUC_INTERNAL
 rpmTagVal rpmScriptTag(rpmScript script);

lib/rpmts.c

@@ -747,63 +747,6 @@ void rpmtsSetScriptFd(rpmts ts, FD_t scriptFd)
     }
 }
 
-struct selabel_handle * rpmtsSELabelHandle(rpmts ts)
-{
-#if WITH_SELINUX
-    if (ts != NULL) {
-	return ts->selabelHandle;
-    }
-#endif
-    return NULL;
-}
-
-rpmRC rpmtsSELabelInit(rpmts ts, int open_status)
-{
-#if WITH_SELINUX
-    const char * path = selinux_file_context_path();
-
-    if (ts == NULL || path == NULL) {
-	return RPMRC_FAIL;
-    }
-
-    if (open_status) {
-	selinux_status_close();
-	if (selinux_status_open(0) < 0) {
-	    return RPMRC_FAIL;
-	}
-    } else if (!selinux_status_updated() && ts->selabelHandle) {
-	return RPMRC_OK;
-    }
-
-    struct selinux_opt opts[] = {
-	{ .type = SELABEL_OPT_PATH, .value = path}
-    };
-
-    if (ts->selabelHandle) {
-	rpmtsSELabelFini(ts, 0);
-    }
-    ts->selabelHandle = selabel_open(SELABEL_CTX_FILE, opts, 1);
-
-    if (!ts->selabelHandle) {
-	return RPMRC_FAIL;
-    }
-#endif
-    return RPMRC_OK;
-}
-
-void rpmtsSELabelFini(rpmts ts, int close_status)
-{
-#if WITH_SELINUX
-    if (ts && ts->selabelHandle) {
-	selabel_close(ts->selabelHandle);
-	ts->selabelHandle = NULL;
-    }
-    if (close_status) {
-	selinux_status_close();
-    }
-#endif
-}
-
 rpm_tid_t rpmtsGetTid(rpmts ts)
 {
     rpm_tid_t tid = (rpm_tid_t)-1;  /* XXX -1 is time(2) error return. */

lib/rpmts_internal.h

@@ -94,28 +94,6 @@ rpmal rpmtsCreateAl(rpmts ts, rpmElementTypes types);
 RPM_GNUC_INTERNAL
 int rpmtsSolve(rpmts ts, rpmds key);
 
-/** \ingroup rpmts
- * Get the selabel handle from the transaction set
- * @param ts		transaction set
- * @return		rpm selabel handle, or NULL if it hasn't been initialized yet
- */
-struct selabel_handle * rpmtsSELabelHandle(rpmts ts);
-
-/** \ingroup rpmts
- * Initialize selabel
- * @param ts		transaction set
- * @param open_status   if the func should open selinux status or just check it
- * @return		RPMRC_OK on success, RPMRC_FAIL otherwise
- */
-rpmRC rpmtsSELabelInit(rpmts ts, int open_status);
-
-/** \ingroup rpmts
- * Clean up selabel
- * @param ts		transaction set
- * @param close_status  whether we should close selinux status
- */
-void rpmtsSELabelFini(rpmts ts, int close_status);
-
 #ifdef __cplusplus
 }
 #endif

lib/transaction.c

@@ -1270,20 +1270,6 @@ static int rpmtsSetup(rpmts ts, rpmprobFilterFlags ignoreSet)
     if (rpmtsFlags(ts) & (RPMTRANS_FLAG_JUSTDB | RPMTRANS_FLAG_TEST))
 	(void) rpmtsSetFlags(ts, (rpmtsFlags(ts) | _noTransScripts | _noTransTriggers | RPMTRANS_FLAG_NOCOLLECTIONS));
 
-    /* if SELinux isn't enabled or it is a test run, don't bother... */
-    if (!is_selinux_enabled() || (rpmtsFlags(ts) & RPMTRANS_FLAG_TEST)) {
-        rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
-    }
-
-    if (rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS) {
-	rpmlog(RPMLOG_DEBUG, "Selinux disabled.\n");
-    } else {
-	if (rpmtsSELabelInit(ts, 1)) {
-	    rpmlog(RPMLOG_WARNING, "Failed to open SELinux handle.\n");
-	    rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
-	}
-    }
-
     /* 
      * Make sure the database is open RDWR for package install/erase.
      * Note that we initialize chroot state here even if it's just "/" as
@@ -1304,9 +1290,6 @@ static int rpmtsSetup(rpmts ts, rpmprobFilterFlags ignoreSet)
 
 static int rpmtsFinish(rpmts ts)
 {
-    if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) {
-	rpmtsSELabelFini(ts, 1);
-    }
     return rpmChrootSet(NULL);
 }
 
@@ -1418,10 +1401,6 @@ static int rpmtsProcess(rpmts ts)
 	rpmlog(RPMLOG_DEBUG, "========== +++ %s %s-%s 0x%x\n",
 		rpmteNEVR(p), rpmteA(p), rpmteO(p), rpmteColor(p));
 
-	if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) {
-	    rpmtsSELabelInit(ts, 0);
-	}
-
 	failed = rpmteProcess(p, rpmteType(p));
 	if (failed) {
 	    rpmlog(RPMLOG_ERR, "%s: %s %s\n", rpmteNEVRA(p),

plugins/Makefile.am

@@ -23,10 +23,11 @@ selinux_la_SOURCES = plugin.h selinux.c
 selinux_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la @WITH_SELINUX_LIB@
 plugins_LTLIBRARIES += selinux.la
 
-sepolicy_la_SOURCES = plugin.h sepolicy.c
-sepolicy_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la @WITH_SELINUX_LIB@ @WITH_SEMANAGE_LIB@
-
-plugins_LTLIBRARIES += sepolicy.la
+# XXX: merge this into selinux plugin, for now we need to disable
+#      as it relies on in-core selinux knowledge which we no longer have...
+#sepolicy_la_SOURCES = plugin.h sepolicy.c
+#sepolicy_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la @WITH_SELINUX_LIB@ @WITH_SEMANAGE_LIB@
+#plugins_LTLIBRARIES += sepolicy.la
 endif
 
 if DBUS

rpm.pc.in

@@ -12,4 +12,4 @@ URL: http://rpm.org
 # Conflicts:
 Cflags: -I${includedir}
 Libs: -L${libdir} -lrpm -lrpmio
-Libs.private: -lpopt -lrt -lpthread @WITH_SELINUX_LIB@ @WITH_LZMA_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @WITH_NSS_LIB@ @WITH_LUA_LIB@
+Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @WITH_NSS_LIB@ @WITH_LUA_LIB@

system.h

@@ -78,31 +78,6 @@ char * stpncpy(char * dest, const char * src, size_t n);
 #endif
 #endif
 
-#if WITH_SELINUX
-#include <selinux/selinux.h>
-#include <selinux/label.h>
-#include <selinux/avc.h>
-#else
-typedef	char * security_context_t;
-
-#define	freecon(_c)
-
-#define	setfilecon(_fn, _c)	(-1)
-#define	lsetfilecon(_fn, _c)	(-1)
-
-#define	is_selinux_enabled()	(0)
-
-#define matchpathcon_init(_fn)			(-1)
-#define matchpathcon_fini()			(0)
-#define matchpathcon(_fn, _fm, _c)		(-1)
-
-#define selabel_lookup_raw(_hnd, _scon, _key,_type)	(-1)
-
-#define selinux_file_context_path() (0)
-
-#define rpm_execcon(_v, _fn, _av, _envp)	(0)
-#endif
-
 #include "rpmio/rpmutil.h"
 /* compatibility macros to avoid a mass-renaming all over the codebase */
 #define xmalloc(_size) rmalloc((_size))