From patchwork Sat Apr 23 06:04:58 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Zaman <jason@perfinion.com>
X-Patchwork-Id: 8916951
Return-Path: <selinux-bounces@tycho.nsa.gov>
X-Original-To: patchwork-selinux@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 8FBAC9F1C1
	for <patchwork-selinux@patchwork.kernel.org>;
	Sat, 23 Apr 2016 06:10:18 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id D799E20254
	for <patchwork-selinux@patchwork.kernel.org>;
	Sat, 23 Apr 2016 06:10:17 +0000 (UTC)
Received: from emvm-gh1-uea08.nsa.gov (emvm-gh1-uea08.nsa.gov [8.44.101.8])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id E02D6202EC
	for <patchwork-selinux@patchwork.kernel.org>;
	Sat, 23 Apr 2016 06:10:16 +0000 (UTC)
X-TM-IMSS-Message-ID: <64d1ac0a00007558@nsa.gov>
Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov
	([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1) id
	64d1ac0a00007558 ; Sat, 23 Apr 2016 02:07:37 -0400
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3N68GSk008082;
	Sat, 23 Apr 2016 02:08:16 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u3N66Mp2117847 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Sat, 23 Apr 2016 02:06:22 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3N66L7R007525
	for <selinux@tycho.nsa.gov>; Sat, 23 Apr 2016 02:06:22 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A0CsBACSDxtX/yQp0ApcAoMNgXu3doJqgSiGDgKBbgEBAQEBAWYnhEIBAQEDEhUZAQE3AQ85GDQBBQEcGSKICAGgd4ExPjGKT4UoAQSMSQEBAQEBAQQCARcGCoQNi1wEB4UDjVhziUmOFmOIRoVljXEwgQ5igXgNG4FYXwGHRYE1AQEB
X-IPAS-Result: 
 A0CsBACSDxtX/yQp0ApcAoMNgXu3doJqgSiGDgKBbgEBAQEBAWYnhEIBAQEDEhUZAQE3AQ85GDQBBQEcGSKICAGgd4ExPjGKT4UoAQSMSQEBAQEBAQQCARcGCoQNi1wEB4UDjVhziUmOFmOIRoVljXEwgQ5igXgNG4FYXwGHRYE1AQEB
X-IronPort-AV: E=Sophos;i="5.24,520,1454994000"; d="scan'208";a="5403919"
Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov)
	([10.208.41.36])
	by goalie.tycho.ncsc.mil with ESMTP; 23 Apr 2016 02:06:21 -0400
IronPort-PHdr: =?us-ascii?q?9a23=3ADYWM4BbPXZlx1Bf+vulr80b/LSx+4OfEezUN459i?=
	=?us-ascii?q?sYplN5qZpc+ybnLW6fgltlLVR4KTs6sC0LqG9f+5Ej1Qqb+681k8M7V0Hycfjs?=
	=?us-ascii?q?sXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aJBzzOEJP?=
	=?us-ascii?q?K/jvHcaK1oLsh7D0pMSYMlUArQH+SI0xBS3+lR/WuMgSjNkqAYcK4TyNnEF1ff?=
	=?us-ascii?q?9Lz3hjP1OZkkW0zM6x+Jl+73YY4Kp5pIYTGZn9Kr81Sb1eESQOL3E+5MqtswLK?=
	=?us-ascii?q?CwSI+CgySGITxzhBGA/DpCPzW573+n/4v/F63gGCMNf4TLY1XjLk5KBuHky7wB?=
	=?us-ascii?q?wbPiI0pTmEwvd7i7hW9Uqs?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1EQAQBYEBtXiEPcVdFcAoMNgXu3doJqg?=
	=?us-ascii?q?R4KF4F2hAECgW4BAQEBAQECAg8BAQEICwsJH4JefVs9AQEBAxIVGQEBNwEPORg?=
	=?us-ascii?q?0AQUBHBkiiAgBoGyBMT4xik+FKAEEjEkBAQEBAQEEAgEXBgqEDYtcBAeBdQtAg?=
	=?us-ascii?q?kONWHOJSY4WY4hGhWWNcTCBDoJaDREKgVhfAYdFgTUBAQE?=
X-IPAS-Result: =?us-ascii?q?A1EQAQBYEBtXiEPcVdFcAoMNgXu3doJqgR4KF4F2hAECgW4?=
	=?us-ascii?q?BAQEBAQECAg8BAQEICwsJH4JefVs9AQEBAxIVGQEBNwEPORg0AQUBHBkiiAgBo?=
	=?us-ascii?q?GyBMT4xik+FKAEEjEkBAQEBAQEEAgEXBgqEDYtcBAeBdQtAgkONWHOJSY4WY4h?=
	=?us-ascii?q?GhWWNcTCBDoJaDREKgVhfAYdFgTUBAQE?=
X-IronPort-AV: E=Sophos;i="5.24,520,1454976000"; d="scan'208";a="12950733"
Received: from emvm-gh1-uea09.nsa.gov ([10.208.42.194])
	by emsm-gh1-uea10.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-SHA;
	23 Apr 2016 06:05:48 +0000
X-TM-IMSS-Message-ID: <b0adc59000006433@nsa.gov>
Received: from mail-pa0-f67.google.com (mail-pa0-f67.google.com
	[209.85.220.67]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS
	SMTP
	Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id b0adc59000006433 ;
	Sat, 23 Apr 2016 02:05:19 -0400
Received: by mail-pa0-f67.google.com with SMTP id vv3so11735724pab.0
	for <selinux@tycho.nsa.gov>; Fri, 22 Apr 2016 23:05:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=perfinion-com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=EUC6C0qP2cx6Q4YSA4h0F/C2fGjfi2Awt8OnYm5ZPm8=;
	b=dk2fGijD7+xdJW7i7045nL3eC3Io6QDgvwNPKy0kvOJZs4rNRAZgW3/SY/AoaPJ8cY
	3CIdVyw3SX6j07WWyMH0W8Xqp7rWxpVKhLGcYJh5rFvos1LDEHZxLAwjVwhiuOtJK8IB
	A+XY8ScQKqH2YK8amM5hdZc/fvygmpy1Lyuhwybg2L+eld3AFBDtp6kX/n2p7aeBneb9
	A0DEpkC68AvtePcC64+7COJC/MAkD5dg9OoJsxVlQ3+DwgTuzRwoklBmHrY+WhFBGgeY
	c/rM4QY4ul9i80nCGkN3qVF2H3qIW7BNABJgARELv5Kcl6RyWCTrAjf/aBQh06+sglnU
	mhYg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=EUC6C0qP2cx6Q4YSA4h0F/C2fGjfi2Awt8OnYm5ZPm8=;
	b=FwE7x5uERTwxGcCbdhDWLe/7jb2Z7ETCwob6aPFQuy+DbaLZPwuuQgUSY55KsdDYka
	AJk6kRbA6WxtpmY1D59ulIQLhVrlvxbAduKgOdAYO2kUk191hVSFSCtqu3Y0QpzpnKog
	teV8UlFDxhEHx8iSahKryH0LALMoVMsHTtaNz2uTxcQIYQkcH7Sm2XZmKkDdH2M6WGs3
	yUbIj4KjjxxoNkdOdUMp/KJ1elzbzy7W90LJaX4QaXg5D2HnfBQptyPmb6CLP4J+dCkA
	uJ81CpWx+2keadPhqGrLGDUf26i21ohxCpNDWIIk/pzzvWBQfwQwYuD2C2DvXcnGzdwU
	iHTw==
X-Gm-Message-State: 
 AOPr4FX16yAaXSoH7N/5Ph5goB+A76LbtWnSPtv/zXVZRcjgXR/+gwPewQhscpxbC0IKvA==
X-Received: by 10.66.62.106 with SMTP id x10mr33756216par.136.1461391546228;
	Fri, 22 Apr 2016 23:05:46 -0700 (PDT)
Received: from localhost ([2404:e800:e600:38b:b52d:863:7600:b418])
	by smtp.gmail.com with ESMTPSA id
	wy7sm13571717pab.5.2016.04.22.23.05.45
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Fri, 22 Apr 2016 23:05:45 -0700 (PDT)
From: Jason Zaman <jason@perfinion.com>
To: selinux@tycho.nsa.gov
Subject: [PATCH v2 7/8] genhomedircon: write contexts for username and userid
Date: Sat, 23 Apr 2016 14:04:58 +0800
Message-Id: <1461391499-20593-8-git-send-email-jason@perfinion.com>
X-Mailer: git-send-email 2.7.3
In-Reply-To: <1461391499-20593-1-git-send-email-jason@perfinion.com>
References: <1460131535-15688-1-git-send-email-jason@perfinion.com>
	<1461391499-20593-1-git-send-email-jason@perfinion.com>
X-TM-AS-MML: disable
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RP_MATCHES_RCVD, T_DKIM_INVALID,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Signed-off-by: Jason Zaman <jason@perfinion.com>
---
 libsemanage/src/genhomedircon.c | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
index e69b311..60a4def 100644
--- a/libsemanage/src/genhomedircon.c
+++ b/libsemanage/src/genhomedircon.c
@@ -624,6 +624,21 @@ static int write_home_root_context(genhomedircon_settings_t * s, FILE * out,
 	return write_replacements(s, out, tpl, repl);
 }
 
+static int write_username_context(genhomedircon_settings_t * s, FILE * out,
+				  semanage_list_t * tpl,
+				  const genhomedircon_user_entry_t *user)
+{
+	replacement_pair_t repl[] = {
+		{.search_for = TEMPLATE_USERNAME,.replace_with = user->name},
+		{.search_for = TEMPLATE_USERID,.replace_with = user->uid},
+		{.search_for = TEMPLATE_ROLE,.replace_with = user->prefix},
+		{.search_for = TEMPLATE_SEUSER,.replace_with = user->sename},
+		{NULL, NULL}
+	};
+
+	return write_replacements(s, out, tpl, repl);
+}
+
 static int write_user_context(genhomedircon_settings_t * s, FILE * out,
 			      semanage_list_t * tpl, const genhomedircon_user_entry_t *user)
 {
@@ -925,6 +940,7 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,
 }
 
 static int write_gen_home_dir_context(genhomedircon_settings_t * s, FILE * out,
+				      semanage_list_t * username_context_tpl,
 				      semanage_list_t * user_context_tpl,
 				      semanage_list_t * homedir_context_tpl)
 {
@@ -939,6 +955,8 @@ static int write_gen_home_dir_context(genhomedircon_settings_t * s, FILE * out,
 	for (; users; pop_user_entry(&users)) {
 		if (write_home_dir_context(s, out, homedir_context_tpl, users))
 			goto err;
+		if (write_username_context(s, out, username_context_tpl, users))
+			goto err;
 		if (write_user_context(s, out, user_context_tpl, users))
 			goto err;
 	}
@@ -1029,15 +1047,22 @@ static int write_context_file(genhomedircon_settings_t * s, FILE * out)
 			s->fallback->home = NULL;
 		}
 	}
-	if (user_context_tpl) {
+	if (user_context_tpl || username_context_tpl) {
+		if (write_username_context(s, out, username_context_tpl,
+					   s->fallback) != STATUS_SUCCESS) {
+			retval = STATUS_ERR;
+			goto done;
+		}
+
 		if (write_user_context(s, out, user_context_tpl,
 				       s->fallback) != STATUS_SUCCESS) {
 			retval = STATUS_ERR;
 			goto done;
 		}
 
-		if (write_gen_home_dir_context(s, out, user_context_tpl,
-					       homedir_context_tpl) != STATUS_SUCCESS) {
+		if (write_gen_home_dir_context(s, out, username_context_tpl,
+					       user_context_tpl, homedir_context_tpl)
+				!= STATUS_SUCCESS) {
 			retval = STATUS_ERR;
 		}
 	}