- establish rpm_script_t before scriptlet exec.

CVS patchset: 7098
CVS date: 2004/02/16 04:57:25

CHANGES

@@ -17,7 +17,7 @@
 	- fix: set fcontext from pkg when file_contexts doesn't exist (#114040).
 	- fix: set fcontext for "mkdir -p" directories not in packages.
 	- fix: setfiles (aka rpmsx.c) dinna handle patterns correctly.
-	- establish rpm_script_t before scriptlet exec, ignore errors for now.
+	- establish rpm_script_t before scriptlet exec.
 
 4.2.1 -> 4.2.2:
 	- unify signal handling in librpmio, use condvar to deliver signal.

lib/psm.c

@@ -524,19 +524,22 @@ static int switchIdentity(rpmpsm psm, const char * ntype)
 
     rc = setexeccon(ncon);
 
-    if (rc != 0)
-    switch (errno) {
-    case EINVAL:
 	/*
-	 * XXX HACK: rpm_script_t permitted only from sysadm_r, EINVAL returned.
-	 * Hack around that issue while "rpm_script_t" in policy is stabilizing.
+     * Policy for rpm currently permits rpm_script_t establish only from
+     * sysadm_r or system_r. If enforcing, this is hard error, otherwise
+     * warn the user and continue.
 	 */
+    if (rc != 0) {
+	if (security_getenforce() == 1) {	/* enforcing */
+	    rpmMessage(RPMMESS_ERROR,
+		_("setexeccon(%s) fails from context \"%s\": %s\n"),
+		(char *) ncon, (char *) ocon, strerror(errno));
+	} else {				/* permissive */
+	    rpmMessage(RPMMESS_WARNING,
+		_("setexeccon(%s) fails from context \"%s\": %s\nContinuing ...\n"),
+		(char *) ncon, (char *) ocon, strerror(errno));
 	rc = 0;
-	break;
-    default:
-	rpmMessage(RPMMESS_DEBUG,
-		"%s: setexeccon() rc %d: %s\n", rc, strerror(errno));
-	break;
+	}
     }
 
 exit:

rpm.spec.in

@@ -20,7 +20,7 @@ Name: rpm
 %define version @VERSION@
 Version: %{version}
 %{expand: %%define rpm_version %{version}}
-Release: 0.8
+Release: 0.11
 Group: System Environment/Base
 Source: ftp://ftp.rpm.org/pub/rpm/dist/rpm-4.0.x/rpm-%{rpm_version}.tar.gz
 License: GPL
@@ -486,7 +486,7 @@ exit 0
 - fix: set fcontext from pkg when file_contexts doesn't exist (#114040).
 - fix: set fcontext for "mkdir -p" directories not in packages.
 - fix: setfiles (aka rpmsx.c) dinna handle patterns correctly.
-- establish rpm_script_t before scriptlet exec, ignore errors for now.
+- establish rpm_script_t before scriptlet exec.
 
 * Wed Feb 11 2004 Jeff Johnson <jbj@redhat.com> 4.3-0.10
 - re-add --enable-posixmutexes to build.

system.h

@@ -301,7 +301,12 @@ typedef	char * security_context_t;
 #define	lsetfilecon(_fn, _c)	(-1)
 #define	fsetfilecon(_fd, _c)	(-1)
 
+#define	getcon(_c)		(-1)
+#define	getexeccon(_c)		(-1)
+#define	setexeccon(_c)		(-1)
+
 #define	security_check_context(_c)	(0)
+#define security_getenforce()		(0)
 
 #define	is_selinux_enabled()	(-1)
 #endif
@@ -328,9 +333,20 @@ extern int fsetfilecon(int fd, security_context_t con)
 	/*@globals fileSystem @*/
 	/*@modifies fileSystem @*/;
 
+extern int getcon(/*@out@*/ security_context_t *con)
+	/*@modifies *con @*/;
+extern int getexeccon(/*@out@*/ security_context_t *con)
+	/*@modifies *con @*/;
+extern int setexeccon(security_context_t con)
+	/*@globals fileSystem @*/
+	/*@modifies fileSystem @*/;
+
 extern int security_check_context(security_context_t con)
 	/*@globals fileSystem @*/
 	/*@modifies fileSystem @*/;
+extern int security_getenforce(void)
+	/*@globals fileSystem @*/
+	/*@modifies fileSystem @*/;
 
 extern int is_selinux_enabled(void)
 	/*@globals fileSystem @*/