Re: compile error in trunk -- selinux, loginutils/login.c
On Monday 23 February 2009 02:36:30 am KaiGai Kohei wrote:
The attached patch fixes the matter.
It seems to me this matter was enbuged at r25210.
| r25210 | vda | 2009-02-02 09:15:00 +0900 (Mon, 02 Feb 2009) | 3 lines
|
| login: cleanup work by Walter Harms. No logic changes.
% svn log -c 25210 loginutils/login.c
:
+#if ENABLE_SELINUX
+static void initselinux(char *username, char *full_tty,
+ security_context_t *user_sid)
+{
+ security_context_t old_tty_sid, new_tty_sid;
+
+ if (!is_selinux_enabled())
+ return;
+
+ if (get_default_context(username, NULL, user_sid)) {
security_context_t
*, correct
+ bb_error_msg_and_die(cannot get SID for %s, username);
+ }
+ if (getfilecon(full_tty, old_tty_sid) 0) {
+ bb_perror_msg_and_die(getfilecon(%s) failed, full_tty);
+ }
+ if (security_compute_relabel(user_sid, old_tty_sid,
security_context_t *, incorrect
Fixed in svn. Thanks for pointing it out.
--
vda
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
Re: compile error in trunk -- selinux, loginutils/login.c
i fear that come with one of my patches ...
i will fix it soon as i am back home.
thx for reporting.
re,
wh
Robert P. J. Day schrieb:
...
loginutils/login.c: In function ‘initselinux’:
loginutils/login.c:184: error: passing argument 1 of
‘security_compute_relabel’ from incompatible pointer type
make[1]: *** [loginutils/login.o] Error 1
make: *** [loginutils] Error 2
...
the problem? here's loginutils/login.c:
static void initselinux(char *username, char *full_tty,
security_context_t *user_sid)
{
security_context_t old_tty_sid, new_tty_sid;
...
if (security_compute_relabel(user_sid, old_tty_sid,
SECCLASS_CHR_FILE, new_tty_sid) != 0) {
bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty);
...
as you can see, the first arg to security_computer_relabel is a
*pointer* to a security_context_t, but that routine is defined in
selinux as:
int security_compute_relabel(security_context_t scon,
security_context_t tcon, security_class_t tclass, security_context_t
*newcon);
that is, accepting a security_context_t (not a pointer to one). or
am i misreading this?
rday
--
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry:
Have classroom, will lecture.
http://crashcourse.ca Waterloo, Ontario, CANADA
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
Re: compile error in trunk -- selinux, loginutils/login.c
The attached patch fixes the matter.
It seems to me this matter was enbuged at r25210.
| r25210 | vda | 2009-02-02 09:15:00 +0900 (Mon, 02 Feb 2009) | 3 lines
|
| login: cleanup work by Walter Harms. No logic changes.
% svn log -c 25210 loginutils/login.c
:
+#if ENABLE_SELINUX
+static void initselinux(char *username, char *full_tty,
+ security_context_t *user_sid)
+{
+ security_context_t old_tty_sid, new_tty_sid;
+
+ if (!is_selinux_enabled())
+ return;
+
+ if (get_default_context(username, NULL, user_sid)) {
security_context_t *,
correct
+ bb_error_msg_and_die(cannot get SID for %s, username);
+ }
+ if (getfilecon(full_tty, old_tty_sid) 0) {
+ bb_perror_msg_and_die(getfilecon(%s) failed, full_tty);
+ }
+ if (security_compute_relabel(user_sid, old_tty_sid,
security_context_t *, incorrect
+ SECCLASS_CHR_FILE, new_tty_sid) != 0) {
+ bb_perror_msg_and_die(security_change_sid(%s) failed,
full_tty);
+ }
+ if (setfilecon(full_tty, new_tty_sid) != 0) {
+ bb_perror_msg_and_die(chsid(%s, %s) failed, full_tty,
new_tty_sid);
+ }
+}
+#endif
:
-#if ENABLE_SELINUX
- if (is_selinux_enabled()) {
- security_context_t old_tty_sid, new_tty_sid;
+ USE_SELINUX(initselinux(username, full_tty, user_sid));
- if (get_default_context(username, NULL, user_sid)) {
^
security_context_t *
- bb_error_msg_and_die(cannot get SID for %s,
- username);
- }
- if (getfilecon(full_tty, old_tty_sid) 0) {
- bb_perror_msg_and_die(getfilecon(%s) failed,
- full_tty);
- }
- if (security_compute_relabel(user_sid, old_tty_sid,
security_context_t
- SECCLASS_CHR_FILE, new_tty_sid) != 0) {
- bb_perror_msg_and_die(security_change_sid(%s) failed,
- full_tty);
- }
- if (setfilecon(full_tty, new_tty_sid) != 0) {
- bb_perror_msg_and_die(chsid(%s, %s) failed,
- full_tty, new_tty_sid);
- }
- }
-#endif
Thanks,
Robert P. J. Day wrote:
...
loginutils/login.c: In function ‘initselinux’:
loginutils/login.c:184: error: passing argument 1 of
‘security_compute_relabel’ from incompatible pointer type
make[1]: *** [loginutils/login.o] Error 1
make: *** [loginutils] Error 2
...
the problem? here's loginutils/login.c:
static void initselinux(char *username, char *full_tty,
security_context_t *user_sid)
{
security_context_t old_tty_sid, new_tty_sid;
...
if (security_compute_relabel(user_sid, old_tty_sid,
SECCLASS_CHR_FILE, new_tty_sid) != 0) {
bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty);
...
as you can see, the first arg to security_computer_relabel is a
*pointer* to a security_context_t, but that routine is defined in
selinux as:
int security_compute_relabel(security_context_t scon,
security_context_t tcon, security_class_t tclass, security_context_t
*newcon);
that is, accepting a security_context_t (not a pointer to one). or
am i misreading this?
rday
--
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry:
Have classroom, will lecture.
http://crashcourse.ca Waterloo, Ontario, CANADA
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
Index: loginutils/login.c
===
--- loginutils/login.c (revision 25413)
+++ loginutils/login.c (working copy)
@@ -180,7 +180,7 @@
if (getfilecon(full_tty, old_tty_sid) 0) {
bb_perror_msg_and_die(getfilecon(%s) failed, full_tty);
}
- if (security_compute_relabel(user_sid, old_tty_sid,
+ if (security_compute_relabel(*user_sid, old_tty_sid,
SECCLASS_CHR_FILE, new_tty_sid) != 0) {
bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty);
}
compile error in trunk -- selinux, loginutils/login.c
...
loginutils/login.c: In function ‘initselinux’:
loginutils/login.c:184: error: passing argument 1 of
‘security_compute_relabel’ from incompatible pointer type
make[1]: *** [loginutils/login.o] Error 1
make: *** [loginutils] Error 2
...
the problem? here's loginutils/login.c:
static void initselinux(char *username, char *full_tty,
security_context_t *user_sid)
{
security_context_t old_tty_sid, new_tty_sid;
...
if (security_compute_relabel(user_sid, old_tty_sid,
SECCLASS_CHR_FILE, new_tty_sid) != 0) {
bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty);
...
as you can see, the first arg to security_computer_relabel is a
*pointer* to a security_context_t, but that routine is defined in
selinux as:
int security_compute_relabel(security_context_t scon,
security_context_t tcon, security_class_t tclass, security_context_t
*newcon);
that is, accepting a security_context_t (not a pointer to one). or
am i misreading this?
rday
--
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry:
Have classroom, will lecture.
http://crashcourse.ca Waterloo, Ontario, CANADA
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
