* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: conf.c,v 1.64 2002-11-17 13:13:46 thib Exp $ */
+ /* $Id: conf.c,v 1.65 2003-07-14 10:52:21 thib Exp $ */
#include "fcron.h"
struct passwd *pass = NULL;
short int type = 0, size = 0;
int rc;
+#ifdef CONFIG_FLASK
+ int flask_enabled = is_flask_enabled();
+ struct security_query qry;
+ struct security_response rsp;
+ int retval;
+ const char *user_name;
+#endif
/* open file */
if ( (ff = fopen(file_name, "r")) == NULL ) {
/* check if this file is owned by root : otherwise, all runas fields
* of this field should be set to the owner */
+#ifdef CONFIG_FLASK
+ if(flask_enabled)
+ rc = fstat_secure(fileno(ff), &file_stat, &cf->cf_file_sid);
+ else
+#endif
rc = fstat(fileno(ff), &file_stat);
if ( rc != 0 ) {
error_e("Could not stat %s", file_name);
}
runas_str = strdup2(pass->pw_name);
}
+ cf->cf_user = strdup2(file_name + 4);
}
else {
+ if(!cf->cf_user)
+ cf->cf_user = strdup2(file_name);
if ( file_stat.st_uid == ROOTUID ) {
/* file is owned by root : either this file has already been parsed
* at least once by fcron, or it is root's fcrontab */
}
}
+#ifdef CONFIG_FLASK
+ /*
+ * Since crontab files are not directly executed,
+ * crond must ensure that the crontab file has
+ * a context that is appropriate for the context of
+ * the user cron job. It performs an entrypoint
+ * permission check for this purpose.
+ */
+ if(!strcmp(cf->cf_user, SYSFCRONTAB))
+ user_name = "system_u";
+ else
+ user_name = cf->cf_user;
+ if(get_default_sid(user_name, 0, &cf->cf_user_sid))
+ error_e("NO SID for user \"%s\"", cf->cf_user_sid);
+ qry.ssid = cf->cf_user_sid;
+ qry.tsid = cf->cf_file_sid;
+ qry.tclass = SECCLASS_FILE;
+ qry.requested = FILE__ENTRYPOINT;
+ retval = security_compute_av(&qry, &rsp);
+ if(retval || ((qry.requested & rsp.allowed) != qry.requested)) {
+ syslog(LOG_ERR, "ENTRYPOINT FAILED for \"%s\" (SID %u) for file SID %u"
+ , cf->cf_user, cf->cf_user_sid, cf->cf_file_sid);
+ goto err;
+ }
+#endif
+
debug("User %s Entry", file_name);
bzero(buf, sizeof(buf));
goto err;
}
/* get the owner's name */
+ /* we set cf->cf_user before for SE Linux, so we need to free it here */
+ free(cf->cf_user);
if ( read_strn(fileno(ff), &cf->cf_user, size) != OK ) {
error("Cannot read user's name : file ignored");
goto err;
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: config.h.in,v 1.47 2002-10-28 17:54:56 thib Exp $ */
+ /* $Id: config.h.in,v 1.48 2003-07-14 10:53:22 thib Exp $ */
/* *********************************************************** */
/* Define if you have the shadow library (-lshadow or included in c library). */
#undef HAVE_LIBSHADOW
+/* Have SE Linux support */
+#undef CONFIG_FLASK
+
/* Define if you have the xnet library (-lxnet). */
#undef HAVE_LIBXNET
fi
AC_PREFIX_DEFAULT($prefix)
AC_CONFIG_HEADER(config.h)
-AC_PREREQ(2.7)
+AC_PREREQ(2.57)
vers="2.9.4"
vers_quoted="\"$vers\""
AC_CHECK_HEADERS(sys/types.h sys/socket.h sys/un.h)
AC_CHECK_HEADERS(security/pam_appl.h crypt.h shadow.h)
AC_CHECK_HEADERS(sys/resource.h)
+AC_CHECK_HEADERS(flask_util.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_FUNC_STRFTIME
AC_FUNC_WAIT3
AC_CHECK_LIB(xnet, shutdown)
+AC_CHECK_LIB(secure, getsecsid, [flaskavail=1], [flaskavail=0])
AC_CHECK_FUNC(getloadavg, [getloadavg=1], [getloadavg=0])
AC_CHECK_LIB(kstat, kstat_open, [kstat=1], [kstat=0])
if test $getloadavg -eq 1; then
elif test $kstat -eq 1; then
AC_MSG_CHECKING(function to use for lavg* options)
LIBS="$LIBS -lkstat"
- LIBOBJS="$LIBOBJS getloadavg.o"
+ AC_LIBOBJ([getloadavg])
AC_DEFINE_UNQUOTED(HAVE_KSTAT, 1)
AC_MSG_RESULT(kstat)
else
AC_SUBST(USEPAM)
+AC_MSG_CHECKING(if SELinux should be used)
+AC_ARG_WITH(selinux,
+[ --with-selinux=[yes|no] Use (or not) SELinux (default: yes).],
+[ case "$withval" in
+ no)
+ useselinux=0
+ AC_MSG_RESULT(no)
+ ;;
+ yes)
+ if test "$flaskavail" -eq 1; then
+ useselinux=1
+ AC_MSG_RESULT(yes)
+ else
+ AC_MSG_RESULT(not available)
+ AC_MSG_ERROR([
+ You requested the use of SELinux, but SELinux is considered
+ as not available by configure script.
+])
+ fi
+ ;;
+ *)
+ AC_MSG_ERROR(Must be set to either "yes" or "no".)
+ ;;
+ esac ],
+ if test "$flaskavail" -eq 1; then
+ useselinux=1
+ AC_MSG_RESULT(yes)
+ else
+ useselinux=0
+ AC_MSG_RESULT(not available)
+ fi
+)
+if test "$useselinux" -eq 1; then
+ LIBS="$LIBS -lsecure"
+ AC_DEFINE(CONFIG_FLASK)
+fi
+
+
dnl ---------------------------------------------------------------------
dnl Users and groups ...
AC_SUBST(DB2MAN_AFTER)
-DSSSL_DIR="/usr/share/sgml/docbook/dsssl-stylesheets-1.74b/"
+DSSSL_DIR="/usr/share/sgml/docbook/stylesheet/dsssl/modular"
AC_MSG_CHECKING(Looking for dsssl stylsheets)
AC_ARG_WITH(dsssl-dir,
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: global.h,v 1.39 2002-10-28 17:53:59 thib Exp $ */
+ /* $Id: global.h,v 1.40 2003-07-14 10:51:52 thib Exp $ */
/*
#include <errno.h>
#endif
+#ifdef CONFIG_FLASK
+#include <flask_util.h>
+#include <fs_secure.h>
+#include <ss.h>
+#include <linux/flask/av_permissions.h>
+#include <get_sid_list.h>
+#endif
+
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
#include <pwd.h>
#include <signal.h>
#include <sys/fcntl.h>
#endif
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
#ifdef HAVE_LIBPAM
#include "pam.h"
#endif
struct env_t *cf_env_base; /* list of all env variables to set */
int cf_running; /* number of jobs running */
signed char cf_tzdiff; /* time diff between system and local hour */
+#ifdef CONFIG_FLASK
+ security_id_t cf_user_sid;
+ security_id_t cf_file_sid;
+#endif
} cf_t;