Re: compile error in trunk -- selinux, loginutils/login.c
On Monday 23 February 2009 02:36:30 am KaiGai Kohei wrote: The attached patch fixes the matter. It seems to me this matter was enbuged at r25210. | r25210 | vda | 2009-02-02 09:15:00 +0900 (Mon, 02 Feb 2009) | 3 lines | | login: cleanup work by Walter Harms. No logic changes. % svn log -c 25210 loginutils/login.c : +#if ENABLE_SELINUX +static void initselinux(char *username, char *full_tty, + security_context_t *user_sid) +{ + security_context_t old_tty_sid, new_tty_sid; + + if (!is_selinux_enabled()) + return; + + if (get_default_context(username, NULL, user_sid)) { security_context_t *, correct + bb_error_msg_and_die(cannot get SID for %s, username); + } + if (getfilecon(full_tty, old_tty_sid) 0) { + bb_perror_msg_and_die(getfilecon(%s) failed, full_tty); + } + if (security_compute_relabel(user_sid, old_tty_sid, security_context_t *, incorrect Fixed in svn. Thanks for pointing it out. -- vda ___ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox
Re: compile error in trunk -- selinux, loginutils/login.c
i fear that come with one of my patches ... i will fix it soon as i am back home. thx for reporting. re, wh Robert P. J. Day schrieb: ... loginutils/login.c: In function ‘initselinux’: loginutils/login.c:184: error: passing argument 1 of ‘security_compute_relabel’ from incompatible pointer type make[1]: *** [loginutils/login.o] Error 1 make: *** [loginutils] Error 2 ... the problem? here's loginutils/login.c: static void initselinux(char *username, char *full_tty, security_context_t *user_sid) { security_context_t old_tty_sid, new_tty_sid; ... if (security_compute_relabel(user_sid, old_tty_sid, SECCLASS_CHR_FILE, new_tty_sid) != 0) { bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty); ... as you can see, the first arg to security_computer_relabel is a *pointer* to a security_context_t, but that routine is defined in selinux as: int security_compute_relabel(security_context_t scon, security_context_t tcon, security_class_t tclass, security_context_t *newcon); that is, accepting a security_context_t (not a pointer to one). or am i misreading this? rday -- Robert P. J. Day Linux Consulting, Training and Annoying Kernel Pedantry: Have classroom, will lecture. http://crashcourse.ca Waterloo, Ontario, CANADA ___ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox ___ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox
Re: compile error in trunk -- selinux, loginutils/login.c
The attached patch fixes the matter. It seems to me this matter was enbuged at r25210. | r25210 | vda | 2009-02-02 09:15:00 +0900 (Mon, 02 Feb 2009) | 3 lines | | login: cleanup work by Walter Harms. No logic changes. % svn log -c 25210 loginutils/login.c : +#if ENABLE_SELINUX +static void initselinux(char *username, char *full_tty, + security_context_t *user_sid) +{ + security_context_t old_tty_sid, new_tty_sid; + + if (!is_selinux_enabled()) + return; + + if (get_default_context(username, NULL, user_sid)) { security_context_t *, correct + bb_error_msg_and_die(cannot get SID for %s, username); + } + if (getfilecon(full_tty, old_tty_sid) 0) { + bb_perror_msg_and_die(getfilecon(%s) failed, full_tty); + } + if (security_compute_relabel(user_sid, old_tty_sid, security_context_t *, incorrect + SECCLASS_CHR_FILE, new_tty_sid) != 0) { + bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty); + } + if (setfilecon(full_tty, new_tty_sid) != 0) { + bb_perror_msg_and_die(chsid(%s, %s) failed, full_tty, new_tty_sid); + } +} +#endif : -#if ENABLE_SELINUX - if (is_selinux_enabled()) { - security_context_t old_tty_sid, new_tty_sid; + USE_SELINUX(initselinux(username, full_tty, user_sid)); - if (get_default_context(username, NULL, user_sid)) { ^ security_context_t * - bb_error_msg_and_die(cannot get SID for %s, - username); - } - if (getfilecon(full_tty, old_tty_sid) 0) { - bb_perror_msg_and_die(getfilecon(%s) failed, - full_tty); - } - if (security_compute_relabel(user_sid, old_tty_sid, security_context_t - SECCLASS_CHR_FILE, new_tty_sid) != 0) { - bb_perror_msg_and_die(security_change_sid(%s) failed, - full_tty); - } - if (setfilecon(full_tty, new_tty_sid) != 0) { - bb_perror_msg_and_die(chsid(%s, %s) failed, - full_tty, new_tty_sid); - } - } -#endif Thanks, Robert P. J. Day wrote: ... loginutils/login.c: In function ‘initselinux’: loginutils/login.c:184: error: passing argument 1 of ‘security_compute_relabel’ from incompatible pointer type make[1]: *** [loginutils/login.o] Error 1 make: *** [loginutils] Error 2 ... the problem? here's loginutils/login.c: static void initselinux(char *username, char *full_tty, security_context_t *user_sid) { security_context_t old_tty_sid, new_tty_sid; ... if (security_compute_relabel(user_sid, old_tty_sid, SECCLASS_CHR_FILE, new_tty_sid) != 0) { bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty); ... as you can see, the first arg to security_computer_relabel is a *pointer* to a security_context_t, but that routine is defined in selinux as: int security_compute_relabel(security_context_t scon, security_context_t tcon, security_class_t tclass, security_context_t *newcon); that is, accepting a security_context_t (not a pointer to one). or am i misreading this? rday -- Robert P. J. Day Linux Consulting, Training and Annoying Kernel Pedantry: Have classroom, will lecture. http://crashcourse.ca Waterloo, Ontario, CANADA ___ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox -- OSS Platform Development Division, NEC KaiGai Kohei kai...@ak.jp.nec.com Index: loginutils/login.c === --- loginutils/login.c (revision 25413) +++ loginutils/login.c (working copy) @@ -180,7 +180,7 @@ if (getfilecon(full_tty, old_tty_sid) 0) { bb_perror_msg_and_die(getfilecon(%s) failed, full_tty); } - if (security_compute_relabel(user_sid, old_tty_sid, + if (security_compute_relabel(*user_sid, old_tty_sid, SECCLASS_CHR_FILE, new_tty_sid) != 0) { bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty); }
compile error in trunk -- selinux, loginutils/login.c
... loginutils/login.c: In function ‘initselinux’: loginutils/login.c:184: error: passing argument 1 of ‘security_compute_relabel’ from incompatible pointer type make[1]: *** [loginutils/login.o] Error 1 make: *** [loginutils] Error 2 ... the problem? here's loginutils/login.c: static void initselinux(char *username, char *full_tty, security_context_t *user_sid) { security_context_t old_tty_sid, new_tty_sid; ... if (security_compute_relabel(user_sid, old_tty_sid, SECCLASS_CHR_FILE, new_tty_sid) != 0) { bb_perror_msg_and_die(security_change_sid(%s) failed, full_tty); ... as you can see, the first arg to security_computer_relabel is a *pointer* to a security_context_t, but that routine is defined in selinux as: int security_compute_relabel(security_context_t scon, security_context_t tcon, security_class_t tclass, security_context_t *newcon); that is, accepting a security_context_t (not a pointer to one). or am i misreading this? rday -- Robert P. J. Day Linux Consulting, Training and Annoying Kernel Pedantry: Have classroom, will lecture. http://crashcourse.ca Waterloo, Ontario, CANADA ___ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox