From patchwork Thu Oct 6 14:18:20 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephen Smalley X-Patchwork-Id: 9364867 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A1340607D3 for ; Thu, 6 Oct 2016 14:17:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 900D12905B for ; Thu, 6 Oct 2016 14:17:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 83DE22905E; Thu, 6 Oct 2016 14:17:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (smtp.nsa.gov [8.44.101.8]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 9235E2905B for ; Thu, 6 Oct 2016 14:17:02 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.31,454,1473120000"; d="scan'208";a="18355038" IronPort-PHdr: =?us-ascii?q?9a23=3AHh677xDS3MNyR168kzlKUyQJP3N1i/DPJgcQr6Af?= =?us-ascii?q?oPdwSP78psbcNUDSrc9gkEXOFd2CrakV0ayN6eu/ASQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6kO74TNaIBjjLw09?= =?us-ascii?q?fr2zQd+IyZ/tnL/qs7ToICxwzAKnZr1zKBjk5S7wjeIxxbVYF6Aq1xHSqWFJce?= =?us-ascii?q?kFjUlhJFaUggqurpzopM0rzj5U884F24YAFP+iPvdwcbsNFzkiMmYo9OX3pBLD?= =?us-ascii?q?Sk2J/XJaXWII1lJHChLUqg37U433vzrSue9tniKdOJ7YV7cxDA++4r9rRRmgsy?= =?us-ascii?q?IOMzo04SmDkcBrpL5KqxKm4RpkysjbZ5/DZ6k2Rb/UYd5PHTkJZc1WTSEUR9nk?= =?us-ascii?q?Yg=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2HJAwD2W/ZX/wHyM5BcGgEBAQECAQEBAQgBAQEBFwEBBAE?= =?us-ascii?q?BCgEBgxIBAQEBAR6BU6MKAQEBAQEBBpdHJYgGTAEBAQEBAQEBAgECWyeCMgQDE?= =?us-ascii?q?wWCGAIkExQgCwMDCQIXKQgIAwEtFRgHCwUYBIgTAxe+NQElhXKGbXmBUhEBhXs?= =?us-ascii?q?FmX+PewKJfoVyApB2VD8FB4R2VoYTDRcHWoEoAQEB?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 06 Oct 2016 14:16:50 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u96EGCrS015877; Thu, 6 Oct 2016 10:16:22 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u96EGBcN173463 for ; Thu, 6 Oct 2016 10:16:11 -0400 Received: from moss-pluto.infosec.tycho.ncsc.mil (moss-pluto [192.168.25.131]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u96EGAHf015870; Thu, 6 Oct 2016 10:16:10 -0400 From: Stephen Smalley To: selinux@tycho.nsa.gov, gary.tierney@gmx.com Subject: [PATCH] libsemanage: genhomedircon: do not suppress logging from libsepol Date: Thu, 6 Oct 2016 10:18:20 -0400 Message-Id: <1475763500-32441-1-git-send-email-sds@tycho.nsa.gov> X-Mailer: git-send-email 2.7.4 X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Stephen Smalley MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP As reported by Gary Tierney, genhomedircon suppresses logging from libsepol when validating contexts. This can result in an empty file_contexts.homedirs file without any warning to the user if policy has been incorrectly configured. Remove the code that was suppressing the logging so that errors are reported to the user. Reported-by: Gary Tierney Signed-off-by: Stephen Smalley --- libsemanage/src/genhomedircon.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 0dd2b29..6991fff 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -573,11 +573,8 @@ static int check_line(genhomedircon_settings_t * s, Ustr *line) result = sepol_context_from_string(s->h_semanage->sepolh, ctx_str, &ctx_record); if (result == STATUS_SUCCESS && ctx_record != NULL) { - sepol_msg_set_callback(s->h_semanage->sepolh, NULL, NULL); result = sepol_context_check(s->h_semanage->sepolh, s->policydb, ctx_record); - sepol_msg_set_callback(s->h_semanage->sepolh, - semanage_msg_relay_handler, s->h_semanage); sepol_context_free(ctx_record); } return result;