Commit f352fdcc authored by Colin Walters's avatar Colin Walters
Browse files

RHEL-4: Add dbus-0.22-selinux-get_connection_selinux_security_context.patch

parent d1fe0984
......@@ -26,6 +26,7 @@
#include "connection.h"
#include "driver.h"
#include "dispatch.h"
#include "selinux.h"
#include "services.h"
#include "signals.h"
#include "utils.h"
......@@ -983,6 +984,79 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection,
return FALSE;
}
static dbus_bool_t
bus_driver_handle_get_connection_selinux_security_context (DBusConnection *connection,
BusTransaction *transaction,
DBusMessage *message,
DBusError *error)
{
const char *service;
DBusString str;
BusRegistry *registry;
BusService *serv;
DBusConnection *conn;
DBusMessage *reply;
BusSELinuxID *context;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
registry = bus_connection_get_registry (connection);
service = NULL;
reply = NULL;
if (! dbus_message_get_args (message, error,
DBUS_TYPE_STRING, &service,
DBUS_TYPE_INVALID))
goto failed;
_dbus_verbose ("asked for security context of connection %s\n", service);
_dbus_string_init_const (&str, service);
serv = bus_registry_lookup (registry, &str);
if (serv == NULL)
{
dbus_set_error (error,
DBUS_ERROR_SERVICE_HAS_NO_OWNER,
"Could not get security context of name '%s': no such name", service);
goto failed;
}
conn = bus_service_get_primary_owner (serv);
reply = dbus_message_new_method_return (message);
if (reply == NULL)
goto oom;
context = bus_connection_get_selinux_id (conn);
if (!context)
{
dbus_set_error (error,
DBUS_ERROR_SELINUX_SECURITY_CONTEXT_UNKNOWN,
"Could not determine security context for '%s'", service);
goto failed;
}
if (! bus_selinux_append_context (reply, context, error))
goto failed;
if (! bus_transaction_send_from_driver (transaction, connection, reply))
goto oom;
dbus_message_unref (reply);
return TRUE;
oom:
BUS_SET_OOM (error);
failed:
_DBUS_ASSERT_ERROR_IS_SET (error);
if (reply)
dbus_message_unref (reply);
return FALSE;
}
static dbus_bool_t
bus_driver_handle_reload_config (DBusConnection *connection,
BusTransaction *transaction,
......@@ -1031,6 +1105,7 @@ struct
{ "GetServiceOwner", bus_driver_handle_get_service_owner },
{ "GetConnectionUnixUser", bus_driver_handle_get_connection_unix_user },
{ "GetConnectionUnixProcessID", bus_driver_handle_get_connection_unix_process_id },
{ "GetConnectionSELinuxSecurityContext", bus_driver_handle_get_connection_selinux_security_context },
{ "ReloadConfig", bus_driver_handle_reload_config }
};
......
......@@ -436,6 +436,41 @@ bus_selinux_allows_send (DBusConnection *sender,
#endif /* HAVE_SELINUX */
}
dbus_bool_t
bus_selinux_append_context (DBusMessage *message,
BusSELinuxID *sid,
DBusError *error)
{
#ifdef HAVE_SELINUX
char *context;
if (avc_sid_to_context (SELINUX_SID_FROM_BUS (sid), &context) < 0)
{
if (errno == ENOMEM)
BUS_SET_OOM (error);
else
dbus_set_error (error, DBUS_ERROR_FAILED,
"Error getting context from SID: %s\n",
_dbus_strerror (errno));
return FALSE;
}
if (!dbus_message_append_args (message,
DBUS_TYPE_ARRAY,
DBUS_TYPE_BYTE,
context,
strlen (context),
DBUS_TYPE_INVALID))
{
_DBUS_SET_OOM (error);
return FALSE;
}
freecon (context);
return TRUE;
#else
return TRUE;
#endif
}
/**
* Gets the security context of a connection to the bus. It is up to
* the caller to freecon() when they are done.
......
......@@ -47,6 +47,9 @@ DBusHashTable* bus_selinux_id_table_union (DBusHashTable *base,
void bus_selinux_id_table_print (DBusHashTable *service_table);
const char* bus_selinux_get_policy_root (void);
dbus_bool_t bus_selinux_append_context (DBusMessage *message,
BusSELinuxID *context,
DBusError *error);
dbus_bool_t bus_selinux_allows_acquire_service (DBusConnection *connection,
BusSELinuxID *service_sid);
......
......@@ -155,6 +155,7 @@ extern "C" {
#define DBUS_ERROR_SPAWN_CHILD_SIGNALED "org.freedesktop.DBus.Error.Spawn.ChildSignaled"
#define DBUS_ERROR_SPAWN_FAILED "org.freedesktop.DBus.Error.Spawn.Failed"
#define DBUS_ERROR_UNIX_PROCESS_ID_UNKNOWN "org.freedesktop.DBus.Error.UnixProcessIdUnknown"
#define DBUS_ERROR_SELINUX_SECURITY_CONTEXT_UNKNOWN "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown"
#ifdef __cplusplus
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment