Google Git
Sign in
android / platform / external / selinux / f18320d56330af157c19dfa63886119bac6cf082^! / .
commitf18320d56330af157c19dfa63886119bac6cf082[log] [tgz]
authorManoj Srivastava <[email protected]>Fri May 10 14:45:14 2013 +0200
committerStephen Smalley <[email protected]>Wed Oct 16 15:08:45 2013 -0400
treecb8e27fb6bec2a7ab5d251e0755e1364f1e8ebfe
parent95eda43741ca7aeda2052f78877ec7feff3c9ab4 [diff]
libsemanage: Also check for the uppoer bound on user ids in login.defs

Some non-Debian packages (like qmail, shudder) create
users not below MIN_UID, but above MAX_UID, in /etc/login.defs
(non-system users are supposed to have uids between MIN_UID and
MAX_UID.

genhomedircon.c:gethomedirs() checks pwent.pw_uid against MIN_UID in
/etc/login.defs to exclude system users from generating homedir
contexts. But unfortunately it does not check it against MAX_UID
setting from the same file. This gets us lines like the following in
the contexts/files/file_contexts.homedirs file:
,----
| #
| # Home Context for user user_u
| #
| /var/qmail/[^/]*/.+ user_u:object_r:user_home_t:s0
| /var/qmail/[^/]*/\.ssh(/.*)? user_u:object_r:user_home_ssh_t:s0
| /var/qmail/[^/]*/\.gnupg(/.+)? user_u:object_r:user_gpg_secret_t:s0
| /var/qmail/[^/]* -d user_u:object_r:user_home_dir_t:s0
| /var/qmail/lost\+found/.* <<none>>
| /var/qmail -d system_u:object_r:home_root_t:s0
| /var/qmail/\.journal <<none>>
| /var/qmail/lost\+found -d system_u:object_r:lost_found_t:s0
| /tmp/gconfd-.* -d user_u:object_r:user_tmp_t:s0
`----
This commit adds checking uid value againt MAX_UID too.

diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
index 3c81d7a..8af51d3 100644
--- a/libsemanage/src/genhomedircon.c
+++ b/libsemanage/src/genhomedircon.c

@@ -283,8 +283,8 @@
 	char *rbuf = NULL;
 	char *path = NULL;
 	long rbuflen;
-	uid_t temp, minuid = 500;
-	int minuid_set = 0;
+	uid_t temp, minuid = 500, maxuid = 60000;
+	int minuid_set = 0, maxuid_set = 0;
 	struct passwd pwstorage, *pwbuf;
 	struct stat buf;
 	int retval;
@@ -333,6 +333,15 @@
 	free(path);
 	path = NULL;
 
+	path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MAX", NULL);
+	if (path && *path) {
+		temp = atoi(path);
+		maxuid = temp;
+		maxuid_set = 1;
+	}
+	free(path);
+	path = NULL;
+
 	path = semanage_findval(PATH_ETC_LIBUSER, "LU_UIDNUMBER", "=");
 	if (path && *path) {
 		temp = atoi(path);
@@ -352,7 +361,7 @@
 		goto fail;
 	setpwent();
 	while ((retval = getpwent_r(&pwstorage, rbuf, rbuflen, &pwbuf)) == 0) {
-		if (pwbuf->pw_uid < minuid)
+		if (pwbuf->pw_uid < minuid || pwbuf->pw_uid > maxuid)
 			continue;
 		if (!semanage_list_find(shells, pwbuf->pw_shell))
 			continue;
@@ -385,7 +394,7 @@
 
 			/* NOTE: old genhomedircon printed a warning on match */
 			if (hand.matched) {
-				WARN(s->h_semanage, "%s homedir %s or its parent directory conflicts with a file context already specified in the policy.  This usually indicates an incorrectly defined system account.  If it is a system account please make sure its uid is less than %u or its login shell is /sbin/nologin.", pwbuf->pw_name, pwbuf->pw_dir, minuid);
+				WARN(s->h_semanage, "%s homedir %s or its parent directory conflicts with a file context already specified in the policy.  This usually indicates an incorrectly defined system account.  If it is a system account please make sure its uid is less than %u or greater than %u or its login shell is /sbin/nologin.", pwbuf->pw_name, pwbuf->pw_dir, minuid, maxuid);
 			} else {
 				if (semanage_list_push(&homedir_list, path))
 					goto fail;