[PATCH] selinux: fix handling during creation of symlinks

[elogind.git] / udev_add.c

diff --git a/udev_add.c b/udev_add.c
index f47ca25f74804c776876bde7c918cf44290d6452..9764cb9bcd6c07aabbe625ca07d8b6ebddde0d78 100644 (file)
--- a/udev_add.c
+++ b/udev_add.c
@@ -42,7 +42,7 @@
 #include "udev_sysfs.h"
 #include "udev_version.h"
 #include "logging.h"
-#include "namedev.h"
+#include "udev_rules.h"
 #include "udev_db.h"
 #include "udev_selinux.h"
 
@@ -58,7 +58,7 @@ int udev_make_node(struct udevice *udev, const char *file, dev_t devt, mode_t mo
        /* preserve node with already correct numbers, to not change the inode number */
        if (((stats.st_mode & S_IFMT) == S_IFBLK || (stats.st_mode & S_IFMT) == S_IFCHR) &&
            (stats.st_rdev == devt)) {
-               dbg("preserve file '%s', cause it has correct dev_t", file);
+               info("preserve file '%s', cause it has correct dev_t", file);
                selinux_setfilecon(file, udev->kernel_name, stats.st_mode);
                goto perms;
        }
@@ -70,10 +70,10 @@ int udev_make_node(struct udevice *udev, const char *file, dev_t devt, mode_t mo
 
 create:
        switch (udev->type) {
-       case BLOCK:
+       case DEV_BLOCK:
                mode |= S_IFBLK;
                break;
-       case CLASS:
+       case DEV_CLASS:
                mode |= S_IFCHR;
                break;
        default:
@@ -83,8 +83,9 @@ create:
 
        selinux_setfscreatecon(file, udev->kernel_name, mode);
        retval = mknod(file, mode, devt);
+       selinux_resetfscreatecon();
        if (retval != 0) {
-               dbg("mknod(%s, %#o, %u, %u) failed with error '%s'",
+               err("mknod(%s, %#o, %u, %u) failed with error '%s'",
                    file, mode, major(devt), minor(devt), strerror(errno));
                goto exit;
        }
@@ -114,8 +115,8 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
        char filename[PATH_SIZE];
        char partitionname[PATH_SIZE];
        struct name_entry *name_loop;
-       uid_t uid = 0;
-       gid_t gid = 0;
+       uid_t uid;
+       gid_t gid;
        int tail;
        int i;
 
@@ -126,20 +127,26 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
        if (strchr(udev->name, '/'))
                create_path(filename);
 
-       if (udev->owner[0] != '\0') {
+       if (strcmp(udev->owner, "root") == 0)
+               uid = 0;
+       else {
                char *endptr;
-               unsigned long id = strtoul(udev->owner, &endptr, 10);
+               unsigned long id;
 
+               id = strtoul(udev->owner, &endptr, 10);
                if (endptr[0] == '\0')
                        uid = (uid_t) id;
                else
                        uid = lookup_user(udev->owner);
        }
 
-       if (udev->group[0] != '\0') {
+       if (strcmp(udev->group, "root") == 0)
+               gid = 0;
+       else {
                char *endptr;
-               unsigned long id = strtoul(udev->group, &endptr, 10);
+               unsigned long id;
 
+               id = strtoul(udev->group, &endptr, 10);
                if (endptr[0] == '\0')
                        gid = (gid_t) id;
                else
@@ -175,7 +182,7 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
 
                                snprintf(partitionname, sizeof(partitionname), "%s%d", filename, i);
                                partitionname[sizeof(partitionname)-1] = '\0';
-                               part_devt = makedev(major(udev->devt), minor(udev->devt)+1);
+                               part_devt = makedev(major(udev->devt), minor(udev->devt) + i);
                                udev_make_node(udev, partitionname, part_devt, udev->mode, uid, gid);
                        }
                }
@@ -183,6 +190,7 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
 
        /* create symlink(s) if requested */
        list_for_each_entry(name_loop, &udev->symlink_list, node) {
+               int retval;
                char linktarget[PATH_SIZE];
 
                snprintf(filename, sizeof(filename), "%s/%s", udev_root, name_loop->name);
@@ -212,9 +220,11 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
 
                dbg("symlink(%s, %s)", linktarget, filename);
                if (!udev->test_run) {
-                       selinux_setfscreatecon(filename, udev->kernel_name, S_IFLNK);
                        unlink(filename);
-                       if (symlink(linktarget, filename) != 0)
+                       selinux_setfscreatecon(filename, NULL, S_IFLNK);
+                       retval = symlink(linktarget, filename);
+                       selinux_resetfscreatecon();
+                       if (retval != 0)
                                dbg("symlink(%s, %s) failed with error '%s'",
                                    linktarget, filename, strerror(errno));
                }
@@ -231,7 +241,7 @@ static int rename_net_if(struct udevice *udev)
        struct ifreq ifr;
        int retval;
 
-       dbg("changing net interface name from '%s' to '%s'", udev->kernel_name, udev->name);
+       info("changing net interface name from '%s' to '%s'", udev->kernel_name, udev->name);
        if (udev->test_run)
                return 0;
 
@@ -258,7 +268,7 @@ int udev_add_device(struct udevice *udev, struct sysfs_class_device *class_dev)
        char *pos;
        int retval = 0;
 
-       if (udev->type == BLOCK || udev->type == CLASS) {
+       if (udev->type == DEV_BLOCK || udev->type == DEV_CLASS) {
                udev->devt = get_devt(class_dev);
                if (!udev->devt) {
                        dbg("no dev-file found, do nothing");
@@ -266,14 +276,17 @@ int udev_add_device(struct udevice *udev, struct sysfs_class_device *class_dev)
                }
        }
 
-       if (namedev_name_device(udev, class_dev) != 0)
+       udev_rules_get_name(udev, class_dev);
+       if (udev->ignore_device) {
+               dbg("device event will be ignored");
                return 0;
+       }
 
        dbg("adding name='%s'", udev->name);
 
        selinux_init();
 
-       if (udev->type == BLOCK || udev->type == CLASS) {
+       if (udev->type == DEV_BLOCK || udev->type == DEV_CLASS) {
                retval = create_node(udev, class_dev);
                if (retval != 0)
                        goto exit;
@@ -286,7 +299,7 @@ int udev_add_device(struct udevice *udev, struct sysfs_class_device *class_dev)
                snprintf(udev->devname, sizeof(udev->devname), "%s/%s", udev_root, udev->name);
                udev->devname[sizeof(udev->devname)-1] = '\0';
 
-       } else if (udev->type == NET) {
+       } else if (udev->type == DEV_NET) {
                /* look if we want to change the name of the netif */
                if (strcmp(udev->name, udev->kernel_name) != 0) {
                        retval = rename_net_if(udev);
@@ -311,7 +324,7 @@ int udev_add_device(struct udevice *udev, struct sysfs_class_device *class_dev)
        }
 
 exit:
-       selinux_restore();
+       selinux_exit();
 
        return retval;
 }