Signed-off-by: Nicolas Iooss
---
checkpolicy/policy_define.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index dbafadb01e21..949ca7117233 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@
cil_resolve_ast() begins by checking whether one of its parameters is
NULL and "goto exit;" when it is the case. As extra_args has not been
initialized there, this leads to calling cil_destroy_tree_node_stack(),
__cil_ordered_lists_destroy()... on garbage values.
In practise this cannot happen bec
When compiling a CIL policy which defines conflicting type transitions,
secilc crashes when trying to format an error message with uninitialized
values. This is caused by __cil_typetransition_to_avtab() not
initializing the ..._str fields of its local variable "struct
cil_type_rule trans" before ca
> Hmmm...Fedora policy doesn't allow use of su from staff_t; you have to
> newrole first and then su.
>
> Regardless, newrole uses the login uid if available, falling back to
> the real uid if not, for the identity used to re-authenticate and to
> set up the environment. If you want the environmen
On Fri, 2017-03-17 at 12:07 +0100, cgzones wrote:
> Hi list,
> I am using newrole v2.6 on Debian testing. The pam config
> /etc/pam.d/newrole contains:
>
> #%PAM-1.0
>
> @include common-auth
> @include common-account
> @include common-session
> session required pam_namespace.so unmnt_remnt no_un
'perms' will never be NULL since it isn't a plain pointer but an array
of u32 values.
This fixes the following warning when building with clang:
security/selinux/ss/services.c:158:16: error: address of array
'p_in->perms' will always evaluate to 'true'
[-Werror,-Wpointer-bool-conversion]
Hi list,
I am using newrole v2.6 on Debian testing. The pam config
/etc/pam.d/newrole contains:
#%PAM-1.0
@include common-auth
@include common-account
@include common-session
session required pam_namespace.so unmnt_remnt no_unmount_on_close
I log into the machine as a normal user:
christian@de